From: Ahmad Fatoum <a.fatoum@pengutronix.de>
To: Sascha Hauer <s.hauer@pengutronix.de>,
Barebox List <barebox@lists.infradead.org>
Subject: Re: [PATCH v2 19/19] fit: Add ecdsa support
Date: Mon, 5 Aug 2024 14:04:38 +0200 [thread overview]
Message-ID: <33a02fa2-f350-455d-b14c-458560a0587a@pengutronix.de> (raw)
In-Reply-To: <20240801055737.3190132-20-s.hauer@pengutronix.de>
On 01.08.24 07:57, Sascha Hauer wrote:
> This adds ECDSA signing support to the FIT image code.
>
> Previously we unconditionally called into rsa_verify() as this was the
> only option. Now with ECDSA support we first have to check the type of
> the signature, so we start evaluating the signature type in given in the
> FIT image and call rsa_verify() or ecdsa_verify() depending on it.
>
> Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Reviewed-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
> ---
> common/image-fit.c | 112 +++++++++++++++++++++++++++++++++++++--------
> 1 file changed, 94 insertions(+), 18 deletions(-)
>
> diff --git a/common/image-fit.c b/common/image-fit.c
> index 6002440e7e..599d969a38 100644
> --- a/common/image-fit.c
> +++ b/common/image-fit.c
> @@ -21,6 +21,7 @@
> #include <linux/err.h>
> #include <stringlist.h>
> #include <rsa.h>
> +#include <ecdsa.h>
> #include <uncompress.h>
> #include <image-fit.h>
>
> @@ -253,13 +254,11 @@ static struct digest *fit_alloc_digest(struct device_node *sig_node,
> return digest;
> }
>
> -static int fit_check_rsa_signature(struct device_node *sig_node,
> - enum hash_algo algo, void *hash)
> +static int fit_check_rsa_signature(const void *signature, size_t sig_len,
> + enum hash_algo algo, void *hash,
> + const char *key_name)
> {
> const struct rsa_public_key *key;
> - const char *key_name = NULL;
> - int sig_len;
> - const char *sig_value;
> int ret;
>
> if (!IS_ENABLED(CONFIG_CRYPTO_RSA)) {
> @@ -267,17 +266,10 @@ static int fit_check_rsa_signature(struct device_node *sig_node,
> return -EOPNOTSUPP;
> }
>
> - sig_value = of_get_property(sig_node, "value", &sig_len);
> - if (!sig_value) {
> - pr_err("signature value not found in %pOF\n", sig_node);
> - return -EINVAL;
> - }
> -
> - of_property_read_string(sig_node, "key-name-hint", &key_name);
> if (key_name) {
> key = rsa_get_key(key_name);
> if (key) {
> - ret = rsa_verify(key, sig_value, sig_len, hash, algo);
> + ret = rsa_verify(key, signature, sig_len, hash, algo);
> if (!ret)
> goto ok;
> }
> @@ -287,20 +279,104 @@ static int fit_check_rsa_signature(struct device_node *sig_node,
> if (key_name && !strcmp(key->key_name_hint, key_name))
> continue;
>
> - ret = rsa_verify(key, sig_value, sig_len, hash, algo);
> + ret = rsa_verify(key, signature, sig_len, hash, algo);
> if (!ret)
> goto ok;
> }
>
> - pr_err("image signature BAD\n");
> + pr_err("image RSA signature BAD\n");
>
> return -EBADMSG;
> ok:
> - pr_info("image signature OK\n");
> + pr_info("image RSA signature OK\n");
>
> return 0;
> }
>
> +static int fit_check_ecdsa_signature(const void *signature, size_t sig_len,
> + enum hash_algo algo, void *hash,
> + const char *key_name)
> +{
> + const struct ecdsa_public_key *key;
> + int ret;
> +
> + if (!IS_ENABLED(CONFIG_CRYPTO_ECDSA)) {
> + pr_err("ECDSA support is disabled, Cannot verify image\n");
> + return -EOPNOTSUPP;
> + }
> +
> + for_each_ecdsa_key(key) {
> + ret = ecdsa_verify(key, signature, sig_len, hash);
> + if (!ret) {
> + pr_info("image ECDSA signature OK\n");
> + return 0;
> + }
> + }
> +
> + pr_err("image ECDSA signature BAD\n");
> +
> + return -EBADMSG;
> +}
> +
> +struct crypto_algo {
> + const char *name;
> + int (*verify)(const void *signature, size_t sig_len, enum hash_algo algo,
> + void *hash, const char *key_name);
> +};
> +
> +static struct crypto_algo crypto_algos[] = {
> + {
> + .name = "rsa2048",
> + .verify = fit_check_rsa_signature,
> + }, {
> + .name = "rsa3072",
> + .verify = fit_check_rsa_signature,
> + }, {
> + .name = "rsa4096",
> + .verify = fit_check_rsa_signature,
> + }, {
> + .name = "ecdsa256",
> + .verify = fit_check_ecdsa_signature,
> + },
> +};
> +
> +static int fit_check_signature(struct device_node *sig_node,
> + enum hash_algo algo, void *hash)
> +{
> + int sig_len, i;
> + const char *sig_value;
> + const char *algo_name;
> + const char *key_name = NULL;
> + const char *str;
> +
> + sig_value = of_get_property(sig_node, "value", &sig_len);
> + if (!sig_value) {
> + pr_err("signature value not found in %pOF\n", sig_node);
