• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  *     http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef __HVB_CERT_H_
16 #define __HVB_CERT_H_
17 
18 #include "hvb_sysdeps.h"
19 #include "hvb.h"
20 #include "hvb_crypto.h"
21 
22 #ifdef __cplusplus
23 extern "C"
24 {
25 #endif
26 
27 /* Magic for the vbmeta image header. */
28 #define HVB_MAGIC                    "HVB"
29 #define HVB_MAGIC_LEN                4
30 
31 /* Maximum size of the release string including the terminating NUL byte. */
32 #define HVB_VERITY_RESERVED_SIZE     36
33 #define HVB_SIGNATURE_RESERVED_SIZE  64
34 #define VERITY_NAME_SIZE             64
35 #define HVB_SIGNATURE_MAX_SIZE       4096
36 
37 /* The version number of HVB - keep in sync with hvbtool. */
38 #define HVB_VERSION_MAJOR            1
39 #define HVB_VERSION_MINOR            1
40 
41 #define PUBKEY_MODULUS_LEN           256
42 #define PUBKEY_P_RR_LEN              256
43 #define SIGNATURE_LEN                256
44 #define HVB_SIGNATURE_FIXED_SIZE     224
45 
46 enum hvb_image_type {
47     HVB_IMAGE_TYPE_NONE,
48     HVB_IMAGE_TYPE_HASH,
49     HVB_IMAGE_TYPE_HASHTREE,
50     HVB_IMAGE_TYPE_MAX,
51 };
52 
53 struct hash_payload {
54     uint8_t *salt;
55     uint8_t *digest;
56 } HVB_ATTR_PACKED;
57 
58 struct hvb_sign_info {
59     uint64_t sig_length;
60     uint32_t algorithm;
61     uint32_t flags;
62     uint64_t pubkey_offset;
63     uint64_t pubkey_len;
64     uint64_t signature_offset;
65     uint64_t signature_len;
66     uint8_t signature_reserved[HVB_SIGNATURE_RESERVED_SIZE];
67     struct hvb_buf pubk;
68     struct hvb_buf sign;
69 } HVB_ATTR_PACKED;
70 
71 struct hvb_cert {
72     /* Three bytes equal to "HVB" (HVB_MAGIC). */
73     uint8_t magic[HVB_MAGIC_LEN];
74 
75     /* The major version of libhvb. */
76     uint32_t version_major;
77 
78     /* The minor version of libhvb. */
79     uint32_t version_minor;
80 
81     /* The release data for verity info data. */
82     uint8_t verity_reserved[HVB_VERITY_RESERVED_SIZE];
83 
84     /* The original length for image. */
85     uint64_t image_original_len;
86 
87     /* The length for image after padding zeroes. */
88     uint64_t image_len;
89 
90     /* The partition name. */
91     uint8_t image_name[VERITY_NAME_SIZE];
92 
93     /* The location of rollback value. */
94     uint64_t rollback_location;
95 
96     /* The rollback index. */
97     uint64_t rollback_index;
98 
99     /*
100      * The type of image verity.
101      * 1: hash image
102      * 2: hashtree image
103      */
104     uint32_t verity_type;
105 
106     /*
107      * The algorithm for calculated image hash.
108      * 0: ShA256
109      * 1: SHA1
110      * 2: SHA512
111      */
112     uint32_t hash_algo;
113 
114     /* The offset for salt data, it stored in hash_payload. */
115     uint64_t salt_offset;
116 
117     /* The size of salt data. */
118     uint64_t salt_size;
119 
120     /* The offset for digest, it stored in hash_payload. */
121     uint64_t digest_offset;
122 
123     /* The size of digest. */
124     uint64_t digest_size;
125 
126     /* The offset for hashtree. */
127     uint64_t hashtree_offset;
128 
129     /* The size of hashtree. */
130     uint64_t hashtree_size;
131 
132     /* The size of each block in hashtree mode (4 KB by default). */
133     uint64_t data_block_size;
134 
135     /* The size of each block for storing hash in a hashtree (4 KB by default). */
136     uint64_t hash_block_size;
137 
138     /* The device number FEC. */
139     uint64_t fec_num_roots;
140 
141     /* The offset of FEC. */
142     uint64_t fec_offset;
143 
144     /* The size of FEC. */
145     uint64_t fec_size;
146 
147     /* save the salt and digest of image. */
148     struct hash_payload hash_payload;
149 
150     /* signature info */
151     struct hvb_sign_info signature_info;
152 } HVB_ATTR_PACKED;
153 
154 enum hvb_errno cert_init_desc(struct hvb_ops *ops, const char *ptn, struct hvb_buf *cert_buf,
155                               const char *const *hash_ptn_list, struct hvb_buf *out_pubk,
156                               struct hvb_verified_data *verified_data);
157 enum hvb_errno hvb_cert_parser(struct hvb_cert *cert, struct hvb_buf *cert_buf);
158 
159 #ifdef __cplusplus
160 }
161 #endif
162 
163 #endif
164