blob: 601291c4bb289395cf9c389fbd1a446ef27d7fc7 [file] [log] [blame]
/***********************license start***********************************
* Copyright (c) 2003-2017 Cavium Inc. (support@cavium.com). All rights
* reserved.
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* * Neither the name of Cavium Inc. nor the names of
* its contributors may be used to endorse or promote products
* derived from this software without specific prior written
* permission.
*
* This Software, including technical data, may be subject to U.S. export
* control laws, including the U.S. Export Administration Act and its
* associated regulations, and may be subject to export or import
* regulations in other countries.
*
* TO THE MAXIMUM EXTENT PERMITTED BY LAW, THE SOFTWARE IS PROVIDED "AS IS"
* AND WITH ALL FAULTS AND CAVIUM INC. MAKES NO PROMISES, REPRESENTATIONS OR
* WARRANTIES, EITHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE, WITH RESPECT
* TO THE SOFTWARE, INCLUDING ITS CONDITION, ITS CONFORMITY TO ANY
* REPRESENTATION OR DESCRIPTION, OR THE EXISTENCE OF ANY LATENT OR PATENT
* DEFECTS, AND CAVIUM SPECIFICALLY DISCLAIMS ALL IMPLIED (IF ANY) WARRANTIES
* OF TITLE, MERCHANTABILITY, NONINFRINGEMENT, FITNESS FOR A PARTICULAR
* PURPOSE, LACK OF VIRUSES, ACCURACY OR COMPLETENESS, QUIET ENJOYMENT,
* QUIET POSSESSION OR CORRESPONDENCE TO DESCRIPTION. THE ENTIRE RISK
* ARISING OUT OF USE OR PERFORMANCE OF THE SOFTWARE LIES WITH YOU.
***********************license end**************************************/
/**
* @file
*
* Utility functions handling signed nad possibly encrypted files
*
* @defgroup signed Signed File IO
* @{
*/
/**
* Enumeration representing the possible data types in a signed file
*/
typedef enum
{
BDK_SIGNED_IMAGE, /* BDK code image */
BDK_SIGNED_DTS, /* Device tree file */
BDK_SIGNED_PUB_KEY, /* Chain of trust public key, BDK proprietary format */
} bdk_signed_data_t;
/**
* Flags to pass to bdk_signed functions
*/
typedef enum
{
BDK_SIGNED_FLAG_NONE = 0, /* Good for most files. Verfies as needed for trusted boot */
BDK_SIGNED_FLAG_NOT_ENCRYPTED = 1 << 1, /* The file is not encrypted, even with trusted boot */
BDK_SIGNED_FLAG_ALLOW_UNSIGNED = 1 << 2,/* File is not signed, even with trusted boot */
} bdk_signed_flags_t;
/**
* Load a file and verify its signature. If the file is encrypted, it is
* decrypted. If the file is compressed, it is decompressed.
*
* @param filename File to load
* @param loc Offset into file for image. This is normally zero for normal files. Device
* files, such as /dev/mem, will use this to locate the image.
* @param data_type Type of data in the file, enumerated by bdk_signed_data_t. This is required
* so the code can determine the file size before loading the whole file.
* @param flags Flags for controlling file loading
* @param filesize Set the size of the file if the file is loaded properly. If load fails, set to
* zero.
*
* @return Pointer to the data from the file, or NULL on failure
*/
extern void *bdk_signed_load(const char *filename, uint64_t loc,
bdk_signed_data_t data_type, bdk_signed_flags_t flags, uint64_t *filesize);
/**
* Load the BDK's public signing key, which is signed by the Root of Trust
*
* @return Zero on success, negative on failure
*/
extern int bdk_signed_load_public(void);
/** @} */