TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mcuboot / 85d879f195f23f6a8daa0c09957a01f887e96d72 / . / boot / bootutil / src / image_rsa.c
blob: 408e7e649f2a99c6b8f91ae7e6f96397ed13a830 [file] [log] [blame]
Christopher Collins92ea77f2016-12-12 15:59:26 -0800[diff] [blame]1/*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied. See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
Ricardo Salvetia2d5b1a2017-01-18 11:41:39 -0200[diff] [blame]20#include <string.h>
21
Fabio Utzigeed80b62017-06-10 08:03:05 -0300[diff] [blame]22#ifdef APP_mynewt
23#include "mynewt/config.h"
24#endif
25
Fabio Utzig19356bf2017-05-11 16:19:36 -0300[diff] [blame]26#ifdef MCUBOOT_SIGN_RSA
Christopher Collins92ea77f2016-12-12 15:59:26 -0800[diff] [blame]27#include "bootutil/sign_key.h"
28
29#include "mbedtls/rsa.h"
30#include "mbedtls/asn1.h"
31
32#include "bootutil_priv.h"
33
34static const uint8_t sha256_oid[] = {
35 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
36 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
37 0x00, 0x04, 0x20
38};
39
40/*
41 * Parse the public key used for signing. Simple RSA format.
42 */
43static int
44bootutil_parse_rsakey(mbedtls_rsa_context *ctx, uint8_t **p, uint8_t *end)
45{
46 int rc;
47 size_t len;
48
49 if ((rc = mbedtls_asn1_get_tag(p, end, &len,
50 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 0) {
51 return -1;
52 }
53
54 if (*p + len != end) {
55 return -2;
56 }
57
58 if ((rc = mbedtls_asn1_get_mpi(p, end, &ctx->N)) != 0 ||
59 (rc = mbedtls_asn1_get_mpi(p, end, &ctx->E)) != 0) {
60 return -3;
61 }
62
63 if (*p != end) {
64 return -4;
65 }
66
67 if ((rc = mbedtls_rsa_check_pubkey(ctx)) != 0) {
68 return -5;
69 }
70
71 ctx->len = mbedtls_mpi_size(&ctx->N);
72
73 return 0;
74}
75
76/*
77 * PKCS1.5 using RSA2048 computed over SHA256.
78 */
79static int
80bootutil_cmp_rsasig(mbedtls_rsa_context *ctx, uint8_t *hash, uint32_t hlen,
81 uint8_t *sig)
82{
83 uint8_t buf[MBEDTLS_MPI_MAX_SIZE];
84 uint8_t *p;
85
86 if (ctx->len != 256) {
87 return -1;
88 }
89
90 if (mbedtls_rsa_public(ctx, sig, buf)) {
91 return -1;
92 }
93
94 p = buf;
95
96 if (*p++ != 0 || *p++ != MBEDTLS_RSA_SIGN) {
97 return -1;
98 }
99
100 while (*p != 0) {
101 if (p >= buf + ctx->len - 1 || *p != 0xFF) {
102 return -1;
103 }
104 p++;
105 }
106 p++;
107
108 if ((p - buf) + sizeof(sha256_oid) + hlen != ctx->len) {
109 return -1;
110 }
111
112 if (memcmp(p, sha256_oid, sizeof(sha256_oid))) {
113 return -1;
114 }
115 p += sizeof(sha256_oid);
116
117 if (memcmp(p, hash, hlen)) {
118 return -1;
119 }
120
121 return 0;
122}
123
124int
125bootutil_verify_sig(uint8_t *hash, uint32_t hlen, uint8_t *sig, int slen,
126 uint8_t key_id)
127{
128 mbedtls_rsa_context ctx;
129 int rc;
130 uint8_t *cp;
131 uint8_t *end;
132
133 mbedtls_rsa_init(&ctx, 0, 0);
134
135 cp = (uint8_t *)bootutil_keys[key_id].key;
136 end = cp + *bootutil_keys[key_id].len;
137
138 rc = bootutil_parse_rsakey(&ctx, &cp, end);
139 if (rc || slen != ctx.len) {
140 mbedtls_rsa_free(&ctx);
141 return rc;
142 }
143 rc = bootutil_cmp_rsasig(&ctx, hash, hlen, sig);
144 mbedtls_rsa_free(&ctx);
145
146 return rc;
147}
Fabio Utzig19356bf2017-05-11 16:19:36 -0300[diff] [blame]148#endif /* MCUBOOT_SIGN_RSA */