Commit df656400 authored by Marek Vasut's avatar Marek Vasut
Browse files

mxssb: Implement program-wide context structure



The program uses many variables throughout it's operation, implement
a program context structure to hold these variables.
Signed-off-by: Marek Vasut's avatarMarek Vasut <marex@denx.de>
parent 394afd3e
...@@ -30,6 +30,12 @@ enum { ...@@ -30,6 +30,12 @@ enum {
CPU_MX23, CPU_MX23,
CPU_MX28, CPU_MX28,
}; };
struct sb_image_ctx {
EVP_CIPHER_CTX cipher_ctx;
EVP_MD_CTX md_ctx;
};
static int target_cpu = -1; static int target_cpu = -1;
static int verbose_boot = 0; static int verbose_boot = 0;
...@@ -457,7 +463,7 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len) ...@@ -457,7 +463,7 @@ static void sb_emit_data(uint8_t *image, size_t *offset, void *data, size_t len)
} }
static int sb_create_image(struct sb_boot_image_header *sb_header, static int sb_create_image(struct sb_boot_image_header *sb_header,
uint8_t **image) uint8_t **image, struct sb_image_ctx *ctx)
{ {
unsigned int i; unsigned int i;
...@@ -468,18 +474,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header, ...@@ -468,18 +474,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
uint32_t tag_offset = sb_header_template.image_blocks; uint32_t tag_offset = sb_header_template.image_blocks;
/* Start image-wide crypto. */ /* Start image-wide crypto. */
EVP_CIPHER_CTX cipher_ctx; EVP_MD_CTX_init(&ctx->md_ctx);
EVP_MD_CTX md_ctx; EVP_DigestInit(&ctx->md_ctx, EVP_sha1());
EVP_MD_CTX_init(&md_ctx);
EVP_DigestInit(&md_ctx, EVP_sha1());
/* /*
* SB image header. * SB image header.
*/ */
sb_aes_init(&cipher_ctx, NULL); sb_aes_init(&ctx->cipher_ctx, NULL);
sb_encrypt_sb_header(&cipher_ctx, &md_ctx, sb_header); sb_encrypt_sb_header(&ctx->cipher_ctx, &ctx->md_ctx, sb_header);
/* Allocate the resulting SB image. */ /* Allocate the resulting SB image. */
*image = malloc(sb_header->image_blocks * SB_BLOCK_SIZE); *image = malloc(sb_header->image_blocks * SB_BLOCK_SIZE);
...@@ -495,7 +498,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header, ...@@ -495,7 +498,7 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
uint8_t sb_section_header_cbc_mac[sizeof(struct sb_key_dictionary_key)]; uint8_t sb_section_header_cbc_mac[sizeof(struct sb_key_dictionary_key)];
memset(&sb_sections_header, 0, sizeof(sb_sections_header)); memset(&sb_sections_header, 0, sizeof(sb_sections_header));
sb_encrypt_sb_sections_header(&cipher_ctx, &md_ctx, sb_encrypt_sb_sections_header(&ctx->cipher_ctx, &ctx->md_ctx,
&sb_sections_header, sb_section_header_cbc_mac, &sb_sections_header, sb_section_header_cbc_mac,
tag_offset); tag_offset);
sb_emit_data(*image, &image_offset, &sb_sections_header, sb_emit_data(*image, &image_offset, &sb_sections_header,
...@@ -507,9 +510,9 @@ static int sb_create_image(struct sb_boot_image_header *sb_header, ...@@ -507,9 +510,9 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_key_dictionary_key sb_dict_key; struct sb_key_dictionary_key sb_dict_key;
memset(&sb_dict_key, 0, sizeof(sb_dict_key)); memset(&sb_dict_key, 0, sizeof(sb_dict_key));
sb_aes_reinit(&cipher_ctx, sb_header->iv); sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
sb_encrypt_key_dictionary_key(&cipher_ctx, &md_ctx, sb_encrypt_key_dictionary_key(&ctx->cipher_ctx, &ctx->md_ctx,
&sb_dict_key, sb_section_header_cbc_mac); &sb_dict_key, sb_section_header_cbc_mac);
