1 /* 2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 #ifndef __HVB_H_ 16 #define __HVB_H_ 17 18 #include "hvb_ops.h" 19 #include "hvb_types.h" 20 21 #ifdef __cplusplus 22 extern "C" 23 { 24 #endif 25 26 #define HVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS 32 27 #define HVB_MAX_NUMBER_OF_LOADED_CERTS 32 28 #define HVB_MAX_NUMBER_OF_LOADED_IMAGES 32 29 #define HVB_MAX_PARTITION_NAME_LEN 36 30 31 /* partition range 4 Kib - 64 GiB. */ 32 #define HVB_MAX_PARTITION_SIZE 0x1000000000 33 #define HVB_MIN_PARTITION_SIZE 0x0000001000 34 35 /* Maximum size of a rvt image - 64 KiB. */ 36 #define RVT_MAX_SIZE (64 * 1024) 37 38 /* Maximum size for hash parttion list, one is RVT and the other for null pointer. */ 39 #define REQUEST_LIST_LEN 2 40 41 enum hvb_errno { 42 HVB_OK, 43 HVB_ERROR_OOM, 44 HVB_ERROR_IO, 45 HVB_ERROR_VERIFY_SIGN, 46 HVB_ERROR_VERIFY_HASH, 47 HVB_ERROR_ROLLBACK_INDEX, 48 HVB_ERROR_PUBLIC_KEY_REJECTED, 49 HVB_ERROR_INVALID_CERT_FORMAT, 50 HVB_ERROR_INVALID_FOOTER_FORMAT, 51 HVB_ERROR_UNSUPPORTED_VERSION, 52 HVB_ERROR_INVALID_ARGUMENT, 53 }; 54 55 struct hvb_image_data { 56 char *partition_name; 57 struct hvb_buf data; 58 bool preloaded; 59 }; 60 61 struct hvb_cert_data { 62 char *partition_name; 63 struct hvb_buf data; 64 enum hvb_errno verify_result; 65 }; 66 67 struct hvb_cmdline_data { 68 char *buf; 69 uint64_t cur_pos; // the first avaliable pos in buf 70 uint64_t max_size; 71 }; 72 73 struct hvb_verified_data { 74 struct hvb_cert_data *certs; 75 uint64_t num_loaded_certs; 76 struct hvb_image_data *images; 77 uint64_t num_loaded_images; 78 struct hvb_cmdline_data cmdline; 79 uint64_t rollback_indexes[HVB_MAX_NUMBER_OF_ROLLBACK_INDEX_LOCATIONS]; 80 /* 81 * The algorithm for calculated image hash. 82 * 0: SHA256_RSA3072 83 * 1: SHA256_4096 84 * 2: SHA256_2048 85 * 3: SM 86 */ 87 uint32_t algorithm; 88 uint32_t match_backup_pubkey; 89 }; 90 91 struct hvb_verified_data *hvb_init_verified_data(void); 92 enum hvb_errno hvb_chain_verify(struct hvb_ops *ops, const char *rvt_ptn, 93 const char *const *hash_ptn_list, 94 struct hvb_verified_data **out_vd); 95 void hvb_chain_verify_data_free(struct hvb_verified_data *vd); 96 97 #ifdef __cplusplus 98 } 99 #endif 100 101 #endif 102