Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / lk / 5620ded09a62bd9c6a3bfe624d39d2a80c39d3ba / . / platform / msm_shared / boot_verifier.c
blob: 234f06abf1919f92977283fbfd755f0ee3415f63 [file] [log] [blame]
Sridhar Parasuram5620ded2015-08-29 10:01:57 -0700[diff] [blame^]1/*
2 * Copyright (c) 2014-2015, The Linux Foundation. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are
6 * met:
7 * * Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * * Redistributions in binary form must reproduce the above
10 * copyright notice, this list of conditions and the following
11 * disclaimer in the documentation and/or other materials provided
12 * with the distribution.
13 * * Neither the name of The Linux Foundation nor the names of its
14 * contributors may be used to endorse or promote products derived
15 * from this software without specific prior written permission.
16
17 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
18 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
19 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
24 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
25 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
26 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
27 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30#include <stdlib.h>
31#include <stdint.h>
32#include <crypto_hash.h>
33#include <boot_verifier.h>
34#include <image_verify.h>
35#include <mmc.h>
36#include <oem_keystore.h>
37#include <openssl/asn1t.h>
38#include <openssl/x509.h>
39#include <partition_parser.h>
40#include <rsa.h>
41#include <string.h>
42#include <openssl/err.h>
43#include <qseecom_lk_api.h>
44#include <secapp_loader.h>
45#include <target.h>
46
47static KEYSTORE *oem_keystore;
48static KEYSTORE *user_keystore;
49static uint32_t dev_boot_state = RED;
50char KEYSTORE_PTN_NAME[] = "keystore";
51RSA *rsa_from_cert = NULL;
52
53ASN1_SEQUENCE(AUTH_ATTR) ={
54 ASN1_SIMPLE(AUTH_ATTR, target, ASN1_PRINTABLESTRING),
55 ASN1_SIMPLE(AUTH_ATTR, len, ASN1_INTEGER)
56} ASN1_SEQUENCE_END(AUTH_ATTR)
57IMPLEMENT_ASN1_FUNCTIONS(AUTH_ATTR)
58
59 ASN1_SEQUENCE(VERIFIED_BOOT_SIG) = {
60 ASN1_SIMPLE(VERIFIED_BOOT_SIG, version, ASN1_INTEGER),
61 ASN1_SIMPLE(VERIFIED_BOOT_SIG, certificate, X509),
62 ASN1_SIMPLE(VERIFIED_BOOT_SIG, algor, X509_ALGOR),
63 ASN1_SIMPLE(VERIFIED_BOOT_SIG, auth_attr, AUTH_ATTR),
64 ASN1_SIMPLE(VERIFIED_BOOT_SIG, sig, ASN1_OCTET_STRING)
65 } ASN1_SEQUENCE_END(VERIFIED_BOOT_SIG)
66IMPLEMENT_ASN1_FUNCTIONS(VERIFIED_BOOT_SIG)
67
68 ASN1_SEQUENCE(KEY) = {
69 ASN1_SIMPLE(KEY, algorithm_id, X509_ALGOR),
70 ASN1_SIMPLE(KEY, key_material, RSAPublicKey)
71 }ASN1_SEQUENCE_END(KEY)
72IMPLEMENT_ASN1_FUNCTIONS(KEY);
73
74ASN1_SEQUENCE(KEYBAG) = {
75 ASN1_SIMPLE(KEYBAG, mykey, KEY)
76}ASN1_SEQUENCE_END(KEYBAG)
77IMPLEMENT_ASN1_FUNCTIONS(KEYBAG)
78
79 ASN1_SEQUENCE(KEYSTORE_INNER) = {
80 ASN1_SIMPLE(KEYSTORE_INNER, version, ASN1_INTEGER),
81 ASN1_SIMPLE(KEYSTORE_INNER, mykeybag, KEYBAG)
82 } ASN1_SEQUENCE_END(KEYSTORE_INNER)
83IMPLEMENT_ASN1_FUNCTIONS(KEYSTORE_INNER)
84
85 ASN1_SEQUENCE(KEYSTORE) = {
86 ASN1_SIMPLE(KEYSTORE, version, ASN1_INTEGER),
87 ASN1_SIMPLE(KEYSTORE, mykeybag, KEYBAG),
88 ASN1_SIMPLE(KEYSTORE, sig, VERIFIED_BOOT_SIG)
89 } ASN1_SEQUENCE_END(KEYSTORE)
90IMPLEMENT_ASN1_FUNCTIONS(KEYSTORE)
91
92static uint32_t read_der_message_length(unsigned char* input)
93{
94 uint32_t len = 0;
95 int pos = 0;
96 uint8_t len_bytes = 1;
97
98 /* Check if input starts with Sequence id (0X30) */
99 if(input[pos] != 0x30)
100 return len;
101 pos++;
102
103 /* A length of 0xAABBCCDD in DER encoded messages would be sequence of
104 following octets 0xAA, 0xBB, 0XCC, 0XDD.
