[mynewt-artifact] 02/03: image: Functions to decrypt hw-encrypted images

Fri, 28 Feb 2020 16:45:41 -0800 

This is an automated email from the ASF dual-hosted git repository.

ccollins pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-artifact.git

commit c1233d06be5faa00caff00a65ed97d6c9ac2331d
Author: Christopher Collins <ccoll...@apache.org>
AuthorDate: Fri Feb 21 16:49:05 2020 -0800

    image: Functions to decrypt hw-encrypted images
    
    "Hardware-encrypted images" are images that run on devices capable of
    on-the-fly decryption.  These images differ from regular encrypted
    images in the following ways:
        * Contain some extra TLVs (nonce, secret ID)
        * The hash is of the *encrypted* image
---
 image/image.go | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/image/image.go b/image/image.go
index c543cd3..f7ef6e6 100644
--- a/image/image.go
+++ b/image/image.go
@@ -388,11 +388,17 @@ func (i *Image) RemoveProtTlvsIf(pred func(tlv ImageTlv) 
bool) []ImageTlv {
                if pred(tlv) {
                        rmed = append(rmed, tlv)
                        i.ProtTlvs = append(i.ProtTlvs[:idx], 
i.ProtTlvs[idx+1:]...)
+
+                       i.Header.ProtSz -= uint16(IMAGE_TLV_SIZE + 
len(tlv.Data))
                } else {
                        idx++
                }
        }
 
+       if len(i.ProtTlvs) == 0 {
+               i.Header.ProtSz = 0
+       }
+
        return rmed
 }
 
@@ -725,6 +731,45 @@ func Decrypt(img Image, privEncKey sec.PrivEncKey) (Image, 
error) {
        return dup, nil
 }
 
+// DecryptHw decrypts a hardware-encrypted image.  It does NOT strip the
+// "nonce" or "secret ID" protected TLVs.
+func DecryptHw(img Image, secret []byte) (Image, error) {
+       dup := img.Clone()
+
+       tlvs := dup.FindProtTlvs(IMAGE_TLV_AES_NONCE)
+       if len(tlvs) != 1 {
+               return dup, errors.Errorf(
+                       "failed to decrypt hw-encrypted image: "+
+                               "wrong count of AES nonce TLVs; have=%d 
want=1", len(tlvs))
+       }
+       nonce := tlvs[0].Data
+
+       body, err := sec.EncryptAES(dup.Body, secret, nonce)
+       if err != nil {
+               return dup, err
+       }
+
+       dup.Body = body
+
+       return dup, nil
+}
+
+// DecryptHw decrypts a hardware-encrypted image and strips the "nonce" and
+// "secret ID" protected TLVs.
+func DecryptHwFull(img Image, secret []byte) (Image, error) {
+       var err error
+
+       img, err = DecryptHw(img, secret)
+       if err != nil {
+               return img, err
+       }
+
+       img.RemoveProtTlvsWithType(IMAGE_TLV_AES_NONCE)
+       img.RemoveProtTlvsWithType(IMAGE_TLV_SECRET_ID)
+
+       return img, nil
+}
+
 // IsEncrypted indicates whether an image's "encrypted" flag is set.
 func (img *Image) IsEncrypted() bool {
        return img.Header.Flags&IMAGE_F_ENCRYPTED != 0

Reply via email to