/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
* Vboot 2.1 data structures
*
* Offsets should be padded to 32-bit boundaries, since some architectures
* have trouble with accessing unaligned integers.
*/
#ifndef VBOOT_REFERENCE_VB2_STRUCT_H_
#define VBOOT_REFERENCE_VB2_STRUCT_H_
#include <stdint.h>
#include "2guid.h"
/*
* Magic numbers used by vb2_struct_common.magic.
*
* All valid numbers should be listed here to avoid accidental overlap.
* Numbers start at a large value, so that previous parsers (which stored
* things like lengths and offsets at that field) will detect and reject new
* structs as invalid.
*/
enum vb2_struct_common_magic {
/* "Vb2B" = vb2_keyblock.c.magic */
VB2_MAGIC_KEYBLOCK = 0x42326256,
/* "Vb2F" = vb2_fw_preamble.c.magic */
VB2_MAGIC_FW_PREAMBLE = 0x46326256,
/* "Vb2I" = vb2_packed_private_key.c.magic */
VB2_MAGIC_PACKED_PRIVATE_KEY = 0x49326256,
/* "Vb2K" = vb2_kernel_preamble.c.magic */
VB2_MAGIC_KERNEL_PREAMBLE = 0x4b326256,
/* "Vb2P" = vb2_packed_key.c.magic */
VB2_MAGIC_PACKED_KEY = 0x50326256,
/* "Vb2S" = vb2_signature.c.magic */
VB2_MAGIC_SIGNATURE = 0x53326256,
};
/*
* Generic struct header for all vboot2 structs. This makes it easy to
* automatically parse and identify vboot structs (e.g., in futility). This
* must be the first member of the parent vboot2 struct.
*/
struct vb2_struct_common {
/* Magic number; see vb2_struct_common_magic for expected values */
uint32_t magic;
/*
* Parent struct version; see each struct for the expected value.
*
* How to handle struct version mismatches, if the parser is version
* A.b and the data is version C.d:
* 1) If A.b == C.d, we're good.
* 2) If A != C, the data cannot be parsed at all.
* 3) If b < d, C.d is a newer version of data which is backwards-
* compatible to old parsers. We're good.
* 4) If b > d, C.d is an older version of data. The parser should
* use default values for fields added after version d. We're
* good.
*
* Struct versions start at 3.0, since the highest version of the old
* structures was 2.1. This way, there is no possibility of collision
* for old code which depends on the version number.
*/
uint16_t struct_version_major;
uint16_t struct_version_minor;
/*
* Size of the parent structure and all its data, including the
* description and any necessary padding. That is, all data must lie
* in a contiguous region of <total_size> bytes starting at the first
* byte of this header.
*/
uint32_t total_size;
/*
* Size of the fixed portion of the parent structure. If a description
* is present, it must start at this offset.
*/
uint32_t fixed_size;
/*
* The object may contain an ASCII description following the fixed
* portion of the structure. If it is present, it must be
* null-terminated, and padded with 0 (null) bytes to a multiple of 32
* bits.
*
* Size of ASCII description in bytes, counting null terminator and
* padding (if any). Set 0 if no description is present. If non-zero,
* there must be a null terminator (0) at offset (fixed_size +
* desc_size - 1).
*/
uint32_t desc_size;
} __attribute__((packed));
#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20
/* Current version of vb2_packed_key struct */
#define VB2_PACKED_KEY_VERSION_MAJOR 3
#define VB2_PACKED_KEY_VERSION_MINOR 0
/*
* Packed public key data
*
* The key data must be arranged like this:
* 1) vb2_packed_key header struct h
* 2) Key description (pointed to by h.c.fixed_size)
* 3) Key data key (pointed to by h.key_offset)
*/
struct vb2_packed_key {
/* Common header fields */
struct vb2_struct_common c;
/* Offset of key data from start of this struct */
uint32_t key_offset;
/* Size of key data in bytes (NOT strength of key in bits) */
uint32_t key_size;
/* Signature algorithm used by the key (enum vb2_signature_algorithm) */
uint16_t sig_alg;
/*
* Hash digest algorithm used with the key (enum vb2_hash_algorithm).
* This is explicitly specified as part of the key to prevent use of a
* strong key with a weak hash.
*/
uint16_t hash_alg;
/* Key version */
uint32_t key_version;
/* Key GUID */
struct vb2_guid guid;
} __attribute__((packed));
#define EXPECTED_VB2_PACKED_KEY_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
/* Current version of vb2_packed_private_key struct */
#define VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR 3
#define VB2_PACKED_PRIVATE_KEY_VERSION_MINOR 0
/*
* Packed private key data
*
* The key data must be arranged like this:
* 1) vb2_packed_private_key header struct h
* 2) Key description (pointed to by h.c.fixed_size)
* 3) Key data key (pointed to by h.key_offset)
*/
struct vb2_packed_private_key {
/* Common header fields */
struct vb2_struct_common c;
/* Offset of key data from start of this struct */
uint32_t key_offset;
/* Size of key data in bytes (NOT strength of key in bits) */
uint32_t key_size;
/* Signature algorithm used by the key (enum vb2_signature_algorithm) */
uint16_t sig_alg;
/*
* Hash digest algorithm used with the key (enum vb2_hash_algorithm).
