xref: /openbmc/u-boot/lib/libavb/avb_rsa.h (revision 4ac5df4b) 
1*897a1d94STom Rini /* SPDX-License-Identifier: MIT OR BSD-3-Clause */
2d8f9d2afSIgor Opaniuk /*
3d8f9d2afSIgor Opaniuk  * Copyright (C) 2016 The Android Open Source Project
4d8f9d2afSIgor Opaniuk  */
5d8f9d2afSIgor Opaniuk 
6d8f9d2afSIgor Opaniuk /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
7d8f9d2afSIgor Opaniuk  * Use of this source code is governed by a BSD-style license that can be
8d8f9d2afSIgor Opaniuk  * found in the LICENSE file.
9d8f9d2afSIgor Opaniuk  */
10d8f9d2afSIgor Opaniuk 
11d8f9d2afSIgor Opaniuk #ifdef AVB_INSIDE_LIBAVB_H
12d8f9d2afSIgor Opaniuk #error "You can't include avb_rsa.h in the public header libavb.h."
13d8f9d2afSIgor Opaniuk #endif
14d8f9d2afSIgor Opaniuk 
15d8f9d2afSIgor Opaniuk #ifndef AVB_COMPILATION
16d8f9d2afSIgor Opaniuk #error "Never include this file, it may only be used from internal avb code."
17d8f9d2afSIgor Opaniuk #endif
18d8f9d2afSIgor Opaniuk 
19d8f9d2afSIgor Opaniuk #ifndef AVB_RSA_H_
20d8f9d2afSIgor Opaniuk #define AVB_RSA_H_
21d8f9d2afSIgor Opaniuk 
22d8f9d2afSIgor Opaniuk #ifdef __cplusplus
23d8f9d2afSIgor Opaniuk extern "C" {
24d8f9d2afSIgor Opaniuk #endif
25d8f9d2afSIgor Opaniuk 
26d8f9d2afSIgor Opaniuk #include "avb_crypto.h"
27d8f9d2afSIgor Opaniuk #include "avb_sysdeps.h"
28d8f9d2afSIgor Opaniuk 
29d8f9d2afSIgor Opaniuk /* Using the key given by |key|, verify a RSA signature |sig| of
30d8f9d2afSIgor Opaniuk  * length |sig_num_bytes| against an expected |hash| of length
31d8f9d2afSIgor Opaniuk  * |hash_num_bytes|. The padding to expect must be passed in using
32d8f9d2afSIgor Opaniuk  * |padding| of length |padding_num_bytes|.
33d8f9d2afSIgor Opaniuk  *
34d8f9d2afSIgor Opaniuk  * The data in |key| must match the format defined in
35d8f9d2afSIgor Opaniuk  * |AvbRSAPublicKeyHeader|, including the two large numbers
36d8f9d2afSIgor Opaniuk  * following. The |key_num_bytes| must be the size of the entire
37d8f9d2afSIgor Opaniuk  * serialized key.
38d8f9d2afSIgor Opaniuk  *
39d8f9d2afSIgor Opaniuk  * Returns false if verification fails, true otherwise.
40d8f9d2afSIgor Opaniuk  */
41d8f9d2afSIgor Opaniuk bool avb_rsa_verify(const uint8_t* key,
42d8f9d2afSIgor Opaniuk                     size_t key_num_bytes,
43d8f9d2afSIgor Opaniuk                     const uint8_t* sig,
44d8f9d2afSIgor Opaniuk                     size_t sig_num_bytes,
45d8f9d2afSIgor Opaniuk                     const uint8_t* hash,
46d8f9d2afSIgor Opaniuk                     size_t hash_num_bytes,
47d8f9d2afSIgor Opaniuk                     const uint8_t* padding,
48d8f9d2afSIgor Opaniuk                     size_t padding_num_bytes) AVB_ATTR_WARN_UNUSED_RESULT;
49d8f9d2afSIgor Opaniuk 
50d8f9d2afSIgor Opaniuk #ifdef __cplusplus
51d8f9d2afSIgor Opaniuk }
52d8f9d2afSIgor Opaniuk #endif
53d8f9d2afSIgor Opaniuk 
54d8f9d2afSIgor Opaniuk #endif /* AVB_RSA_H_ */
55