OLD | NEW |
| (Empty) |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | |
2 * Use of this source code is governed by a BSD-style license that can be | |
3 * found in the LICENSE file. | |
4 * | |
5 * API definitions for a generating and manipulating verified boot kernel images
. | |
6 * (Userland portion.) | |
7 */ | |
8 | |
9 #ifndef VBOOT_REFERENCE_KERNEL_IMAGE_H_ | |
10 #define VBOOT_REFERENCE_KERNEL_IMAGE_H_ | |
11 | |
12 #include "kernel_image_fw.h" | |
13 | |
14 /* Allocate and return a new KernelImage structure. */ | |
15 KernelImage* KernelImageNew(void); | |
16 | |
17 /* Deep free the contents of [image]. */ | |
18 void KernelImageFree(KernelImage* image); | |
19 | |
20 /* Read kernel data from file named [input_file]. | |
21 * | |
22 * Returns a filled up KernelImage on success, NULL on error. | |
23 */ | |
24 KernelImage* ReadKernelImage(const char* input_file); | |
25 | |
26 /* Get the length of the header for kernel image [image]. */ | |
27 int GetKernelHeaderLen(const KernelImage* image); | |
28 | |
29 /* Calculate and store the kernel header checksum of [image] | |
30 * in [header_checksum]. | |
31 * | |
32 * [header_checksum] must be a valid pointer to a buffer of | |
33 * SHA512_DIGEST_SIZE. | |
34 */ | |
35 void CalculateKernelHeaderChecksum(const KernelImage* image, | |
36 uint8_t* header_checksum); | |
37 | |
38 /* Get kernel header binary blob from an [image]. | |
39 * | |
40 * Caller owns the returned pointer and must Free() it. | |
41 */ | |
42 uint8_t* GetKernelHeaderBlob(const KernelImage* image); | |
43 | |
44 /* Get kernel config binary blob from an [image]. | |
45 * | |
46 * Caller owns the returned pointer and must Free() it. | |
47 */ | |
48 uint8_t* GetKernelConfigBlob(const KernelImage* image); | |
49 | |
50 /* Get a verified kernel binary blob from an [image] and fill | |
51 * its length into blob_len. | |
52 * | |
53 * Caller owns the returned pointer and must Free() it. | |
54 */ | |
55 uint8_t* GetKernelBlob(const KernelImage* image, uint64_t* blob_len); | |
56 | |
57 | |
58 /* Write kernel data from [image] to a file named [input_file]. | |
59 * | |
60 * If [is_only_vblock] is non-zero, only the verification block (excluding the | |
61 * actual kernel data) is output. | |
62 * If [is_subkey_out] is non-zero, only the kernel key verification (subkey) | |
63 * header is output. | |
64 * | |
65 * Return 1 on success, 0 on error. | |
66 */ | |
67 int WriteKernelImage(const char* input_file, | |
68 const KernelImage* image, | |
69 int is_only_vblock, | |
70 int is_subkey_out); | |
71 | |
72 /* Create a kernel_data blob from its components and fill | |
73 * its length into blob_len, plus some information about the bootloader. | |
74 * | |
75 * Caller owns the returned pointer and must Free() it. | |
76 */ | |
77 uint8_t* GenerateKernelBlob(const char* vmlinuz_file, | |
78 const char* config_file, | |
79 const char* bootloader_file, | |
80 uint64_t* blob_len, | |
81 uint64_t* bootloader_offset, | |
82 uint64_t* bootloader_size); | |
83 | |
84 /* Pretty print the contents of [image]. Only headers and metadata information | |
85 * is printed. | |
86 */ | |
87 void PrintKernelImage(const KernelImage* image); | |
88 | |
89 /* Performs a chained verify of the kernel [image]. If [dev_mode] is | |
90 * 0 (inactive), then the [firmware_signing_key] is used to verify the signature | |
91 * of the signing key, else the check is skipped. | |
92 * | |
93 * Returns 0 on success, error code on failure. | |
94 */ | |
95 int VerifyKernelImage(const RSAPublicKey* firmware_signing_key, | |
96 const KernelImage* image, | |
97 int dev_mode); | |
98 | |
99 | |
100 /* Maps error codes from VerifyKernel*() to error description. */ | |
101 const char* VerifyKernelErrorString(int error); | |
102 | |
103 /* Add a kernel signing key signature to the key header to a kernel image | |
104 * [image] using the private key in file [firmware_key_file]. | |
105 * | |
106 * Return 1 on success, 0 on failure. | |
107 */ | |
108 int AddKernelKeySignature(KernelImage* image, const char* firmware_key_file); | |
109 | |
110 /* Add a kernel and kernel config signature to a kernel image [image] | |
111 * using the private signing key in file [kernel_sigining_key_file]. | |
112 * | |
113 * Return 1 on success, 0 on failure. | |
114 */ | |
115 int AddKernelSignature(KernelImage* image, | |
116 const char* kernel_sigining_key_file); | |
117 | |
118 #endif /* VBOOT_REFERENCE_KERNEL_IMAGE_H_ */ | |
OLD | NEW |