xref: /rk3399_ARM-atf/include/drivers/auth/auth_common.h (revision 51faada71a219a8b94cd8d8e423f0f22e9da4d8f) 
1 /*
2  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  * Redistributions of source code must retain the above copyright notice, this
8  * list of conditions and the following disclaimer.
9  *
10  * Redistributions in binary form must reproduce the above copyright notice,
11  * this list of conditions and the following disclaimer in the documentation
12  * and/or other materials provided with the distribution.
13  *
14  * Neither the name of ARM nor the names of its contributors may be used
15  * to endorse or promote products derived from this software without specific
16  * prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  * POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #ifndef __AUTH_COMMON_H__
32 #define __AUTH_COMMON_H__
33 
34 /*
35  * Authentication framework common types
36  */
37 
38 /*
39  * Type of parameters that can be extracted from an image and
40  * used for authentication
41  */
42 typedef enum auth_param_type_enum {
43 	AUTH_PARAM_NONE,
44 	AUTH_PARAM_RAW_DATA,		/* Raw image data */
45 	AUTH_PARAM_SIG,			/* The image signature */
46 	AUTH_PARAM_SIG_ALG,		/* The image signature algorithm */
47 	AUTH_PARAM_HASH,		/* A hash (including the algorithm) */
48 	AUTH_PARAM_PUB_KEY,		/* A public key */
49 	AUTH_PARAM_NV_CTR,		/* A non-volatile counter */
50 } auth_param_type_t;
51 
52 /*
53  * Defines an authentication parameter. The cookie will be interpreted by the
54  * image parser module.
55  */
56 typedef struct auth_param_type_desc_s {
57 	auth_param_type_t type;
58 	void *cookie;
59 } auth_param_type_desc_t;
60 
61 /*
62  * Store a pointer to the authentication parameter and its length
63  */
64 typedef struct auth_param_data_desc_s {
65 	void *ptr;
66 	unsigned int len;
67 } auth_param_data_desc_t;
68 
69 /*
70  * Authentication parameter descriptor, including type and value
71  */
72 typedef struct auth_param_desc_s {
73 	auth_param_type_desc_t *type_desc;
74 	auth_param_data_desc_t data;
75 } auth_param_desc_t;
76 
77 /*
78  * The method type defines how an image is authenticated
79  */
80 typedef enum auth_method_type_enum {
81 	AUTH_METHOD_NONE = 0,
82 	AUTH_METHOD_HASH,	/* Authenticate by hash matching */
83 	AUTH_METHOD_SIG,	/* Authenticate by PK operation */
84 	AUTH_METHOD_NV_CTR,	/* Authenticate by Non-Volatile Counter */
85 	AUTH_METHOD_NUM 	/* Number of methods */
86 } auth_method_type_t;
87 
88 /*
89  * Parameters for authentication by hash matching
90  */
91 typedef struct auth_method_param_hash_s {
92 	auth_param_type_desc_t *data;	/* Data to hash */
93 	auth_param_type_desc_t *hash;	/* Hash to match with */
94 } auth_method_param_hash_t;
95 
96 /*
97  * Parameters for authentication by signature
98  */
99 typedef struct auth_method_param_sig_s {
100 	auth_param_type_desc_t *pk;	/* Public key */
101 	auth_param_type_desc_t *sig;	/* Signature to check */
102 	auth_param_type_desc_t *alg;	/* Signature algorithm */
103 	auth_param_type_desc_t *data;	/* Data signed */
104 } auth_method_param_sig_t;
105 
106 /*
107  * Parameters for authentication by NV counter
108  */
109 typedef struct auth_method_param_nv_ctr_s {
110 	auth_param_type_desc_t *cert_nv_ctr;	/* NV counter in certificate */
111 	auth_param_type_desc_t *plat_nv_ctr;	/* NV counter in platform */
112 } auth_method_param_nv_ctr_t;
113 
114 /*
115  * Authentication method descriptor
116  */
117 typedef struct auth_method_desc_s {
118 	auth_method_type_t type;
119 	union {
120 		auth_method_param_hash_t hash;
121 		auth_method_param_sig_t sig;
122 		auth_method_param_nv_ctr_t nv_ctr;
123 	} param;
124 } auth_method_desc_t;
125 
126 /*
127  * Helper macro to define an authentication parameter type descriptor
128  */
129 #define AUTH_PARAM_TYPE_DESC(_type, _cookie) \
130 	{ \
131 		.type = _type, \
132 		.cookie = (void *)_cookie \
133 	}
134 
135 /*
136  * Helper macro to define an authentication parameter data descriptor
137  */
138 #define AUTH_PARAM_DATA_DESC(_ptr, _len) \
139 	{ \
140 		.ptr = (void *)_ptr, \
141 		.len = (unsigned int)_len \
142 	}
143 
144 #endif /* __AUTH_COMMON_H__ */
145