[people/ms/u-boot.git] / include / fsl_validate.h

/*
 * Copyright 2015 Freescale Semiconductor, Inc.
 *
 * SPDX-License-Identifier:	GPL-2.0+
 */

#ifndef _FSL_VALIDATE_H_
#define _FSL_VALIDATE_H_

#include <fsl_sec.h>
#include <fsl_sec_mon.h>
#include <command.h>
#include <linux/types.h>

#define WORD_SIZE 4

/* Minimum and maximum size of RSA signature length in bits */
#define KEY_SIZE       4096
#define KEY_SIZE_BYTES (KEY_SIZE/8)
#define KEY_SIZE_WORDS (KEY_SIZE_BYTES/(WORD_SIZE))

extern struct jobring jr;

#ifdef CONFIG_KEY_REVOCATION
/* Srk table and key revocation check */
#define SRK_FLAG	0x01
#define UNREVOCABLE_KEY	4
#define ALIGN_REVOC_KEY 3
#define MAX_KEY_ENTRIES 4
#endif

/* Barker code size in bytes */
#define ESBC_BARKER_LEN	4	/* barker code length in ESBC uboot client */
				/* header */

/* No-error return values */
#define ESBC_VALID_HDR	0	/* header is valid */

/* Maximum number of SG entries allowed */
#define MAX_SG_ENTRIES	8

/*
 * ESBC uboot client header structure.
 * The struct contain the following fields
 * barker code
 * public key offset
 * pub key length
 * signature offset
 * length of the signature
 * ptr to SG table
 * no of entries in SG table
 * esbc ptr
 * size of esbc
 * esbc entry point
 * Scatter gather flag
 * UID flag
 * FSL UID
 * OEM UID
 * Here, pub key is modulus concatenated with exponent
 * of equal length
 */
struct fsl_secboot_img_hdr {
	u8 barker[ESBC_BARKER_LEN];	/* barker code */
	union {
		u32 pkey;		/* public key offset */
#ifdef CONFIG_KEY_REVOCATION
		u32 srk_tbl_off;
#endif
	};

	union {
		u32 key_len;		/* pub key length in bytes */
#ifdef CONFIG_KEY_REVOCATION
		struct {
			u32 srk_table_flag:8;
			u32 srk_sel:8;
			u32 num_srk:16;
		} len_kr;
#endif
	};

	u32 psign;		/* signature offset */
	u32 sign_len;		/* length of the signature in bytes */
	union {
		u32 psgtable;	/* ptr to SG table */
#ifndef CONFIG_ESBC_ADDR_64BIT
		u32 pimg;	/* ptr to ESBC client image */
#endif
	};
	union {
		u32 sg_entries;	/* no of entries in SG table */
		u32 img_size;	/* ESBC client image size in bytes */
	};
	u32 img_start;		/* ESBC client entry point */
	u32 sg_flag;		/* Scatter gather flag */
	u32 uid_flag;
	u32 fsl_uid_0;
	u32 oem_uid_0;
	u32 reserved1[2];
	u32 fsl_uid_1;
	u32 oem_uid_1;
	union {
		u32 reserved2[2];
#ifdef CONFIG_ESBC_ADDR_64BIT
		u64 pimg64;	/* 64 bit pointer to ESBC Image */
#endif
	};
	u32 ie_flag;
	u32 ie_key_sel;
};

#if defined(CONFIG_FSL_ISBC_KEY_EXT)
struct ie_key_table {
	u32 key_len;
	u8 pkey[2 * KEY_SIZE_BYTES];
};

struct ie_key_info {
	uint32_t key_revok;
	uint32_t num_keys;
	struct ie_key_table ie_key_tbl[32];
};
#endif

#ifdef CONFIG_KEY_REVOCATION
struct srk_table {
	u32 key_len;
	u8 pkey[2 * KEY_SIZE_BYTES];
};
#endif

/*
 * SG table.
 */
#if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
/*
 * This struct contains the following fields
 * length of the segment
 * source address
 */
struct fsl_secboot_sg_table {
	u32 len;		/* length of the segment in bytes */
	u32 src_addr;		/* ptr to the data segment */
};
#else
/*
 * This struct contains the following fields
 * length of the segment
 * Destination Target ID
 * source address
 * destination address
 */
struct fsl_secboot_sg_table {
	u32 len;
	u32 trgt_id;
	u32 src_addr;
	u32 dst_addr;
};
#endif

