xref: /arm-trusted-firmware/include/lib/psa/measured_boot.h (revision 91f16700b400a8c0651d24a598fc48ee2997a0d7) 
1*91f16700Schasinglulu /*
2*91f16700Schasinglulu  * Copyright (c) 2022, Arm Limited. All rights reserved.
3*91f16700Schasinglulu  *
4*91f16700Schasinglulu  * SPDX-License-Identifier: BSD-3-Clause
5*91f16700Schasinglulu  *
6*91f16700Schasinglulu  */
7*91f16700Schasinglulu 
8*91f16700Schasinglulu #ifndef PSA_MEASURED_BOOT_H
9*91f16700Schasinglulu #define PSA_MEASURED_BOOT_H
10*91f16700Schasinglulu 
11*91f16700Schasinglulu #include <stdbool.h>
12*91f16700Schasinglulu #include <stddef.h>
13*91f16700Schasinglulu #include <stdint.h>
14*91f16700Schasinglulu 
15*91f16700Schasinglulu #include "psa/error.h"
16*91f16700Schasinglulu 
17*91f16700Schasinglulu /* Minimum measurement value size that can be requested to store */
18*91f16700Schasinglulu #define MEASUREMENT_VALUE_MIN_SIZE	32U
19*91f16700Schasinglulu /* Maximum measurement value size that can be requested to store */
20*91f16700Schasinglulu #define MEASUREMENT_VALUE_MAX_SIZE	64U
21*91f16700Schasinglulu /* Minimum signer id size that can be requested to store */
22*91f16700Schasinglulu #define SIGNER_ID_MIN_SIZE		MEASUREMENT_VALUE_MIN_SIZE
23*91f16700Schasinglulu /* Maximum signer id size that can be requested to store */
24*91f16700Schasinglulu #define SIGNER_ID_MAX_SIZE		MEASUREMENT_VALUE_MAX_SIZE
25*91f16700Schasinglulu /* The theoretical maximum image version is: "255.255.65535\0" */
26*91f16700Schasinglulu #define VERSION_MAX_SIZE		14U
27*91f16700Schasinglulu /* Example sw_type: "BL_2, BL_33, etc." */
28*91f16700Schasinglulu #define SW_TYPE_MAX_SIZE		20U
29*91f16700Schasinglulu #define NUM_OF_MEASUREMENT_SLOTS	32U
30*91f16700Schasinglulu 
31*91f16700Schasinglulu 
32*91f16700Schasinglulu /**
33*91f16700Schasinglulu  * Extends and stores a measurement to the requested slot.
34*91f16700Schasinglulu  *
35*91f16700Schasinglulu  * index			Slot number in which measurement is to be stored
36*91f16700Schasinglulu  * signer_id			Pointer to signer_id buffer.
37*91f16700Schasinglulu  * signer_id_size		Size of the signer_id in bytes.
38*91f16700Schasinglulu  * version			Pointer to version buffer.
39*91f16700Schasinglulu  * version_size			Size of the version string in bytes.
40*91f16700Schasinglulu  * measurement_algo		Algorithm identifier used for measurement.
41*91f16700Schasinglulu  * sw_type			Pointer to sw_type buffer.
42*91f16700Schasinglulu  * sw_type_size			Size of the sw_type string in bytes.
43*91f16700Schasinglulu  * measurement_value		Pointer to measurement_value buffer.
44*91f16700Schasinglulu  * measurement_value_size	Size of the measurement_value in bytes.
45*91f16700Schasinglulu  * lock_measurement		Boolean flag requesting whether the measurement
46*91f16700Schasinglulu  *				is to be locked.
47*91f16700Schasinglulu  *
48*91f16700Schasinglulu  * PSA_SUCCESS:
49*91f16700Schasinglulu  *	- Success.
50*91f16700Schasinglulu  * PSA_ERROR_INVALID_ARGUMENT:
51*91f16700Schasinglulu  *	- The size of any argument is invalid OR
52*91f16700Schasinglulu  *	- Input Measurement value is NULL OR
53*91f16700Schasinglulu  *	- Input Signer ID is NULL OR
54*91f16700Schasinglulu  *	- Requested slot index is invalid.
55*91f16700Schasinglulu  * PSA_ERROR_BAD_STATE:
56*91f16700Schasinglulu  *	- Request to lock, when slot is already locked.
57*91f16700Schasinglulu  * PSA_ERROR_NOT_PERMITTED:
58*91f16700Schasinglulu  *	- When the requested slot is not accessible to the caller.
59*91f16700Schasinglulu  */
60*91f16700Schasinglulu 
61*91f16700Schasinglulu /* Not a standard PSA API, just an extension therefore use the 'rss_' prefix
62*91f16700Schasinglulu  * rather than the usual 'psa_'.
63*91f16700Schasinglulu  */
64*91f16700Schasinglulu psa_status_t
65*91f16700Schasinglulu rss_measured_boot_extend_measurement(uint8_t index,
66*91f16700Schasinglulu 				     const uint8_t *signer_id,
67*91f16700Schasinglulu 				     size_t signer_id_size,
68*91f16700Schasinglulu 				     const uint8_t *version,
69*91f16700Schasinglulu 				     size_t version_size,
70*91f16700Schasinglulu 				     uint32_t measurement_algo,
71*91f16700Schasinglulu 				     const uint8_t *sw_type,
72*91f16700Schasinglulu 				     size_t sw_type_size,
73*91f16700Schasinglulu 				     const uint8_t *measurement_value,
74*91f16700Schasinglulu 				     size_t measurement_value_size,
75*91f16700Schasinglulu 				     bool lock_measurement);
76*91f16700Schasinglulu 
77*91f16700Schasinglulu /**
78*91f16700Schasinglulu  * Retrieves a measurement from the requested slot.
79*91f16700Schasinglulu  *
80*91f16700Schasinglulu  * index			Slot number from which measurement is to be
81*91f16700Schasinglulu  *				retrieved.
82*91f16700Schasinglulu  * signer_id			Pointer to signer_id buffer.
83*91f16700Schasinglulu  * signer_id_size		Size of the signer_id buffer in bytes.
84*91f16700Schasinglulu  * signer_id_len		On success, number of bytes that make up
85*91f16700Schasinglulu  * 				signer_id.
86*91f16700Schasinglulu  * version			Pointer to version buffer.
87*91f16700Schasinglulu  * version_size			Size of the version buffer in bytes.
88*91f16700Schasinglulu  * version_len			On success, number of bytes that makeup the
89*91f16700Schasinglulu  * 				version.
90*91f16700Schasinglulu  * measurement_algo		Pointer to measurement_algo.
91*91f16700Schasinglulu  * sw_type			Pointer to sw_type buffer.
92*91f16700Schasinglulu  * sw_type_size			Size of the sw_type buffer in bytes.
93*91f16700Schasinglulu  * sw_type_len			On success, number of bytes that makeup the
94*91f16700Schasinglulu  * 				sw_type.
95*91f16700Schasinglulu  * measurement_value		Pointer to measurement_value buffer.
96*91f16700Schasinglulu  * measurement_value_size	Size of the measurement_value buffer in bytes.
97*91f16700Schasinglulu  * measurement_value_len	On success, number of bytes that make up the
98*91f16700Schasinglulu  * 				measurement_value.
99*91f16700Schasinglulu  * is_locked			Pointer to lock status of requested measurement
100*91f16700Schasinglulu  * 				slot.
101*91f16700Schasinglulu  *
102*91f16700Schasinglulu  * PSA_SUCCESS
103*91f16700Schasinglulu  *	- Success.
104*91f16700Schasinglulu  * PSA_ERROR_INVALID_ARGUMENT
105*91f16700Schasinglulu  *	- The size of at least one of the output buffers is incorrect or the
106*91f16700Schasinglulu  *	  requested slot index is invalid.
107*91f16700Schasinglulu  * PSA_ERROR_DOES_NOT_EXIST
108*91f16700Schasinglulu  *	- The requested slot is empty, does not contain a measurement.
109*91f16700Schasinglulu  */
110*91f16700Schasinglulu psa_status_t rss_measured_boot_read_measurement(uint8_t index,
111*91f16700Schasinglulu 					uint8_t *signer_id,
112*91f16700Schasinglulu 					size_t signer_id_size,
113*91f16700Schasinglulu 					size_t *signer_id_len,
114*91f16700Schasinglulu 					uint8_t *version,
115*91f16700Schasinglulu 					size_t version_size,
116*91f16700Schasinglulu 					size_t *version_len,
117*91f16700Schasinglulu 					uint32_t *measurement_algo,
118*91f16700Schasinglulu 					uint8_t *sw_type,
119*91f16700Schasinglulu 					size_t sw_type_size,
120*91f16700Schasinglulu 					size_t *sw_type_len,
121*91f16700Schasinglulu 					uint8_t *measurement_value,
122*91f16700Schasinglulu 					size_t measurement_value_size,
123*91f16700Schasinglulu 					size_t *measurement_value_len,
124*91f16700Schasinglulu 					bool *is_locked);
125*91f16700Schasinglulu 
126*91f16700Schasinglulu #endif /* PSA_MEASURED_BOOT_H */
127