diff options
author | Gaurav Shah <gauravsh@chromium.org> | 2010-03-31 10:56:49 -0700 |
---|---|---|
committer | Gaurav Shah <gauravsh@chromium.org> | 2010-03-31 10:56:49 -0700 |
commit | 5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9 (patch) | |
tree | 07e0b1581437d7d0fd62130f432a12b750a5bc25 | |
parent | 21c3f7fef79e1c6830c883b484d96c059012b18f (diff) | |
download | vboot-5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9.tar.gz |
combined patch for:
http://codereview.chromium.org/1574005
http://codereview.chromium.org/1604001
Review URL: http://codereview.chromium.org/1585007
43 files changed, 240 insertions, 260 deletions
diff --git a/crypto/genpadding.sh b/crypto/genpadding.sh index 6086c8de..baac71bd 100755 --- a/crypto/genpadding.sh +++ b/crypto/genpadding.sh @@ -48,8 +48,7 @@ cat <<EOF EOF -echo '#include "rsa.h"' -echo '#include "sha.h"' +echo '#include "cryptolib.h"' echo echo cat <<EOF @@ -172,6 +171,18 @@ done echo "};" echo +# Generate signature algorithm to messge digest algorithm map. +echo "const int hash_type_map[] = {" +for rsaalgo in ${RSAAlgos[@]} +do + for hashalgo in ${HashAlgos[@]} + do + echo ${hashalgo}_DIGEST_ALGORITHM, + done +done +echo "};" +echo + # Generate algorithm to message digest's output size map. echo "const int hash_size_map[NUMALGORITHMS] = {" for rsaalgo in ${RSAAlgos[@]} diff --git a/crypto/padding.c b/crypto/padding.c index 5580d6ef..14d94458 100644 --- a/crypto/padding.c +++ b/crypto/padding.c @@ -5,8 +5,7 @@ * arrays corresponding to various combinations of algorithms for RSA signatures. */ -#include "rsa.h" -#include "sha.h" +#include "cryptolib.h" /* @@ -170,6 +169,21 @@ RSA8192NUMBYTES - SHA256_DIGEST_SIZE, RSA8192NUMBYTES - SHA512_DIGEST_SIZE, }; +const int hash_type_map[] = { +SHA1_DIGEST_ALGORITHM, +SHA256_DIGEST_ALGORITHM, +SHA512_DIGEST_ALGORITHM, +SHA1_DIGEST_ALGORITHM, +SHA256_DIGEST_ALGORITHM, +SHA512_DIGEST_ALGORITHM, +SHA1_DIGEST_ALGORITHM, +SHA256_DIGEST_ALGORITHM, +SHA512_DIGEST_ALGORITHM, +SHA1_DIGEST_ALGORITHM, +SHA256_DIGEST_ALGORITHM, +SHA512_DIGEST_ALGORITHM, +}; + const int hash_size_map[NUMALGORITHMS] = { SHA1_DIGEST_SIZE, SHA256_DIGEST_SIZE, diff --git a/crypto/rsa.c b/crypto/rsa.c index c84ae4e8..bfc64469 100644 --- a/crypto/rsa.c +++ b/crypto/rsa.c @@ -8,10 +8,7 @@ * support multiple RSA key lengths and hash digest algorithms. */ -#include <stdio.h> - -#include "padding.h" -#include "rsa.h" +#include "cryptolib.h" #include "utility.h" /* a[] -= mod */ @@ -138,17 +135,17 @@ int RSAVerify(const RSAPublicKey *key, int success = 1; if (sig_len != (key->len * sizeof(uint32_t))) { - fprintf(stderr, "Signature is of incorrect length!\n"); + debug("Signature is of incorrect length!\n"); return 0; } if (sig_type >= kNumAlgorithms) { - fprintf(stderr, "Invalid signature type!\n"); + debug("Invalid signature type!\n"); return 0; } if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) { - fprintf(stderr, "Wrong key passed in!\n"); + debug("Wrong key passed in!\n"); return 0; } @@ -165,7 +162,7 @@ int RSAVerify(const RSAPublicKey *key, if (buf[i] != padding[i]) { #ifndef NDEBUG /* TODO(gauravsh): Replace with a macro call for logging. */ - fprintf(stderr, "Padding: Expecting = %02x Got = %02x\n", padding[i], + debug("Padding: Expecting = %02x Got = %02x\n", padding[i], buf[i]); #endif success = 0; @@ -177,7 +174,7 @@ int RSAVerify(const RSAPublicKey *key, if (buf[i] != *hash++) { #ifndef NDEBUG /* TODO(gauravsh): Replace with a macro call for logging. */ - fprintf(stderr, "Digest: Expecting = %02x Got = %02x\n", padding[i], + debug("Digest: Expecting = %02x Got = %02x\n", padding[i], buf[i]); #endif success = 0; diff --git a/crypto/rsa_utility.c b/crypto/rsa_utility.c index 5ac2db4b..bf322844 100644 --- a/crypto/rsa_utility.c +++ b/crypto/rsa_utility.c @@ -2,12 +2,10 @@ * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. * - * Utility functions for message digest functions. + * Implementation of RSA utility functions. */ -#include "padding.h" -#include "rsa_utility.h" -#include "sha_utility.h" +#include "cryptolib.h" #include "utility.h" int RSAProcessedKeySize(int algorithm) { diff --git a/crypto/sha1.c b/crypto/sha1.c index 5844eccd..41b729b1 100644 --- a/crypto/sha1.c +++ b/crypto/sha1.c @@ -1,13 +1,14 @@ /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. - */ - -/* SHA-1 implementation largely based on libmincrypt in the the Android + * + * SHA-1 implementation largely based on libmincrypt in the the Android * Open Source Project (platorm/system/core.git/libmincrypt/sha.c */ -#include "sha.h" +#include "cryptolib.h" +#include "utility.h" + /* Some machines lack byteswap.h and endian.h. These have to use the * slower code, even if they're little-endian. @@ -134,7 +135,7 @@ void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len) { ctx->count += len; while (len > sizeof(ctx->buf) - i) { - memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i); + Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i); len -= sizeof(ctx->buf) - i; p += sizeof(ctx->buf) - i; SHA1_Transform(ctx); diff --git a/crypto/sha2.c b/crypto/sha2.c index 320bccbc..7f476567 100644 --- a/crypto/sha2.c +++ b/crypto/sha2.c @@ -35,8 +35,8 @@ * SUCH DAMAGE. */ -#include "sha.h" -#include <string.h> +#include "cryptolib.h" +#include "utility.h" #define SHFR(x, n) (x >> n) #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) @@ -340,7 +340,7 @@ void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) { tmp_len = SHA256_BLOCK_SIZE - ctx->len; rem_len = len < tmp_len ? len : tmp_len; - memcpy(&ctx->block[ctx->len], data, rem_len); + Memcpy(&ctx->block[ctx->len], data, rem_len); if (ctx->len + len < SHA256_BLOCK_SIZE) { ctx->len += len; @@ -357,7 +357,7 @@ void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) { rem_len = new_len % SHA256_BLOCK_SIZE; - memcpy(ctx->block, &shifted_data[block_nb << 6], + Memcpy(ctx->block, &shifted_data[block_nb << 6], rem_len); ctx->len = rem_len; @@ -528,7 +528,7 @@ void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, tmp_len = SHA512_BLOCK_SIZE - ctx->len; rem_len = len < tmp_len ? len : tmp_len; - memcpy(&ctx->block[ctx->len], data, rem_len); + Memcpy(&ctx->block[ctx->len], data, rem_len); if (ctx->len + len < SHA512_BLOCK_SIZE) { ctx->len += len; @@ -545,7 +545,7 @@ void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, rem_len = new_len % SHA512_BLOCK_SIZE; - memcpy(ctx->block, &shifted_data[block_nb << 7], + Memcpy(ctx->block, &shifted_data[block_nb << 7], rem_len); ctx->len = rem_len; diff --git a/crypto/sha_utility.c b/crypto/sha_utility.c index 1478a7a4..4e266f7c 100644 --- a/crypto/sha_utility.c +++ b/crypto/sha_utility.c @@ -5,36 +5,11 @@ * Utility functions for message digest functions. */ -#include "sha_utility.h" - -#include <fcntl.h> -#include <unistd.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/types.h> -#include <sys/stat.h> - -#include "sha.h" +#include "cryptolib.h" #include "utility.h" -int digest_type_map[] = { - SHA1_DIGEST_ALGORITHM, /* RSA 1024 */ - SHA256_DIGEST_ALGORITHM, - SHA512_DIGEST_ALGORITHM, - SHA1_DIGEST_ALGORITHM, /* RSA 2048 */ - SHA256_DIGEST_ALGORITHM, - SHA512_DIGEST_ALGORITHM, - SHA1_DIGEST_ALGORITHM, /* RSA 4096 */ - SHA256_DIGEST_ALGORITHM, - SHA512_DIGEST_ALGORITHM, - SHA1_DIGEST_ALGORITHM, /* RSA 8192 */ - SHA256_DIGEST_ALGORITHM, - SHA512_DIGEST_ALGORITHM, -}; - void DigestInit(DigestContext* ctx, int sig_algorithm) { - ctx->algorithm = digest_type_map[sig_algorithm]; + ctx->algorithm = hash_type_map[sig_algorithm]; switch(ctx->algorithm) { case SHA1_DIGEST_ALGORITHM: ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX)); @@ -87,27 +62,6 @@ uint8_t* DigestFinal(DigestContext* ctx) { return digest; } -uint8_t* DigestFile(char* input_file, int sig_algorithm) { - int input_fd, len; - uint8_t data[SHA1_BLOCK_SIZE]; - uint8_t* digest = NULL; - DigestContext ctx; - - if( (input_fd = open(input_file, O_RDONLY)) == -1 ) { - fprintf(stderr, "Couldn't open input file.\n"); - return NULL; - } - DigestInit(&ctx, sig_algorithm); - while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) == - SHA1_BLOCK_SIZE) - DigestUpdate(&ctx, data, len); - if (len != -1) - DigestUpdate(&ctx, data, len); - digest = DigestFinal(&ctx); - close(input_fd); - return digest; -} - uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) { uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */ /* Define an array mapping [sig_algorithm] to function pointers to the diff --git a/include/cryptolib.h b/include/cryptolib.h new file mode 100644 index 00000000..b65a71db --- /dev/null +++ b/include/cryptolib.h @@ -0,0 +1,15 @@ +/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Firmware Cryptolib includes. + */ + +#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ +#define VBOOT_REFERENCE_CRYPTOLIB_H_ + +#include "padding.h" +#include "rsa.h" +#include "sha.h" + +#endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */ diff --git a/include/file_keys.h b/include/file_keys.h index 6e3851c8..eac4df0e 100644 --- a/include/file_keys.h +++ b/include/file_keys.h @@ -8,7 +8,7 @@ #ifndef VBOOT_REFERENCE_FILE_KEYS_H_ #define VBOOT_REFERENCE_FILE_KEYS_H_ -#include "rsa.h" +#include "cryptolib.h" /* Read file named [input_file] into a buffer and stores the length into * [len]. @@ -25,6 +25,12 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len); */ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file); +/* Returns the appropriate digest for the data in [input_file] + * based on the signature [algorithm]. + * Caller owns the returned digest and must free it. + */ +uint8_t* DigestFile(char* input_file, int sig_algorithm); + /* Helper function to invoke external program to calculate signature on * [input_file] using private key [key_file] and signature algorithm * [algorithm]. diff --git a/include/firmware_image_fw.h b/include/firmware_image_fw.h index 53b558ae..dc6db90d 100644 --- a/include/firmware_image_fw.h +++ b/include/firmware_image_fw.h @@ -10,8 +10,7 @@ #define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_ #include <stdint.h> -#include "rsa.h" -#include "sha.h" +#include "cryptolib.h" #define FIRMWARE_MAGIC "CHROMEOS" #define FIRMWARE_MAGIC_SIZE 8 diff --git a/include/kernel_image_fw.h b/include/kernel_image_fw.h index d299b5a2..6446e8c1 100644 --- a/include/kernel_image_fw.h +++ b/include/kernel_image_fw.h @@ -10,8 +10,8 @@ #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_ #include <stdint.h> -#include "rsa.h" -#include "sha.h" + +#include "cryptolib.h" #define KERNEL_MAGIC "CHROMEOS" #define KERNEL_MAGIC_SIZE 8 diff --git a/include/padding.h b/include/padding.h index 938cec2f..8d8fc95f 100644 --- a/include/padding.h +++ b/include/padding.h @@ -6,7 +6,11 @@ #ifndef VBOOT_REFERENCE_PADDING_H_ #define VBOOT_REFERENCE_PADDING_H_ -#include <inttypes.h> +#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ +#error "Do not include this file directly. Use cryptolib.h instead." +#endif + +#include <stdint.h> extern const uint8_t paddingRSA1024_SHA1[]; extern const uint8_t paddingRSA1024_SHA256[]; @@ -27,6 +31,7 @@ extern const int digestinfo_size_map[]; extern const int siglen_map[]; extern const uint8_t* padding_map[]; extern const int padding_size_map[]; +extern const int hash_type_map[]; extern const int hash_size_map[]; extern const int hash_blocksize_map[]; extern const uint8_t* hash_digestinfo_map[]; diff --git a/include/rsa.h b/include/rsa.h index 8f2ede8a..1a458037 100644 --- a/include/rsa.h +++ b/include/rsa.h @@ -6,7 +6,11 @@ #ifndef VBOOT_REFERENCE_RSA_H_ #define VBOOT_REFERENCE_RSA_H_ -#include <inttypes.h> +#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ +#error "Do not include this file directly. Use cryptolib.h instead." +#endif + +#include <stdint.h> #define RSA1024NUMBYTES 128 /* 1024 bit key length */ #define RSA2048NUMBYTES 256 /* 2048 bit key length */ @@ -29,9 +33,59 @@ typedef struct RSAPublicKey { * against an expected [hash] using [key]. Returns 0 on failure, 1 on success. */ int RSAVerify(const RSAPublicKey *key, - const uint8_t* sig, - const int sig_len, - const uint8_t sig_type, - const uint8_t* hash); + const uint8_t* sig, + const int sig_len, + const uint8_t sig_type, + const uint8_t* hash); + +/* Perform RSA signature verification on [buf] of length [len] against expected + * signature [sig] using signature algorithm [algorithm]. The public key used + * for verification can either be in the form of a pre-process key blob + * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must + * be non-NULL, and the other NULL or the function will fail. + * + * Returns 1 on verification success, 0 on verification failure or invalid + * arguments. + * + * Note: This function is for use in the firmware and assumes all pointers point + * to areas in the memory of the right size. + * + */ +int RSAVerifyBinary_f(const uint8_t* key_blob, + const RSAPublicKey* key, + const uint8_t* buf, + uint64_t len, + const uint8_t* sig, + int algorithm); + +/* Version of RSAVerifyBinary_f() where instead of the raw binary blob + * of data, its digest is passed as the argument. */ +int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, + const RSAPublicKey* key, + const uint8_t* digest, + const uint8_t* sig, + int algorithm); + + +/* ----Some additional utility functions for RSA.---- */ + +/* Returns the size of a pre-processed RSA public key in bytes with algorithm + * [algorithm]. */ +int RSAProcessedKeySize(int algorithm); + +/* Allocate a new RSAPublicKey structure and initialize its pointer fields to + * NULL */ +RSAPublicKey* RSAPublicKeyNew(void); + +/* Deep free the contents of [key]. */ +void RSAPublicKeyFree(RSAPublicKey* key); + +/* Create a RSAPublic key structure from binary blob [buf] of length + * [len]. + * + * Caller owns the returned key and must free it. + */ +RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len); + #endif /* VBOOT_REFERENCE_RSA_H_ */ diff --git a/include/rsa_utility.h b/include/rsa_utility.h deleted file mode 100644 index 652227c3..00000000 --- a/include/rsa_utility.h +++ /dev/null @@ -1,58 +0,0 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Some utility functions for use with RSA signature verification. - */ - -#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_ -#define VBOOT_REFERENCE_RSA_UTILITY_H_ - -#include "rsa.h" - -/* Returns the size of a pre-processed RSA public key in bytes with algorithm - * [algorithm]. */ -int RSAProcessedKeySize(int algorithm); - -/* Allocate