TEST/ZStack-2.5.1a/Projects/zstack/OTA/Source/ota_signature.c

/******************************************************************************
  Filename:       ota_signature.c
  Revised:        $Date: 2011-07-15 18:31:00 -0700 (Fri, 15 Jul 2011) $
  Revision:       $Revision: 26808 $

  Description:    This file contains code to calculate and verify OTA
                  signatures based on teh MMO AES Hash function.


  Copyright 2010-2011 Texas Instruments Incorporated. All rights reserved.

  IMPORTANT: Your use of this Software is limited to those specific rights
  granted under the terms of a software license agreement between the user
  who downloaded the software, his/her employer (which must be your employer)
  and Texas Instruments Incorporated (the "License").  You may not use this
  Software unless you agree to abide by the terms of the License. The License
  limits your use, and you acknowledge, that the Software may not be modified,
  copied or distributed unless embedded on a Texas Instruments microcontroller
  or used solely and exclusively in conjunction with a Texas Instruments radio
  frequency transceiver, which is integrated into your product. Other than for
  the foregoing purpose, you may not use, reproduce, copy, prepare derivative
  works of, modify, distribute, perform, display or sell this Software and/or
  its documentation for any purpose.

  YOU FURTHER ACKNOWLEDGE AND AGREE THAT THE SOFTWARE AND DOCUMENTATION ARE
  PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
  INCLUDING WITHOUT LIMITATION, ANY WARRANTY OF MERCHANTABILITY, TITLE,
  NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL
  TEXAS INSTRUMENTS OR ITS LICENSORS BE LIABLE OR OBLIGATED UNDER CONTRACT,
  NEGLIGENCE, STRICT LIABILITY, CONTRIBUTION, BREACH OF WARRANTY, OR OTHER
  LEGAL EQUITABLE THEORY ANY DIRECT OR INDIRECT DAMAGES OR EXPENSES
  INCLUDING BUT NOT LIMITED TO ANY INCIDENTAL, SPECIAL, INDIRECT, PUNITIVE
  OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR LOST DATA, COST OF PROCUREMENT
  OF SUBSTITUTE GOODS, TECHNOLOGY, SERVICES, OR ANY CLAIMS BY THIRD PARTIES
  (INCLUDING BUT NOT LIMITED TO ANY DEFENSE THEREOF), OR OTHER SIMILAR COSTS.

  Should you have any questions regarding your right to use this Software,
  contact Texas Instruments Incorporated at www.TI.com.
******************************************************************************/

#include "hal_types.h"
#include "ota_common.h"
#include "ota_signature.h"
#include "eccapi.h"

#ifdef _WIN32
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define osal_memset  memset
#define osal_memcpy  memcpy
#define osal_strlen  strlen
#include "aes.h"
#define ssp_HW_KeyInit(a)
#else
#include "osal.h"
#include "hal_aes.h"
#include "ssp_hash.h"
#include "ZGlobals.h"
#include "zcl.h"
#include "OSAL_Nv.h"
#endif

static void OTA_AesHashBlock(uint8 *pHash, uint8 *pData);
static void OTA_XorBlock(uint8 *pHash, uint8 *pData);
static int OTA_ValidateHashFunc(uint8 *digest, uint32 len, uint8 *data);

/******************************************************************************
 * @fn      OTA_AesHashBlock
 *
 * @brief   This function performs the AES MMO Hash on a block of data
 *
 * @param   pHash - Pointer to hash
 *          pData - pointer to data
 *
 * @return  none
 */
void OTA_AesHashBlock(uint8 *pHash, uint8 *pData)
{
  uint8 key[OTA_MMO_HASH_SIZE];

  osal_memcpy(key, pHash, OTA_MMO_HASH_SIZE);
  osal_memcpy(pHash, pData, OTA_MMO_HASH_SIZE);
  ssp_HW_KeyInit(key);
  sspAesEncryptHW(key, pHash);
  OTA_XorBlock(pHash, pData);
}

/******************************************************************************
 * @fn      OTA_XorBlock
 *
 * @brief   This function exclusive ORs a block of hash and data and puts the
 *          result into the hash.
 *
 * @param   pHash - Pointer to hash
 *          pData - pointer to data
 *
 * @return  none
 */
void OTA_XorBlock(uint8 *pHash, uint8 *pData)
{
  uint8 i;

  for (i=0; i < OTA_MMO_HASH_SIZE; i++)
  {
    pHash[i] ^= pData[i];
  }
}

/******************************************************************************
 * @fn      OTA_CalculateMmoR3
 *
 * @brief   This function calcualtes a MMO (revision 3) Hash of an OTA Image
 *          The hash must cover the entire image, but the data is received in
 *          smaller blocks.  State information about the hash is passed into
 *          this function with each block of data.
 *
 * @param   pCtrl - The control structure to calculate the MMO AES Hash
 *          pData - A block of data (must be OTA_MMO_HASH_SIZE bytes except for last block)
 *          len - The length of pData (ignored except when lastBlock = TRUE)
 *          lastBlock - Indicates this is the last block of data to be hashed
 *
 * @return  none
 */
void OTA_CalculateMmoR3(OTA_MmoCtrl_t *pCtrl, uint8 *pData, uint8 len, uint8 lastBlock)
{
  if (lastBlock)
  {
    uint32 m = (pCtrl->length + len) << 3;
    uint8 ending[OTA_MMO_HASH_SIZE];

    osal_memset(ending, 0, OTA_MMO_HASH_SIZE);

    if ( len >= OTA_MMO_HASH_SIZE )
    {
      len = OTA_MMO_HASH_SIZE - 1;
    }
    if (len)
    {
      osal_memcpy(ending, pData, len);
    }
    ending[len] = 0x80;

    // Different endings are required depending on total length
    if (m < 0x00010000)
    {
      if(len > 13)
      {
        OTA_AesHashBlock(pCtrl->hash, ending);
        osal_memset(ending, 0, OTA_MMO_HASH_SIZE);
      }

      ending[14] = (uint8)((m >> 8) &0xFF);
      ending[15] = (uint8)(m & 0xFF);

      OTA_AesHashBlock(pCtrl->hash, ending);
    }
    else
    {
      if (len > 9)
      {
        OTA_AesHashBlock(pCtrl->hash, ending);
        osal_memset(ending, 0, OTA_MMO_HASH_SIZE);
      }

      ending[10] = (uint8)((m >> 24) & 0xFF);
      ending[11] = (uint8)((m >> 16) & 0xFF);
      ending[12] = (uint8)((m >> 8) & 0xFF);
      ending[13] = (uint8)(m & 0xFF);

      OTA_AesHashBlock(pCtrl->hash, ending);
    }
  }
  else
  {
    OTA_AesHashBlock(pCtrl->hash, pData);
    pCtrl->length += OTA_MMO_HASH_SIZE;
  }
}

#if defined (ZCL_KEY_ESTABLISH)
/******************************************************************************
 * @fn      OTA_ValidateHashFunc
 *
 * @brief   This function is a hash function used by the ZSE_ECDSAVerify.
 *
 * @param   digest - Buffer to hold the digest
 *          len - The length of the digest
 *          data - Buffer with the data
 *
 * @return  Status of the operation
 */
static int OTA_ValidateHashFunc(uint8 *digest, uint32 len, uint8 *data)
{
  len *= 8;  // Convert to bit length

  sspMMOHash( NULL, 0, data, (uint16)len, digest );

  return MCE_SUCCESS;
}
#endif

/******************************************************************************
 * @fn      OTA_ValidateSignature
 *
 * @brief   This function validates an ECDSA Signature.
 *
 * @param   pHash - The digest created from the OTA Image
 *          pCert - The Signer Certificate
 *          pSig - The signature from the OTA Image
 *          pIEEE - The Signer IEEE
 *
 * @return  none
 */
uint8 OTA_ValidateSignature(uint8 *pHash, uint8* pCert, uint8 *pSig, uint8 *pIEEE)
{
#if defined (ZCL_KEY_ESTABLISH)
  uint8 publicKey[SECT163K1_COMPRESSED_PUBLIC_KEY_SIZE];
  uint8 ret;
  uint8 *caPublicKey;

  if ((caPublicKey = osal_mem_alloc(ZCL_KE_CA_PUBLIC_KEY_LEN)) == NULL)
  {
    return ZCL_STATUS_SOFTWARE_FAILURE;  // Memory allocation failure.
  }
  osal_nv_read(ZCD_NV_CA_PUBLIC_KEY, 0, ZCL_KE_CA_PUBLIC_KEY_LEN, caPublicKey);

  ret = ZSE_ECQVReconstructPublicKey(pCert, caPublicKey, publicKey,
                                     OTA_ValidateHashFunc, NULL, 0);
  osal_mem_free(caPublicKey);

  if ( ret == MCE_SUCCESS )
  {
    ret = ZSE_ECDSAVerify(publicKey, pHash, pSig,
                          pSig + SECT163K1_POINT_ORDER_SIZE,
                          NULL, 0 );

    if ( ret == MCE_SUCCESS )
    {
      return ZSuccess;
    }
  }

  return ZFailure;
#else
  return ZSuccess;
#endif
}