1*54fd6939SJiyong Park /* 2*54fd6939SJiyong Park * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved. 3*54fd6939SJiyong Park * 4*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park */ 6*54fd6939SJiyong Park 7*54fd6939SJiyong Park #ifndef CRYPTO_MOD_H 8*54fd6939SJiyong Park #define CRYPTO_MOD_H 9*54fd6939SJiyong Park 10*54fd6939SJiyong Park /* Return values */ 11*54fd6939SJiyong Park enum crypto_ret_value { 12*54fd6939SJiyong Park CRYPTO_SUCCESS = 0, 13*54fd6939SJiyong Park CRYPTO_ERR_INIT, 14*54fd6939SJiyong Park CRYPTO_ERR_HASH, 15*54fd6939SJiyong Park CRYPTO_ERR_SIGNATURE, 16*54fd6939SJiyong Park CRYPTO_ERR_DECRYPTION, 17*54fd6939SJiyong Park CRYPTO_ERR_UNKNOWN 18*54fd6939SJiyong Park }; 19*54fd6939SJiyong Park 20*54fd6939SJiyong Park #define CRYPTO_MAX_IV_SIZE 16U 21*54fd6939SJiyong Park #define CRYPTO_MAX_TAG_SIZE 16U 22*54fd6939SJiyong Park 23*54fd6939SJiyong Park /* Decryption algorithm */ 24*54fd6939SJiyong Park enum crypto_dec_algo { 25*54fd6939SJiyong Park CRYPTO_GCM_DECRYPT = 0 26*54fd6939SJiyong Park }; 27*54fd6939SJiyong Park 28*54fd6939SJiyong Park /* 29*54fd6939SJiyong Park * Cryptographic library descriptor 30*54fd6939SJiyong Park */ 31*54fd6939SJiyong Park typedef struct crypto_lib_desc_s { 32*54fd6939SJiyong Park const char *name; 33*54fd6939SJiyong Park 34*54fd6939SJiyong Park /* Initialize library. This function is not expected to fail. All errors 35*54fd6939SJiyong Park * must be handled inside the function, asserting or panicing in case of 36*54fd6939SJiyong Park * a non-recoverable error */ 37*54fd6939SJiyong Park void (*init)(void); 38*54fd6939SJiyong Park 39*54fd6939SJiyong Park /* Verify a digital signature. Return one of the 40*54fd6939SJiyong Park * 'enum crypto_ret_value' options */ 41*54fd6939SJiyong Park int (*verify_signature)(void *data_ptr, unsigned int data_len, 42*54fd6939SJiyong Park void *sig_ptr, unsigned int sig_len, 43*54fd6939SJiyong Park void *sig_alg, unsigned int sig_alg_len, 44*54fd6939SJiyong Park void *pk_ptr, unsigned int pk_len); 45*54fd6939SJiyong Park 46*54fd6939SJiyong Park /* Verify a hash. Return one of the 'enum crypto_ret_value' options */ 47*54fd6939SJiyong Park int (*verify_hash)(void *data_ptr, unsigned int data_len, 48*54fd6939SJiyong Park void *digest_info_ptr, unsigned int digest_info_len); 49*54fd6939SJiyong Park 50*54fd6939SJiyong Park #if MEASURED_BOOT 51*54fd6939SJiyong Park /* Calculate a hash. Return hash value */ 52*54fd6939SJiyong Park int (*calc_hash)(unsigned int alg, void *data_ptr, 53*54fd6939SJiyong Park unsigned int data_len, unsigned char *output); 54*54fd6939SJiyong Park #endif /* MEASURED_BOOT */ 55*54fd6939SJiyong Park 56*54fd6939SJiyong Park /* 57*54fd6939SJiyong Park * Authenticated decryption. Return one of the 58*54fd6939SJiyong Park * 'enum crypto_ret_value' options. 