Software APIs
boot_svc_ownership_unlock.h
1// Copyright lowRISC contributors (OpenTitan project).
2// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3// SPDX-License-Identifier: Apache-2.0
4
5#ifndef OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_BOOT_SVC_BOOT_SVC_OWNERSHIP_UNLOCK_H_
6#define OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_BOOT_SVC_BOOT_SVC_OWNERSHIP_UNLOCK_H_
7
8#include <stdint.h>
9
10#include "sw/device/lib/base/macros.h"
11#include "sw/device/silicon_creator/lib/base/chip.h"
12#include "sw/device/silicon_creator/lib/boot_svc/boot_svc_header.h"
13#include "sw/device/silicon_creator/lib/error.h"
14#include "sw/device/silicon_creator/lib/nonce.h"
15#include "sw/device/silicon_creator/lib/ownership/datatypes.h"
16
17#ifdef __cplusplus
18extern "C" {
19#endif // __cplusplus
20
21enum {
22 // ASCII: ANY
23 kBootSvcUnlockAny = 0x00594e41,
24 // ASCII: ENDO
25 kBootSvcUnlockEndorsed = 0x4f444e45,
26 // ASCII: UPD
27 kBootSvcUnlockUpdate = 0x00445055,
28 // ASCII: ABRT
29 kBootSvcUnlockAbort = 0x54524241,
30
31 /** Ownership unlock request: `UNLK`. */
32 kBootSvcOwnershipUnlockReqType = 0x4b4c4e55,
33 /** Ownership unlock response: `KLNU`. */
34 kBootSvcOwnershipUnlockResType = 0x554e4c4b,
35};
36
37/**
38 * An ownership unlock request.
39 */
40typedef struct boot_svc_ownership_unlock_req {
41 /**
42 * Boot services message header.
43 */
44 boot_svc_header_t header;
45 /**
46 * Unlock mode: Any, Endorsed, Update or Abort.
47 */
48 uint32_t unlock_mode;
49 /**
50 * The 64-bit ID subfield of the full 256-bit device ID.
51 */
52 uint32_t din[2];
53 /**
54 * Reserved for future use.
55 */
56 uint32_t reserved[7];
57 /**
58 * Algorithm identifier of the next owner (for endorsed mode).
59 *
60 * It should be one of the `ownership_key_alg_t` enum.
61 */
62 uint32_t next_owner_key_alg;
63 /**
64 * The current ownership nonce.
65 */
66 nonce_t nonce;
67 /**
68 * The public key of the next owner (for endorsed mode).
69 */
70 owner_keydata_t next_owner_key;
71 /**
72 * Signature over [unlock_mode..next_owner_key]
73 */
74 owner_signature_t signature;
75
76} boot_svc_ownership_unlock_req_t;
77
78OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, header, 0);
79OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, unlock_mode,
80 CHIP_BOOT_SVC_MSG_HEADER_SIZE);
81OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, din,
82 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 4);
83OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, reserved,
84 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 12);
85OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, next_owner_key_alg,
86 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 40);
87OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, nonce,
88 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 44);
89OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, next_owner_key,
90 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 52);
91OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_req_t, signature,
92 CHIP_BOOT_SVC_MSG_HEADER_SIZE + 148);
93OT_ASSERT_SIZE(boot_svc_ownership_unlock_req_t, 256);
94
95/**
96 * An ownership unlock response.
97 */
98typedef struct boot_svc_ownership_unlock_res {
99 /**
100 * Boot services message header.
101 */
102 boot_svc_header_t header;
103 /**
104 * Response status from the ROM_EXT.
105 */
106 uint32_t status;
107} boot_svc_ownership_unlock_res_t;
108
109OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_res_t, header, 0);
110OT_ASSERT_MEMBER_OFFSET(boot_svc_ownership_unlock_res_t, status,
111 CHIP_BOOT_SVC_MSG_HEADER_SIZE);
112OT_ASSERT_SIZE(boot_svc_ownership_unlock_res_t, 48);
113
114/**
115 * Initialize an ownership unlock request.
116 *
117 * @param[out] msg Output buffer for the message.
118 */
119void boot_svc_ownership_unlock_req_init(uint32_t unlock_mode,
120 uint32_t next_owner_key_alg,
121 nonce_t nonce,
122 const owner_keydata_t *next_owner_key,
123 const owner_signature_t *signature,
124 boot_svc_ownership_unlock_req_t *msg);
125
126/**
127 * Initialize an ownership unlock response.
128 *
129 * @param status Reponse from the ROM_EXT after receiving the request.
130 * @param[out] msg Output buffer for the message.
131 */
132void boot_svc_ownership_unlock_res_init(rom_error_t status,
133 boot_svc_ownership_unlock_res_t *msg);
134
135#ifdef __cplusplus
136} // extern "C"
137#endif // __cplusplus
138
139#endif // OPENTITAN_SW_DEVICE_SILICON_CREATOR_LIB_BOOT_SVC_BOOT_SVC_OWNERSHIP_UNLOCK_H_