OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 * | 4 * |
5 * Data structure definitions for verified boot, for on-disk / in-eeprom | 5 * Data structure definitions for verified boot, for on-disk / in-eeprom |
6 * data. | 6 * data. |
7 */ | 7 */ |
8 | 8 |
9 #ifndef VBOOT_REFERENCE_VBOOT_STRUCT_H_ | 9 #ifndef VBOOT_REFERENCE_VBOOT_STRUCT_H_ |
10 #define VBOOT_REFERENCE_VBOOT_STRUCT_H_ | 10 #define VBOOT_REFERENCE_VBOOT_STRUCT_H_ |
11 | 11 |
12 #include <stdint.h> | 12 #include <stdint.h> |
13 | 13 |
14 | 14 |
15 /* Public key data */ | 15 /* Public key data */ |
16 typedef struct VbPublicKey { | 16 typedef struct VbPublicKey { |
17 uint64_t key_offset; /* Offset of key data from start of this struct */ | 17 uint64_t key_offset; /* Offset of key data from start of this struct */ |
18 uint64_t key_size; /* Size of key data in bytes (NOT strength of key | 18 uint64_t key_size; /* Size of key data in bytes (NOT strength of key |
19 * in bits) */ | 19 * in bits) */ |
20 uint64_t algorithm; /* Signature algorithm used by the key */ | 20 uint64_t algorithm; /* Signature algorithm used by the key */ |
21 uint64_t key_version; /* Key version */ | 21 uint64_t key_version; /* Key version */ |
22 } VbPublicKey; | 22 } __attribute__((packed)) VbPublicKey; |
23 | 23 |
24 | 24 |
25 /* Signature data (a secure hash, possibly signed) */ | 25 /* Signature data (a secure hash, possibly signed) */ |
26 typedef struct VbSignature { | 26 typedef struct VbSignature { |
27 uint64_t sig_offset; /* Offset of signature data from start of this | 27 uint64_t sig_offset; /* Offset of signature data from start of this |
28 * struct */ | 28 * struct */ |
29 uint64_t sig_size; /* Size of signature data in bytes */ | 29 uint64_t sig_size; /* Size of signature data in bytes */ |
30 uint64_t data_size; /* Size of the data block which was signed in bytes */ | 30 uint64_t data_size; /* Size of the data block which was signed in bytes */ |
31 } VbSignature; | 31 } __attribute__((packed)) VbSignature; |
32 | 32 |
33 | 33 |
34 #define KEY_BLOCK_MAGIC "CHROMEOS" | 34 #define KEY_BLOCK_MAGIC "CHROMEOS" |
35 #define KEY_BLOCK_MAGIC_SIZE 8 | 35 #define KEY_BLOCK_MAGIC_SIZE 8 |
36 | 36 |
37 #define KEY_BLOCK_HEADER_VERSION_MAJOR 2 | 37 #define KEY_BLOCK_HEADER_VERSION_MAJOR 2 |
38 #define KEY_BLOCK_HEADER_VERSION_MINOR 1 | 38 #define KEY_BLOCK_HEADER_VERSION_MINOR 1 |
39 | 39 |
40 /* Flags for key_block_flags */ | 40 /* Flags for key_block_flags */ |
41 /* The following flags set where the key is valid */ | 41 /* The following flags set where the key is valid */ |
(...skipping 12 matching lines...) Expand all Loading... |
54 * including keys, signatures, and | 54 * including keys, signatures, and |
55 * padding, in bytes */ | 55 * padding, in bytes */ |
56 VbSignature key_block_signature; /* Signature for this key block | 56 VbSignature key_block_signature; /* Signature for this key block |
57 * (header + data pointed to by data_key) | 57 * (header + data pointed to by data_key) |
58 * For use with signed data keys*/ | 58 * For use with signed data keys*/ |
59 VbSignature key_block_checksum; /* SHA-512 checksum for this key block | 59 VbSignature key_block_checksum; /* SHA-512 checksum for this key block |
60 * (header + data pointed to by data_key) | 60 * (header + data pointed to by data_key) |
61 * For use with unsigned data keys */ | 61 * For use with unsigned data keys */ |
62 uint64_t key_block_flags; /* Flags for key (KEY_BLOCK_FLAG_*) */ | 62 uint64_t key_block_flags; /* Flags for key (KEY_BLOCK_FLAG_*) */ |
63 VbPublicKey data_key; /* Key to verify the chunk of data */ | 63 VbPublicKey data_key; /* Key to verify the chunk of data */ |
64 } VbKeyBlockHeader; | 64 } __attribute__((packed)) VbKeyBlockHeader; |
65 /* This should be followed by: | 65 /* This should be followed by: |
66 * 1) The data_key key data, pointed to by data_key.key_offset. | 66 * 1) The data_key key data, pointed to by data_key.key_offset. |
67 * 2) The checksum data for (VBKeyBlockHeader + data_key data), pointed to | 67 * 2) The checksum data for (VBKeyBlockHeader + data_key data), pointed to |
68 * by key_block_checksum.sig_offset. | 68 * by key_block_checksum.sig_offset. |
69 * 3) The signature data for (VBKeyBlockHeader + data_key data), pointed to | 69 * 3) The signature data for (VBKeyBlockHeader + data_key data), pointed to |
70 * by key_block_signature.sig_offset. */ | 70 * by key_block_signature.sig_offset. */ |
71 | 71 |
72 | 72 |
73 #define FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR 2 | 73 #define FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR 2 |
74 #define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 0 | 74 #define FIRMWARE_PREAMBLE_HEADER_VERSION_MINOR 0 |
75 | 75 |
76 /* Preamble block for rewritable firmware */ | 76 /* Preamble block for rewritable firmware */ |
