1 /* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Permission is hereby granted, free of charge, to any person 5 * obtaining a copy of this software and associated documentation 6 * files (the "Software"), to deal in the Software without 7 * restriction, including without limitation the rights to use, copy, 8 * modify, merge, publish, distribute, sublicense, and/or sell copies 9 * of the Software, and to permit persons to whom the Software is 10 * furnished to do so, subject to the following conditions: 11 * 12 * The above copyright notice and this permission notice shall be 13 * included in all copies or substantial portions of the Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS 19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN 20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN 21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 * SOFTWARE. 23 */ 24 25 #ifndef AVB_ATX_SLOT_VERIFY_H_ 26 #define AVB_ATX_SLOT_VERIFY_H_ 27 28 #include <libavb_atx/libavb_atx.h> 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 typedef enum { 35 AVB_ATX_LOCKED, 36 AVB_ATX_UNLOCKED, 37 } AvbAtxLockState; 38 39 typedef enum { 40 AVB_ATX_SLOT_MARKED_SUCCESSFUL, 41 AVB_ATX_SLOT_NOT_MARKED_SUCCESSFUL, 42 } AvbAtxSlotState; 43 44 typedef enum { 45 AVB_ATX_OEM_DATA_USED, 46 AVB_ATX_OEM_DATA_NOT_USED, 47 } AvbAtxOemDataState; 48 49 /* Performs a full verification of the slot identified by |ab_suffix|. If 50 * |lock_state| indicates verified boot is unlocked then verification errors 51 * will be allowed (see AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR for more 52 * details. 53 * 54 * If |slot_state| indicates the slot identified by |ab_suffix| has been marked 55 * successful then minimum rollback index values will be bumped to match the 56 * values in the verified slot (on success). 57 * 58 * If |oem_data_state| indicates that OEM-specific data is not being used, then 59 * verification of the 'oem_bootloader' partition will be skipped and it will 60 * not be represented in |out_data|. 61 * 62 * The semantics of |out_data| are the same as for avb_slot_verify(). 63 * 64 * On success, an Android Things |vbh_extension| is populated. This value must 65 * be extended into the Verified Boot Hash value accumulated from earlier boot 66 * stages. 67 * 68 * All of the function pointers in |ops| must be valid except for 69 * set_key_version, which will be ignored and may be NULL. 70 */ 71 AvbSlotVerifyResult avb_atx_slot_verify( 72 AvbAtxOps* ops, 73 const char* ab_suffix, 74 AvbAtxLockState lock_state, 75 AvbAtxSlotState slot_state, 76 AvbAtxOemDataState oem_data_state, 77 AvbSlotVerifyData** verify_data, 78 uint8_t vbh_extension[AVB_SHA256_DIGEST_SIZE]); 79 80 #ifdef __cplusplus 81 } 82 #endif 83 84 #endif /* AVB_SLOT_VERIFY_H_ */ 85