1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (c) 2018, Linaro Limited 4 */ 5 #ifndef __PTA_SYSTEM_H 6 #define __PTA_SYSTEM_H 7 8 /* 9 * Interface to the pseudo TA, which is provides misc. auxiliary services, 10 * extending existing GlobalPlatform Core API 11 */ 12 13 #define PTA_SYSTEM_UUID { 0x3a2f8978, 0x5dc0, 0x11e8, { \ 14 0x9c, 0x2d, 0xfa, 0x7a, 0xe0, 0x1b, 0xbe, 0xbc } } 15 16 /* 17 * Having keys with too few bits impose a potential security risk, hence set a 18 * lower bound of 128 bits. 19 */ 20 #define TA_DERIVED_KEY_MIN_SIZE 16 21 22 /* Same value as max in huk_subkey_derive */ 23 #define TA_DERIVED_KEY_MAX_SIZE 32 24 25 #define TA_DERIVED_EXTRA_DATA_MAX_SIZE 1024 26 27 /* 28 * Add (re-seed) caller-provided entropy to the RNG pool. Keymaster 29 * implementations need to securely mix the provided entropy into their pool, 30 * which also must contain internally-generated entropy from a hardware random 31 * number generator. 32 * 33 * [in] memref[0]: entropy input data 34 */ 35 #define PTA_SYSTEM_ADD_RNG_ENTROPY 0 36 37 /* 38 * Derives a device and TA unique key. The caller can also provide extra data 39 * that will be mixed together with existing device unique properties. If no 40 * extra data is provided, then the derived key will only use device unique 41 * properties and caller TA UUID. 42 * 43 * [in] params[0].memref.buffer Buffer for extra data 44 * [in] params[0].memref.size Size of extra data (max 1024 bytes) 45 * [out] params[1].memref.buffer Buffer for the derived key 46 * [out] params[1].memref.size Size of the derived key (16 to 32 bytes) 47 */ 48 #define PTA_SYSTEM_DERIVE_TA_UNIQUE_KEY 1 49 50 #endif /* __PTA_SYSTEM_H */ 51