Commit df656400 authored by Marek Vasut's avatar Marek Vasut
Browse files

mxssb: Implement program-wide context structure



The program uses many variables throughout it's operation, implement
a program context structure to hold these variables.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent 394afd3e
......@@ -30,6 +30,12 @@ enum {
CPU_MX23,
CPU_MX28,
};
struct sb_image_ctx {
EVP_CIPHER_CTX cipher_ctx;
EVP_MD_CTX md_ctx;
};
static int target_cpu = -1;
static int verbose_boot = 0;
......@@ -457,7 +463,7 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len)
}
static int sb_create_image(struct sb_boot_image_header *sb_header,
uint8_t **image)
uint8_t **image, struct sb_image_ctx *ctx)
{
unsigned int i;
......@@ -468,18 +474,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
uint32_t tag_offset = sb_header_template.image_blocks;
/* Start image-wide crypto. */
EVP_CIPHER_CTX cipher_ctx;
EVP_MD_CTX md_ctx;
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha1());
EVP_MD_CTX_init(&ctx->md_ctx);
EVP_DigestInit(&ctx->md_ctx, EVP_sha1());
/*
* SB image header.
*/
sb_aes_init(&cipher_ctx, NULL);
sb_aes_init(&ctx->cipher_ctx, NULL);
sb_encrypt_sb_header(&cipher_ctx, &md_ctx, sb_header);
sb_encrypt_sb_header(&ctx->cipher_ctx, &ctx->md_ctx, sb_header);
/* Allocate the resulting SB image. */
*image = malloc(sb_header->image_blocks * SB_BLOCK_SIZE);
......@@ -495,7 +498,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
uint8_t sb_section_header_cbc_mac[sizeof(struct sb_key_dictionary_key)];
memset(&sb_sections_header, 0, sizeof(sb_sections_header));
sb_encrypt_sb_sections_header(&cipher_ctx, &md_ctx,
sb_encrypt_sb_sections_header(&ctx->cipher_ctx, &ctx->md_ctx,
&sb_sections_header, sb_section_header_cbc_mac,
tag_offset);
sb_emit_data(*image, &image_offset, &sb_sections_header,
......@@ -507,9 +510,9 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_key_dictionary_key sb_dict_key;
memset(&sb_dict_key, 0, sizeof(sb_dict_key));
sb_aes_reinit(&cipher_ctx, sb_header->iv);
sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
sb_encrypt_key_dictionary_key(&cipher_ctx, &md_ctx,
sb_encrypt_key_dictionary_key(&ctx->cipher_ctx, &ctx->md_ctx,
&sb_dict_key, sb_section_header_cbc_mac);
sb_emit_data(*image, &image_offset, &sb_dict_key, sizeof(sb_dict_key));
......@@ -521,20 +524,20 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_source_entry *src;
struct sb_source_entry *lst = sb_get_boot_list(target_cpu);
sb_aes_reinit(&cipher_ctx, sb_header->iv);
sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
for (i = 0; i < sb_get_boot_list_size(target_cpu); i++) {
src = &lst[i];
sb_encrypt_tag(&cipher_ctx, &md_ctx,
sb_encrypt_tag(&ctx->cipher_ctx, &ctx->md_ctx,
src, encrypted_tag);
sb_emit_data(*image, &image_offset, encrypted_tag,
sizeof(struct sb_command));
if(src->tag == ROM_TAG_CMD) {
sb_aes_reinit(&cipher_ctx, sb_header->iv);
sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
} else if(src->tag == ROM_LOAD_CMD) {
sb_aes_encrypt(&cipher_ctx, src->payload, src->payload, src->length);
EVP_DigestUpdate(&md_ctx, src->payload, src->length);
sb_aes_encrypt(&ctx->cipher_ctx, src->payload, src->payload, src->length);
EVP_DigestUpdate(&ctx->md_ctx, src->payload, src->length);
sb_emit_data(*image, &image_offset, src->payload, src->length);
}
}
......@@ -544,15 +547,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
*/
uint8_t digest[32];
sb_aes_reinit(&cipher_ctx, sb_header->iv);
sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
memset(digest, 0, sizeof(digest));
EVP_DigestFinal(&md_ctx, digest, NULL);
sb_aes_encrypt(&cipher_ctx, digest, digest, sizeof(digest));
EVP_DigestFinal(&ctx->md_ctx, digest, NULL);
sb_aes_encrypt(&ctx->cipher_ctx, digest, digest, sizeof(digest));
sb_emit_data(*image, &image_offset, digest, sizeof(digest));
/* Stop the encryption session. */
sb_aes_deinit(&cipher_ctx);
sb_aes_deinit(&ctx->cipher_ctx);
return 0;
}
......@@ -666,6 +669,8 @@ int main(int argc, char **argv)
char *spl_filename = NULL;
char *uboot_filename = NULL;
struct sb_image_ctx ctx;
while ((opt = getopt(argc, argv, "c:s:u:o:vh")) != -1) {
switch (opt) {
case 'c':
......@@ -715,7 +720,7 @@ int main(int argc, char **argv)
if (ret)
return ret;
ret = sb_create_image(&sb_header_template, &image);
ret = sb_create_image(&sb_header_template, &image, &ctx);
if (ret)
return ret;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment