blob: 4eafc75652faec309699adccaf4155e911407c5e [file] [log] [blame]
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001/*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef _RECOVERY_VERIFIER_H
18#define _RECOVERY_VERIFIER_H
19
Tao Bao71e3e092016-02-02 14:02:27 -080020#include <memory>
21#include <vector>
22
Kenny Root7a4adb52013-10-09 10:14:35 -070023#include "mincrypt/p256.h"
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080024#include "mincrypt/rsa.h"
25
Kenny Root7a4adb52013-10-09 10:14:35 -070026typedef struct {
27 p256_int x;
28 p256_int y;
29} ECPublicKey;
30
Tao Bao71e3e092016-02-02 14:02:27 -080031struct Certificate {
Kenny Root7a4adb52013-10-09 10:14:35 -070032 typedef enum {
33 RSA,
34 EC,
35 } KeyType;
36
Tao Bao71e3e092016-02-02 14:02:27 -080037 Certificate(int hash_len_, KeyType key_type_,
38 std::unique_ptr<RSAPublicKey>&& rsa_,
39 std::unique_ptr<ECPublicKey>&& ec_) :
40 hash_len(hash_len_),
41 key_type(key_type_),
42 rsa(std::move(rsa_)),
43 ec(std::move(ec_)) { }
44
Doug Zongker30362a62013-04-10 11:32:17 -070045 int hash_len; // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256)
Kenny Root7a4adb52013-10-09 10:14:35 -070046 KeyType key_type;
Tao Bao71e3e092016-02-02 14:02:27 -080047 std::unique_ptr<RSAPublicKey> rsa;
48 std::unique_ptr<ECPublicKey> ec;
49};
Doug Zongker30362a62013-04-10 11:32:17 -070050
Doug Zongker99916f02014-01-13 14:16:58 -080051/* addr and length define a an update package file that has been
52 * loaded (or mmap'ed, or whatever) into memory. Verify that the file
53 * is signed and the signature matches one of the given keys. Return
54 * one of the constants below.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080055 */
Doug Zongker99916f02014-01-13 14:16:58 -080056int verify_file(unsigned char* addr, size_t length,
Tao Bao71e3e092016-02-02 14:02:27 -080057 const std::vector<Certificate>& keys);
Doug Zongker60151a22009-08-12 18:30:03 -070058
Tao Bao71e3e092016-02-02 14:02:27 -080059bool load_keys(const char* filename, std::vector<Certificate>& certs);
Doug Zongker6c249f72012-11-02 15:04:05 -070060
Doug Zongker60151a22009-08-12 18:30:03 -070061#define VERIFY_SUCCESS 0
62#define VERIFY_FAILURE 1
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080063
64#endif /* _RECOVERY_VERIFIER_H */