333 lines
9.2 KiB
C
333 lines
9.2 KiB
C
|
/*
|
||
|
* Copyright (c) 2007, Google Inc.
|
||
|
* All rights reserved.
|
||
|
*
|
||
|
* Copyright (c) 2009-2010, The Linux Foundation. All rights reserved.
|
||
|
*
|
||
|
* Redistribution and use in source and binary forms, with or without
|
||
|
* modification, are permitted provided that the following conditions
|
||
|
* are met:
|
||
|
* * Redistributions of source code must retain the above copyright
|
||
|
* notice, this list of conditions and the following disclaimer.
|
||
|
* * Redistributions in binary form must reproduce the above copyright
|
||
|
* notice, this list of conditions and the following disclaimer in
|
||
|
* the documentation and/or other materials provided with the
|
||
|
* distribution.
|
||
|
* * Neither the name of Google, Inc. nor the names of its contributors
|
||
|
* may be used to endorse or promote products derived from this
|
||
|
* software without specific prior written permission.
|
||
|
*
|
||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||
|
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
||
|
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
||
|
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
||
|
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
||
|
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||
|
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
||
|
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||
|
* SUCH DAMAGE.
|
||
|
*/
|
||
|
|
||
|
#include <stdio.h>
|
||
|
#include <stdlib.h>
|
||
|
#include <unistd.h>
|
||
|
#include <fcntl.h>
|
||
|
#include <string.h>
|
||
|
|
||
|
#include <sys/stat.h>
|
||
|
|
||
|
int print_usage()
|
||
|
{
|
||
|
fprintf(stderr, "usage: mkheader <bin> <hdr> <none|unified-boot>\n");
|
||
|
fprintf(stderr,
|
||
|
" mkheader <bin> <hdr> <unsecure-boot> <outbin>\n");
|
||
|
fprintf(stderr,
|
||
|
" mkheader <bin> <hdr> <secure-boot> <outbin> <maxsize>\n");
|
||
|
fprintf(stderr,
|
||
|
" mkheader <bin> <hdr> <secure-boot> <outbin> <maxsize> <certchain> <files...>\n\n");
|
||
|
fprintf(stderr, "bin: Input raw appsbl binary\n");
|
||
|
fprintf(stderr,
|
||
|
"hdr: Output of appsbl header location\n");
|
||
|
fprintf(stderr,
|
||
|
"outbin: Output of the signed or unsigned apps boot location\n");
|
||
|
fprintf(stderr,
|
||
|
"maxsize: Maximum size for certificate chain\n");
|
||
|
fprintf(stderr,
|
||
|
"certchain: Output of the certchain location\n");
|
||
|
fprintf(stderr,
|
||
|
"files: Input format <bin signature> <certifcate file(s) for certificate chain>...\n");
|
||
|
fprintf(stderr,
|
||
|
"certificate chain: Files will be concatenated in order to create the certificate chain\n\n");
|
||
|
return -1;
|
||
|
}
|
||
|
|
||
|
int cat(FILE * in, FILE * out, unsigned size, unsigned buff_size)
|
||
|
{
|
||
|
unsigned bytes_left = size;
|
||
|
char buf[buff_size];
|
||
|
int ret = 0;
|
||
|
|
||
|
while (bytes_left) {
|
||
|
fread(buf, sizeof(char), buff_size, in);
|
||
|
if (!feof(in)) {
|
||
|
bytes_left -= fwrite(buf, sizeof(char), buff_size, out);
|
||
|
} else
|
||
|
bytes_left = 0;
|
||
|
}
|
||
|
ret = ferror(in) | ferror(out);
|
||
|
if (ret)
|
||
|
fprintf(stderr, "ERROR: Occured during file concatenation\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
int main(int argc, char *argv[])
|
||
|
{
|
||
|
struct stat s;
|
||
|
unsigned size, base;
|
||
|
int unified_boot = 0;
|
||
|
unsigned unified_boot_magic[20];
|
||
|
unsigned non_unified_boot_magic[10];
|
||
|
unsigned magic_len = 0;
|
||
|
unsigned *magic;
|
||
|
unsigned cert_chain_size = 0;
|
||
|
unsigned signature_size = 0;
|
||
|
int secure_boot = 0;
|
||
|
int fd;
|
||
|
|
||
|
if (argc < 3) {
|
||
|
return print_usage();
|
||
|
}
|
||
|
|
||
|
if (argc == 4) {
|
||
|
if (!strcmp("unified-boot", argv[3])) {
|
||
|
unified_boot = 1;
|
||
|
} else if (!strcmp("secure-boot", argv[3])) {
|
||
|
fprintf(stderr,
|
||
|
"ERROR: Missing arguments: [outbin maxsize] | [outbin, maxsize, certchain, signature + certifcate(s)]\n");
|
||
|
return print_usage();
|
||
|
} else if (!strcmp("unsecure-boot", argv[3])) {
|
||
|
fprintf(stderr,
|
||
|
"ERROR: Missing arguments: outbin directory\n");
|
||
|
return print_usage();
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if (argc > 4) {
|
||
|
if (!strcmp("secure-boot", argv[3])) {
|
||
|
if (argc < 9 && argc != 6) {
|
||
|
fprintf(stderr,
|
||
|
"ERROR: Missing argument(s): [outbin maxsize] | [outbin, maxsize, certchain, signature + certifcate(s)]\n");
|
||
|
return print_usage();
|
||
|
}
|
||
|
secure_boot = 1;
|
||
|
signature_size = 256; //Support SHA 256
|
||
|
cert_chain_size = atoi(argv[5]);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if (stat(argv[1], &s)) {
|
||
|
perror("cannot stat binary");
|
||
|
return -1;
|
||
|
}
|
||
|
|
||
|
if (unified_boot) {
|
||
|
magic = unified_boot_magic;
|
||
|
magic_len = sizeof(unified_boot_magic);
|
||
|
} else {
|
||
|
magic = non_unified_boot_magic;
|
||
|
magic_len = sizeof(non_unified_boot_magic);
|
||
|
}
|
||
|
|
||
|
size = s.st_size;
|
||
|
#if MEMBASE
|
||
|
base = MEMBASE;
|
||
|
#else
|
||
|
base = 0;
|
||
|
#endif
|
||
|
|
||
|
printf("Image Destination Pointer: 0x%x\n", base);
|
||
|
|
||
|
magic[0] = 0x00000005; /* appsbl */
|
||
|
magic[1] = 0x00000003; //Flash_partition_version /* nand */
|
||
|
magic[2] = 0x00000000; //image source pointer
|
||
|
magic[3] = base; //image destination pointer
|
||
|
magic[4] = size + cert_chain_size + signature_size; //image size
|
||
|
magic[5] = size; //code size
|
||
|
magic[6] = base + size;
|
||
|
magic[7] = signature_size;
|
||
|
magic[8] = size + base + signature_size;
|
||
|
magic[9] = cert_chain_size;
|
||
|
|
||
|
if (unified_boot == 1) {
|
||
|
magic[10] = 0x33836685; /* cookie magic number */
|
||
|
magic[11] = 0x00000001; /* cookie version */
|
||
|
magic[12] = 0x00000002; /* file formats */
|
||
|
magic[13] = 0x00000000;
|
||
|
magic[14] = 0x00000000; /* not setting size for boot.img */
|
||
|
magic[15] = 0x00000000;
|
||
|
magic[16] = 0x00000000;
|
||
|
magic[17] = 0x00000000;
|
||
|
magic[18] = 0x00000000;
|
||
|
magic[19] = 0x00000000;
|
||
|
}
|
||
|
|
||
|
fd = open(argv[2], O_WRONLY | O_CREAT | O_TRUNC, 0644);
|
||
|
if (fd < 0) {
|
||
|
perror("cannot open header for writing");
|
||
|
return -1;
|
||
|
}
|
||
|
if (write(fd, magic, magic_len) != magic_len) {
|
||
|
perror("cannot write header");
|
||
|
close(fd);
|
||
|
unlink(argv[2]);
|
||
|
return -1;
|
||
|
}
|
||
|
close(fd);
|
||
|
|
||
|
if (secure_boot && argc > 6) {
|
||
|
FILE *input_file;
|
||
|
FILE *output_file;
|
||
|
unsigned buff_size = 1;
|
||
|
char buf[buff_size];
|
||
|
unsigned bytes_left;
|
||
|
unsigned current_cert_chain_size = 0;
|
||
|
int padding_size = 0;
|
||
|
int i;
|
||
|
|
||
|
if ((output_file = fopen(argv[6], "wb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
