1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Host-side functions for verified boot.
*/
#ifndef VBOOT_REFERENCE_HOST_KEY_H_
#define VBOOT_REFERENCE_HOST_KEY_H_
#include "2crypto.h"
#include "2return_codes.h"
struct vb2_public_key;
struct vb2_packed_key;
struct vb2_private_key;
/**
* Convert a vb2 hash and crypto algorithm to a vb1 crypto algorithm.
*
* @param hash_alg Hash algorithm
* @param sig_alg Signature algorithm
*
* @return The equivalent vb1 crypto algorithm or VB2_ALG_COUNT if error.
*/
enum vb2_crypto_algorithm vb2_get_crypto_algorithm(
enum vb2_hash_algorithm hash_alg,
enum vb2_signature_algorithm sig_alg);
/**
* Read a private key from a .pem file.
*
* @param filename Filename to read from
* @param algorithm Algorithm to associate with file
* (enum vb2_crypto_algorithm)
*
* @return The private key or NULL if error. Caller must free() it.
*/
struct vb2_private_key *vb2_read_private_key_pem(
const char *filename,
enum vb2_crypto_algorithm algorithm);
/**
* Free a private key.
*
* @param key Key to free; ok to pass NULL (ignored).
*/
void vb2_free_private_key(struct vb2_private_key *key);
/**
* Write a private key to a file in .vbprivk format.
*
* @param filename Filename to write to
* @param key Key to write
*
* @return VB2_SUCCESS, or non-zero if error.
*/
vb2_error_t vb2_write_private_key(const char *filename,
const struct vb2_private_key *key);
/**
* Read a private key from a .vbprivk file.
*
* @param filename Filename to read key from.
*
* @return The private key or NULL if error. Caller must free() it.
*/
struct vb2_private_key *vb2_read_private_key(const char *filename);
/**
* Allocate a new public key.
* @param key_size Size of key data the key can hold
* @param algorithm Algorithm to store in key header
* @param version Version to store in key header
*
* @return The public key or NULL if error. Caller must free() it.
*/
struct vb2_packed_key *vb2_alloc_packed_key(uint32_t key_size,
uint32_t algorithm,
uint32_t version);
/**
* Initialize a packed key structure.
*
* @param key Structure to initialize
* @param key_data Pointer to key data (following the structure)
* @param key_size Size of key
*/
void vb2_init_packed_key(struct vb2_packed_key *key, uint8_t *key_data,
uint32_t key_size);
/**
* Copy a packed key.
*
* @param dest Destination packed key
* @param src Source packed key
*
* @return VB2_SUCCESS, or non-zero if error.
*/
vb2_error_t vb2_copy_packed_key(struct vb2_packed_key *dest,
const struct vb2_packed_key *src);
/**
* Read a packed key from a .vbpubk file.
*
* @param filename Name of file to read
* @param algorithm Crypto algorithm to associate with key
* @param version Version to store in key
*
* @return The packed key, or NULL if error. Caller must free() it.
*/
struct vb2_packed_key *vb2_read_packed_key(const char *filename);
/**
* Sanity-check a packed key structure.
*
* @param key Key to check
* @param size Size of key buffer in bytes
*
* @return VB2_SUCCESS, or non-zero if error.
*/
vb2_error_t vb2_packed_key_looks_ok(const struct vb2_packed_key *key,
uint32_t size);
/**
* Read a packed key from a .keyb file.
*
* @param filename Name of file to read
* @param algorithm Crypto algorithm to associate with key
* @param version Version to store in key
*
* @return The packed key, or NULL if error. Caller must free() it.
*/
struct vb2_packed_key *vb2_read_packed_keyb(const char *filename,
uint32_t algorithm,
uint32_t version);
/**
* Write a packed key in .vbpubk format.
*
* @param filename Name of file to write
* @param key Key to write
*
* @return VB2_SUCCESS, or non-zero if error.
*/
vb2_error_t vb2_write_packed_key(const char *filename,
const struct vb2_packed_key *key);
/**
* Unpack the RSA data fields for a public key
*
* This is called by vb21_unpack_key() to extract the arrays from a packed key.
* These elements of *key will point inside the key_data buffer.
*
* @param key Destination key for RSA data fields
* @param key_data Packed key data (from inside a packed key buffer)
* @param key_size Size of packed key data in bytes
*/
vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
const uint8_t *key_data, uint32_t key_size);
#endif /* VBOOT_REFERENCE_HOST_KEY_H_ */
|