1 /* 2 * Copyright (c) 2015-2021, Arm Limited and Contributors. All rights reserved. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef CRYPTO_MOD_H 8 #define CRYPTO_MOD_H 9 10 /* Return values */ 11 enum crypto_ret_value { 12 CRYPTO_SUCCESS = 0, 13 CRYPTO_ERR_INIT, 14 CRYPTO_ERR_HASH, 15 CRYPTO_ERR_SIGNATURE, 16 CRYPTO_ERR_DECRYPTION, 17 CRYPTO_ERR_UNKNOWN 18 }; 19 20 #define CRYPTO_MAX_IV_SIZE 16U 21 #define CRYPTO_MAX_TAG_SIZE 16U 22 23 /* Decryption algorithm */ 24 enum crypto_dec_algo { 25 CRYPTO_GCM_DECRYPT = 0 26 }; 27 28 /* Message digest algorithm */ 29 enum crypto_md_algo { 30 CRYPTO_MD_SHA256, 31 CRYPTO_MD_SHA384, 32 CRYPTO_MD_SHA512, 33 }; 34 35 /* Maximum size as per the known stronger hash algorithm i.e.SHA512 */ 36 #define CRYPTO_MD_MAX_SIZE 64U 37 38 /* 39 * Cryptographic library descriptor 40 */ 41 typedef struct crypto_lib_desc_s { 42 const char *name; 43 44 /* Initialize library. This function is not expected to fail. All errors 45 * must be handled inside the function, asserting or panicing in case of 46 * a non-recoverable error */ 47 void (*init)(void); 48 49 /* Verify a digital signature. Return one of the 50 * 'enum crypto_ret_value' options */ 51 int (*verify_signature)(void *data_ptr, unsigned int data_len, 52 void *sig_ptr, unsigned int sig_len, 53 void *sig_alg, unsigned int sig_alg_len, 54 void *pk_ptr, unsigned int pk_len); 55 56 /* Verify a hash. Return one of the 'enum crypto_ret_value' options */ 57 int (*verify_hash)(void *data_ptr, unsigned int data_len, 58 void *digest_info_ptr, unsigned int digest_info_len); 59 60 #if MEASURED_BOOT 61 /* Calculate a hash. Return hash value */ 62 int (*calc_hash)(enum crypto_md_algo md_alg, void *data_ptr, 63 unsigned int data_len, 64 unsigned char output[CRYPTO_MD_MAX_SIZE]); 65 #endif /* MEASURED_BOOT */ 66 67 /* 68 * Authenticated decryption. Return one of the 69 * 'enum crypto_ret_value' options. 70 */ 71 int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr, 72 size_t len, const void *key, unsigned int key_len, 73 unsigned int key_flags, const void *iv, 74 unsigned int iv_len, const void *tag, 75 unsigned int tag_len); 76 } crypto_lib_desc_t; 77 78 /* Public functions */ 79 void crypto_mod_init(void); 80 int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len, 81 void *sig_ptr, unsigned int sig_len, 82 void *sig_alg_ptr, unsigned int sig_alg_len, 83 void *pk_ptr, unsigned int pk_len); 84 int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len, 85 void *digest_info_ptr, unsigned int digest_info_len); 86 int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr, 87 size_t len, const void *key, unsigned int key_len, 88 unsigned int key_flags, const void *iv, 89 unsigned int iv_len, const void *tag, 90 unsigned int tag_len); 91 92 #if MEASURED_BOOT 93 int crypto_mod_calc_hash(enum crypto_md_algo alg, void *data_ptr, 94 unsigned int data_len, 95 unsigned char output[CRYPTO_MD_MAX_SIZE]); 96 97 /* Macro to register a cryptographic library */ 98 #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ 99 _calc_hash, _auth_decrypt) \ 100 const crypto_lib_desc_t crypto_lib_desc = { \ 101 .name = _name, \ 102 .init = _init, \ 103 .verify_signature = _verify_signature, \ 104 .verify_hash = _verify_hash, \ 105 .calc_hash = _calc_hash, \ 106 .auth_decrypt = _auth_decrypt \ 107 } 108 #else 109 #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ 110 _auth_decrypt) \ 111 const crypto_lib_desc_t crypto_lib_desc = { \ 112 .name = _name, \ 113 .init = _init, \ 114 .verify_signature = _verify_signature, \ 115 .verify_hash = _verify_hash, \ 116 .auth_decrypt = _auth_decrypt \ 117 } 118 #endif /* MEASURED_BOOT */ 119 120 extern const crypto_lib_desc_t crypto_lib_desc; 121 122 #endif /* CRYPTO_MOD_H */ 123