1ff0c5d42SJorge Ramirez-Ortiz /* SPDX-License-Identifier: BSD-2-Clause */ 2ff0c5d42SJorge Ramirez-Ortiz /* 3ff0c5d42SJorge Ramirez-Ortiz * Copyright (C) Foundries Ltd. 2021 - All Rights Reserved 4ff0c5d42SJorge Ramirez-Ortiz * Author: Jorge Ramirez <jorge@foundries.io> 5ff0c5d42SJorge Ramirez-Ortiz */ 6ff0c5d42SJorge Ramirez-Ortiz /* 7ff0c5d42SJorge Ramirez-Ortiz * This is the Cryptographic Secure Element API, part of the Cryptographic 8ff0c5d42SJorge Ramirez-Ortiz * Provider API. 9ff0c5d42SJorge Ramirez-Ortiz * 10ff0c5d42SJorge Ramirez-Ortiz * These requests shall be handled in the secure element normally placed on 11ff0c5d42SJorge Ramirez-Ortiz * a serial communication bus (SPI, I2C). 12ff0c5d42SJorge Ramirez-Ortiz */ 13*fbe66cf8SEtienne Carriere #ifndef __CRYPTO_CRYPTO_SE_H 14*fbe66cf8SEtienne Carriere #define __CRYPTO_CRYPTO_SE_H 15ff0c5d42SJorge Ramirez-Ortiz 16ff0c5d42SJorge Ramirez-Ortiz #include <tee_api_types.h> 17ff0c5d42SJorge Ramirez-Ortiz 18ff0c5d42SJorge Ramirez-Ortiz /* 19b0e1c5e4SJorge Ramirez-Ortiz * Type identifier for the APDU message as described by Smart Card Standard 20b0e1c5e4SJorge Ramirez-Ortiz * ISO7816-4 about ADPU message bodies decoding convention: 21b0e1c5e4SJorge Ramirez-Ortiz * 22b0e1c5e4SJorge Ramirez-Ortiz * https://cardwerk.com/smart-card-standard-iso7816-4-section-5-basic-organizations/#chap5_3_2 23b0e1c5e4SJorge Ramirez-Ortiz */ 24b0e1c5e4SJorge Ramirez-Ortiz enum crypto_apdu_type { 25b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_NO_HINT, 26b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_1, 27b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_2, 28b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_2E, 29b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_3, 30b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_3E, 31b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_4, 32b0e1c5e4SJorge Ramirez-Ortiz CRYPTO_APDU_CASE_4E, 33b0e1c5e4SJorge Ramirez-Ortiz }; 34b0e1c5e4SJorge Ramirez-Ortiz 35b0e1c5e4SJorge Ramirez-Ortiz TEE_Result crypto_se_do_apdu(enum crypto_apdu_type type, 36b0e1c5e4SJorge Ramirez-Ortiz uint8_t *header, size_t hdr_len, 37b0e1c5e4SJorge Ramirez-Ortiz uint8_t *src_data, size_t src_len, 38b0e1c5e4SJorge Ramirez-Ortiz uint8_t *dst_data, size_t *dst_len); 39b0e1c5e4SJorge Ramirez-Ortiz 40b0e1c5e4SJorge Ramirez-Ortiz /* 41ff0c5d42SJorge Ramirez-Ortiz * Enable Secure Channel Protocol 03 to communicate with the Secure Element. 42ff0c5d42SJorge Ramirez-Ortiz * 43ff0c5d42SJorge Ramirez-Ortiz * Since SCP03 uses symmetric encryption, this interface also allows the user to 44ff0c5d42SJorge Ramirez-Ortiz * attempt the rotation the keys stored in the Secure Element. 45ff0c5d42SJorge Ramirez-Ortiz * 46ff0c5d42SJorge Ramirez-Ortiz * https://globalplatform.org/wp-content/uploads/2014/07/GPC_2.3_D_SCP03_v1.1.2_PublicRelease.pdf 47ff0c5d42SJorge Ramirez-Ortiz */ 48ff0c5d42SJorge Ramirez-Ortiz TEE_Result crypto_se_enable_scp03(bool rotate_keys); 49ff0c5d42SJorge Ramirez-Ortiz #endif 50