1 /*
2 * SPDX-License-Identifier: Apache-2.0
3 *
4 * Copyright (c) 2017-2019 Linaro LTD
5 * Copyright (c) 2016-2019 JUUL Labs
6 * Copyright (c) 2019-2024 Arm Limited
7 * Copyright (c) 2025 Nordic Semiconductor ASA
8 *
9 * Original license:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one
12 * or more contributor license agreements. See the NOTICE file
13 * distributed with this work for additional information
14 * regarding copyright ownership. The ASF licenses this file
15 * to you under the Apache License, Version 2.0 (the
16 * "License"); you may not use this file except in compliance
17 * with the License. You may obtain a copy of the License at
18 *
19 * http://www.apache.org/licenses/LICENSE-2.0
20 *
21 * Unless required by applicable law or agreed to in writing,
22 * software distributed under the License is distributed on an
23 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
24 * KIND, either express or implied. See the License for the
25 * specific language governing permissions and limitations
26 * under the License.
27 */
28
29 #include <stddef.h>
30 #include <stdint.h>
31 #include <inttypes.h>
32 #include <string.h>
33 #include <errno.h>
34
35 #include <flash_map_backend/flash_map_backend.h>
36
37 #include "bootutil/image.h"
38 #include "bootutil/crypto/sha.h"
39 #include "bootutil/sign_key.h"
40 #include "bootutil/security_cnt.h"
41 #include "bootutil/fault_injection_hardening.h"
42
43 #include "mcuboot_config/mcuboot_config.h"
44
45 #ifdef MCUBOOT_ENC_IMAGES
46 #include "bootutil/enc_key.h"
47 #endif
48 #if defined(MCUBOOT_SIGN_RSA)
49 #include "mbedtls/rsa.h"
50 #endif
51 #if defined(MCUBOOT_SIGN_EC256)
52 #include "mbedtls/ecdsa.h"
53 #endif
54 #if defined(MCUBOOT_ENC_IMAGES) || defined(MCUBOOT_SIGN_RSA) || \
55 defined(MCUBOOT_SIGN_EC256)
56 #include "mbedtls/asn1.h"
57 #endif
58
59 #include "bootutil_priv.h"
60
61 #ifndef MCUBOOT_SIGN_PURE
62 /*
63 * Compute SHA hash over the image.
64 * (SHA384 if ECDSA-P384 is being used,
65 * SHA256 otherwise).
66 */
67 static int
bootutil_img_hash(struct boot_loader_state * state,struct image_header * hdr,const struct flash_area * fap,uint8_t * tmp_buf,uint32_t tmp_buf_sz,uint8_t * hash_result,uint8_t * seed,int seed_len,uint32_t start_offset)68 bootutil_img_hash(struct boot_loader_state *state,
69 struct image_header *hdr, const struct flash_area *fap,
70 uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *hash_result,
71 uint8_t *seed, int seed_len
72 #if defined(MCUBOOT_SWAP_USING_OFFSET) && defined(MCUBOOT_SERIAL_RECOVERY)
73 , uint32_t start_offset
74 #endif
75 )
76 {
77 bootutil_sha_context sha_ctx;
78 uint32_t size;
79 uint16_t hdr_size;
80 uint32_t blk_off;
81 uint32_t tlv_off;
82 #if !defined(MCUBOOT_HASH_STORAGE_DIRECTLY)
83 int rc;
84 uint32_t off;
85 uint32_t blk_sz;
86 #endif
87 #if defined(MCUBOOT_ENC_IMAGES)
88 struct enc_key_data *enc_state;
89 int image_index;
90 #endif
91 #if defined(MCUBOOT_SWAP_USING_OFFSET)
92 uint32_t sector_off = 0;
93 #endif
94
95 #if (BOOT_IMAGE_NUMBER == 1) || !defined(MCUBOOT_ENC_IMAGES) || \
96 defined(MCUBOOT_RAM_LOAD)
97 (void)state;
98 (void)hdr_size;
99 (void)blk_off;
100 (void)tlv_off;
101 #ifdef MCUBOOT_RAM_LOAD
102 (void)blk_sz;
103 (void)off;
104 (void)rc;
105 (void)fap;
106 (void)tmp_buf;
107 (void)tmp_buf_sz;
108 #endif
109 #endif
110
111 #ifdef MCUBOOT_ENC_IMAGES
112 if (state == NULL) {
113 enc_state = NULL;
