commit 40f9f644e8af34e745dbaec73d7128c0a4902e54
author Nicolas Toromanoff <nicolas.toromanoff@st.com> Mon Nov 09 12:14:52 2020 +0100
committer Lionel Debieve <lionel.debieve@foss.st.com> Mon Nov 14 11:25:01 2022 +0100
tree 983df96f83a08473340ce875ee3a42d16f72f637
parent e78ba69e3525c968118eb91f443b1e9db9eee5f5

feat(auth): allow to verify PublicKey with platform format PK

In some platform the digest of the public key saved in the OTP is not
the digest of the exact same public key buffer needed to check the
signature. Typically, platform checks signature using the DER ROTPK
whereas some others add some related information. Add a new platform
weak function to transform the public key buffer used by
verify_signature to a platform specific public key.

Mark this new weak function as deprecated as it will be replaced
by another framework implementation.

Change-Id: I71017b41e3eca9398cededf317ad97e9b511be5f
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>

include/plat/common/platform.h

diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h
index c7b7908..8407bbd 100644
--- a/include/plat/common/platform.h
+++ b/include/plat/common/platform.h
@@ -344,6 +344,8 @@
 int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr);
 int plat_set_nv_ctr2(void *cookie, const struct auth_img_desc_s *img_desc,
 		unsigned int nv_ctr);
+int plat_convert_pk(void *full_pk_ptr, unsigned int full_pk_len,
+		    void **hashed_pk_ptr, unsigned int *hash_pk_len);
 int get_mbedtls_heap_helper(void **heap_addr, size_t *heap_size);
 int plat_get_enc_key_info(enum fw_enc_status_t fw_enc_status, uint8_t *key,
 			  size_t *key_len, unsigned int *flags,