1 /* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #ifndef _RECOVERY_VERIFIER_H 18 #define _RECOVERY_VERIFIER_H 19 20 #include "mincrypt/p256.h" 21 #include "mincrypt/rsa.h" 22 23 typedef struct { 24 p256_int x; 25 p256_int y; 26 } ECPublicKey; 27 28 typedef struct { 29 typedef enum { 30 RSA, 31 EC, 32 } KeyType; 33 34 int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256) 35 KeyType key_type; 36 RSAPublicKey* rsa; 37 ECPublicKey* ec; 38 } Certificate; 39 40 /* addr and length define a an update package file that has been 41 * loaded (or mmap'ed, or whatever) into memory. Verify that the file 42 * is signed and the signature matches one of the given keys. Return 43 * one of the constants below. 44 */ 45 int verify_file(unsigned char* addr, size_t length, 46 const Certificate *pKeys, unsigned int numKeys); 47 48 Certificate* load_keys(const char* filename, int* numKeys); 49 50 #define VERIFY_SUCCESS 0 51 #define VERIFY_FAILURE 1 52 53 #endif /* _RECOVERY_VERIFIER_H */ 54