Gitiles
Code Review Sign In
192.168.1.100 / T108 / e958203796650e3959a43708d67534bf36f4c83b / . / marvell / lte-telephony / apps / security / libatps / libatps_api.h
blob: f4b0968888d763e782eb86ea8636996550ca87a0 [file] [log] [blame]
/*
* Copyright (C) 2023 ASR Microelectronic Ltd.
*
* Author: yonggan.wang <yongganwang@asrmicro.com>
*
* This file contains proprietary information.
* No dissemination allowed without prior written permission from
* ASR Microelectronic Ltd.
*
* File Description:
*
* This file contains mainly api of aes/fuse/random
*/
#ifndef L_LIBATPS_API_H
#define L_LIBATPS_API_H
#include <stdio.h>
#include <stdbool.h>
#include <stdint.h>
#include <string.h>
#include <unistd.h>
/** atps_random_generate
@param buf random buf
@param len generate random's length
@return 0 if successful
*/
extern int atps_random_generate(void *buf, size_t len);
/** atps_read_fuse_info
@param cmd cmdline of fuse info
GEU_READ_OEMHASHKEY,
GEU_READ_LIFECYCLE,
GEU_READ_OEM_UUID,
GEU_BURN_SIM_LOCK,
GEU_GET_SIM_LOCK,
GEU_GET_TRUST_MODE,
@param buf fuse buf
@param len fuse info length
@return 0 if successful
*/
extern int atps_read_fuse_info(unsigned int cmd, void *buf, uint32_t *len);
/*-----af alg type encrypt/decrypt-----*/
/** atps_afalg_aes_ecb_encrypt
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_ecb_encrypt(const uint8_t *key, const uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_afalg_aes_ecb_decrypt
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_ecb_decrypt(const uint8_t *key, const uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/** atps_afalg_aes_cbc_encrypt
@param iv initial vector
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_cbc_encrypt(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_afalg_aes_cbc_decrypt
@param iv initial vector
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_cbc_decrypt(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/** atps_afalg_aes_ecb_encrypt_hwkey
notice: 1) use hardware key if burned hardware key;
1) use input key if not burned hardware key but input key not null;
2) use default key if not burned rkek but input key is null;
char default_key[64] = {"asr-aes-default-key-without-rkek"};
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_ecb_encrypt_hwkey(const uint8_t *key, const uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_afalg_aes_ecb_decrypt_hwkey
notice: 1) use hardware key if burned hardware key;
1) use input key if not burned hardware key but input key not null;
2) use default key if not burned rkek but input key is null;
char default_key[64] = {"asr-aes-default-key-without-rkek"};
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_ecb_decrypt_hwkey(const uint8_t *key, const uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/** atps_afalg_aes_cbc_encrypt_hwkey
notice: 1) use hardware key if burned hardware key;
1) use input key if not burned hardware key but input key not null;
2) use default key if not burned rkek but input key is null;
char default_key[64] = {"asr-aes-default-key-without-rkek"};
@param iv initial vector
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_cbc_encrypt_hwkey(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_afalg_aes_cbc_decrypt_hwkey
notice: 1) use hardware key if burned hardware key;
1) use input key if not burned hardware key but input key not null;
2) use default key if not burned rkek but input key is null;
char default_key[64] = {"asr-aes-default-key-without-rkek"};
@param iv initial vector
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_afalg_aes_cbc_decrypt_hwkey(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/*-----cryptodev type encrypt/decrypt-----*/
/** atps_cryptd_aes_ecb_encrypt
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_cryptd_aes_ecb_encrypt(const uint8_t *key, const uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_cryptd_aes_ecb_decrypt
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_cryptd_aes_ecb_decrypt(const uint8_t *key, const uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/** atps_cryptd_aes_cbc_encrypt
@param iv initial vector
@param key input key
@param keylen input key length
@param plaintext input plaintext
@param ciphertext ciphertext after encrypt
@param size encrypt length
@return 0 if successful
*/
extern int atps_cryptd_aes_cbc_encrypt(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* plaintext, void* ciphertext, size_t size);
/** atps_cryptd_aes_cbc_decrypt
@param iv initial vector
@param key input key
@param keylen input key length
@param ciphertext input ciphertext
@param plaintext plaintext after decrypt
@param size decrypt length
@return 0 if successful
*/
extern int atps_cryptd_aes_cbc_decrypt(const uint8_t *iv, const uint8_t *key, uint32_t keylen, \
const void* ciphertext, void* plaintext, size_t size);
/*-----af alg type sha-----*/
typedef struct crypto_hash {
int s; /* socket return value */
int t; /* accept return value */
size_t mac_len; /* hash len */
} atps_sha_context;
/** atps_afalg_hash_init
@param ctx hash context
@param alg hash algorithm, input support: "md5", "sha1", "224", sha256", "sha384", "512",
the actual supported algorithm is determined by the crypto driver.
