TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 71b8f981df4f4e65df1757c6ba14ce8d2b7e7696 / . / scripts / imgtool / image.py
blob: 644a0286c637e3abdf2f90b4d3e982ac5efae060 [file] [log] [blame]
Carles Cufi37d052f2018-01-30 16:40:10 +0100[diff] [blame]1# Copyright 2018 Nordic Semiconductor ASA
David Brown1314bf32017-12-20 11:10:55 -0700[diff] [blame]2# Copyright 2017 Linaro Limited
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]3# Copyright 2019-2020 Arm Limited
David Brown1314bf32017-12-20 11:10:55 -0700[diff] [blame]4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]17"""
18Image signing and management.
19"""
20
21from . import version as versmod
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]22from .boot_record import create_sw_component_data
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]23import click
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]24from enum import Enum
Carles Cufi37d052f2018-01-30 16:40:10 +0100[diff] [blame]25from intelhex import IntelHex
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]26import hashlib
27import struct
Carles Cufi37d052f2018-01-30 16:40:10 +0100[diff] [blame]28import os.path
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]29from .keys import rsa, ecdsa
30from cryptography.hazmat.primitives.asymmetric import ec, padding
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]31from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]32from cryptography.hazmat.primitives.kdf.hkdf import HKDF
33from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]34from cryptography.hazmat.backends import default_backend
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]35from cryptography.hazmat.primitives import hashes, hmac
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]36from cryptography.exceptions import InvalidSignature
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]37
David Brown72e7a512017-09-01 11:08:23 -0600[diff] [blame]38IMAGE_MAGIC = 0x96f3b83d
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]39IMAGE_HEADER_SIZE = 32
Carles Cufi37d052f2018-01-30 16:40:10 +0100[diff] [blame]40BIN_EXT = "bin"
41INTEL_HEX_EXT = "hex"
Fabio Utzig519285f2018-06-04 11:11:53 -0300[diff] [blame]42DEFAULT_MAX_SECTORS = 128
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]43MAX_ALIGN = 8
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]44DEP_IMAGES_KEY = "images"
45DEP_VERSIONS_KEY = "versions"
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]46MAX_SW_TYPE_LENGTH = 12 # Bytes
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]47
48# Image header flags.
49IMAGE_F = {
50 'PIC': 0x0000001,
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]51 'NON_BOOTABLE': 0x0000010,
52 'ENCRYPTED': 0x0000004,
53}
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]54
55TLV_VALUES = {
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]56 'KEYHASH': 0x01,
David Brown27648b82017-08-31 10:40:29 -0600[diff] [blame]57 'SHA256': 0x10,
58 'RSA2048': 0x20,
59 'ECDSA224': 0x21,
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]60 'ECDSA256': 0x22,
Fabio Utzig19fd79a2019-05-08 18:20:39 -0300[diff] [blame]61 'RSA3072': 0x23,
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]62 'ED25519': 0x24,
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]63 'ENCRSA2048': 0x30,
64 'ENCKW128': 0x31,
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]65 'ENCEC256': 0x32,
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]66 'DEPENDENCY': 0x40,
67 'SEC_CNT': 0x50,
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]68 'BOOT_RECORD': 0x60,
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]69}
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]70
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]71TLV_SIZE = 4
David Brownf5b33d82017-09-01 10:58:27 -0600[diff] [blame]72TLV_INFO_SIZE = 4
73TLV_INFO_MAGIC = 0x6907
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]74TLV_PROT_INFO_MAGIC = 0x6908
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]75
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]76boot_magic = bytes([
77 0x77, 0xc2, 0x95, 0xf3,
78 0x60, 0xd2, 0xef, 0x7f,
79 0x35, 0x52, 0x50, 0x0f,
80 0x2c, 0xb6, 0x79, 0x80, ])
81
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]82STRUCT_ENDIAN_DICT = {
83 'little': '<',
84 'big': '>'
85}
86
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]87VerifyResult = Enum('VerifyResult',
88 """
89 OK INVALID_MAGIC INVALID_TLV_INFO_MAGIC INVALID_HASH
90 INVALID_SIGNATURE
91 """)
92
93
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]94class TLV():
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]95 def __init__(self, endian, magic=TLV_INFO_MAGIC):
96 self.magic = magic
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]97 self.buf = bytearray()
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]98 self.endian = endian
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]99
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]100 def __len__(self):
101 return TLV_INFO_SIZE + len(self.buf)
102
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]103 def add(self, kind, payload):
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]104 """
