If -K option is missing when you sign image nodes, it fails with
an unclear error message:

  tools/mkimage Can't add hashes to FIT blob: -1

It is hard to figure out the cause of the failure.

In contrast, when you sign configuration nodes, -K is optional because
fit_config_process_sig() returns successfully if keydest is unset.
Probably this is a preferred behavior when you want to update FIT with
the same key; you do not have to update the public key in this case.

So, this commit changes fit_image_process_sig() to continue signing
without keydest.  If ->add_verify_data() fails, show a clearer error
message, which has been borrowed from fit_config_process_sig().

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

The "algo_name" points to a property in a blob being edited.  The
pointer becomes stale when fit_image_write_sig() inserts signatures.
Then crypto->add_verify_data() writes wrong data to the public key
destination.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Both "conf_name" and "sig_name" point to the name of config node.
The latter should be the name of the signature node.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Add support for signing with the pkcs11 engine. This allows FIT images
to be signed with keys securely stored on a smartcard, hardware security
module, etc without exposing the keys.

Support for other engines can be added in the future by modifying
rsa_engine_get_pub_key() and rsa_engine_get_priv_key() to construct
correct key_id strings.

Signed-off-by: George McCollister <george.mccollister@gmail.com>

Remove the need to explicitly add SHA/RSA pairings. Invalid SHA/RSA
pairings will still fail on verify operations when the hash length is
longer than the key length.

Follow the same naming scheme "checksum,crytpo" without explicitly
defining the string.

Indirectly adds support for "sha1,rsa4096" signing/verification.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

Cut down on the repetition of algorithm information by defining separate
checksum and crypto structs. image_sig_algos are now simply pairs of
unique checksum and crypto algos.

Signed-off-by: Andrew Duda <aduda@meraki.com>
Signed-off-by: aduda <aduda@meraki.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

[NOTE: I took v1 of these patches in, and then v2 came out, this commit
is squashing the minor deltas from v1 -> v2 of updates to c236ebd2 and
2b9ec762 into this commit - trini]

- Added an additional NULL check, as suggested by Simon Glass to
  fit_image_process_sig
- Re-formatted the comment blocks

Signed-off-by: Mario Six <mario.six@gdsys.cc>
Reviewed-by: Simon Glass <sjg@chromium.org>
[For merging the chnages from v2 back onto v1]
Signed-off-by: Tom Rini <trini@konsulko.com>

When signing images, we repeatedly call fit_add_file_data() with
successively increasing size values to include the keys in the DTB.

Unfortunately, if large keys are used (such as 4096 bit RSA keys), this
process fails sometimes, and mkimage needs to be called repeatedly to
integrate the keys into the DTB.

This is because fit_add_file_data actually returns the wrong error
code, and the loop terminates prematurely, instead of trying again with
a larger size value.

This patch corrects the return value and also removes a error message,
which is misleading, since we actually allow the function to fail. A
(hopefully helpful) comment is also added to explain the lack of error
message.

This is probably related to 1152a05e ("tools: Correct error handling in
fit_image_process_hash()") and the corresponding error reported here:

https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html



Signed-off-by: Mario Six <mario.six@gdsys.cc>

We should not be returning -1 as an error code. This can mask a situation
where we run out of space adding things to the FIT. By returning the correct
error in this case (-ENOSPC) it can be handled by the higher-level code.

This may fix the error reported by Tom Van Deun here:

https://www.mail-archive.com/u-boot@lists.denx.de/msg217417.html



although I am not sure as I cannot actually repeat it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reported-by: Tom Van Deun <tom.vandeun@wapice.com>
Reviewed-by: Teddy Reed <teddy.reed@gmail.com>

fix a typo in error printf. If FIT_CONFS_PATH is not found
print FIT_CONFS_PATH not FIT_IMAGES_PATH.

Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>

At present this tool only checks the configuration signing. Have it also
look at each of the images in the configuration and confirm that they
verify.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Heiko Schocher <hs@denx.de> (v1)

The original code did not cover every case and there was a missing negative
sign in one case. Expand the coverage and fix the bug.

Signed-off-by: Simon Glass <sjg@chromium.org>

When adding hashes or signatures, the target FDT may be full. Detect this
and automatically try again after making 1KB of space.

Signed-off-by: Simon Glass <sjg@chromium.org>

add host tool "fit_check_sign" which verifies, if a fit image is
signed correct.

Signed-off-by: Heiko Schocher <hs@denx.de>
Cc: Simon Glass <sjg@chromium.org>

property "sign-images" is never found, fix this.

Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>

Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>

While signing images is useful, it does not provide complete protection
against several types of attack. For example, it it possible to create a
FIT with the same signed images, but with the configuration changed such
that a different one is selected (mix and match attack). It is also possible
to substitute a signed image from an older FIT version into a newer FIT
(roll-back attack).

Add support for signing of FIT configurations using the libfdt's region
support.

Please see doc/uImage.FIT/signature.txt for more information.

Signed-off-by: Simon Glass <sjg@chromium.org>

Add support for signing images using a new signature node. The process
is handled by fdt_add_verification_data() which now takes parameters to
provide the keys and related information.

Signed-off-by: Simon Glass <sjg@chromium.org>

We intend to add signatures to FITs also, so rename this function so that
it is not specific to hashing. Also rename fit_image_set_hashes() and
make it static since it is not used outside this file.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>

This function doesn't need to be exported, and with verification
we want to use it for setting the 'value' property in any node,
so rename it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>

This function has become quite long and much of the body is indented quite
a bit. Move it into a separate function to make it easier to work with.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Marek Vasut <marex@denx.de>

This code is never compiled into U-Boot, so move it into a separate
file in tools/ to avoid the large #ifdef.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Marek Vasut <marex@denx.de>