1 /*
2  * Copyright (c) 2022, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef PSA_MEASURED_BOOT_H
9 #define PSA_MEASURED_BOOT_H
10 
11 #include <stdbool.h>
12 #include <stddef.h>
13 #include <stdint.h>
14 
15 #include "psa/error.h"
16 
17 /* Minimum measurement value size that can be requested to store */
18 #define MEASUREMENT_VALUE_MIN_SIZE	32U
19 /* Maximum measurement value size that can be requested to store */
20 #define MEASUREMENT_VALUE_MAX_SIZE	64U
21 /* Minimum signer id size that can be requested to store */
22 #define SIGNER_ID_MIN_SIZE		MEASUREMENT_VALUE_MIN_SIZE
23 /* Maximum signer id size that can be requested to store */
24 #define SIGNER_ID_MAX_SIZE		MEASUREMENT_VALUE_MAX_SIZE
25 /* The theoretical maximum image version is: "255.255.65535\0" */
26 #define VERSION_MAX_SIZE		14U
27 /* Example sw_type: "BL_2, BL_33, etc." */
28 #define SW_TYPE_MAX_SIZE		20U
29 #define NUM_OF_MEASUREMENT_SLOTS	32U
30 
31 
32 /**
33  * Extends and stores a measurement to the requested slot.
34  *
35  * index			Slot number in which measurement is to be stored
36  * signer_id			Pointer to signer_id buffer.
37  * signer_id_size		Size of the signer_id in bytes.
38  * version			Pointer to version buffer.
39  * version_size			Size of the version string in bytes.
40  * measurement_algo		Algorithm identifier used for measurement.
41  * sw_type			Pointer to sw_type buffer.
42  * sw_type_size			Size of the sw_type string in bytes.
43  * measurement_value		Pointer to measurement_value buffer.
44  * measurement_value_size	Size of the measurement_value in bytes.
45  * lock_measurement		Boolean flag requesting whether the measurement
46  *				is to be locked.
47  *
48  * PSA_SUCCESS:
49  *	- Success.
50  * PSA_ERROR_INVALID_ARGUMENT:
51  *	- The size of any argument is invalid OR
52  *	- Input Measurement value is NULL OR
53  *	- Input Signer ID is NULL OR
54  *	- Requested slot index is invalid.
55  * PSA_ERROR_BAD_STATE:
56  *	- Request to lock, when slot is already locked.
57  * PSA_ERROR_NOT_PERMITTED:
58  *	- When the requested slot is not accessible to the caller.
59  */
60 
61 /* Not a standard PSA API, just an extension therefore use the 'rss_' prefix
62  * rather than the usual 'psa_'.
63  */
64 psa_status_t
65 rss_measured_boot_extend_measurement(uint8_t index,
66 				     const uint8_t *signer_id,
67 				     size_t signer_id_size,
68 				     const uint8_t *version,
69 				     size_t version_size,
70 				     uint32_t measurement_algo,
71 				     const uint8_t *sw_type,
72 				     size_t sw_type_size,
73 				     const uint8_t *measurement_value,
74 				     size_t measurement_value_size,
75 				     bool lock_measurement);
76 
77 /**
78  * Retrieves a measurement from the requested slot.
79  *
80  * index			Slot number from which measurement is to be
81  *				retrieved.
82  * signer_id			Pointer to signer_id buffer.
83  * signer_id_size		Size of the signer_id buffer in bytes.
84  * signer_id_len		On success, number of bytes that make up
85  * 				signer_id.
86  * version			Pointer to version buffer.
87  * version_size			Size of the version buffer in bytes.
88  * version_len			On success, number of bytes that makeup the
89  * 				version.
90  * measurement_algo		Pointer to measurement_algo.
91  * sw_type			Pointer to sw_type buffer.
92  * sw_type_size			Size of the sw_type buffer in bytes.
93  * sw_type_len			On success, number of bytes that makeup the
94  * 				sw_type.
95  * measurement_value		Pointer to measurement_value buffer.
96  * measurement_value_size	Size of the measurement_value buffer in bytes.
97  * measurement_value_len	On success, number of bytes that make up the
98  * 				measurement_value.
99  * is_locked			Pointer to lock status of requested measurement
100  * 				slot.
101  *
102  * PSA_SUCCESS
103  *	- Success.
104  * PSA_ERROR_INVALID_ARGUMENT
105  *	- The size of at least one of the output buffers is incorrect or the
106  *	  requested slot index is invalid.
107  * PSA_ERROR_DOES_NOT_EXIST
108  *	- The requested slot is empty, does not contain a measurement.
109  */
110 psa_status_t rss_measured_boot_read_measurement(uint8_t index,
111 					uint8_t *signer_id,
112 					size_t signer_id_size,
113 					size_t *signer_id_len,
114 					uint8_t *version,
115 					size_t version_size,
116 					size_t *version_len,
117 					uint32_t *measurement_algo,
118 					uint8_t *sw_type,
119 					size_t sw_type_size,
120 					size_t *sw_type_len,
121 					uint8_t *measurement_value,
122 					size_t measurement_value_size,
123 					size_t *measurement_value_len,
124 					bool *is_locked);
125 
126 #endif /* PSA_MEASURED_BOOT_H */
127