Changeset View
Changeset View
Standalone View
Standalone View
lib/libsecureboot/secureboot.h
- This file was added.
| /*- | |||||
| * Copyright (c) 2019 Stormshield. | |||||
| * Copyright (c) 2019 Semihalf. | |||||
| * All rights reserved. | |||||
| * | |||||
| * Redistribution and use in source and binary forms, with or without | |||||
| * modification, are permitted provided that the following conditions | |||||
| * are met: | |||||
| * 1. Redistributions of source code must retain the above copyright | |||||
| * notice, this list of conditions and the following disclaimer. | |||||
| * 2. Redistributions in binary form must reproduce the above copyright | |||||
| * notice, this list of conditions and the following disclaimer in the | |||||
| * documentation and/or other materials provided with the distribution. | |||||
| * | |||||
| * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |||||
| * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |||||
| * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |||||
| * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, | |||||
| * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |||||
| * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |||||
| * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |||||
| * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |||||
| * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN | |||||
| * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |||||
| * POSSIBILITY OF SUCH DAMAGE. | |||||
| */ | |||||
| #ifndef SECUREBOOT_H | |||||
| #define SECUREBOOT_H | |||||
| #include <sys/cdefs.h> | |||||
| __FBSDID("$FreeBSD$"); | |||||
| #ifdef _STANDALONE | |||||
| #include <stand.h> | |||||
| #else | |||||
| #include <stddef.h> | |||||
| #include <stdlib.h> | |||||
| #include <stdio.h> | |||||
| #include <errno.h> | |||||
| #include <unistd.h> | |||||
| #endif /* _STANDALONE */ | |||||
| #include <bearssl.h> | |||||
| #define MAGIC 0x05ECB00705ECB007 | |||||
| #pragma pack(1) | |||||
| struct signature_info { | |||||
| uint64_t magic; | |||||
| uint64_t kernel_size; | |||||
| uint64_t signature_size; | |||||
| uint64_t cert_size; | |||||
| }; | |||||
| #pragma pack() | |||||
| struct vector { | |||||
| char *data; | |||||
| size_t capacity; | |||||
| size_t length; | |||||
| }; | |||||
| int gen_digest(int, size_t, unsigned char*); | |||||
| void* X509_to_tbs(unsigned char*, size_t*); | |||||
| br_x509_pkey * verify_cert(br_x509_certificate*, br_x509_certificate*, size_t); | |||||
| /* Small helper functions */ | |||||
| ssize_t checked_read(int, char*, size_t); | |||||
| void vector_append(void*, const void*, size_t); | |||||
| int copy_pkey(br_x509_pkey*, const br_x509_pkey*); | |||||
| void free_anchors(br_x509_trust_anchor*, size_t); | |||||
| void free_certs(br_x509_certificate*, size_t); | |||||
| void free_pkey(br_x509_pkey*); | |||||
| #endif /* SECUREBOOT_H */ | |||||