1 /*
2  * SPDX-License-Identifier: Apache-2.0
3  *
4  * Copyright (c) 2017-2018 Linaro LTD
5  * Copyright (c) 2017-2019 JUUL Labs
6  * Copyright (c) 2020-2023 Arm Limited
7  *
8  * Original license:
9  *
10  * Licensed to the Apache Software Foundation (ASF) under one
11  * or more contributor license agreements.  See the NOTICE file
12  * distributed with this work for additional information
13  * regarding copyright ownership.  The ASF licenses this file
14  * to you under the Apache License, Version 2.0 (the
15  * "License"); you may not use this file except in compliance
16  * with the License.  You may obtain a copy of the License at
17  *
18  *  http://www.apache.org/licenses/LICENSE-2.0
19  *
20  * Unless required by applicable law or agreed to in writing,
21  * software distributed under the License is distributed on an
22  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
23  * KIND, either express or implied.  See the License for the
24  * specific language governing permissions and limitations
25  * under the License.
26  */
27 
28 #include <string.h>
29 
30 #include "mcuboot_config/mcuboot_config.h"
31 
32 #ifdef MCUBOOT_SIGN_RSA
33 #include "bootutil_priv.h"
34 #include "bootutil/sign_key.h"
35 #include "bootutil/fault_injection_hardening.h"
36 
37 #define BOOTUTIL_CRYPTO_RSA_SIGN_ENABLED
38 #include "bootutil/crypto/rsa.h"
39 
40 /* PSA Crypto APIs provide an integrated API to perform the verification
41  * while for other crypto backends we need to implement each step at this
42  * abstraction level
43  */
44 #if !defined(MCUBOOT_USE_PSA_CRYPTO)
45 
46 #include "bootutil/crypto/sha.h"
47 
48 /*
49  * Constants for this particular constrained implementation of
50  * RSA-PSS. In particular, we support RSA 2048, with a SHA256 hash,
51  * and a 32-byte salt.  A signature with different parameters will be
52  * rejected as invalid.
53  */
54 
55 /* The size, in octets, of the message. */
56 #define PSS_EMLEN (MCUBOOT_SIGN_RSA_LEN / 8)
57 
58 /* The size of the hash function.  For SHA256, this is 32 bytes. */
59 #define PSS_HLEN 32
60 
61 /* Size of the salt, should be fixed. */
62 #define PSS_SLEN 32
63 
64 /* The length of the mask: emLen - hLen - 1. */
65 #define PSS_MASK_LEN (PSS_EMLEN - PSS_HLEN - 1)
66 
67 #define PSS_HASH_OFFSET PSS_MASK_LEN
68 
69 /* For the mask itself, how many bytes should be all zeros. */
70 #define PSS_MASK_ZERO_COUNT (PSS_MASK_LEN - PSS_SLEN - 1)
71 #define PSS_MASK_ONE_POS   PSS_MASK_ZERO_COUNT
72 
73 /* Where the salt starts. */
74 #define PSS_MASK_SALT_POS   (PSS_MASK_ONE_POS + 1)
75 
76 static const uint8_t pss_zeros[8] = {0};
77 
78 /*
79  * Compute the RSA-PSS mask-generation function, MGF1.  Assumptions
80  * are that the mask length will be less than 256 * PSS_HLEN, and
81  * therefore we never need to increment anything other than the low
82  * byte of the counter.
83  *
84  * This is described in PKCS#1, B.2.1.
