diff options
author | Daisuke Nojiri <dnojiri@chromium.org> | 2017-07-07 09:49:36 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-07-13 19:45:57 -0700 |
commit | 4ec4975d90713b58557beca7ed2a94745d7476e3 (patch) | |
tree | b6f5cf7601f271944de4793cfd2392b5954659e5 /include/vboot.h | |
parent | 7630636a0fe8ceb2dbba2b175564a17900d175cf (diff) | |
download | chrome-ec-4ec4975d90713b58557beca7ed2a94745d7476e3.tar.gz |
vboot: Move common code under common/vboot
This patch moves the code which can be shared with other data
verification schemes (e.g. RWSIG) under common/vboot. It also
adds unit tests for it.
BUG=b:38462249
BRANCH=none
TEST=make run-vboot. Verify verification succeeds on Fizz.
Change-Id: Icab4d96dd2c154a12b01c41ebe9b46286b4b590e
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/563463
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'include/vboot.h')
-rw-r--r-- | include/vboot.h | 46 |
1 files changed, 45 insertions, 1 deletions
diff --git a/include/vboot.h b/include/vboot.h index ba13328544..14f7a8f13c 100644 --- a/include/vboot.h +++ b/include/vboot.h @@ -3,6 +3,50 @@ * found in the LICENSE file. */ +#include "common.h" +#include "vb21_struct.h" +#include "rsa.h" + +/** + * Validate key contents. + * + * @param key + * @return EC_SUCCESS or EC_ERROR_* + */ +int vb21_is_packed_key_valid(const struct vb21_packed_key *key); + +/** + * Validate signature contents. + * + * @param sig Signature to be validated. + * @param key Key to be used for validating <sig>. + * @return EC_SUCCESS or EC_ERROR_* + */ +int vb21_is_signature_valid(const struct vb21_signature *sig, + const struct vb21_packed_key *key); + +/** + * Check data region is filled with ones + * + * @param data Data to be validated. + * @param start Offset where validation starts. + * @param end Offset where validation ends. data[end] won't be checked. + * @return EC_SUCCESS or EC_ERROR_* + */ +int vboot_is_padding_valid(const uint8_t *data, uint32_t start, uint32_t end); + +/** + * Verify data by RSA signature + * + * @param data Data to be verified. + * @param len Number of bytes in <data>. + * @param key Key to be used for verification. + * @param sig Signature of <data> + * @return EC_SUCCESS or EC_ERROR_* + */ +int vboot_verify(const uint8_t *data, int len, + const struct rsa_public_key *key, const uint8_t *sig); + /** * Verify RW image and jump to it * @@ -12,4 +56,4 @@ * 3. Returns, requesting more power * 4. Returns, requesting recovery */ -void vboot_ec(void); +void vboot_main(void); |