1 /* 2 * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * Redistributions of source code must retain the above copyright notice, this 8 * list of conditions and the following disclaimer. 9 * 10 * Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 14 * Neither the name of ARM nor the names of its contributors may be used 15 * to endorse or promote products derived from this software without specific 16 * prior written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 22 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28 * POSSIBILITY OF SUCH DAMAGE. 29 */ 30 31 #ifndef __AUTH_COMMON_H__ 32 #define __AUTH_COMMON_H__ 33 34 /* 35 * Authentication framework common types 36 */ 37 38 /* 39 * Type of parameters that can be extracted from an image and 40 * used for authentication 41 */ 42 typedef enum auth_param_type_enum { 43 AUTH_PARAM_NONE, 44 AUTH_PARAM_RAW_DATA, /* Raw image data */ 45 AUTH_PARAM_SIG, /* The image signature */ 46 AUTH_PARAM_SIG_ALG, /* The image signature algorithm */ 47 AUTH_PARAM_HASH, /* A hash (including the algorithm) */ 48 AUTH_PARAM_PUB_KEY, /* A public key */ 49 } auth_param_type_t; 50 51 /* 52 * Defines an authentication parameter. The cookie will be interpreted by the 53 * image parser module. 54 */ 55 typedef struct auth_param_type_desc_s { 56 auth_param_type_t type; 57 void *cookie; 58 } auth_param_type_desc_t; 59 60 /* 61 * Store a pointer to the authentication parameter and its length 62 */ 63 typedef struct auth_param_data_desc_s { 64 void *ptr; 65 unsigned int len; 66 } auth_param_data_desc_t; 67 68 /* 69 * Authentication parameter descriptor, including type and value 70 */ 71 typedef struct auth_param_desc_s { 72 auth_param_type_desc_t *type_desc; 73 auth_param_data_desc_t data; 74 } auth_param_desc_t; 75 76 /* 77 * The method type defines how an image is authenticated 78 */ 79 typedef enum auth_method_type_enum { 80 AUTH_METHOD_NONE = 0, 81 AUTH_METHOD_HASH, /* Authenticate by hash matching */ 82 AUTH_METHOD_SIG, /* Authenticate by PK operation */ 83 AUTH_METHOD_NUM /* Number of methods */ 84 } auth_method_type_t; 85 86 /* 87 * Parameters for authentication by hash matching 88 */ 89 typedef struct auth_method_param_hash_s { 90 auth_param_type_desc_t *data; /* Data to hash */ 91 auth_param_type_desc_t *hash; /* Hash to match with */ 92 } auth_method_param_hash_t; 93 94 /* 95 * Parameters for authentication by signature 96 */ 97 typedef struct auth_method_param_sig_s { 98 auth_param_type_desc_t *pk; /* Public key */ 99 auth_param_type_desc_t *sig; /* Signature to check */ 100 auth_param_type_desc_t *alg; /* Signature algorithm */ 101 auth_param_type_desc_t *data; /* Data signed */ 102 } auth_method_param_sig_t; 103 104 /* 105 * Parameters for authentication by NV counter 106 */ 107 typedef struct auth_method_param_nv_ctr_s { 108 auth_param_type_desc_t *nv_ctr; /* NV counter value */ 109 } auth_method_param_nv_ctr_t; 110 111 /* 112 * Authentication method descriptor 113 */ 114 typedef struct auth_method_desc_s { 115 auth_method_type_t type; 116 union { 117 auth_method_param_hash_t hash; 118 auth_method_param_sig_t sig; 119 auth_method_param_nv_ctr_t nv_ctr; 120 } param; 121 } auth_method_desc_t; 122 123 /* 124 * Helper macro to define an authentication parameter type descriptor 125 */ 126 #define AUTH_PARAM_TYPE_DESC(_type, _cookie) \ 127 { \ 128 .type = _type, \ 129 .cookie = (void *)_cookie \ 130 } 131 132 /* 133 * Helper macro to define an authentication parameter data descriptor 134 */ 135 #define AUTH_PARAM_DATA_DESC(_ptr, _len) \ 136 { \ 137 .ptr = (void *)_ptr, \ 138 .len = (unsigned int)_len \ 139 } 140 141 #endif /* __AUTH_COMMON_H__ */ 142