* This is explicitly specified as part of the key to prevent use of a
* strong key with a weak hash.
*/
uint16_t hash_alg;
/* Key GUID */
struct vb2_guid guid;
} __attribute__((packed));
#define EXPECTED_VB2_PACKED_PRIVATE_KEY_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 12)
/* Current version of vb2_signature struct */
#define VB2_SIGNATURE_VERSION_MAJOR 3
#define VB2_SIGNATURE_VERSION_MINOR 0
/*
* Signature data
*
* The signature data must be arranged like this:
* 1) vb2_signature header struct h
* 2) Signature description (pointed to by h.c.fixed_size)
* 3) Signature data (pointed to by h.sig_offset)
*/
struct vb2_signature {
/* Common header fields */
struct vb2_struct_common c;
/* Offset of signature data from start of this struct */
uint32_t sig_offset;
/* Size of signature data in bytes */
uint32_t sig_size;
/* Size of the data block which was signed in bytes */
uint32_t data_size;
/* Signature algorithm used (enum vb2_signature_algorithm) */
uint16_t sig_alg;
/* Hash digest algorithm used (enum vb2_hash_algorithm) */
uint16_t hash_alg;
/*
* GUID for the signature.
*
* If this is a keyblock signature entry, this is the GUID of the key
* used to generate this signature. This allows the firmware to
* quickly determine which signature block (if any) goes with the key
* being used by the firmware.
*
* If this is a preamble hash entry, this is the GUID of the data type
* being hashed. There is no key GUID, because sig_alg=VB2_ALG_NONE.
*/
struct vb2_guid guid;
} __attribute__((packed));
#define EXPECTED_VB2_SIGNATURE_SIZE \
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
/* Current version of vb2_keyblock struct */
#define VB2_KEYBLOCK_VERSION_MAJOR 3
#define VB2_KEYBLOCK_VERSION_MINOR 0
/*
* Key block. This contains a signed, versioned key for use in the next stage
* of verified boot.
*
* The key block data must be arranged like this:
* 1) vb2_keyblock header struct h
* 2) Keyblock description (pointed to by h.c.fixed_size)
* 3) Data key (pointed to by h.data_key_offset)
* 4) Signatures (first signature pointed to by h.sig_offset)
*
* The signatures from 4) must cover all the data from 1), 2), 3). That is,
* signatures must sign all data up to sig_offset.
*/
struct vb2_keyblock {
/* Common header fields */
struct vb2_struct_common c;
/* Flags (VB2_KEY_BLOCK_FLAG_*) */
uint32_t flags;
/*
* Offset of key (struct vb2_packed_key) to use in next stage of
* verification, from start of the keyblock.
*/
uint32_t key_offset;
/* Number of keyblock signatures which follow */
uint32_t sig_count;
/*
* Offset of the first signature (struct vb2_signature) from the start
* of the keyblock.
*
* Signatures sign the contents of this struct and the data pointed to
* by data_key_offset, but not themselves or other signatures.
*
* For the firmware, there may be only one signature.
*
* Kernels often have at least two signatures - one using the kernel
* subkey from the RW firmware (for signed kernels) and one which is
* simply a SHA-512 hash (for unsigned developer kernels).
*
* The GUID for each signature indicates which key was used to generate
* the signature.
*/
uint32_t sig_offset;
} __attribute__((packed));
#define EXPECTED_VB2_KEYBLOCK_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16)
/* Current version of vb2_fw_preamble struct */
#define VB2_FW_PREAMBLE_VERSION_MAJOR 3
#define VB2_FW_PREAMBLE_VERSION_MINOR 0
/* Flags for vb2_fw_preamble.flags */
/* Reserved; do not use */
#define VB2_FIRMWARE_PREAMBLE_RESERVED0 0x00000001
/* Do not allow use of any hardware crypto accelerators. */
#define VB2_FIRMWARE_PREAMBLE_DISALLOW_HWCRYPTO 0x00000002
/*
* Firmware preamble
*
* The preamble data must be arranged like this:
* 1) vb2_fw_preamble header struct h
* 2) Preamble description (pointed to by h.c.fixed_size)
* 3) Hashes (pointed to by h.hash_offset)
* 4) Signature (pointed to by h.sig_offset)
*
* The signature 4) must cover all the data from 1), 2), 3).
*/
struct vb2_fw_preamble {
/* Common header fields */
struct vb2_struct_common c;
/* Flags; see VB2_FIRMWARE_PREAMBLE_* */
uint32_t flags;
/* Firmware version */
uint32_t fw_version;
/* Offset of signature (struct vb2_signature) for this preamble */
uint32_t sig_offset;
/*
* The preamble contains a list of hashes (struct vb2_signature) for
* the various firmware components. These have sig_alg=VB2_SIG_NONE,
* and the GUID for each hash identifies the component being hashed.
* The calling firmware is responsible for knowing where to find those
* components, which may be on a different storage device than this
* preamble.
*/
/* Number of hash entries */
uint32_t hash_count;
/* Offset of first hash entry from start of preamble */
uint32_t hash_offset;
} __attribute__((packed));
#define EXPECTED_VB2_FW_PREAMBLE_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20)
#endif /* VBOOT_REFERENCE_VB2_STRUCT_H_ */