114 image_index = 0;
115 } else {
116 enc_state = BOOT_CURR_ENC(state);
117 image_index = BOOT_CURR_IMG(state);
118 }
119
120 /* Encrypted images only exist in the secondary slot */
121 if (MUST_DECRYPT(fap, image_index, hdr) &&
122 !boot_enc_valid(enc_state, 1)) {
123 return -1;
124 }
125 #endif
126
127 #if defined(MCUBOOT_SWAP_USING_OFFSET)
128 /* For swap using offset mode, the image starts in the second sector of the upgrade slot, so
129 * apply the offset when this is needed
130 */
131 #if defined(MCUBOOT_SERIAL_RECOVERY)
132 sector_off = boot_get_state_secondary_offset(state, fap) + start_offset;
133 #else
134 sector_off = boot_get_state_secondary_offset(state, fap);
135 #endif
136 #endif
137
138 bootutil_sha_init(&sha_ctx);
139
140 /* in some cases (split image) the hash is seeded with data from
141 * the loader image */
142 if (seed && (seed_len > 0)) {
143 bootutil_sha_update(&sha_ctx, seed, seed_len);
144 }
145
146 /* Hash is computed over image header and image itself. */
147 size = hdr_size = hdr->ih_hdr_size;
148 size += hdr->ih_img_size;
149 tlv_off = size;
150
151 /* If protected TLVs are present they are also hashed. */
152 size += hdr->ih_protect_tlv_size;
153
154 #ifdef MCUBOOT_HASH_STORAGE_DIRECTLY
155 /* No chunk loading, storage is mapped to address space and can
156 * be directly given to hashing function.
157 */
158 bootutil_sha_update(&sha_ctx, (void *)flash_area_get_off(fap), size);
159 #else /* MCUBOOT_HASH_STORAGE_DIRECTLY */
160 #ifdef MCUBOOT_RAM_LOAD
161 bootutil_sha_update(&sha_ctx,
162 (void*)(IMAGE_RAM_BASE + hdr->ih_load_addr),
163 size);
164 #else
165 for (off = 0; off < size; off += blk_sz) {
166 blk_sz = size - off;
167 if (blk_sz > tmp_buf_sz) {
168 blk_sz = tmp_buf_sz;
169 }
170 #ifdef MCUBOOT_ENC_IMAGES
171 /* The only data that is encrypted in an image is the payload;
172 * both header and TLVs (when protected) are not.
173 */
174 if ((off < hdr_size) && ((off + blk_sz) > hdr_size)) {
175 /* read only the header */
176 blk_sz = hdr_size - off;
177 }
178 if ((off < tlv_off) && ((off + blk_sz) > tlv_off)) {
179 /* read only up to the end of the image payload */
180 blk_sz = tlv_off - off;
181 }
182 #endif
183 #if defined(MCUBOOT_SWAP_USING_OFFSET)
184 rc = flash_area_read(fap, off + sector_off, tmp_buf, blk_sz);
185 #else
186 rc = flash_area_read(fap, off, tmp_buf, blk_sz);
187 #endif
188 if (rc) {
189 bootutil_sha_drop(&sha_ctx);
190 return rc;
191 }
192 #ifdef MCUBOOT_ENC_IMAGES
193 if (MUST_DECRYPT(fap, image_index, hdr)) {
194 /* Only payload is encrypted (area between header and TLVs) */
195 int slot = flash_area_id_to_multi_image_slot(image_index,
196 flash_area_get_id(fap));
197
198 if (off >= hdr_size && off < tlv_off) {
199 blk_off = (off - hdr_size) & 0xf;
200 boot_enc_decrypt(enc_state, slot, off - hdr_size,
201 blk_sz, blk_off, tmp_buf);
202 }
203 }
204 #endif
205 bootutil_sha_update(&sha_ctx, tmp_buf, blk_sz);
206 }
207 #endif /* MCUBOOT_RAM_LOAD */
208 #endif /* MCUBOOT_HASH_STORAGE_DIRECTLY */
209 bootutil_sha_finish(&sha_ctx, hash_result);
210 bootutil_sha_drop(&sha_ctx);
211
212 return 0;
213 }
214 #endif
215
216 /*
217 * Currently, we only support being able to verify one type of
218 * signature, because there is a single verification function that we
219 * call. List the type of TLV we are expecting. If we aren't
220 * configured for any signature, don't define this macro.
