rboot: Add cryptographic digest support for OTA images & SHA256 example

2016-03-23 19:44:27 +11:00 · 2016-03-23 19:44:27 +11:00 · 53b2b50241
commit 53b2b50241
parent 03559de5cb
5 changed files with 88 additions and 6 deletions
--- a/extras/rboot-ota/ota-tftp.c
+++ b/extras/rboot-ota/ota-tftp.c
@ -369,7 +369,9 @@ static err_t tftp_receive_data(struct netconn *nc, size_t write_offs, size_t lim
               it so the client gets an indication if things were successful.
            */
            const char *err = "Unknown validation error";
-            if(!rboot_verify_image(start_offs, *received_len, &err)) {
+            uint32_t image_length;
+            if(!rboot_verify_image(start_offs, &image_length, &err)
+               || image_length != *received_len) {
                tftp_send_error(nc, TFTP_ERR_ILLEGAL, err);
                return ERR_VAL;
            }
--- a/extras/rboot-ota/rboot-api.c
+++ b/extras/rboot-ota/rboot-api.c
@ -355,6 +355,20 @@ bool rboot_verify_image(uint32_t initial_offset, uint32_t *image_length, const c
    return false;
 }

+bool rboot_digest_image(uint32_t offset, uint32_t image_length, rboot_digest_update_fn update_fn, void *update_ctx)
+{
+    uint8_t buf[32] __attribute__((aligned(4)));
+    for(int i = 0; i < image_length; i += sizeof(buf)) {
+        if(sdk_spi_flash_read(offset+i, buf, sizeof(buf)))
+            return false;
+        uint32_t digest_len = sizeof(buf);
+        if(i + digest_len  > image_length)
+            digest_len = image_length - i;
+        update_fn(update_ctx, buf, digest_len);
+    }
+    return true;
+}
+
 #ifdef __cplusplus
 }
 #endif
--- a/extras/rboot-ota/rboot-api.h
+++ b/extras/rboot-ota/rboot-api.h
@ -144,6 +144,33 @@ uint32_t rboot_get_slot_offset(uint8_t slot);
 **/
 bool rboot_verify_image(uint32_t offset, uint32_t *image_length, const char **error_message);

+
+/* @description Digest callback prototype, designed to be compatible with
+   mbedtls digest functions (SHA, MD5, etc.)
+
+   See the ota_basic example to see an example of calculating the
+   SHA256 digest of an OTA image.
+*/
+typedef void (*rboot_digest_update_fn)(void * ctx, void *data, size_t data_len);
+
+/** @description Calculate a digest over the image at the offset specified
+
+    @note This function is actually a generic function that hashes SPI
+   flash contents, doesn't know anything about rboot image format. Use
+   rboot_verify_image to ensure a well-formed OTA image.
+
+   @param offset - Starting offset of image to hash (should be 4 byte aligned.)
+
+   @param image_length - Length of image to hash (should be 4 byte aligned.)
+
+   @param update_fn - Function to update digest (see rboot_digest_update_fn for details)
+
+   @param update_ctx - Context argument for digest update function.
+
+   @return True if digest completes successfully, false if digest function failed part way through
+**/
+bool rboot_digest_image(uint32_t offset, uint32_t image_length, rboot_digest_update_fn update_fn, void *update_ctx);
+
 #ifdef __cplusplus
 }
 #endif