vboot2: Split keyblock checking and signature validation

This is necessary for the next change, which adds keyblock hash checking.

Also clean up some other assorted comments, and move the diagnostic
check of root key to see if it's the checked-in one earlier in
firmware preamble validation so it's closer to where the root key is
loaded.

No functional or higher-level API changes; just shuffling around code
under the covers.

BUG=chromium:487699
BRANCH=none
TEST=make -j runtests

Change-Id: Ibc3960a4d882dc2ad8684e235db4b9d066eac080
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/272223
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

1 files changed, 17 insertions, 1 deletions

diff --git a/firmware/lib20/include/vb2_common.h b/firmware/lib20/include/vb2_common.h
index a71cfe6c..be891ca9 100644
--- a/firmware/lib20/include/vb2_common.h
+++ b/firmware/lib20/include/vb2_common.h
@@ -124,7 +124,23 @@ int vb2_verify_data(const uint8_t *data,
 		    const struct vb2_workbuf *wb);
 
 /**
- * Check the sanity of a key block using a public key.
+ * Check the sanity of a key block structure.
+ *
+ * Verifies all the header fields.  Does not verify key index or key block
+ * flags.  Should be called before verifying the key block data itself using
+ * the key.  (This function does not itself verify the signature - just that
+ * the right amount of data is claimed to be signed.)
+ *
+ * @param block		Key block to verify
+ * @param size		Size of key block buffer
+ * @param sig		Which signature inside the keyblock to use
+ */
+int vb2_check_keyblock(const struct vb2_keyblock *block,
+		       uint32_t size,
+		       const struct vb2_signature *sig);
+
+/**
+ * Verify a key block using a public key.
  *
  * Header fields are also checked for sanity.  Does not verify key index or key
  * block flags.  Signature inside block is destroyed during check.