From 5ace0597cefdd34878e30ba3f8dbc2e17026c4e7 Mon Sep 17 00:00:00 2001
From: Dominik Ermel <dominik.ermel@nordicsemi.no>
Date: Thu, 28 Sep 2023 17:13:11 +0000
Subject: [PATCH] boot/bootutil: Split private image API out of image.h

image.h will now only contain applicaiton image related structures
and defines.
The split has been done to reduce need for including extra headers,
for example FIH support and mcuboot_config.h into software that
needs the same defining as MCUboot but implements own functions.

Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
---
 boot/bootutil/include/bootutil/boot_hooks.h   |  3 +
 boot/bootutil/include/bootutil/image.h        | 19 ------
 .../include/bootutil/image_api_priv.h         | 63 +++++++++++++++++++
 boot/bootutil/src/image_validate.c            |  1 +
 4 files changed, 67 insertions(+), 19 deletions(-)
 create mode 100644 boot/bootutil/include/bootutil/image_api_priv.h

diff --git a/boot/bootutil/include/bootutil/boot_hooks.h b/boot/bootutil/include/bootutil/boot_hooks.h
index 6d4a34e87a..348dc729cf 100644
--- a/boot/bootutil/include/bootutil/boot_hooks.h
+++ b/boot/bootutil/include/bootutil/boot_hooks.h
@@ -34,6 +34,9 @@
 #ifndef H_BOOTUTIL_HOOKS
 #define H_BOOTUTIL_HOOKS
 
+#include <bootutil/image.h>
+#include <bootutil/image_api_priv.h>
+
 #ifdef MCUBOOT_IMAGE_ACCESS_HOOKS
 
 #define BOOT_HOOK_CALL(f, ret_default, ...) f(__VA_ARGS__)
diff --git a/boot/bootutil/include/bootutil/image.h b/boot/bootutil/include/bootutil/image.h
index 69ff033b35..c1182eed2b 100644
--- a/boot/bootutil/include/bootutil/image.h
+++ b/boot/bootutil/include/bootutil/image.h
@@ -30,7 +30,6 @@
 
 #include <inttypes.h>
 #include <stdbool.h>
-#include "bootutil/fault_injection_hardening.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -163,13 +162,6 @@ struct image_tlv {
 _Static_assert(sizeof(struct image_header) == IMAGE_HEADER_SIZE,
                "struct image_header not required size");
 
-struct enc_key_data;
-fih_ret bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
-                              struct image_header *hdr,
-                              const struct flash_area *fap,
-                              uint8_t *tmp_buf, uint32_t tmp_buf_sz,
-                              uint8_t *seed, int seed_len, uint8_t *out_hash);
-
 struct image_tlv_iter {
     const struct image_header *hdr;
     const struct flash_area *fap;
@@ -180,17 +172,6 @@ struct image_tlv_iter {
     uint32_t tlv_end;
 };
 
-int bootutil_tlv_iter_begin(struct image_tlv_iter *it,
-                            const struct image_header *hdr,
-                            const struct flash_area *fap, uint16_t type,
-                            bool prot);
-int bootutil_tlv_iter_next(struct image_tlv_iter *it, uint32_t *off,
-                           uint16_t *len, uint16_t *type);
-
-int32_t bootutil_get_img_security_cnt(struct image_header *hdr,
-                                      const struct flash_area *fap,
-                                      uint32_t *security_cnt);
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/boot/bootutil/include/bootutil/image_api_priv.h b/boot/bootutil/include/bootutil/image_api_priv.h
new file mode 100644
index 0000000000..97be5fb09f
--- /dev/null
+++ b/boot/bootutil/include/bootutil/image_api_priv.h
@@ -0,0 +1,63 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Copyright (c) 2016-2019 Linaro LTD
+ * Copyright (c) 2016-2019 JUUL Labs
+ * Copyright (c) 2019-2023 Arm Limited
+ * Copyright (c) 2023 Nordic Semiconductor ASA
+ *
+ * Original license:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+#ifndef H_IMAGE_API_PRIV_
+#define H_IMAGE_API_PRIV_
+
+#include <inttypes.h>
+#include <stdbool.h>
+#include <bootutil/image.h>
+#include <bootutil/fault_injection_hardening.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct enc_key_data;
+fih_ret bootutil_img_validate(struct enc_key_data *enc_state, int image_index,
+                              struct image_header *hdr,
+                              const struct flash_area *fap,
+                              uint8_t *tmp_buf, uint32_t tmp_buf_sz,
+                              uint8_t *seed, int seed_len, uint8_t *out_hash);
+
+int bootutil_tlv_iter_begin(struct image_tlv_iter *it,
+                            const struct image_header *hdr,
+                            const struct flash_area *fap, uint16_t type,
+                            bool prot);
+int bootutil_tlv_iter_next(struct image_tlv_iter *it, uint32_t *off,
+                           uint16_t *len, uint16_t *type);
+
+int32_t bootutil_get_img_security_cnt(struct image_header *hdr,
+                                      const struct flash_area *fap,
+                                      uint32_t *security_cnt);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index 8260e59491..bc691fa2fa 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c
@@ -33,6 +33,7 @@
 #include <flash_map_backend/flash_map_backend.h>
 
 #include "bootutil/image.h"
+#include "bootutil/image_api_priv.h"
 #include "bootutil/crypto/sha256.h"
 #include "bootutil/sign_key.h"
 #include "bootutil/security_cnt.h"