Blame - drivers/measured_boot/rss/rss_measured_boot.c - filogic/atf

blob: 1b2f17720dc8dd15ebdf50a015ebf99681e9f40f [file] [log] [blame]

Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	1	/*
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	2	* Copyright (c) 2022-2023, Arm Limited. All rights reserved.
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	3	*
				4	* SPDX-License-Identifier: BSD-3-Clause
				5	*/
				6	#include <assert.h>
				7	#include <stdint.h>
Claus Pedersen	785e66c	2022-09-12 22:42:58 +0000	[diff] [blame]	8	#include <string.h>
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	9
				10	#include <common/debug.h>
				11	#include <drivers/auth/crypto_mod.h>
				12	#include <drivers/measured_boot/rss/rss_measured_boot.h>
				13	#include <lib/psa/measured_boot.h>
				14	#include <psa/crypto_types.h>
				15	#include <psa/crypto_values.h>
				16	#include <psa/error.h>
				17
				18	#define MBOOT_ALG_SHA512 0
				19	#define MBOOT_ALG_SHA384 1
				20	#define MBOOT_ALG_SHA256 2
				21
				22	#if MBOOT_ALG_ID == MBOOT_ALG_SHA512
				23	#define CRYPTO_MD_ID CRYPTO_MD_SHA512
				24	#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_512
				25	#elif MBOOT_ALG_ID == MBOOT_ALG_SHA384
				26	#define CRYPTO_MD_ID CRYPTO_MD_SHA384
				27	#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_384
				28	#elif MBOOT_ALG_ID == MBOOT_ALG_SHA256
				29	#define CRYPTO_MD_ID CRYPTO_MD_SHA256
				30	#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_256
				31	#else
				32	# error Invalid Measured Boot algorithm.
				33	#endif /* MBOOT_ALG_ID */
				34
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	35	/* Functions' declarations */
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	36	void rss_measured_boot_init(struct rss_mboot_metadata *metadata_ptr)
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	37	{
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	38	assert(metadata_ptr != NULL);
Tamas Ban	e2041c1	2022-10-03 13:19:55 +0200	[diff] [blame]	39
				40	/* Init the non-const members of the metadata structure */
				41	while (metadata_ptr->id != RSS_MBOOT_INVALID_ID) {
				42	metadata_ptr->sw_type_size =
				43	strlen((const char *)&metadata_ptr->sw_type) + 1;
				44	metadata_ptr++;
				45	}
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	46	}
				47
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	48	int rss_mboot_measure_and_record(struct rss_mboot_metadata *metadata_ptr,
				49	uintptr_t data_base, uint32_t data_size,
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	50	uint32_t data_id)
				51	{
				52	unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
				53	int rc;
				54	psa_status_t ret;
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	55
				56	assert(metadata_ptr != NULL);
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	57
				58	/* Get the metadata associated with this image. */
				59	while ((metadata_ptr->id != RSS_MBOOT_INVALID_ID) &&
				60	(metadata_ptr->id != data_id)) {
				61	metadata_ptr++;
				62	}
				63
				64	/* If image is not present in metadata array then skip */
				65	if (metadata_ptr->id == RSS_MBOOT_INVALID_ID) {
				66	return 0;
				67	}
				68
				69	/* Calculate hash */
				70	rc = crypto_mod_calc_hash(CRYPTO_MD_ID,
				71	(void *)data_base, data_size, hash_data);
				72	if (rc != 0) {
				73	return rc;
				74	}
				75
				76	ret = rss_measured_boot_extend_measurement(
				77	metadata_ptr->slot,
				78	metadata_ptr->signer_id,
				79	metadata_ptr->signer_id_size,
				80	metadata_ptr->version,
				81	metadata_ptr->version_size,
				82	PSA_CRYPTO_MD_ID,
				83	metadata_ptr->sw_type,
				84	metadata_ptr->sw_type_size,
				85	hash_data,
				86	MBOOT_DIGEST_SIZE,
				87	metadata_ptr->lock_measurement);
				88	if (ret != PSA_SUCCESS) {
				89	return ret;
				90	}
				91
				92	return 0;
				93	}
				94
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	95	int rss_mboot_set_signer_id(struct rss_mboot_metadata *metadata_ptr,
				96	unsigned int img_id,
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	97	const void *pk_ptr,
				98	size_t pk_len)
				99	{
				100	unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	101	int rc;
				102
Manish V Badarkhe	4699f59	2023-06-16 12:59:57 +0100	[diff] [blame^]	103	assert(metadata_ptr != NULL);
				104
Tamas Ban	64c33a1	2022-01-11 20:24:24 +0100	[diff] [blame]	105	/* Get the metadata associated with this image. */
				106	while ((metadata_ptr->id != RSS_MBOOT_INVALID_ID) &&
				107	(metadata_ptr->id != img_id)) {
				108	metadata_ptr++;
				109	}
				110
				111	/* If image is not present in metadata array then skip */
				112	if (metadata_ptr->id == RSS_MBOOT_INVALID_ID) {
				113	return 0;
				114	}
				115
				116	/* Calculate public key hash */
				117	rc = crypto_mod_calc_hash(CRYPTO_MD_ID, (void *)pk_ptr,
				118	pk_len, hash_data);
				119	if (rc != 0) {
				120	return rc;
				121	}
				122
				123	/* Update metadata struct with the received signer_id */
				124	(void)memcpy(metadata_ptr->signer_id, hash_data, MBOOT_DIGEST_SIZE);
				125	metadata_ptr->signer_id_size = MBOOT_DIGEST_SIZE;
				126
				127	return 0;
				128	}