Merge pull request #18 from gpappasv/feature/security

[bootloader/auth] Adding asymmetric encryption and authentication of fw

Author: gpappasv

README.md

@@ -1,5 +1,5 @@
 # Description of repository
-This is a repository that a custom stm32 bootloader is being developed.
+This is a repository that a custom lightweight stm32 bootloader is being developed.
 
 The bootloader is designed to have an easily portable core, by just replacing the driver layer, with the board specific one.
 The current implementation focuses on the STM32F401RE board.
@@ -14,11 +14,14 @@ The current implementation focuses on the STM32F401RE board.
 # Bootloader features
 - Adaptable application space.
 - Checksum verification, before booting the application.
-- Authentication of the application. (Secure boot)
+- Authentication of the application. (Secure boot). ECDSA is used.
 - Easy to port to other microcontrollers.
 - Recovery mode (firmware update support).
 - Backup image recovery. If the main application is broken, the secondary is tested.
 - Secure communication through the custom communication protocol.
+- Bootloader flash used: ~14.5kB
+
+NOTE: More in-depth documentation about how the bootloader works can be found under **docs**.
 
 # Configuration
 TODO.

projects/app/boards/stm32f401re/STM32F401RETx_FLASH.ld

@@ -59,10 +59,10 @@ _Min_Heap_Size = 0x200;      /* required amount of heap  */
 _Min_Stack_Size = 0x400; /* required amount of stack */
 
 /* Image header info */
-__header_size_bytes__ = 40;
+__header_size_bytes__ = 72;
 __header_crc_size_bytes__ = 4;
 __header_fw_ver_size_bytes__ = 4;
-__header_hash_size_bytes__ = 32;
+__header_hash_size_bytes__ = 64;
 
 /* Primary app info */
 __flash_app_start__ = 0x08008000;

projects/bootloader/CMakeLists.txt

@@ -45,6 +45,7 @@ message(STATUS "CMAKE_TOOLCHAIN_FILE is: ${CMAKE_TOOLCHAIN_FILE}")
 
 # --- HAL drivers ---
 include(${GIT_ROOT_DIR}/projects/bootloader/hal-drivers.cmake)
+include(${GIT_ROOT_DIR}/projects/bootloader/uECC-lib.cmake)
 
 # --- Application code ---
 # List of bootloader's source files
@@ -66,13 +67,16 @@ set(SRC_FILES
     ${GIT_ROOT_DIR}/projects/bootloader/src/drivers/mpu/mpu_driver.c
     ${GIT_ROOT_DIR}/projects/bootloader/src/com_protocol/com_protocol.c
     ${GIT_ROOT_DIR}/projects/bootloader/src/firmware_update/firmware_update.c
+    ${GIT_ROOT_DIR}/projects/bootloader/src/authentication/authentication.c
+    ${GIT_ROOT_DIR}/projects/bootloader/src/authentication/sha256.c
 )
 
 # Build the executable based on the source files
 add_executable(${EXECUTABLE} ${SRC_FILES})
 
 # Link all external libraries to executable
 target_link_libraries(${EXECUTABLE} hal_drivers)
+target_link_libraries(${EXECUTABLE} uECC)
 
 # List of compiler defines, prefix with -D compiler option
 target_compile_definitions(${EXECUTABLE} PRIVATE
@@ -91,6 +95,7 @@ target_include_directories(${EXECUTABLE} PRIVATE
         ${GIT_ROOT_DIR}/projects/bootloader/src/drivers
         ${GIT_ROOT_DIR}/projects/bootloader/src/com_protocol
         ${GIT_ROOT_DIR}/projects/bootloader/src/firmware_update
+        ${GIT_ROOT_DIR}/projects/bootloader/src/authentication
         )
 
 # Compiler options
@@ -104,7 +109,7 @@ target_compile_options(${EXECUTABLE} PRIVATE
         -ffunction-sections
         -fstack-usage
         # Optimise for size
-        #-Os
+        -Os
         )
 
 get_target_property(COMPILE_OPTIONS ${EXECUTABLE} COMPILE_OPTIONS)

projects/bootloader/README.md

@@ -27,4 +27,7 @@ The bootloader software architecture can be found under docs, in high level desi
 is that, changing the implementations under src/drivers to be compatible with another device, should make the porting
 of the bootloader smooth.
 