105
106 To read length - read each octet and shift left by 1 octect before
107 reading next octet.
108 */
109 /* check if short or long length form */
110 if(input[pos] & 0x80)
111 {
112 len_bytes = (input[pos] & ~(0x80));
113 pos++;
114 }
115 while(len_bytes)
116 {
117 /* Shift len by 1 octet */
118 len = len << 8;
119
120 /* Read next octet */
121 len = len | input[pos];
122 pos++; len_bytes--;
123 }
124
125 /* Add number of octets representing sequence id and length */
126 len += pos;
127
128 return len;
129}
130
131static int verify_digest(unsigned char* input, unsigned char *digest, int hash_size)
132{
133 int ret = -1;
134 X509_SIG *sig = NULL;
135 uint32_t len = read_der_message_length(input);
136 if(!len)
137 {
138 dprintf(CRITICAL, "boot_verifier: Signature length is invalid.\n");
139 return ret;
140 }
141
142 sig = d2i_X509_SIG(NULL, (const unsigned char **) &input, len);
143 if(sig == NULL)
144 {
145 dprintf(CRITICAL, "boot_verifier: Reading digest failed\n");
146 return ret;
147 }
148
149 if(sig->digest->length != SHA256_SIZE)
150 {
151 dprintf(CRITICAL, "boot_verifier: Digest length error.\n");
152 goto verify_digest_error;
153 }
154
155 if(memcmp(sig->digest->data, digest, hash_size) == 0)
156 ret = 0;
157
158verify_digest_error:
159 if(sig != NULL)
160 X509_SIG_free(sig);
161
162 return ret;
163}
164
165static int add_attribute_to_img(unsigned char *ptr, AUTH_ATTR *input)
166{
167 return i2d_AUTH_ATTR(input, &ptr);
168}
169
170static bool boot_verify_compare_sha256(unsigned char *image_ptr,
171 unsigned int image_size, unsigned char *signature_ptr, RSA *rsa)
172{
173 int ret = -1;
174 bool auth = false;
175 unsigned char *plain_text = NULL;
176 unsigned int digest[8];
177
178 plain_text = (unsigned char *)calloc(sizeof(char), SIGNATURE_SIZE);
179 if (plain_text == NULL) {
180 dprintf(CRITICAL, "boot_verifier: Calloc failed during verification\n");
181 goto cleanup;
182 }
183
184 /* Calculate SHA256sum */
185 image_find_digest(image_ptr, image_size, CRYPTO_AUTH_ALG_SHA256,
186 (unsigned char *)&digest);
187
188 /* Find digest from the image */
189 ret = image_decrypt_signature_rsa(signature_ptr, plain_text, rsa);
190
191 dprintf(SPEW, "boot_verifier: Return of RSA_public_decrypt = %d\n",
192 ret);
193
194 ret = verify_digest(plain_text, (unsigned char*)digest, SHA256_SIZE);
195 if(ret == 0)
196 {
197 auth = true;
198#ifdef TZ_SAVE_KERNEL_HASH
199 save_kernel_hash((unsigned char *) &digest, CRYPTO_AUTH_ALG_SHA256);
200#endif
201 }
202
203cleanup:
204 if (plain_text != NULL)
205 free(plain_text);
206 EVP_cleanup();
207 CRYPTO_cleanup_all_ex_data();
208 ERR_remove_thread_state(NULL);
209 return auth;
210
211}
212
213static bool verify_image_with_sig(unsigned char* img_addr, uint32_t img_size,
214 char *pname, VERIFIED_BOOT_SIG *sig, KEYSTORE *ks)
215{
216 bool ret = false;
217 uint32_t len;
218 int shift_bytes;
219 RSA *rsa = NULL;
220 bool keystore_verification = false;
221 EVP_PKEY* key = NULL;
222
223 if(!strcmp(pname, "keystore"))
224 keystore_verification = true;
225
226 /* Verify target name */
227 if(strncmp((char*)(sig->auth_attr->target->data), pname,
228 sig->auth_attr->target->length) ||
229 (strlen(pname) != (unsigned long) sig->auth_attr->target->length))
230 {
231 dprintf(CRITICAL,
232 "boot_verifier: verification failure due to target name mismatch\n");
233 goto verify_image_with_sig_error;
234 }
235 /* Read image size from signature */
236 /* A len = 0xAABBCC (represented by 3 octets) would be stored in
237 len->data as 0X00CCBBAA and len->length as 3(octets).
