| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 1 | /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 | * Use of this source code is governed by a BSD-style license that can be |
| 3 | * found in the LICENSE file. |
| 4 | * |
| 5 | * Host-side functions for verified boot. |
| 6 | */ |
| 7 | |
| 8 | #ifndef VBOOT_REFERENCE_HOST_SIGNATURE_H_ |
| 9 | #define VBOOT_REFERENCE_HOST_SIGNATURE_H_ |
| 10 | |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 11 | #include "cryptolib.h" |
| 12 | #include "host_key.h" |
| 13 | #include "utility.h" |
| 14 | #include "vboot_struct.h" |
| 15 | |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 16 | struct vb2_private_key; |
| 17 | struct vb2_signature; |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 18 | |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 19 | /** |
| 20 | * Initialize a signature struct. |
| 21 | * |
| 22 | * @param sig Structure to initialize |
| 23 | * @param sig_data Pointer to signature data buffer (after sig) |
| 24 | * @param sig_size Size of signature data buffer in bytes |
| 25 | * @param data_size Amount of data signed in bytes |
| 26 | */ |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 27 | void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data, |
| 28 | uint32_t sig_size, uint32_t data_size); |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 29 | |
| 30 | |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 31 | /** |
| 32 | * Allocate a new signature. |
| 33 | * |
| 34 | * @param sig_size Size of signature in bytes |
| 35 | * @param data_size Amount of data signed in bytes |
| 36 | * |
| 37 | * @return The signature or NULL if error. Caller must free() it. |
| 38 | */ |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 39 | struct vb2_signature *vb2_alloc_signature(uint32_t sig_size, |
| 40 | uint32_t data_size); |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 41 | |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 42 | /** |
| 43 | * Copy a signature. |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 44 | * |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 45 | * @param dest Destination signature |
| 46 | * @param src Source signature |
| 47 | * |
| 48 | * @return VB2_SUCCESS, or non-zero if error. */ |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 49 | int vb2_copy_signature(struct vb2_signature *dest, |
| 50 | const struct vb2_signature *src); |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 51 | |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 52 | /** |
| 53 | * Calculate a SHA-512 digest-only signature. |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 54 | * |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 55 | * @param data Pointer to data to hash |
| 56 | * @param size Length of data in bytes |
| 57 | * |
| Randall Spangler | d46461c | 2016-06-22 16:46:23 -0700 | [diff] [blame] | 58 | * @return The signature, or NULL if error. Caller must free() it. |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 59 | */ |
| 60 | struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size); |
| Bill Richardson | 2448d3b | 2012-05-03 08:40:44 -0700 | [diff] [blame] | 61 | |
| Randall Spangler | d46461c | 2016-06-22 16:46:23 -0700 | [diff] [blame] | 62 | /** |
| 63 | * Calculate a signature for the data using the specified key. |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 64 | * |
| Randall Spangler | d46461c | 2016-06-22 16:46:23 -0700 | [diff] [blame] | 65 | * @param data Pointer to data to sign |
| 66 | * @param size Length of data in bytes |
| 67 | * @param key Private key to use to sign data |
| 68 | * |
| 69 | * @return The signature, or NULL if error. Caller must free() it. |
| 70 | */ |
| Randall Spangler | 814aaf0 | 2016-06-17 10:48:16 -0700 | [diff] [blame] | 71 | struct vb2_signature *vb2_calculate_signature( |
| 72 | const uint8_t *data, uint32_t size, |
| 73 | const struct vb2_private_key *key); |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 74 | |
| Randall Spangler | 7d0cc74 | 2016-06-30 11:30:32 -0700 | [diff] [blame] | 75 | /** |
| 76 | * Calculate a signature for the data using an external signer. |
| Gaurav Shah | 068fc6f | 2010-10-29 10:59:50 -0700 | [diff] [blame] | 77 | * |
| Randall Spangler | 7d0cc74 | 2016-06-30 11:30:32 -0700 | [diff] [blame] | 78 | * @param data Pointer to data to sign |
| 79 | * @param size Length of data in bytes |
| 80 | * @param key_file Name of file containing private key |
| 81 | * @param key_algorithm Key algorithm |
| 82 | * @param external_signer Path to external signer program |
| 83 | * |
| 84 | * @return The signature, or NULL if error. Caller must free() it. |
| 85 | */ |
| 86 | struct vb2_signature *vb2_external_signature(const uint8_t *data, |
| 87 | uint32_t size, |
| 88 | const char *key_file, |
| 89 | uint32_t key_algorithm, |
| 90 | const char *external_signer); |
| Gaurav Shah | 068fc6f | 2010-10-29 10:59:50 -0700 | [diff] [blame] | 91 | |
| Randall Spangler | d183644 | 2010-06-10 09:59:04 -0700 | [diff] [blame] | 92 | #endif /* VBOOT_REFERENCE_HOST_SIGNATURE_H_ */ |