diff options
Diffstat (limited to 'firmware/bdb/bdb_api.h')
-rw-r--r-- | firmware/bdb/bdb_api.h | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/firmware/bdb/bdb_api.h b/firmware/bdb/bdb_api.h index 9979824e..7ef935c0 100644 --- a/firmware/bdb/bdb_api.h +++ b/firmware/bdb/bdb_api.h @@ -68,6 +68,15 @@ int vba_update_kernel_version(struct vba_context *ctx, uint32_t kernel_version); /** + * Write new boot unlock code to NVM-RW + * + * @param ctx + * @param new_buc New BUC to be written + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vba_update_buc(struct vba_context *ctx, uint8_t *new_buc); + +/** * Get vboot register value * * Implemented by each chip @@ -119,4 +128,28 @@ int vbe_read_nvm(enum nvm_type type, uint8_t *buf, uint32_t size); */ int vbe_write_nvm(enum nvm_type type, void *buf, uint32_t size); +/** + * Encrypt data by AES-256 + * + * @param msg Message to be encrypted + * @param len Length of <msg> in bytes + * @param key Key used for encryption + * @param out Buffer where encrypted message is stored + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vbe_aes256_encrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, + uint8_t *out); + +/** + * Decrypt data by AES-256 + * + * @param msg Message to be decrypted + * @param len Length of <msg> in bytes + * @param key Key used for decryption + * @param out Buffer where decrypted message is stored + * @return BDB_SUCCESS or BDB_ERROR_* + */ +int vbe_aes256_decrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, + uint8_t *out); + #endif |