mirror of
https://github.com/smaeul/u-boot.git
synced 2025-10-26 17:48:26 +00:00
1bb0a21b46
Adds an API that verifies a signature attached to an image (binary blob). This API is basically a entry to a secure ROM service provided by the device and accessed via an SMC call, using a particular calling convention. Signed-off-by: Daniel Allred <d-allred@ti.com> Signed-off-by: Andreas Dannenberg <dannenberg@ti.com> Reviewed-by: Tom Rini <trini@konsulko.com>
31 lines
931 B
C
31 lines
931 B
C
/*
|
|
* (C) Copyright 2016
|
|
* Texas Instruments, <www.ti.com>
|
|
*
|
|
* Andreas Dannenberg <dannenberg@ti.com>
|
|
*
|
|
* SPDX-License-Identifier: GPL-2.0+
|
|
*/
|
|
#ifndef _OMAP_SEC_COMMON_H_
|
|
#define _OMAP_SEC_COMMON_H_
|
|
|
|
#include <common.h>
|
|
|
|
/*
|
|
* Invoke secure ROM API on high-security (HS) device variants. It formats
|
|
* the variable argument list into the format expected by the ROM code before
|
|
* triggering the actual low-level smc entry.
|
|
*/
|
|
u32 secure_rom_call(u32 service, u32 proc_id, u32 flag, ...);
|
|
|
|
/*
|
|
* Invoke a secure ROM API on high-secure (HS) device variants that can be used
|
|
* to verify a secure blob by authenticating and optionally decrypting it. The
|
|
* exact operation performed depends on how the certificate that was embedded
|
|
* into the blob during the signing/encryption step when the secure blob was
|
|
* first created.
|
|
*/
|
|
int secure_boot_verify_image(void **p_image, size_t *p_size);
|
|
|
|
#endif /* _OMAP_SEC_COMMON_H_ */
|