printf("Certificate Chain Output File: %s\n", argv[6]);
|
||
|
|
||
|
for (i = 8; i < argc; i++) {
|
||
|
if ((input_file = fopen(argv[i], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[i], &s);
|
||
|
bytes_left = s.st_size;
|
||
|
current_cert_chain_size += bytes_left;
|
||
|
if (cat(input_file, output_file, bytes_left, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
}
|
||
|
|
||
|
//Pad certifcate chain to the max expected size from input
|
||
|
memset(buf, 0xFF, sizeof(buf));
|
||
|
padding_size = cert_chain_size - current_cert_chain_size;
|
||
|
|
||
|
if (padding_size < 0) {
|
||
|
fprintf(stderr,
|
||
|
"ERROR: Input certificate chain (Size=%d) is larger than the maximum specified (Size=%d)\n",
|
||
|
current_cert_chain_size, cert_chain_size);
|
||
|
return -1;
|
||
|
}
|
||
|
|
||
|
bytes_left = (padding_size > 0) ? padding_size : 0;
|
||
|
while (bytes_left) {
|
||
|
if (!ferror(output_file))
|
||
|
bytes_left -=
|
||
|
fwrite(buf, sizeof(buf), buff_size,
|
||
|
output_file);
|
||
|
else {
|
||
|
fprintf(stderr,
|
||
|
"ERROR: Occured during certifcate chain padding\n");
|
||
|
return -1;
|
||
|
}
|
||
|
}
|
||
|
fclose(output_file);
|
||
|
|
||
|
//Concat and combine to signed image. Format [HDR][RAW APPSBOOT][PADDED CERT CHAIN]
|
||
|
if ((output_file = fopen(argv[4], "wb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
printf("Image Output File: %s\n", argv[4]);
|
||
|
|
||
|
//Header
|
||
|
if ((input_file = fopen(argv[2], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[2], &s);
|
||
|
if (cat(input_file, output_file, s.st_size, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
|
||
|
//Raw Appsbl
|
||
|
if ((input_file = fopen(argv[1], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[1], &s);
|
||
|
if (cat(input_file, output_file, s.st_size, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
|
||
|
//Signature
|
||
|
if ((input_file = fopen(argv[7], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[7], &s);
|
||
|
if (cat(input_file, output_file, s.st_size, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
|
||
|
//Certifcate Chain
|
||
|
if ((input_file = fopen(argv[6], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
if (cat
|
||
|
(input_file, output_file,
|
||
|
(current_cert_chain_size + padding_size), buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
|
||
|
fclose(output_file);
|
||
|
|
||
|
} else if (argc == 5 || argc == 6) {
|
||
|
FILE *input_file;
|
||
|
FILE *output_file;
|
||
|
unsigned buff_size = 1;
|
||
|
char buf[buff_size];
|
||
|
|
||
|
//Concat and combine to unsigned image. Format [HDR][RAW APPSBOOT]
|
||
|
if ((output_file = fopen(argv[4], "wb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
printf("Image Output File: %s\n", argv[4]);
|
||
|
|
||
|
//Header
|
||
|
if ((input_file = fopen(argv[2], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[2], &s);
|
||
|
if (cat(input_file, output_file, s.st_size, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
|
||
|
//Raw Appsbl
|
||
|
if ((input_file = fopen(argv[1], "rb")) == NULL) {
|
||
|
perror("ERROR: Occured during fopen");
|
||
|
return -1;
|
||
|
}
|
||
|
stat(argv[1], &s);
|
||
|
if (cat(input_file, output_file, s.st_size, buff_size))
|
||
|
return -1;
|
||
|
fclose(input_file);
|
||
|
fclose(output_file);
|
||
|
}
|
||
|
|
||
|
printf("Done execution\n");
|
||
|
|
||
|
return 0;
|
||
|
}
|