Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 64c33a1f2e20586c8b8cbde9337789892b09cfd3 / . / drivers / measured_boot / rss / rss_measured_boot.c
blob: fe2baf055b4d520731fe7233b906d1020137aca4 [file] [log] [blame]
Tamas Ban64c33a12022-01-11 20:24:24 +0100[diff] [blame^]1/*
2 * Copyright (c) 2022, Arm Limited. All rights reserved.
3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 */
6#include <assert.h>
7#include <stdint.h>
8
9#include <common/debug.h>
10#include <drivers/auth/crypto_mod.h>
11#include <drivers/measured_boot/rss/rss_measured_boot.h>
12#include <lib/psa/measured_boot.h>
13#include <psa/crypto_types.h>
14#include <psa/crypto_values.h>
15#include <psa/error.h>
16
17#define MBOOT_ALG_SHA512 0
18#define MBOOT_ALG_SHA384 1
19#define MBOOT_ALG_SHA256 2
20
21#if MBOOT_ALG_ID == MBOOT_ALG_SHA512
22#define CRYPTO_MD_ID CRYPTO_MD_SHA512
23#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_512
24#elif MBOOT_ALG_ID == MBOOT_ALG_SHA384
25#define CRYPTO_MD_ID CRYPTO_MD_SHA384
26#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_384
27#elif MBOOT_ALG_ID == MBOOT_ALG_SHA256
28#define CRYPTO_MD_ID CRYPTO_MD_SHA256
29#define PSA_CRYPTO_MD_ID PSA_ALG_SHA_256
30#else
31# error Invalid Measured Boot algorithm.
32#endif /* MBOOT_ALG_ID */
33
34/* Pointer to struct rss_mboot_metadata */
35static struct rss_mboot_metadata *plat_metadata_ptr;
36
37/* Functions' declarations */
38void rss_measured_boot_init(void)
39{
40 /* At this point it is expected that communication channel over MHU
41 * is already initialised by platform init.
42 */
43
44 /* Get pointer to platform's struct rss_mboot_metadata structure */
45 plat_metadata_ptr = plat_rss_mboot_get_metadata();
46 assert(plat_metadata_ptr != NULL);
47}
48
49int rss_mboot_measure_and_record(uintptr_t data_base, uint32_t data_size,
50 uint32_t data_id)
51{
52 unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
53 int rc;
54 psa_status_t ret;
55 const struct rss_mboot_metadata *metadata_ptr = plat_metadata_ptr;
56
57 /* Get the metadata associated with this image. */
58 while ((metadata_ptr->id != RSS_MBOOT_INVALID_ID) &&
59 (metadata_ptr->id != data_id)) {
60 metadata_ptr++;
61 }
62
63 /* If image is not present in metadata array then skip */
64 if (metadata_ptr->id == RSS_MBOOT_INVALID_ID) {
65 return 0;
66 }
67
68 /* Calculate hash */
69 rc = crypto_mod_calc_hash(CRYPTO_MD_ID,
70 (void *)data_base, data_size, hash_data);
71 if (rc != 0) {
72 return rc;
73 }
74
75 ret = rss_measured_boot_extend_measurement(
76 metadata_ptr->slot,
77 metadata_ptr->signer_id,
78 metadata_ptr->signer_id_size,
79 metadata_ptr->version,
80 metadata_ptr->version_size,
81 PSA_CRYPTO_MD_ID,
82 metadata_ptr->sw_type,
83 metadata_ptr->sw_type_size,
84 hash_data,
85 MBOOT_DIGEST_SIZE,
86 metadata_ptr->lock_measurement);
87 if (ret != PSA_SUCCESS) {
88 return ret;
89 }
90
91 return 0;
92}
93
94int rss_mboot_set_signer_id(unsigned int img_id,
95 const void *pk_ptr,
96 size_t pk_len)
97{
98 unsigned char hash_data[CRYPTO_MD_MAX_SIZE];
99 struct rss_mboot_metadata *metadata_ptr = plat_metadata_ptr;
100 int rc;
101
102 /* Get the metadata associated with this image. */
103 while ((metadata_ptr->id != RSS_MBOOT_INVALID_ID) &&
104 (metadata_ptr->id != img_id)) {
105 metadata_ptr++;
106 }
107
108 /* If image is not present in metadata array then skip */
109 if (metadata_ptr->id == RSS_MBOOT_INVALID_ID) {
110 return 0;
111 }
112
113 /* Calculate public key hash */
114 rc = crypto_mod_calc_hash(CRYPTO_MD_ID, (void *)pk_ptr,
115 pk_len, hash_data);
116 if (rc != 0) {
117 return rc;
118 }
119
120 /* Update metadata struct with the received signer_id */
121 (void)memcpy(metadata_ptr->signer_id, hash_data, MBOOT_DIGEST_SIZE);
122 metadata_ptr->signer_id_size = MBOOT_DIGEST_SIZE;
123
124 return 0;
125}