Add utility function to find offset/len of TLVs
Add a new function, boot_find_tlv_offs, that loads the beginning and end
offset of the TLV region.
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/boot/bootutil/src/bootutil_priv.h b/boot/bootutil/src/bootutil_priv.h
index 396fbf7..bbecc99 100644
--- a/boot/bootutil/src/bootutil_priv.h
+++ b/boot/bootutil/src/bootutil_priv.h
@@ -255,6 +255,9 @@
int boot_is_version_sufficient(struct image_version *req,
struct image_version *ver);
#endif
+int boot_find_tlv_offs(const struct image_header *hdr,
+ const struct flash_area *fap,
+ uint32_t *off, uint32_t *end);
/*
* Accessors for the contents of struct boot_loader_state.
diff --git a/boot/bootutil/src/encrypted.c b/boot/bootutil/src/encrypted.c
index 72e1481..b4c5727 100644
--- a/boot/bootutil/src/encrypted.c
+++ b/boot/bootutil/src/encrypted.c
@@ -224,7 +224,6 @@
#endif
uint32_t off;
uint32_t end;
- struct image_tlv_info info;
struct image_tlv tlv;
uint8_t buf[TLV_ENC_RSA_SZ];
uint8_t slot;
@@ -242,20 +241,12 @@
return 1;
}
- off = BOOT_TLV_OFF(hdr);
-
- rc = flash_area_read(fap, off, &info, sizeof(info));
+ rc = boot_find_tlv_offs(hdr, fap, &off, &end);
if (rc) {
- return rc;
- }
- if (info.it_magic != IMAGE_TLV_INFO_MAGIC) {
return -1;
}
- end = off + info.it_tlv_tot;
- off += sizeof(info);
- enckey_type = 0;
- for (; off < end; off += sizeof(tlv) + tlv.it_len) {
+ for (enckey_type = 0; off < end; off += sizeof(tlv) + tlv.it_len) {
rc = flash_area_read(fap, off, &tlv, sizeof tlv);
if (rc) {
return rc;
@@ -267,7 +258,7 @@
}
rc = flash_area_read(fap, off + sizeof(tlv), buf, EXPECTED_ENC_LEN);
if (rc) {
- return rc;
+ return -1;
}
enckey_type = EXPECTED_ENC_TLV;
break;
@@ -276,30 +267,30 @@
if (enckey_type == 0) {
return -1;
+ } else if (enckey_type != EXPECTED_ENC_TLV) {
+ return 0;
}
- if (enckey_type == EXPECTED_ENC_TLV) {
#if defined(MCUBOOT_ENCRYPT_RSA)
- mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
+ mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
- cp = (uint8_t *)bootutil_enc_key.key;
- cpend = cp + *bootutil_enc_key.len;
+ cp = (uint8_t *)bootutil_enc_key.key;
+ cpend = cp + *bootutil_enc_key.len;
- rc = parse_enckey(&rsa, &cp, cpend);
- if (rc) {
- mbedtls_rsa_free(&rsa);
- return rc;
- }
-
- rc = mbedtls_rsa_rsaes_oaep_decrypt(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE,
- NULL, 0, &olen, buf, enckey, BOOT_ENC_KEY_SIZE);
+ rc = parse_enckey(&rsa, &cp, cpend);
+ if (rc) {
mbedtls_rsa_free(&rsa);
+ return rc;
+ }
+
+ rc = mbedtls_rsa_rsaes_oaep_decrypt(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE,
+ NULL, 0, &olen, buf, enckey, BOOT_ENC_KEY_SIZE);
+ mbedtls_rsa_free(&rsa);
#elif defined(MCUBOOT_ENCRYPT_KW)
- assert(*bootutil_enc_key.len == 16);
- rc = key_unwrap(buf, enckey);
+ assert(*bootutil_enc_key.len == 16);
+ rc = key_unwrap(buf, enckey);
#endif
- }
return rc;
}
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index 143187b..9983d4f 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c
@@ -211,7 +211,6 @@
uint32_t off;
uint32_t end;
int sha256_valid = 0;
- struct image_tlv_info info;
#ifdef EXPECTED_SIG_TLV
int valid_signature = 0;
int key_id = -1;
@@ -231,18 +230,10 @@
memcpy(out_hash, hash, 32);
}
- /* The TLVs come after the image. */
- off = BOOT_TLV_OFF(hdr);
-
- rc = flash_area_read(fap, off, &info, sizeof(info));
+ rc = boot_find_tlv_offs(hdr, fap, &off, &end);
if (rc) {
return rc;
}
- if (info.it_magic != IMAGE_TLV_INFO_MAGIC) {
- return -1;
- }
- end = off + info.it_tlv_tot;
- off += sizeof(info);
/*
* Traverse through all of the TLVs, performing any checks we know
diff --git a/boot/bootutil/src/loader.c b/boot/bootutil/src/loader.c
index 99cf186..71ebb11 100644
--- a/boot/bootutil/src/loader.c
+++ b/boot/bootutil/src/loader.c
@@ -243,6 +243,38 @@
}
/*
+ * Locate the TLVs in an image.
