xref: /rk3399_ARM-atf/include/lib/psa/measured_boot.h (revision b85bcb8ec92126c238572ed7d242115125e411e1) 
1758c6471STamas Ban /*
2758c6471STamas Ban  * Copyright (c) 2022, Arm Limited. All rights reserved.
3758c6471STamas Ban  *
4758c6471STamas Ban  * SPDX-License-Identifier: BSD-3-Clause
5758c6471STamas Ban  *
6758c6471STamas Ban  */
7758c6471STamas Ban 
8758c6471STamas Ban #ifndef PSA_MEASURED_BOOT_H
9758c6471STamas Ban #define PSA_MEASURED_BOOT_H
10758c6471STamas Ban 
11758c6471STamas Ban #include <stdbool.h>
12758c6471STamas Ban #include <stddef.h>
13758c6471STamas Ban #include <stdint.h>
14758c6471STamas Ban 
15758c6471STamas Ban #include "psa/error.h"
16758c6471STamas Ban 
17758c6471STamas Ban /* Minimum measurement value size that can be requested to store */
18758c6471STamas Ban #define MEASUREMENT_VALUE_MIN_SIZE	32U
19758c6471STamas Ban /* Maximum measurement value size that can be requested to store */
20758c6471STamas Ban #define MEASUREMENT_VALUE_MAX_SIZE	64U
21758c6471STamas Ban /* Minimum signer id size that can be requested to store */
22758c6471STamas Ban #define SIGNER_ID_MIN_SIZE		MEASUREMENT_VALUE_MIN_SIZE
23758c6471STamas Ban /* Maximum signer id size that can be requested to store */
24758c6471STamas Ban #define SIGNER_ID_MAX_SIZE		MEASUREMENT_VALUE_MAX_SIZE
25758c6471STamas Ban /* The theoretical maximum image version is: "255.255.65535\0" */
26758c6471STamas Ban #define VERSION_MAX_SIZE		14U
27758c6471STamas Ban /* Example sw_type: "BL_2, BL_33, etc." */
28758c6471STamas Ban #define SW_TYPE_MAX_SIZE		20U
29758c6471STamas Ban #define NUM_OF_MEASUREMENT_SLOTS	32U
30758c6471STamas Ban 
31758c6471STamas Ban 
32758c6471STamas Ban /**
33758c6471STamas Ban  * Extends and stores a measurement to the requested slot.
34758c6471STamas Ban  *
35758c6471STamas Ban  * index			Slot number in which measurement is to be stored
36758c6471STamas Ban  * signer_id			Pointer to signer_id buffer.
3785a14bc0SDavid Vincze  * signer_id_size		Size of the signer_id in bytes.
38758c6471STamas Ban  * version			Pointer to version buffer.
39*b85bcb8eSJimmy Brisson  * version_size			Size of the version string in bytes.
40758c6471STamas Ban  * measurement_algo		Algorithm identifier used for measurement.
41758c6471STamas Ban  * sw_type			Pointer to sw_type buffer.
42*b85bcb8eSJimmy Brisson  * sw_type_size			Size of the sw_type string in bytes.
43758c6471STamas Ban  * measurement_value		Pointer to measurement_value buffer.
4485a14bc0SDavid Vincze  * measurement_value_size	Size of the measurement_value in bytes.
45758c6471STamas Ban  * lock_measurement		Boolean flag requesting whether the measurement
46758c6471STamas Ban  *				is to be locked.
47758c6471STamas Ban  *
48758c6471STamas Ban  * PSA_SUCCESS:
49758c6471STamas Ban  *	- Success.
50758c6471STamas Ban  * PSA_ERROR_INVALID_ARGUMENT:
51758c6471STamas Ban  *	- The size of any argument is invalid OR
52758c6471STamas Ban  *	- Input Measurement value is NULL OR
53758c6471STamas Ban  *	- Input Signer ID is NULL OR
54758c6471STamas Ban  *	- Requested slot index is invalid.
55758c6471STamas Ban  * PSA_ERROR_BAD_STATE:
56758c6471STamas Ban  *	- Request to lock, when slot is already locked.
57758c6471STamas Ban  * PSA_ERROR_NOT_PERMITTED:
58758c6471STamas Ban  *	- When the requested slot is not accessible to the caller.
59758c6471STamas Ban  */
60758c6471STamas Ban 
61758c6471STamas Ban /* Not a standard PSA API, just an extension therefore use the 'rss_' prefix
62758c6471STamas Ban  * rather than the usual 'psa_'.