-TODO: GPA: provide a full bootloader architecture documentation when finished!
+TODO: GPA: provide a full bootloader architecture documentation when finished!
+
+# Steps to use the bootloader security features (authentication)
+

projects/bootloader/boards/stm32f401re/STM32F401RETx_FLASH.ld

@@ -59,10 +59,10 @@ _Min_Heap_Size = 0x200;      /* required amount of heap  */
 _Min_Stack_Size = 0x400; /* required amount of stack */
 
 /* Image header info; This should be used as is */
-__header_size_bytes__ = 40;
+__header_size_bytes__ = 72;
 __header_crc_size_bytes__ = 4;
 __header_fw_ver_size_bytes__ = 4;
-__header_hash_size_bytes__ = 32;
+__header_hash_size_bytes__ = 64;
 
 /* Primary app info; This should be adjusted based on the app needs */
 __flash_app_start__ = 0x08008000;

projects/bootloader/hal-drivers.cmake

@@ -42,7 +42,9 @@ target_compile_options(hal_drivers PRIVATE -Wno-unused-parameter -mthumb
         -Wextra
         -fdata-sections
         -ffunction-sections
-        -fstack-usage)
+        -fstack-usage
+        -Os
+        )
 
 target_link_options(hal_drivers PRIVATE
         -T${LINKER_FILE}

projects/bootloader/src/authentication/authentication.c

@@ -0,0 +1,78 @@
+/**
+ * @file authentication.c
+ * @brief This module is about the authentication of the bootloader. It provides the necessary functions to authenticate
+ * the application image. The Elliptic Curve Digital Signature Algorithm (ECDSA) is used to sign the application.
+ * The public key is stored in the bootloader, and the signature is stored in the application image. The bootloader
+ * will verify the signature of the application image before jumping to it.
+ *
+ * The implementation of the ECDSA is not hardware accelerated.
+ * @version 0.1
+ * @date 2024-07-06
+ *
+ * @copyright Copyright (c) 2024
+ *
+ */
+
+// --- includes --------------------------------------------------------------------------------------------------------
+#include "authentication.h"
+
+#include "ecdsa_pub_key.h"
+#include "uECC.h"
+#include "sha256.h"
+
+#include <stdint.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdbool.h>
+
+// --- external variables ----------------------------------------------------------------------------------------------
+extern const uint8_t ecdsa_public_key[];
+
+// --- function definitions --------------------------------------------------------------------------------------------
+/**
+ * @brief Function to verify the signature of the application image. The signature is verified using the ECDSA
+ * algorithm.
+ *
+ * @param app_image_start_addr The start address of the application image.
+ * @param app_image_size_bytes The size of the application image in bytes.
+ * @param signature The signature of the application image.
+ *
+ * @return true The signature is valid.
+ * @return false The signature is invalid.
+ */
+bool
+authenticate_application(uint32_t app_image_start_addr, uint32_t app_image_size_bytes, const uint8_t *signature)
+{
+
+    // Calculate the SHA-256 hash of the application image
+    SHA256_CTX ctx;
+    BYTE       hash[SHA256_BLOCK_SIZE];
+
+    sha256_init(&ctx);
+    sha256_update(&ctx, (const BYTE *)app_image_start_addr, app_image_size_bytes);
+    sha256_final(&ctx, hash);
+
+    // First check if public key is valid
+    if (!uECC_valid_public_key(ecdsa_public_key, uECC_secp256r1()))
+    {
+        return false;
+    }
+
+    // Verify the signature using the ECDSA algorithm
+    int ret = uECC_verify(ecdsa_public_key, hash, sizeof(hash), signature, uECC_secp256r1());
+
+    // True if the signature is valid
+    return ret == 1;
+}
+
+/**
+ * @brief Function to get the public key used for verifying the signature of the application image. The public key is
+ * stored in the bootloader.
+ *
+ * @return uint8_t* The public key used for verifying the signature.
+ */
+const uint8_t *
+get_public_key(void)
+{
+    return ecdsa_public_key;
+}

