Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
mtb-example-ce240679-live-fwu/image_auth.h
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
188 lines (160 sloc)
6.63 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /***************************************************************************** | |
| * File Name: image_auth.h | |
| * | |
| * Description: This file contains function declaration for Image Authentication | |
| * | |
| ****************************************************************************** | |
| * Copyright 2024, Cypress Semiconductor Corporation (an Infineon company) or | |
| * an affiliate of Cypress Semiconductor Corporation. All rights reserved. | |
| * | |
| * This software, including source code, documentation and related | |
| * materials ("Software") is owned by Cypress Semiconductor Corporation | |
| * or one of its affiliates ("Cypress") and is protected by and subject to | |
| * worldwide patent protection (United States and foreign), | |
| * United States copyright laws and international treaty provisions. | |
| * Therefore, you may use this Software only as provided in the license | |
| * agreement accompanying the software package from which you | |
| * obtained this Software ("EULA"). | |
| * If no EULA applies, Cypress hereby grants you a personal, non-exclusive, | |
| * non-transferable license to copy, modify, and compile the Software | |
| * source code solely for use in connection with Cypress's | |
| * integrated circuit products. Any reproduction, modification, translation, | |
| * compilation, or representation of this Software except as specified | |
| * above is prohibited without the express written permission of Cypress. | |
| * | |
| * Disclaimer: THIS SOFTWARE IS PROVIDED AS-IS, WITH NO WARRANTY OF ANY KIND, | |
| * EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, NONINFRINGEMENT, IMPLIED | |
| * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Cypress | |
| * reserves the right to make changes to the Software without notice. Cypress | |
| * does not assume any liability arising out of the application or use of the | |
| * Software or any product or circuit described in the Software. Cypress does | |
| * not authorize its products for use in any products where a malfunction or | |
| * failure of the Cypress product may reasonably be expected to result in | |
| * significant property damage, injury or death ("High Risk Product"). By | |
| * including Cypress's product in a High Risk Product, the manufacturer | |
| * of such system or application assumes all risk of such use and in doing | |
| * so agrees to indemnify Cypress against all liability. | |
| *****************************************************************************/ | |
| #ifndef IMAGE_AUTH_H_ | |
| #define IMAGE_AUTH_H_ | |
| #if defined(MCUBOOT_IMAGE) | |
| #include "psa/crypto.h" | |
| #endif /* MCUBOOT_IMAGE) */ | |
| #define FLASH_SBUS_S_OFFSET 0x32000000 | |
| #define SLOT_OFFSET 0x800000 | |
| #if defined(MCUBOOT_IMAGE) | |
| #define IMAGE_MAGIC 0x96f3b83dU | |
| #define IMAGE_TLV_INFO_MAGIC 0x6907 | |
| #define FLASH_ADDR(off) (FLASH_SBUS_S_OFFSET + SLOT_OFFSET + (off)) | |
| #define SFLASH_OEM_KEY0_HASH_ADDR 0x13400A38 | |
| #define SFLASH_OEM_KEY1_HASH_ADDR 0x13400A48 | |
| #define ECC_KEY_BITS (256u) | |
| /* | |
| * Image trailer TLV types. | |
| * | |
| * Signature is generated by computing signature over the image hash. | |
| * Currently the only image hash type is SHA256. | |
| * | |
| * Signature comes in the form of 2 TLVs. | |
| * 1st one identifies the public key which should be used to verify it. | |
| * 2nd one is the actual signature. | |
| */ | |
| #define IMAGE_TLV_PUBKEY (0x02) /* public key */ | |
| #define IMAGE_TLV_SHA256 (0x10) /* SHA256 of image hdr and body */ | |
| #define IMAGE_TLV_ECDSA256 (0x22) /* ECDSA of hash output */ | |
| /** Image version. All fields are in little endian. */ | |
| struct image_version { | |
| uint8_t iv_major; | |
| uint8_t iv_minor; | |
| uint16_t iv_revision; | |
| uint32_t iv_build_num; | |
| }; | |
| /** Image header. All fields are in little endian byte order. */ | |
| struct image_header { | |
| uint32_t ih_magic; | |
| uint32_t ih_load_addr; | |
| uint16_t ih_hdr_size; /* Size of image header (bytes). */ | |
| uint16_t ih_protect_tlv_size; /* Size of protected TLV area (bytes). */ | |
| uint32_t ih_img_size; /* Does not include header. */ | |
| uint32_t ih_flags; /* IMAGE_F_[...]. */ | |
| struct image_version ih_ver; | |
| uint32_t _pad1; | |
| }; | |
| /** Image TLV header. All fields in little endian. */ | |
| struct image_tlv_info { | |
| uint16_t it_magic; | |
| uint16_t it_tlv_tot; /* size of TLV area (including tlv_info header) */ | |
| }; | |
| /** Image trailer TLV format. All fields in little endian. */ | |
| struct image_tlv { | |
| uint16_t it_type; /* IMAGE_TLV_[...]. */ | |
| uint16_t it_len; /* Data length (not including TLV header). */ | |
| }; | |
| /** Image trailer TLV iterator. */ | |
| struct image_tlv_iter { | |
| uint32_t tlv_off; /* Next TLV offset*/ | |
| uint32_t tlv_end; /* TLV END offset */ | |
| }; | |
| /******************************************************************************* | |
| * Function Prototypes | |
| *******************************************************************************/ | |
| /** | |
| * @brief TLV iterator initialization function. | |
| * | |
| * This function initializes a tlv iterator structure. Once initialization is | |
| * completed, tlv_iter_next() can be called to read the image tlv. | |
| * | |
| * @param it The pointer to tlv iterator structure. The function populates the | |
| * structure with address of first tlv offset and tlv end offset. | |
| * @param hdr The pointer to image header structure. | |
| * | |
| * @return 0 on success. | |
| * @return -1 on failure. | |
| */ | |
| int tlv_iter_begin(struct image_tlv_iter *it, const struct image_header *hdr); | |
| /** | |
| * @brief Next TLV function. | |
| * | |
| * This function reads the TLV pointed by offset provided in image_tlv_iter | |
| * structure and updates the structure to point to next TLV. | |
| * | |
| * @param it The pointer to TLV iterator structure. The function uses this | |
| * structure to read TLV and update it to point it to the next TLV. | |
| * @param off The offset of tlv's data field from start of image. | |
| * @param len The length of data field of TLV. | |
| * @param type The tag of TLV. | |
| * | |
| * @return 0 on success | |
| * @return -1 on failure. | |
| * @return 1 when all TLVs are traversed. | |
| */ | |
| int tlv_iter_next(struct image_tlv_iter *it, uint32_t *off, uint16_t *len, uint16_t *type); | |
| /** | |
| * @brief Check if image magic is valid. | |
| * | |
| * @param hdr The pointer to image header structure. | |
| * | |
| * @return 0 if magic valid. | |
| * @return -1 if magic invalid. | |
| */ | |
| int is_img_magic_valid(const struct image_header *hdr); | |
| /** | |
| * @brief Check if public key is valid. | |
| * | |
| * @param key_addr The pointer to public key. | |
| * | |
| * @return 0 if key is valid. | |
| * @return -1 if key is invalid. | |
| */ | |
| int is_pub_key_valid(uint8_t *key_addr); | |
| #endif /* MCUBOOT_IMAGE) */ | |
| /** | |
| * @brief Validate an image. | |
| * | |
| * @param boot_addr The start address of image. | |
| * | |
| * @return 0 on success. | |
| * @return -1 on failure. | |
| */ | |
| int validate_image(uint32_t boot_addr); | |
| #endif /* IMAGE_AUTH_H_ */ |