59*54fd6939SJiyong Park */ 60*54fd6939SJiyong Park int (*auth_decrypt)(enum crypto_dec_algo dec_algo, void *data_ptr, 61*54fd6939SJiyong Park size_t len, const void *key, unsigned int key_len, 62*54fd6939SJiyong Park unsigned int key_flags, const void *iv, 63*54fd6939SJiyong Park unsigned int iv_len, const void *tag, 64*54fd6939SJiyong Park unsigned int tag_len); 65*54fd6939SJiyong Park } crypto_lib_desc_t; 66*54fd6939SJiyong Park 67*54fd6939SJiyong Park /* Public functions */ 68*54fd6939SJiyong Park void crypto_mod_init(void); 69*54fd6939SJiyong Park int crypto_mod_verify_signature(void *data_ptr, unsigned int data_len, 70*54fd6939SJiyong Park void *sig_ptr, unsigned int sig_len, 71*54fd6939SJiyong Park void *sig_alg_ptr, unsigned int sig_alg_len, 72*54fd6939SJiyong Park void *pk_ptr, unsigned int pk_len); 73*54fd6939SJiyong Park int crypto_mod_verify_hash(void *data_ptr, unsigned int data_len, 74*54fd6939SJiyong Park void *digest_info_ptr, unsigned int digest_info_len); 75*54fd6939SJiyong Park int crypto_mod_auth_decrypt(enum crypto_dec_algo dec_algo, void *data_ptr, 76*54fd6939SJiyong Park size_t len, const void *key, unsigned int key_len, 77*54fd6939SJiyong Park unsigned int key_flags, const void *iv, 78*54fd6939SJiyong Park unsigned int iv_len, const void *tag, 79*54fd6939SJiyong Park unsigned int tag_len); 80*54fd6939SJiyong Park 81*54fd6939SJiyong Park #if MEASURED_BOOT 82*54fd6939SJiyong Park int crypto_mod_calc_hash(unsigned int alg, void *data_ptr, 83*54fd6939SJiyong Park unsigned int data_len, unsigned char *output); 84*54fd6939SJiyong Park 85*54fd6939SJiyong Park /* Macro to register a cryptographic library */ 86*54fd6939SJiyong Park #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ 87*54fd6939SJiyong Park _calc_hash, _auth_decrypt) \ 88*54fd6939SJiyong Park const crypto_lib_desc_t crypto_lib_desc = { \ 89*54fd6939SJiyong Park .name = _name, \ 90*54fd6939SJiyong Park .init = _init, \ 91*54fd6939SJiyong Park .verify_signature = _verify_signature, \ 92*54fd6939SJiyong Park .verify_hash = _verify_hash, \ 93*54fd6939SJiyong Park .calc_hash = _calc_hash, \ 94*54fd6939SJiyong Park .auth_decrypt = _auth_decrypt \ 95*54fd6939SJiyong Park } 96*54fd6939SJiyong Park #else 97*54fd6939SJiyong Park #define REGISTER_CRYPTO_LIB(_name, _init, _verify_signature, _verify_hash, \ 98*54fd6939SJiyong Park _auth_decrypt) \ 99*54fd6939SJiyong Park const crypto_lib_desc_t crypto_lib_desc = { \ 100*54fd6939SJiyong Park .name = _name, \ 101*54fd6939SJiyong Park .init = _init, \ 102*54fd6939SJiyong Park .verify_signature = _verify_signature, \ 103*54fd6939SJiyong Park .verify_hash = _verify_hash, \ 104*54fd6939SJiyong Park .auth_decrypt = _auth_decrypt \ 105*54fd6939SJiyong Park } 106*54fd6939SJiyong Park #endif /* MEASURED_BOOT */ 107*54fd6939SJiyong Park 108*54fd6939SJiyong Park extern const crypto_lib_desc_t crypto_lib_desc; 109*54fd6939SJiyong Park 110*54fd6939SJiyong Park #endif /* CRYPTO_MOD_H */ 111