105 Add a TLV record. Kind should be a string found in TLV_VALUES above.
106 """
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]107 e = STRUCT_ENDIAN_DICT[self.endian]
108 buf = struct.pack(e + 'BBH', TLV_VALUES[kind], 0, len(payload))
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]109 self.buf += buf
110 self.buf += payload
111
112 def get(self):
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]113 if len(self.buf) == 0:
114 return bytes()
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]115 e = STRUCT_ENDIAN_DICT[self.endian]
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]116 header = struct.pack(e + 'HH', self.magic, len(self))
David Brownf5b33d82017-09-01 10:58:27 -0600[diff] [blame]117 return header + bytes(self.buf)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]118
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]119
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]120class Image():
Carles Cufi37d052f2018-01-30 16:40:10 +0100[diff] [blame]121
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]122 def __init__(self, version=None, header_size=IMAGE_HEADER_SIZE,
Henrik Brix Andersen0ce958e2020-03-11 14:04:11 +0100[diff] [blame]123 pad_header=False, pad=False, confirm=False, align=1,
124 slot_size=0, max_sectors=DEFAULT_MAX_SECTORS,
125 overwrite_only=False, endian="little", load_addr=0,
126 erased_val=None, save_enctlv=False, security_counter=None):
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]127 self.version = version or versmod.decode_version("0")
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]128 self.header_size = header_size
129 self.pad_header = pad_header
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]130 self.pad = pad
Henrik Brix Andersen0ce958e2020-03-11 14:04:11 +0100[diff] [blame]131 self.confirm = confirm
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]132 self.align = align
133 self.slot_size = slot_size
134 self.max_sectors = max_sectors
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]135 self.overwrite_only = overwrite_only
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]136 self.endian = endian
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]137 self.base_addr = None
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]138 self.load_addr = 0 if load_addr is None else load_addr
Fabio Utzigcb080732020-02-07 12:01:39 -0300[diff] [blame]139 self.erased_val = 0xff if erased_val is None else int(erased_val, 0)
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]140 self.payload = []
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]141 self.enckey = None
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]142 self.save_enctlv = save_enctlv
143 self.enctlv_len = 0
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]144
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]145 if security_counter == 'auto':
146 # Security counter has not been explicitly provided,
147 # generate it from the version number
148 self.security_counter = ((self.version.major << 24)
149 + (self.version.minor << 16)
150 + self.version.revision)
151 else:
152 self.security_counter = security_counter
153
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]154 def __repr__(self):
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]155 return "<Image version={}, header_size={}, security_counter={}, \
156 base_addr={}, load_addr={}, align={}, slot_size={}, \
157 max_sectors={}, overwrite_only={}, endian={} format={}, \
158 payloadlen=0x{:x}>".format(
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]159 self.version,
160 self.header_size,
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]161 self.security_counter,
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]162 self.base_addr if self.base_addr is not None else "N/A",
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]163 self.load_addr,
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]164 self.align,
165 self.slot_size,
166 self.max_sectors,
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]167 self.overwrite_only,
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]168 self.endian,
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]169 self.__class__.__name__,
170 len(self.payload))
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]171
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]172 def load(self, path):
173 """Load an image from a given file"""
174 ext = os.path.splitext(path)[1][1:].lower()
Fabio Utzig1f508922020-01-15 11:37:51 -0300[diff] [blame]175 try:
176 if ext == INTEL_HEX_EXT:
177 ih = IntelHex(path)
178 self.payload = ih.tobinarray()
179 self.base_addr = ih.minaddr()
180 else:
181 with open(path, 'rb') as f:
182 self.payload = f.read()
183 except FileNotFoundError:
184 raise click.UsageError("Input file not found")
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]185
186 # Add the image header if needed.
