Create initial Signature verification class
Initial version of the signature validation infrastructure
for BMC signed image.
Change-Id: I79d8ad10dbb7e3c4f0ffd21609b483be6734b4af
Signed-off-by: Jayanth Othayoth <ojayanth@in.ibm.com>
diff --git a/Makefile.am b/Makefile.am
index c434f21..4e2b209 100755
--- a/Makefile.am
+++ b/Makefile.am
@@ -7,7 +7,8 @@
version.hpp \
image_manager.hpp \
item_updater.hpp \
- activation.hpp
+ activation.hpp \
+ image_verify.hpp
sbin_PROGRAMS = \
phosphor-version-software-manager \
@@ -37,7 +38,8 @@
version.cpp \
serialize.cpp \
item_updater.cpp \
- item_updater_main.cpp
+ item_updater_main.cpp \
+ image_verify.cpp
nodist_phosphor_image_updater_SOURCES = \
org/openbmc/Associations/server.cpp
diff --git a/image_verify.cpp b/image_verify.cpp
new file mode 100644
index 0000000..be5536c
--- /dev/null
+++ b/image_verify.cpp
@@ -0,0 +1,17 @@
+#include "image_verify.hpp"
+
+namespace phosphor
+{
+namespace software
+{
+namespace image
+{
+
+bool Signature::verify()
+{
+ return true;
+}
+
+} // namespace image
+} // namespace software
+} // namespace phosphor
diff --git a/image_verify.hpp b/image_verify.hpp
new file mode 100644
index 0000000..b5c4514
--- /dev/null
+++ b/image_verify.hpp
@@ -0,0 +1,54 @@
+#pragma once
+#include <experimental/filesystem>
+
+namespace phosphor
+{
+namespace software
+{
+namespace image
+{
+
+namespace fs = std::experimental::filesystem;
+
+/** @class Signature
+ * @brief Contains signature verification functions.
+ * @details The software image class that contains the signature
+ * verification functions for signed image.
+ */
+class Signature
+{
+ public:
+ Signature() = delete;
+ Signature(const Signature&) = delete;
+ Signature& operator=(const Signature&) = delete;
+ Signature(Signature&&) = default;
+ Signature& operator=(Signature&&) = default;
+ ~Signature() = default;
+
+ /** @brief Constructs Verify Class
+ *
+ * @param[in] imageDirPath - file path
+ */
+ Signature(const fs::path& imageDirPath) : imageDirPath(imageDirPath){};
+
+ /**
+ * @brief Image signature verification function.
+ * Verify the Manifest and public key file signature using the
+ * public keys available in the system first. After successful
+ * validation, continue the whole image files signature
+ * validation using the image specific public key and the
+ * hash function.
+ *
+ * @return true if signature verification was successful,
+ * false if not
+ */
+ bool verify();
+
+ private:
+ /** @brief Directory where software images are placed*/
+ fs::path imageDirPath;
+};
+
+} // namespace image
+} // namespace software
+} // namespace phosphor