Encrypt: API design

2020-06-09 20:56:54 +02:00 · 2020-06-09 20:56:54 +02:00 · 53bf4d04db
parent 1d24d326b1
commit 53bf4d04db
9 changed files with 123 additions and 47 deletions
--- a/9
+++ b/9
@ -258,6 +258,15 @@ factory.bin: $(BOOT_IMG) wolfboot-align.bin $(PRIVATE_KEY)
 	@echo "\t[MERGE] $@"
 	@cat wolfboot-align.bin test-app/image_v1_signed.bin > $@

+update.bin: $(BOOT_IMG)
+	@echo "\t[SIGN] $(BOOT_IMG)"
+	$(Q)$(SIGN_TOOL) $(SIGN_OPTIONS) $(BOOT_IMG) $(PRIVATE_KEY) 2
+
+update_enc.bin: $(BOOT_IMG)
+	@echo "\t[SIGN+ENC] $(BOOT_IMG)"
+	@printf "0123456789abcdef0123456789abcdef" | dd of=test_enc_key.bin
+	$(Q)$(SIGN_TOOL) $(SIGN_OPTIONS) --encrypt test_enc_key.bin $(BOOT_IMG) $(PRIVATE_KEY) 2
+
 wolfboot.elf: include/target.h $(OBJS) $(LSCRIPT) FORCE
 	@echo "\t[LD] $@"
 	$(Q)$(LD) $(LDFLAGS) -Wl,--start-group $(OBJS) -Wl,--end-group -o $@
--- a/include/encrypt.h
+++ b/include/encrypt.h
@ -23,6 +23,7 @@

 #ifndef ENCRYPT_H_INCLUDED
 #define ENCRYPT_H_INCLUDED
+#ifdef __WOLFBOOT
 #include <stdint.h>
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/wolfcrypt/sha256.h>
@ -33,12 +34,10 @@
 #include <wolfssl/wolfcrypt/chacha.h>
 #include <wolfssl/wolfcrypt/pwdbased.h>

-#define ENCRYPT_BLOCK_SIZE 16 
-#define ENCRYPT_KEY_SIZE 32 /* Chacha20-256 */

-int ext_flash_set_encrypt_key(const uint8_t *key, int len);
-int ext_flash_set_encrypt_password(const uint8_t *pwd, int len);
+/* Internal read/write functions (not exported in the libwolfboot API) */
 int ext_flash_encrypt_write(uintptr_t address, const uint8_t *data, int len);
 int ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len);

+#endif /* __WOLFBOOT */
 #endif /* ENCRYPT_H_INCLUDED */
--- a/include/image.h
+++ b/include/image.h
@ -99,7 +99,7 @@ uint16_t wolfBoot_find_header(uint8_t *haystack, uint16_t type, uint8_t **ptr);
 #include "hal.h"


-#ifdef EXT_ENCRYPTED
+#if defined(EXT_ENCRYPTED) && defined(__WOLFBOOT)
 #include "encrypt.h"
 #define ext_flash_check_write ext_flash_encrypt_write
 #define ext_flash_check_read ext_flash_decrypt_read
--- a/include/wolfboot/wolfboot.h
+++ b/include/wolfboot/wolfboot.h
@ -118,5 +118,10 @@ int wolfBoot_dualboot_candidate(void);
 #   error "No valid hash algorithm defined!"
 #endif

-
+/* Encryption support */
+#define ENCRYPT_BLOCK_SIZE 16 
+#define ENCRYPT_KEY_SIZE 32 /* Chacha20-256 */
+int wolfBoot_set_encrypt_key(const uint8_t *key, int len);
+int wolfBoot_erase_encrypt_key(void);
+int wolfBoot_set_encrypt_password(const uint8_t *pwd, int len);
 #endif /* !WOLFBOOT_H */
--- a/src/libwolfboot.c
+++ b/src/libwolfboot.c
@ -26,8 +26,16 @@
 #include "wolfboot/wolfboot.h"
 #include "image.h"

