OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Data structure and API definitions for a verified boot kernel image. | 5 * Data structure and API definitions for a verified boot kernel image. |
6 * (Firmware Portion) | 6 * (Firmware Portion) |
7 */ | 7 */ |
8 | 8 |
9 #ifndef VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ | 9 #ifndef VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ |
10 #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ | 10 #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ |
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
125 * using the firmware public key [firmware_key_blob]. If [dev_mode] is 1 | 125 * using the firmware public key [firmware_key_blob]. If [dev_mode] is 1 |
126 * (active), then key header verification is skipped. | 126 * (active), then key header verification is skipped. |
127 * | 127 * |
128 * On success, fills in the fields of image with the kernel header and | 128 * On success, fills in the fields of image with the kernel header and |
129 * preamble fields. | 129 * preamble fields. |
130 * | 130 * |
131 * Note that pointers in the image point directly into the input | 131 * Note that pointers in the image point directly into the input |
132 * kernel_header_blob. image->kernel_data is set to NULL, since it's not | 132 * kernel_header_blob. image->kernel_data is set to NULL, since it's not |
133 * part of the header and preamble data itself. | 133 * part of the header and preamble data itself. |
134 * | 134 * |
135 * The signing key to use for kernel data verification is returned in | 135 * On success, the signing key to use for kernel data verification is |
136 * [kernel_sign_key], This must be free-d explicitly by the caller after use. | 136 * returned in [kernel_sign_key], This must be free-d explicitly by |
| 137 * the caller after use. On failure, the signing key is set to NULL. |
137 * | 138 * |
138 * Returns 0 on success, error code on failure. | 139 * Returns 0 on success, error code on failure. |
139 */ | 140 */ |
140 int VerifyKernelHeader(const uint8_t* firmware_key_blob, | 141 int VerifyKernelHeader(const uint8_t* firmware_key_blob, |
141 const uint8_t* kernel_header_blob, | 142 const uint8_t* kernel_header_blob, |
142 uint64_t kernel_header_blob_len, | 143 uint64_t kernel_header_blob_len, |
143 const int dev_mode, | 144 const int dev_mode, |
144 KernelImage* image, | 145 KernelImage* image, |
145 RSAPublicKey** kernel_sign_key); | 146 RSAPublicKey** kernel_sign_key); |
146 | 147 |
(...skipping 11 matching lines...) Expand all Loading... |
158 */ | 159 */ |
159 int VerifyKernel(const uint8_t* signing_key_blob, | 160 int VerifyKernel(const uint8_t* signing_key_blob, |
160 const uint8_t* kernel_blob, | 161 const uint8_t* kernel_blob, |
161 const int dev_mode); | 162 const int dev_mode); |
162 | 163 |
163 /* Returns the logical version of a kernel blob which is calculated as | 164 /* Returns the logical version of a kernel blob which is calculated as |
164 * (kernel_key_version << 16 | kernel_version). */ | 165 * (kernel_key_version << 16 | kernel_version). */ |
165 uint32_t GetLogicalKernelVersion(uint8_t* kernel_blob); | 166 uint32_t GetLogicalKernelVersion(uint8_t* kernel_blob); |
166 | 167 |
167 #endif /* VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ */ | 168 #endif /* VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ */ |
OLD | NEW |