diff options
Diffstat (limited to 'host/lib/include/host_keyblock.h')
-rw-r--r-- | host/lib/include/host_keyblock.h | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/host/lib/include/host_keyblock.h b/host/lib/include/host_keyblock.h new file mode 100644 index 00000000..ea88f19b --- /dev/null +++ b/host/lib/include/host_keyblock.h @@ -0,0 +1,45 @@ +/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Host-side functions for verified boot. + */ + +#ifndef VBOOT_REFERENCE_HOST_KEYBLOCK_H_ +#define VBOOT_REFERENCE_HOST_KEYBLOCK_H_ + +#include "host_key.h" +#include "vboot_struct.h" + + +/* Create a key block header containing [data_key] and [flags], signed + * by private key the file [signing_key_pem_file] and algorithm [algorithm] + * using the external signer program [external_signer] for all private key + * operations. + * Caller owns the returned pointer, and must free + * it with Free(). */ +VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, + const char* signing_key_pem_file, + uint64_t algorithm, + uint64_t flags, + const char* external_signer); + +/* Create a key block header containing [data_key] and [flags], signed + * by [signing_key]. Caller owns the returned pointer, and must free + * it with Free(). */ +VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, + const VbPrivateKey* signing_key, + uint64_t flags); + + +/* Read a key block from a .keyblock file. Caller owns the returned + * pointer, and must free it with Free(). + * + * Returns NULL if error. */ +VbKeyBlockHeader* KeyBlockRead(const char* filename); + + +/* Write a key block to a file in .keyblock format. */ +int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block); + +#endif /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */ |