Loading...
Searching...
No Matches
suit.h
1/*
2 * Copyright (C) 2019 Koen Zandberg
3 * 2019 Kaspar Schleiser <kaspar@schleiser.de>
4 *
5 * This file is subject to the terms and conditions of the GNU Lesser
6 * General Public License v2.1. See the file LICENSE in the top level
7 * directory for more details.
8 */
30#ifndef SUIT_H
31#define SUIT_H
32
33#include <stddef.h>
34#include <stdint.h>
35
36#include "cose/sign.h"
37#include "nanocbor/nanocbor.h"
38#include "uuid.h"
39
40#ifdef __cplusplus
41extern "C" {
42#endif
43
47#ifndef SUIT_COSE_BUF_SIZE
48#define SUIT_COSE_BUF_SIZE (180U)
49#endif
50
54#ifndef CONFIG_SUIT_COMPONENT_MAX
55#define CONFIG_SUIT_COMPONENT_MAX (1U)
56#endif
57
61#ifndef CONFIG_SUIT_COMPONENT_MAX_NAME_LEN
62#define CONFIG_SUIT_COMPONENT_MAX_NAME_LEN (32U)
63#endif
64
71#define SUIT_VERSION (1)
72
82#define SUIT_STATE_HAVE_COMPONENTS (1 << 0)
83
87#define SUIT_STATE_COSE_AUTHENTICATED (1 << 1)
88
92#define SUIT_STATE_FULLY_AUTHENTICATED (1 << 2)
114
127
140
147enum {
151};
152
157typedef enum {
158 SUIT_PARAMETER_VENDOR_IDENTIFIER = 1,
159 SUIT_PARAMETER_CLASS_IDENTIFIER = 2,
160 SUIT_PARAMETER_IMAGE_DIGEST = 3,
161 SUIT_PARAMETER_USE_BEFORE = 4,
162 SUIT_PARAMETER_COMPONENT_OFFSET = 5,
163 SUIT_PARAMETER_STRICT_ORDER = 12,
164 SUIT_PARAMETER_SOFT_FAILURE = 13,
165 SUIT_PARAMETER_IMAGE_SIZE = 14,
166 SUIT_PARAMETER_ENCRYPTION_INFO = 18,
167 SUIT_PARAMETER_COMPRESSION_INFO = 19,
168 SUIT_PARAMETER_UNPACK_INFO = 20,
169 SUIT_PARAMETER_URI = 21,
170 SUIT_PARAMETER_SOURCE_COMPONENT = 22,
171 SUIT_PARAMETER_RUN_ARGS = 23,
172 SUIT_PARAMETER_DEVICE_IDENTIFIER = 24,
173 SUIT_PARAMETER_MINIMUM_BATTERY = 26,
174 SUIT_PARAMETER_UPDATE_PRIORITY = 27,
175 SUIT_PARAMETER_VERSION = 28,
176 SUIT_PARAMETER_WAIT_INFO = 29,
177 SUIT_PARAMETER_URI_LIST = 30,
178} suit_parameter_t;
186typedef struct {
187 uint16_t offset;
189
196#define SUIT_COMPONENT_STATE_FETCHED (1 << 0)
197#define SUIT_COMPONENT_STATE_FETCH_FAILED (1 << 1)
198#define SUIT_COMPONENT_STATE_VERIFIED (1 << 2)
199#define SUIT_COMPONENT_STATE_INSTALLED (1 << 3)
200#define SUIT_COMPONENT_STATE_FINALIZED (1 << 4)
209
230
234typedef struct {
235 const uint8_t *buf;
236 size_t len;
237 const uint8_t *cose_payload;
239 uint32_t validated;
240 uint32_t state;
243 unsigned components_len;
246 uint8_t validation_buf[SUIT_COSE_BUF_SIZE];
247 char *urlbuf;
248 size_t urlbuf_len;
249 uint32_t seq_number;
251
257#define SUIT_MANIFEST_COMPONENT_ALL (UINT8_MAX)
258
264#define SUIT_MANIFEST_COMPONENT_NONE (SUIT_MANIFEST_COMPONENT_ALL - 1)
265
279int suit_parse(suit_manifest_t *manifest, const uint8_t *buf, size_t len);
280
290
297static inline void suit_component_set_flag(suit_component_t *component,
298 uint16_t flag)
299{
300 component->state |= flag;
301}
302
311static inline bool suit_component_check_flag(suit_component_t *component,
312 uint16_t flag)
313{
314 return (component->state & flag);
315}
316
326 const suit_component_t *component,
327 char separator, char *buf, size_t buf_len);
328#ifdef __cplusplus
329}
330#endif
331
332#endif /* SUIT_H */
#define SUIT_COSE_BUF_SIZE
Buffer size used for Cose.
Definition suit.h:48
#define CONFIG_SUIT_COMPONENT_MAX
Maximum number of components supported in a SUIT manifest.
Definition suit.h:55
suit_error_t
SUIT error codes.
Definition suit.h:98
suit_digest_type_t
SUIT payload digest types.
