1*54fd6939SJiyong Park /* 2*54fd6939SJiyong Park * Copyright (c) 2015-2021, ARM Limited and Contributors. All rights reserved. 3*54fd6939SJiyong Park * 4*54fd6939SJiyong Park * SPDX-License-Identifier: BSD-3-Clause 5*54fd6939SJiyong Park */ 6*54fd6939SJiyong Park 7*54fd6939SJiyong Park #ifndef KEY_H 8*54fd6939SJiyong Park #define KEY_H 9*54fd6939SJiyong Park 10*54fd6939SJiyong Park #include <openssl/ossl_typ.h> 11*54fd6939SJiyong Park 12*54fd6939SJiyong Park /* Error codes */ 13*54fd6939SJiyong Park enum { 14*54fd6939SJiyong Park KEY_ERR_NONE, 15*54fd6939SJiyong Park KEY_ERR_MALLOC, 16*54fd6939SJiyong Park KEY_ERR_FILENAME, 17*54fd6939SJiyong Park KEY_ERR_OPEN, 18*54fd6939SJiyong Park KEY_ERR_LOAD 19*54fd6939SJiyong Park }; 20*54fd6939SJiyong Park 21*54fd6939SJiyong Park /* Supported key algorithms */ 22*54fd6939SJiyong Park enum { 23*54fd6939SJiyong Park KEY_ALG_RSA, /* RSA PSS as defined by PKCS#1 v2.1 (default) */ 24*54fd6939SJiyong Park #ifndef OPENSSL_NO_EC 25*54fd6939SJiyong Park KEY_ALG_ECDSA, 26*54fd6939SJiyong Park #endif /* OPENSSL_NO_EC */ 27*54fd6939SJiyong Park KEY_ALG_MAX_NUM 28*54fd6939SJiyong Park }; 29*54fd6939SJiyong Park 30*54fd6939SJiyong Park /* Maximum number of valid key sizes per algorithm */ 31*54fd6939SJiyong Park #define KEY_SIZE_MAX_NUM 4 32*54fd6939SJiyong Park 33*54fd6939SJiyong Park /* Supported hash algorithms */ 34*54fd6939SJiyong Park enum{ 35*54fd6939SJiyong Park HASH_ALG_SHA256, 36*54fd6939SJiyong Park HASH_ALG_SHA384, 37*54fd6939SJiyong Park HASH_ALG_SHA512, 38*54fd6939SJiyong Park }; 39*54fd6939SJiyong Park 40*54fd6939SJiyong Park /* Supported key sizes */ 41*54fd6939SJiyong Park /* NOTE: the first item in each array is the default key size */ 42*54fd6939SJiyong Park static const unsigned int KEY_SIZES[KEY_ALG_MAX_NUM][KEY_SIZE_MAX_NUM] = { 43*54fd6939SJiyong Park { 2048, 1024, 3072, 4096 }, /* KEY_ALG_RSA */ 44*54fd6939SJiyong Park #ifndef OPENSSL_NO_EC 45*54fd6939SJiyong Park {} /* KEY_ALG_ECDSA */ 46*54fd6939SJiyong Park #endif /* OPENSSL_NO_EC */ 47*54fd6939SJiyong Park }; 48*54fd6939SJiyong Park 49*54fd6939SJiyong Park /* 50*54fd6939SJiyong Park * This structure contains the relevant information to create the keys 51*54fd6939SJiyong Park * required to sign the certificates. 52*54fd6939SJiyong Park * 53*54fd6939SJiyong Park * One instance of this structure must be created for each key, usually in an 54*54fd6939SJiyong Park * array fashion. The filename is obtained at run time from the command line 55*54fd6939SJiyong Park * parameters 56*54fd6939SJiyong Park */ 57*54fd6939SJiyong Park typedef struct key_s { 58*54fd6939SJiyong Park int id; /* Key id */ 59*54fd6939SJiyong Park const char *opt; /* Command line option to specify a key */ 60*54fd6939SJiyong Park const char *help_msg; /* Help message */ 61*54fd6939SJiyong Park const char *desc; /* Key description (debug purposes) */ 62*54fd6939SJiyong Park char *fn; /* Filename to load/store the key */ 63*54fd6939SJiyong Park EVP_PKEY *key; /* Key container */ 64*54fd6939SJiyong Park } key_t; 65*54fd6939SJiyong Park 66*54fd6939SJiyong Park /* Exported API */ 67*54fd6939SJiyong Park int key_init(void); 68*54fd6939SJiyong Park key_t *key_get_by_opt(const char *opt); 69*54fd6939SJiyong Park int key_new(key_t *key); 70*54fd6939SJiyong Park int key_create(key_t *key, int type, int key_bits); 71*54fd6939SJiyong Park int key_load(key_t *key, unsigned int *err_code); 72*54fd6939SJiyong Park int key_store(key_t *key); 73*54fd6939SJiyong Park 74*54fd6939SJiyong Park /* Macro to register the keys used in the CoT */ 75*54fd6939SJiyong Park #define REGISTER_KEYS(_keys) \ 76*54fd6939SJiyong Park key_t *def_keys = &_keys[0]; \ 77*54fd6939SJiyong Park const unsigned int num_def_keys = sizeof(_keys)/sizeof(_keys[0]) 78*54fd6939SJiyong Park 79*54fd6939SJiyong Park /* Macro to register the platform defined keys used in the CoT */ 80*54fd6939SJiyong Park #define PLAT_REGISTER_KEYS(_pdef_keys) \ 81*54fd6939SJiyong Park key_t *pdef_keys = &_pdef_keys[0]; \ 82*54fd6939SJiyong Park const unsigned int num_pdef_keys = sizeof(_pdef_keys)/sizeof(_pdef_keys[0]) 83*54fd6939SJiyong Park 84*54fd6939SJiyong Park /* Exported variables */ 85*54fd6939SJiyong Park extern key_t *def_keys; 86*54fd6939SJiyong Park extern const unsigned int num_def_keys; 87*54fd6939SJiyong Park extern key_t *pdef_keys; 88*54fd6939SJiyong Park extern const unsigned int num_pdef_keys; 89*54fd6939SJiyong Park 90*54fd6939SJiyong Park extern key_t *keys; 91*54fd6939SJiyong Park extern unsigned int num_keys; 92*54fd6939SJiyong Park #endif /* KEY_H */ 93