85  */
86 static void
pss_mgf1(uint8_t * mask,const uint8_t * hash)87 pss_mgf1(uint8_t *mask, const uint8_t *hash)
88 {
89     bootutil_sha_context ctx;
90     uint8_t counter[4] = { 0, 0, 0, 0 };
91     uint8_t htmp[PSS_HLEN];
92     int count = PSS_MASK_LEN;
93     int bytes;
94 
95     while (count > 0) {
96         bootutil_sha_init(&ctx);
97         bootutil_sha_update(&ctx, hash, PSS_HLEN);
98         bootutil_sha_update(&ctx, counter, 4);
99         bootutil_sha_finish(&ctx, htmp);
100 
101         counter[3]++;
102 
103         bytes = PSS_HLEN;
104         if (bytes > count)
105             bytes = count;
106 
107         memcpy(mask, htmp, bytes);
108         mask += bytes;
109         count -= bytes;
110     }
111 
112     bootutil_sha_drop(&ctx);
113 }
114 
115 /*
116  * Validate an RSA signature, using RSA-PSS, as described in PKCS #1
117  * v2.2, section 9.1.2, with many parameters required to have fixed
118  * values. RSASSA-PSS-VERIFY RFC8017 section 8.1.2
119  */
120 static fih_ret
bootutil_cmp_rsasig(bootutil_rsa_context * ctx,uint8_t * hash,uint32_t hlen,uint8_t * sig,size_t slen)121 bootutil_cmp_rsasig(bootutil_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
122   uint8_t *sig, size_t slen)
123 {
124     bootutil_sha_context shactx;
125     uint8_t em[MBEDTLS_MPI_MAX_SIZE];
126     uint8_t db_mask[PSS_MASK_LEN];
127     uint8_t h2[PSS_HLEN];
128     int i;
129     FIH_DECLARE(fih_rc, FIH_FAILURE);
130 
131     /* The caller has already verified that slen == bootutil_rsa_get_len(ctx) */
132     if (slen != PSS_EMLEN ||
133         PSS_EMLEN > MBEDTLS_MPI_MAX_SIZE) {
134         goto out;
135     }
136 
137     if (hlen != PSS_HLEN) {
138         goto out;
139     }
140 
141     /* Apply RSAVP1 to produce em = sig^E mod N using the public key */
142     if (bootutil_rsa_public(ctx, sig, em)) {
143         goto out;
144     }
145 
146     /*
147      * PKCS #1 v2.2, 9.1.2 EMSA-PSS-Verify
148      *
149      * emBits is 2048
150      * emLen = ceil(emBits/8) = 256
151      *
152      * The salt length is not known at the beginning.
153      */
154 
155     /* Step 1.  The message is constrained by the address space of a
156      * 32-bit processor, which is far less than the 2^61-1 limit of
157      * SHA-256.
158      */
159 
160     /* Step 2.  mHash is passed in as 'hash', with hLen the hlen
161      * argument. */
162 
163     /* Step 3.  if emLen < hLen + sLen + 2, inconsistent and stop.
164      * The salt length is not known at this point.
165      */
166 
167     /* Step 4.  If the rightmost octet of EM does have the value
168      * 0xbc, output inconsistent and stop.
169      */
170     if (em[PSS_EMLEN - 1] != 0xbc) {
171         goto out;
172     }
173 
174     /* Step 5.  Let maskedDB be the leftmost emLen - hLen - 1 octets
175      * of EM, and H be the next hLen octets.
176      *
177      * maskedDB is then the first 256 - 32 - 1 = 0-222
178      * H is 32 bytes 223-254
179      */
180 
181     /* Step 6.  If the leftmost 8emLen - emBits bits of the leftmost
182      * octet in maskedDB are not all equal to zero, output
183      * inconsistent and stop.
184      *
185      * 8emLen - emBits is zero, so there is nothing to test here.
186      */
187 
188     /* Step 7.  let dbMask = MGF(H, emLen - hLen - 1). */
189     pss_mgf1(db_mask, &em[PSS_HASH_OFFSET]);
190 
191     /* Step 8.  let DB = maskedDB xor dbMask.
192      * To avoid needing an additional buffer, store the 'db' in the
193      * same buffer as db_mask.  From now, to the end of this function,
194      * db_mask refers to the unmasked 'db'. */
195     for (i = 0; i < PSS_MASK_LEN; i++) {
196         db_mask[i] ^= em[i];
197     }
198 
199     /* Step 9.  Set the leftmost 8emLen - emBits bits of the leftmost
200      * octet in DB to zero.
