1 /*
2  * Copyright 2021, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #pragma once
18 
19 #include <lib/tipc/tipc_srv.h>
20 #include <lk/compiler.h>
21 #include <stddef.h>
22 #include <stdint.h>
23 #include <uapi/trusty_uuid.h>
24 
25 __BEGIN_CDECLS
26 
27 /**
28  * typedef hwbcc_session_t - Opaque session token.
29  *
30  * This token is used to identify a HWBCC session and can be used to save
31  * session-specific state, e.g. client UUID.
32  */
33 typedef void* hwbcc_session_t;
34 
35 /**
36  * struct hwbcc_ops - HWBCC callbacks
37  * @init:     Initializes a new session.
38  * @close:    Closes a session previously initialized by @init.
39  * @sign_key: Signs a key and returns a COSE_Sign1 message.
40  * @get_bcc:  Retrieves the Boot Certificate Chain for the device.
41  * @get_dice_artifacts: Retrieves DICE artifacts for
42  * a child node in the DICE chain/tree.
43  * @ns_deprivilege: Deprivilege hwbcc from serving calls to
44  * non-secure clients.
45  *
46  * Callbacks defined here are meant to be implemented by the "backend" of HWBCC
47  * service. See the "frontend" interface for more details:
48  * trusty/user/base/lib/hwbcc/client/include/lib/hwbcc/client/hwbcc.h
49  */
50 struct hwbcc_ops {
51     int (*init)(hwbcc_session_t* s, const struct uuid* client);
52     void (*close)(hwbcc_session_t s);
53     int (*sign_key)(hwbcc_session_t s,
54                     uint32_t test_mode,
55                     int32_t algorithm,
56                     const uint8_t* key,
57                     uint32_t key_size,
58                     const uint8_t* aad,
59                     size_t aad_size,
60                     uint8_t* cose_sign1,
61                     size_t cose_sign1_buf_size,
62                     size_t* cose_sign1_size);
63     int (*get_bcc)(hwbcc_session_t s,
64                    uint32_t test_mode,
65                    uint8_t* bcc,
66                    size_t bcc_buf_size,
67                    size_t* bcc_size);
68     int (*get_dice_artifacts)(hwbcc_session_t s,
69                               uint64_t context,
70                               uint8_t* dice_artifacts,
71                               size_t dice_artifacts_buf_size,
72                               size_t* dice_artifacts_size);
73     int (*ns_deprivilege)(hwbcc_session_t s);
74 };
75 
76 /**
77  * add_hwbcc_service() - Add HWBCC service.
78  * @hset: Handle set created by tipc_hset_create().
79  * @ops:  HWBCC operations.
80  *
81  * The caller should call tipc_run_event_loop() at some point after this call
82  * returns.
83  *
84  * Return: 0 on success, or an error code < 0 on failure.
85  */
86 int add_hwbcc_service(struct tipc_hset* hset, const struct hwbcc_ops* ops);
87 
88 __END_CDECLS
89