xref: /aosp_15_r20/external/vboot_reference/host/lib/include/host_keyblock.h (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1 /* Copyright 2010 The ChromiumOS Authors
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host-side functions for verified boot.
6  */
7 
8 #ifndef VBOOT_REFERENCE_HOST_KEYBLOCK_H_
9 #define VBOOT_REFERENCE_HOST_KEYBLOCK_H_
10 
11 #include "host_key.h"
12 #include "vboot_struct.h"
13 
14 struct vb2_keyblock;
15 
16 /**
17  * Create a keyblock header
18  *
19  * @param data_key	Data key to store in keyblock
20  * @param signing_key	Key to sign keyblock with.  May be NULL if keyblock
21  *			only needs a hash digest.
22  * @param flags		Keyblock flags
23  *
24  * @return The keyblock, or NULL if error.  Caller must free() it.
25  */
26 struct vb2_keyblock *vb2_create_keyblock(
27 		const struct vb2_packed_key *data_key,
28 		const struct vb2_private_key *signing_key,
29 		uint32_t flags);
30 
31 /**
32  * Create a keyblock header using an external signer for all private key
33  * operations.
34  *
35  * @param data_key		Data key to store in keyblock
36  * @param signing_key_pem_file	Filename of private key
37  * @param algorithm		Signing algorithm index
38  * @param flags			Keyblock flags
39  * @param external_signer	Path to external signer program
40  *
41  * @return The keyblock, or NULL if error.  Caller must free() it.
42  */
43 struct vb2_keyblock *vb2_create_keyblock_external(
44 		const struct vb2_packed_key *data_key,
45 		const char *signing_key_pem_file,
46 		uint32_t algorithm,
47 		uint32_t flags,
48 		const char *external_signer);
49 
50 /**
51  * Read a keyblock from a .keyblock file.
52  *
53  * @param filename	File to read keyblock from
54  *
55  * @return The keyblock, or NULL if error.  Caller must free() it.
56  */
57 struct vb2_keyblock *vb2_read_keyblock(const char *filename);
58 
59 /**
60  * Write a keyblock to a file in .keyblock format.
61  *
62  * @param filename	Filename to write
63  * @param keyblock	Keyblock to write
64  *
65  * @return VB2_SUCCESS, or non-zero if error.
66  */
67 int vb2_write_keyblock(const char *filename,
68 		       const struct vb2_keyblock *keyblock);
69 
70 #endif  /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */
71