• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef __HVB_CERT_H_
16 #define __HVB_CERT_H_
17 
18 #include "hvb_sysdeps.h"
19 #include "hvb.h"
20 #include "hvb_crypto.h"
21 
22 /* Magic for the vbmeta image header. */
23 #define HVB_MAGIC                    "HVB"
24 #define HVB_MAGIC_LEN                4
25 
26 /* Maximum size of the release string including the terminating NUL byte. */
27 #define HVB_VERITY_RESERVED_SIZE     36
28 #define HVB_SIGNATURE_RESERVED_SIZE  64
29 #define VERITY_NAME_SIZE             64
30 #define HVB_SIGNATURE_MAX_SIZE       4096
31 
32 /* The version number of HVB - keep in sync with hvbtool. */
33 #define HVB_VERSION_MAJOR            1
34 #define HVB_VERSION_MINOR            0
35 
36 #define PUBKEY_MODULUS_LEN           256
37 #define PUBKEY_P_RR_LEN              256
38 #define SIGNATURE_LEN                256
39 #define HVB_SIGNATURE_FIXED_SIZE     224
40 
41 enum hvb_image_type {
42     HVB_IMAGE_TYPE_NONE,
43     HVB_IMAGE_TYPE_HASH,
44     HVB_IMAGE_TYPE_HASHTREE,
45     HVB_IMAGE_TYPE_MAX,
46 };
47 
48 struct hash_payload {
49     uint8_t *salt;
50     uint8_t *digest;
51 } HVB_ATTR_PACKED;
52 
53 struct hvb_sign_info {
54     uint64_t sig_length;
55     uint32_t algorithm;
56     uint32_t flags;
57     uint64_t pubkey_offset;
58     uint64_t pubkey_len;
59     uint64_t signature_offset;
60     uint64_t signature_len;
61     uint8_t signature_reserved[HVB_SIGNATURE_RESERVED_SIZE];
62     struct hvb_buf pubk;
63     struct hvb_buf sign;
64 } HVB_ATTR_PACKED;
65 
66 struct hvb_cert {
67     /* Three bytes equal to "HVB" (HVB_MAGIC). */
68     uint8_t magic[HVB_MAGIC_LEN];
69 
70     /* The major version of libhvb. */
71     uint32_t version_major;
72 
73     /* The minor version of libhvb. */
74     uint32_t version_minor;
75 
76     /* The release data for verity info data. */
77     uint8_t verity_reserved[HVB_VERITY_RESERVED_SIZE];
78 
79     /* The original length for image. */
80     uint64_t image_original_len;
81 
82     /* The length for image after padding zeroes. */
83     uint64_t image_len;
84 
85     /* The partition name. */
86     uint8_t image_name[VERITY_NAME_SIZE];
87 
88     /* The location of rollback value. */
89     uint64_t rollback_location;
90 
91     /* The rollback index. */
92     uint64_t rollback_index;
93 
94     /*
95      * The type of image verity.
96      * 1: hash image
97      * 2: hashtree image
98      */
99     uint32_t verity_type;
100 
101     /*
102      * The algorithm for calculated image hash.
103      * 0: ShA256
104      * 1: SHA1
105      * 2: SHA512
106      */
107     uint32_t hash_algo;
108 
109     /* The offset for salt data, it stored in hash_payload. */
110     uint64_t salt_offset;
111 
112     /* The size of salt data. */
113     uint64_t salt_size;
114 
115     /* The offset for digest, it stored in hash_payload. */
116     uint64_t digest_offset;
117 
118     /* The size of digest. */
119     uint64_t digest_size;
120 
121     /* The offset for hashtree. */
122     uint64_t hashtree_offset;
123 
124     /* The size of hashtree. */
125     uint64_t hashtree_size;
126 
127     /* The size of each block in hashtree mode (4 KB by default). */
128     uint64_t data_block_size;
129 
130     /* The size of each block for storing hash in a hashtree (4 KB by default). */
131     uint64_t hash_block_size;
132 
133     /* The device number FEC. */
134     uint64_t fec_num_roots;
135 
136     /* The offset of FEC. */
137     uint64_t fec_offset;
138 
139     /* The size of FEC. */
140     uint64_t fec_size;
141 
142     /* save the salt and digest of image. */
143     struct hash_payload hash_payload;
144 
145     /* signature info */
146     struct hvb_sign_info signature_info;
147 } HVB_ATTR_PACKED;
148 
149 enum hvb_errno cert_init_desc(struct hvb_ops *ops, const char *ptn, struct hvb_buf *cert_buf,
150                               const char *const *hash_ptn_list, struct hvb_buf *out_pubk,
151                               struct hvb_verified_data *verified_data);
152 enum hvb_errno hvb_cert_parser(struct hvb_cert *cert, struct hvb_buf *cert_buf);
153 
154 #endif
155