187 if self.pad_header and self.header_size > 0:
188 if self.base_addr:
189 # Adjust base_addr for new header
190 self.base_addr -= self.header_size
Fabio Utzig9117fde2019-10-17 11:11:46 -0300[diff] [blame]191 self.payload = bytes([self.erased_val] * self.header_size) + \
192 self.payload
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]193
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]194 self.check_header()
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]195
Fabio Utzigedbabcf2019-10-11 13:03:37 -0300[diff] [blame]196 def save(self, path, hex_addr=None):
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]197 """Save an image from a given file"""
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]198 ext = os.path.splitext(path)[1][1:].lower()
199 if ext == INTEL_HEX_EXT:
200 # input was in binary format, but HEX needs to know the base addr
Fabio Utzigedbabcf2019-10-11 13:03:37 -0300[diff] [blame]201 if self.base_addr is None and hex_addr is None:
Fabio Utzig1f508922020-01-15 11:37:51 -0300[diff] [blame]202 raise click.UsageError("No address exists in input file "
203 "neither was it provided by user")
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]204 h = IntelHex()
Fabio Utzigedbabcf2019-10-11 13:03:37 -0300[diff] [blame]205 if hex_addr is not None:
206 self.base_addr = hex_addr
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]207 h.frombytes(bytes=self.payload, offset=self.base_addr)
Fabio Utzigedbabcf2019-10-11 13:03:37 -0300[diff] [blame]208 if self.pad:
Fabio Utzig2269f472019-10-17 11:14:33 -0300[diff] [blame]209 trailer_size = self._trailer_size(self.align, self.max_sectors,
210 self.overwrite_only,
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]211 self.enckey,
212 self.save_enctlv,
213 self.enctlv_len)
Fabio Utzig2269f472019-10-17 11:14:33 -0300[diff] [blame]214 trailer_addr = (self.base_addr + self.slot_size) - trailer_size
215 padding = bytes([self.erased_val] *
216 (trailer_size - len(boot_magic))) + boot_magic
217 h.puts(trailer_addr, padding)
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]218 h.tofile(path, 'hex')
219 else:
Fabio Utzigedbabcf2019-10-11 13:03:37 -0300[diff] [blame]220 if self.pad:
221 self.pad_to(self.slot_size)
Fabio Utzig7c00acd2019-01-07 09:54:20 -0200[diff] [blame]222 with open(path, 'wb') as f:
223 f.write(self.payload)
224
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]225 def check_header(self):
Fabio Utzigf5556c32019-10-23 11:00:27 -0300[diff] [blame]226 if self.header_size > 0 and not self.pad_header:
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]227 if any(v != 0 for v in self.payload[0:self.header_size]):
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]228 raise click.UsageError("Header padding was not requested and "
229 "image does not start with zeros")
230
231 def check_trailer(self):
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]232 if self.slot_size > 0:
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]233 tsize = self._trailer_size(self.align, self.max_sectors,
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]234 self.overwrite_only, self.enckey,
235 self.save_enctlv, self.enctlv_len)
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]236 padding = self.slot_size - (len(self.payload) + tsize)
237 if padding < 0:
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]238 msg = "Image size (0x{:x}) + trailer (0x{:x}) exceeds " \
239 "requested size 0x{:x}".format(
240 len(self.payload), tsize, self.slot_size)
241 raise click.UsageError(msg)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]242
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]243 def ecies_p256_hkdf(self, enckey, plainkey):
244 newpk = ec.generate_private_key(ec.SECP256R1(), default_backend())
245 shared = newpk.exchange(ec.ECDH(), enckey._get_public())
246 derived_key = HKDF(
247 algorithm=hashes.SHA256(), length=48, salt=None,
248 info=b'MCUBoot_ECIES_v1', backend=default_backend()).derive(shared)
249 encryptor = Cipher(algorithms.AES(derived_key[:16]),
250 modes.CTR(bytes([0] * 16)),
251 backend=default_backend()).encryptor()
252 cipherkey = encryptor.update(plainkey) + encryptor.finalize()
253 mac = hmac.HMAC(derived_key[16:], hashes.SHA256(),
254 backend=default_backend())
255 mac.update(cipherkey)
256 ciphermac = mac.finalize()
257 pubk = newpk.public_key().public_bytes(
258 encoding=Encoding.X962,
259 format=PublicFormat.UncompressedPoint)
260 return cipherkey, ciphermac, pubk
261
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]262 def create(self, key, enckey, dependencies=None, sw_type=None):
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]263 self.enckey = enckey
264
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]265 # Calculate the hash of the public key
266 if key is not None:
267 pub = key.get_public_bytes()
268 sha = hashlib.sha256()
269 sha.update(pub)
270 pubbytes = sha.digest()
271 else:
272 pubbytes = bytes(hashlib.sha256().digest_size)
273
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]274 protected_tlv_size = 0
275
276 if self.security_counter is not None:
277 # Size of the security counter TLV: header ('HH') + payload ('I')
278 # = 4 + 4 = 8 Bytes
279 protected_tlv_size += TLV_SIZE + 4
280
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]281 if sw_type is not None:
282 if len(sw_type) > MAX_SW_TYPE_LENGTH:
283 msg = "'{}' is too long ({} characters) for sw_type. Its " \
284 "maximum allowed length is 12 characters.".format(
285 sw_type, len(sw_type))
286 raise click.UsageError(msg)
287
288 image_version = (str(self.version.major) + '.'
