OLD | NEW |
(Empty) | |
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. |
| 4 * |
| 5 * Common functions between firmware and kernel verified boot. |
| 6 */ |
| 7 |
| 8 #ifndef VBOOT_REFERENCE_VBOOT_COMMON_H_ |
| 9 #define VBOOT_REFERENCE_VBOOT_COMMON_H_ |
| 10 |
| 11 #include <stdint.h> |
| 12 |
| 13 #include "cryptolib.h" |
| 14 #include "vboot_struct.h" |
| 15 |
| 16 /* Error Codes for VerifyFirmware. */ |
| 17 #define VBOOT_SUCCESS 0 |
| 18 #define VBOOT_INVALID_IMAGE 1 |
| 19 #define VBOOT_KEY_SIGNATURE_FAILED 2 |
| 20 #define VBOOT_INVALID_ALGORITHM 3 |
| 21 #define VBOOT_PREAMBLE_SIGNATURE_FAILED 4 |
| 22 #define VBOOT_SIGNATURE_FAILED 5 |
| 23 #define VBOOT_WRONG_MAGIC 6 |
| 24 #define VBOOT_ERROR_MAX 7 /* Generic catch-all. */ |
| 25 |
| 26 extern char* kVbootErrors[VBOOT_ERROR_MAX]; |
| 27 |
| 28 |
| 29 /* Return offset of ptr from base. */ |
| 30 uint64_t OffsetOf(const void* base, const void* ptr); |
| 31 |
| 32 |
| 33 /* Helper functions to get data pointed to by a public key or signature. */ |
| 34 uint8_t* GetPublicKeyData(VbPublicKey* key); |
| 35 const uint8_t* GetPublicKeyDataC(const VbPublicKey* key); |
| 36 uint8_t* GetSignatureData(VbSignature* sig); |
| 37 const uint8_t* GetSignatureDataC(const VbSignature* sig); |
| 38 |
| 39 |
| 40 /* Helper functions to verify the data pointed to by a subfield is inside |
| 41 * the parent data. Returns 0 if inside, 1 if error. */ |
| 42 int VerifyMemberInside(const void* parent, uint64_t parent_size, |
| 43 const void* member, uint64_t member_size, |
| 44 uint64_t member_data_offset, |
| 45 uint64_t member_data_size); |
| 46 |
| 47 int VerifyPublicKeyInside(const void* parent, uint64_t parent_size, |
| 48 const VbPublicKey* key); |
| 49 |
| 50 int VerifySignatureInside(const void* parent, uint64_t parent_size, |
| 51 const VbSignature* sig); |
| 52 |
| 53 |
| 54 /* Converts a public key to RsaPublicKey format. The returned key must |
| 55 * be freed using RSAPublicKeyFree(). |
| 56 * |
| 57 * Returns NULL if error. */ |
| 58 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key); |
| 59 |
| 60 |
| 61 /* Verifies [data] matches signature [sig] using [key]. */ |
| 62 int VerifyData(const uint8_t* data, const VbSignature* sig, |
| 63 const RSAPublicKey* key); |
| 64 |
| 65 |
| 66 /* Checks the sanity of a key block of size [size] bytes, using public |
| 67 * key [key]. If [key]==NULL, uses only the block checksum to verify |
| 68 * the key block. Header fields are also checked for sanity. Does not |
| 69 * verify key index or key block flags. */ |
| 70 int VerifyKeyBlock(const VbKeyBlockHeader* block, uint64_t size, |
| 71 const VbPublicKey *key); |
| 72 |
| 73 |
| 74 /* Checks the sanity of a firmware preamble of size [size] bytes, |
| 75 * using public key [key]. |
| 76 * |
| 77 * Returns VBOOT_SUCCESS if successful. */ |
| 78 int VerifyFirmwarePreamble2(const VbFirmwarePreambleHeader* preamble, |
| 79 uint64_t size, const RSAPublicKey* key); |
| 80 |
| 81 |
| 82 /* Checks the sanity of a kernel preamble of size [size] bytes, |
| 83 * using public key [key]. |
| 84 * |
| 85 * Returns VBOOT_SUCCESS if successful. */ |
| 86 int VerifyKernelPreamble2(const VbKernelPreambleHeader* preamble, |
| 87 uint64_t size, const RSAPublicKey* key); |
| 88 |
| 89 |
| 90 |
| 91 |
| 92 #endif /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */ |
OLD | NEW |