diff options
author | Soby Mathew <soby.mathew@arm.com> | 2016-05-24 15:05:15 +0100 |
---|---|---|
committer | Soby Mathew <soby.mathew@arm.com> | 2016-06-03 18:27:36 +0100 |
commit | 04943d33cf379868a1dfa3971c2c2250526f0670 (patch) | |
tree | e006817db9467446e932182739c9f25bcb702c3c /drivers | |
parent | a7e530331d7cf4b58618f0715e61b5a872176f07 (diff) |
Allow dynamic overriding of ROTPK verification
A production ROM with TBB enabled must have the ability to boot test software
before a real ROTPK is deployed (e.g. manufacturing mode). Previously the
function plat_get_rotpk_info() must return a valid ROTPK for TBB to succeed.
This patch adds an additional bit `ROTPK_NOT_DEPLOYED` in the output `flags`
parameter from plat_get_rotpk_info(). If this bit is set, then the ROTPK
in certificate is used without verifying against the platform value.
Fixes ARM-software/tf-issues#381
Change-Id: Icbbffab6bff8ed76b72431ee21337f550d8fdbbb
Diffstat (limited to 'drivers')
-rw-r--r-- | drivers/auth/auth_mod.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/drivers/auth/auth_mod.c b/drivers/auth/auth_mod.c index 41845561..88ef0b02 100644 --- a/drivers/auth/auth_mod.c +++ b/drivers/auth/auth_mod.c @@ -199,8 +199,9 @@ static int auth_signature(const auth_method_param_sig_t *param, } return_if_error(rc); - /* If the PK is a hash of the key, retrieve the key from the image */ - if (flags & ROTPK_IS_HASH) { + if (flags & (ROTPK_IS_HASH | ROTPK_NOT_DEPLOYED)) { + /* If the PK is a hash of the key or if the ROTPK is not + deployed on the platform, retrieve the key from the image */ pk_hash_ptr = pk_ptr; pk_hash_len = pk_len; rc = img_parser_get_auth_param(img_desc->img_type, @@ -215,9 +216,14 @@ static int auth_signature(const auth_method_param_sig_t *param, pk_ptr, pk_len); return_if_error(rc); - /* Ask the crypto-module to verify the key hash */ - rc = crypto_mod_verify_hash(pk_ptr, pk_len, - pk_hash_ptr, pk_hash_len); + if (flags & ROTPK_NOT_DEPLOYED) { + NOTICE("ROTPK is not deployed on platform. " + "Skipping ROTPK verification.\n"); + } else { + /* Ask the crypto-module to verify the key hash */ + rc = crypto_mod_verify_hash(pk_ptr, pk_len, + pk_hash_ptr, pk_hash_len); + } } else { /* Ask the crypto module to verify the signature */ rc = crypto_mod_verify_signature(data_ptr, data_len, |