1 files changed, 77 insertions, 0 deletions

diff --git a/refimpl/bvb_rsa.h b/refimpl/bvb_rsa.h
new file mode 100644
index 0000000..1b1987f
--- /dev/null
+++ b/refimpl/bvb_rsa.h
@@ -0,0 +1,77 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifdef BVB_INSIDE_BVB_REFIMPL_H
+#error "You can't include bvb_rsa.h in the public header bvb_refimpl.h."
+#endif
+
+#ifndef BVB_REFIMPL_COMPILATION
+#error "Never include this file, it may only be used from internal bvb code."
+#endif
+
+#ifndef BVB_RSA_H_
+#define BVB_RSA_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bvb_sysdeps.h"
+
+/* Size of a RSA-2048 signature. */
+#define BVB_RSA2048_NUM_BYTES 256
+
+/* Size of a RSA-4096 signature. */
+#define BVB_RSA4096_NUM_BYTES 512
+
+/* Size of a RSA-8192 signature. */
+#define BVB_RSA8192_NUM_BYTES 1024
+
+/* Using the key given by |key_header|, verify a RSA signature |sig|
+ * of length |sig_num_bytes| against an expected |hash| of length
+ * |hash_num_bytes|. The padding to expect must be passed in using
+ * |padding| of length |padding_num_bytes|.
+ *
+ * The data in |key| must match the format defined in
+ * |BvbRSAPublicKeyHeader|, including the two large numbers
+ * following. The |key_num_bytes| must be the size of the entire
+ * serialized key.
+ *
+ * Returns zero if verification fails, non-zero otherwise.
+ */
+int bvb_rsa_verify(const uint8_t* key, size_t key_num_bytes,
+                   const uint8_t* sig, size_t sig_num_bytes,
+                   const uint8_t* hash, size_t hash_num_bytes,
+                   const uint8_t* padding, size_t padding_num_bytes);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  /* BVB_RSA_H_ */