1 files changed, 50 insertions, 25 deletions

diff --git a/host/lib/include/host_keyblock.h b/host/lib/include/host_keyblock.h
index ea88f19b..21257965 100644
--- a/host/lib/include/host_keyblock.h
+++ b/host/lib/include/host_keyblock.h
@@ -11,35 +11,60 @@
 #include "host_key.h"
 #include "vboot_struct.h"
 
+struct vb2_keyblock;
 
-/* Create a key block header containing [data_key] and [flags], signed
- * by private key the file [signing_key_pem_file] and algorithm [algorithm]
- * using the external signer program [external_signer] for all private key
- * operations.
- * Caller owns the returned pointer, and must free
- * it with Free(). */
-VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
-                                          const char* signing_key_pem_file,
-                                          uint64_t algorithm,
-                                          uint64_t flags,
-                                          const char* external_signer);
-
-/* Create a key block header containing [data_key] and [flags], signed
- * by [signing_key].  Caller owns the returned pointer, and must free
- * it with Free(). */
-VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
-                                 const VbPrivateKey* signing_key,
-                                 uint64_t flags);
-
+/**
+ * Create a keyblock header
+ *
+ * @param data_key	Data key to store in keyblock
+ * @param signing_key	Key to sign keyblock with.  May be NULL if keyblock
+ *			only needs a hash digest.
+ * @param flags		Keyblock flags
+ *
+ * @return The keyblock, or NULL if error.  Caller must free() it.
+ */
+struct vb2_keyblock *vb2_create_keyblock(
+		const struct vb2_packed_key *data_key,
+		const struct vb2_private_key *signing_key,
+		uint32_t flags);
 
-/* Read a key block from a .keyblock file.  Caller owns the returned
- * pointer, and must free it with Free().
+/**
+ * Create a keyblock header using an external signer for all private key
+ * operations.
+ *
+ * @param data_key		Data key to store in keyblock
+ * @param signing_key_pem_file	Filename of private key
+ * @param algorithm		Signing algorithm index
+ * @param flags			Keyblock flags
+ * @param external_signer	Path to external signer program
  *
- * Returns NULL if error. */
-VbKeyBlockHeader* KeyBlockRead(const char* filename);
+ * @return The keyblock, or NULL if error.  Caller must free() it.
+ */
+struct vb2_keyblock *vb2_create_keyblock_external(
+		const struct vb2_packed_key *data_key,
+		const char *signing_key_pem_file,
+		uint32_t algorithm,
+		uint32_t flags,
+		const char *external_signer);
 
+/**
+ * Read a keyblock from a .keyblock file.
+ *
+ * @param filename	File to read keyblock from
+ *
+ * @return The keyblock, or NULL if error.  Caller must free() it.
+ */
+struct vb2_keyblock *vb2_read_keyblock(const char *filename);
 
-/* Write a key block to a file in .keyblock format. */
-int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block);
+/**
+ * Write a keyblock to a file in .keyblock format.
+ *
+ * @param filename	Filename to write
+ * @param keyblock	Keyblock to write
+ *
+ * @return VB2_SUCCESS, or non-zero if error.
+ */
+int vb2_write_keyblock(const char *filename,
+		       const struct vb2_keyblock *keyblock);
 
 #endif  /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */