1 /* 2 * Copyright (c) 2020 HiSilicon (Shanghai) Technologies CO., LIMITED. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 * Description: Secure Verify for Loaderboot and Flashboot 15 * 16 * Create: 2023-03-09 17 */ 18 19 #ifndef SECURE_VERIFY_BOOT_H 20 #define SECURE_VERIFY_BOOT_H 21 22 #include <stdint.h> 23 #include "errcode.h" 24 25 #if defined(CONFIG_BOOT_SUPPORT_ECC_VERIFY) || defined(CONFIG_BOOT_SUPPORT_SM2_VERIFY) || \ 26 defined(CONFIG_BOOT_NO_SEC_VERIFY) 27 #define ROOT_PUBLIC_KEY_STRUCTURE_LENGTH 0x80 28 #define KEY_AREA_STRUCTURE_LENGTH 0x100 29 #define CODE_INFO_STRUCTURE_LENGTH 0x200 30 #define BOOT_PUBLIC_KEY_LEN 64 31 #define BOOT_SIG_LEN 64 32 #define BOOT_EXT_SIG_LEN 64 33 #elif defined(CONFIG_BOOT_SUPPORT_RSA3072_VERIFY) 34 #define ROOT_PUBLIC_KEY_STRUCTURE_LENGTH 0x200 35 #define KEY_AREA_STRUCTURE_LENGTH 0x400 36 #define CODE_INFO_STRUCTURE_LENGTH 0x400 37 #define BOOT_PUBLIC_KEY_LEN 388 /* n:384 bytes, e:4 bytes */ 38 #define BOOT_SIG_LEN 384 39 #define BOOT_EXT_SIG_LEN 384 40 #elif defined(CONFIG_BOOT_SUPPORT_RSA4096_VERIFY) 41 #define ROOT_PUBLIC_KEY_STRUCTURE_LENGTH 0x400 42 #define KEY_AREA_STRUCTURE_LENGTH 0x500 43 #define CODE_INFO_STRUCTURE_LENGTH 0x300 44 #define BOOT_PUBLIC_KEY_LEN 516 /* n:512 bytes, e:4 bytes */ 45 #define BOOT_SIG_LEN 512 46 #define BOOT_EXT_SIG_LEN 0 /* No external signatures are reserved for RSA4096 */ 47 #endif 48 49 #define DIE_ID_LEN 16 /* DIEID has 160 bits, but we just use 128 bits */ 50 #define HASH_LEN 32 51 #define PROTECT_KEY_LEN 16 52 #define IV_LEN 16 53 54 typedef enum { 55 LOADER_BOOT_TYPE = 0, 56 PARAMS_BOOT_TYPE = 1, 57 FLASH_BOOT_TYPE = 2, 58 FLASH_BOOT_BACK_UP_TYPE = 3, 59 SECOND_FLASH_BOOT_TYPE = 4, 60 SECOND_FLASH_BOOT_BACK_UP_TYPE = 5, 61 APP_BOOT_TYPE = 6, 62 INVALID_BOOT_TYPE 63 } image_type_t; 64 65 typedef enum { 66 KEY_EREA_TYPE = 0, 67 CODE_INFO_TYPE = 1, 68 PARAMS_KEY_AREA_TYPE = 2, 69 PARAMS_AREA_IOFO_TYPE = 3, 70 INVALID_EREA_TYPE 71 } area_type_t; 72 73 /* root public key area, size is 0x80 */ 74 typedef struct { 75 uint32_t image_id; 76 uint32_t structure_version; /* currently version is 0x00010000 */ 77 uint32_t structure_length; 78 uint32_t key_owner_id; 79 uint32_t key_id; 80 uint32_t key_alg; /* 0x2A13C812: ECC256; 0x2A13C823: SM2 */ 81 uint32_t ecc_curve_type; /* 0x2A13C812: RFC 5639, BrainpoolP256r1 */ 82 uint32_t key_length; 83 uint8_t reserved[ROOT_PUBLIC_KEY_STRUCTURE_LENGTH - 32 - BOOT_PUBLIC_KEY_LEN]; /* 32 bytes above */ 84 uint8_t root_key_area[BOOT_PUBLIC_KEY_LEN]; 85 } root_public_key_area_t; 86 87 /* Params key area structure, size is 0x100 */ 88 typedef struct { 89 uint32_t image_id; 90 uint32_t structure_version; /* currently version is 0x00010000 */ 91 uint32_t structure_length; 92 uint32_t signature_length; 93 uint32_t key_owner_id; 94 uint32_t key_id; 95 uint32_t key_alg; /* 0x2A13C812: ECC256; 0x2A13C823: SM2 */ 96 uint32_t ecc_curve_type; /* 0x2A13C812: RFC 5639, BrainpoolP256r1 */ 97 uint32_t key_length; 98 uint32_t params_key_version_ext; 99 uint32_t mask_params_key_version_ext; 100 uint32_t msid_ext; 101 uint32_t mask_msid_ext; 102 uint32_t maintenance_mode; /* 0x3C7896E1: enable */ 103 uint8_t die_id[DIE_ID_LEN]; 104 uint32_t params_info_addr; /* 0 means followed Params Key Area */ 105 uint8_t reserved[KEY_AREA_STRUCTURE_LENGTH - 76 - BOOT_PUBLIC_KEY_LEN - BOOT_SIG_LEN]; /* 76 bytes above */ 106 uint8_t params_ext_key_area[BOOT_PUBLIC_KEY_LEN]; 107 uint8_t sig_params_key_area[BOOT_SIG_LEN]; 108 } params_key_area_t; 109 110 111 /* Params area info, size is 0x200 */ 112 typedef struct { 113 uint32_t image_id; 114 uint32_t structure_version; /* currently version is 0x00010000 */ 115 uint32_t structure_length; /* ecc/sm2 is 0x200, rsa3072 is 0x400 */ 116 uint32_t signature_length; 117 uint32_t params_version_ext; 118 uint32_t mask_params_version_ext; 119 uint32_t msid_ext; 120 uint32_t mask_msid_ext; 121 uint32_t params_area_addr; /* 0 means followed Params Area info */ 122 uint32_t params_area_len; 123 uint8_t params_area_hash[HASH_LEN]; 124 uint8_t reserved[CODE_INFO_STRUCTURE_LENGTH - 72 - BOOT_SIG_LEN - BOOT_EXT_SIG_LEN]; /* 72 bytes above */ 125 uint8_t sig_params_info[BOOT_SIG_LEN]; 126 uint8_t sig_params_info_ext[BOOT_EXT_SIG_LEN]; 127 } params_area_info_t; 128 129 /* Params area structure, size is depend on params_area_len */ 130 typedef struct { 131 uint32_t image_id; 132 uint32_t structure_version; 133 uint32_t version; 134 uint16_t item_offset; 135 uint8_t item_count; 136 } params_area_head_t; 137 138 typedef struct { 139 uint32_t item_addr; 140 uint32_t item_size; 141 } item_structure_t; 142 143 /* Key area, size is 0x100 */ 144 typedef struct { 145 uint32_t image_id; 146 uint32_t structure_version; 147 uint32_t structure_length; 148 uint32_t signature_length; 149 uint32_t key_owner_id; 150 uint32_t key_id; 151 uint32_t key_alg; /* 0x2A13C812: ECC256; 0x2A13C823: SM2 */ 152 uint32_t ecc_curve_type; /* 0x2A13C812: RFC 5639, BrainpoolP256r1 */ 153 uint32_t key_length; 154 uint32_t key_version_ext; 155 uint32_t mask_key_version_ext; 156 uint32_t msid_ext; 157 uint32_t mask_msid_ext; 158 uint32_t maintenance_mode; /* 0x3C7896E1: enable */ 159 uint8_t die_id[DIE_ID_LEN]; 160 uint32_t code_info_addr; /* 0 means followed image Key Area */ 161 uint8_t reserved[KEY_AREA_STRUCTURE_LENGTH - 76 - BOOT_PUBLIC_KEY_LEN - BOOT_SIG_LEN]; /* 76 bytes above */ 162 uint8_t ext_pulic_key_area[BOOT_PUBLIC_KEY_LEN]; 163 uint8_t sig_key_area[BOOT_SIG_LEN]; 164 } image_key_area_t; 165 166 /* Code area info, size is 0x200 */ 167 typedef struct { 168 uint32_t image_id; 169 uint32_t structure_version; 170 uint32_t structure_length; 171 uint32_t signature_length; 172 uint32_t version_ext; 173 uint32_t mask_version_ext; 174 uint32_t msid_ext; 175 uint32_t mask_msid_ext; 176 uint32_t code_area_addr; 177 uint32_t code_area_len; 178 uint8_t code_area_hash[HASH_LEN]; 179 uint32_t code_enc_flag; 180 uint8_t protection_key_l1[PROTECT_KEY_LEN]; 181 uint8_t protection_key_l2[PROTECT_KEY_LEN]; 182 uint8_t iv[IV_LEN]; 183 uint32_t code_compress_flag; /* 0x3C7896E1: is compressed */ 184 uint32_t code_uncompress_len; 185 uint32_t text_segment_size; 186 uint8_t reserved[CODE_INFO_STRUCTURE_LENGTH - 136 - BOOT_SIG_LEN - BOOT_EXT_SIG_LEN]; /* 136 bytes above */ 187 uint8_t sig_code_info[BOOT_SIG_LEN]; 188 uint8_t sig_code_info_ext[BOOT_EXT_SIG_LEN]; 189 } image_code_info_t; 190 191 errcode_t verify_boot_init(void); 192 errcode_t verify_boot_deinit(void); 193 errcode_t verify_public_rootkey(uint32_t rootkey_buff_addr); 194 errcode_t verify_image_head(image_type_t image_type, uint32_t public_key_addr, uint32_t boot_head_addr); 195 errcode_t verify_image_body(uint32_t boot_head_addr, uint32_t boot_body_addr); 196 errcode_t verify_params_head(uint32_t root_public_key_addr, uint32_t params_head_addr); 197 errcode_t verify_params_body(uint32_t params_head_addr, uint32_t params_body_addr); 198 199 #endif