-#ifdef EXT_ENCRYPTED
-#include "encrypt.h"
+#if defined(EXT_ENCRYPTED) 
+    #if defined(__WOLFBOOT)
+        #include "encrypt.h"
+    #else
+        #include <stddef.h>
+        #include <string.h>
+        #define XMEMSET memset
+        #define XMEMCPY memcpy
+        #define XMEMCMP memcmp
+    #endif
 #endif

 #ifndef NULL
@ -46,15 +54,18 @@ static const uint32_t wolfboot_magic_trail = WOLFBOOT_MAGIC_TRAIL;
 #define PART_UPDATE_ENDFLAGS ((WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE) - TRAILER_SKIP)

 #ifdef NVM_FLASH_WRITEONCE
-
 #include <stddef.h>
-extern void *memcpy(void *dst, const void *src, size_t n);
+#include <string.h>
+#define XMEMSET memset
+#define XMEMCPY memcpy
+#define XMEMCMP memcmp
+
 static uint8_t NVM_CACHE[NVM_CACHE_SIZE];
 int RAMFUNCTION hal_trailer_write(uint32_t addr, uint8_t val) {
    uint32_t addr_align = addr & (~(WOLFBOOT_SECTOR_SIZE - 1));
    uint32_t addr_off = addr & (WOLFBOOT_SECTOR_SIZE - 1);
    int ret = 0;
-    memcpy(NVM_CACHE, (void *)addr_align, WOLFBOOT_SECTOR_SIZE);
+    XMEMCPY(NVM_CACHE, (void *)addr_align, WOLFBOOT_SECTOR_SIZE);
    ret = hal_flash_erase(addr_align, WOLFBOOT_SECTOR_SIZE);
    if (ret != 0)
        return ret;
@ -68,11 +79,11 @@ int RAMFUNCTION hal_set_partition_magic(uint32_t addr)
    uint32_t off = addr % NVM_CACHE_SIZE;
    uint32_t base = addr - off;
    int ret;
-    memcpy(NVM_CACHE, (void *)base, NVM_CACHE_SIZE);
+    XMEMCPY(NVM_CACHE, (void *)base, NVM_CACHE_SIZE);
    ret = hal_flash_erase(base, WOLFBOOT_SECTOR_SIZE);
    if (ret != 0)
        return ret;
-    memcpy(NVM_CACHE + off, &wolfboot_magic_trail, sizeof(uint32_t));
+    XMEMCPY(NVM_CACHE + off, &wolfboot_magic_trail, sizeof(uint32_t));
    ret = hal_flash_write(base, NVM_CACHE, WOLFBOOT_SECTOR_SIZE);
    return ret;
 }
@ -488,9 +499,6 @@ int wolfBoot_fallback_is_possible(void)

 #define ENCRYPT_TMP_SECRET_OFFSET (((WOLFBOOT_SECTOR_SIZE - (sizeof(uint32_t) + (2 + WOLFBOOT_SECTOR_SIZE) / (WOLFBOOT_PARTITION_SIZE * 8)) + ENCRYPT_KEY_SIZE)) / ENCRYPT_KEY_SIZE * ENCRYPT_KEY_SIZE)

-/* Buffer used for encryption/decryption */
-static ChaCha chacha;
-static int chacha_initialized = 0;

 #ifdef NVM_FLASH_WRITEONCE
 #define KEY_CACHE NVM_CACHE
@ -505,15 +513,43 @@ static int RAMFUNCTION hal_set_key(const uint8_t *k)
    uint32_t addr_align = addr & (~(WOLFBOOT_SECTOR_SIZE - 1));
    uint32_t addr_off = addr & (WOLFBOOT_SECTOR_SIZE - 1);
    int ret = 0;
-    memcpy(KEY_CACHE, (void *)addr_align, WOLFBOOT_SECTOR_SIZE);
+    XMEMCPY(KEY_CACHE, (void *)addr_align, WOLFBOOT_SECTOR_SIZE);
    ret = hal_flash_erase(addr_align, WOLFBOOT_SECTOR_SIZE);
    if (ret != 0)
        return ret;
-    memcpy(KEY_CACHE + addr_off, k, ENCRYPT_KEY_SIZE);
+    XMEMCPY(KEY_CACHE + addr_off, k, ENCRYPT_KEY_SIZE);
    ret = hal_flash_write(addr_align, KEY_CACHE, WOLFBOOT_SECTOR_SIZE);
    return ret;
 }

+int RAMFUNCTION wolfBoot_set_encrypt_key(const uint8_t *key, int len)
+{
+    if (len != ENCRYPT_KEY_SIZE)
+        return -1;
+    hal_set_key(key);
+    return 0;
+}
+
+int RAMFUNCTION wolfBoot_erase_encrypt_key(void)
+{
+    uint8_t ff[ENCRYPT_KEY_SIZE];
+    int i;
+    XMEMSET(ff, 0xFF, ENCRYPT_KEY_SIZE);
+    hal_set_key(ff);
+    return 0;
+}
+
+int RAMFUNCTION wolfBoot_set_encrypt_password(const uint8_t *pwd, int len)
+{
+    /* TODO */
+    return -1;
+}
+
+#ifdef __WOLFBOOT
+
+static ChaCha chacha;
+static int chacha_initialized = 0;
+
 static int chacha_init(void)
 {
    uint8_t *key = (uint8_t *)(WOLFBOOT_PARTITION_BOOT_ADDRESS + ENCRYPT_TMP_SECRET_OFFSET);
@ -529,28 +565,6 @@ static int chacha_init(void)
    return 0;
 }

-int wolfBoot_set_encrypt_key(const uint8_t *key, int len)
-{
-    if (len != ENCRYPT_KEY_SIZE)
-        return -1;
-    hal_set_key(key);
-    return 0;
-}
-
-int wolfBoot_erase_encrypt_key(void)
-{
-    uint8_t ff[ENCRYPT_KEY_SIZE];
-    int i;
-    XMEMSET(ff, 0xFF, ENCRYPT_KEY_SIZE);
-    hal_set_key(ff);
-    return 0;
-}
-
-int wolfBoot_set_encrypt_password(const uint8_t *pwd, int len)
-{
-    /* TODO */
-    return -1;
-}

 #define PART_ADDRESS(a) ((a >= WOLFBOOT_PARTITION_UPDATE_ADDRESS) && \
        (a <= WOLFBOOT_PARTITION_UPDATE_ADDRESS + WOLFBOOT_PARTITION_SIZE))?\
@ -628,6 +642,7 @@ int ext_flash_decrypt_read(uintptr_t address, uint8_t *data, int len)
    }
    return len;
 }
+#endif

 #endif /* EXT_ENCRYPTED */

--- a/test-app/ARM.ld
+++ b/test-app/ARM.ld
@ -1,7 +1,7 @@
 MEMORY
 {
    FLASH (rx) : ORIGIN = ##WOLFBOOT_TEST_APP_ADDRESS##, LENGTH = ##WOLFBOOT_TEST_APP_SIZE##
-    RAM (rwx) : ORIGIN = 0x20000000, LENGTH = 16K /* Run in lowmem */
+    RAM (rwx) : ORIGIN = 0x20000000, LENGTH = 32K /* Run in lowmem */
 }

 SECTIONS
--- a/test-app/Makefile
+++ b/test-app/Makefile
@ -39,6 +39,10 @@ ifeq ($(V),0)
  Q=@
 endif

+ifeq ($(ENCRYPT),1)
+    CFLAGS+=-DEXT_ENCRYPTED=1
+endif
+
 ENTRY_POINT=`cat .entry-point-address`
 LSCRIPT:=../config/target-app.ld
 LSCRIPT_TEMPLATE:=$(ARCH).ld
--- a/test-app/app_stm32f4.c
+++ b/test-app/app_stm32f4.c
@ -78,6 +78,7 @@ static const char ACK='#';
 static uint8_t msg[MSGSIZE];