sb_emit_data(*image, &image_offset, &sb_dict_key, sizeof(sb_dict_key)); sb_emit_data(*image, &image_offset, &sb_dict_key, sizeof(sb_dict_key));
...@@ -521,20 +524,20 @@ static int sb_create_image(struct sb_boot_image_header *sb_header, ...@@ -521,20 +524,20 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
struct sb_source_entry *src; struct sb_source_entry *src;
struct sb_source_entry *lst = sb_get_boot_list(target_cpu); struct sb_source_entry *lst = sb_get_boot_list(target_cpu);
sb_aes_reinit(&cipher_ctx, sb_header->iv); sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
for (i = 0; i < sb_get_boot_list_size(target_cpu); i++) { for (i = 0; i < sb_get_boot_list_size(target_cpu); i++) {
src = &lst[i]; src = &lst[i];
sb_encrypt_tag(&cipher_ctx, &md_ctx, sb_encrypt_tag(&ctx->cipher_ctx, &ctx->md_ctx,
src, encrypted_tag); src, encrypted_tag);
sb_emit_data(*image, &image_offset, encrypted_tag, sb_emit_data(*image, &image_offset, encrypted_tag,
sizeof(struct sb_command)); sizeof(struct sb_command));
if(src->tag == ROM_TAG_CMD) { if(src->tag == ROM_TAG_CMD) {
sb_aes_reinit(&cipher_ctx, sb_header->iv); sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
} else if(src->tag == ROM_LOAD_CMD) { } else if(src->tag == ROM_LOAD_CMD) {
sb_aes_encrypt(&cipher_ctx, src->payload, src->payload, src->length); sb_aes_encrypt(&ctx->cipher_ctx, src->payload, src->payload, src->length);
EVP_DigestUpdate(&md_ctx, src->payload, src->length); EVP_DigestUpdate(&ctx->md_ctx, src->payload, src->length);
sb_emit_data(*image, &image_offset, src->payload, src->length); sb_emit_data(*image, &image_offset, src->payload, src->length);
} }
} }
...@@ -544,15 +547,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header, ...@@ -544,15 +547,15 @@ static int sb_create_image(struct sb_boot_image_header *sb_header,
*/ */
uint8_t digest[32]; uint8_t digest[32];
sb_aes_reinit(&cipher_ctx, sb_header->iv); sb_aes_reinit(&ctx->cipher_ctx, sb_header->iv);
memset(digest, 0, sizeof(digest)); memset(digest, 0, sizeof(digest));
EVP_DigestFinal(&md_ctx, digest, NULL); EVP_DigestFinal(&ctx->md_ctx, digest, NULL);
sb_aes_encrypt(&cipher_ctx, digest, digest, sizeof(digest)); sb_aes_encrypt(&ctx->cipher_ctx, digest, digest, sizeof(digest));
sb_emit_data(*image, &image_offset, digest, sizeof(digest)); sb_emit_data(*image, &image_offset, digest, sizeof(digest));
/* Stop the encryption session. */ /* Stop the encryption session. */
sb_aes_deinit(&cipher_ctx); sb_aes_deinit(&ctx->cipher_ctx);
return 0; return 0;
} }
...@@ -666,6 +669,8 @@ int main(int argc, char **argv) ...@@ -666,6 +669,8 @@ int main(int argc, char **argv)
char *spl_filename = NULL; char *spl_filename = NULL;
char *uboot_filename = NULL; char *uboot_filename = NULL;
struct sb_image_ctx ctx;
while ((opt = getopt(argc, argv, "c:s:u:o:vh")) != -1) { while ((opt = getopt(argc, argv, "c:s:u:o:vh")) != -1) {
switch (opt) { switch (opt) {
case 'c': case 'c':
...@@ -715,7 +720,7 @@ int main(int argc, char **argv) ...@@ -715,7 +720,7 @@ int main(int argc, char **argv)
if (ret) if (ret)
return ret; return ret;
ret = sb_create_image(&sb_header_template, &image); ret = sb_create_image(&sb_header_template, &image, &ctx);
if (ret) if (ret)
return ret; return ret;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment