Djam/arm-trusted-firmware
1
0
Fork 0
mirror of https://github.com/ARM-software/arm-trusted-firmware.git synced 2025-04-18 18:44:22 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
arm-trusted-firmware/include/drivers/measured_boot/rss/rss_measured_boot.h
Manish V Badarkhe 60861a04e0 feat(rss): set the signer-ID in the RSS metadata 
Calculate a hash of the public key and put that into the signer-ID
field of the relevant RSS metadata. The signer-ID metadata is mandatory
in the Arm CCA attestation scheme.

Change-Id: Ic846d8bf882cfea8581d3523a3461c919462df30
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2023-07-28 09:01:15 +01:00

57 lines
1.7 KiB
C
Raw Blame History

/*
* Copyright (c) 2022-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef RSS_MEASURED_BOOT_H
#define RSS_MEASURED_BOOT_H
#include <stdint.h>
#include <common/debug.h>
#include <measured_boot.h>
#define RSS_MBOOT_INVALID_ID UINT32_MAX
/*
* Each boot measurement has some metadata (i.e. a string) that identifies
* what was measured and how. The sw_type field of the rss_mboot_metadata
* structure represents the role of the software component that was measured.
* The below macros define strings suitable for the sw_type.
* The key thing is to choose meaningful strings so that when the attestation
* token is verified, then the different components can be identified.
*/
#define RSS_MBOOT_BL2_STRING "BL_2"
#define RSS_MBOOT_BL31_STRING "SECURE_RT_EL3"
#define RSS_MBOOT_HW_CONFIG_STRING "HW_CONFIG"
#define RSS_MBOOT_FW_CONFIG_STRING "FW_CONFIG"
#define RSS_MBOOT_TB_FW_CONFIG_STRING "TB_FW_CONFIG"
#define RSS_MBOOT_SOC_FW_CONFIG_STRING "SOC_FW_CONFIG"
#define RSS_MBOOT_RMM_STRING "RMM"
struct rss_mboot_metadata {
unsigned int id;
uint8_t slot;
uint8_t signer_id[SIGNER_ID_MAX_SIZE];
size_t signer_id_size;
uint8_t version[VERSION_MAX_SIZE];
size_t version_size;
uint8_t sw_type[SW_TYPE_MAX_SIZE];
size_t sw_type_size;
void *pk_oid;
bool lock_measurement;
};
/* Functions' declarations */
void rss_measured_boot_init(struct rss_mboot_metadata *metadata_ptr);
int rss_mboot_measure_and_record(struct rss_mboot_metadata *metadata_ptr,
uintptr_t data_base, uint32_t data_size,
uint32_t data_id);
int rss_mboot_set_signer_id(struct rss_mboot_metadata *metadata_ptr,
const void *pk_oid, const void *pk_ptr,
size_t pk_len);
#endif /* RSS_MEASURED_BOOT_H */
Reference in a new issue View git blame Copy permalink