221 */
222 #if (defined(MCUBOOT_SIGN_RSA) + \
223 defined(MCUBOOT_SIGN_EC256) + \
224 defined(MCUBOOT_SIGN_EC384) + \
225 defined(MCUBOOT_SIGN_ED25519)) > 1
226 #error "Only a single signature type is supported!"
227 #endif
228
229 #if defined(MCUBOOT_SIGN_RSA)
230 # if MCUBOOT_SIGN_RSA_LEN == 2048
231 # define EXPECTED_SIG_TLV IMAGE_TLV_RSA2048_PSS
232 # elif MCUBOOT_SIGN_RSA_LEN == 3072
233 # define EXPECTED_SIG_TLV IMAGE_TLV_RSA3072_PSS
234 # else
235 # error "Unsupported RSA signature length"
236 # endif
237 # define SIG_BUF_SIZE (MCUBOOT_SIGN_RSA_LEN / 8)
238 # define EXPECTED_SIG_LEN(x) ((x) == SIG_BUF_SIZE) /* 2048 bits */
239 #elif defined(MCUBOOT_SIGN_EC256) || \
240 defined(MCUBOOT_SIGN_EC384) || \
241 defined(MCUBOOT_SIGN_EC)
242 # define EXPECTED_SIG_TLV IMAGE_TLV_ECDSA_SIG
243 # define SIG_BUF_SIZE 128
244 # define EXPECTED_SIG_LEN(x) (1) /* always true, ASN.1 will validate */
245 #elif defined(MCUBOOT_SIGN_ED25519)
246 # define EXPECTED_SIG_TLV IMAGE_TLV_ED25519
247 # define SIG_BUF_SIZE 64
248 # define EXPECTED_SIG_LEN(x) ((x) == SIG_BUF_SIZE)
249 #else
250 # define SIG_BUF_SIZE 32 /* no signing, sha256 digest only */
251 #endif
252
253 #if (defined(MCUBOOT_HW_KEY) + \
254 defined(MCUBOOT_BUILTIN_KEY)) > 1
255 #error "Please use either MCUBOOT_HW_KEY or the MCUBOOT_BUILTIN_KEY feature."
256 #endif
257
258 #ifdef EXPECTED_SIG_TLV
259
260 #if !defined(MCUBOOT_BUILTIN_KEY)
261 #if !defined(MCUBOOT_HW_KEY)
262 /* The key TLV contains the hash of the public key. */
263 # define EXPECTED_KEY_TLV IMAGE_TLV_KEYHASH
264 # define KEY_BUF_SIZE IMAGE_HASH_SIZE
265 #else
266 /* The key TLV contains the whole public key.
267 * Add a few extra bytes to the key buffer size for encoding and
268 * for public exponent.
269 */
270 # define EXPECTED_KEY_TLV IMAGE_TLV_PUBKEY
271 # define KEY_BUF_SIZE (SIG_BUF_SIZE + 24)
272 #endif /* !MCUBOOT_HW_KEY */
273
274 #if !defined(MCUBOOT_HW_KEY)
275 static int
bootutil_find_key(uint8_t * keyhash,uint8_t keyhash_len)276 bootutil_find_key(uint8_t *keyhash, uint8_t keyhash_len)
277 {
278 bootutil_sha_context sha_ctx;
279 int i;
280 const struct bootutil_key *key;
281 uint8_t hash[IMAGE_HASH_SIZE];
282
283 if (keyhash_len > IMAGE_HASH_SIZE) {
284 return -1;
285 }
286
287 for (i = 0; i < bootutil_key_cnt; i++) {
288 key = &bootutil_keys[i];
289 bootutil_sha_init(&sha_ctx);
290 bootutil_sha_update(&sha_ctx, key->key, *key->len);
291 bootutil_sha_finish(&sha_ctx, hash);
292 if (!memcmp(hash, keyhash, keyhash_len)) {
293 bootutil_sha_drop(&sha_ctx);
294 return i;
295 }
296 }
297 bootutil_sha_drop(&sha_ctx);
298 return -1;
299 }
300 #else /* !MCUBOOT_HW_KEY */
301 extern unsigned int pub_key_len;
302 static int
bootutil_find_key(uint8_t image_index,uint8_t * key,uint16_t key_len)303 bootutil_find_key(uint8_t image_index, uint8_t *key, uint16_t key_len)
304 {
305 bootutil_sha_context sha_ctx;
306 uint8_t hash[IMAGE_HASH_SIZE];
307 uint8_t key_hash[IMAGE_HASH_SIZE];
308 size_t key_hash_size = sizeof(key_hash);
309 int rc;
310 FIH_DECLARE(fih_rc, FIH_FAILURE);
311
312 bootutil_sha_init(&sha_ctx);
313 bootutil_sha_update(&sha_ctx, key, key_len);
314 bootutil_sha_finish(&sha_ctx, hash);
315 bootutil_sha_drop(&sha_ctx);
316
317 rc = boot_retrieve_public_key_hash(image_index, key_hash, &key_hash_size);
318 if (rc) {
319 return -1;
320 }
321
322 /* Adding hardening to avoid this potential attack:
323 * - Image is signed with an arbitrary key and the corresponding public
324 * key is added as a TLV field.