projects/bootloader/src/authentication/authentication.h

@@ -0,0 +1,42 @@
+/**
+ * @file authentication.h
+ * @brief This module is about the authentication of the bootloader. It provides the necessary functions to authenticate
+ *       the application image. The Elliptic Curve Digital Signature Algorithm (ECDSA) is used to sign the application.
+ *       The public key is stored in the bootloader, and the signature is stored in the application image. The
+ * bootloader will verify the signature of the application image before jumping to it.
+ *
+ *       The implementation of the ECDSA is not hardware accelerated.
+ * @version 0.1
+ * @date 2024-07-06
+ *
+ * @copyright Copyright (c) 2024
+ *
+ */
+
+// --- includes --------------------------------------------------------------------------------------------------------
+#include <stdint.h>
+#include <stdbool.h>
+
+// --- function declarations -------------------------------------------------------------------------------------------
+/**
+ * @brief Function to verify the signature of the application image. The signature is verified using the ECDSA
+ * algorithm.
+ *
+ * @param app_image_start_addr: The start address of the application image.
+ * @param app_image_size_bytes: The size of the application image in bytes.
+ * @param signature: The signature of the application image.
+ *
+ * @return true: The signature is valid.
+ * @return false: The signature is invalid.
+ */
+bool authenticate_application(uint32_t       app_image_start_addr,
+                              uint32_t       app_image_size_bytes,
+                              const uint8_t *der_signature);
+
+/**
+ * @brief Function to get the public key used for verifying the signature of the application image. The public key is
+ *        stored in the bootloader.
+ *
+ * @return uint8_t*: The public key used for verifying the signature.
+ */
+const uint8_t *get_public_key(void);

projects/bootloader/src/authentication/ecdsa_pub_key.h

@@ -0,0 +1,22 @@
+
+/**
+ * @file ecdsa_pub_key.h
+ * @brief ECDSA public key in C array format
+ * @version 0.1
+ * @date 2024-06-09
+ *
+ * @copyright Copyright (c) 2024
+ *
+ */
+#ifndef ECDSA_PUB_KEY_H
+#define ECDSA_PUB_KEY_H
+
+// --- includes --------------------------------------------------------------------------------------------------------
+#include <stdint.h>
+
+// --- constants -------------------------------------------------------------------------------------------------------
+const uint8_t ecdsa_public_key[] = {
+    0x4D, 0xD9, 0x40, 0x4C, 0x97, 0xF7, 0x53, 0x9D, 0xEA, 0x4C, 0xCC, 0x8B, 0xB9, 0x12, 0x60, 0xED, 0x35, 0xC1, 0x24, 0xB7, 0x0C, 0xDD, 0xFC, 0x1A, 0xAC, 0x4B, 0x80, 0x4B, 0xE6, 0xFA, 0xAB, 0xA0, 0x74, 0xC4, 0xBA, 0x52, 0x2D, 0x6E, 0xB5, 0x07, 0x51, 0x0F, 0x2D, 0x4D, 0x10, 0xD2, 0xC7, 0x75, 0xAC, 0x92, 0x72, 0x61, 0xA8, 0xDD, 0x96, 0xD2, 0x47, 0xAC, 0x33, 0xBB, 0x5E, 0x26, 0x3F, 0xA8
+};
+
+#endif // ECDSA_PUB_KEY_H