Definition suit.h:134
int suit_parse(suit_manifest_t *manifest, const uint8_t *buf, size_t len)
Parse a manifest.
static void suit_component_set_flag(suit_component_t *component, uint16_t flag)
Set a component flag.
Definition suit.h:297
suit_digest_t
SUIT payload digest algorithms.
Definition suit.h:121
int suit_policy_check(suit_manifest_t *manifest)
Check a manifest policy.
static bool suit_component_check_flag(suit_component_t *component, uint16_t flag)
Check a component flag.
Definition suit.h:311
int suit_component_name_to_string(const suit_manifest_t *manifest, const suit_component_t *component, char separator, char *buf, size_t buf_len)
Convert a component name to a string.
@ SUIT_ERR_INVALID_MANIFEST
Unexpected CBOR structure detected.
Definition suit.h:100
@ SUIT_ERR_NO_MEM
Out of memory condition.
Definition suit.h:109
@ SUIT_ERR_STORAGE_UNAVAILABLE
Backend location not available.
Definition suit.h:112
@ SUIT_ERR_COND
Conditionals evaluate to false.
Definition suit.h:103
@ SUIT_ERR_UNSUPPORTED
Unsupported SUIT feature detected.
Definition suit.h:101
@ SUIT_ERR_DIGEST_MISMATCH
Digest mismatch with COSE and SUIT.
Definition suit.h:107
@ SUIT_ERR_STORAGE
Backend returned an error.
Definition suit.h:110
@ SUIT_OK
Manifest parsed and validated.
Definition suit.h:99
@ SUIT_ERR_NOT_SUPPORTED
Unsupported features detected.
Definition suit.h:102
@ SUIT_ERR_STORAGE_EXCEEDED
Backend out of space.
Definition suit.h:111
@ SUIT_ERR_SIGNATURE
Unable to verify signature.
Definition suit.h:106
@ SUIT_ERR_POLICY_FORBIDDEN
Denied because of policy mismatch.
Definition suit.h:108
@ SUIT_ERR_SEQUENCE_NUMBER
Sequence number less or equal to current sequence number.
Definition suit.h:104
@ SUIT_DIGEST_TYPE_CIPHERTEXT
Ciphertext digest.
Definition suit.h:137
@ SUIT_DIGEST_TYPE_INSTALLED
Installed firmware digest.
Definition suit.h:136
@ SUIT_DIGEST_TYPE_PREIMAGE
Pre-image digest.
Definition suit.h:138
@ SUIT_DIGEST_TYPE_RAW
Raw payload digest.
Definition suit.h:135
@ SUIT_DIGEST_SHA256
SHA256.
Definition suit.h:123
@ SUIT_DIGEST_NONE
No digest algo supplied.
Definition suit.h:122
@ SUIT_DIGEST_SHA512
SHA512.
Definition suit.h:125
@ SUIT_DIGEST_SHA384
SHA384.
Definition suit.h:124
@ SUIT_COMPONENT_IDENTIFIER
Identifier component.
Definition suit.h:148
@ SUIT_COMPONENT_SIZE
Size component.
Definition suit.h:149
@ SUIT_COMPONENT_DIGEST
Digest component.
Definition suit.h:150
SUIT component struct as decoded from the manifest.
Definition suit.h:215
suit_param_ref_t param_size
Payload size.
Definition suit.h:223
suit_param_ref_t param_class_id
Class ID.
Definition suit.h:220
suit_param_ref_t param_uri
Payload fetch URI.
Definition suit.h:222
suit_param_ref_t param_digest
Payload verification digest.
Definition suit.h:221
suit_storage_ref_t * storage_backend
Storage backend used.
Definition suit.h:216
suit_param_ref_t param_vendor_id
Vendor ID.
Definition suit.h:219
suit_param_ref_t identifier
Component identifier.
Definition suit.h:218
uint16_t state
Component status flags.
Definition suit.h:217
suit_param_ref_t param_component_offset
Component offset inside the device memory.
Definition suit.h:228
SUIT manifest struct.
Definition suit.h:234
size_t len
length of the manifest
Definition suit.h:236
char * urlbuf
Buffer containing the manifest url.
Definition suit.h:247
uint32_t state
bitfield holding state information
Definition suit.h:240
const uint8_t * buf
ptr to the buffer of the manifest
Definition suit.h:235
uint32_t validated
bitfield of validated policies
Definition suit.h:239
size_t cose_payload_len
length of the COSE payload
Definition suit.h:238
const uint8_t * cose_payload
ptr to the payload of the COSE sign
Definition suit.h:237
size_t urlbuf_len
Length of the manifest url.
Definition suit.h:248
uint32_t seq_number
Set sequence number.
Definition suit.h:249
uint8_t component_current
Current component index.
Definition suit.h:244
unsigned components_len
Current number of components.
Definition suit.h:243
SUIT parameter reference.
Definition suit.h:186
uint16_t offset
offset to the start of the content
Definition suit.h:187
Generic storage backend state.
Definition storage.h:293
RFC 4122 UUID functions