diff options
| author | Daisuke Nojiri <dnojiri@chromium.org> | 2016-05-06 12:32:38 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-06-22 20:01:58 -0700 |
| commit | 7931177cc35f5dcd2505e1efa448511ba8a0b3b1 (patch) | |
| tree | 1fbfb4397bfecffca574c79ef6f095640b3e0080 /firmware/bdb/bdb_api.h | |
| parent | 05cd8ce75f97a76c4ef155734d191cd275bac231 (diff) | |
| download | vboot-7931177cc35f5dcd2505e1efa448511ba8a0b3b1.tar.gz | |
bdb: Add vba_update_buc
vba_update_buc writes a BUC (boot unlock code) to NVM-RW. It will be called
by AP-RW to update a BUC.
BUG=chrome-os-partner:51907
BRANCH=tot
TEST=make runtests
Change-Id: Ic91f34b60b11ebce948bce01993ddb44519a59b8
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/346233
Diffstat (limited to 'firmware/bdb/bdb_api.h')
| -rw-r--r-- | firmware/bdb/bdb_api.h | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/firmware/bdb/bdb_api.h b/firmware/bdb/bdb_api.h index 9979824e..7ef935c0 100644 --- a/firmware/bdb/bdb_api.h +++ b/firmware/bdb/bdb_api.h @@ -68,6 +68,15 @@ int vba_update_kernel_version(struct vba_context *ctx, uint32_t kernel_version); /** + * Write new boot unlock code to NVM-RW + * + * @param ctx + * @param new_buc New BUC to be written + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vba_update_buc(struct vba_context *ctx, uint8_t *new_buc); + +/** * Get vboot register value * * Implemented by each chip @@ -119,4 +128,28 @@ int vbe_read_nvm(enum nvm_type type, uint8_t *buf, uint32_t size); */ int vbe_write_nvm(enum nvm_type type, void *buf, uint32_t size); +/** + * Encrypt data by AES-256 + * + * @param msg Message to be encrypted + * @param len Length of <msg> in bytes + * @param key Key used for encryption + * @param out Buffer where encrypted message is stored + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vbe_aes256_encrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, + uint8_t *out); + +/** + * Decrypt data by AES-256 + * + * @param msg Message to be decrypted + * @param len Length of <msg> in bytes + * @param key Key used for decryption + * @param out Buffer where decrypted message is stored + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vbe_aes256_decrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, + uint8_t *out); + #endif |