aboutsummaryrefslogtreecommitdiff
path: root/platform/include/tfm_plat_crypto_keys.h
diff options
context:
space:
mode:
authorTamas Ban <tamas.ban@arm.com>2019-07-17 10:51:15 +0100
committerTamas Ban <tamas.ban@arm.com>2019-09-06 06:59:34 +0000
commit24f5598b3e53729a36b291c2fba250655757a532 (patch)
treefdb56ed03f613a32a794829102c8098c910855fd /platform/include/tfm_plat_crypto_keys.h
parentf466a8a7f82c6080cb57c35d3f7d169dd8ecdf62 (diff)
downloadtrusted-firmware-m-24f5598b3e53729a36b291c2fba250655757a532.tar.gz
Platform: Define API to get ROTPK
PSA Trusted Boot and Firmware Update specification requires the support of at least one immutable root of trust public key (ROTPK) for firmware verification. This key is provisioned to the SoC during manufacturing. This API makes possible to the bootloader to get the hash of ROTPK from the SoC in order to validate the public key which is present in the image manifest. Change-Id: Ica8cb52417e5dc022800b04470dba64f4fe05b22 Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Diffstat (limited to 'platform/include/tfm_plat_crypto_keys.h')
-rw-r--r--platform/include/tfm_plat_crypto_keys.h14
1 files changed, 14 insertions, 0 deletions
diff --git a/platform/include/tfm_plat_crypto_keys.h b/platform/include/tfm_plat_crypto_keys.h
index 386d61f81f..01d274653c 100644
--- a/platform/include/tfm_plat_crypto_keys.h
+++ b/platform/include/tfm_plat_crypto_keys.h
@@ -106,6 +106,20 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
struct ecc_key_t *ecc_key,
enum ecc_curve_t *curve_type);
+/**
+ * \brief Get the hash of the corresponding Root of Trust Public Key for
+ * firmware authentication.
+ *
+ * \param[in] image_id The identifier of firmware image
+ * \param[out] rotpk_hash Buffer to store the key-hash in
+ * \param[in,out] rotpk_hash_size As input the size of the buffer. As output
+ * the actual key-hash length.
+ */
+enum tfm_plat_err_t
+tfm_plat_get_rotpk_hash(uint8_t image_id,
+ uint8_t *rotpk_hash,
+ uint32_t *rotpk_hash_size);
+
#ifdef __cplusplus
}
#endif