xref: /base/startup/hvb/libhvb/include/hvb_cert.h (revision 7310c0d0) 
1/*
2 * Copyright (c) 2022-2023 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 *     http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15#ifndef __HVB_CERT_H_
16#define __HVB_CERT_H_
17
18#include "hvb_sysdeps.h"
19#include "hvb.h"
20#include "hvb_crypto.h"
21
22#ifdef __cplusplus
23extern "C"
24{
25#endif
26
27/* Magic for the vbmeta image header. */
28#define HVB_MAGIC                    "HVB"
29#define HVB_MAGIC_LEN                4
30
31/* Maximum size of the release string including the terminating NUL byte. */
32#define HVB_VERITY_RESERVED_SIZE     36
33#define HVB_SIGNATURE_RESERVED_SIZE  64
34#define VERITY_NAME_SIZE             64
35#define HVB_SIGNATURE_MAX_SIZE       4096
36#define HVB_CERT_MAX_SIZE            4096
37
38/* The version number of HVB - keep in sync with hvbtool. */
39#define HVB_VERSION_MAJOR            1
40#define HVB_VERSION_MINOR            1
41
42#define PUBKEY_MODULUS_LEN           256
43#define PUBKEY_P_RR_LEN              256
44#define SIGNATURE_LEN                256
45#define HVB_SIGNATURE_FIXED_SIZE     224
46
47enum hvb_image_type {
48    HVB_IMAGE_TYPE_NONE,
49    HVB_IMAGE_TYPE_HASH,
50    HVB_IMAGE_TYPE_HASHTREE,
51    HVB_IMAGE_TYPE_MAX,
52};
53
54struct hash_payload {
55    uint8_t *salt;
56    uint8_t *digest;
57} HVB_ATTR_PACKED;
58
59struct hvb_sign_info {
60    uint64_t sig_length;
61    uint32_t algorithm;
62    uint32_t flags;
63    uint64_t pubkey_offset;
64    uint64_t pubkey_len;
65    uint64_t signature_offset;
66    uint64_t signature_len;
67    uint8_t signature_reserved[HVB_SIGNATURE_RESERVED_SIZE];
68    struct hvb_buf pubk;
69    struct hvb_buf sign;
70} HVB_ATTR_PACKED;
71
72struct hvb_cert {
73    /* Three bytes equal to "HVB" (HVB_MAGIC). */
74    uint8_t magic[HVB_MAGIC_LEN];
75
76    /* The major version of libhvb. */
77    uint32_t version_major;
78
79    /* The minor version of libhvb. */
80    uint32_t version_minor;
81
82    /* The release data for verity info data. */
83    uint8_t verity_reserved[HVB_VERITY_RESERVED_SIZE];
84
85    /* The original length for image. */
86    uint64_t image_original_len;
87
88    /* The length for image after padding zeroes. */
89    uint64_t image_len;
90
91    /* The partition name. */
92    uint8_t image_name[VERITY_NAME_SIZE];
93
94    /* The location of rollback value. */
95    uint64_t rollback_location;
96
97    /* The rollback index. */
98    uint64_t rollback_index;
99
100    /*
101     * The type of image verity.
102     * 1: hash image
103     * 2: hashtree image
104     */
105    uint32_t verity_type;
106
107    /*
108     * The algorithm for calculated image hash.
109     * 0: ShA256
110     * 1: SHA1
111     * 2: SHA512
112     */
113    uint32_t hash_algo;
114
115    /* The offset for salt data, it stored in hash_payload. */
116    uint64_t salt_offset;
117
118    /* The size of salt data. */
119    uint64_t salt_size;
120
121    /* The offset for digest, it stored in hash_payload. */
122    uint64_t digest_offset;
123
124    /* The size of digest. */
125    uint64_t digest_size;
126
127    /* The offset for hashtree. */
128    uint64_t hashtree_offset;
129
130    /* The size of hashtree. */
131    uint64_t hashtree_size;
132
133    /* The size of each block in hashtree mode (4 KB by default). */
134    uint64_t data_block_size;
135
136    /* The size of each block for storing hash in a hashtree (4 KB by default). */
137    uint64_t hash_block_size;
138
139    /* The device number FEC. */
140    uint64_t fec_num_roots;
141
142    /* The offset of FEC. */
143    uint64_t fec_offset;
144
145    /* The size of FEC. */
146    uint64_t fec_size;
147
148    /* save the salt and digest of image. */
149    struct hash_payload hash_payload;
150
151    /* signature info */
152    struct hvb_sign_info signature_info;
153} HVB_ATTR_PACKED;
154
155enum hvb_errno cert_init_desc(struct hvb_ops *ops, const char *ptn, struct hvb_buf *cert_buf,
156                              const char *const *hash_ptn_list, struct hvb_buf *out_pubk,
157                              struct hvb_verified_data *verified_data);
158enum hvb_errno hvb_cert_parser(struct hvb_cert *cert, struct hvb_buf *cert_buf);
159
160#ifdef __cplusplus
161}
162#endif
163
164#endif
165