xref: /aosp_15_r20/external/vboot_reference/host/lib/include/host_key.h (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1 /* Copyright 2010 The ChromiumOS Authors
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host-side functions for verified boot.
6  */
7 
8 #ifndef VBOOT_REFERENCE_HOST_KEY_H_
9 #define VBOOT_REFERENCE_HOST_KEY_H_
10 
11 #include "2crypto.h"
12 #include "2return_codes.h"
13 
14 struct vb2_public_key;
15 struct vb2_packed_key;
16 struct vb2_private_key;
17 
18 /**
19  * Convert a vb2 hash and crypto algorithm to a vb1 crypto algorithm.
20  *
21  * @param hash_alg	Hash algorithm
22  * @param sig_alg	Signature algorithm
23  *
24  * @return The equivalent vb1 crypto algorithm or VB2_ALG_COUNT if error.
25  */
26 enum vb2_crypto_algorithm vb2_get_crypto_algorithm(
27 	enum vb2_hash_algorithm hash_alg,
28 	enum vb2_signature_algorithm sig_alg);
29 
30 /**
31  * Read a private key from a .pem file.
32  *
33  * @param filename	Filename to read from
34  * @param algorithm	Algorithm to associate with file
35  * 			(enum vb2_crypto_algorithm)
36  *
37  * @return The private key or NULL if error.  Caller must free() it.
38  */
39 struct vb2_private_key *vb2_read_private_key_pem(
40 	const char *filename,
41 	enum vb2_crypto_algorithm algorithm);
42 
43 /**
44  * Free a private key.
45  *
46  * @param key		Key to free; ok to pass NULL (ignored).
47  */
48 void vb2_free_private_key(struct vb2_private_key *key);
49 
50 /**
51  * Write a private key to a file in .vbprivk format.
52  *
53  * @param filename	Filename to write to
54  * @param key		Key to write
55  *
56  * @return VB2_SUCCESS, or non-zero if error.
57  */
58 vb2_error_t vb2_write_private_key(const char *filename,
59 				  const struct vb2_private_key *key);
60 
61 /**
62  * Read a private key from a .vbprivk file.
63  *
64  * @param key_info	key_info to read key from.
65  *
66  * @return The private key or NULL if error.  Caller must free() it.
67  */
68 struct vb2_private_key *vb2_read_private_key(const char *key_info);
69 
70 /**
71  * Allocate a new public key.
72  * @param key_size	Size of key data the key can hold
73  * @param algorithm	Algorithm to store in key header
74  * @param version	Version to store in key header
75  *
76  * @return The public key or NULL if error.  Caller must free() it.
77  */
78 struct vb2_packed_key *vb2_alloc_packed_key(uint32_t key_size,
79 					    uint32_t algorithm,
80 					    uint32_t version);
81 
82 /**
83  * Initialize a packed key structure.
84  *
85  * @param key		Structure to initialize
86  * @param key_data	Pointer to key data (following the structure)
87  * @param key_size	Size of key
88  */
89 void vb2_init_packed_key(struct vb2_packed_key *key, uint8_t *key_data,
90 			 uint32_t key_size);
91 
92 /**
93  * Copy a packed key.
94  *
95  * @param dest		Destination packed key
96  * @param src		Source packed key
97  *
98  * @return VB2_SUCCESS, or non-zero if error.
99  */
100 vb2_error_t vb2_copy_packed_key(struct vb2_packed_key *dest,
101 				const struct vb2_packed_key *src);
102 
103 /**
104  * Read a packed key from a .vbpubk file.
105  *
106  * @param filename	Name of file to read
107  * @param algorithm	Crypto algorithm to associate with key
108  * @param version	Version to store in key
109  *
110  * @return The packed key, or NULL if error.  Caller must free() it.
111  */
112 struct vb2_packed_key *vb2_read_packed_key(const char *filename);
113 
114 /**
115  * Validity-check a packed key structure.
116  *
117  * @param key	     	Key to check
118  * @param size		Size of key buffer in bytes
119  *
120  * @return VB2_SUCCESS, or non-zero if error.
121  */
122 vb2_error_t vb2_packed_key_looks_ok(const struct vb2_packed_key *key,
123 				    uint32_t size);
124 
125 /**
126  * Read a packed key from a .keyb file.
127  *
128  * @param filename	Name of file to read
129  * @param algorithm	Crypto algorithm to associate with key
130  * @param version	Version to store in key
131  *
132  * @return The packed key, or NULL if error.  Caller must free() it.
133  */
134 struct vb2_packed_key *vb2_read_packed_keyb(const char *filename,
135 					    uint32_t algorithm,
136 					    uint32_t version);
137 
138 /**
139  * Write a packed key in .vbpubk format.
140  *
141  * @param filename	Name of file to write
142  * @param key		Key to write
143  *
144  * @return VB2_SUCCESS, or non-zero if error.
145  */
146 vb2_error_t vb2_write_packed_key(const char *filename,
147 				 const struct vb2_packed_key *key);
148 
149 /**
150  * Unpack the RSA data fields for a public key
151  *
152  * This is called by vb21_unpack_key() to extract the arrays from a packed key.
153  * These elements of *key will point inside the key_data buffer.
154  *
155  * @param key		Destination key for RSA data fields
156  * @param key_data	Packed key data (from inside a packed key buffer)
157  * @param key_size	Size of packed key data in bytes
158  */
159 vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
160 				const uint8_t *key_data, uint32_t key_size);
161 
162 #endif  /* VBOOT_REFERENCE_HOST_KEY_H_ */
163