mirror of
https://github.com/espressif/esp-idf.git
synced 2025-10-24 11:10:23 +00:00
secure boot: Add boot check for SBV2 "check app signature on update"
As this mode uses the public keys attached to the existing app's signatures to verify the next app, checking that a signature block is found on boot prevents the possibility of deploying a non-updatable device from the factory.
This commit is contained in:

committed by
KonstantinKondrashov

parent
46e85ed021
commit
a479ee30c9
@@ -243,6 +243,34 @@ typedef struct {
|
|||||||
*/
|
*/
|
||||||
void esp_secure_boot_init_checks(void);
|
void esp_secure_boot_init_checks(void);
|
||||||
|
|
||||||
|
#if !BOOTLOADER_BUILD && CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
|
||||||
|
|
||||||
|
/** @brief Scan the current running app for signature blocks
|
||||||
|
*
|
||||||
|
* @note This function doesn't verify that the signatures are valid or the
|
||||||
|
* corresponding public keys are trusted, it only reads the number of signature
|
||||||
|
* blocks present and optionally calculates the digests of the public keys
|
||||||
|
* provided in the signature blocks.
|
||||||
|
*
|
||||||
|
* @param digest_public_keys If true, the key_digests fields in the
|
||||||
|
* public_key_digests structure will be filled with the digests of the public
|
||||||
|
* key provided in each signature block. Note that if Secure Boot V2 is enabled,
|
||||||
|
* each public key will only be trusted if the same digest is also present in
|
||||||
|
* eFuse (but this is not checked by this function).
|
||||||
|
*
|
||||||
|
* @param public_key_digests[out] Structure is initialized with the num_digests
|
||||||
|
* field set to the number of signatures found. If digest_public_keys is set,
|
||||||
|
* the public key digests are also calculated and stored here.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* - ESP_OK - At least one signature was found
|
||||||
|
* - ESP_ERR_NOT_FOUND - No signatures were found, num_digests value will be zero
|
||||||
|
* - ESP_FAIL - An error occured trying to read the signature blocks from flash
|
||||||
|
*/
|
||||||
|
esp_err_t esp_secure_boot_get_signature_blocks_for_running_app(bool digest_public_keys, esp_image_sig_public_key_digests_t *public_key_digests);
|
||||||
|
|
||||||
|
#endif // !BOOTLOADER_BUILD && CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@@ -22,8 +22,31 @@
|
|||||||
#ifndef BOOTLOADER_BUILD
|
#ifndef BOOTLOADER_BUILD
|
||||||
static __attribute__((unused)) const char *TAG = "secure_boot";
|
static __attribute__((unused)) const char *TAG = "secure_boot";
|
||||||
|
|
||||||
|
#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
||||||
|
|
||||||
|
static void rsa_check_signature_on_update_check(void)
|
||||||
|
{
|
||||||
|
// We rely on the keys used to sign this app to verify the next app on OTA, so make sure there is at
|
||||||
|
// least one to avoid a stuck firmware
|
||||||
|
esp_image_sig_public_key_digests_t digests = { 0 };
|
||||||
|
|
||||||
|
esp_err_t err = esp_secure_boot_get_signature_blocks_for_running_app(false, &digests);
|
||||||
|
|
||||||
|
if (err != ESP_OK || digests.num_digests == 0) {
|
||||||
|
ESP_LOGE(TAG, "This app is not signed, but check signature on update is enabled in config. It won't be possible to verify any update.");
|
||||||
|
abort();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
||||||
|
|
||||||
void esp_secure_boot_init_checks(void)
|
void esp_secure_boot_init_checks(void)
|
||||||
{
|
{
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#if CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
||||||
|
rsa_check_signature_on_update_check();
|
||||||
|
#endif // CONFIG_SECURE_SIGNED_APPS_RSA_SCHEME && CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
||||||
|
|
||||||
}
|
}
|
||||||
#endif // not BOOTLOADER_BUILD
|
#endif // not BOOTLOADER_BUILD
|
||||||
|
@@ -36,7 +36,6 @@
|
|||||||
static const char *TAG = "secure_boot_v2";
|
static const char *TAG = "secure_boot_v2";
|
||||||
#define ALIGN_UP(num, align) (((num) + ((align) - 1)) & ~((align) - 1))
|
#define ALIGN_UP(num, align) (((num) + ((align) - 1)) & ~((align) - 1))
|
||||||
|
|
||||||
#ifdef CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
|
||||||
/* A signature block is valid when it has correct magic byte, crc. */
|
/* A signature block is valid when it has correct magic byte, crc. */
|
||||||
static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *block)
|
static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *block)
|
||||||
{
|
{
|
||||||
@@ -47,7 +46,7 @@ static esp_err_t validate_signature_block(const ets_secure_boot_sig_block_t *blo
|
|||||||
return ESP_OK;
|
return ESP_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
static esp_err_t get_signing_keys_for_running_app(esp_image_sig_public_key_digests_t *public_key_digests)
|
esp_err_t esp_secure_boot_get_signature_blocks_for_running_app(bool digest_public_keys, esp_image_sig_public_key_digests_t *public_key_digests)
|
||||||
{
|
{
|
||||||
esp_image_metadata_t metadata;
|
esp_image_metadata_t metadata;
|
||||||