325 * - During public key validation (comparing against key-hash read from
326 * HW) a fault is injected to accept the public key as valid one.
327 */
328 FIH_CALL(boot_fih_memequal, fih_rc, hash, key_hash, key_hash_size);
329 if (FIH_EQ(fih_rc, FIH_SUCCESS)) {
330 bootutil_keys[0].key = key;
331 pub_key_len = key_len;
332 return 0;
333 }
334
335 return -1;
336 }
337 #endif /* !MCUBOOT_HW_KEY */
338 #endif /* !MCUBOOT_BUILTIN_KEY */
339 #endif /* EXPECTED_SIG_TLV */
340
341 /**
342 * Reads the value of an image's security counter.
343 *
344 * @param state Pointer to the boot state object.
345 * @param slot Slot of the current image to get the security counter of.
346 * @param fap Pointer to a description structure of the image's
347 * flash area.
348 * @param security_cnt Pointer to store the security counter value.
349 *
350 * @return 0 on success; nonzero on failure.
351 */
352 int32_t
bootutil_get_img_security_cnt(struct boot_loader_state * state,int slot,const struct flash_area * fap,uint32_t * img_security_cnt)353 bootutil_get_img_security_cnt(struct boot_loader_state *state, int slot,
354 const struct flash_area *fap,
355 uint32_t *img_security_cnt)
356 {
357 struct image_tlv_iter it;
358 uint32_t off;
359 uint16_t len;
360 int32_t rc;
361
362 if ((state == NULL) ||
363 (boot_img_hdr(state, slot) == NULL) ||
364 (fap == NULL) ||
365 (img_security_cnt == NULL)) {
366 /* Invalid parameter. */
367 return BOOT_EBADARGS;
368 }
369
370 /* The security counter TLV is in the protected part of the TLV area. */
371 if (boot_img_hdr(state, slot)->ih_protect_tlv_size == 0) {
372 return BOOT_EBADIMAGE;
373 }
374
375 #if defined(MCUBOOT_SWAP_USING_OFFSET)
376 it.start_off = boot_get_state_secondary_offset(state, fap);
377 #endif
378
379 rc = bootutil_tlv_iter_begin(&it, boot_img_hdr(state, slot), fap, IMAGE_TLV_SEC_CNT, true);
380 if (rc) {
381 return rc;
382 }
383
384 /* Traverse through the protected TLV area to find
385 * the security counter TLV.
386 */
387
388 rc = bootutil_tlv_iter_next(&it, &off, &len, NULL);
389 if (rc != 0) {
390 /* Security counter TLV has not been found. */
391 return -1;
392 }
393
394 if (len != sizeof(*img_security_cnt)) {
395 /* Security counter is not valid. */
396 return BOOT_EBADIMAGE;
397 }
398
399 rc = LOAD_IMAGE_DATA(boot_img_hdr(state, slot), fap, off, img_security_cnt, len);
400 if (rc != 0) {
401 return BOOT_EFLASH;
402 }
403
404 return 0;
405 }
406
407 #if defined(MCUBOOT_SIGN_PURE)
408 /* Returns:
409 * 0 -- found
410 * 1 -- not found or found but not true
411 * -1 -- failed for some reason
412 *
413 * Value of TLV does not matter, presence decides.
414 */
bootutil_check_for_pure(const struct image_header * hdr,const struct flash_area * fap)415 static int bootutil_check_for_pure(const struct image_header *hdr,
416 const struct flash_area *fap)
417 {
418 struct image_tlv_iter it;
419 uint32_t off;
420 uint16_t len;
421 int32_t rc;
422
423 rc = bootutil_tlv_iter_begin(&it, hdr, fap, IMAGE_TLV_SIG_PURE, false);
424 if (rc) {
425 return -1;
426 }
427
428 /* Search for the TLV */
429 rc = bootutil_tlv_iter_next(&it, &off, &len, NULL);
430 if (rc == 0 && len == 1) {
431 uint8_t val;
432
433 rc = LOAD_IMAGE_DATA(hdr, fap, off, &val, sizeof(val));
434 if (rc == 0) {
435 return (val == 1) ? 0 : 1;
436 } else {
437 return -1;
438 }
439 }
440
441 return 1;
442 }
443 #endif
444
445 #ifndef ALLOW_ROGUE_TLVS
446 /*
447 * The following list of TLVs are the only entries allowed in the unprotected
448 * TLV section. All other TLV entries must be in the protected section.
449 */
450 static const uint16_t allowed_unprot_tlvs[] = {
451 IMAGE_TLV_KEYHASH,
452 IMAGE_TLV_PUBKEY,
453 IMAGE_TLV_SHA256,
454 IMAGE_TLV_SHA384,
455 IMAGE_TLV_SHA512,
456 IMAGE_TLV_RSA2048_PSS,
457 IMAGE_TLV_ECDSA224,
458 IMAGE_TLV_ECDSA_SIG,
459 IMAGE_TLV_RSA3072_PSS,
460 IMAGE_TLV_ED25519,
461 #if defined(MCUBOOT_SIGN_PURE)
462 IMAGE_TLV_SIG_PURE,
463 #endif
464 IMAGE_TLV_ENC_RSA2048,
465 IMAGE_TLV_ENC_KW,
466 IMAGE_TLV_ENC_EC256,
467 IMAGE_TLV_ENC_X25519,
468 /* Mark end with ANY. */
469 IMAGE_TLV_ANY,
470 };
471 #endif
472
473 /*
474 * Verify the integrity of the image.
475 * Return non-zero if image could not be validated/does not validate.
476 */
477 fih_ret
bootutil_img_validate(struct boot_loader_state * state,struct image_header * hdr,const struct flash_area * fap,uint8_t * tmp_buf,uint32_t tmp_buf_sz,uint8_t * seed,int seed_len,uint8_t * out_hash,uint32_t start_offset)478 bootutil_img_validate(struct boot_loader_state *state,
479 struct image_header *hdr, const struct flash_area *fap,
480 uint8_t *tmp_buf, uint32_t tmp_buf_sz, uint8_t *seed,
481 int seed_len, uint8_t *out_hash
482 #if defined(MCUBOOT_SWAP_USING_OFFSET) && defined(MCUBOOT_SERIAL_RECOVERY)
483 , uint32_t start_offset
484 #endif
485 )
486 {
487 #if (defined(EXPECTED_KEY_TLV) && defined(MCUBOOT_HW_KEY)) || defined(MCUBOOT_HW_ROLLBACK_PROT)
488 int image_index = (state == NULL ? 0 : BOOT_CURR_IMG(state));
489 #endif
490 uint32_t off;
491 uint16_t len;
492 uint16_t type;
493 #ifdef EXPECTED_SIG_TLV
494 FIH_DECLARE(valid_signature, FIH_FAILURE);
495 #ifndef MCUBOOT_BUILTIN_KEY
496 int key_id = -1;
497 #else
498 /* Pass a key ID equal to the image index, the underlying crypto library
499 * is responsible for mapping the image index to a builtin key ID.
