firmware/lib/include/vboot_common.h - third_party/vboot_reference - Git at Google

 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
  * Common functions between firmware and kernel verified boot.
  */

 #ifndef VBOOT_REFERENCE_VBOOT_COMMON_H_
 #define VBOOT_REFERENCE_VBOOT_COMMON_H_

 #include "cryptolib.h"
 #include "vboot_struct.h"

 /* Error Codes for all common functions. */
 enum {
   VBOOT_SUCCESS = 0,
   VBOOT_KEY_BLOCK_INVALID,    /* Key block internal structure is
                                * invalid, or not a key block */
   VBOOT_KEY_BLOCK_SIGNATURE,  /* Key block signature check failed */
   VBOOT_KEY_BLOCK_HASH,      /* Key block hash check failed */
   VBOOT_PUBLIC_KEY_INVALID,  /* Invalid public key passed to a
                               * signature verficiation function. */
   VBOOT_PREAMBLE_INVALID,    /* Preamble internal structure is
                               * invalid */
   VBOOT_PREAMBLE_SIGNATURE,  /* Preamble signature check failed */
   VBOOT_ERROR_MAX,
 };
 extern char* kVbootErrors[VBOOT_ERROR_MAX];


 /* Return offset of ptr from base. */
 uint64_t OffsetOf(const void* base, const void* ptr);


 /* Helper functions to get data pointed to by a public key or signature. */
 uint8_t* GetPublicKeyData(VbPublicKey* key);
 const uint8_t* GetPublicKeyDataC(const VbPublicKey* key);
 uint8_t* GetSignatureData(VbSignature* sig);
 const uint8_t* GetSignatureDataC(const VbSignature* sig);


 /* Helper functions to verify the data pointed to by a subfield is inside
  * the parent data.  Returns 0 if inside, 1 if error. */
 int VerifyMemberInside(const void* parent, uint64_t parent_size,
                        const void* member, uint64_t member_size,
                        uint64_t member_data_offset,
                        uint64_t member_data_size);

 int VerifyPublicKeyInside(const void* parent, uint64_t parent_size,
                           const VbPublicKey* key);

 int VerifySignatureInside(const void* parent, uint64_t parent_size,
                           const VbSignature* sig);


 /* Initialize a public key to refer to [key_data]. */
 void PublicKeyInit(VbPublicKey* key, uint8_t* key_data, uint64_t key_size);


 /* Copy a public key from [src] to [dest].
  *
  * Returns 0 if success, non-zero if error. */
 int PublicKeyCopy(VbPublicKey* dest, const VbPublicKey* src);


 /* Converts a public key to RsaPublicKey format.  The returned key must
  * be freed using RSAPublicKeyFree().
  *
  * Returns NULL if error. */
 RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key);


 /* Verifies [data] matches signature [sig] using [key].  [size] is the size
  * of the data buffer; the amount of data to be validated is contained in
  * sig->data_size. */
 int VerifyData(const uint8_t* data, uint64_t size, const VbSignature* sig,
                const RSAPublicKey* key);


 /* Verifies a secure hash digest from DigestBuf() or DigestFinal(),
  * using [key]. */
 int VerifyDigest(const uint8_t* digest, const VbSignature *sig,
                  const RSAPublicKey* key);


 /* Checks the sanity of a key block of size [size] bytes, using public
  * key [key].  If hash_only is non-zero, uses only the block checksum
  * to verify the key block.  Header fields are also checked for
  * sanity.  Does not verify key index or key block flags. */
 int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
                    const VbPublicKey *key, int hash_only);


 /* Checks the sanity of a firmware preamble of size [size] bytes,
  * using public key [key].
  *
  * Returns VBOOT_SUCCESS if successful. */
 int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble,
                            uint64_t size, const RSAPublicKey* key);


 /* Checks the sanity of a kernel preamble of size [size] bytes,
  * using public key [key].
  *
  * Returns VBOOT_SUCCESS if successful. */
 int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble,
                          uint64_t size, const RSAPublicKey* key);


