SBL SFW中同时使用OTFAD加密和RSA校验的问题

Vinos · ‎07-04-2023

对于SFW来说，可以使用imgtool.py对image加上头和rsa校验尾，如果同时打开了OTFAD，就需要使用image_enc对镜像进行加密。就会产生一个问题：

1、SFW中写固件之前，会检查固件开头的magic位，但此时整个固件都被加密了，这个magic位肯定是不对的。另外，SFW下载完新的固件到Flash的最后还需要从固件的0x100处更新OTFAD Key Blob到Flash的0x40处。所以这两点就暗示了image的头这部分是不能被加密的。

2、所以我将imgtool的header-size从0x400设置为0x1000(因为OTFAD加密的起始地址需要4KB对齐)，OTFAD的加密范围也设置成从0x60101000开始，然后用imgtool.py生成带RSA校验的固件，此时我用image_enc加密image偏移为0x1000后面的部分，前0x1000部分保持不变。但这个时候，SBL中校验RSA又是错的，因为用imgtool.py生成的RSA结果也是从0地址开始校验的，这样一半加密一半不加密肯定会校验错误。

请问有什么解决办法吗？

Vinos · ‎08-03-2023

This is a bug that the SBL/SFW team needs to solve. Currently, RSA and OTFAD cannot be enabled at the same time, which was not considered. To address this, the code of SBL and imgtool.py needs to be modified. I have now added CRC to the header field by myself and made changes to the SFW code, enabling a BootLoader with CRC+OTFAD. This is a temporary solution for me.

元の投稿で解決策を見る

Vinos · ‎08-03-2023

This is a bug that the SBL/SFW team needs to solve. Currently, RSA and OTFAD cannot be enabled at the same time, which was not considered. To address this, the code of SBL and imgtool.py needs to be modified. I have now added CRC to the header field by myself and made changes to the SFW code, enabling a BootLoader with CRC+OTFAD. This is a temporary solution for me.

jingpan · ‎07-14-2023

Hi @Vinos ,

But as the SBL_SFW_UG says the old firmware that receives the new firmware must write
the magic (fixed value, 16 bytes) to the end of slot2 to inform the bootloader that the new firmware has been written to the slot2.

Regards,

Jing

Vinos · ‎07-20-2023

I understand that after writing the new firmware to the corresponding Flash slot in SFW, you need to set the "magic", so SBL will be aware of the new firmware update.

But the "magic" I mentioned above refers to the magic in image's head.This magic bit is used in SFW to determine whether the firmware that the user wants to upgrade is valid or not.

the header is added through imgtool.py,and below is the structure:

 struct image_header {
    uint32_t ih_magic;
    uint32_t ih_load_addr;
    uint16_t ih_hdr_size; /* Size of image header (bytes). */
    uint16_t _pad1;
    uint32_t ih_img_size; /* Does not include header. */
    uint32_t ih_flags;    /* IMAGE_F_[...]. */
    struct image_version {
        uint8_t iv_major;
        uint8_t iv_minor;
        uint16_t iv_revision;
        uint32_t iv_build_num;
	};
    uint32_t _pad2;
};

At the same time, if OTFAD is enabled, imgtool.py will place the OTFAD Key blob at the address 0x100. The compiled image will be placed at 0x400.

If both RSA encryption and OTFAD are enabled, I need to follow these steps: First, use imgtool.py to add the header and RSA verification tail to the image. Next, I use image_enc.exe along with OTFAD's IEK (Image Encryption Key) to encrypt the entire image.

However, according to the SBL and SFW's approach, each image can have a unique OTFAD Key Blob. Therefore, after updating image in SFW, the OTFAD Key Blob located at 0x100 in the image will be written to the SBL's address 0x40 used by BootROM.

The current problem is that before writing a new image to flash, SFW checks the magic bit at offset 0x00 of the image,and after writing a new image,SFW write the OTFAD Key blob at 0x100 to SBL's 0x40. If I encrypt the entire image using image_enc.exe, the magic and OTFAD Key Blob read by SFW at 0x00 and 0x100 respectively will be encrypted, leading to incorrect values. Therefore, based on SFW's logic, the header cannot be encrypted using image_enc.exe.

However, this creates another issue. If I don't encrypt the header, OTFAD Key Blob at 0x40 is correct.But RSA verification in SBL will fail, because the image header is already decrypted, which means OTFAD would be decrypting data that is already in plaintext. On the other hand, if I encrypt this header using image_enc.exe, the OTFAD Key Blob written to 0x40 in SFW will not be correct.