a new RSAPublicKey structure and initialize its pointer fields to - * NULL */ -RSAPublicKey* RSAPublicKeyNew(void); - -/* Deep free the contents of [key]. */ -void RSAPublicKeyFree(RSAPublicKey* key); - -/* Create a RSAPublic key structure from binary blob [buf] of length - * [len]. - * - * Caller owns the returned key and must free it. - */ -RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len); - -/* Perform RSA signature verification on [buf] of length [len] against expected - * signature [sig] using signature algorithm [algorithm]. The public key used - * for verification can either be in the form of a pre-process key blob - * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must - * be non-NULL, and the other NULL or the function will fail. - * - * Returns 1 on verification success, 0 on verification failure or invalid - * arguments. - * - * Note: This function is for use in the firmware and assumes all pointers point - * to areas in the memory of the right size. - * - */ -int RSAVerifyBinary_f(const uint8_t* key_blob, - const RSAPublicKey* key, - const uint8_t* buf, - uint64_t len, - const uint8_t* sig, - int algorithm); - -/* Version of RSAVerifyBinary_f() where instead of the raw binary blob - * of data, its digest is passed as the argument. */ -int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob, - const RSAPublicKey* key, - const uint8_t* digest, - const uint8_t* sig, - int algorithm); -#endif /* VBOOT_REFERENCE_RSA_UTILITY_H_ */ diff --git a/include/sha.h b/include/sha.h index c3edcbc2..16868942 100644 --- a/include/sha.h +++ b/include/sha.h @@ -8,8 +8,11 @@ #ifndef VBOOT_REFERENCE_SHA_H_ #define VBOOT_REFERENCE_SHA_H_ -#include <inttypes.h> -#include <string.h> +#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ +#error "Do not include this file directly. Use cryptolib.h instead." +#endif + +#include <stdint.h> #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 @@ -81,4 +84,45 @@ uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest); uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest); +/*---- Utility functions/wrappers for message digests. */ + +#define SHA1_DIGEST_ALGORITHM 0 +#define SHA256_DIGEST_ALGORITHM 1 +#define SHA512_DIGEST_ALGORITHM 2 + +/* A generic digest context structure which can be used to represent + * the SHA*_CTX for multiple digest algorithms. + */ +typedef struct DigestContext { + SHA1_CTX* sha1_ctx; + SHA256_CTX* sha256_ctx; + SHA512_CTX* sha512_ctx; + int algorithm; /* Hashing algorithm to use. */ +} DigestContext; + +/* Wrappers for message digest algorithms. These are useful when the hashing + * operation is being done in parallel with something else. DigestContext tracks + * and stores the state of any digest algorithm (one at any given time). + */ + +/* Initialize a digest context for use with signature algorithm [algorithm]. */ +void DigestInit(DigestContext* ctx, int sig_algorithm); +void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len); + +/* Caller owns the returned digest and must free it. */ +uint8_t* DigestFinal(DigestContext* ctx); + +/* Returns the appropriate digest for the data in [input_file] + * based on the signature [algorithm]. + * Caller owns the returned digest and must free it. + */ +uint8_t* DigestFile(char* input_file, int sig_algorithm); + +/* Returns the appropriate digest of [buf] of length + * [len] based on the signature [algorithm]. + * Caller owns the returned digest and must free it. + */ +uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm); + + #endif /* VBOOT_REFERENCE_SHA_H_ */ diff --git a/include/sha_utility.h