Change VerifyFirmware() to take separate pointers to firmware verification header and firmware data.

src/platform/vboot_reference/vfirmware/include/firmware_image_fw.h

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Data structure and API definitions for a verified boot firmware image.
  * (Firmware Portion)
  */
 
 #ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
 #define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
@@ skipping 70 matching lines @@
  *
  * On success, put firmware length into [firmware_len], and return 0.
  * Else, return error code on failure.
  */
 int VerifyFirmwarePreamble(RSAPublicKey* sign_key,
                            const uint8_t* preamble_blob,
                            int algorithm,
                            uint64_t* firmware_len);
 
 /* Checks the signature on the preamble + firmware data at
- * [preamble_start] and [firmware_data_start].
+ * [preamble_start] and [firmware_data].
  * The length of the actual firmware data is firmware_len and it is assumed to
  * be prepended with the signature whose size depends on the signature_algorithm
  * [algorithm]. This signature also covers the preamble data (but not the
  * preamble signature itself).
  *
  * Return 0 on success, error code on failure.
  */
 int VerifyFirmwareData(RSAPublicKey* sign_key,
                        const uint8_t* preamble_start,
-                       const uint8_t* firmware_data_start,
+                       const uint8_t* firmware_data,
                        uint64_t firmware_len,
                        int algorithm);
 
-/* Performs a chained verify of the firmware blob [firmware_blob].
+/* Performs a chained verify of the firmware blob [firmware_blob], using root
+ * key [root_key] and verification header [verification_header_blob].
  *
  * Returns 0 on success, error code on failure.
  *
  * NOTE: The length of the firmware blob is derived from reading the fields
- * in the first few bytes of the buffer. This might look risky but in firmware
- * land, the start address of the firmware_blob will always be fixed depending
- * on the memory map on the particular platform. In addition, the signature on
- * length itself is checked early in the verification process for extra safety.
+ * in the first few bytes of the verification header. This might look risky but
+ * in firmware land, the start address of the firmware_blob will always be fixed
+ * depending on the memory map on the particular platform. In addition, the
+ * signature on length itself is checked early in the verification process for
+ * extra safety.
  */
 int VerifyFirmware(const uint8_t* root_key_blob,
+                   const uint8_t* verification_header_blob,
                    const uint8_t* firmware_blob);
 
 /* Returns the logical version of a firmware blob which is calculated as
  * (firmware_key_version << 16 | firmware_version). */
 uint32_t GetLogicalFirmwareVersion(uint8_t* firmware_blob);
 
 #define  BOOT_FIRMWARE_A_CONTINUE 1
 #define  BOOT_FIRMWARE_B_CONTINUE 2
 #define  BOOT_FIRMWARE_RECOVERY_CONTINUE 3
 
 /* This function is the driver used by the RO firmware to
  * determine which copy of the firmware to boot from. It performs
  * the requisite rollback index checking, including updating them,
  * if required.
  *
  * Returns the code path to follow. It is one of:
  * BOOT_FIRMWARE_A_CONTINUE          Boot from Firmware A
  * BOOT_FIRMWARE_B_CONTINUE          Boot from Firmware B
  * BOOT_FIRMWARE_RECOVERY_CONTINUE   Jump to recovery mode
  */
 int VerifyFirmwareDriver_f(uint8_t* root_key_blob,
+                           uint8_t* verification_headerA,
                            uint8_t* firmwareA,
+                           uint8_t* verification_headerB,
                            uint8_t* firmwareB);
 
-
 #endif  /* VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ */