diff options
Diffstat (limited to 'firmware/bdb/bdb.h')
-rw-r--r-- | firmware/bdb/bdb.h | 181 |
1 files changed, 181 insertions, 0 deletions
diff --git a/firmware/bdb/bdb.h b/firmware/bdb/bdb.h new file mode 100644 index 00000000..177deeae --- /dev/null +++ b/firmware/bdb/bdb.h @@ -0,0 +1,181 @@ +/* Copyright (c) 2015 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Boot descriptor block firmware functions + */ + +#ifndef VBOOT_REFERENCE_BDB_H_ +#define VBOOT_REFERENCE_BDB_H_ + +#include <stdlib.h> +#include "bdb_struct.h" + +/*****************************************************************************/ +/* +Expected calling sequence: + +Load and check just the header +bdb_check_header(buf, size); + +Load and verify the entire BDB +bdb_verify(buf, size, bdb_key_hash, dev_mode_flag); + +Check RW subkey version. If normal boot from primary BDB, roll forward + +Check data version. If normal boot from primary BDB, roll forward +*/ + +/*****************************************************************************/ +/* Codes for functions returning numeric error codes */ + +enum bdb_return_code { + /* Success */ + BDB_SUCCESS = 0, + + /* BDB key did not match hash, but other than that the BDB was + * fully verified. */ + BDB_GOOD_OTHER_THAN_KEY = 1, + + /* Other errors */ + BDB_ERROR_UNKNOWN = 100, + + /* Buffer size too small or wraps around */ + BDB_ERROR_BUF_SIZE, + + /* Bad fields in structures */ + BDB_ERROR_STRUCT_MAGIC, + BDB_ERROR_STRUCT_VERSION, + BDB_ERROR_STRUCT_SIZE, + BDB_ERROR_SIGNED_SIZE, + BDB_ERROR_BDB_SIZE, + BDB_ERROR_OEM_AREA_SIZE, + BDB_ERROR_HASH_ENTRY_SIZE, + BDB_ERROR_HASH_ALG, + BDB_ERROR_SIG_ALG, + BDB_ERROR_DESCRIPTION, + + /* Bad components of BDB in bdb_verify() */ + BDB_ERROR_HEADER, + BDB_ERROR_BDBKEY, + BDB_ERROR_OEM_AREA_0, + BDB_ERROR_SUBKEY, + BDB_ERROR_BDB_SIGNED_SIZE, + BDB_ERROR_HEADER_SIG, + BDB_ERROR_DATA, + BDB_ERROR_DATA_SIG, + + /* Other errors in bdb_verify() */ + BDB_ERROR_DIGEST, /* Error calculating digest */ + BDB_ERROR_VERIFY_SIG, /* Error verifying signature */ +}; + +/*****************************************************************************/ +/* Functions */ + +/** + * Sanity-check BDB structures. + * + * This checks for known version numbers, magic numbers, algorithms, etc. and + * ensures the sizes are consistent with those parameters. + * + * @param p Pointer to structure to check + * @param size Size of structure buffer + * @return 0 if success, non-zero error code if error. + */ +int bdb_check_header(const struct bdb_header *p, size_t size); +int bdb_check_key(const struct bdb_key *p, size_t size); +int bdb_check_sig(const struct bdb_sig *p, size_t size); +int bdb_check_data(const struct bdb_data *p, size_t size); + +/** + * Verify the entire BDB + * + * @param buf Data to hash + * @param size Size of data in bytes + * @param bdb_key_digest Pointer to expected digest for BDB key. + * Must be BDB_SHA256_DIGEST_SIZE bytes long. + * + * @return 0 if success, non-zero error code if error. Note that error code + * BDB_GOOD_OTHER_THAN_KEY may still indicate an acceptable BDB if the Boot + * Verified fuse has not been set, or in developer mode. + */ +int bdb_verify(const void *buf, size_t size, const uint8_t *bdb_key_digest); + +/** + * Functions to extract things from a verified BDB buffer. + * + * Do not call these externally until after bdb_verify()! These methods + * assume data structures have already been verified. + * + * @param buf Pointer to BDB buffer + * @param type Data type, for bdb_get_hash() + * @return A pointer to the requested data, or NULL if error / not present. + */ +const struct bdb_header *bdb_get_header(const void *buf); +const struct bdb_key *bdb_get_bdbkey(const void *buf); +const void *bdb_get_oem_area_0(const void *buf); +const struct bdb_key *bdb_get_subkey(const void *buf); +const struct bdb_sig *bdb_get_header_sig(const void *buf); +const struct bdb_data *bdb_get_data(const void *buf); +const void *bdb_get_oem_area_1(const void *buf); +const struct bdb_hash *bdb_get_hash(const void *buf, enum bdb_data_type type); +const struct bdb_sig *bdb_get_data_sig(const void *buf); + +/*****************************************************************************/ +/* Functions probably provided by the caller */ + +/** + * Calculate a SHA-256 digest of a buffer. + * + * @param digest Pointer to the digest buffer. Must be + * BDB_SHA256_DIGEST_SIZE bytes long. + * @param buf Data to hash + * @param size Size of data in bytes + * @return 0 if success, non-zero error code if error. + */ +__attribute__((weak)) +int bdb_sha256(void *digest, const void *buf, size_t size); + +/** + * Verify a RSA-4096 signed digest + * + * @param key_data Key data to use (BDB_RSA4096_KEY_DATA_SIZE bytes) + * @param sig_data Signature to verify (BDB_RSA4096_SIG_SIZE bytes) + * @param digest Digest of signed data (BDB_SHA256_DIGEST bytes) + * @return 0 if success, non-zero error code if error. + */ +__attribute__((weak)) +int bdb_rsa4096_verify(const uint8_t *key_data, + const uint8_t *sig, + const uint8_t *digest); + +/** + * Verify a RSA-3072B signed digest + * + * @param key_data Key data to use (BDB_RSA3072B_KEY_DATA_SIZE bytes) + * @param sig_data Signature to verify (BDB_RSA3072B_SIG_SIZE bytes) + * @param digest Digest of signed data (BDB_SHA256_DIGEST bytes) + * @return 0 if success, non-zero error code if error. + */ +__attribute__((weak)) +int bdb_rsa3072b_verify(const uint8_t *key_data, + const uint8_t *sig, + const uint8_t *digest); + +/** + * Verify a ECDSA-521 signed digest + * + * @param key_data Key data to use (BDB_ECDSA521_KEY_DATA_SIZE bytes) + * @param sig_data Signature to verify (BDB_ECDSA521_SIG_SIZE bytes) + * @param digest Digest of signed data (BDB_SHA256_DIGEST bytes) + * @return 0 if success, non-zero error code if error. + */ +__attribute__((weak)) +int bdb_ecdsa521_verify(const uint8_t *key_data, + const uint8_t *sig, + const uint8_t *digest); + +/*****************************************************************************/ + +#endif /* VBOOT_REFERENCE_BDB_H_ */ |