500 */
501 int key_id = image_index;
502 #endif /* !MCUBOOT_BUILTIN_KEY */
503 #ifdef MCUBOOT_HW_KEY
504 uint8_t key_buf[KEY_BUF_SIZE];
505 #endif
506 #endif /* EXPECTED_SIG_TLV */
507 struct image_tlv_iter it;
508 uint8_t buf[SIG_BUF_SIZE];
509 #if defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE)
510 int image_hash_valid = 0;
511 uint8_t hash[IMAGE_HASH_SIZE];
512 #endif
513 int rc = 0;
514 FIH_DECLARE(fih_rc, FIH_FAILURE);
515 #ifdef MCUBOOT_HW_ROLLBACK_PROT
516 fih_int security_cnt = fih_int_encode(INT_MAX);
517 uint32_t img_security_cnt = 0;
518 FIH_DECLARE(security_counter_valid, FIH_FAILURE);
519 #endif
520
521 #if defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE)
522 #if defined(MCUBOOT_SWAP_USING_OFFSET) && defined(MCUBOOT_SERIAL_RECOVERY)
523 rc = bootutil_img_hash(state, hdr, fap, tmp_buf, tmp_buf_sz, hash, seed, seed_len,
524 start_offset);
525 #else
526 rc = bootutil_img_hash(state, hdr, fap, tmp_buf, tmp_buf_sz, hash, seed, seed_len);
527 #endif
528 if (rc) {
529 goto out;
530 }
531
532 if (out_hash) {
533 memcpy(out_hash, hash, IMAGE_HASH_SIZE);
534 }
535 #endif
536
537 #if defined(MCUBOOT_SIGN_PURE)
538 /* If Pure type signature is expected then it has to be there */
539 rc = bootutil_check_for_pure(hdr, fap);
540 if (rc != 0) {
541 goto out;
542 }
543 #endif
544
545 #if defined(MCUBOOT_SWAP_USING_OFFSET)
546 #if defined(MCUBOOT_SERIAL_RECOVERY)
547 it.start_off = boot_get_state_secondary_offset(state, fap) + start_offset;
548 #else
549 it.start_off = boot_get_state_secondary_offset(state, fap);
550 #endif
551 #endif
552
553 rc = bootutil_tlv_iter_begin(&it, hdr, fap, IMAGE_TLV_ANY, false);
554 if (rc) {
555 goto out;
556 }
557
558 if (it.tlv_end > bootutil_max_image_size(fap)) {
559 rc = -1;
560 goto out;
561 }
562
563 /*
564 * Traverse through all of the TLVs, performing any checks we know
565 * and are able to do.
566 */
567 while (true) {
568 rc = bootutil_tlv_iter_next(&it, &off, &len, &type);
569 if (rc < 0) {
570 goto out;
571 } else if (rc > 0) {
572 break;
573 }
574
575 #ifndef ALLOW_ROGUE_TLVS
576 /*
577 * Ensure that the non-protected TLV only has entries necessary to hold
578 * the signature. We also allow encryption related keys to be in the
579 * unprotected area.
580 */
581 if (!bootutil_tlv_iter_is_prot(&it, off)) {
582 bool found = false;
583 for (const uint16_t *p = allowed_unprot_tlvs; *p != IMAGE_TLV_ANY; p++) {
584 if (type == *p) {
585 found = true;
586 break;
587 }
588 }
589 if (!found) {
590 FIH_SET(fih_rc, FIH_FAILURE);
591 goto out;
592 }
593 }
594 #endif
595 switch(type) {
596 #if defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE)
597 case EXPECTED_HASH_TLV:
598 {
599 /* Verify the image hash. This must always be present. */
600 if (len != sizeof(hash)) {
601 rc = -1;
602 goto out;
603 }
604 rc = LOAD_IMAGE_DATA(hdr, fap, off, buf, sizeof(hash));
605 if (rc) {
606 goto out;
607 }
608
609 FIH_CALL(boot_fih_memequal, fih_rc, hash, buf, sizeof(hash));
610 if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
611 FIH_SET(fih_rc, FIH_FAILURE);
612 goto out;
613 }
614
615 image_hash_valid = 1;
616 break;
617 }
618 #endif /* defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE) */
619 #ifdef EXPECTED_KEY_TLV
620 case EXPECTED_KEY_TLV:
621 {
622 /*
623 * Determine which key we should be checking.
