1 /***********************license start*********************************** 2 * Copyright (c) 2003-2017 Cavium Inc. ([email protected]). All rights 3 * reserved. 4 * 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions are 8 * met: 9 * 10 * * Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 13 * * Redistributions in binary form must reproduce the above 14 * copyright notice, this list of conditions and the following 15 * disclaimer in the documentation and/or other materials provided 16 * with the distribution. 17 * 18 * * Neither the name of Cavium Inc. nor the names of 19 * its contributors may be used to endorse or promote products 20 * derived from this software without specific prior written 21 * permission. 22 * 23 * This Software, including technical data, may be subject to U.S. export 24 * control laws, including the U.S. Export Administration Act and its 25 * associated regulations, and may be subject to export or import 26 * regulations in other countries. 27 * 28 * TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SOFTWARE IS PROVIDED "AS IS" 29 * AND WITH ALL FAULTS AND CAVIUM INC. MAKES NO PROMISES, REPRESENTATIONS OR 30 * WARRANTIES, EITHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT 31 * TO THE SOFTWARE, INCLUDING ITS CONDITION, ITS CONFORMITY TO ANY 32 * REPRESENTATION OR DESCRIPTION, OR THE EXISTENCE OF ANY LATENT OR PATENT 33 * DEFECTS, AND CAVIUM SPECIFICALLY DISCLAIMS ALL IMPLIED (IF ANY) WARRANTIES 34 * OF TITLE, MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR A PARTICULAR 35 * PURPOSE, LACK OF VIRUSES, ACCURACY OR COMPLETENESS, QUIET ENJOYMENT, 36 * QUIET POSSESSION OR CORRESPONDENCE TO DESCRIPTION. THE ENTIRE RISK 37 * ARISING OUT OF USE OR PERFORMANCE OF THE SOFTWARE LIES WITH YOU. 38 ***********************license end**************************************/ 39 40 /** 41 * @file 42 * 43 * Utility functions handling signed nad possibly encrypted files 44 * 45 * @defgroup signed Signed File IO 46 * @{ 47 */ 48 49 /** 50 * Enumeration representing the possible data types in a signed file 51 */ 52 typedef enum 53 { 54 BDK_SIGNED_IMAGE, /* BDK code image */ 55 BDK_SIGNED_DTS, /* Device tree file */ 56 BDK_SIGNED_PUB_KEY, /* Chain of trust public key, BDK proprietary format */ 57 } bdk_signed_data_t; 58 59 /** 60 * Flags to pass to bdk_signed functions 61 */ 62 typedef enum 63 { 64 BDK_SIGNED_FLAG_NONE = 0, /* Good for most files. Verfies as needed for trusted boot */ 65 BDK_SIGNED_FLAG_NOT_ENCRYPTED = 1 << 1, /* The file is not encrypted, even with trusted boot */ 66 BDK_SIGNED_FLAG_ALLOW_UNSIGNED = 1 << 2,/* File is not signed, even with trusted boot */ 67 } bdk_signed_flags_t; 68 69 /** 70 * Load a file and verify its signature. If the file is encrypted, it is 71 * decrypted. If the file is compressed, it is decompressed. 72 * 73 * @param filename File to load 74 * @param loc Offset into file for image. This is normally zero for normal files. Device 75 * files, such as /dev/mem, will use this to locate the image. 76 * @param data_type Type of data in the file, enumerated by bdk_signed_data_t. This is required 77 * so the code can determine the file size before loading the whole file. 78 * @param flags Flags for controlling file loading 79 * @param filesize Set the size of the file if the file is loaded properly. If load fails, set to 80 * zero. 81 * 82 * @return Pointer to the data from the file, or NULL on failure 83 */ 84 extern void *bdk_signed_load(const char *filename, uint64_t loc, 85 bdk_signed_data_t data_type, bdk_signed_flags_t flags, uint64_t *filesize); 86 87 /** 88 * Load the BDK's public signing key, which is signed by the Root of Trust 89 * 90 * @return Zero on success, negative on failure 91 */ 92 extern int bdk_signed_load_public(void); 93 94 /** @} */ 95