xref: /aosp_15_r20/external/vboot_reference/host/lib/include/util_misc.h (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1 /* Copyright 2014 The ChromiumOS Authors
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host-side misc functions for verified boot.
6  */
7 
8 #ifndef VBOOT_REFERENCE_UTIL_MISC_H_
9 #define VBOOT_REFERENCE_UTIL_MISC_H_
10 
11 #include "host_key.h"
12 #include "vboot_struct.h"
13 
14 struct rsa_st;
15 struct vb2_packed_key;
16 struct vb2_private_key;
17 struct pkcs11_key;
18 
19 /**
20  * Returns the SHA1 digest of the packed key data as a string.
21  *
22  * The returned string is a global static buffer, so each call to this
23  * overwrites the previous digest string.  So don't call this more than once
24  * per printf().
25  *
26  * @param key		Key to print digest for
27  *
28  * @return A string containing the SHA1 digest.
29  */
30 const char *packed_key_sha1_string(const struct vb2_packed_key *key);
31 
32 /**
33  * Returns the SHA1 digest of the private key data as a string.
34  *
35  * The returned string is a global static buffer, so each call to this
36  * overwrites the previous digest string.  So don't call this more than once
37  * per printf().
38  *
39  * @param key		Key to print digest for
40  *
41  * @return A string containing the SHA1 digest.
42  */
43 const char *private_key_sha1_string(const struct vb2_private_key *key);
44 
45 /*
46  * Our packed RSBPublicKey buffer (historically in files ending with ".keyb",
47  * but also the part of struct vb2_packed_key and struct vb21_packed_key that
48  * is referenced by .key_offset) has this binary format:
49  *
50  *   struct {
51  *       uint32_t nwords;            // size of RSA key in 32-bit words
52  *       uint32_t N0inv;             // -1 / N[0] mod 2^32
53  *       uint32_t modulus[nwords];   // modulus as a little endian array
54  *       uint32_t R2[nwords];        // R^2  as little endian array
55  *   };
56  *
57  * This function allocates and extracts that binary structure directly
58  * from the RSA private key, rather than from a file.
59  *
60  * @param rsa_private_key     RSA private key (duh)
61  * @param keyb_data	      Pointer to newly allocated binary blob
62  * @param keyb_size	      Size of newly allocated binary blob
63  *
64  * @return 0 on success, non-zero if unable to allocate enough memory.
65  */
66 int vb_keyb_from_rsa(struct rsa_st *rsa_private_key,
67 		     uint8_t **keyb_data, uint32_t *keyb_size);
68 
69 /*
70  * This function would call vb2_keyb_from_rsa if key_location of the priavte_key is
71  * PRIVATE_KEY_LOCAL. Otherwise, it would get the modulus from pkcs11 and generate the
72  * vb_keyb content.
73  *
74  * @param private_key	      private key (struct vb2_private_key)
75  * @param keyb_data	      Pointer to newly allocated binary blob
76  * @param keyb_size	      Size of newly allocated binary blob
77  *
78  * @return 0 on success, non-zero if it failed.
79  */
80 int vb_keyb_from_private_key(struct vb2_private_key *private_key, uint8_t **keyb_data,
81 			     uint32_t *keyb_size);
82 
83 /**
84  * Get the signature algorithm with exponent |exp| and modulus size |bits|
85  *
86  * @param exp		Exponent of the signature algorithm
87  * @param bits		Number of bits in the modulus of the signature algorithm
88  * @return		The signature algorithm that matches the condition, VB2_SIG_INVALID
89  * otherwise.
90  */
91 enum vb2_signature_algorithm vb2_get_sig_alg(uint32_t exp, uint32_t bits);
92 
93 #endif  /* VBOOT_REFERENCE_UTIL_MISC_H_ */
94