1 // SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
2 /*
3  * Greybus Component Authentication User Header
4  *
5  * This file is provided under a dual BSD/GPLv2 license.  When using or
6  * redistributing this file, you may do so under either license.
7  *
8  * GPL LICENSE SUMMARY
9  *
10  * Copyright(c) 2016 Google Inc. All rights reserved.
11  * Copyright(c) 2016 Linaro Ltd. All rights reserved.
12  *
13  * This program is free software; you can redistribute it and/or modify
14  * it under the terms of version 2 of the GNU General Public License as
15  * published by the Free Software Foundation.
16  *
17  * This program is distributed in the hope that it will be useful, but
18  * WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
20  * General Public License version 2 for more details.
21  *
22  * BSD LICENSE
23  *
24  * Copyright(c) 2016 Google Inc. All rights reserved.
25  * Copyright(c) 2016 Linaro Ltd. All rights reserved.
26  *
27  * Redistribution and use in source and binary forms, with or without
28  * modification, are permitted provided that the following conditions
29  * are met:
30  *
31  *  * Redistributions of source code must retain the above copyright
32  *    notice, this list of conditions and the following disclaimer.
33  *  * Redistributions in binary form must reproduce the above copyright
34  *    notice, this list of conditions and the following disclaimer in
35  *    the documentation and/or other materials provided with the
36  *    distribution.
37  *  * Neither the name of Google Inc. or Linaro Ltd. nor the names of
38  *    its contributors may be used to endorse or promote products
39  *    derived from this software without specific prior written
40  *    permission.
41  *
42  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
43  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
44  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
45  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GOOGLE INC. OR
46  * LINARO LTD. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
47  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
48  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
49  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
50  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
51  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
52  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
53  */
54 
55 #ifndef __GREYBUS_AUTHENTICATION_USER_H
56 #define __GREYBUS_AUTHENTICATION_USER_H
57 
58 #include <linux/ioctl.h>
59 #include <linux/types.h>
60 
61 #define CAP_CERTIFICATE_MAX_SIZE	1600
62 #define CAP_SIGNATURE_MAX_SIZE		320
63 
64 /* Certificate class types */
65 #define CAP_CERT_IMS_EAPC		0x00000001
66 #define CAP_CERT_IMS_EASC		0x00000002
67 #define CAP_CERT_IMS_EARC		0x00000003
68 #define CAP_CERT_IMS_IAPC		0x00000004
69 #define CAP_CERT_IMS_IASC		0x00000005
70 #define CAP_CERT_IMS_IARC		0x00000006
71 
72 /* IMS Certificate response result codes */
73 #define CAP_IMS_RESULT_CERT_FOUND	0x00
74 #define CAP_IMS_RESULT_CERT_CLASS_INVAL	0x01
75 #define CAP_IMS_RESULT_CERT_CORRUPT	0x02
76 #define CAP_IMS_RESULT_CERT_NOT_FOUND	0x03
77 
78 /* Authentication types */
79 #define CAP_AUTH_IMS_PRI		0x00000001
80 #define CAP_AUTH_IMS_SEC		0x00000002
81 #define CAP_AUTH_IMS_RSA		0x00000003
82 
83 /* Authenticate response result codes */
84 #define CAP_AUTH_RESULT_CR_SUCCESS	0x00
85 #define CAP_AUTH_RESULT_CR_BAD_TYPE	0x01
86 #define CAP_AUTH_RESULT_CR_WRONG_EP	0x02
87 #define CAP_AUTH_RESULT_CR_NO_KEY	0x03
88 #define CAP_AUTH_RESULT_CR_SIG_FAIL	0x04
89 
90 
91 /* IOCTL support */
92 struct cap_ioc_get_endpoint_uid {
93 	__u8			uid[8];
94 } __attribute__ ((__packed__));
95 
96 struct cap_ioc_get_ims_certificate {
97 	__u32			certificate_class;
98 	__u32			certificate_id;
99 
100 	__u8			result_code;
101 	__u32			cert_size;
102 	__u8			certificate[CAP_CERTIFICATE_MAX_SIZE];
103 } __attribute__ ((__packed__));
104 
105 struct cap_ioc_authenticate {
106 	__u32			auth_type;
107 	__u8			uid[8];
108 	__u8			challenge[32];
109 
110 	__u8			result_code;
111 	__u8			response[64];
112 	__u32			signature_size;
113 	__u8			signature[CAP_SIGNATURE_MAX_SIZE];
114 } __attribute__ ((__packed__));
115 
116 #define CAP_IOCTL_BASE			'C'
117 #define CAP_IOC_GET_ENDPOINT_UID	_IOR(CAP_IOCTL_BASE, 0, struct cap_ioc_get_endpoint_uid)
118 #define CAP_IOC_GET_IMS_CERTIFICATE	_IOWR(CAP_IOCTL_BASE, 1, struct cap_ioc_get_ims_certificate)
119 #define CAP_IOC_AUTHENTICATE		_IOWR(CAP_IOCTL_BASE, 2, struct cap_ioc_authenticate)
120 
121 #endif /* __GREYBUS_AUTHENTICATION_USER_H */
122