Skip to content

Commit

Permalink
Further TPM RSA/ECC cleanup.
Browse files Browse the repository at this point in the history
  • Loading branch information
@dgarske
dgarske committed Aug 3, 2023
1 parent 4b97568 commit 4836159
Show file tree
Hide file tree
Showing 2 changed files with 100 additions and 113 deletions.
10 changes: 10 additions & 0 deletions include/wolfboot/wolfboot.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,16 @@ extern "C" {
# error "No valid hash algorithm defined!"
#endif

#ifdef WOLFBOOT_TPM
#if defined(WOLFBOOT_HASH_SHA256)
#define WOLFBOOT_TPM_HASH_ALG TPM_ALG_SHA256
#elif defined(WOLFBOOT_HASH_SHA384)
#define WOLFBOOT_TPM_HASH_ALG TPM_ALG_SHA384
#else
#error TPM does not support hash algorithm selection
#endif
#endif

/* Authentication configuration */
#if defined(WOLFBOOT_NO_SIGN)
# define HDR_IMG_TYPE_AUTH HDR_IMG_TYPE_AUTH_NONE
Expand Down
203 changes: 90 additions & 113 deletions src/image.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -117,74 +117,68 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
int ret, verify_res = 0;
uint8_t *pubkey = keystore_get_buffer(key_slot);
int point_sz = keystore_get_size(key_slot)/2;
if (pubkey == NULL)
return;
#ifdef WOLFBOOT_TPM
WOLFTPM2_KEY tpmKey;
#ifdef WOLFBOOT_DEBUG_TPM
const char* errStr;
#endif
#else
ecc_key ecc;
mp_int r, s;
#endif

/* TODO: Check ECC Root of Trust in TPM */
if (pubkey == NULL || point_sz <= 0)
return;

#ifdef WOLFBOOT_TPM

/* TODO: Check ECC Root of Trust in TPM */

/* Load public key into TPM */
memset(&tpmKey, 0, sizeof(tpmKey));
ret = wolfTPM2_LoadEccPublicKey(&wolftpm_dev, &tpmKey, TPM_ECC_NIST_P256,
pubkey, point_sz, pubkey + point_sz,
point_sz);
if (ret < 0)
return;

ret = wolfTPM2_VerifyHashScheme(&wolftpm_dev, &tpmKey, sig,
IMAGE_SIGNATURE_SIZE, img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE,
TPM_ALG_ECDSA, TPM_ALG_SHA256);

ret = wolfTPM2_LoadEccPublicKey(&wolftpm_dev, &tpmKey,
TPM2_GetTpmCurve(ECC_KEY_TYPE), /* Curve */
pubkey, point_sz, /* Public X */
pubkey + point_sz, point_sz /* Public Y */
);
if (ret == 0) {
ret = wolfTPM2_VerifyHashScheme(&wolftpm_dev, &tpmKey,
sig, IMAGE_SIGNATURE_SIZE, /* Signature */
img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE, /* Hash */
TPM_ALG_ECDSA, WOLFBOOT_TPM_HASH_ALG);
}
/* unload handle regardless of result */
wolfTPM2_UnloadHandle(&wolftpm_dev, &tpmKey.handle);

if (ret != TPM_RC_SUCCESS)
return;
if (ret == 0) {
verify_res = 1; /* TPM does hash verify compare */

if ((~(uint32_t)ret == 0xFFFFFFFF) && (verify_res == 1) &&
(~(uint32_t)verify_res == 0xFFFFFFFE)) {
wolfBoot_image_confirm_signature_ok(img);
}
}
else {
#ifdef WOLFBOOT_DEBUG_TPM
/* retrieve error string (for debugging) */
errStr = wolfTPM2_GetRCString(ret);
(void)errStr;
wolfBoot_printf("TPM verify error %d (%s)\n",
ret, wolfTPM2_GetRCString(ret));
#endif
ret = -1;
}
if ((ret == 0) && (~(uint32_t)ret == 0xFFFFFFFF) && (verify_res == 1) &&
(~(uint32_t)verify_res == 0xFFFFFFFE))
wolfBoot_image_confirm_signature_ok(img);
#else
/* wolfCrypt software ECC verify */
mp_int r, s;
ecc_key ecc;

ret = wc_ecc_init(&ecc);
if (ret < 0) {
/* Failed to initialize key */
return;
}

/* Import public key */
ret = wc_ecc_import_unsigned(&ecc, pubkey,
(byte*)(pubkey + point_sz), NULL, ECC_KEY_TYPE);
if ((ret < 0) || ecc.type != ECC_PUBLICKEY) {
/* Failed to import ecc key */
return;
if (ret == 0) {
/* Import public key */
ret = wc_ecc_import_unsigned(&ecc, pubkey,
(byte*)(pubkey + point_sz), NULL, ECC_KEY_TYPE);
if (ret == 0 && ecc.type == ECC_PUBLICKEY) {
/* Import signature into r,s */
mp_init(&r);
mp_init(&s);
mp_read_unsigned_bin(&r, sig, point_sz);
mp_read_unsigned_bin(&s, sig + point_sz, point_sz);
VERIFY_FN(img, &verify_res, wc_ecc_verify_hash_ex, &r, &s,
img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE, &verify_res, &ecc);
}
wc_ecc_free(&ecc);
}

/* Import signature into r,s */
mp_init(&r);
mp_init(&s);
mp_read_unsigned_bin(&r, sig, point_sz);
mp_read_unsigned_bin(&s, sig + point_sz, point_sz);
VERIFY_FN(img, &verify_res, wc_ecc_verify_hash_ex, &r, &s, img->sha_hash,
WOLFBOOT_SHA_DIGEST_SIZE, &verify_res, &ecc);
#endif /* WOLFBOOT_TPM */
}

Expand Down Expand Up @@ -284,99 +278,83 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
uint8_t* digest_out = NULL;
uint8_t *pubkey = keystore_get_buffer(key_slot);
int pubkey_sz = keystore_get_size(key_slot);
word32 inOutIdx = 0;
#ifdef WOLFBOOT_TPM
WOLFTPM2_KEY tpmKey;
const byte *n = NULL, *e = NULL;
word32 nSz = 0, eSz = 0;
#else
struct RsaKey rsa;
#endif

if ((pubkey_sz < 0) || (pubkey == NULL))
return;

#ifdef WOLFBOOT_TPM
WOLFTPM2_KEY tpmKey;
const byte *n = NULL, *e = NULL;
word32 nSz = 0, eSz = 0, inOutIdx = 0;
#ifdef WOLFBOOT_DEBUG_TPM
const char* errStr;
#endif

/* TODO: Check RSA Root of Trust in TPM */

/* Extract DER RSA key struct */
ret = wc_RsaPublicKeyDecode_ex(pubkey, &inOutIdx, pubkey_sz, &n, &nSz, &e,
&eSz);
if (ret < 0)
return;

/* Load public key into TPM */
memset(&tpmKey, 0, sizeof(tpmKey));
ret = wolfTPM2_LoadRsaPublicKey_ex(&wolftpm_dev, &tpmKey, n, nSz,
*((word32*)e), TPM_ALG_NULL, TPM_ALG_SHA256);
if (ret != 0) {
#ifdef WOLFBOOT_DEBUG_TPM
/* retrieve error string (for debugging) */
errStr = wolfTPM2_GetRCString(ret);
(void)errStr;
#endif
return;
ret = wc_RsaPublicKeyDecode_ex(pubkey, &inOutIdx, pubkey_sz,
&n, &nSz, /* modulus */
&e, &eSz /* exponent */
);
if (ret == 0) {
/* Load public key into TPM */
memset(&tpmKey, 0, sizeof(tpmKey));
ret = wolfTPM2_LoadRsaPublicKey_ex(&wolftpm_dev, &tpmKey,
n, nSz, *((word32*)e),
TPM_ALG_NULL, WOLFBOOT_TPM_HASH_ALG);
}

