Vboot reference: A basic user-land verified boot firmware signing and verification utility.

src/platform/vboot_reference/include/firmware_image.h

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Data structure and API definitions for a verified boot firmware image.
  */
 
 #ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_H_
 #define VBOOT_REFERENCE_FIRMWARE_IMAGE_H_
 
@@ skipping 35 matching lines @@
   uint8_t* firmware_data;  /* Rest of firmware data */
 
 } FirmwareImage;
 
 /* Allocate and return a new FirmwareImage structure. */
 FirmwareImage* FirmwareImageNew(void);
 
 /* Deep free the contents of [fw]. */
 void FirmwareImageFree(FirmwareImage* fw);
 
-/* Read firmware data from file named [input_file] into [image].
+/* Read firmware data from file named [input_file]..
  *
- * Returns a filled up FirmwareImage on success, NULL on error.
+ * Returns a filled up FirmwareImage structure on success, NULL on error.
  */
-FirmwareImage* ReadFirmwareImage(const char* input_file,
-                                 FirmwareImage* image);
+FirmwareImage* ReadFirmwareImage(const char* input_file);
 
 /* Write firmware header from [image] to an open file pointed by the
  * file descriptor [fd].
  */
 void WriteFirmwareHeader(int fd, FirmwareImage* image);
 
 /* Write firmware preamble from [image] to an open file pointed by the
  * file descriptor [fd].
  */
 void WriteFirmwarePreamble(int fd, FirmwareImage* image);
@@ skipping 14 matching lines @@
 /* Error Codes for VerifyFirmware* family of functions. */
 #define VERIFY_FIRMWARE_SUCCESS 0
 #define VERIFY_FIRMWARE_INVALID_IMAGE 1
 #define VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED 2
 #define VERIFY_FIRMWARE_INVALID_ALGORITHM 3
 #define VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED 4
 #define VERIFY_FIRMWARE_SIGNATURE_FAILED 5
 #define VERIFY_FIRMWARE_WRONG_MAGIC 6
 #define VERIFY_FIRMWARE_MAX 7  /* Generic catch-all. */
 
-char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX];
+extern char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX];
 
 /* Checks for the sanity of the firmware header pointed by [header_blob].
  * If [dev_mode] is enabled, also checks the root key signature using the
  * pre-processed public root key [root_key_blob].
  *
  * On success, put signature algorithm in [algorithm], header length
  * in [header_len], and return 0.
  * Else, return error code on failure.
  */
 int VerifyFirmwareHeader(const uint8_t* root_key_blob,
@@ skipping 46 matching lines @@
  * 0 (inactive), then the [root_key] is used to verify the signature of
  * the signing key, else the check is skipped.
  *
  * Returns 0 on success, error code on failure.
  */
 int VerifyFirmwareImage(const RSAPublicKey* root_key,
                         const FirmwareImage* image,
                         const int dev_mode);
 
 /* Maps error codes from VerifyFirmware() to error description. */
-char* VerifyErrorString(int error);
+const char* VerifyFirmwareErrorString(int error);
 
 /* Add a root key signature to the key header to a firmware image [image]
  * using the private root key in file [root_key_file].
  *
  * Return 1 on success, 0 on failure.
  */
-int AddKeySignature(FirmwareImage* image, char* root_key_file);
+int AddFirmwareKeySignature(FirmwareImage* image, const char* root_key_file);
 
 /* Add firmware and preamble signature to a firmware image [image]
  * using the private signing key in file [signing_key_file].
  *
  * Return 1 on success, 0 on failure.
  */
-int AddFirmwareSignature(FirmwareImage* image, char* signing_key_file,
+int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file,
                          int algorithm);
 
 #endif  /* VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ */