Index: src/platform/vboot_reference/include/rsa_utility.h |
diff --git a/src/platform/vboot_reference/include/rsa_utility.h b/src/platform/vboot_reference/include/rsa_utility.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..652227c34c7a350e41de90aa4fef514002d40aa5 |
--- /dev/null |
+++ b/src/platform/vboot_reference/include/rsa_utility.h |
@@ -0,0 +1,58 @@ |
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
+ * Use of this source code is governed by a BSD-style license that can be |
+ * found in the LICENSE file. |
+ * |
+ * Some utility functions for use with RSA signature verification. |
+ */ |
+ |
+#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_ |
+#define VBOOT_REFERENCE_RSA_UTILITY_H_ |
+ |
+#include "rsa.h" |
+ |
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm |
+ * [algorithm]. */ |
+int RSAProcessedKeySize(int algorithm); |
+ |
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to |
+ * NULL */ |
+RSAPublicKey* RSAPublicKeyNew(void); |
+ |
+/* Deep free the contents of [key]. */ |
+void RSAPublicKeyFree(RSAPublicKey* key); |
+ |
+/* Create a RSAPublic key structure from binary blob [buf] of length |
+ * [len]. |
+ * |
+ * Caller owns the returned key and must free it. |
+ */ |
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len); |
+ |
+/* Perform RSA signature verification on [buf] of length [len] against expected |
+ * signature [sig] using signature algorithm [algorithm]. The public key used |
+ * for verification can either be in the form of a pre-process key blob |
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must |
+ * be non-NULL, and the other NULL or the function will fail. |
+ * |
+ * Returns 1 on verification success, 0 on verification failure or invalid |
+ * arguments. |
+ * |
+ * Note: This function is for use in the firmware and assumes all pointers point |
+ * to areas in the memory of the right size. |
+ * |
+ */ |
+int RSAVerifyBinary_f(const uint8_t* key_blob, |
+ const RSAPublicKey* key, |
+ const uint8_t* buf, |
+ uint64_t len, |
+ const uint8_t* sig, |
+ int algorithm); |
+ |
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob |
+ * of data, its digest is passed as the argument. */ |
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, |
+ const RSAPublicKey* key, |
+ const uint8_t* digest, |
+ const uint8_t* sig, |
+ int algorithm); |
+#endif /* VBOOT_REFERENCE_RSA_UTILITY_H_ */ |