1 /* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Permission is hereby granted, free of charge, to any person 5 * obtaining a copy of this software and associated documentation 6 * files (the "Software"), to deal in the Software without 7 * restriction, including without limitation the rights to use, copy, 8 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * of the Software, and to permit persons to whom the Software is 10 * furnished to do so, subject to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #if !defined(AVB_INSIDE_LIBAVB_CERT_H) && !defined(AVB_COMPILATION) 26 #error \ 27 "Never include this file directly, include libavb_cert/libavb_cert.h instead." 28 #endif 29 30 #ifndef AVB_CERT_VALIDATE_H_ 31 #define AVB_CERT_VALIDATE_H_ 32 33 #include "avb_cert_ops.h" 34 #include "avb_cert_types.h" 35 36 #ifdef __cplusplus 37 extern "C" { 38 #endif 39 40 /* Rollback index locations for libavb_cert key versions. */ 41 #define AVB_CERT_PIK_VERSION_LOCATION 0x1000 42 #define AVB_CERT_PSK_VERSION_LOCATION 0x1001 43 44 /* An implementation of `validate_vbmeta_public_key()` for libavb_cert. See 45 * libavb/avb_ops.h for details on validate_vbmeta_public_key in general. This 46 * implementation uses the metadata expected with libavb_cert vbmeta images 47 * to perform validation on the public key. The cert ops must be implemented. 48 * That is, |ops->cert_ops| must be valid. 49 * 50 * There are a multiple values that need verification: 51 * - Permanent Product Attributes: A hash of these attributes is fused into 52 * hardware. Consistency is checked. 53 * - Product Root Key (PRK): This key is provided in permanent attributes and 54 * is the root authority. 55 * - Product Intermediate Key (PIK): This key is a rotated intermediary. It is 56 * certified by the PRK. 57 * - Product Signing Key (PSK): This key is a rotated authority for a specific 58 * product. It is certified by a PIK and must 59 * match |public_key_data|. 60 * - Product ID: This value is provided in permanent attributes and is unique 61 * to a specific product. This value must match the subject of 62 * the PSK certificate. 63 */ 64 AvbIOResult avb_cert_validate_vbmeta_public_key( 65 AvbOps* ops, 66 const uint8_t* public_key_data, 67 size_t public_key_length, 68 const uint8_t* public_key_metadata, 69 size_t public_key_metadata_length, 70 bool* out_is_trusted); 71 72 /* Generates a challenge which can be used to create an unlock credential. */ 73 AvbIOResult avb_cert_generate_unlock_challenge( 74 AvbCertOps* cert_ops, AvbCertUnlockChallenge* out_unlock_challenge); 75 76 /* Validates an unlock credential. The certificate validation is very similar to 77 * the validation of public key metadata except in place of the PSK is a Product 78 * Unlock Key (PUK) and the certificate usage field identifies it as such. The 79 * challenge signature field is verified against this PUK. 80 */ 81 AvbIOResult avb_cert_validate_unlock_credential( 82 AvbCertOps* cert_ops, 83 const AvbCertUnlockCredential* unlock_credential, 84 bool* out_is_trusted); 85 86 #ifdef __cplusplus 87 } 88 #endif 89 90 #endif /* AVB_CERT_VALIDATE_H_ */ 91