From 3f9ab5d5e711cab6ef2f21992d749251a223a0aa Mon Sep 17 00:00:00 2001 From: "harshal.patil" Date: Wed, 23 Apr 2025 15:43:14 +0530 Subject: [PATCH] fix(bootloader_support/secure_boot): Fix incorrect usage of ESP_SECURE_BOOT_KEY_DIGEST_LEN --- .../bootloader_support/include/esp_secure_boot.h | 10 +++++++--- .../src/secure_boot_v2/secure_boot.c | 8 ++++---- .../src/secure_boot_v2/secure_boot_signatures_app.c | 12 ++++++------ 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/components/bootloader_support/include/esp_secure_boot.h b/components/bootloader_support/include/esp_secure_boot.h index 58e32ea190..63a9b9be2a 100644 --- a/components/bootloader_support/include/esp_secure_boot.h +++ b/components/bootloader_support/include/esp_secure_boot.h @@ -35,10 +35,14 @@ extern "C" { #define ESP_SECURE_BOOT_DIGEST_LEN 32 +/* SHA-256 length of the public key digest */ +#define ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN 32 + +/* Length of the public key digest that is stored in efuses */ #if CONFIG_IDF_TARGET_ESP32C2 -#define ESP_SECURE_BOOT_KEY_DIGEST_LEN 16 +#define ESP_SECURE_BOOT_KEY_DIGEST_LEN ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN / 2 #else -#define ESP_SECURE_BOOT_KEY_DIGEST_LEN 32 +#define ESP_SECURE_BOOT_KEY_DIGEST_LEN ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN #endif #ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH @@ -255,7 +259,7 @@ esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_sign * Each image can have one or more signature blocks (up to SECURE_BOOT_NUM_BLOCKS). Each signature block includes a public key. */ typedef struct { - uint8_t key_digests[SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS][ESP_SECURE_BOOT_DIGEST_LEN]; /* SHA of the public key components in the signature block */ + uint8_t key_digests[SOC_EFUSE_SECURE_BOOT_KEY_DIGESTS][ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN]; /* SHA of the public key components in the signature block */ unsigned num_digests; /* Number of valid digests, starting at index 0 */ } esp_image_sig_public_key_digests_t; diff --git a/components/bootloader_support/src/secure_boot_v2/secure_boot.c b/components/bootloader_support/src/secure_boot_v2/secure_boot.c index 06630a993b..09d07ae03c 100644 --- a/components/bootloader_support/src/secure_boot_v2/secure_boot.c +++ b/components/bootloader_support/src/secure_boot_v2/secure_boot.c @@ -1,5 +1,5 @@ /* - * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD + * SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD * * SPDX-License-Identifier: Apache-2.0 */ @@ -71,7 +71,7 @@ static esp_err_t s_calculate_image_public_key_digests(uint32_t flash_offset, uin { esp_err_t ret; uint8_t image_digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; - uint8_t __attribute__((aligned(4))) key_digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; + uint8_t __attribute__((aligned(4))) key_digest[ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN] = {0}; size_t sig_block_addr = flash_offset + ALIGN_UP(flash_size, FLASH_SECTOR_SIZE); ESP_LOGD(TAG, "calculating public key digests for sig blocks of image offset 0x%" PRIx32 " (sig block offset 0x%x)", flash_offset, sig_block_addr); @@ -129,7 +129,7 @@ static esp_err_t s_calculate_image_public_key_digests(uint32_t flash_offset, uin } ESP_LOGD(TAG, "Signature block (%d) is verified", i); /* Copy the key digest to the buffer provided by the caller */ - memcpy((void *)public_key_digests->key_digests[i], key_digest, ESP_SECURE_BOOT_DIGEST_LEN); + memcpy((void *)public_key_digests->key_digests[i], key_digest, ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN); public_key_digests->num_digests++; } @@ -317,7 +317,7 @@ static esp_err_t check_and_generate_secure_boot_keys(const esp_image_metadata_t } for (unsigned j = 0; j < tee_key_digests.num_digests; j++) { - if (!memcmp(boot_key_digests.key_digests[i], tee_key_digests.key_digests[j], ESP_SECURE_BOOT_DIGEST_LEN)) { + if (!memcmp(boot_key_digests.key_digests[i], tee_key_digests.key_digests[j], ESP_SECURE_BOOT_KEY_DIGEST_LEN)) { ESP_LOGI(TAG, "TEE key(%d) matches with bootloader key(%d).", j, i); tee_match = true; } diff --git a/components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c b/components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c index 9ab1c8f848..753d4ce71b 100644 --- a/components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c +++ b/components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c @@ -73,7 +73,7 @@ static esp_err_t calculate_image_public_key_digests(bool verify_image_digest, bo } uint8_t image_digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; - uint8_t __attribute__((aligned(4))) key_digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; + uint8_t __attribute__((aligned(4))) key_digest[ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN] = {0}; size_t sig_block_addr = img_metadata.start_addr + ALIGN_UP(img_metadata.image_len, FLASH_SECTOR_SIZE); ESP_LOGD(TAG, "calculating public key digests for sig blocks of image offset 0x%"PRIu32" (sig block offset 0x%u)", img_metadata.start_addr, sig_block_addr); @@ -118,7 +118,7 @@ static esp_err_t calculate_image_public_key_digests(bool verify_image_digest, bo ESP_LOGD(TAG, "Signature block (%d) is verified", i); } /* Copy the key digest to the buffer provided by the caller */ - memcpy((void *)public_key_digests->key_digests[public_key_digests->num_digests], key_digest, ESP_SECURE_BOOT_DIGEST_LEN); + memcpy((void *)public_key_digests->key_digests[public_key_digests->num_digests], key_digest, ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN); } public_key_digests->num_digests++; } @@ -184,8 +184,8 @@ static esp_err_t get_secure_boot_key_digests(esp_image_sig_public_key_digests_t esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length) { - uint8_t digest[ESP_SECURE_BOOT_KEY_DIGEST_LEN] = {0}; - uint8_t verified_digest[ESP_SECURE_BOOT_KEY_DIGEST_LEN] = {0}; + uint8_t digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; + uint8_t verified_digest[ESP_SECURE_BOOT_DIGEST_LEN] = {0}; /* Rounding off length to the upper 4k boundary */ uint32_t padded_length = ALIGN_UP(length, FLASH_SECTOR_SIZE); @@ -220,7 +220,7 @@ esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_sign /* Note: in IDF verification we don't add any fault injection resistance, as we don't expect this to be called during boot-time verification. */ - memset(verified_digest, 0, ESP_SECURE_BOOT_KEY_DIGEST_LEN); + memset(verified_digest, 0, ESP_SECURE_BOOT_DIGEST_LEN); esp_image_sig_public_key_digests_t trusted = {0}; @@ -237,7 +237,7 @@ esp_err_t esp_secure_boot_verify_sbv2_signature_block(const ets_secure_boot_sign #endif for (unsigned app_blk_idx = 0; app_blk_idx < secure_boot_num_blocks; app_blk_idx++) { - uint8_t app_blk_digest[ESP_SECURE_BOOT_DIGEST_LEN] = { 0 }; + uint8_t app_blk_digest[ESP_SECURE_BOOT_KEY_DIGEST_SHA_256_LEN] = { 0 }; const ets_secure_boot_sig_block_t *app_blk = &sig_block->block[app_blk_idx]; const ets_secure_boot_sig_block_t *trusted_block = NULL;