1 // Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 #include "sdkconfig.h"
15
16 #include "bootloader_flash_priv.h"
17 #include "bootloader_sha.h"
18 #include "bootloader_utility.h"
19 #include "esp_log.h"
20 #include "esp_image_format.h"
21 #include "esp_secure_boot.h"
22 #include "esp_spi_flash.h"
23 #include "esp_fault.h"
24 #include "esp32/rom/sha.h"
25 #include "uECC_verify_antifault.h"
26
27 #include <sys/param.h>
28 #include <string.h>
29
30 static const char *TAG = "secure_boot";
31
32 #ifdef CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME
33 extern const uint8_t signature_verification_key_start[] asm("_binary_signature_verification_key_bin_start");
34 extern const uint8_t signature_verification_key_end[] asm("_binary_signature_verification_key_bin_end");
35
36 #define SIGNATURE_VERIFICATION_KEYLEN 64
37
esp_secure_boot_verify_signature(uint32_t src_addr,uint32_t length)38 esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length)
39 {
40 uint8_t digest[ESP_SECURE_BOOT_DIGEST_LEN];
41 uint8_t verified_digest[ESP_SECURE_BOOT_DIGEST_LEN] = { 0 }; /* ignored in this function */
42 const esp_secure_boot_sig_block_t *sigblock;
43
44 ESP_LOGD(TAG, "verifying signature src_addr 0x%x length 0x%x", src_addr, length);
45
46 esp_err_t err = bootloader_sha256_flash_contents(src_addr, length, digest);
47 if (err != ESP_OK) {
48 return err;
49 }
50
51 // Map the signature block
52 sigblock = (const esp_secure_boot_sig_block_t *) bootloader_mmap(src_addr + length, sizeof(esp_secure_boot_sig_block_t));
53 if(!sigblock) {
54 ESP_LOGE(TAG, "bootloader_mmap(0x%x, 0x%x) failed", src_addr + length, sizeof(esp_secure_boot_sig_block_t));
55 return ESP_FAIL;
56 }
57 // Verify the signature
58 err = esp_secure_boot_verify_ecdsa_signature_block(sigblock, digest, verified_digest);
59 // Unmap
60 bootloader_munmap(sigblock);
61
62 return err;
63 }
64
esp_secure_boot_verify_signature_block(const esp_secure_boot_sig_block_t * sig_block,const uint8_t * image_digest)65 esp_err_t esp_secure_boot_verify_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest)
66 {
67 uint8_t verified_digest[ESP_SECURE_BOOT_DIGEST_LEN] = { 0 };
68 return esp_secure_boot_verify_ecdsa_signature_block(sig_block, image_digest, verified_digest);
69 }
70
esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig_block_t * sig_block,const uint8_t * image_digest,uint8_t * verified_digest)71 esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest)
72 {
73 ptrdiff_t keylen;
74
75 keylen = signature_verification_key_end - signature_verification_key_start;
76 if (keylen != SIGNATURE_VERIFICATION_KEYLEN) {
77 ESP_LOGE(TAG, "Embedded public verification key has wrong length %d", keylen);
78 return ESP_FAIL;
79 }
80
81 if (sig_block->version != 0) {
82 ESP_LOGE(TAG, "image has invalid signature version field 0x%08x", sig_block->version);
83 return ESP_FAIL;
84 }
85
86 ESP_LOGD(TAG, "Verifying secure boot signature");
87
88 bool is_valid;
89 is_valid = uECC_verify_antifault(signature_verification_key_start,
90 image_digest,
91 ESP_SECURE_BOOT_DIGEST_LEN,
92 sig_block->signature,
93 uECC_secp256r1(),
94 verified_digest);
95 ESP_LOGD(TAG, "Verification result %d", is_valid);
96
97 return is_valid ? ESP_OK : ESP_ERR_IMAGE_INVALID;
98 }
99
100 #endif // CONFIG_SECURE_SIGNED_APPS_ECDSA_SCHEME
101