1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Host-side functions for verified boot.
6  */
7 
8 #ifndef VBOOT_REFERENCE_HOST_KEYBLOCK_H_
9 #define VBOOT_REFERENCE_HOST_KEYBLOCK_H_
10 
11 #include "host_key.h"
12 #include "vboot_struct.h"
13 
14 
15 /* Create a key block header containing [data_key] and [flags], signed
16  * by private key the file [signing_key_pem_file] and algorithm [algorithm]
17  * using the external signer program [external_signer] for all private key
18  * operations.
19  * Caller owns the returned pointer, and must free
20  * it with Free(). */
21 VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
22                                           const char* signing_key_pem_file,
23                                           uint64_t algorithm,
24                                           uint64_t flags,
25                                           const char* external_signer);
26 
27 /* Create a key block header containing [data_key] and [flags], signed
28  * by [signing_key].  Caller owns the returned pointer, and must free
29  * it with Free(). */
30 VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
31                                  const VbPrivateKey* signing_key,
32                                  uint64_t flags);
33 
34 
35 /* Read a key block from a .keyblock file.  Caller owns the returned
36  * pointer, and must free it with Free().
37  *
38  * Returns NULL if error. */
39 VbKeyBlockHeader* KeyBlockRead(const char* filename);
40 
41 
42 /* Write a key block to a file in .keyblock format. */
43 int KeyBlockWrite(const char* filename, const VbKeyBlockHeader* key_block);
44 
45 #endif  /* VBOOT_REFERENCE_HOST_KEYBLOCK_H_ */
46