diff options
author | Ji Luo <ji.luo@nxp.com> | 2019-08-27 15:41:57 +0800 |
---|---|---|
committer | Ji Luo <ji.luo@nxp.com> | 2022-04-18 16:40:08 +0800 |
commit | 3e32922e4e547fa2ac47399d2a044dcc4eac4fb8 (patch) | |
tree | 0feb989f74839f7c0e5453db1b4070efd0844f71 | |
parent | 0c13c04dbbb012ed58c43975afcc08f23a368fc6 (diff) |
MA-15360 Verify vbmeta public key for non-trusty devices
Don't skip vbmeta public key verify for non-trusty
platforms.
Test: boot on imx8mm.
Change-Id: I4712e5dd6e5c8848468e9d85c6b38eb5fb11377f
Signed-off-by: Ji Luo <ji.luo@nxp.com>
(cherry picked from commit 9b8264c89ccb3e9179a438e428ad79d72c7efe9b)
(cherry picked from commit 75d9dfb2474d03bd83a5b4d3f03d0a5cea6ea25d)
(cherry picked from commit cb6582267a1d7659af5d12ae49fc088546cdef5a)
-rw-r--r-- | lib/avb/fsl/fsl_avb.c | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/lib/avb/fsl/fsl_avb.c b/lib/avb/fsl/fsl_avb.c index a279b358474..3f6cc71b0a9 100644 --- a/lib/avb/fsl/fsl_avb.c +++ b/lib/avb/fsl/fsl_avb.c @@ -833,17 +833,28 @@ fail: #endif /* CONFIG_IMX_TRUSTY_OS */ } #else /* AVB_RPMB */ -/* - * In no security enhanced ARM64, we cannot protect public key. - * So that we choose to trust the key from vbmeta image - */ AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, const uint8_t* public_key_data, size_t public_key_length, const uint8_t* public_key_metadata, size_t public_key_metadata_length, bool* out_is_trusted) { - *out_is_trusted = true; + assert(ops != NULL && out_is_trusted != NULL); + + /* match given public key */ + if (memcmp(fsl_public_key, public_key_data, public_key_length)) { + ERR("public key not match\n"); + *out_is_trusted = false; + } else + *out_is_trusted = true; + + /* We're not going to return error code when public key + * verify fail because it will abort the following avb + * verify process even we allow the verification error. + * Return AVB_IO_RESULT_OK and keep the 'out_is_trusted' + * as false, avb will handle the error depends on the + * 'allow_verification_error' flag. + */ return AVB_IO_RESULT_OK; } |