201      * pycrypto seems to always make the emBits 2047, so we need to
202      * clear the top bit. */
203     db_mask[0] &= 0x7F;
204 
205     /* Step 10.  If the emLen - hLen - sLen - 2 leftmost octets of DB
206      * are not zero or if the octet at position emLen - hLen - sLen -
207      * 1 (the leftmost position is "position 1") does not have
208      * hexadecimal value 0x01, output "inconsistent" and stop. */
209     for (i = 0; i < PSS_MASK_ZERO_COUNT; i++) {
210         if (db_mask[i] != 0) {
211             goto out;
212         }
213     }
214 
215     if (db_mask[PSS_MASK_ONE_POS] != 1) {
216         goto out;
217     }
218 
219     /* Step 11. Let salt be the last sLen octets of DB */
220 
221     /* Step 12.  Let M' = 0x00 00 00 00 00 00 00 00 || mHash || salt; */
222 
223     /* Step 13.  Let H' = Hash(M') */
224     bootutil_sha_init(&shactx);
225     bootutil_sha_update(&shactx, pss_zeros, 8);
226     bootutil_sha_update(&shactx, hash, PSS_HLEN);
227     bootutil_sha_update(&shactx, &db_mask[PSS_MASK_SALT_POS], PSS_SLEN);
228     bootutil_sha_finish(&shactx, h2);
229     bootutil_sha_drop(&shactx);
230 
231     /* Step 14.  If H = H', output "consistent".  Otherwise, output
232      * "inconsistent". */
233     FIH_CALL(boot_fih_memequal, fih_rc, h2, &em[PSS_HASH_OFFSET], PSS_HLEN);
234 
235 out:
236     FIH_RET(fih_rc);
237 }
238 
239 #else /* MCUBOOT_USE_PSA_CRYPTO */
240 
241 static fih_ret
bootutil_cmp_rsasig(bootutil_rsa_context * ctx,uint8_t * hash,uint32_t hlen,uint8_t * sig,size_t slen)242 bootutil_cmp_rsasig(bootutil_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
243   uint8_t *sig, size_t slen)
244 {
245     int rc = -1;
246     FIH_DECLARE(fih_rc, FIH_FAILURE);
247 
248     /* PSA Crypto APIs allow the verification in a single call */
249     rc = bootutil_rsassa_pss_verify(ctx, hash, hlen, sig, slen);
250 
251     fih_rc = fih_ret_encode_zero_equality(rc);
252     if (FIH_NOT_EQ(fih_rc, FIH_SUCCESS)) {
253         FIH_SET(fih_rc, FIH_FAILURE);
254     }
255 
256     FIH_RET(fih_rc);
257 }
258 
259 #endif /* MCUBOOT_USE_PSA_CRYPTO */
260 
261 fih_ret
bootutil_verify_sig(uint8_t * hash,uint32_t hlen,uint8_t * sig,size_t slen,uint8_t key_id)262 bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, size_t slen,
263   uint8_t key_id)
264 {
265     bootutil_rsa_context ctx;
266     int rc;
267     FIH_DECLARE(fih_rc, FIH_FAILURE);
268     uint8_t *cp;
269     uint8_t *end;
270 
271     bootutil_rsa_init(&ctx);
272 
273     cp = (uint8_t *)bootutil_keys[key_id].key;
274     end = cp + *bootutil_keys[key_id].len;
275 
276     /* The key used for signature verification is a public RSA key */
277     rc = bootutil_rsa_parse_public_key(&ctx, &cp, end);
278     if (rc || slen != bootutil_rsa_get_len(&ctx)) {
279         goto out;
280     }
281     FIH_CALL(bootutil_cmp_rsasig, fih_rc, &ctx, hash, hlen, sig, slen);
282 
283 out:
284     bootutil_rsa_drop(&ctx);
285 
286     FIH_RET(fih_rc);
287 }
288 #endif /* MCUBOOT_SIGN_RSA */
289