1 /*
2  * Copyright (c) 2017-2022, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef __TFM_PLAT_ROTPK_H__
9 #define __TFM_PLAT_ROTPK_H__
10 /**
11  * \note The interfaces defined in this file must be implemented for each
12  *       SoC.
13  */
14 
15 #include <stddef.h>
16 #include <stdint.h>
17 #include "tfm_plat_defs.h"
18 #include "psa/crypto.h"
19 
20 #ifdef __cplusplus
21 extern "C" {
22 #endif
23 
24 /**
25  * Structure to store the hard-coded (embedded in secure firmware) hash of ROTPK
26  * for firmware authentication.
27  *
28  * \note Just temporary solution, hard-coded key-hash values in firmware is not
29  *       suited for use in production!
30  */
31 struct tfm_plat_rotpk_t {
32     const uint8_t *key_hash;
33     const uint8_t  hash_len;
34 };
35 
36 /**
37  * \brief Get the hash of the corresponding Root of Trust Public Key for
38  *        firmware authentication.
39  *
40  * \param[in]      image_id         The identifier of firmware image
41  * \param[out]     rotpk_hash       Buffer to store the key-hash in
42  * \param[in,out]  rotpk_hash_size  As input the size of the buffer. As output
43  *                                  the actual key-hash length.
44  */
45 enum tfm_plat_err_t
46 tfm_plat_get_rotpk_hash(uint8_t image_id,
47                         uint8_t *rotpk_hash,
48                         uint32_t *rotpk_hash_size);
49 
50 #ifdef __cplusplus
51 }
52 #endif
53 
54 #endif /* __TFM_PLAT_ROTPK_H__ */
55