mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2025-11-24 02:05:01 +00:00
939cc3a5c2
This refactors futility and the host library to use only vboot 2.0 APIs to create and verify keyblocks. BUG=chromium:611535 BRANCH=none TEST=make runtests Change-Id: Ia3cc1e24971b94f01bcb4890c8666a3af6f84841 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/356129 Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
71 lines
1.9 KiB
C
71 lines
1.9 KiB
C
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
|
|
* Use of this source code is governed by a BSD-style license that can be
|
|
* found in the LICENSE file.
|
|
*
|
|
* Host-side functions for verified boot.
|
|
*/
|
|
|
|
#ifndef VBOOT_REFERENCE_HOST_KEYBLOCK_H_
|
|
#define VBOOT_REFERENCE_HOST_KEYBLOCK_H_
|
|
|
|
#include "host_key.h"
|
|
#include "vboot_struct.h"
|
|
|
|
struct vb2_keyblock;
|
|
|
|
/**
|
|
* Create a keyblock header
|
|
*
|
|
* @param data_key Data key to store in keyblock
|
|
* @param signing_key Key to sign keyblock with. May be NULL if keyblock
|
|
* only needs a hash digest.
|
|
* @param flags Keyblock flags
|
|
*
|
|
* @return The keyblock, or NULL if error. Caller must free() it.
|
|
*/
|
|
struct vb2_keyblock *vb2_create_keyblock(
|
|
const struct vb2_packed_key *data_key,
|
|
const struct vb2_private_key *signing_key,
|
|
uint32_t flags);
|
|
|
|
/**
|
|
* Create a keyblock header using an external signer for all private key
|
|
* operations.
|
|
*
|
|
* @param data_key Data key to store in keyblock
|
|
* @param signing_key_pem_file Filename of private key
|
|
* @param algorithm Signing algorithm index
|
|
* @param flags Keyblock flags
|
|
* @param external_signer Path to external signer program
|
|
*
|
|
* @return The keyblock, or NULL if error. Caller must free() it.
|
|
*/
|
|
struct vb2_keyblock *vb2_create_keyblock_external(
|
|
const struct vb2_packed_key *data_key,
|
|
const char *signing_key_pem_file,
|
|
uint32_t algorithm,
|
|
uint32_t flags,
|
|
const char *external_signer);
|
|
|
|
/**
|
|
* Read a keyblock from a .keyblock file.
|
|
*
|
|
* @param filename File to read keyblock from
|
|
*
|
|
* @return The keyblock, or NULL if error. Caller must free() it.
|
|
*/
|
|
struct vb2_keyblock *vb2_read_keyblock(const char *filename);
|
|
|
|
/**
|
|
* Write a keyblock to a file in .keyblock format.
|
|
*
|
|
* @param filename Filename to write
|
|
* @param keyblock Keyblock to write
|
|
*
|
|
* @return VB2_SUCCESS, or non-zero if error.
|
|
*/
|
|
int vb2_write_keyblock(const char *filename,
|
|
const struct vb2_keyblock *keyblock);
|
|
|
|
#endif /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */
|