238
239 To read len we need to left shift data to number of missing octets and
240 then change it to host long
241 */
242 len = *((uint32_t*)sig->auth_attr->len->data);
243 shift_bytes = sizeof(uint32_t) - sig->auth_attr->len->length;
244 if(shift_bytes > 0) {
245 len = len << (shift_bytes*8);
246 }
247 len = ntohl(len);
248
249 /* Verify image size*/
250 if(len != img_size)
251 {
252 dprintf(CRITICAL,
253 "boot_verifier: image length is different. (%d vs %d)\n",
254 len, img_size);
255 goto verify_image_with_sig_error;
256 }
257
258 /* append attribute to image */
259 if(!keystore_verification)
260 {
261 // verifying a non keystore partition
262 img_size += add_attribute_to_img((unsigned char*)(img_addr + img_size),
263 sig->auth_attr);
264 }
265
266 /* compare SHA256SUM of image with value in signature */
267 if(ks != NULL)
268 {
269 // use rsa from keystore
270 rsa = ks->mykeybag->mykey->key_material;
271 }
272 else
273 {
274 dprintf(CRITICAL, "%s:%d: Keystore is null\n", __func__, __LINE__);
275 ASSERT(0);
276 }
277
278 // verify boot.img with rsa from oem keystore
279 if((ret = boot_verify_compare_sha256(img_addr, img_size,
280 (unsigned char*)sig->sig->data, rsa)))
281
282 {
283 dprintf(SPEW, "Verified boot.img with oem keystore\n");
284 boot_verify_send_event(BOOTIMG_KEYSTORE_VERIFICATION_PASS);
285 goto verify_image_with_sig_done;
286 }
287 else
288 {
289 dprintf(INFO, "Verification with oem keystore failed. Use embedded certificate for verification\n");
290 // get the public key from certificate in boot.img
291 if ((key = X509_get_pubkey(sig->certificate)))
292 {
293 // convert to rsa key format
294 dprintf(INFO, "RSA KEY found from the embedded certificate\n");
295 rsa = EVP_PKEY_get1_RSA(key);
296 rsa_from_cert = rsa;
297 }
298 else
299 {
300 dprintf(CRITICAL, "Unable to extract public key from certificate\n");
301 ASSERT(0);
302 }
303 }
304
305 // verify boot.img with rsa from embedded certificate
306 if ((ret = boot_verify_compare_sha256(img_addr, img_size,
307 (unsigned char*)sig->sig->data, rsa)))
308 {
309 dprintf(SPEW, "Verified boot.img with embedded certificate in boot image\n");
310 boot_verify_send_event(BOOTIMG_EMBEDDED_CERT_VERIFICATION_PASS);
311 goto verify_image_with_sig_done;
312 }
313 else
314 {
315 dprintf(INFO, "verified for red state\n");
316 boot_verify_send_event(BOOTIMG_VERIFICATION_FAIL);
317 goto verify_image_with_sig_done;
318 }
319
320verify_image_with_sig_error:
321verify_image_with_sig_done:
322 return ret;
323}
324
325static int encode_inner_keystore(unsigned char *ptr, KEYSTORE *ks)
326{
327 int ret = 0;
328 KEYSTORE_INNER *ks_inner = KEYSTORE_INNER_new();
329 if (ks_inner == NULL)
330 return ret;
331 ASN1_INTEGER *tmp_version = ks_inner->version;
332 KEYBAG *tmp_mykeybag = ks_inner->mykeybag;
333
334 ks_inner->version = ks->version;
335 ks_inner->mykeybag = ks->mykeybag;
336 ret = i2d_KEYSTORE_INNER(ks_inner, &ptr);
337
338 ks_inner->version = tmp_version;
339 ks_inner->mykeybag = tmp_mykeybag;
340
341 if(ks_inner != NULL)
342 KEYSTORE_INNER_free(ks_inner);
343 return ret;
344}
345
346static bool verify_keystore(unsigned char * ks_addr, KEYSTORE *ks)
347{
348 bool ret = false;
349 unsigned char * ptr = ks_addr;
350 uint32_t inner_len = encode_inner_keystore(ptr, ks);
351 ret = verify_image_with_sig(ks_addr, inner_len, "keystore", ks->sig,
352 oem_keystore);
353 return ret;
354}
355
356static void read_oem_keystore()
357{
358 KEYSTORE *ks = NULL;
359 uint32_t len = 0;
360 const unsigned char *input = OEM_KEYSTORE;
361
362 if(oem_keystore != NULL)
363 return;
364
365 len = read_der_message_length((unsigned char *)input);
366 if(!len)
367 {
368 dprintf(CRITICAL, "boot_verifier: oem keystore length is invalid.\n");
369 return;
370 }
371
372 ks = d2i_KEYSTORE(NULL, (const unsigned char **) &input, len);
373 if(ks != NULL)
374 {
375 oem_keystore = ks;
376 user_keystore = ks;
377 }
378}
379
380uint32_t boot_verify_keystore_init()
381{
382 /* Read OEM Keystore */
383 read_oem_keystore();
384
385 return dev_boot_state;
386}
387
388bool send_rot_command(uint32_t is_unlocked)
389{
390 int ret = 0;
391 unsigned char *input = NULL;
392 char *rot_input = NULL;
393 unsigned int digest[9] = {0}, final_digest[8] = {0};
394 uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA256;
395 uint32_t boot_device_state = boot_verify_get_state();
396 int app_handle = 0;
397 uint32_t len_oem_rsa = 0, len_from_cert = 0;
398 km_set_rot_req_t *read_req;
399 km_set_rot_rsp_t read_rsp;
400 app_handle = get_secapp_handle();
401 int n = 0, e = 0;
402 switch (boot_device_state)
403 {
404 case GREEN:
405 // Locked device and boot.img verified against OEM keystore.
