diff options
Diffstat (limited to 'host/lib/include/host_keyblock.h')
-rw-r--r-- | host/lib/include/host_keyblock.h | 75 |
1 files changed, 50 insertions, 25 deletions
diff --git a/host/lib/include/host_keyblock.h b/host/lib/include/host_keyblock.h index ea88f19b..21257965 100644 --- a/host/lib/include/host_keyblock.h +++ b/host/lib/include/host_keyblock.h @@ -11,35 +11,60 @@ #include "host_key.h" #include "vboot_struct.h" +struct vb2_keyblock; -/* Create a key block header containing [data_key] and [flags], signed - * by private key the file [signing_key_pem_file] and algorithm [algorithm] - * using the external signer program [external_signer] for all private key - * operations. - * Caller owns the returned pointer, and must free - * it with Free(). */ -VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, - const char* signing_key_pem_file, - uint64_t algorithm, - uint64_t flags, - const char* external_signer); - -/* Create a key block header containing [data_key] and [flags], signed - * by [signing_key]. Caller owns the returned pointer, and must free - * it with Free(). */ -VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, - const VbPrivateKey* signing_key, - uint64_t flags); - +/** + * Create a keyblock header + * + * @param data_key Data key to store in keyblock + * @param signing_key Key to sign keyblock with. May be NULL if keyblock + * only needs a hash digest. + * @param flags Keyblock flags + * + * @return The keyblock, or NULL if error. Caller must free() it. + */ +struct vb2_keyblock *vb2_create_keyblock( + const struct vb2_packed_key *data_key, + const struct vb2_private_key *signing_key, + uint32_t flags); -/* Read a key block from a .keyblock file. Caller owns the returned - * pointer, and must free it with Free(). +/** + * Create a keyblock header using an external signer for all private key + * operations. + * + * @param data_key Data key to store in keyblock + * @param signing_key_pem_file Filename of private key + * @param algorithm Signing algorithm index + * @param flags Keyblock flags + * @param external_signer Path to external signer program * - * Returns NULL if error. */ -VbKeyBlockHeader* KeyBlockRead(const char* filename); + * @return The keyblock, or NULL if error. Caller must free() it. + */ +struct vb2_keyblock *vb2_create_keyblock_external( + const struct vb2_packed_key *data_key, + const char *signing_key_pem_file, + uint32_t algorithm, + uint32_t flags, + const char *external_signer); +/** + * Read a keyblock from a .keyblock file. + * + * @param filename File to read keyblock from + * + * @return The keyblock, or NULL if error. Caller must free() it. + */ +struct vb2_keyblock *vb2_read_keyblock(const char *filename); -/* Write a key block to a file in .keyblock format. */ -int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block); +/** + * Write a keyblock to a file in .keyblock format. + * + * @param filename Filename to write + * @param keyblock Keyblock to write + * + * @return VB2_SUCCESS, or non-zero if error. + */ +int vb2_write_keyblock(const char *filename, + const struct vb2_keyblock *keyblock); #endif /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */ |