1 /*
2  * Copyright (c) 2022, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #ifndef PSA_MEASURED_BOOT_H
9 #define PSA_MEASURED_BOOT_H
10 
11 #include <stdbool.h>
12 #include <stddef.h>
13 #include <stdint.h>
14 
15 #include "psa/error.h"
16 
17 /* Minimum measurement value size that can be requested to store */
18 #define MEASUREMENT_VALUE_MIN_SIZE	32U
19 /* Maximum measurement value size that can be requested to store */
20 #define MEASUREMENT_VALUE_MAX_SIZE	64U
21 /* Minimum signer id size that can be requested to store */
22 #define SIGNER_ID_MIN_SIZE		MEASUREMENT_VALUE_MIN_SIZE
23 /* Maximum signer id size that can be requested to store */
24 #define SIGNER_ID_MAX_SIZE		MEASUREMENT_VALUE_MAX_SIZE
25 /* The theoretical maximum image version is: "255.255.65535\0" */
26 #define VERSION_MAX_SIZE		14U
27 /* Example sw_type: "BL_2, BL_33, etc." */
28 #define SW_TYPE_MAX_SIZE		20U
29 #define NUM_OF_MEASUREMENT_SLOTS	32U
30 
31 
32 /**
33  * Extends and stores a measurement to the requested slot.
34  *
35  * index			Slot number in which measurement is to be stored
36  * signer_id			Pointer to signer_id buffer.
37  * signer_id_size		Size of the signer_id buffer in bytes.
38  * version			Pointer to version buffer.
39  * version_size			Size of the version buffer in bytes.
40  * measurement_algo		Algorithm identifier used for measurement.
41  * sw_type			Pointer to sw_type buffer.
42  * sw_type_size			Size of the sw_type buffer in bytes.
43  * measurement_value		Pointer to measurement_value buffer.
44  * measurement_value_size	Size of the measurement_value buffer in bytes.
45  * lock_measurement		Boolean flag requesting whether the measurement
46  *				is to be locked.
47  *
48  * PSA_SUCCESS:
49  *	- Success.
50  * PSA_ERROR_INVALID_ARGUMENT:
51  *	- The size of any argument is invalid OR
52  *	- Input Measurement value is NULL OR
53  *	- Input Signer ID is NULL OR
54  *	- Requested slot index is invalid.
55  * PSA_ERROR_BAD_STATE:
56  *	- Request to lock, when slot is already locked.
57  * PSA_ERROR_NOT_PERMITTED:
58  *	- When the requested slot is not accessible to the caller.
59  */
60 
61 /* Not a standard PSA API, just an extension therefore use the 'rss_' prefix
62  * rather than the usual 'psa_'.
63  */
64 psa_status_t
65 rss_measured_boot_extend_measurement(uint8_t index,
66 				     const uint8_t *signer_id,
67 				     size_t signer_id_size,
68 				     const uint8_t *version,
69 				     size_t version_size,
70 				     uint32_t measurement_algo,
71 				     const uint8_t *sw_type,
72 				     size_t sw_type_size,
73 				     const uint8_t *measurement_value,
74 				     size_t measurement_value_size,
75 				     bool lock_measurement);
76 
77 #endif /* PSA_MEASURED_BOOT_H */
78