nRF Connect SDK API 2.8.99
Loading...
Searching...
No Matches
Bootloader crypto functions

Data Structures

struct  bl_rot_verify_ext_api
 Structure describing the BL_ROT_VERIFY EXT_API. More...
 
struct  bl_sha256_ext_api
 Structure describing the BL_SHA256 EXT_API. More...
 
struct  bl_secp256r1_ext_api
 Structure describing the BL_SECP256R1 EXT_API. More...
 

Macros

#define EHASHINV   101
 
#define ESIGINV   102
 
#define SHA256_CTX_SIZE   256
 

Typedefs

typedef uint32_t bl_sha256_ctx_t[256/4]
 
typedef int(* bl_root_of_trust_verify_t) (const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
 
typedef int(* bl_sha256_init_t) (bl_sha256_ctx_t *ctx)
 
typedef int(* bl_sha256_update_t) (bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len)
 
typedef int(* bl_sha256_finalize_t) (bl_sha256_ctx_t *ctx, uint8_t *output)
 
typedef int(* bl_sha256_verify_t) (const uint8_t *data, uint32_t data_len, const uint8_t *expected)
 
typedef int(* bl_secp256r1_validate_t) (const uint8_t *hash, uint32_t hash_len, const uint8_t *signature, const uint8_t *public_key)
 

Functions

int bl_crypto_init (void)
 Initialize bootloader crypto module.
 
int bl_root_of_trust_verify (const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
 Verify a signature using configured signature and SHA-256.
 
int bl_root_of_trust_verify_external (const uint8_t *public_key, const uint8_t *public_key_hash, const uint8_t *signature, const uint8_t *firmware, const uint32_t firmware_len)
 Implementation of rot_verify that is safe to be called from EXT_API.
 
int bl_sha256_init (bl_sha256_ctx_t *ctx)
 Initialize a sha256 operation context variable.
 
int bl_sha256_update (bl_sha256_ctx_t *ctx, const uint8_t *data, uint32_t data_len)
 Hash a portion of data.
 
int bl_sha256_finalize (bl_sha256_ctx_t *ctx, uint8_t *output)
 Finalize a hash result.
 
int bl_sha256_verify (const uint8_t *data, uint32_t data_len, const uint8_t *expected)
 Calculate a digest and verify it directly.
 
int bl_secp256r1_validate (const uint8_t *hash, uint32_t hash_len, const uint8_t *signature, const uint8_t *public_key)
 Validate a secp256r1 signature.
 

Detailed Description