bl_crypto.h

Go to the documentation of this file.

/*
 * Copyright (c) 2018 Nordic Semiconductor ASA
 *
 * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
 */
 
#ifndef BOOTLOADER_CRYPTO_H__
#define BOOTLOADER_CRYPTO_H__
 
#ifdef __cplusplus
extern "C" {
#endif
 
#include <zephyr/types.h>
#include <fw_info.h>
 
 
/* Placeholder defines. Values should be updated, if no existing errors can be
 * used instead. */
#define EHASHINV 101
#define ESIGINV  102
 
 
#if CONFIG_SB_CRYPTO_OBERON_SHA256
        #include <ocrypto_sha256.h>
        #define SHA256_CTX_SIZE sizeof(ocrypto_sha256_ctx)
        typedef ocrypto_sha256_ctx bl_sha256_ctx_t;
#elif CONFIG_SB_CRYPTO_CC310_SHA256
        #include <nrf_cc310_bl_hash_sha256.h>
        #define SHA256_CTX_SIZE sizeof(nrf_cc310_bl_hash_context_sha256_t)
        typedef nrf_cc310_bl_hash_context_sha256_t bl_sha256_ctx_t;
#else
        #define SHA256_CTX_SIZE 256
        // uint32_t to make sure it is aligned equally as the other contexts.
        typedef uint32_t bl_sha256_ctx_t[SHA256_CTX_SIZE/4];
#endif
 
int bl_crypto_init(void);
 
 
int bl_root_of_trust_verify(const uint8_t *public_key,
                            const uint8_t *public_key_hash,
                            const uint8_t *signature,
                            const uint8_t *firmware,
                            const uint32_t firmware_len);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_root_of_trust_verify_t)(
                            const uint8_t *public_key,
                            const uint8_t *public_key_hash,
                            const uint8_t *signature,
                            const uint8_t *firmware,
                            const uint32_t firmware_len);
 
 
int bl_root_of_trust_verify_external(const uint8_t *public_key,
                                     const uint8_t *public_key_hash,
                                     const uint8_t *signature,
                                     const uint8_t *firmware,
                                     const uint32_t firmware_len);
 
 
int bl_sha256_init(bl_sha256_ctx_t *ctx);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_sha256_init_t)(bl_sha256_ctx_t *ctx);
 
 
int bl_sha256_update(bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_sha256_update_t)(bl_sha256_ctx_t *ctx, const uint8_t *data,
                                uint32_t data_len);
 
 
int bl_sha256_finalize(bl_sha256_ctx_t *ctx, uint8_t *output);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_sha256_finalize_t)(bl_sha256_ctx_t *ctx, uint8_t *output);
 
 
int bl_sha256_verify(const uint8_t *data, uint32_t data_len, const uint8_t *expected);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_sha256_verify_t)(const uint8_t *data, uint32_t data_len,
                                const uint8_t *expected);
 
 
int bl_secp256r1_validate(const uint8_t *hash,
                          uint32_t hash_len,
                          const uint8_t *signature,
                          const uint8_t *public_key);
 
/* Typedef for use in EXT_API declaration */
typedef int (*bl_secp256r1_validate_t)(
                          const uint8_t *hash,
                          uint32_t hash_len,
                          const uint8_t *signature,
                          const uint8_t *public_key);
 
 
struct bl_rot_verify_ext_api {
        bl_root_of_trust_verify_t bl_root_of_trust_verify;
};
 
struct bl_sha256_ext_api {
        bl_sha256_init_t bl_sha256_init;
        bl_sha256_update_t bl_sha256_update;
        bl_sha256_finalize_t bl_sha256_finalize;
        bl_sha256_verify_t bl_sha256_verify;
        uint32_t bl_sha256_ctx_size;
};
 
struct bl_secp256r1_ext_api {
        bl_secp256r1_validate_t bl_secp256r1_validate;
};
 
#ifdef __cplusplus
}
#endif
 
#endif