1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 2 * Use of this source code is governed by a BSD-style license that can be 3 * found in the LICENSE file. 4 * 5 * Host-side functions for verified boot. 6 */ 7 8 #ifndef VBOOT_REFERENCE_HOST_KEYBLOCK_H_ 9 #define VBOOT_REFERENCE_HOST_KEYBLOCK_H_ 10 11 #include "host_key.h" 12 #include "vboot_struct.h" 13 14 15 /* Create a key block header containing [data_key] and [flags], signed 16 * by private key the file [signing_key_pem_file] and algorithm [algorithm] 17 * using the external signer program [external_signer] for all private key 18 * operations. 19 * Caller owns the returned pointer, and must free 20 * it with Free(). */ 21 VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, 22 const char* signing_key_pem_file, 23 uint64_t algorithm, 24 uint64_t flags, 25 const char* external_signer); 26 27 /* Create a key block header containing [data_key] and [flags], signed 28 * by [signing_key]. Caller owns the returned pointer, and must free 29 * it with Free(). */ 30 VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, 31 const VbPrivateKey* signing_key, 32 uint64_t flags); 33 34 35 /* Read a key block from a .keyblock file. Caller owns the returned 36 * pointer, and must free it with Free(). 37 * 38 * Returns NULL if error. */ 39 VbKeyBlockHeader* KeyBlockRead(const char* filename); 40 41 42 /* Write a key block to a file in .keyblock format. */ 43 int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block); 44 45 #endif /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */ 46