From b979dacc6ce839b1006f5977f6f1db4dd021f193 Mon Sep 17 00:00:00 2001 From: Supreet Deshpande Date: Fri, 18 Dec 2020 14:10:28 +0530 Subject: [PATCH 1/2] Secure Boot v2: Fix the double padding of the image length during flash encryption Fixes https://github.com/espressif/esp-idf/issues/6236 --- components/bootloader_support/src/esp32/flash_encrypt.c | 4 +--- components/bootloader_support/src/esp32s2/flash_encrypt.c | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/components/bootloader_support/src/esp32/flash_encrypt.c b/components/bootloader_support/src/esp32/flash_encrypt.c index 6212228701..1346b882a2 100644 --- a/components/bootloader_support/src/esp32/flash_encrypt.c +++ b/components/bootloader_support/src/esp32/flash_encrypt.c @@ -252,9 +252,7 @@ static esp_err_t encrypt_bootloader(void) ESP_LOGD(TAG, "bootloader is plaintext. Encrypting..."); #if CONFIG_SECURE_BOOT_V2_ENABLED - // Account for the signature sector after the bootloader - image_length = (image_length + FLASH_SECTOR_SIZE - 1) & ~(FLASH_SECTOR_SIZE - 1); - image_length += FLASH_SECTOR_SIZE; + /* The image length obtained from esp_image_verify_bootloader includes the sector boundary padding and the signature block lengths */ if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) { ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET); return ESP_ERR_INVALID_STATE; diff --git a/components/bootloader_support/src/esp32s2/flash_encrypt.c b/components/bootloader_support/src/esp32s2/flash_encrypt.c index 9d9acf754f..97483c1869 100644 --- a/components/bootloader_support/src/esp32s2/flash_encrypt.c +++ b/components/bootloader_support/src/esp32s2/flash_encrypt.c @@ -286,9 +286,7 @@ static esp_err_t encrypt_bootloader(void) ESP_LOGD(TAG, "bootloader is plaintext. Encrypting..."); #if CONFIG_SECURE_BOOT_V2_ENABLED - // Account for the signature sector after the bootloader - image_length = (image_length + FLASH_SECTOR_SIZE - 1) & ~(FLASH_SECTOR_SIZE - 1); - image_length += FLASH_SECTOR_SIZE; + /* The image length obtained from esp_image_verify_bootloader includes the sector boundary padding and the signature block lengths */ if (ESP_BOOTLOADER_OFFSET + image_length > ESP_PARTITION_TABLE_OFFSET) { ESP_LOGE(TAG, "Bootloader is too large to fit Secure Boot V2 signature sector and partition table (configured offset 0x%x)", ESP_PARTITION_TABLE_OFFSET); return ESP_ERR_INVALID_SIZE; From 7453507d930cb19ad6fc8d50fbca479e52a59393 Mon Sep 17 00:00:00 2001 From: Supreet Deshpande Date: Fri, 18 Dec 2020 14:14:42 +0530 Subject: [PATCH 2/2] Secure boot v2: Fixes the issue of passing the flash calculated digest for ota verification. --- .../bootloader_support/src/idf/secure_boot_signatures.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/bootloader_support/src/idf/secure_boot_signatures.c b/components/bootloader_support/src/idf/secure_boot_signatures.c index 59c5af6d4d..290f69848d 100644 --- a/components/bootloader_support/src/idf/secure_boot_signatures.c +++ b/components/bootloader_support/src/idf/secure_boot_signatures.c @@ -312,8 +312,8 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa goto exit; } - ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, DIGEST_LEN, - sig_block->block[i].image_digest, sig_be); + ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, DIGEST_LEN, + image_digest, sig_be); if (ret != 0) { ESP_LOGE(TAG, "Failed mbedtls_rsa_rsassa_pss_verify, err: %d", ret); } else {