 #endif  /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */
	/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
	* Use of this source code is governed by a BSD-style license that can be
	* found in the LICENSE file.
	*
	* Common functions between firmware and kernel verified boot.
	*/

	#ifndef VBOOT_REFERENCE_VBOOT_COMMON_H_
	#define VBOOT_REFERENCE_VBOOT_COMMON_H_

	#include "cryptolib.h"
	#include "vboot_struct.h"

	/* Error Codes for all common functions. */
	enum {
	VBOOT_SUCCESS = 0,
	VBOOT_KEY_BLOCK_INVALID, /* Key block internal structure is
	* invalid, or not a key block */
	VBOOT_KEY_BLOCK_SIGNATURE, /* Key block signature check failed */
	VBOOT_KEY_BLOCK_HASH, /* Key block hash check failed */
	VBOOT_PUBLIC_KEY_INVALID, /* Invalid public key passed to a
	* signature verficiation function. */
	VBOOT_PREAMBLE_INVALID, /* Preamble internal structure is
	* invalid */
	VBOOT_PREAMBLE_SIGNATURE, /* Preamble signature check failed */
	VBOOT_ERROR_MAX,
	};
	extern char* kVbootErrors[VBOOT_ERROR_MAX];


	/* Return offset of ptr from base. */
	uint64_t OffsetOf(const void* base, const void* ptr);


	/* Helper functions to get data pointed to by a public key or signature. */
	uint8_t* GetPublicKeyData(VbPublicKey* key);
	const uint8_t* GetPublicKeyDataC(const VbPublicKey* key);
	uint8_t* GetSignatureData(VbSignature* sig);
	const uint8_t* GetSignatureDataC(const VbSignature* sig);


	/* Helper functions to verify the data pointed to by a subfield is inside
	* the parent data. Returns 0 if inside, 1 if error. */
	int VerifyMemberInside(const void* parent, uint64_t parent_size,
	const void* member, uint64_t member_size,
	uint64_t member_data_offset,
	uint64_t member_data_size);

	int VerifyPublicKeyInside(const void* parent, uint64_t parent_size,
	const VbPublicKey* key);

	int VerifySignatureInside(const void* parent, uint64_t parent_size,
	const VbSignature* sig);


	/* Initialize a public key to refer to [key_data]. */
	void PublicKeyInit(VbPublicKey* key, uint8_t* key_data, uint64_t key_size);


	/* Copy a public key from [src] to [dest].
	*
	* Returns 0 if success, non-zero if error. */
	int PublicKeyCopy(VbPublicKey* dest, const VbPublicKey* src);


	/* Converts a public key to RsaPublicKey format. The returned key must
	* be freed using RSAPublicKeyFree().
	*
	* Returns NULL if error. */
	RSAPublicKey* PublicKeyToRSA(const VbPublicKey* key);


	/* Verifies [data] matches signature [sig] using [key]. [size] is the size
	* of the data buffer; the amount of data to be validated is contained in
	* sig->data_size. */
	int VerifyData(const uint8_t* data, uint64_t size, const VbSignature* sig,
	const RSAPublicKey* key);


	/* Verifies a secure hash digest from DigestBuf() or DigestFinal(),
	* using [key]. */
	int VerifyDigest(const uint8_t* digest, const VbSignature *sig,
	const RSAPublicKey* key);


	/* Checks the sanity of a key block of size [size] bytes, using public
	* key [key]. If hash_only is non-zero, uses only the block checksum
	* to verify the key block. Header fields are also checked for
	* sanity. Does not verify key index or key block flags. */
	int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
	const VbPublicKey *key, int hash_only);


	/* Checks the sanity of a firmware preamble of size [size] bytes,
	* using public key [key].
	*
	* Returns VBOOT_SUCCESS if successful. */
	int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble,
	uint64_t size, const RSAPublicKey* key);


	/* Checks the sanity of a kernel preamble of size [size] bytes,
	* using public key [key].
	*
	* Returns VBOOT_SUCCESS if successful. */
	int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble,
	uint64_t size, const RSAPublicKey* key);




	#endif /* VBOOT_REFERENCE_VBOOT_COMMON_H_ */