| Juan Castillo | 8e55d93 | 2015-04-02 09:48:16 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. |
| 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions are met: |
| 6 | * |
| 7 | * Redistributions of source code must retain the above copyright notice, this |
| 8 | * list of conditions and the following disclaimer. |
| 9 | * |
| 10 | * Redistributions in binary form must reproduce the above copyright notice, |
| 11 | * this list of conditions and the following disclaimer in the documentation |
| 12 | * and/or other materials provided with the distribution. |
| 13 | * |
| 14 | * Neither the name of ARM nor the names of its contributors may be used |
| 15 | * to endorse or promote products derived from this software without specific |
| 16 | * prior written permission. |
| 17 | * |
| 18 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
| 19 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 20 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
| 21 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
| 22 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
| 23 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
| 24 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
| 25 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
| 26 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| 27 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
| 28 | * POSSIBILITY OF SUCH DAMAGE. |
| 29 | */ |
| 30 | |
| 31 | #ifndef __AUTH_COMMON_H__ |
| 32 | #define __AUTH_COMMON_H__ |
| 33 | |
| 34 | /* |
| 35 | * Authentication framework common types |
| 36 | */ |
| 37 | |
| 38 | /* |
| 39 | * Type of parameters that can be extracted from an image and |
| 40 | * used for authentication |
| 41 | */ |
| 42 | typedef enum auth_param_type_enum { |
| 43 | AUTH_PARAM_NONE, |
| 44 | AUTH_PARAM_RAW_DATA, /* Raw image data */ |
| 45 | AUTH_PARAM_SIG, /* The image signature */ |
| 46 | AUTH_PARAM_SIG_ALG, /* The image signature algorithm */ |
| 47 | AUTH_PARAM_HASH, /* A hash (including the algorithm) */ |
| 48 | AUTH_PARAM_PUB_KEY, /* A public key */ |
| 49 | } auth_param_type_t; |
| 50 | |
| 51 | /* |
| 52 | * Defines an authentication parameter. The cookie will be interpreted by the |
| 53 | * image parser module. |
| 54 | */ |
| 55 | typedef struct auth_param_type_desc_s { |
| 56 | auth_param_type_t type; |
| 57 | void *cookie; |
| 58 | } auth_param_type_desc_t; |
| 59 | |
| 60 | /* |
| 61 | * Store a pointer to the authentication parameter and its length |
| 62 | */ |
| 63 | typedef struct auth_param_data_desc_s { |
| 64 | void *ptr; |
| 65 | unsigned int len; |
| 66 | } auth_param_data_desc_t; |
| 67 | |
| 68 | /* |
| 69 | * Authentication parameter descriptor, including type and value |
| 70 | */ |
| 71 | typedef struct auth_param_desc_s { |
| 72 | auth_param_type_desc_t *type_desc; |
| 73 | auth_param_data_desc_t data; |
| 74 | } auth_param_desc_t; |
| 75 | |
| 76 | /* |
| 77 | * The method type defines how an image is authenticated |
| 78 | */ |
| 79 | typedef enum auth_method_type_enum { |
| 80 | AUTH_METHOD_NONE = 0, |
| 81 | AUTH_METHOD_HASH, /* Authenticate by hash matching */ |
| 82 | AUTH_METHOD_SIG, /* Authenticate by PK operation */ |
| 83 | AUTH_METHOD_NUM /* Number of methods */ |
| 84 | } auth_method_type_t; |
| 85 | |
| 86 | /* |
| 87 | * Parameters for authentication by hash matching |
| 88 | */ |
| 89 | typedef struct auth_method_param_hash_s { |
| 90 | auth_param_type_desc_t *data; /* Data to hash */ |
| 91 | auth_param_type_desc_t *hash; /* Hash to match with */ |
| 92 | } auth_method_param_hash_t; |
| 93 | |
| 94 | /* |
| 95 | * Parameters for authentication by signature |
| 96 | */ |
| 97 | typedef struct auth_method_param_sig_s { |
| 98 | auth_param_type_desc_t *pk; /* Public key */ |
| 99 | auth_param_type_desc_t *sig; /* Signature to check */ |
| 100 | auth_param_type_desc_t *alg; /* Signature algorithm */ |
| 101 | auth_param_type_desc_t *data; /* Data signed */ |
| 102 | } auth_method_param_sig_t; |
| 103 | |
| 104 | /* |
| 105 | * Parameters for authentication by NV counter |
| 106 | */ |
| 107 | typedef struct auth_method_param_nv_ctr_s { |
| 108 | auth_param_type_desc_t *nv_ctr; /* NV counter value */ |
| 109 | } auth_method_param_nv_ctr_t; |
| 110 | |
| 111 | /* |
| 112 | * Authentication method descriptor |
| 113 | */ |
| 114 | typedef struct auth_method_desc_s { |
| 115 | auth_method_type_t type; |
| 116 | union { |
| 117 | auth_method_param_hash_t hash; |
| 118 | auth_method_param_sig_t sig; |
| 119 | auth_method_param_nv_ctr_t nv_ctr; |
| 120 | } param; |
| 121 | } auth_method_desc_t; |
| 122 | |
| 123 | /* |
| 124 | * Helper macro to define an authentication parameter type descriptor |
| 125 | */ |
| 126 | #define AUTH_PARAM_TYPE_DESC(_type, _cookie) \ |
| 127 | { \ |
| 128 | .type = _type, \ |
| 129 | .cookie = (void *)_cookie \ |
| 130 | } |
| 131 | |
| 132 | /* |
| 133 | * Helper macro to define an authentication parameter data descriptor |
| 134 | */ |
| 135 | #define AUTH_PARAM_DATA_DESC(_ptr, _len) \ |
| 136 | { \ |
| 137 | .ptr = (void *)_ptr, \ |
| 138 | .len = (unsigned int)_len \ |
| 139 | } |
| 140 | |
| 141 | #endif /* __AUTH_COMMON_H__ */ |