xref: /optee_os/core/include/signed_hdr.h (revision 064663e8bd2781d693bc04b6118efa3bbf5ee9c2) 
1bc420748SJens Wiklander /*
2bc420748SJens Wiklander  * Copyright (c) 2015, Linaro Limited
3bc420748SJens Wiklander  * All rights reserved.
4bc420748SJens Wiklander  *
5bc420748SJens Wiklander  * Redistribution and use in source and binary forms, with or without
6bc420748SJens Wiklander  * modification, are permitted provided that the following conditions are met:
7bc420748SJens Wiklander  *
8bc420748SJens Wiklander  * 1. Redistributions of source code must retain the above copyright notice,
9bc420748SJens Wiklander  * this list of conditions and the following disclaimer.
10bc420748SJens Wiklander  *
11bc420748SJens Wiklander  * 2. Redistributions in binary form must reproduce the above copyright notice,
12bc420748SJens Wiklander  * this list of conditions and the following disclaimer in the documentation
13bc420748SJens Wiklander  * and/or other materials provided with the distribution.
14bc420748SJens Wiklander  *
15bc420748SJens Wiklander  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
16bc420748SJens Wiklander  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17bc420748SJens Wiklander  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18bc420748SJens Wiklander  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
19bc420748SJens Wiklander  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20bc420748SJens Wiklander  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21bc420748SJens Wiklander  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22bc420748SJens Wiklander  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23bc420748SJens Wiklander  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24bc420748SJens Wiklander  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
25bc420748SJens Wiklander  * POSSIBILITY OF SUCH DAMAGE.
26bc420748SJens Wiklander  */
27bc420748SJens Wiklander #ifndef SIGNED_HDR_H
28bc420748SJens Wiklander #define SIGNED_HDR_H
29bc420748SJens Wiklander 
3092ea2867SJens Wiklander #include <inttypes.h>
3182b5346dSJens Wiklander #include <tee_api_types.h>
32*064663e8SJens Wiklander #include <stdlib.h>
33bc420748SJens Wiklander 
34bc420748SJens Wiklander enum shdr_img_type {
35bc420748SJens Wiklander 	SHDR_TA = 0,
3682b5346dSJens Wiklander 	SHDR_BOOTSTRAP_TA = 1,
37bc420748SJens Wiklander };
38bc420748SJens Wiklander 
39bc420748SJens Wiklander #define SHDR_MAGIC	0x4f545348
40bc420748SJens Wiklander 
41bc420748SJens Wiklander /**
42bc420748SJens Wiklander  * struct shdr - signed header
43bc420748SJens Wiklander  * @magic:	magic number must match SHDR_MAGIC
44bc420748SJens Wiklander  * @img_type:	image type, values defined by enum shdr_img_type
45bc420748SJens Wiklander  * @img_size:	image size in bytes
46bc420748SJens Wiklander  * @algo:	algorithm, defined by public key algorithms TEE_ALG_*
47bc420748SJens Wiklander  *		from TEE Internal API specification
48bc420748SJens Wiklander  * @hash_size:	size of the signed hash
49bc420748SJens Wiklander  * @sig_size:	size of the signature
50bc420748SJens Wiklander  * @hash:	hash of an image
51bc420748SJens Wiklander  * @sig:	signature of @hash
52bc420748SJens Wiklander  */
53bc420748SJens Wiklander struct shdr {
54bc420748SJens Wiklander 	uint32_t magic;
55bc420748SJens Wiklander 	uint32_t img_type;
56bc420748SJens Wiklander 	uint32_t img_size;
57bc420748SJens Wiklander 	uint32_t algo;
58bc420748SJens Wiklander 	uint16_t hash_size;
59bc420748SJens Wiklander 	uint16_t sig_size;
60bc420748SJens Wiklander 	/*
61bc420748SJens Wiklander 	 * Commented out element used to visualize the layout dynamic part
62bc420748SJens Wiklander 	 * of the struct.
63bc420748SJens Wiklander 	 *
64bc420748SJens Wiklander 	 * hash is accessed through the macro SHDR_GET_HASH and
65bc420748SJens Wiklander 	 * signature is accessed through the macro SHDR_GET_SIG
66bc420748SJens Wiklander 	 *
67bc420748SJens Wiklander 	 * uint8_t hash[hash_size];
68bc420748SJens Wiklander 	 * uint8_t sig[sig_size];
69bc420748SJens Wiklander 	 */
70bc420748SJens Wiklander };
71bc420748SJens Wiklander 
72bc420748SJens Wiklander #define SHDR_GET_SIZE(x)	(sizeof(struct shdr) + (x)->hash_size + \
73bc420748SJens Wiklander 				 (x)->sig_size)
74bc420748SJens Wiklander #define SHDR_GET_HASH(x)	(uint8_t *)(((struct shdr *)(x)) + 1)
75bc420748SJens Wiklander #define SHDR_GET_SIG(x)		(SHDR_GET_HASH(x) + (x)->hash_size)
76bc420748SJens Wiklander 
7782b5346dSJens Wiklander struct shdr_bootstrap_ta {
7882b5346dSJens Wiklander 	uint8_t uuid[sizeof(TEE_UUID)];
7982b5346dSJens Wiklander 	uint32_t version;
8082b5346dSJens Wiklander };
8182b5346dSJens Wiklander 
82*064663e8SJens Wiklander /*
83*064663e8SJens Wiklander  * Allocates a struct shdr large enough to hold the entire header,
84*064663e8SJens Wiklander  * excluding a subheader like struct shdr_bootstrap_ta.
85*064663e8SJens Wiklander  */
86*064663e8SJens Wiklander struct shdr *shdr_alloc_and_copy(const struct shdr *img, size_t img_size);
87bc420748SJens Wiklander 
88*064663e8SJens Wiklander /* Frees a previously allocated struct shdr */
89*064663e8SJens Wiklander static inline void shdr_free(struct shdr *shdr)
90*064663e8SJens Wiklander {
91*064663e8SJens Wiklander 	free(shdr);
92*064663e8SJens Wiklander }
93*064663e8SJens Wiklander 
94*064663e8SJens Wiklander /*
95*064663e8SJens Wiklander  * Verifies the signature in the @shdr.
96*064663e8SJens Wiklander  *
97*064663e8SJens Wiklander  * Note that the static part of struct shdr and payload still need to be
98*064663e8SJens Wiklander  * checked against the hash contained in the header.
99*064663e8SJens Wiklander  *
100*064663e8SJens Wiklander  * Returns TEE_SUCCESS on success or TEE_ERROR_SECURITY on failure
101*064663e8SJens Wiklander  */
102*064663e8SJens Wiklander TEE_Result shdr_verify_signature(const struct shdr *shdr);
103*064663e8SJens Wiklander 
104*064663e8SJens Wiklander #endif /*SIGNED_HDR_H*/
105