289 + str(self.version.minor) + '.'
290 + str(self.version.revision))
291
292 # The image hash is computed over the image header, the image
293 # itself and the protected TLV area. However, the boot record TLV
294 # (which is part of the protected area) should contain this hash
295 # before it is even calculated. For this reason the script fills
296 # this field with zeros and the bootloader will insert the right
297 # value later.
298 digest = bytes(hashlib.sha256().digest_size)
299
300 # Create CBOR encoded boot record
301 boot_record = create_sw_component_data(sw_type, image_version,
302 "SHA256", digest,
303 pubbytes)
304
305 protected_tlv_size += TLV_SIZE + len(boot_record)
306
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]307 if dependencies is not None:
308 # Size of a Dependency TLV = Header ('HH') + Payload('IBBHI')
309 # = 4 + 12 = 16 Bytes
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]310 dependencies_num = len(dependencies[DEP_IMAGES_KEY])
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]311 protected_tlv_size += (dependencies_num * 16)
312
313 if protected_tlv_size != 0:
314 # Add the size of the TLV info header
315 protected_tlv_size += TLV_INFO_SIZE
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]316
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]317 # At this point the image is already on the payload, this adds
318 # the header to the payload as well
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]319 self.add_header(enckey, protected_tlv_size)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]320
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]321 prot_tlv = TLV(self.endian, TLV_PROT_INFO_MAGIC)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]322
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]323 # Protected TLVs must be added first, because they are also included
324 # in the hash calculation
325 protected_tlv_off = None
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]326 if protected_tlv_size != 0:
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]327
328 e = STRUCT_ENDIAN_DICT[self.endian]
329
330 if self.security_counter is not None:
331 payload = struct.pack(e + 'I', self.security_counter)
332 prot_tlv.add('SEC_CNT', payload)
333
David Vincze71b8f982020-03-17 19:08:12 +0100[diff] [blame^]334 if sw_type is not None:
335 prot_tlv.add('BOOT_RECORD', boot_record)
336
David Vincze1a7a6902020-02-18 15:05:16 +0100[diff] [blame]337 if dependencies is not None:
338 for i in range(dependencies_num):
339 payload = struct.pack(
340 e + 'B3x'+'BBHI',
341 int(dependencies[DEP_IMAGES_KEY][i]),
342 dependencies[DEP_VERSIONS_KEY][i].major,
343 dependencies[DEP_VERSIONS_KEY][i].minor,
344 dependencies[DEP_VERSIONS_KEY][i].revision,
345 dependencies[DEP_VERSIONS_KEY][i].build
346 )
347 prot_tlv.add('DEPENDENCY', payload)
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]348
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]349 protected_tlv_off = len(self.payload)
350 self.payload += prot_tlv.get()
351
352 tlv = TLV(self.endian)
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]353
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]354 # Note that ecdsa wants to do the hashing itself, which means
355 # we get to hash it twice.
356 sha = hashlib.sha256()
357 sha.update(self.payload)
358 digest = sha.digest()
359
360 tlv.add('SHA256', digest)
361
David Brown0f0c6a82017-06-08 09:26:24 -0600[diff] [blame]362 if key is not None:
David Brown43cda332017-09-01 09:53:23 -0600[diff] [blame]363 tlv.add('KEYHASH', pubbytes)
364
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]365 # `sign` expects the full image payload (sha256 done internally),
366 # while `sign_digest` expects only the digest of the payload
367
368 if hasattr(key, 'sign'):
369 sig = key.sign(bytes(self.payload))
370 else:
371 sig = key.sign_digest(digest)
David Brown0f0c6a82017-06-08 09:26:24 -0600[diff] [blame]372 tlv.add(key.sig_tlv(), sig)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]373
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]374 # At this point the image was hashed + signed, we can remove the
375 # protected TLVs from the payload (will be re-added later)
376 if protected_tlv_off is not None:
377 self.payload = self.payload[:protected_tlv_off]
378
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]379 if enckey is not None:
380 plainkey = os.urandom(16)
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]381
382 if isinstance(enckey, rsa.RSAPublic):
383 cipherkey = enckey._get_public().encrypt(
384 plainkey, padding.OAEP(
385 mgf=padding.MGF1(algorithm=hashes.SHA256()),
386 algorithm=hashes.SHA256(),
387 label=None))
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]388 self.enctlv_len = len(cipherkey)
Fabio Utzig7a3b2602019-10-22 09:56:44 -0300[diff] [blame]389 tlv.add('ENCRSA2048', cipherkey)
390 elif isinstance(enckey, ecdsa.ECDSA256P1Public):
391 cipherkey, mac, pubk = self.ecies_p256_hkdf(enckey, plainkey)
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]392 enctlv = pubk + mac + cipherkey
393 self.enctlv_len = len(enctlv)
394 tlv.add('ENCEC256', enctlv)
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]395
396 nonce = bytes([0] * 16)
397 cipher = Cipher(algorithms.AES(plainkey), modes.CTR(nonce),
398 backend=default_backend())
399 encryptor = cipher.encryptor()
400 img = bytes(self.payload[self.header_size:])
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]401 self.payload[self.header_size:] = \
402 encryptor.update(img) + encryptor.finalize()
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]403
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]404 self.payload += prot_tlv.get()
405 self.payload += tlv.get()
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]406
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]407 self.check_trailer()
408
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]409 def add_header(self, enckey, protected_tlv_size):
Fabio Utzigcd284062018-11-30 11:05:45 -0200[diff] [blame]410 """Install the image header."""
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]411
David Brown0f0c6a82017-06-08 09:26:24 -0600[diff] [blame]412 flags = 0
Fabio Utzig06b77b82018-08-23 16:01:16 -0300[diff] [blame]413 if enckey is not None:
414 flags |= IMAGE_F['ENCRYPTED']
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]415
Mark Schultea66c6872018-09-26 17:24:40 -0700[diff] [blame]416 e = STRUCT_ENDIAN_DICT[self.endian]
417 fmt = (e +
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]418 # type ImageHdr struct {
419 'I' + # Magic uint32
420 'I' + # LoadAddr uint32
421 'H' + # HdrSz uint16
422 'H' + # PTLVSz uint16
423 'I' + # ImgSz uint32
424 'I' + # Flags uint32
425 'BBHI' + # Vers ImageVersion
426 'I' # Pad1 uint32
427 ) # }
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]428 assert struct.calcsize(fmt) == IMAGE_HEADER_SIZE
429 header = struct.pack(fmt,
430 IMAGE_MAGIC,
Håkon Øye Amundsendf8c8912019-08-26 12:15:28 +0000[diff] [blame]431 self.load_addr,
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]432 self.header_size,
Fabio Utzig510fddb2019-09-12 12:15:36 -0300[diff] [blame]433 protected_tlv_size, # TLV Info header + Protected TLVs
434 len(self.payload) - self.header_size, # ImageSz
435 flags,
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]436 self.version.major,
437 self.version.minor or 0,
438 self.version.revision or 0,
439 self.version.build or 0,
David Vinczeda8c9192019-03-26 17:17:41 +0100[diff] [blame]440 0) # Pad1
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]441 self.payload = bytearray(self.payload)
442 self.payload[:len(header)] = header
443
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]444 def _trailer_size(self, write_size, max_sectors, overwrite_only, enckey,
445 save_enctlv, enctlv_len):
Fabio Utzig519285f2018-06-04 11:11:53 -0300[diff] [blame]446 # NOTE: should already be checked by the argument parser
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]447 magic_size = 16
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]448 if overwrite_only:
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]449 return MAX_ALIGN * 2 + magic_size
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]450 else:
451 if write_size not in set([1, 2, 4, 8]):
Fabio Utzig1f508922020-01-15 11:37:51 -0300[diff] [blame]452 raise click.BadParameter("Invalid alignment: {}".format(
453 write_size))
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]454 m = DEFAULT_MAX_SECTORS if max_sectors is None else max_sectors
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]455 trailer = m * 3 * write_size # status area
456 if enckey is not None:
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]457 if save_enctlv:
458 # TLV saved by the bootloader is aligned
459 keylen = (int((enctlv_len - 1) / MAX_ALIGN) + 1) * MAX_ALIGN
460 else:
461 keylen = 16
462 trailer += keylen * 2 # encryption keys
Fabio Utzig88282802019-10-17 11:17:18 -0300[diff] [blame]463 trailer += MAX_ALIGN * 4 # image_ok/copy_done/swap_info/swap_size
Fabio Utzig649d80f2019-09-12 10:26:23 -0300[diff] [blame]464 trailer += magic_size
465 return trailer
Fabio Utzig519285f2018-06-04 11:11:53 -0300[diff] [blame]466
Fabio Utzig263d4392018-06-05 10:37:35 -0300[diff] [blame]467 def pad_to(self, size):
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]468 """Pad the image to the given size, with the given flash alignment."""
