nRF Connect SDK API 2.8.99
Loading...
Searching...
No Matches
bl_crypto.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2018 Nordic Semiconductor ASA
3 *
4 * SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
5 */
6
7#ifndef BOOTLOADER_CRYPTO_H__
8#define BOOTLOADER_CRYPTO_H__
9
10#ifdef __cplusplus
11extern "C" {
12#endif
13
14#include <zephyr/types.h>
15#include <fw_info.h>
16
17
22/* Placeholder defines. Values should be updated, if no existing errors can be
23 * used instead. */
24#define EHASHINV 101
25#define ESIGINV 102
26
27
28#if CONFIG_SB_CRYPTO_OBERON_SHA256
29 #include <ocrypto_sha256.h>
30 #define SHA256_CTX_SIZE sizeof(ocrypto_sha256_ctx)
31 typedef ocrypto_sha256_ctx bl_sha256_ctx_t;
32#elif CONFIG_SB_CRYPTO_CC310_SHA256
33 #include <nrf_cc310_bl_hash_sha256.h>
34 #define SHA256_CTX_SIZE sizeof(nrf_cc310_bl_hash_context_sha256_t)
35 typedef nrf_cc310_bl_hash_context_sha256_t bl_sha256_ctx_t;
36#else
37 #define SHA256_CTX_SIZE 256
38 // uint32_t to make sure it is aligned equally as the other contexts.
39 typedef uint32_t bl_sha256_ctx_t[SHA256_CTX_SIZE/4];
40#endif
41
49
50
73int bl_root_of_trust_verify(const uint8_t *public_key,
74 const uint8_t *public_key_hash,
75 const uint8_t *signature,
76 const uint8_t *firmware,
77 const uint32_t firmware_len);
78
79/* Typedef for use in EXT_API declaration */
81 const uint8_t *public_key,
82 const uint8_t *public_key_hash,
83 const uint8_t *signature,
84 const uint8_t *firmware,
85 const uint32_t firmware_len);
86
87
93int bl_root_of_trust_verify_external(const uint8_t *public_key,
94 const uint8_t *public_key_hash,
95 const uint8_t *signature,
96 const uint8_t *firmware,
97 const uint32_t firmware_len);
98
99
109
110/* Typedef for use in EXT_API declaration */
112
113
130int bl_sha256_update(bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len);
131
132/* Typedef for use in EXT_API declaration */
133typedef int (*bl_sha256_update_t)(bl_sha256_ctx_t *ctx, const uint8_t *data,
134 uint32_t data_len);
135
136
147int bl_sha256_finalize(bl_sha256_ctx_t *ctx, uint8_t *output);
148
149/* Typedef for use in EXT_API declaration */
150typedef int (*bl_sha256_finalize_t)(bl_sha256_ctx_t *ctx, uint8_t *output);
151
152
166int bl_sha256_verify(const uint8_t *data, uint32_t data_len, const uint8_t *expected);
167
168/* Typedef for use in EXT_API declaration */
169typedef int (*bl_sha256_verify_t)(const uint8_t *data, uint32_t data_len,
170 const uint8_t *expected);
171
172
186int bl_secp256r1_validate(const uint8_t *hash,
187 uint32_t hash_len,
188 const uint8_t *signature,
189 const uint8_t *public_key);
190
191/* Typedef for use in EXT_API declaration */
193 const uint8_t *hash,
194 uint32_t hash_len,
195 const uint8_t *signature,
196 const uint8_t *public_key);
197
198
205
216
223
226#ifdef __cplusplus
227}
228#endif
229
230#endif
int bl_crypto_init(void)
Initialize bootloader crypto module.
int(* bl_sha256_update_t)(bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len)
Definition bl_crypto.h:133
int(* bl_secp256r1_validate_t)(const uint8_t *hash, uint32_t hash_len, const uint8_t *signature, const uint8_t *public_key)
Definition bl_crypto.h:192
int bl_secp256r1_validate(const uint8_t *hash, uint32_t hash_len, const uint8_t *signature, const uint8_t *public_key)
Validate a secp256r1 signature.
int bl_root_of_trust_verify(const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
Verify a signature using configured signature and SHA-256.
int bl_sha256_init(bl_sha256_ctx_t *ctx)
Initialize a sha256 operation context variable.
int(* bl_sha256_verify_t)(const uint8_t *data, uint32_t data_len, const uint8_t *expected)
Definition bl_crypto.h:169
#define SHA256_CTX_SIZE
Definition bl_crypto.h:37
int(* bl_sha256_init_t)(bl_sha256_ctx_t *ctx)
Definition bl_crypto.h:111
int bl_sha256_verify(const uint8_t *data, uint32_t data_len, const uint8_t *expected)
Calculate a digest and verify it directly.
int bl_sha256_finalize(bl_sha256_ctx_t *ctx, uint8_t *output)
Finalize a hash result.
int(* bl_sha256_finalize_t)(bl_sha256_ctx_t *ctx, uint8_t *output)
Definition bl_crypto.h:150
int(* bl_root_of_trust_verify_t)(const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
Definition bl_crypto.h:80
uint32_t bl_sha256_ctx_t[256/4]
Definition bl_crypto.h:39
int bl_root_of_trust_verify_external(const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
Implementation of rot_verify that is safe to be called from EXT_API.
int bl_sha256_update(bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len)
Hash a portion of data.
bl_root_of_trust_verify_t bl_root_of_trust_verify
Definition bl_crypto.h:203
Structure describing the BL_ROT_VERIFY EXT_API.
Definition bl_crypto.h:202
bl_secp256r1_validate_t bl_secp256r1_validate
Definition bl_crypto.h:221
Structure describing the BL_SECP256R1 EXT_API.
Definition bl_crypto.h:220
bl_sha256_verify_t bl_sha256_verify
Definition bl_crypto.h:213
uint32_t bl_sha256_ctx_size
Definition bl_crypto.h:214
bl_sha256_init_t bl_sha256_init
Definition bl_crypto.h:210
bl_sha256_update_t bl_sha256_update
Definition bl_crypto.h:211
bl_sha256_finalize_t bl_sha256_finalize
Definition bl_crypto.h:212
Structure describing the BL_SHA256 EXT_API.
Definition bl_crypto.h:209