OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Data structure and API definitions for a verified boot firmware image. | 5 * Data structure and API definitions for a verified boot firmware image. |
6 */ | 6 */ |
7 | 7 |
8 #ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ | 8 #ifndef VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ |
9 #define VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ | 9 #define VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ |
10 | 10 |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
46 uint8_t* firmware_data; /* Rest of firmware data */ | 46 uint8_t* firmware_data; /* Rest of firmware data */ |
47 | 47 |
48 } FirmwareImage; | 48 } FirmwareImage; |
49 | 49 |
50 /* Allocate and return a new FirmwareImage structure. */ | 50 /* Allocate and return a new FirmwareImage structure. */ |
51 FirmwareImage* FirmwareImageNew(void); | 51 FirmwareImage* FirmwareImageNew(void); |
52 | 52 |
53 /* Deep free the contents of [fw]. */ | 53 /* Deep free the contents of [fw]. */ |
54 void FirmwareImageFree(FirmwareImage* fw); | 54 void FirmwareImageFree(FirmwareImage* fw); |
55 | 55 |
56 /* Read firmware data from file named [input_file] into [image]. | 56 /* Read firmware data from file named [input_file].. |
57 * | 57 * |
58 * Returns a filled up FirmwareImage on success, NULL on error. | 58 * Returns a filled up FirmwareImage structure on success, NULL on error. |
59 */ | 59 */ |
60 FirmwareImage* ReadFirmwareImage(const char* input_file, | 60 FirmwareImage* ReadFirmwareImage(const char* input_file); |
61 FirmwareImage* image); | |
62 | 61 |
63 /* Write firmware header from [image] to an open file pointed by the | 62 /* Write firmware header from [image] to an open file pointed by the |
64 * file descriptor [fd]. | 63 * file descriptor [fd]. |
65 */ | 64 */ |
66 void WriteFirmwareHeader(int fd, FirmwareImage* image); | 65 void WriteFirmwareHeader(int fd, FirmwareImage* image); |
67 | 66 |
68 /* Write firmware preamble from [image] to an open file pointed by the | 67 /* Write firmware preamble from [image] to an open file pointed by the |
69 * file descriptor [fd]. | 68 * file descriptor [fd]. |
70 */ | 69 */ |
71 void WriteFirmwarePreamble(int fd, FirmwareImage* image); | 70 void WriteFirmwarePreamble(int fd, FirmwareImage* image); |
(...skipping 14 matching lines...) Expand all Loading... |
86 /* Error Codes for VerifyFirmware* family of functions. */ | 85 /* Error Codes for VerifyFirmware* family of functions. */ |
87 #define VERIFY_FIRMWARE_SUCCESS 0 | 86 #define VERIFY_FIRMWARE_SUCCESS 0 |
88 #define VERIFY_FIRMWARE_INVALID_IMAGE 1 | 87 #define VERIFY_FIRMWARE_INVALID_IMAGE 1 |
89 #define VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED 2 | 88 #define VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED 2 |
90 #define VERIFY_FIRMWARE_INVALID_ALGORITHM 3 | 89 #define VERIFY_FIRMWARE_INVALID_ALGORITHM 3 |
91 #define VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED 4 | 90 #define VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED 4 |
92 #define VERIFY_FIRMWARE_SIGNATURE_FAILED 5 | 91 #define VERIFY_FIRMWARE_SIGNATURE_FAILED 5 |
93 #define VERIFY_FIRMWARE_WRONG_MAGIC 6 | 92 #define VERIFY_FIRMWARE_WRONG_MAGIC 6 |
94 #define VERIFY_FIRMWARE_MAX 7 /* Generic catch-all. */ | 93 #define VERIFY_FIRMWARE_MAX 7 /* Generic catch-all. */ |
95 | 94 |
96 char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX]; | 95 extern char* kVerifyFirmwareErrors[VERIFY_FIRMWARE_MAX]; |
97 | 96 |
98 /* Checks for the sanity of the firmware header pointed by [header_blob]. | 97 /* Checks for the sanity of the firmware header pointed by [header_blob]. |
99 * If [dev_mode] is enabled, also checks the root key signature using the | 98 * If [dev_mode] is enabled, also checks the root key signature using the |
100 * pre-processed public root key [root_key_blob]. | 99 * pre-processed public root key [root_key_blob]. |
101 * | 100 * |
102 * On success, put signature algorithm in [algorithm], header length | 101 * On success, put signature algorithm in [algorithm], header length |
103 * in [header_len], and return 0. | 102 * in [header_len], and return 0. |
104 * Else, return error code on failure. | 103 * Else, return error code on failure. |
105 */ | 104 */ |
106 int VerifyFirmwareHeader(const uint8_t* root_key_blob, | 105 int VerifyFirmwareHeader(const uint8_t* root_key_blob, |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
153 * 0 (inactive), then the [root_key] is used to verify the signature of | 152 * 0 (inactive), then the [root_key] is used to verify the signature of |
154 * the signing key, else the check is skipped. | 153 * the signing key, else the check is skipped. |
155 * | 154 * |
156 * Returns 0 on success, error code on failure. | 155 * Returns 0 on success, error code on failure. |
157 */ | 156 */ |
158 int VerifyFirmwareImage(const RSAPublicKey* root_key, | 157 int VerifyFirmwareImage(const RSAPublicKey* root_key, |
159 const FirmwareImage* image, | 158 const FirmwareImage* image, |
160 const int dev_mode); | 159 const int dev_mode); |
161 | 160 |
162 /* Maps error codes from VerifyFirmware() to error description. */ | 161 /* Maps error codes from VerifyFirmware() to error description. */ |
163 char* VerifyErrorString(int error); | 162 const char* VerifyFirmwareErrorString(int error); |
164 | 163 |
165 /* Add a root key signature to the key header to a firmware image [image] | 164 /* Add a root key signature to the key header to a firmware image [image] |
166 * using the private root key in file [root_key_file]. | 165 * using the private root key in file [root_key_file]. |
167 * | 166 * |
168 * Return 1 on success, 0 on failure. | 167 * Return 1 on success, 0 on failure. |
169 */ | 168 */ |
170 int AddKeySignature(FirmwareImage* image, char* root_key_file); | 169 int AddFirmwareKeySignature(FirmwareImage* image, const char* root_key_file); |
171 | 170 |
172 /* Add firmware and preamble signature to a firmware image [image] | 171 /* Add firmware and preamble signature to a firmware image [image] |
173 * using the private signing key in file [signing_key_file]. | 172 * using the private signing key in file [signing_key_file]. |
174 * | 173 * |
175 * Return 1 on success, 0 on failure. | 174 * Return 1 on success, 0 on failure. |
176 */ | 175 */ |
177 int AddFirmwareSignature(FirmwareImage* image, char* signing_key_file, | 176 int AddFirmwareSignature(FirmwareImage* image, const char* signing_key_file, |
178 int algorithm); | 177 int algorithm); |
179 | 178 |
180 #endif /* VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ */ | 179 #endif /* VBOOT_REFERENCE_FIRMWARE_IMAGE_H_ */ |
OLD | NEW |