+ *
+ * @param hdr The image_header struct of the image being checked
+ * @param fap flash_area struct of the slot storing the image being checked
+ * @param off Address of the first TLV (after TLV info)
+ * @param end Address where TLV area ends
+ *
+ * Returns 0 on success.
+ */
+int
+boot_find_tlv_offs(const struct image_header *hdr, const struct flash_area *fap,
+ uint32_t *off, uint32_t *end)
+{
+ struct image_tlv_info info;
+ uint32_t off_;
+
+ off_ = BOOT_TLV_OFF(hdr);
+
+ if (flash_area_read(fap, off_, &info, sizeof(info))) {
+ return BOOT_EFLASH;
+ }
+
+ if (info.it_magic != IMAGE_TLV_INFO_MAGIC) {
+ return BOOT_EBADIMAGE;
+ }
+
+ *end = off_ + info.it_tlv_tot;
+ *off = off_ + sizeof(info);
+ return 0;
+}
+
+/*
* Compute the total size of the given image. Includes the size of
* the TLVs.
*/
@@ -251,8 +283,7 @@
boot_read_image_size(struct boot_loader_state *state, int slot, uint32_t *size)
{
const struct flash_area *fap;
- struct image_tlv_info info;
- uint32_t tlv_off;
+ uint32_t off;
int area_id;
int rc;
@@ -267,17 +298,10 @@
goto done;
}
- tlv_off = BOOT_TLV_OFF(boot_img_hdr(state, slot));
- rc = flash_area_read(fap, tlv_off, &info, sizeof(info));
+ rc = boot_find_tlv_offs(boot_img_hdr(state, slot), fap, &off, size);
if (rc != 0) {
- rc = BOOT_EFLASH;
goto done;
}
- if (info.it_magic != IMAGE_TLV_INFO_MAGIC) {
- rc = BOOT_EBADIMAGE;
- goto done;
- }
- *size = tlv_off + info.it_tlv_tot;
rc = 0;
done:
@@ -1821,7 +1845,6 @@
boot_verify_all_dependency(struct boot_loader_state *state, uint32_t slot)
{
const struct flash_area *fap;
- struct image_tlv_info info;
struct image_tlv tlv;
struct image_dependency dep;
uint32_t off;
@@ -1837,22 +1860,11 @@
goto done;
}
- off = BOOT_TLV_OFF(boot_img_hdr(state, slot));
-
- /* The TLV area always starts with an image_tlv_info structure. */
- rc = flash_area_read(fap, off, &info, sizeof(info));
+ rc = boot_find_tlv_offs(boot_img_hdr(state, slot), fap, &off, &end);
if (rc != 0) {
- rc = BOOT_EFLASH;
goto done;
}
- if (info.it_magic != IMAGE_TLV_INFO_MAGIC) {
- rc = BOOT_EBADIMAGE;
- goto done;
- }
- end = off + info.it_tlv_tot;
- off += sizeof(info);
-
/* Traverse through all of the TLVs to find the dependency TLVs. */
for (; off < end; off += sizeof(tlv) + tlv.it_len) {
rc = flash_area_read(fap, off, &tlv, sizeof(tlv));