bootutil: Parse key id for built in keys

When MCUBOOT_BUILTIN_KEY is enabled, the key id TLV entry is added
to the image. Parse this entry while validating the image to identify
the key used to sign the image.

This enables future support for scenarios such as multiple built-in keys
or multi-signature.

Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: Ibe26bc2b09e63350f4214719606a5aa4bc1be93c

Author: maulik-arm

boot/bootutil/include/bootutil/crypto/ecdsa.h

@@ -392,11 +392,6 @@ static inline void bootutil_ecdsa_init(bootutil_ecdsa_context *ctx)
     ctx->required_algorithm = 0;
 
 #else /* !MCUBOOT_BUILTIN_KEY */
-    /* The incoming key ID is equal to the image index. The key ID value must be
-     * shifted (by one in this case) because zero is reserved (PSA_KEY_ID_NULL)
-     * and considered invalid.
-     */
-    ctx->key_id++; /* Make sure it is not equal to 0. */
 #if defined(MCUBOOT_SIGN_EC256)
     ctx->curve_byte_count = 32;
     ctx->required_algorithm = PSA_ALG_SHA_256;

boot/bootutil/include/bootutil/image.h

@@ -100,6 +100,7 @@ struct flash_area;
  */
 #define IMAGE_TLV_KEYHASH           0x01   /* hash of the public key */
 #define IMAGE_TLV_PUBKEY            0x02   /* public key */
+#define IMAGE_TLV_KEYID             0x03   /* Key ID */
 #define IMAGE_TLV_SHA256            0x10   /* SHA256 of image hdr and body */
 #define IMAGE_TLV_SHA384            0x11   /* SHA384 of image hdr and body */
 #define IMAGE_TLV_SHA512            0x12   /* SHA512 of image hdr and body */

boot/bootutil/src/image_validate.c

@@ -335,6 +335,21 @@ bootutil_find_key(uint8_t image_index, uint8_t *key, uint16_t key_len)
     return -1;
 }
 #endif /* !MCUBOOT_HW_KEY */
+
+#else
+/* For MCUBOOT_BUILTIN_KEY, key id is passed */
+#define EXPECTED_KEY_TLV     IMAGE_TLV_KEYID
+#define KEY_BUF_SIZE         sizeof(int)
+
+static int bootutil_find_key(uint8_t *key_id_buf, uint8_t key_id_buf_len)
+{
+    /* Key id is passed */
+    assert(key_id_buf_len == sizeof(int32_t));
+    return ((int32_t)key_id_buf[0] << 24) |
+            ((int32_t)key_id_buf[1] << 16) |
+            ((int32_t)key_id_buf[2] << 8)  |
+            ((int32_t)key_id_buf[3]);
+}
 #endif /* !MCUBOOT_BUILTIN_KEY */
 #endif /* EXPECTED_SIG_TLV */
 
@@ -450,6 +465,7 @@ static int bootutil_check_for_pure(const struct image_header *hdr,
 static const uint16_t allowed_unprot_tlvs[] = {
      IMAGE_TLV_KEYHASH,
      IMAGE_TLV_PUBKEY,
+     IMAGE_TLV_KEYID,
      IMAGE_TLV_SHA256,
      IMAGE_TLV_SHA384,
      IMAGE_TLV_SHA512,
@@ -492,14 +508,7 @@ bootutil_img_validate(struct boot_loader_state *state,
     uint16_t type;
 #ifdef EXPECTED_SIG_TLV
     FIH_DECLARE(valid_signature, FIH_FAILURE);
-#ifndef MCUBOOT_BUILTIN_KEY
     int key_id = -1;
-#else
-    /* Pass a key ID equal to the image index, the underlying crypto library
-     * is responsible for mapping the image index to a builtin key ID.
-     */
-    int key_id = image_index;
-#endif /* !MCUBOOT_BUILTIN_KEY */
 #ifdef MCUBOOT_HW_KEY
     uint8_t key_buf[KEY_BUF_SIZE];
 #endif

scripts/imgtool/image.py

@@ -76,6 +76,7 @@
 TLV_VALUES = {
         'KEYHASH': 0x01,
         'PUBKEY': 0x02,
+        'KEYID': 0x03,
         'SHA256': 0x10,
         'SHA384': 0x11,
         'SHA512': 0x12,
@@ -135,13 +136,19 @@ def add(self, kind, payload):
         """
         e = STRUCT_ENDIAN_DICT[self.endian]
         if isinstance(kind, int):
-            if not TLV_VENDOR_RES_MIN <= kind <= TLV_VENDOR_RES_MAX:
+            if kind in TLV_VALUES.values():
+                buf = struct.pack(e + 'I', kind)
+            elif TLV_VENDOR_RES_MIN <= kind <= TLV_VENDOR_RES_MAX:
+                # Custom vendor-reserved tag
+                buf = struct.pack(e + 'HH', kind, len(payload))
+            else:
                 msg = "Invalid custom TLV type value '0x{:04x}', allowed " \
                       "value should be between 0x{:04x} and 0x{:04x}".format(
                         kind, TLV_VENDOR_RES_MIN, TLV_VENDOR_RES_MAX)
                 raise click.UsageError(msg)
-            buf = struct.pack(e + 'HH', kind, len(payload))
         else:
+            if kind not in TLV_VALUES:
+                raise click.UsageError(f"Unknown TLV type string: {kind}")
             buf = struct.pack(e + 'BBH', TLV_VALUES[kind], 0, len(payload))
         self.buf += buf
         self.buf += payload
@@ -632,6 +639,9 @@ def create(self, key, public_key_format, enckey, dependencies=None,
             print(os.path.basename(__file__) + ': export digest')
             return
 
+        if self.key_ids is not None:
+            self._add_key_id_tlv_to_unprotected(tlv, self.key_ids[0])
+
         if key is not None or fixed_sig is not None:
             if public_key_format == 'hash':
                 tlv.add('KEYHASH', pubbytes)
@@ -883,3 +893,13 @@ def verify(imgfile, key):
                     pass
             tlv_off += TLV_SIZE + tlv_len
         return VerifyResult.INVALID_SIGNATURE, None, None, None
+
+    def set_key_ids(self, key_ids):
+        """Set list of key IDs (integers) to be inserted before each signature."""
+        self.key_ids = key_ids
+
+    def _add_key_id_tlv_to_unprotected(self, tlv, key_id: int):
+        """Add a key ID TLV into the *unprotected* TLV area."""
+        tag = TLV_VALUES['KEYID']
+        value = key_id.to_bytes(4, 'big')
+        tlv.add(tag, value)