TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-A / trusted-firmware-a / 4ac5b3949d874c4e0cd74fce8360a554bfd4cd3f^! / . / docs / design / auth-framework.rst
commit4ac5b3949d874c4e0cd74fce8360a554bfd4cd3f[log] [tgz]
authorYann Gautier <yann.gautier@foss.st.com>Tue Jan 24 09:39:47 2023 +0100
committerManish V Badarkhe <Manish.Badarkhe@arm.com>Fri Apr 21 09:46:01 2023 +0100
tree54a40c8c0f9a3efd4db297cff66cb8091fe6c383
parent0ca7b32623041acca0e505a07fca458fe0876d79 [diff] [blame]
refactor(auth): replace plat_convert_pk

Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.

[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6

diff --git a/docs/design/auth-framework.rst b/docs/design/auth-framework.rst
index 508a82f..597f955 100644
--- a/docs/design/auth-framework.rst
+++ b/docs/design/auth-framework.rst

@@ -256,7 +256,8 @@
                         _verify_signature,
                         _calc_hash,
                         _verify_hash,
-                        _auth_decrypt);
+                        _auth_decrypt,
+                        _convert_pk);
 
 ``_name`` must be a string containing the name of the CL. This name is used for
 debugging purposes.
@@ -266,6 +267,25 @@
 This function is mainly used in the ``MEASURED_BOOT`` and ``DRTM_SUPPORT``
 features to calculate the hashes of various images/data.
 
+Optionally, a platform function can be provided to convert public key
+(_convert_pk). It is only used if the platform saves a hash of the ROTPK.
+Most platforms save the hash of the ROTPK, but some may save slightly different
+information - e.g the hash of the ROTPK plus some related information.
+Defining this function allows to transform the ROTPK used to verify
+the signature to the buffer (a platform specific public key) which
+hash is saved in OTP.
+
+.. code:: c
+
+    int (*convert_pk)(void *full_pk_ptr, unsigned int full_pk_len,
+                      void **hashed_pk_ptr, unsigned int *hashed_pk_len);
+
+
+-  ``full_pk_ptr``: Pointer to Distinguished Encoding Rules (DER) ROTPK.
+-  ``full_pk_len``: DER ROTPK size.
+-  ``hashed_pk_ptr``: to return a pointer to a buffer, which hash should be the one saved in OTP.
+-  ``hashed_pk_len``: previous buffer size
+
 Image Parser Module (IPM)
 ^^^^^^^^^^^^^^^^^^^^^^^^^