scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-27 03:33:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
bcd8f4a07c664d55b67d4e8dc35e362b50b376bd
OpenCellular/utility/include/kernel_utility.h
Gaurav Shah bf7615bc31 Change kernel vboot header layout and add support for separate header verification. 
This CL adds 2 things:
- Instead of having a kernel config, now we have a kernel preamble which contains some important parameters needed by the bootloader in the firmware to kernel hand-off. These parameters are verified using a separate preamble signature in addition to the kernel signature on actual kernel image data.

- Adds a new VerifyKernelHeader() API function which verifies the kernel verified boot header excluding the kernel data and also extracts parameters out of this header needed to verify the actual kernel image data (if deemed necessary). This allows for vboot header verification and data verification to be performed separately.

Review URL: http://codereview.chromium.org/2234003
2010-05-26 10:26:00 -07:00

82 lines
2.4 KiB
C++
Raw Blame History

// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef VBOOT_REFERENCE_KERNEL_UTILITY_H_
#define VBOOT_REFERENCE_KERNEL_UTILITY_H_
#include <string>
extern "C" {
#include "kernel_image.h"
}
struct RSAPublicKey;
namespace vboot_reference {
// A class for handling verified boot kernel images.
class KernelUtility {
public:
KernelUtility();
~KernelUtility();
// Print usage to stderr.
void PrintUsage(void);
// Parse command line options and populate data members.
// Return true on success, false on failure.
bool ParseCmdLineOptions(int argc, char* argv[]);
// Print description of a verified boot kernel image.
void DescribeSignedImage();
// Generate a verified boot image by reading kernel data from in_file_.
// Return true on success, false on failure.
bool GenerateSignedImage();
// Verify a previously generated signed firmware image using the key read
// from [firmware_key_pub_file_].
bool VerifySignedImage();
// Output the verified boot kernel image to out_file_.
void OutputSignedImage();
bool is_generate() { return is_generate_; }
bool is_verify() { return is_verify_; }
bool is_describe() { return is_describe_; }
private:
// Check if all options were specified and sane.
// Return true on success, false on failure.
bool CheckOptions();
KernelImage* image_;
RSAPublicKey* firmware_key_pub_; // Root key used for verification.
std::string firmware_key_file_; // Private key for signing the kernel key.
std::string firmware_key_pub_file_;
std::string kernel_key_file_; // Private key for signing the kernel.
std::string kernel_key_pub_file_;
// Fields of a KernelImage. (read from the command line).
int header_version_;
int firmware_sign_algorithm_;
int kernel_sign_algorithm_;
int kernel_key_version_;
int kernel_version_;
uint64_t kernel_len_;
uint8_t* kernel_config_;
std::string in_file_;
std::string out_file_;
bool is_generate_; // Are we generating a new image?
bool is_verify_; // Are we just verifying an already signed image?
bool is_describe_; // Should we print out description of the image?
bool is_only_vblock_; // Show we just output the verification block?
};
} // namespace vboot_reference
#endif // VBOOT_REFERENCE_FIRMWARE_UTILITY_H_
Reference in New Issue View Git Blame Copy Permalink