/*
 * ESBC private structure.
 * Private structure used by ESBC to store following fields
 * ESBC client key
 * ESBC client key hash
 * ESBC client Signature
 * Encoded hash recovered from signature
 * Encoded hash of ESBC client header plus ESBC client image
 */
struct fsl_secboot_img_priv {
	uint32_t hdr_location;
	u32 ie_addr;
	u32 key_len;
	struct fsl_secboot_img_hdr hdr;

	u8 img_key[2 * KEY_SIZE_BYTES];	/* ESBC client key */
	u8 img_key_hash[32];	/* ESBC client key hash */

#ifdef CONFIG_KEY_REVOCATION
	struct srk_table srk_tbl[MAX_KEY_ENTRIES];
#endif
	u8 img_sign[KEY_SIZE_BYTES];		/* ESBC client signature */

	u8 img_encoded_hash[KEY_SIZE_BYTES];	/* EM wrt RSA PKCSv1.5  */
						/* Includes hash recovered after
						 * signature verification
						 */

	u8 img_encoded_hash_second[KEY_SIZE_BYTES];/* EM' wrt RSA PKCSv1.5 */
						/* Includes hash of
						 * ESBC client header plus
						 * ESBC client image
						 */

	struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES];	/* SG table */
	u32 ehdrloc;		/* ESBC client location */
};

int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
		char * const argv[]);
int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
	char * const argv[]);
int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,
	char * const argv[]);