> + return -EINVAL;
> + }
> +
> + of_property_read_string(sig_node, "key-name-hint", &key_name);
> +
> + if (of_property_read_string(sig_node, "algo", &algo_name)) {
> + pr_err("algo property not found\n");
> + return -EINVAL;
> + }
> +
> + str = strchr(algo_name, ',');
> + if (!str)
> + return -EINVAL;
> + str++;
> +
> + for (i = 0; i < ARRAY_SIZE(crypto_algos); i++) {
> + struct crypto_algo *ca = &crypto_algos[i];
> +
> + if (!strcmp(ca->name, str))
> + return ca->verify(sig_value, sig_len, algo, hash, key_name);
> + }
> +
> + return -EINVAL;
> +}
> +
> /*
> * The consistency of the FTD structure was already checked by of_unflatten_dtb()
> */
> @@ -346,7 +422,7 @@ static int fit_verify_signature(struct device_node *sig_node, const void *fit)
> hash = xzalloc(digest_length(digest));
> digest_final(digest, hash);
>
> - ret = fit_check_rsa_signature(sig_node, algo, hash);
> + ret = fit_check_signature(sig_node, algo, hash);
> if (ret)
> goto out_free_hash;
>
> @@ -469,7 +545,7 @@ static int fit_image_verify_signature(struct fit_handle *handle,
> hash = xzalloc(digest_length(digest));
> digest_final(digest, hash);
>
> - ret = fit_check_rsa_signature(sig_node, algo, hash);
> + ret = fit_check_signature(sig_node, algo, hash);
>
> free(hash);
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
next prev parent reply other threads:[~2024-08-05 12:05 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-01 5:57 [PATCH v2 00/19] Add ECDSA support for FIT image verification Sascha Hauer
2024-08-01 5:57 ` [PATCH v2 01/19] errno: include string for EOPNOTSUPP Sascha Hauer
2024-08-05 9:28 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 02/19] rsatoc: disable deprecated function warnings Sascha Hauer
2024-08-05 9:29 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 03/19] rsatoc: remove unnecessary function call Sascha Hauer
2024-08-05 9:29 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 04/19] rsatoc: pass EVP_PKEY around Sascha Hauer
2024-08-05 9:35 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 05/19] rsatoc: rename rsa_err() to openssl_error() Sascha Hauer
2024-08-05 9:37 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 06/19] rsatoc: move engine initialization to engine_get_pub_key() Sascha Hauer
2024-08-05 9:47 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 07/19] rsatoc: cleanup error handling Sascha Hauer
2024-08-05 9:54 ` Ahmad Fatoum
2024-08-05 10:07 ` Sascha Hauer
2024-08-01 5:57 ` [PATCH v2 08/19] rsatoc: remove unnecessary error check Sascha Hauer
2024-08-05 9:56 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 09/19] rsatoc: use non deprecated openssl functions to retrieve RSA params Sascha Hauer
2024-08-05 10:02 ` Ahmad Fatoum
2024-08-05 10:29 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 10/19] rsatoc: check error value of gen_key() Sascha Hauer
2024-08-05 10:03 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 11/19] rsatoc: rename to keytoc Sascha Hauer
2024-08-05 10:05 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 12/19] keytoc: add ecdsa support Sascha Hauer
2024-08-05 11:04 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 13/19] keytoc: Let openssl_error() take a format string Sascha Hauer
2024-08-05 10:22 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 14/19] keytoc: clarify error messages Sascha Hauer
2024-08-05 10:06 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 15/19] malloc: implement free_sensitive() Sascha Hauer
2024-08-05 10:17 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 16/19] Add elliptic curve cryptography (ECC) helper functions Sascha Hauer
2024-08-05 11:32 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 17/19] crypto: add ECDSA support Sascha Hauer
2024-08-05 11:57 ` Ahmad Fatoum
2024-08-05 12:44 ` Sascha Hauer
2024-08-06 9:13 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 18/19] crypto: make RSA a visible option Sascha Hauer
2024-08-05 10:19 ` Ahmad Fatoum
2024-08-01 5:57 ` [PATCH v2 19/19] fit: Add ecdsa support Sascha Hauer
2024-08-05 12:04 ` Ahmad Fatoum [this message]
2024-08-06 6:03 ` [PATCH v2 00/19] Add ECDSA support for FIT image verification Sascha Hauer
2024-08-06 6:07 ` Sascha Hauer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=33a02fa2-f350-455d-b14c-458560a0587a@pengutronix.de \
--to=a.fatoum@pengutronix.de \
--cc=barebox@lists.infradead.org \
--cc=s.hauer@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox