1 /*
2  * Copyright (C) 2021 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <dice/android.h>
20 #include <dice/dice.h>
21 #include <lk/compiler.h>
22 #include <stddef.h>
23 #include <stdint.h>
24 #include <uapi/trusty_uuid.h>
25 
26 __BEGIN_CDECLS
27 
28 typedef void* swbcc_session_t;
29 
30 /**
31  * swbcc_glob_init()  - Initialize the global state in hwbcc TA.
32  * @code_hash:        - Code hash of the child node in DICE chain.
33  * @authority_hash:   - Hash of the key used to verify the signature over the
34  *                      code hash of the child node in DICE chain.
35  * @FRS:              - A secret (of size: DICE_HIDDEN_SIZE) with factory reset
36  *                      life time, which is stored in tamper-evident storage.
37  * @child_node_info:  - Information about the child node of Trusty in the DICE
38  *                      chain in non-secure world (e.g. ABL). This is required
39  *                      to derive DICE artifacts for the child node.
40  *
41  * Return: 0 on success, or an error code < 0 on failure.
42  */
43 int swbcc_glob_init(const uint8_t FRS[DICE_HIDDEN_SIZE],
44                     const uint8_t code_hash[DICE_HASH_SIZE],
45                     const uint8_t authority_hash[DICE_HASH_SIZE],
46                     const DiceAndroidConfigValues* config_descriptor);
47 
48 int swbcc_init(swbcc_session_t* s, const struct uuid* client);
49 
50 /**
51  * swbcc_get_client() - Get UUID of session client.
52  * @s                 - swbcc session data
53  * @client            - uuid of swbcc session client
54  */
55 void swbcc_get_client(const swbcc_session_t s, struct uuid* client);
56 
57 void swbcc_close(swbcc_session_t s);
58 
59 int swbcc_sign_key(swbcc_session_t s,
60                    uint32_t test_mode,
61                    int32_t cose_algorithm,
62                    const uint8_t* key,
63                    uint32_t key_size,
64                    const uint8_t* aad,
65                    size_t aad_size,
66                    uint8_t* cose_sign1,
67                    size_t cose_sign1_buf_size,
68                    size_t* cose_sign1_size);
69 
70 int swbcc_get_bcc(swbcc_session_t s,
71                   uint32_t test_mode,
72                   uint8_t* bcc,
73                   size_t bcc_buf_size,
74                   size_t* bcc_size);
75 
76 int swbcc_get_dice_artifacts(swbcc_session_t s,
77                              uint64_t context,
78                              uint8_t* dice_artifacts,
79                              size_t dice_artifacts_buf_size,
80                              size_t* dice_artifacts_size);
81 
82 int swbcc_ns_deprivilege(swbcc_session_t s);
83 
84 __END_CDECLS
85