2016-11-01 19:41:58 -04:00
|
|
|
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
2017-06-27 03:25:30 -04:00
|
|
|
#pragma once
|
2016-11-01 19:41:58 -04:00
|
|
|
|
|
|
|
#include <stdbool.h>
|
|
|
|
#include <esp_err.h>
|
2016-11-02 02:54:47 -04:00
|
|
|
#include "soc/efuse_reg.h"
|
2016-11-01 19:41:58 -04:00
|
|
|
|
2018-07-19 01:15:37 -04:00
|
|
|
#include "sdkconfig.h"
|
|
|
|
|
|
|
|
#ifdef CONFIG_SECURE_BOOT_ENABLED
|
|
|
|
#if !defined(CONFIG_SECURE_SIGNED_ON_BOOT) || !defined(CONFIG_SECURE_SIGNED_ON_UPDATE) || !defined(CONFIG_SECURE_SIGNED_APPS)
|
|
|
|
#error "internal sdkconfig error, secure boot should always enable all signature options"
|
|
|
|
#endif
|
|
|
|
#endif
|
|
|
|
|
2017-06-27 03:25:30 -04:00
|
|
|
#ifdef __cplusplus
|
|
|
|
extern "C" {
|
|
|
|
#endif
|
|
|
|
|
2016-11-01 19:41:58 -04:00
|
|
|
/* Support functions for secure boot features.
|
|
|
|
|
|
|
|
Can be compiled as part of app or bootloader code.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/** @brief Is secure boot currently enabled in hardware?
|
|
|
|
*
|
|
|
|
* Secure boot is enabled if the ABS_DONE_0 efuse is blown. This means
|
|
|
|
* that the ROM bootloader code will only boot a verified secure
|
|
|
|
* bootloader digest from now on.
|
|
|
|
*
|
|
|
|
* @return true if secure boot is enabled.
|
|
|
|
*/
|
2016-11-02 02:54:47 -04:00
|
|
|
static inline bool esp_secure_boot_enabled(void) {
|
2016-11-06 23:45:26 -05:00
|
|
|
return REG_READ(EFUSE_BLK0_RDATA6_REG) & EFUSE_RD_ABS_DONE_0;
|
2016-11-02 02:54:47 -04:00
|
|
|
}
|
2016-11-01 19:41:58 -04:00
|
|
|
|
2019-04-04 05:55:22 -04:00
|
|
|
/** @brief Generate secure digest from bootloader image
|
|
|
|
*
|
|
|
|
* @important This function is intended to be called from bootloader code only.
|
|
|
|
*
|
|
|
|
* If secure boot is not yet enabled for bootloader, this will:
|
|
|
|
* 1) generate the secure boot key and burn it on EFUSE
|
|
|
|
* (without enabling R/W protection)
|
|
|
|
* 2) generate the digest from bootloader and save it
|
|
|
|
* to flash address 0x0
|
|
|
|
*
|
|
|
|
* If first boot gets interrupted after calling this function
|
|
|
|
* but before esp_secure_boot_permanently_enable() is called, then
|
|
|
|
* the key burned on EFUSE will not be regenerated, unless manually
|
|
|
|
* done using espefuse.py tool
|
|
|
|
*
|
|
|
|
* @return ESP_OK if secure boot digest is generated
|
|
|
|
* successfully or found to be already present
|
|
|
|
*/
|
|
|
|
esp_err_t esp_secure_boot_generate_digest(void);
|
2016-11-01 19:41:58 -04:00
|
|
|
|
2016-11-02 02:54:47 -04:00
|
|
|
/** @brief Enable secure boot if it is not already enabled.
|
2016-11-01 19:41:58 -04:00
|
|
|
*
|
2016-11-02 02:54:47 -04:00
|
|
|
* @important If this function succeeds, secure boot is permanently
|
2016-11-01 19:41:58 -04:00
|
|
|
* enabled on the chip via efuse.
|
|
|
|
*
|
2016-11-02 02:54:47 -04:00
|
|
|
* @important This function is intended to be called from bootloader code only.
|
|
|
|
*
|
2019-04-04 05:55:22 -04:00
|
|
|
* @important This will enable r/w protection of secure boot key on EFUSE,
|
|
|
|
* therefore it is to be ensured that esp_secure_boot_generate_digest()
|
|
|
|
* is called before this
|
|
|
|
*
|
2016-11-02 02:54:47 -04:00
|
|
|
* If secure boot is not yet enabled for bootloader, this will
|
2019-04-04 05:55:22 -04:00
|
|
|
* 1) enable R/W protection of secure boot key on EFUSE
|
|
|
|
* 2) enable secure boot by blowing the EFUSE_RD_ABS_DONE_0 efuse.
|
2016-11-02 02:54:47 -04:00
|
|
|
*
|
|
|
|
* This function does not verify secure boot of the bootloader (the
|
|
|
|
* ROM bootloader does this.)
|
|
|
|
*
|
|
|
|
* Will fail if efuses have been part-burned in a way that indicates
|
|
|
|
* secure boot should not or could not be correctly enabled.
|
|
|
|
*
|
2016-11-01 19:41:58 -04:00
|
|
|
* @return ESP_ERR_INVALID_STATE if efuse state doesn't allow
|
|
|
|
* secure boot to be enabled cleanly. ESP_OK if secure boot
|
|
|
|
* is enabled on this chip from now on.
|
|
|
|
*/
|
2016-11-02 02:54:47 -04:00
|
|
|
esp_err_t esp_secure_boot_permanently_enable(void);
|
2016-11-01 19:41:58 -04:00
|
|
|
|
2016-11-06 23:45:57 -05:00
|
|
|
/** @brief Verify the secure boot signature (determinstic ECDSA w/ SHA256) appended to some binary data in flash.
|
|
|
|
*
|
|
|
|
* Public key is compiled into the calling program. See docs/security/secure-boot.rst for details.
|
2016-11-03 02:33:30 -04:00
|
|
|
*
|
|
|
|
* @param src_addr Starting offset of the data in flash.
|
|
|
|
* @param length Length of data in bytes. Signature is appended -after- length bytes.
|
|
|
|
*
|
2016-11-11 01:00:34 -05:00
|
|
|
* If flash encryption is enabled, the image will be transparently decrypted while being verified.
|
|
|
|
*
|
2016-11-03 02:33:30 -04:00
|
|
|
* @return ESP_OK if signature is valid, ESP_ERR_INVALID_STATE if
|
|
|
|
* signature fails, ESP_FAIL for other failures (ie can't read flash).
|
|
|
|
*/
|
|
|
|
esp_err_t esp_secure_boot_verify_signature(uint32_t src_addr, uint32_t length);
|
2016-11-01 19:41:58 -04:00
|
|
|
|
2017-06-28 02:46:34 -04:00
|
|
|
/** @brief Verify the secure boot signature block (deterministic ECDSA w/ SHA256) based on the SHA256 hash of some data.
|
|
|
|
*
|
|
|
|
* Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
|
|
|
|
* @param sig_block Pointer to signature block data
|
|
|
|
* @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2016-11-11 01:00:34 -05:00
|
|
|
/** @brief Secure boot verification block, on-flash data format. */
|
|
|
|
typedef struct {
|
|
|
|
uint32_t version;
|
|
|
|
uint8_t signature[64];
|
|
|
|
} esp_secure_boot_sig_block_t;
|
|
|
|
|
2017-06-28 02:46:34 -04:00
|
|
|
esp_err_t esp_secure_boot_verify_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest);
|
|
|
|
|
2021-03-25 03:18:27 -04:00
|
|
|
/** @brief Verify the ECDSA secure boot signature block for Secure Boot.
|
|
|
|
*
|
|
|
|
* Calculates Deterministic ECDSA w/ SHA256 based on the SHA256 hash of the image. ECDSA signature
|
|
|
|
* verification must be enabled in project configuration to use this function.
|
|
|
|
*
|
|
|
|
* Similar to esp_secure_boot_verify_signature(), but can be used when the digest is precalculated.
|
|
|
|
* @param sig_block Pointer to ECDSA signature block data
|
|
|
|
* @param image_digest Pointer to 32 byte buffer holding SHA-256 hash.
|
|
|
|
* @param verified_digest Pointer to 32 byte buffer that will receive verified digest if verification completes. (Used during bootloader implementation only, result is invalid otherwise.)
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig_block_t *sig_block, const uint8_t *image_digest, uint8_t *verified_digest);
|
|
|
|
|
2016-11-11 01:00:34 -05:00
|
|
|
#define FLASH_OFFS_SECURE_BOOT_IV_DIGEST 0
|
|
|
|
|
|
|
|
/** @brief Secure boot IV+digest header */
|
|
|
|
typedef struct {
|
|
|
|
uint8_t iv[128];
|
|
|
|
uint8_t digest[64];
|
|
|
|
} esp_secure_boot_iv_digest_t;
|
|
|
|
|
2017-06-27 03:25:30 -04:00
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
}
|
2016-11-01 19:41:58 -04:00
|
|
|
#endif
|