63758c6471STamas Ban  */
64758c6471STamas Ban psa_status_t
65758c6471STamas Ban rss_measured_boot_extend_measurement(uint8_t index,
66758c6471STamas Ban 				     const uint8_t *signer_id,
67758c6471STamas Ban 				     size_t signer_id_size,
68758c6471STamas Ban 				     const uint8_t *version,
69758c6471STamas Ban 				     size_t version_size,
70758c6471STamas Ban 				     uint32_t measurement_algo,
71758c6471STamas Ban 				     const uint8_t *sw_type,
72758c6471STamas Ban 				     size_t sw_type_size,
73758c6471STamas Ban 				     const uint8_t *measurement_value,
74758c6471STamas Ban 				     size_t measurement_value_size,
75758c6471STamas Ban 				     bool lock_measurement);
76758c6471STamas Ban 
776d0525aaSMate Toth-Pal /**
786d0525aaSMate Toth-Pal  * Retrieves a measurement from the requested slot.
796d0525aaSMate Toth-Pal  *
806d0525aaSMate Toth-Pal  * index			Slot number from which measurement is to be
816d0525aaSMate Toth-Pal  *				retrieved.
826d0525aaSMate Toth-Pal  * signer_id			Pointer to signer_id buffer.
836d0525aaSMate Toth-Pal  * signer_id_size		Size of the signer_id buffer in bytes.
846d0525aaSMate Toth-Pal  * signer_id_len		On success, number of bytes that make up
856d0525aaSMate Toth-Pal  * 				signer_id.
866d0525aaSMate Toth-Pal  * version			Pointer to version buffer.
876d0525aaSMate Toth-Pal  * version_size			Size of the version buffer in bytes.
886d0525aaSMate Toth-Pal  * version_len			On success, number of bytes that makeup the
896d0525aaSMate Toth-Pal  * 				version.
906d0525aaSMate Toth-Pal  * measurement_algo		Pointer to measurement_algo.
916d0525aaSMate Toth-Pal  * sw_type			Pointer to sw_type buffer.
926d0525aaSMate Toth-Pal  * sw_type_size			Size of the sw_type buffer in bytes.
936d0525aaSMate Toth-Pal  * sw_type_len			On success, number of bytes that makeup the
946d0525aaSMate Toth-Pal  * 				sw_type.
956d0525aaSMate Toth-Pal  * measurement_value		Pointer to measurement_value buffer.
966d0525aaSMate Toth-Pal  * measurement_value_size	Size of the measurement_value buffer in bytes.
976d0525aaSMate Toth-Pal  * measurement_value_len	On success, number of bytes that make up the
986d0525aaSMate Toth-Pal  * 				measurement_value.
996d0525aaSMate Toth-Pal  * is_locked			Pointer to lock status of requested measurement
1006d0525aaSMate Toth-Pal  * 				slot.
1016d0525aaSMate Toth-Pal  *
1026d0525aaSMate Toth-Pal  * PSA_SUCCESS
1036d0525aaSMate Toth-Pal  *	- Success.
1046d0525aaSMate Toth-Pal  * PSA_ERROR_INVALID_ARGUMENT
1056d0525aaSMate Toth-Pal  *	- The size of at least one of the output buffers is incorrect or the
1066d0525aaSMate Toth-Pal  *	  requested slot index is invalid.
1076d0525aaSMate Toth-Pal  * PSA_ERROR_DOES_NOT_EXIST
1086d0525aaSMate Toth-Pal  *	- The requested slot is empty, does not contain a measurement.
1096d0525aaSMate Toth-Pal  */
1106d0525aaSMate Toth-Pal psa_status_t rss_measured_boot_read_measurement(uint8_t index,
1116d0525aaSMate Toth-Pal 					uint8_t *signer_id,
1126d0525aaSMate Toth-Pal 					size_t signer_id_size,
1136d0525aaSMate Toth-Pal 					size_t *signer_id_len,
1146d0525aaSMate Toth-Pal 					uint8_t *version,
1156d0525aaSMate Toth-Pal 					size_t version_size,
1166d0525aaSMate Toth-Pal 					size_t *version_len,
1176d0525aaSMate Toth-Pal 					uint32_t *measurement_algo,
1186d0525aaSMate Toth-Pal 					uint8_t *sw_type,
1196d0525aaSMate Toth-Pal 					size_t sw_type_size,
1206d0525aaSMate Toth-Pal 					size_t *sw_type_len,
1216d0525aaSMate Toth-Pal 					uint8_t *measurement_value,
1226d0525aaSMate Toth-Pal 					size_t measurement_value_size,
1236d0525aaSMate Toth-Pal 					size_t *measurement_value_len,
1246d0525aaSMate Toth-Pal 					bool *is_locked);
1256d0525aaSMate Toth-Pal 
126758c6471STamas Ban #endif /* PSA_MEASURED_BOOT_H */
127