xref: /aosp_15_r20/external/vboot_reference/host/lib/include/host_signature.h (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1 /* Copyright 2010 The ChromiumOS Authors
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host-side functions for verified boot.
6  */
7 
8 #ifndef VBOOT_REFERENCE_HOST_SIGNATURE_H_
9 #define VBOOT_REFERENCE_HOST_SIGNATURE_H_
10 
11 #include "host_key.h"
12 #include "vboot_struct.h"
13 
14 struct vb2_private_key;
15 struct vb2_signature;
16 
17 /**
18  * Initialize a signature struct.
19  *
20  * @param sig		Structure to initialize
21  * @param sig_data	Pointer to signature data buffer (after sig)
22  * @param sig_size	Size of signature data buffer in bytes
23  * @param data_size	Amount of data signed in bytes
24  */
25 void vb2_init_signature(struct vb2_signature *sig, uint8_t *sig_data,
26 			uint32_t sig_size, uint32_t data_size);
27 
28 
29 /**
30  * Allocate a new signature.
31  *
32  * @param sig_size	Size of signature in bytes
33  * @param data_size	Amount of data signed in bytes
34  *
35  * @return The signature or NULL if error.  Caller must free() it.
36  */
37 struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,
38 					  uint32_t data_size);
39 
40 /**
41  * Copy a signature.
42  *
43  * @param dest		Destination signature
44  * @param src		Source signature
45  *
46  * @return VB2_SUCCESS, or non-zero if error. */
47 vb2_error_t vb2_copy_signature(struct vb2_signature *dest,
48 			       const struct vb2_signature *src);
49 
50 /**
51  * Calculate a SHA-512 digest-only signature.
52  *
53  * @param data		Pointer to data to hash
54  * @param size		Length of data in bytes
55  *
56  * @return The signature, or NULL if error.  Caller must free() it.
57  */
58 struct vb2_signature *vb2_sha512_signature(const uint8_t *data, uint32_t size);
59 
60 /**
61  * Calculate a signature for the data using the specified key.
62  *
63  * @param data		Pointer to data to sign
64  * @param size		Length of data in bytes
65  * @param key		Private key to use to sign data
66  *
67  * @return The signature, or NULL if error.  Caller must free() it.
68  */
69 struct vb2_signature *vb2_calculate_signature(
70 	const uint8_t *data, uint32_t size, const struct vb2_private_key *key);
71 
72 /**
73  * Calculate a signature for the data using an external signer.
74  *
75  * @param data			Pointer to data to sign
76  * @param size			Length of data in bytes
77  * @param key_file		Name of file containing private key
78  * @param key_algorithm		Key algorithm
79  * @param external_signer	Path to external signer program
80  *
81  * @return The signature, or NULL if error.  Caller must free() it.
82  */
83 struct vb2_signature *vb2_external_signature(const uint8_t *data, uint32_t size,
84 					     const char *key_file,
85 					     uint32_t key_algorithm,
86 					     const char *external_signer);
87 
88 /**
89  * Create signature using the provided hash as its body. Created signature
90  * contains vb2_hash trimmed to fit digest of its algorithm and nothing more.
91  *
92  * @param hash		Hash to create signature from
93  *
94  * @return The signature, or NULL if error. Caller must free() it.
95  */
96 struct vb2_signature *
97 vb2_create_signature_from_hash(const struct vb2_hash *hash);
98 
99 #endif  /* VBOOT_REFERENCE_HOST_SIGNATURE_H_ */
100