| /* |
| * Copyright (C) 2017 The Android Open Source Project |
| * |
| * Permission is hereby granted, free of charge, to any person |
| * obtaining a copy of this software and associated documentation |
| * files (the "Software"), to deal in the Software without |
| * restriction, including without limitation the rights to use, copy, |
| * modify, merge, publish, distribute, sublicense, and/or sell copies |
| * of the Software, and to permit persons to whom the Software is |
| * furnished to do so, subject to the following conditions: |
| * |
| * The above copyright notice and this permission notice shall be |
| * included in all copies or substantial portions of the Software. |
| * |
| * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, |
| * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF |
| * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND |
| * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS |
| * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
| * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN |
| * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
| * SOFTWARE. |
| */ |
| |
| #ifndef AVB_ATX_SLOT_VERIFY_H_ |
| #define AVB_ATX_SLOT_VERIFY_H_ |
| |
| #include <libavb_atx/libavb_atx.h> |
| |
| #ifdef __cplusplus |
| extern "C" { |
| #endif |
| |
| typedef enum { |
| AVB_ATX_LOCKED, |
| AVB_ATX_UNLOCKED, |
| } AvbAtxLockState; |
| |
| typedef enum { |
| AVB_ATX_SLOT_MARKED_SUCCESSFUL, |
| AVB_ATX_SLOT_NOT_MARKED_SUCCESSFUL, |
| } AvbAtxSlotState; |
| |
| typedef enum { |
| AVB_ATX_OEM_DATA_USED, |
| AVB_ATX_OEM_DATA_NOT_USED, |
| } AvbAtxOemDataState; |
| |
| /* Performs a full verification of the slot identified by |ab_suffix|. If |
| * |lock_state| indicates verified boot is unlocked then verification errors |
| * will be allowed (see AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR for more |
| * details. |
| * |
| * If |slot_state| indicates the slot identified by |ab_suffix| has been marked |
| * successful then minimum rollback index values will be bumped to match the |
| * values in the verified slot (on success). |
| * |
| * If |oem_data_state| indicates that OEM-specific data is not being used, then |
| * verification of the 'oem_bootloader' partition will be skipped and it will |
| * not be represented in |out_data|. |
| * |
| * The semantics of |out_data| are the same as for avb_slot_verify(). |
| * |
| * On success, an Android Things |vbh_extension| is populated. This value must |
| * be extended into the Verified Boot Hash value accumulated from earlier boot |
| * stages. |
| * |
| * All of the function pointers in |ops| must be valid except for |
| * set_key_version, which will be ignored and may be NULL. |
| */ |
| AvbSlotVerifyResult avb_atx_slot_verify( |
| AvbAtxOps* ops, |
| const char* ab_suffix, |
| AvbAtxLockState lock_state, |
| AvbAtxSlotState slot_state, |
| AvbAtxOemDataState oem_data_state, |
| AvbSlotVerifyData** verify_data, |
| uint8_t vbh_extension[AVB_SHA256_DIGEST_SIZE]); |
| |
| #ifdef __cplusplus |
| } |
| #endif |
| |
| #endif /* AVB_SLOT_VERIFY_H_ */ |