406 // n is length of modulus and e is length exponent
407 n = BN_num_bytes(oem_keystore->mykeybag->mykey->key_material->n);
408 e = BN_num_bytes(oem_keystore->mykeybag->mykey->key_material->e);
409 len_oem_rsa = n + e;
410 if(!(input = malloc(len_oem_rsa)))
411 {
412 dprintf(CRITICAL, "Failed to allocate memory for ROT structure\n");
413 ASSERT(0);
414 }
415 // convert the absolute value on n, e to big endian form
416 BN_bn2bin(oem_keystore->mykeybag->mykey->key_material->n, input);
417 BN_bn2bin(oem_keystore->mykeybag->mykey->key_material->e, input+n);
418 // Hash of key from OEM KEYSTORE
419 hash_find((unsigned char *)input, len_oem_rsa, (unsigned char *) &digest, auth_algo);
420 digest[8] = is_unlocked;
421 break;
422 case YELLOW:
423 case RED:
424 // Locked device and boot.img passed (yellow) or failed (red) verification with the certificate embedded to the boot.img.
425 if (!rsa_from_cert)
426 {
427 dprintf(CRITICAL, "RSA is null from the embedded certificate\n");
428 ASSERT(0);
429 }
430 // n is length of modulus and e is length exponent
431 n = BN_num_bytes(rsa_from_cert->n);
432 e = BN_num_bytes(rsa_from_cert->e);
433 len_from_cert = n + e;
434 if(!(input = malloc(len_from_cert)))
435 {
436 dprintf(CRITICAL, "Failed to allocate memory for ROT structure\n");
437 ASSERT(0);
438 }
439 // convert the absolute value on n, e to big endian form
440 BN_bn2bin(rsa_from_cert->n, input);
441 BN_bn2bin(rsa_from_cert->e, input+n);
442 // Hash of key from certificate in boot image
443 hash_find((unsigned char *)input, len_from_cert, (unsigned char *) &digest, auth_algo);
444 digest[8] = is_unlocked;
445 break;
446 case ORANGE:
447 // Unlocked device and no verification done.
448 // Send the hash of boot device state
449 input = NULL;
450 digest[0] = is_unlocked;
451 break;
452 }
453 // Hash of hash(key) + device state (locked/unlocked)
454 hash_find((unsigned char *) digest, sizeof(digest), (unsigned char *)&final_digest, auth_algo);
455 dprintf(SPEW, "Digest: ");
456 for(uint8_t i = 0; i < 8; i++)
457 dprintf(SPEW, "0x%x ", final_digest[i]);
458 dprintf(SPEW, "\n");
459 if(!(read_req = malloc(sizeof(km_set_rot_req_t) + sizeof(final_digest))))
460 {
461 dprintf(CRITICAL, "Failed to allocate memory for ROT structure\n");
462 ASSERT(0);
463 }
464
465 void *cpy_ptr = (uint8_t *) read_req + sizeof(km_set_rot_req_t);
466 // set ROT stucture
467 read_req->cmd_id = KEYMASTER_SET_ROT;
468 read_req->rot_ofset = (uint32_t) sizeof(km_set_rot_req_t);
469 read_req->rot_size = sizeof(final_digest);
470 // copy the digest
471 memcpy(cpy_ptr, (void *) &final_digest, sizeof(final_digest));
472 dprintf(SPEW, "Sending Root of Trust to trustzone: start\n");
473
474 ret = qseecom_send_command(app_handle, (void*) read_req, sizeof(km_set_rot_req_t) + sizeof(final_digest), (void*) &read_rsp, sizeof(read_rsp));
475 if (ret < 0 || read_rsp.status < 0)
476 {
477 dprintf(CRITICAL, "QSEEcom command for Sending Root of Trust returned error: %d\n", read_rsp.status);
478 if(input)
479 free(input);
480 free(read_req);
481 free(rot_input);
482 return false;
483 }
484 dprintf(SPEW, "Sending Root of Trust to trustzone: end\n");
485 if(input)
486 free(input);
487 free(read_req);
488 free(rot_input);
489 return true;
490}
491
492bool boot_verify_image(unsigned char* img_addr, uint32_t img_size, char *pname)
493{
494 bool ret = false;
495 VERIFIED_BOOT_SIG *sig = NULL;
496 unsigned char* sig_addr = (unsigned char*)(img_addr + img_size);
497 uint32_t sig_len = read_der_message_length(sig_addr);
498
499 if(dev_boot_state == ORANGE)
500 {
501 dprintf(INFO, "boot_verifier: Device is in ORANGE boot state.\n");
502 dprintf(INFO, "boot_verifier: Skipping boot verification.\n");
503 return false;
504 }
505
506 if(!sig_len)
507 {
508 dprintf(CRITICAL, "boot_verifier: Error while reading signature length.\n");
509 ASSERT(0);
510 }
511
512 if((sig = d2i_VERIFIED_BOOT_SIG(NULL, (const unsigned char **) &sig_addr, sig_len)) == NULL)
513 {
514 dprintf(CRITICAL,
515 "boot_verifier: verification failure due to target name mismatch\n");
516 ASSERT(0);
517 }
518
519 ret = verify_image_with_sig(img_addr, img_size, pname, sig, user_keystore);
520
521 if(sig != NULL)
522 VERIFIED_BOOT_SIG_free(sig);
523 return ret;
524}
525
526void boot_verify_send_event(uint32_t event)
527{
528 switch(event)
529 {
530 case BOOT_INIT:
531 dev_boot_state = GREEN;
532 break;
533 case BOOTIMG_KEYSTORE_VERIFICATION_PASS:
534 dev_boot_state = GREEN;
535 break;
536 case BOOTIMG_EMBEDDED_CERT_VERIFICATION_PASS:
537 if(dev_boot_state == GREEN)
538 dev_boot_state = YELLOW;
539 break;
540 case BOOTIMG_VERIFICATION_FAIL:
541 if(dev_boot_state == GREEN || dev_boot_state == YELLOW)
542 dev_boot_state = RED;
543 break;
544 case DEV_UNLOCK:
545 dev_boot_state = ORANGE;
546 break;
547 case USER_DENIES:
548 if(dev_boot_state == YELLOW || dev_boot_state == ORANGE)
549 dev_boot_state = RED;
550 break;
551 }
552}
553
554uint32_t boot_verify_get_state()
555{
556 return dev_boot_state;
557}
558
559void boot_verify_print_state()
560{
561 switch(dev_boot_state)
562 {
563 case GREEN:
564 dprintf(INFO, "boot_verifier: Device is in GREEN boot state.\n");
565 break;
566 case ORANGE:
567 dprintf(INFO, "boot_verifier: Device is in ORANGE boot state.\n");
568 break;
569 case YELLOW:
570 dprintf(INFO, "boot_verifier: Device is in YELLOW boot state.\n");
571 break;
572 case RED:
573 dprintf(INFO, "boot_verifier: Device is in RED boot state.\n");
574 break;
575 }
576}
577
578bool boot_verify_validate_keystore(unsigned char * user_addr)
579{
580 bool ret = false;
581 unsigned char *input = user_addr;
582 KEYSTORE *ks = NULL;
583 uint32_t len = read_der_message_length(input);
584 if(!len)
585 {
586 dprintf(CRITICAL, "boot_verifier: keystore length is invalid.\n");
587 return ret;
588 }
589
590 ks = d2i_KEYSTORE(NULL, (const unsigned char **)&input, len);
591 if(ks != NULL)
592 {
593 ret = true;
594 }
595 return ret;
596}
597
598static bool check_list(const char **list, const char* entry)
599{
600 if(list == NULL || entry == NULL)
601 return false;
602
603 while(*list != NULL)
604 {
605 if(!strcmp(entry, *list))
606 return true;
607
608 list++;
609 }
610
611 return false;
612}