1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/modules/libmar/src/mar_cmdline.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,142 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +#ifndef MAR_CMDLINE_H__
1.9 +#define MAR_CMDLINE_H__
1.10 +
1.11 +/* We use NSPR here just to import the definition of uint32_t */
1.12 +
1.13 +#ifdef __cplusplus
1.14 +extern "C" {
1.15 +#endif
1.16 +
1.17 +struct ProductInformationBlock;
1.18 +
1.19 +/**
1.20 + * Determines MAR file information.
1.21 + *
1.22 + * @param path The path of the MAR file to check.
1.23 + * @param hasSignatureBlock Optional out parameter specifying if the MAR
1.24 + * file has a signature block or not.
1.25 + * @param numSignatures Optional out parameter for storing the number
1.26 + * of signatures in the MAR file.
1.27 + * @param hasAdditionalBlocks Optional out parameter specifying if the MAR
1.28 + * file has additional blocks or not.
1.29 + * @param offsetAdditionalBlocks Optional out parameter for the offset to the
1.30 + * first additional block. Value is only valid if
1.31 + * hasAdditionalBlocks is not equal to 0.
1.32 + * @param numAdditionalBlocks Optional out parameter for the number of
1.33 + * additional blocks. Value is only valid if
1.34 + * has_additional_blocks is not equal to 0.
1.35 + * @return 0 on success and non-zero on failure.
1.36 + */
1.37 +int get_mar_file_info(const char *path,
1.38 + int *hasSignatureBlock,
1.39 + uint32_t *numSignatures,
1.40 + int *hasAdditionalBlocks,
1.41 + uint32_t *offsetAdditionalBlocks,
1.42 + uint32_t *numAdditionalBlocks);
1.43 +
1.44 +/**
1.45 + * Verifies a MAR file by verifying each signature with the corresponding
1.46 + * certificate. That is, the first signature will be verified using the first
1.47 + * certificate given, the second signature will be verified using the second
1.48 + * certificate given, etc. The signature count must exactly match the number of
1.49 + * certificates given, and all signature verifications must succeed.
1.50 + * This is only used by the signmar program when used with arguments to verify
1.51 + * a MAR. This should not be used to verify a MAR that will be extracted in the
1.52 + * same operation by updater code. This function prints the error message if
1.53 + * verification fails.
1.54 + *
1.55 + * @param pathToMAR The path of the MAR file whose signature should be
1.56 + * checked
1.57 + * @param certData Pointer to the first element in an array of certificate
1.58 + * file data.
1.59 + * @param certDataSizes Pointer to the first element in an array for size of
1.60 + * the cert data.
1.61 + * @param certNames Pointer to the first element in an array of certificate
1.62 + * names.
1.63 + * Used only if compiled with NSS support
1.64 + * @param certCount The number of elements in certData, certDataSizes,
1.65 + * and certNames
1.66 + * @return 0 on success
1.67 + * a negative number if there was an error
1.68 + * a positive number if the signature does not verify
1.69 + */
1.70 +int mar_verify_signatures(const char *pathToMAR,
1.71 + const uint8_t * const *certData,
1.72 + const uint32_t *certDataSizes,
1.73 + const char * const *certNames,
1.74 + uint32_t certCount);
1.75 +
1.76 +/**
1.77 + * Reads the product info block from the MAR file's additional block section.
1.78 + * The caller is responsible for freeing the fields in infoBlock
1.79 + * if the return is successful.
1.80 + *
1.81 + * @param infoBlock Out parameter for where to store the result to
1.82 + * @return 0 on success, -1 on failure
1.83 +*/
1.84 +int
1.85 +read_product_info_block(char *path,
1.86 + struct ProductInformationBlock *infoBlock);
1.87 +
1.88 +/**
1.89 + * Refreshes the product information block with the new information.
1.90 + * The input MAR must not be signed or the function call will fail.
1.91 + *
1.92 + * @param path The path to the MAR file whose product info block
1.93 + * should be refreshed.
1.94 + * @param infoBlock Out parameter for where to store the result to
1.95 + * @return 0 on success, -1 on failure
1.96 +*/
1.97 +int
1.98 +refresh_product_info_block(const char *path,
1.99 + struct ProductInformationBlock *infoBlock);
1.100 +
1.101 +/**
1.102 + * Writes out a copy of the MAR at src but with the signature block stripped.
1.103 + *
1.104 + * @param src The path of the source MAR file
1.105 + * @param dest The path of the MAR file to write out that
1.106 + has no signature block
1.107 + * @return 0 on success
1.108 + * -1 on error
1.109 +*/
1.110 +int
1.111 +strip_signature_block(const char *src, const char * dest);
1.112 +
1.113 +/**
1.114 + * Extracts a signature from a MAR file, base64 encodes it, and writes it out
1.115 + *
1.116 + * @param src The path of the source MAR file
1.117 + * @param sigIndex The index of the signature to extract
1.118 + * @param dest The path of file to write the signature to
1.119 + * @return 0 on success
1.120 + * -1 on error
1.121 +*/
1.122 +int
1.123 +extract_signature(const char *src, uint32_t sigIndex, const char * dest);
1.124 +
1.125 +/**
1.126 + * Imports a base64 encoded signature into a MAR file
1.127 + *
1.128 + * @param src The path of the source MAR file
1.129 + * @param sigIndex The index of the signature to import
1.130 + * @param base64SigFile A file which contains the signature to import
1.131 + * @param dest The path of the destination MAR file with replaced signature
1.132 + * @return 0 on success
1.133 + * -1 on error
1.134 +*/
1.135 +int
1.136 +import_signature(const char *src,
1.137 + uint32_t sigIndex,
1.138 + const char * base64SigFile,
1.139 + const char *dest);
1.140 +
1.141 +#ifdef __cplusplus
1.142 +}
1.143 +#endif
1.144 +
1.145 +#endif /* MAR_CMDLINE_H__ */
