4
4
* Copyright (c) 2017-2019 Linaro LTD
5
5
* Copyright (c) 2016-2019 JUUL Labs
6
6
* Copyright (c) 2019-2024 Arm Limited
7
+ * Copyright (c) 2025 Nordic Semiconductor ASA
7
8
*
8
9
* Original license:
9
10
*
29
30
#include <stdint.h>
30
31
#include <inttypes.h>
31
32
#include <string.h>
33
+ #include <errno.h>
32
34
33
35
#include <flash_map_backend/flash_map_backend.h>
34
36
63
65
* SHA256 otherwise).
64
66
*/
65
67
static int
66
- bootutil_img_hash (struct enc_key_data * enc_state , int image_index ,
68
+ bootutil_img_hash (struct boot_loader_state * state ,
67
69
struct image_header * hdr , const struct flash_area * fap ,
68
70
uint8_t * tmp_buf , uint32_t tmp_buf_sz , uint8_t * hash_result ,
69
71
uint8_t * seed , int seed_len )
@@ -78,11 +80,14 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
78
80
uint32_t off ;
79
81
uint32_t blk_sz ;
80
82
#endif
83
+ #if defined(MCUBOOT_ENC_IMAGES )
84
+ struct enc_key_data * enc_state ;
85
+ int image_index ;
86
+ #endif
81
87
82
88
#if (BOOT_IMAGE_NUMBER == 1 ) || !defined(MCUBOOT_ENC_IMAGES ) || \
83
89
defined(MCUBOOT_RAM_LOAD )
84
- (void )enc_state ;
85
- (void )image_index ;
90
+ (void )state ;
86
91
(void )hdr_size ;
87
92
(void )blk_off ;
88
93
(void )tlv_off ;
@@ -97,6 +102,14 @@ bootutil_img_hash(struct enc_key_data *enc_state, int image_index,
97
102
#endif
98
103
99
104
#ifdef MCUBOOT_ENC_IMAGES
105
+ if (state == NULL ) {
106
+ enc_state = NULL ;
107
+ image_index = 0 ;
108
+ } else {
109
+ enc_state = BOOT_CURR_ENC (state );
110
+ image_index = BOOT_CURR_IMG (state );
111
+ }
112
+
100
113
/* Encrypted images only exist in the secondary slot */
101
114
if (MUST_DECRYPT (fap , image_index , hdr ) &&
102
115
!boot_enc_valid (enc_state , 1 )) {
@@ -306,15 +319,16 @@ bootutil_find_key(uint8_t image_index, uint8_t *key, uint16_t key_len)
306
319
/**
307
320
* Reads the value of an image's security counter.
308
321
*
309
- * @param hdr Pointer to the image header structure.
322
+ * @param state Pointer to the boot state object.
323
+ * @param slot Slot of the current image to get the security counter of.
310
324
* @param fap Pointer to a description structure of the image's
311
325
* flash area.
312
326
* @param security_cnt Pointer to store the security counter value.
313
327
*
314
328
* @return 0 on success; nonzero on failure.
315
329
*/
316
330
int32_t
317
- bootutil_get_img_security_cnt (struct image_header * hdr ,
331
+ bootutil_get_img_security_cnt (struct boot_loader_state * state , int slot ,
318
332
const struct flash_area * fap ,
319
333
uint32_t * img_security_cnt )
320
334
{
@@ -323,19 +337,20 @@ bootutil_get_img_security_cnt(struct image_header *hdr,
323
337
uint16_t len ;
324
338
int32_t rc ;
325
339
326
- if ((hdr == NULL ) ||
340
+ if ((state == NULL ) ||
341
+ (boot_img_hdr (state , slot ) == NULL ) ||
327
342
(fap == NULL ) ||
328
343
(img_security_cnt == NULL )) {
329
344
/* Invalid parameter. */
330
345
return BOOT_EBADARGS ;
331
346
}
332
347
333
348
/* The security counter TLV is in the protected part of the TLV area. */
334
- if (hdr -> ih_protect_tlv_size == 0 ) {
349
+ if (boot_img_hdr ( state , slot ) -> ih_protect_tlv_size == 0 ) {
335
350
return BOOT_EBADIMAGE ;
336
351
}
337
352
338
- rc = bootutil_tlv_iter_begin (& it , hdr , fap , IMAGE_TLV_SEC_CNT , true);
353
+ rc = bootutil_tlv_iter_begin (& it , boot_img_hdr ( state , slot ) , fap , IMAGE_TLV_SEC_CNT , true);
339
354
if (rc ) {
340
355
return rc ;
341
356
}
@@ -355,7 +370,7 @@ bootutil_get_img_security_cnt(struct image_header *hdr,
355
370
return BOOT_EBADIMAGE ;
356
371
}
357
372
358
- rc = LOAD_IMAGE_DATA (hdr , fap , off , img_security_cnt , len );
373
+ rc = LOAD_IMAGE_DATA (boot_img_hdr ( state , slot ) , fap , off , img_security_cnt , len );
359
374
if (rc != 0 ) {
360
375
return BOOT_EFLASH ;
361
376
}
@@ -434,11 +449,14 @@ static const uint16_t allowed_unprot_tlvs[] = {
434
449
* Return non-zero if image could not be validated/does not validate.
435
450
*/
436
451
fih_ret
437
- bootutil_img_validate (struct enc_key_data * enc_state , int image_index ,
452
+ bootutil_img_validate (struct boot_loader_state * state ,
438
453
struct image_header * hdr , const struct flash_area * fap ,
439
454
uint8_t * tmp_buf , uint32_t tmp_buf_sz , uint8_t * seed ,
440
455
int seed_len , uint8_t * out_hash )
441
456
{
457
+ #if (defined(EXPECTED_KEY_TLV ) && defined(MCUBOOT_HW_KEY )) || defined(MCUBOOT_HW_ROLLBACK_PROT )
458
+ int image_index = (state == NULL ? 0 : BOOT_CURR_IMG (state ));
459
+ #endif
442
460
uint32_t off ;
443
461
uint16_t len ;
444
462
uint16_t type ;
@@ -471,7 +489,7 @@ bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
471
489
#endif
472
490
473
491
#if defined(EXPECTED_HASH_TLV ) && !defined(MCUBOOT_SIGN_PURE )
474
- rc = bootutil_img_hash (enc_state , image_index , hdr , fap , tmp_buf ,
492
+ rc = bootutil_img_hash (state , hdr , fap , tmp_buf ,
475
493
tmp_buf_sz , hash , seed , seed_len );
476
494
if (rc ) {
477
495
goto out ;
0 commit comments