sys/riotboot: add initial image digest verification

sys/include/riotboot/flashwrite.h

@@ -169,6 +169,20 @@ static inline int riotboot_flashwrite_finish(riotboot_flashwrite_t *state)
  */
 size_t riotboot_flashwrite_slotsize(const riotboot_flashwrite_t *state);
 
+/**
+ * @brief       Verify the digest of an image
+ *
+ * @param[in]   sha256_digest   content of the image digest
+ * @param[in]   img_size        the size of the image
+ * @param[in]   target_slot     the image slot number
+ *
+ * @returns     -1 when image is too small
+ * @returns     0 if the digest is valid
+ * @returns     1 if the digest is invalid
+ */
+int riotboot_flashwrite_verify_sha256(const uint8_t *sha256_digest,
+                                      size_t img_size, int target_slot);
+
 #ifdef __cplusplus
 }
 #endif

sys/riotboot/flashwrite_verify_sha256.c

@@ -0,0 +1,57 @@
+/*
+ * Copyright (C) 2019 Inria
+ *               2019 Freie Universität Berlin
+ *               2019 Kaspar Schleiser <[email protected]>
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     sys_riotboot_flashwrite
+ * @{
+ *
+ * @file
+ * @brief       Firmware update sha256 verification helper functions
+ *
+ * @author      Kaspar Schleiser <[email protected]>
+ *
+ * @}
+ */
+
+#include <stdint.h>
+#include <string.h>
+
+#include "hashes/sha256.h"
+#include "log.h"
+#include "riotboot/slot.h"
+
+int riotboot_flashwrite_verify_sha256(const uint8_t *sha256_digest, size_t img_len, int target_slot)
+{
+    char digest[SHA256_DIGEST_LENGTH];
+
+    sha256_context_t sha256;
+
+    if (img_len < 4) {
+        LOG_INFO("riotboot: verify_sha256(): image too small\n");
+        return -1;
+    }
+
+    uint8_t *img_start = (uint8_t *)riotboot_slot_get_hdr(target_slot);
+
+    LOG_INFO("riotboot: verifying digest at %p (img at: %p size: %u)\n", sha256_digest, img_start, img_len);
+
+    sha256_init(&sha256);
+
+    /* add RIOTBOOT_MAGIC since it isn't written into flash until
+     * riotboot_flashwrite_finish()" */
+    sha256_update(&sha256, "RIOT", 4);
+
+    /* account for injected RIOTBOOT_MAGIC by skipping RIOTBOOT_MAGIC_LEN */
+    sha256_update(&sha256, img_start + 4, img_len - 4);
+
+    sha256_final(&sha256, digest);
+
+    return memcmp(sha256_digest, digest, SHA256_DIGEST_LENGTH) != 0;
+}