@return 0 if successful
*/
extern int atps_afalg_hash_init(atps_sha_context *ctx, const char *alg);
/** atps_afalg_hash_update
@param ctx hash context
@param data input data
@param len input data length
@return 0 if successful
*/
extern int atps_afalg_hash_update(atps_sha_context *ctx, const uint8_t *data, size_t len);
/** atps_afalg_hash_finish
@param ctx hash context
@param out output hash
@param out_size hash length
@return 0 if successful
*/
extern int atps_afalg_hash_finish(atps_sha_context *ctx, uint8_t *out, uint32_t out_size);
/*-----rsa APIs by io_ctl-----*/
/* rsa signature APIs */
/**
* @brief This function performs a PKCS#1 v1.5 with
* sha1 signature operation.
*
* @param[in] n key modulus
* @param[in] n_size key modulus size
* @param[in] p The first prime factor
* @param[in] p_size The first prime factor size
* @param[in] q The second prime factor
* @param[in] q_size The second prime factor size
* @param[in] d The private exponent
* @param[in] d_size The private exponent size
* @param[in] e The public exponent
* @param[in] e_size The public exponent size
* @param[in] msg The message being signed
* @param[in] msg_size The message size
* @param[in] sign The buffer to hold the signature
*
* @return 0 if successful
*/
extern int atps_rsa_pkcs_v15_sha1_sign(uint8_t *n,
size_t n_size,
uint8_t *p,
size_t p_size,
uint8_t *q,
size_t q_size,
uint8_t *d,
size_t d_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign);
/**
* @brief This function performs a PKCS#1 v1.5 with sha256 signature operation.
*/
extern int atps_rsa_pkcs_v15_sha256_sign(uint8_t *n,
size_t n_size,
uint8_t *p,
size_t p_size,
uint8_t *q,
size_t q_size,
uint8_t *d,
size_t d_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign);
/**
* @brief This function performs a PKCS#1 v2.1 with sha256 signature operation.
*/
extern int atps_rsa_pkcs_v21_sha1_sign(uint8_t *n,
size_t n_size,
uint8_t *p,
size_t p_size,
uint8_t *q,
size_t q_size,
uint8_t *d,
size_t d_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign);
/**
* @brief This function performs a PKCS#1 v2.1 with sha256 signature operation.
*/
extern int atps_rsa_pkcs_v21_sha256_sign(uint8_t *n,
size_t n_size,
uint8_t *p,
size_t p_size,
uint8_t *q,
size_t q_size,
uint8_t *d,
size_t d_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign);
/* rsa verify APIs */
/**
* @brief This function performs a PKCS#1 v1.5 with
* sha1 verification operation.
*
* @param[in] n Public key modulus
* @param[in] n_size Public key modulus size
* @param[in] e Public key exponent
* @param[in] e_size Public key exponent size
* @param[in] msg The message being signed
* @param[in] msg_size The message size
* @param[in] sign The buffer to hold the signature
* @param[in] sign_size The buffer size to hold the signature
*
* @return 0 if successful
*/
extern int atps_rsa_pkcs_v15_sha1_verify(uint8_t *n,
size_t n_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign,
size_t sign_size);
/**
* @brief This function performs a PKCS#1 v1.5 with sha256 verification operation.
*/
extern int atps_rsa_pkcs_v15_sha256_verify(uint8_t *n,
size_t n_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign,
size_t sign_size);
/**
* @brief This function performs a PKCS#1 v2.1 with sha1 verification operation.
*/
extern int atps_rsa_pkcs_v21_sha1_verify(uint8_t *n,
size_t n_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign,
size_t sign_size);
/**
* @brief This function performs a PKCS#1 v2.1 with sha256 verification operation.
*/
extern int atps_rsa_pkcs_v21_sha256_verify(uint8_t *n,
size_t n_size,
uint8_t *e,
size_t e_size,
uint8_t *msg,
size_t msg_size,
uint8_t *sign,
size_t sign_size);
#endif