travis: add packages for UEFI secure boot test

[oweals/u-boot.git] / include / image.h

diff --git a/include/image.h b/include/image.h
index 928d9d5069e15d4d0b0de1e35cab23bf7760f453..2388c1f2044742b08fde276df0858413171b3c1b 100644 (file)
--- a/include/image.h
+++ b/include/image.h
@@ -939,12 +939,14 @@ int booti_setup(ulong image, ulong *relocated_addr, ulong *size,
 #define FIT_IMAGES_PATH                "/images"
 #define FIT_CONFS_PATH         "/configurations"
 
-/* hash/signature node */
+/* hash/signature/key node */
 #define FIT_HASH_NODENAME      "hash"
 #define FIT_ALGO_PROP          "algo"
 #define FIT_VALUE_PROP         "value"
 #define FIT_IGNORE_PROP                "uboot-ignore"
 #define FIT_SIG_NODENAME       "signature"
+#define FIT_KEY_REQUIRED       "required"
+#define FIT_KEY_HINT           "key-name-hint"
 
 /* cipher node */
 #define FIT_CIPHER_NODENAME    "cipher"
@@ -1092,7 +1094,27 @@ int fit_image_check_comp(const void *fit, int noffset, uint8_t comp);
 int fit_check_format(const void *fit);
 
 int fit_conf_find_compat(const void *fit, const void *fdt);
+
+/**
+ * fit_conf_get_node - get node offset for configuration of a given unit name
+ * @fit: pointer to the FIT format image header
+ * @conf_uname: configuration node unit name (NULL to use default)
+ *
+ * fit_conf_get_node() finds a configuration (within the '/configurations'
+ * parent node) of a provided unit name. If configuration is found its node
+ * offset is returned to the caller.
+ *
+ * When NULL is provided in second argument fit_conf_get_node() will search
+ * for a default configuration node instead. Default configuration node unit
+ * name is retrieved from FIT_DEFAULT_PROP property of the '/configurations'
+ * node.
+ *
+ * returns:
+ *     configuration node offset when found (>=0)
+ *     negative number on failure (FDT_ERR_* code)
+ */
 int fit_conf_get_node(const void *fit, const char *conf_uname);
+
 int fit_conf_get_prop_node_count(const void *fit, int noffset,
                const char *prop_name);
 int fit_conf_get_prop_node_index(const void *fit, int noffset,
@@ -1170,6 +1192,13 @@ struct image_sign_info {
        int required_keynode;           /* Node offset of key to use: -1=any */
        const char *require_keys;       /* Value for 'required' property */
        const char *engine_id;          /* Engine to use for signing */
+       /*
+        * Note: the following two fields are always valid even w/o
+        * RSA_VERIFY_WITH_PKEY in order to make sure this structure is
+        * the same on target and host. Otherwise, vboot test may fail.
+        */
+       const void *key;                /* Pointer to public key in DER */
+       int keylen;                     /* Length of public key */
 };
 
 /* A part of an image, used for hashing */