/* Perform public decrypt and manually un-pad */
ret = wolfTPM2_RsaEncrypt(&wolftpm_dev, &tpmKey,
TPM_ALG_NULL, /* no padding */
sig, IMAGE_SIGNATURE_SIZE,
output, &output_sz);
if (ret != 0) {
#ifdef WOLFBOOT_DEBUG_TPM
/* retrieve error string (for debugging) */
errStr = wolfTPM2_GetRCString(ret);
(void)errStr;
#endif
ret = -1;
if (ret == 0) {
/* Perform public decrypt and manually un-pad */
ret = wolfTPM2_RsaEncrypt(&wolftpm_dev, &tpmKey,
TPM_ALG_NULL, /* no padding */
sig, IMAGE_SIGNATURE_SIZE,
output, &output_sz);
}
else {
if (ret == 0) {
/* Perform PKCSv1.5 UnPadding */
ret = RsaUnPad(output, output_sz, &digest_out);
}

if (ret != 0) {
wolfBoot_printf("TPM error %d (%s)\n", ret, wolfTPM2_GetRCString(ret));
return;
}


wolfTPM2_UnloadHandle(&wolftpm_dev, &tpmKey.handle);

#else
/* wolfCrypt software RSA verify */
{
struct RsaKey rsa;
word32 in_out = 0;
int res = 0;

#if defined(WOLFBOOT_RENESAS_SCEPROTECT) ||\
defined(WOLFBOOT_RENESAS_TSIP)
ret = wc_InitRsaKey_ex(&rsa, NULL,
RENESAS_DEVID);
if (ret < 0) {
/* Failed to initialize key */
return;
}
ret = wc_InitRsaKey_ex(&rsa, NULL, RENESAS_DEVID);
if (ret == 0) {
XMEMCPY(output, sig, IMAGE_SIGNATURE_SIZE);
RSA_VERIFY_FN(ret, wc_RsaSSL_Verify, img->sha_hash,
WOLFBOOT_SHA_DIGEST_SIZE, output, IMAGE_SIGNATURE_SIZE, &rsa);
RSA_VERIFY_FN(ret,
wc_RsaSSL_Verify, img->sha_hash, WOLFBOOT_SHA_DIGEST_SIZE,
output, IMAGE_SIGNATURE_SIZE, &rsa);
/* SCE SignatureVerify API has verified */
if (ret == 0)
wolfBoot_image_confirm_signature_ok(img);

}
(void)digest_out;
#else
ret = wc_InitRsaKey(&rsa, NULL);
if (ret < 0) {
/* Failed to initialize key */
return;
}
ret = wc_InitRsaKey(&rsa, NULL);
if (ret == 0) {
/* Import public key */
ret = wc_RsaPublicKeyDecode((byte*)pubkey, &in_out, &rsa, pubkey_sz);
if (ret < 0) {
/* Failed to import rsa key */
wc_FreeRsaKey(&rsa);
return;
ret = wc_RsaPublicKeyDecode((byte*)pubkey, &inOutIdx, &rsa, pubkey_sz);
if (ret >= 0) {
XMEMCPY(output, sig, IMAGE_SIGNATURE_SIZE);
RSA_VERIFY_FN(ret,
wc_RsaSSL_VerifyInline, output, IMAGE_SIGNATURE_SIZE,
&digest_out, &rsa);
}

XMEMCPY(output, sig, IMAGE_SIGNATURE_SIZE);
RSA_VERIFY_FN(ret, wc_RsaSSL_VerifyInline, output, IMAGE_SIGNATURE_SIZE,
&digest_out, &rsa);
#endif /* SCE || TSIP */
}
#endif /* SCE || TSIP */
wc_FreeRsaKey(&rsa);
#endif /* WOLFBOOT_TPM */

#ifndef NO_RSA_SIG_ENCODING
Expand All @@ -387,7 +365,6 @@ static void wolfBoot_verify_signature(uint8_t key_slot,
#endif
if (ret == WOLFBOOT_SHA_DIGEST_SIZE && img && digest_out)
RSA_VERIFY_HASH(img, digest_out);

}
#endif /* WOLFBOOT_SIGN_RSA2048 || WOLFBOOT_SIGN_3072 || \
* WOLFBOOT_SIGN_RSA4096 */
Expand Down

0 comments on commit 4836159

Please sign in to comment.