#endif
Commit	Line	Data
47151e4b	1	/*
	2	* Copyright 2015 Freescale Semiconductor, Inc.
	3	*
	4	* SPDX-License-Identifier: GPL-2.0+
	5	*/
	6
	7	#ifndef _FSL_VALIDATE_H_
	8	#define _FSL_VALIDATE_H_
	9
	10	#include <fsl_sec.h>
	11	#include <fsl_sec_mon.h>
	12	#include <command.h>
	13	#include <linux/types.h>
	14
	15	#define WORD_SIZE 4
	16
	17	/* Minimum and maximum size of RSA signature length in bits */
	18	#define KEY_SIZE 4096
	19	#define KEY_SIZE_BYTES (KEY_SIZE/8)
	20	#define KEY_SIZE_WORDS (KEY_SIZE_BYTES/(WORD_SIZE))
	21
	22	extern struct jobring jr;
	23
	24	#ifdef CONFIG_KEY_REVOCATION
	25	/* Srk table and key revocation check */
	26	#define SRK_FLAG 0x01
	27	#define UNREVOCABLE_KEY 4
	28	#define ALIGN_REVOC_KEY 3
	29	#define MAX_KEY_ENTRIES 4
	30	#endif
	31
	32	/* Barker code size in bytes */
	33	#define ESBC_BARKER_LEN 4 /* barker code length in ESBC uboot client */
	34	/* header */
	35
	36	/* No-error return values */
	37	#define ESBC_VALID_HDR 0 /* header is valid */
	38
	39	/* Maximum number of SG entries allowed */
	40	#define MAX_SG_ENTRIES 8
	41
	42	/*
	43	* ESBC uboot client header structure.
	44	* The struct contain the following fields
	45	* barker code
	46	* public key offset
	47	* pub key length
	48	* signature offset
	49	* length of the signature
	50	* ptr to SG table
	51	* no of entries in SG table
	52	* esbc ptr
	53	* size of esbc
	54	* esbc entry point
	55	* Scatter gather flag
	56	* UID flag
	57	* FSL UID
	58	* OEM UID
	59	* Here, pub key is modulus concatenated with exponent
	60	* of equal length
	61	*/
	62	struct fsl_secboot_img_hdr {
	63	u8 barker[ESBC_BARKER_LEN]; /* barker code */
	64	union {
65	u32 pkey; /* public key offset */
66	#ifdef CONFIG_KEY_REVOCATION
67	u32 srk_tbl_off;
68	#endif
69	};
70
71	union {
72	u32 key_len; /* pub key length in bytes */
73	#ifdef CONFIG_KEY_REVOCATION
74	struct {
75	u32 srk_table_flag:8;
76	u32 srk_sel:8;
77	u32 num_srk:16;
78	} len_kr;
79	#endif
80	};
81
82	u32 psign; /* signature offset */
83	u32 sign_len; /* length of the signature in bytes */
84	union {
7bcb0eb2	85	u32 psgtable; /* ptr to SG table */
9711f528	86	#ifndef CONFIG_ESBC_ADDR_64BIT
7bcb0eb2	87	u32 pimg; /* ptr to ESBC client image */
9711f528	88	#endif
47151e4b	89	};
	90	union {
	91	u32 sg_entries; /* no of entries in SG table */
	92	u32 img_size; /* ESBC client image size in bytes */
	93	};
7bcb0eb2	94	u32 img_start; /* ESBC client entry point */
47151e4b	95	u32 sg_flag; /* Scatter gather flag */
	96	u32 uid_flag;
	97	u32 fsl_uid_0;
	98	u32 oem_uid_0;
	99	u32 reserved1[2];
	100	u32 fsl_uid_1;
	101	u32 oem_uid_1;
9711f528 AB	102	union {
	103	u32 reserved2[2];
	104	#ifdef CONFIG_ESBC_ADDR_64BIT
	105	u64 pimg64; /* 64 bit pointer to ESBC Image */
	106	#endif
	107	};
47151e4b	108	u32 ie_flag;
	109	u32 ie_key_sel;
	110	};
	111
	112	#if defined(CONFIG_FSL_ISBC_KEY_EXT)
	113	struct ie_key_table {
	114	u32 key_len;
	115	u8 pkey[2 * KEY_SIZE_BYTES];
	116	};
	117
	118	struct ie_key_info {
	119	uint32_t key_revok;
	120	uint32_t num_keys;
	121	struct ie_key_table ie_key_tbl[32];
	122	};
	123	#endif
	124
	125	#ifdef CONFIG_KEY_REVOCATION
	126	struct srk_table {
	127	u32 key_len;
	128	u8 pkey[2 * KEY_SIZE_BYTES];
	129	};
	130	#endif
	131
	132	/*
	133	* SG table.
	134	*/
	135	#if defined(CONFIG_FSL_TRUST_ARCH_v1) && defined(CONFIG_FSL_CORENET)
	136	/*
	137	* This struct contains the following fields
	138	* length of the segment
	139	* source address
	140	*/
	141	struct fsl_secboot_sg_table {
	142	u32 len; /* length of the segment in bytes */
7bcb0eb2	143	u32 src_addr; /* ptr to the data segment */
47151e4b	144	};
	145	#else
	146	/*
	147	* This struct contains the following fields
	148	* length of the segment
	149	* Destination Target ID
	150	* source address
	151	* destination address
	152	*/
	153	struct fsl_secboot_sg_table {
	154	u32 len;
	155	u32 trgt_id;
7bcb0eb2 AB	156	u32 src_addr;
7bcb0eb2 AB	157	u32 dst_addr;
47151e4b	158	};
	159	#endif
	160
	161	/*
	162	* ESBC private structure.
	163	* Private structure used by ESBC to store following fields
	164	* ESBC client key
	165	* ESBC client key hash
	166	* ESBC client Signature
	167	* Encoded hash recovered from signature
	168	* Encoded hash of ESBC client header plus ESBC client image
	169	*/
	170	struct fsl_secboot_img_priv {
	171	uint32_t hdr_location;
7bcb0eb2	172	u32 ie_addr;
47151e4b	173	u32 key_len;
	174	struct fsl_secboot_img_hdr hdr;
	175
	176	u8 img_key[2 * KEY_SIZE_BYTES]; /* ESBC client key */
	177	u8 img_key_hash[32]; /* ESBC client key hash */
	178
	179	#ifdef CONFIG_KEY_REVOCATION
	180	struct srk_table srk_tbl[MAX_KEY_ENTRIES];
	181	#endif
	182	u8 img_sign[KEY_SIZE_BYTES]; /* ESBC client signature */
	183
	184	u8 img_encoded_hash[KEY_SIZE_BYTES]; /* EM wrt RSA PKCSv1.5 */
	185	/* Includes hash recovered after
	186	* signature verification
	187	*/
	188
	189	u8 img_encoded_hash_second[KEY_SIZE_BYTES];/* EM' wrt RSA PKCSv1.5 */
	190	/* Includes hash of
	191	* ESBC client header plus
	192	* ESBC client image
	193	*/
	194
	195	struct fsl_secboot_sg_table sgtbl[MAX_SG_ENTRIES]; /* SG table */
	196	u32 ehdrloc; /* ESBC client location */
	197	};
	198
	199	int fsl_secboot_validate(cmd_tbl_t *cmdtp, int flag, int argc,
	200	char * const argv[]);
	201	int fsl_secboot_blob_encap(cmd_tbl_t *cmdtp, int flag, int argc,
	202	char * const argv[]);
	203	int fsl_secboot_blob_decap(cmd_tbl_t *cmdtp, int flag, int argc,
	204	char * const argv[]);
	205
	206	#endif