+
 void uart_write(const char c)
 {
    uint32_t reg;
@ -219,6 +220,9 @@ void main(void) {
    version = wolfBoot_current_firmware_version();
    if ((version & 0x01) == 0)
        wolfBoot_success();
+#ifdef EXT_ENCRYPTED
+    wolfBoot_set_encrypt_key("0123456789abcdef0123456789abcdef", 32);
+#endif
    uart_write(START);
    for (i = 3; i >= 0; i--) {
        uart_write(v_array[i]);
--- a/tools/keytools/sign.py
+++ b/tools/keytools/sign.py
@ -58,20 +58,23 @@ sign="auto"
 self_update=False
 sha_only=False
 manual_sign=False
+encrypt=False


 argc = len(sys.argv)
 argv = sys.argv
 hash_algo='sha256'

-if (argc < 4) or (argc > 8):
-    print("Usage: %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--sha256 | --sha3] [--wolfboot-update] image key.der fw_version\n" % sys.argv[0])
+if (argc < 4) or (argc > 10):
+    print("Usage: %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--sha256 | --sha3] [--wolfboot-update] [--encrypt key.bin] image key.der fw_version\n" % sys.argv[0])
    print("  - or - ")
-    print("       %s [--sha256 | --sha3] [--sha-only] [--wolfboot-update] image pub_key.der fw_version\n" % sys.argv[0])
+    print("       %s [--sha256 | --sha3] [--sha-only] [--wolfboot-update] [--encrypt key.bin] image pub_key.der fw_version\n" % sys.argv[0])
    print("  - or - ")
-    print("       %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--sha256 | --sha3] [--manual-sign] image pub_key.der fw_version signature.sig\n" % sys.argv[0])
+    print("       %s [--ed25519 | --ecc256 | --rsa2048 | --rsa4096 ] [--sha256 | --sha3] [--manual-sign] [--encrypt key.bin] image pub_key.der fw_version signature.sig\n" % sys.argv[0])
    sys.exit(1)
-for i in range(1, len(argv)):
+
+i = 1
+while (i < len(argv)):
    if (argv[i] == '--ed25519'):
        sign='ed25519'
    elif (argv[i] == '--ecc256'):
@ -90,10 +93,14 @@ for i in range(1, len(argv)):
        sha_only = True
    elif (argv[i] == '--manual-sign'):
        manual_sign = True
-
+    elif (argv[i] == '--encrypt'):
+        encrypt = True
+        i += 1
+        encrypt_key_file = argv[i]
    else:
        i-=1
        break
+    i += 1

 image_file = argv[i+1]
 key_file = argv[i+2]
@ -117,6 +124,14 @@ else:
    else:
        output_image_file = image_file + "_v" + str(fw_version) + "_digest.bin"

+if encrypt:
+    if '.' in image_file:
+        tokens = image_file.split('.')
+        encrypted_output_image_file = image_file.rstrip('.' + tokens[-1])
+        encrypted_output_image_file += "_v" + str(fw_version) + "_signed_and_encrypted.bin"
+    else:
+        encrypted_output_image_file = image_file + "_v" + str(fw_version) + "_signed_and_encrypted.bin"
+
 if (self_update):
    print("Update type:          wolfBoot")
 else:
@ -132,6 +147,11 @@ if not sha_only:
 else:
    print ("Output digest:        " + output_image_file)

+if not encrypt:
+    print ("Not Encrypted")
+else:
+    print ("Encrypted using:      " + encrypt_key_file)
+
 kf = open(key_file, "rb")
 wolfboot_key_buffer = kf.read(4096)
 wolfboot_key_buffer_len = len(wolfboot_key_buffer)
@ -364,6 +384,26 @@ while True:

 infile.close()
 outfile.close()
+if (encrypt):
+    sz = 0
+    off = 0
+    outfile = open(output_image_file, 'rb')
+    ekeyfile = open(encrypt_key_file, 'rb')
+    key = ekeyfile.read(32)
+    enc_outfile = open(encrypted_output_image_file, 'wb')
+    cha = ciphers.ChaCha(key, 32)
+    while(True):
+        cha.set_iv(off)
+        buf = outfile.read(16)
+        if len(buf) == 0:
+            break
+        enc_outfile.write(cha.encrypt(buf))
+        off += 1
+    outfile.close()
+    ekeyfile.close()
+    enc_outfile.close()
+
+
 print ("Output image successfully created.")
 sys.exit(0)