Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / hardware / intel / img / psb_headers / refs/tags/FP2-open-16.07.1 / . / DRM / cc54 / inc / wv_mod_drm_api.h
blob: c255dee6cd0bc05750330409cf60b3f73bb3f79c [file] [log] [blame]
Thierry Strudel58ab4ce2014-09-25 22:01:08 -0700[diff] [blame]1/*
2 * Copyright (C) 2014 Intel Corporation. All rights reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef __WV_MOD_DRM_API_H_
18#define __WV_MOD_DRM_API_H_
19
20#include <inttypes.h>
21#include "drm_common_api.h"
22#include "wv_mod_oem_crypto.h"
23
24/*!
25 * Defines
26 */
27#define DRM_WV_MOD_CLEAR_CONTENT_FLAG (1)
28#define DRM_WV_MOD_AUDIO_CONTENT_FLAG (1 << 1)
29#define DRM_WV_MOD_SECURE_CONTENT_FLAG (1 << 2)
30
31/*!
32 * APIs
33 */
34uint32_t drm_wv_mod_open_session(uint32_t *session_id);
35
36uint32_t drm_wv_mod_close_session(uint32_t session_id);
37
38uint32_t drm_wv_mod_start_playback(uint32_t session_id);
39
40uint32_t drm_wv_mod_stop_playback(uint32_t session_id);
41
42uint32_t drm_wv_mod_generate_derived_keys(uint32_t session_id,
43 const uint8_t *mac_key_context,
44 uint32_t mac_key_context_length,
45 const uint8_t *enc_key_context,
46 uint32_t enc_key_context_length);
47
48uint32_t drm_wv_mod_generate_nonce(uint32_t session_id,
49 uint32_t *nonce);
50
51uint32_t drm_wv_mod_generate_signature(uint32_t session_id,
52 const uint8_t *message,
53 uint32_t message_length,
54 uint8_t *signature,
55 uint32_t *signature_length);
56
57uint32_t drm_wv_mod_load_keys(uint32_t session_id,
58 const uint8_t *message,
59 uint32_t message_length,
60 const uint8_t *signature,
61 uint32_t signature_length,
62 const uint8_t *enc_mac_keys_iv,
63 const uint8_t *enc_mac_keys,
64 uint32_t num_keys,
65 const struct drm_wv_mod_key_object *key_array);
66
67uint32_t drm_wv_mod_refresh_keys(uint32_t session_id,
68 const uint8_t *message,
69 uint32_t message_length,
70 const uint8_t *signature,
71 uint32_t signature_length,
72 uint32_t num_keys,
73 const struct drm_wv_mod_key_refresh_object *key_array);
74
75uint32_t drm_wv_mod_select_key(uint32_t session_id,
76 const uint8_t *key_id,
77 uint32_t key_id_length);
78
79uint32_t drm_wv_mod_decrypt_ctr(uint32_t session_id,
80 const uint8_t *inp_data_buffer,
81 uint32_t inp_data_size,
82 uint8_t *out_data_buffer,
83 uint32_t out_data_size,
84 const uint8_t *iv,
85 uint8_t flags);
86
87uint32_t drm_wv_mod_rewrap_device_rsa_key(uint32_t session_id,
88 const uint8_t *message,
89 uint32_t message_length,
90 const uint8_t *signature,
91 uint32_t signature_length,
92 uint32_t *nonce,
93 const uint8_t *enc_rsa_key,
94 uint32_t enc_rsa_key_length,
95 const uint8_t *enc_rsa_key_iv,
96 uint8_t *wrapped_rsa_key,
97 uint32_t *wrapped_rsa_key_length);
98
99uint32_t drm_wv_mod_load_device_rsa_key(uint32_t session_id,
100 const uint8_t *wrapped_rsa_key,
101 uint32_t wrapped_rsa_key_length);
102
103uint32_t drm_wv_mod_generate_rsa_signature(uint32_t session_id,
104 const uint8_t *message,
105 uint32_t message_length,
106 uint8_t *signature,
107 uint32_t *signature_length);
108
109uint32_t drm_wv_mod_derive_keys_from_session_key(uint32_t session_id,
110 const uint8_t *enc_session_key,
111 uint32_t enc_session_key_length,
112 const uint8_t *mac_key_context,
113 uint32_t mac_key_context_length,
114 const uint8_t *enc_key_context,
115 uint32_t enc_key_context_length);
116
117uint32_t drm_wv_mod_generic_encrypt(uint32_t session_id,
118 const uint8_t *in_buffer,
119 uint32_t buffer_size,
120 const uint8_t *iv,
121 enum drm_wv_mod_algorithm algorithm,
122 uint8_t *out_buffer);
123
124uint32_t drm_wv_mod_generic_decrypt(uint32_t session_id,
125 const uint8_t *in_buffer,
126 uint32_t buffer_size,
127 const uint8_t *iv,
128 enum drm_wv_mod_algorithm algorithm,
129 uint8_t *out_buffer);
130
131uint32_t drm_wv_mod_generic_sign(uint32_t session_id,
132 const uint8_t *in_buffer,
133 uint32_t buffer_size,
134 enum drm_wv_mod_algorithm algorithm,
135 uint8_t *signature,
136 uint32_t *signature_size);
137
138uint32_t drm_wv_mod_generic_verify(uint32_t session_id,
139 const uint8_t *in_buffer,
140 uint32_t buffer_size,
141 enum drm_wv_mod_algorithm algorithm,
142 const uint8_t *signature,
143 uint32_t signature_size);
144
145/*! Version 9 specific APIs */
146uint32_t drm_wv_mod_v9_load_keys(uint32_t session_id,
147 const uint8_t *message,
148 uint32_t message_length,
149 const uint8_t *signature,
150 uint32_t signature_length,
151 const uint8_t *enc_mac_keys_iv,
152 const uint8_t *enc_mac_keys,
153 uint32_t num_keys,
154 const struct drm_wv_mod_key_object *key_array,
155 const uint8_t *pst,
156 uint32_t pst_length);
157
158uint32_t drm_wv_mod_v9_generate_rsa_signature(uint32_t session_id,
159 const uint8_t *message,
160 uint32_t message_length,
161 uint8_t *signature,
162 uint32_t *signature_length,
163 enum drm_wv_mod_rsa_padding_scheme padding_scheme);
164
165
166/**
167 * @brief Loads an existing usage table into chaabi secure memory
168 *
169 * This should be first called prior to load keys. Caller shall call
170 * drm_wv_mod_update_usage_table after making this call.
171 *
172 * @param[in] usage_table_data
173 * Existing usage table blob to load. If NULL, chaabi will
174 * return required table size.
175 * @param[in,out] data_size
176 * Size of the passed-in usage_table_data, in bytes. This
177 * will always be updated to the required table size.
178 */
179uint32_t drm_wv_mod_load_usage_table(const uint8_t *const usage_table_data,
180 uint32_t *const data_size);
181
182/* @brief Update usage table and return it
183 *
184 * Chaabi will update the usage table from its TEE memory and set the flag
185 * is_updated.
186 *
187 * Upon returning DRM_WV_MOD_SUCCESS and is_updated == 1, caller should
188 * write save the usage table to the file system.
189 *
190 * @param[out] usage_table_data
191 * Buffer where the usage table will be returned. Input is ignored.
192 * This will only contain data if is_updated == 1.
193 * @param[in] data_size
194 * Size of the usage_table_data buffer, which must be large enough to
195 * hold the entire structure. This size can be obtained via the
196 * load_usage_table API or by re-using the size of a previous table blob.
197 * @param[out] is_updated
198 * Flag indicating if the table has changed since the last
199 * update_usage_table or load_usage_table call.
200 *
201 * TODO: Return documentation
202 */
203uint32_t drm_wv_mod_update_usage_table(uint8_t *const usage_table_data,
204 uint32_t data_size,
205 uint8_t *const is_updated);
206
207// NOTE: drm_wv_mod_update_usage_table shall be called after calling this
208// function
209// TODO: Documentation
210uint32_t drm_wv_mod_deactivate_usage_entry(const uint8_t *const pst,
211 uint32_t pst_length);
212
213/**
214 * @brief Returns the usage entry information for a particular pst
215 *
216 * Caller shall call drm_wv_mod_update_usage_table after making this call.
217 *
218 * @param[in] session_id
219 * Session ID to be associated with the pst entry
220 * @param[in] pst
221 * Pointer to pst data used as an index into the usage table
222 * @param[in] pst_length
223 * Length of pst buffer in bytes
224 * @param[out] pst_report_buffer
225 * Pointer to caller-allocated memory where the usage report shall be placed
226 * @param[in,out] pst_report_buffer_length
227 * Length of provided pst_report_buffer in bytes. Should be sizeof(pst) +
228 * sizeof(struct OEMCrypto_PST_Report) in length. If extra space is provided,
229 * this field will reflect the actual size of the returned report.
230 *
231 * TODO: Return documentation
232 */
233uint32_t drm_wv_mod_report_usage(uint32_t session_id,
234 const uint8_t *const pst,
235 uint32_t pst_length,
236 uint8_t *const pst_report_buffer,
237 uint32_t *const pst_report_buffer_length);
238
239/**
240 * @brief Deletes a previously-reported entry from the usage table
241 *
242 * Caller shall call drm_wv_mod_update_usage_table after making this call.
243 *
244 * @param[in] session_id
245 * Session ID previously associated with the pst
246 * @param[in] pst
247 * Pointer to pst data used as an index into the usage table
248 * @param[in] pst_length
249 * Length of pst buffer in bytes
250 * @param[in] msg
251 * Pointer to message to be verified
252 * @param[in] msg_len
253 * Length of msg buffer in bytes
254 * @param[in] signature
255 * Pointer to signature to verify against
256 * @param[in] signature_length
257 * Length of signature buffer in bytes
258 *
259 * TODO: Return Documentation
260 */
261uint32_t drm_wv_mod_delete_usage_entry(uint32_t session_id,
262 const uint8_t *const pst,
263 uint32_t pst_length,
264 const uint8_t *const msg,
265 uint32_t msg_length,
266 const uint8_t *const signature,
267 uint32_t signature_length);
268
269// This will only clear Chaabi TEE memory. Caller is responsible for deleting
270// usage table file from file system.
271// TODO: Documentation
272uint32_t drm_wv_mod_delete_usage_table(void);
273
274/**
275 * brief Clear session context
276 *
277 * This API is used to reset all sessions context.
278 * Typically called to cleanup sessions resulting from a application crash.
279 */
280uint32_t drm_wv_mod_reset_session_context(void);
281
282#endif /* __WV_MOD_DRM_API_H_ */