624 */
625 if (len > KEY_BUF_SIZE) {
626 rc = -1;
627 goto out;
628 }
629 #ifndef MCUBOOT_HW_KEY
630 rc = LOAD_IMAGE_DATA(hdr, fap, off, buf, len);
631 if (rc) {
632 goto out;
633 }
634 key_id = bootutil_find_key(buf, len);
635 #else
636 rc = LOAD_IMAGE_DATA(hdr, fap, off, key_buf, len);
637 if (rc) {
638 goto out;
639 }
640 key_id = bootutil_find_key(image_index, key_buf, len);
641 #endif /* !MCUBOOT_HW_KEY */
642 /*
643 * The key may not be found, which is acceptable. There
644 * can be multiple signatures, each preceded by a key.
645 */
646 break;
647 }
648 #endif /* EXPECTED_KEY_TLV */
649 #ifdef EXPECTED_SIG_TLV
650 case EXPECTED_SIG_TLV:
651 {
652 /* Ignore this signature if it is out of bounds. */
653 if (key_id < 0 || key_id >= bootutil_key_cnt) {
654 key_id = -1;
655 continue;
656 }
657 if (!EXPECTED_SIG_LEN(len) || len > sizeof(buf)) {
658 rc = -1;
659 goto out;
660 }
661 rc = LOAD_IMAGE_DATA(hdr, fap, off, buf, len);
662 if (rc) {
663 goto out;
664 }
665 #ifndef MCUBOOT_SIGN_PURE
666 FIH_CALL(bootutil_verify_sig, valid_signature, hash, sizeof(hash),
667 buf, len, key_id);
668 #else
669 /* Directly check signature on the image, by using the mapping of
670 * a device to memory. The pointer is beginning of image in flash,
671 * so offset of area, the range is header + image + protected tlvs.
672 */
673 FIH_CALL(bootutil_verify_img, valid_signature, (void *)flash_area_get_off(fap),
674 hdr->ih_hdr_size + hdr->ih_img_size + hdr->ih_protect_tlv_size,
675 buf, len, key_id);
676 #endif
677 key_id = -1;
678 break;
679 }
680 #endif /* EXPECTED_SIG_TLV */
681 #ifdef MCUBOOT_HW_ROLLBACK_PROT
682 case IMAGE_TLV_SEC_CNT:
683 {
684 /*
685 * Verify the image's security counter.
686 * This must always be present.
687 */
688 if (len != sizeof(img_security_cnt)) {
689 /* Security counter is not valid. */
690 rc = -1;
691 goto out;
692 }
693
694 rc = LOAD_IMAGE_DATA(hdr, fap, off, &img_security_cnt, len);
695 if (rc) {
696 goto out;
697 }
698
699 FIH_CALL(boot_nv_security_counter_get, fih_rc, image_index,
700 &security_cnt);
701 if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
702 FIH_SET(fih_rc, FIH_FAILURE);
703 goto out;
704 }
705
706 /* Compare the new image's security counter value against the
707 * stored security counter value.
708 */
709 fih_rc = fih_ret_encode_zero_equality(img_security_cnt <
710 (uint32_t)fih_int_decode(security_cnt));
711 if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
712 FIH_SET(fih_rc, FIH_FAILURE);
713 goto out;
714 }
715
716 /* The image's security counter has been successfully verified. */
717 security_counter_valid = fih_rc;
718 break;
719 }
720 #endif /* MCUBOOT_HW_ROLLBACK_PROT */
721 }
722 }
723
724 #if defined(EXPECTED_HASH_TLV) && !defined(MCUBOOT_SIGN_PURE)
725 rc = !image_hash_valid;
726 if (rc) {
727 goto out;
728 }
729 #elif defined(MCUBOOT_SIGN_PURE)
730 /* This returns true on EQ, rc is err on non-0 */
731 rc = FIH_NOT_EQ(valid_signature, FIH_SUCCESS);
732 #endif
733 #ifdef EXPECTED_SIG_TLV
734 FIH_SET(fih_rc, valid_signature);
735 #endif
736 #ifdef MCUBOOT_HW_ROLLBACK_PROT
737 if (FIH_NOT_EQ(security_counter_valid, FIH_SUCCESS)) {
738 rc = -1;
739 goto out;
740 }
741 #endif
742
743 out:
744 if (rc) {
745 FIH_SET(fih_rc, FIH_FAILURE);
746 }
747
748 FIH_RET(fih_rc);
749 }
750