77 typedef struct VbFirmwarePreambleHeader { | 77 typedef struct VbFirmwarePreambleHeader { |
78 uint64_t preamble_size; /* Size of this preamble, including keys, | 78 uint64_t preamble_size; /* Size of this preamble, including keys, |
79 * signatures, and padding, in bytes */ | 79 * signatures, and padding, in bytes */ |
80 VbSignature preamble_signature; /* Signature for this preamble | 80 VbSignature preamble_signature; /* Signature for this preamble |
81 * (header + kernel subkey + | 81 * (header + kernel subkey + |
82 * body signature) */ | 82 * body signature) */ |
83 uint32_t header_version_major; /* Version of this header format */ | 83 uint32_t header_version_major; /* Version of this header format */ |
84 uint32_t header_version_minor; /* Version of this header format */ | 84 uint32_t header_version_minor; /* Version of this header format */ |
85 | 85 |
86 uint64_t firmware_version; /* Firmware version */ | 86 uint64_t firmware_version; /* Firmware version */ |
87 VbPublicKey kernel_subkey; /* Key to verify kernel key block */ | 87 VbPublicKey kernel_subkey; /* Key to verify kernel key block */ |
88 VbSignature body_signature; /* Signature for the firmware body */ | 88 VbSignature body_signature; /* Signature for the firmware body */ |
89 } VbFirmwarePreambleHeader; | 89 } __attribute__((packed)) VbFirmwarePreambleHeader; |
90 /* This should be followed by: | 90 /* This should be followed by: |
91 * 1) The kernel_subkey key data, pointed to by kernel_subkey.key_offset. | 91 * 1) The kernel_subkey key data, pointed to by kernel_subkey.key_offset. |
92 * 2) The signature data for the firmware body, pointed to by | 92 * 2) The signature data for the firmware body, pointed to by |
93 * body_signature.sig_offset. | 93 * body_signature.sig_offset. |
94 * 3) The signature data for (VBFirmwarePreambleHeader + kernel_subkey data | 94 * 3) The signature data for (VBFirmwarePreambleHeader + kernel_subkey data |
95 * + body signature data), pointed to by | 95 * + body signature data), pointed to by |
96 * preamble_signature.sig_offset. */ | 96 * preamble_signature.sig_offset. */ |
97 | 97 |
98 | 98 |
99 #define KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2 | 99 #define KERNEL_PREAMBLE_HEADER_VERSION_MAJOR 2 |
100 #define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 0 | 100 #define KERNEL_PREAMBLE_HEADER_VERSION_MINOR 0 |
101 | 101 |
102 /* Preamble block for kernel */ | 102 /* Preamble block for kernel */ |
103 typedef struct VbKernelPreambleHeader { | 103 typedef struct VbKernelPreambleHeader { |
104 uint64_t preamble_size; /* Size of this preamble, including keys, | 104 uint64_t preamble_size; /* Size of this preamble, including keys, |
105 * signatures, and padding, in bytes */ | 105 * signatures, and padding, in bytes */ |
106 VbSignature preamble_signature; /* Signature for this preamble | 106 VbSignature preamble_signature; /* Signature for this preamble |
107 * (header + body signature) */ | 107 * (header + body signature) */ |
108 uint32_t header_version_major; /* Version of this header format */ | 108 uint32_t header_version_major; /* Version of this header format */ |
109 uint32_t header_version_minor; /* Version of this header format */ | 109 uint32_t header_version_minor; /* Version of this header format */ |
110 | 110 |
111 uint64_t kernel_version; /* Kernel version */ | 111 uint64_t kernel_version; /* Kernel version */ |
112 uint64_t body_load_address; /* Load address for kernel body */ | 112 uint64_t body_load_address; /* Load address for kernel body */ |
113 uint64_t bootloader_address; /* Address of bootloader, after body is | 113 uint64_t bootloader_address; /* Address of bootloader, after body is |
114 * loaded at body_load_address */ | 114 * loaded at body_load_address */ |
115 uint64_t bootloader_size; /* Size of bootloader in bytes */ | 115 uint64_t bootloader_size; /* Size of bootloader in bytes */ |
116 VbSignature body_signature; /* Signature for the kernel body */ | 116 VbSignature body_signature; /* Signature for the kernel body */ |
117 } VbKernelPreambleHeader; | 117 } __attribute__((packed)) VbKernelPreambleHeader; |
118 /* This should be followed by: | 118 /* This should be followed by: |
119 * 2) The signature data for the kernel body, pointed to by | 119 * 2) The signature data for the kernel body, pointed to by |
120 * body_signature.sig_offset. | 120 * body_signature.sig_offset. |
121 * 3) The signature data for (VBFirmwarePreambleHeader + body signature | 121 * 3) The signature data for (VBFirmwarePreambleHeader + body signature |
122 * data), pointed to by preamble_signature.sig_offset. */ | 122 * data), pointed to by preamble_signature.sig_offset. */ |
123 | 123 |
124 #endif /* VBOOT_REFERENCE_VBOOT_STRUCT_H_ */ | 124 #endif /* VBOOT_REFERENCE_VBOOT_STRUCT_H_ */ |
OLD | NEW |