1## Cr51 Image Signature Library 2 3### Package `libcr51sign` 4 5- Status: **Ready** 6 7Libcr51sign is a library to verify images signed in the Cr51 format which can be 8shared between all systems requiring this functionality. Given an absolute start 9and end offset the library would scan for and validate the signature on the 10image descriptor, if the image validates, hashes the rest of the image to verify 11its integrity. Because this library will be used across many varied platforms, 12it does not assume the presence of any standard libraries or operating system 13interfaces. In order to handle this, a struct containing function pointers that 14implement each piece of platform-specific functionality will be passed to the 15library’s functions. Interface struct should typically be static data (could put 16in rodata) while the data in context is mutable. 17 18### Debug 19 20Print will be handled via Macros. The user can define USER_PRINT or the library 21would use its default. The library will not assert on any error conditions,but 22will return error codes and expects the client to handle as deemed fit. 23 24``` 25 26#ifndef USER_PRINT 27#define CPRINTS(ctx, format, args...)printf(format, ##args) 28#endif 29``` 30 31### Prod/Dev transitions 32 33Prod --> Prod: Allowed \ 34Prod --> Dev: Only if allowlisted/prod_to_dev_downgrade_allowed \ 35Dev --> Prod: Allowed \ 36Dev --> Dev: Allowed 37 38verify_signature: The implementation should check if the signature size passed 39is same as the length of the key 40 41Note: libcr51sign will also provide a companion library with default SW 42implementations of common functions like hash_init/final, 43read_and_hash_update(). 44