1*897a1d94STom Rini /* SPDX-License-Identifier: MIT */ 2d8f9d2afSIgor Opaniuk /* 3d8f9d2afSIgor Opaniuk * Copyright (C) 2016 The Android Open Source Project 4d8f9d2afSIgor Opaniuk */ 5d8f9d2afSIgor Opaniuk 6d8f9d2afSIgor Opaniuk #if !defined(AVB_INSIDE_LIBAVB_H) && !defined(AVB_COMPILATION) 7d8f9d2afSIgor Opaniuk #error "Never include this file directly, include libavb.h instead." 8d8f9d2afSIgor Opaniuk #endif 9d8f9d2afSIgor Opaniuk 10d8f9d2afSIgor Opaniuk #ifndef AVB_PROPERTY_DESCRIPTOR_H_ 11d8f9d2afSIgor Opaniuk #define AVB_PROPERTY_DESCRIPTOR_H_ 12d8f9d2afSIgor Opaniuk 13d8f9d2afSIgor Opaniuk #include "avb_descriptor.h" 14d8f9d2afSIgor Opaniuk 15d8f9d2afSIgor Opaniuk #ifdef __cplusplus 16d8f9d2afSIgor Opaniuk extern "C" { 17d8f9d2afSIgor Opaniuk #endif 18d8f9d2afSIgor Opaniuk 19d8f9d2afSIgor Opaniuk /* A descriptor for properties (free-form key/value pairs). 20d8f9d2afSIgor Opaniuk * 21d8f9d2afSIgor Opaniuk * Following this struct are |key_num_bytes| bytes of key data, 22d8f9d2afSIgor Opaniuk * followed by a NUL byte, then |value_num_bytes| bytes of value data, 23d8f9d2afSIgor Opaniuk * followed by a NUL byte and then enough padding to make the combined 24d8f9d2afSIgor Opaniuk * size a multiple of 8. 25d8f9d2afSIgor Opaniuk */ 26d8f9d2afSIgor Opaniuk typedef struct AvbPropertyDescriptor { 27d8f9d2afSIgor Opaniuk AvbDescriptor parent_descriptor; 28d8f9d2afSIgor Opaniuk uint64_t key_num_bytes; 29d8f9d2afSIgor Opaniuk uint64_t value_num_bytes; 30d8f9d2afSIgor Opaniuk } AVB_ATTR_PACKED AvbPropertyDescriptor; 31d8f9d2afSIgor Opaniuk 32d8f9d2afSIgor Opaniuk /* Copies |src| to |dest| and validates, byte-swapping fields in the 33d8f9d2afSIgor Opaniuk * process if needed. Returns true if valid, false if invalid. 34d8f9d2afSIgor Opaniuk * 35d8f9d2afSIgor Opaniuk * Data following the struct is not validated nor copied. 36d8f9d2afSIgor Opaniuk */ 37d8f9d2afSIgor Opaniuk bool avb_property_descriptor_validate_and_byteswap( 38d8f9d2afSIgor Opaniuk const AvbPropertyDescriptor* src, 39d8f9d2afSIgor Opaniuk AvbPropertyDescriptor* dest) AVB_ATTR_WARN_UNUSED_RESULT; 40d8f9d2afSIgor Opaniuk 41d8f9d2afSIgor Opaniuk /* Convenience function for looking up the value for a property with 42d8f9d2afSIgor Opaniuk * name |key| in a vbmeta image. If |key_size| is 0, |key| must be 43d8f9d2afSIgor Opaniuk * NUL-terminated. 44d8f9d2afSIgor Opaniuk * 45d8f9d2afSIgor Opaniuk * The |image_data| parameter must be a pointer to a vbmeta image of 46d8f9d2afSIgor Opaniuk * size |image_size|. 47d8f9d2afSIgor Opaniuk * 48d8f9d2afSIgor Opaniuk * This function returns a pointer to the value inside the passed-in 49d8f9d2afSIgor Opaniuk * image or NULL if not found. Note that the value is always 50d8f9d2afSIgor Opaniuk * guaranteed to be followed by a NUL byte. 51d8f9d2afSIgor Opaniuk * 52d8f9d2afSIgor Opaniuk * If the value was found and |out_value_size| is not NULL, the size 53d8f9d2afSIgor Opaniuk * of the value is returned there. 54d8f9d2afSIgor Opaniuk * 55d8f9d2afSIgor Opaniuk * This function is O(n) in number of descriptors so if you need to 56d8f9d2afSIgor Opaniuk * look up a lot of values, you may want to build a more efficient 57d8f9d2afSIgor Opaniuk * lookup-table by manually walking all descriptors using 58d8f9d2afSIgor Opaniuk * avb_descriptor_foreach(). 59d8f9d2afSIgor Opaniuk * 60d8f9d2afSIgor Opaniuk * Before using this function, you MUST verify |image_data| with 61d8f9d2afSIgor Opaniuk * avb_vbmeta_image_verify() and reject it unless it's signed by a 62d8f9d2afSIgor Opaniuk * known good public key. 63d8f9d2afSIgor Opaniuk */ 64d8f9d2afSIgor Opaniuk const char* avb_property_lookup(const uint8_t* image_data, 65d8f9d2afSIgor Opaniuk size_t image_size, 66d8f9d2afSIgor Opaniuk const char* key, 67d8f9d2afSIgor Opaniuk size_t key_size, 68d8f9d2afSIgor Opaniuk size_t* out_value_size) 69d8f9d2afSIgor Opaniuk AVB_ATTR_WARN_UNUSED_RESULT; 70d8f9d2afSIgor Opaniuk 71d8f9d2afSIgor Opaniuk /* Like avb_property_lookup() but parses the intial portions of the 72d8f9d2afSIgor Opaniuk * value as an unsigned 64-bit integer. Both decimal and hexadecimal 73d8f9d2afSIgor Opaniuk * representations (e.g. "0x2a") are supported. Returns false on 74d8f9d2afSIgor Opaniuk * failure and true on success. On success, the parsed value is 75d8f9d2afSIgor Opaniuk * returned in |out_value|. 76d8f9d2afSIgor Opaniuk */ 77d8f9d2afSIgor Opaniuk bool avb_property_lookup_uint64(const uint8_t* image_data, 78d8f9d2afSIgor Opaniuk size_t image_size, 79d8f9d2afSIgor Opaniuk const char* key, 80d8f9d2afSIgor Opaniuk size_t key_size, 81d8f9d2afSIgor Opaniuk uint64_t* out_value) 82d8f9d2afSIgor Opaniuk AVB_ATTR_WARN_UNUSED_RESULT; 83d8f9d2afSIgor Opaniuk 84d8f9d2afSIgor Opaniuk #ifdef __cplusplus 85d8f9d2afSIgor Opaniuk } 86d8f9d2afSIgor Opaniuk #endif 87d8f9d2afSIgor Opaniuk 88d8f9d2afSIgor Opaniuk #endif /* AVB_PROPERTY_DESCRIPTOR_H_ */ 89