Fabio Utzigdcf0c9b2018-06-11 12:27:49 -0700[diff] [blame]469 tsize = self._trailer_size(self.align, self.max_sectors,
Fabio Utzig9a492d52020-01-15 11:31:52 -0300[diff] [blame]470 self.overwrite_only, self.enckey,
471 self.save_enctlv, self.enctlv_len)
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]472 padding = size - (len(self.payload) + tsize)
Henrik Brix Andersen0ce958e2020-03-11 14:04:11 +0100[diff] [blame]473 pbytes = bytearray([self.erased_val] * padding)
474 pbytes += bytearray([self.erased_val] * (tsize - len(boot_magic)))
475 if self.confirm and not self.overwrite_only:
476 pbytes[-MAX_ALIGN] = 0x01 # image_ok = 0x01
Fabio Utzige08f0872017-06-28 18:12:16 -0300[diff] [blame]477 pbytes += boot_magic
David Brown23f91ad2017-05-16 11:38:17 -0600[diff] [blame]478 self.payload += pbytes
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]479
480 @staticmethod
481 def verify(imgfile, key):
482 with open(imgfile, "rb") as f:
483 b = f.read()
484
485 magic, _, header_size, _, img_size = struct.unpack('IIHHI', b[:16])
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]486 version = struct.unpack('BBHI', b[20:28])
487
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]488 if magic != IMAGE_MAGIC:
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]489 return VerifyResult.INVALID_MAGIC, None
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]490
491 tlv_info = b[header_size+img_size:header_size+img_size+TLV_INFO_SIZE]
492 magic, tlv_tot = struct.unpack('HH', tlv_info)
493 if magic != TLV_INFO_MAGIC:
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]494 return VerifyResult.INVALID_TLV_INFO_MAGIC, None
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]495
496 sha = hashlib.sha256()
497 sha.update(b[:header_size+img_size])
498 digest = sha.digest()
499
500 tlv_off = header_size + img_size
501 tlv_end = tlv_off + tlv_tot
502 tlv_off += TLV_INFO_SIZE # skip tlv info
503 while tlv_off < tlv_end:
504 tlv = b[tlv_off:tlv_off+TLV_SIZE]
505 tlv_type, _, tlv_len = struct.unpack('BBH', tlv)
506 if tlv_type == TLV_VALUES["SHA256"]:
507 off = tlv_off + TLV_SIZE
508 if digest == b[off:off+tlv_len]:
509 if key is None:
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]510 return VerifyResult.OK, version
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]511 else:
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]512 return VerifyResult.INVALID_HASH, None
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]513 elif key is not None and tlv_type == TLV_VALUES[key.sig_tlv()]:
514 off = tlv_off + TLV_SIZE
515 tlv_sig = b[off:off+tlv_len]
516 payload = b[:header_size+img_size]
517 try:
Fabio Utzig8101d1f2019-05-09 15:03:22 -0300[diff] [blame]518 if hasattr(key, 'verify'):
519 key.verify(tlv_sig, payload)
520 else:
521 key.verify_digest(tlv_sig, digest)
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]522 return VerifyResult.OK, version
Fabio Utzig4a5477a2019-05-27 15:45:08 -0300[diff] [blame]523 except InvalidSignature:
524 # continue to next TLV
525 pass
526 tlv_off += TLV_SIZE + tlv_len
Marek Pietae9555102019-08-08 16:08:16 +0200[diff] [blame]527 return VerifyResult.INVALID_SIGNATURE, None