const esp_partition_t* running_app_part = esp_ota_get_running_partition();
|
const esp_partition_t* running_app_part = esp_ota_get_running_partition();
|
||||||
@@ -65,6 +64,8 @@ static esp_err_t get_signing_keys_for_running_app(esp_image_sig_public_key_diges
|
|||||||
return ESP_FAIL;
|
return ESP_FAIL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
memset(public_key_digests, 0, sizeof(esp_image_sig_public_key_digests_t));
|
||||||
|
|
||||||
// Generating the SHA of the public key components in the signature block
|
// Generating the SHA of the public key components in the signature block
|
||||||
|
|
||||||
// metadata.image_len doesn't include any padding to start of the signature sector, so pad it here
|
// metadata.image_len doesn't include any padding to start of the signature sector, so pad it here
|
||||||
@@ -76,9 +77,11 @@ static esp_err_t get_signing_keys_for_running_app(esp_image_sig_public_key_diges
|
|||||||
esp_err_t err = bootloader_flash_read(addr, &block, sizeof(ets_secure_boot_sig_block_t), true);
|
esp_err_t err = bootloader_flash_read(addr, &block, sizeof(ets_secure_boot_sig_block_t), true);
|
||||||
if (err == ESP_OK) {
|
if (err == ESP_OK) {
|
||||||
if (validate_signature_block(&block) == ESP_OK) {
|
if (validate_signature_block(&block) == ESP_OK) {
|
||||||
bootloader_sha256_handle_t sig_block_sha = bootloader_sha256_start();
|
if (digest_public_keys) {
|
||||||
bootloader_sha256_data(sig_block_sha, &block.key, sizeof(block.key));
|
bootloader_sha256_handle_t sig_block_sha = bootloader_sha256_start();
|
||||||
bootloader_sha256_finish(sig_block_sha, public_key_digests->key_digests[i]);
|
bootloader_sha256_data(sig_block_sha, &block.key, sizeof(block.key));
|
||||||
|
bootloader_sha256_finish(sig_block_sha, public_key_digests->key_digests[i]);
|
||||||
|
}
|
||||||
public_key_digests->num_digests++;
|
public_key_digests->num_digests++;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
@@ -92,14 +95,13 @@ static esp_err_t get_signing_keys_for_running_app(esp_image_sig_public_key_diges
|
|||||||
ESP_LOGE(TAG, "No signatures were found for the running app");
|
ESP_LOGE(TAG, "No signatures were found for the running app");
|
||||||
return ESP_ERR_NOT_FOUND;
|
return ESP_ERR_NOT_FOUND;
|
||||||
}
|
}
|
||||||
#endif // CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
|
||||||
|
|
||||||
static esp_err_t get_secure_boot_key_digests(esp_image_sig_public_key_digests_t *public_key_digests)
|
static esp_err_t get_secure_boot_key_digests(esp_image_sig_public_key_digests_t *public_key_digests)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
#ifdef CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT
|
||||||
// Gets key digests from running app
|
// Gets key digests from running app
|
||||||
ESP_LOGI(TAG, "Take trusted digest key(s) from running app");
|
ESP_LOGI(TAG, "Take trusted digest key(s) from running app");
|
||||||
return get_signing_keys_for_running_app(public_key_digests);
|
return esp_secure_boot_get_signature_blocks_for_running_app(true, public_key_digests);
|
||||||
#elif CONFIG_SECURE_BOOT_V2_ENABLED
|
#elif CONFIG_SECURE_BOOT_V2_ENABLED
|
||||||
ESP_LOGI(TAG, "Take trusted digest key(s) from eFuse block(s)");
|
ESP_LOGI(TAG, "Take trusted digest key(s) from eFuse block(s)");
|
||||||
#if SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS > 1
|
#if SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS > 1
|
||||||
|
@@ -272,15 +272,7 @@ static void do_core_init(void)
|
|||||||
_REENT_SMALL_CHECK_INIT(_GLOBAL_REENT);
|
_REENT_SMALL_CHECK_INIT(_GLOBAL_REENT);
|
||||||
#endif // defined(CONFIG_VFS_SUPPORT_IO) && !defined(CONFIG_ESP_CONSOLE_NONE)
|
#endif // defined(CONFIG_VFS_SUPPORT_IO) && !defined(CONFIG_ESP_CONSOLE_NONE)
|
||||||
|
|
||||||
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
|
esp_err_t err __attribute__((unused));
|
||||||
esp_flash_encryption_init_checks();
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef CONFIG_SECURE_BOOT
|
|
||||||
esp_secure_boot_init_checks();
|
|
||||||
#endif
|
|
||||||
|
|
||||||
esp_err_t err;
|
|
||||||
|
|
||||||
#if CONFIG_SECURE_DISABLE_ROM_DL_MODE
|
#if CONFIG_SECURE_DISABLE_ROM_DL_MODE
|
||||||
err = esp_efuse_disable_rom_download_mode();
|
err = esp_efuse_disable_rom_download_mode();
|
||||||
@@ -319,6 +311,15 @@ static void do_core_init(void)
|
|||||||
esp_flash_app_init();
|
esp_flash_app_init();
|
||||||
esp_err_t flash_ret = esp_flash_init_default_chip();
|
esp_err_t flash_ret = esp_flash_init_default_chip();
|
||||||
assert(flash_ret == ESP_OK);
|
assert(flash_ret == ESP_OK);
|
||||||
|
|
||||||
|
#ifdef CONFIG_SECURE_FLASH_ENC_ENABLED
|
||||||
|
esp_flash_encryption_init_checks();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(CONFIG_SECURE_BOOT) || defined(CONFIG_SECURE_SIGNED_ON_UPDATE_NO_SECURE_BOOT)
|
||||||
|
// Note: in some configs this may read flash, so placed after flash init
|
||||||
|
esp_secure_boot_init_checks();
|
||||||
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
static void do_secondary_init(void)
|
static void do_secondary_init(void)
|
||||||
|
Reference in New Issue
Block a user