b/include/sha_utility.h deleted file mode 100644 index 21a5e18a..00000000 --- a/include/sha_utility.h +++ /dev/null @@ -1,53 +0,0 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Utility functions for message digests. -*/ - -#ifndef VBOOT_REFERENCE_SHA_UTILITY_H_ -#define VBOOT_REFERENCE_SHA_UTILITY_H_ - -#include <inttypes.h> - -#include "sha.h" - -#define SHA1_DIGEST_ALGORITHM 0 -#define SHA256_DIGEST_ALGORITHM 1 -#define SHA512_DIGEST_ALGORITHM 2 - -/* A generic digest context structure which can be used to represent - * the SHA*_CTX for multiple digest algorithms. - */ -typedef struct DigestContext { - SHA1_CTX* sha1_ctx; - SHA256_CTX* sha256_ctx; - SHA512_CTX* sha512_ctx; - int algorithm; /* Hashing algorithm to use. */ -} DigestContext; - -/* Wrappers for message digest algorithms. These are useful when the hashing - * operation is being done in parallel with something else. DigestContext tracks - * and stores the state of any digest algorithm (one at any given time). - */ - -/* Initialize a digest context for use with signature algorithm [algorithm]. */ -void DigestInit(DigestContext* ctx, int sig_algorithm); -void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len); - -/* Caller owns the returned digest and must free it. */ -uint8_t* DigestFinal(DigestContext* ctx); - -/* Returns the appropriate digest for the data in [input_file] - * based on the signature [algorithm]. - * Caller owns the returned digest and must free it. - */ -uint8_t* DigestFile(char* input_file, int sig_algorithm); - -/* Returns the appropriate digest of [buf] of length - * [len] based on the signature [algorithm]. - * Caller owns the returned digest and must free it. - */ -uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm); - -#endif /* VBOOT_REFERENCE_SHA_UTILITY_H_ */ diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c index 2368b471..44328ea9 100644 --- a/tests/big_firmware_tests.c +++ b/tests/big_firmware_tests.c @@ -9,9 +9,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c index 7fc5fb36..c78f622f 100644 --- a/tests/big_kernel_tests.c +++ b/tests/big_kernel_tests.c @@ -9,9 +9,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/firmware_image_tests.c b/tests/firmware_image_tests.c index fd195606..a2ce472f 100644 --- a/tests/firmware_image_tests.c +++ b/tests/firmware_image_tests.c @@ -8,9 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c index 9973ec73..3608db73 100644 --- a/tests/firmware_rollback_tests.c +++ b/tests/firmware_rollback_tests.c @@ -8,9 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "rsa_utility.h" #include "utility.h" #include "rollback_index.h" #include "test_common.h" diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c index c71b8b42..c3259b76 100644 --- a/tests/firmware_splicing_tests.c +++ b/tests/firmware_splicing_tests.c @@ -8,10 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "padding.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/firmware_verify_benchmark.c b/tests/firmware_verify_benchmark.c index 8eafc70c..3d06dc93 100644 --- a/tests/firmware_verify_benchmark.c +++ b/tests/firmware_verify_benchmark.c @@ -8,10 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "padding.h" -#include "rsa_utility.h" #include "test_common.h" #include "timer_utils.h" #include "utility.h" diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c index c8f80356..eee0417c 100644 --- a/tests/kernel_image_tests.c +++ b/tests/kernel_image_tests.c @@ -8,9 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c index eafbaaa0..08f874ca 100644 --- a/tests/kernel_rollback_tests.c +++ b/tests/kernel_rollback_tests.c @@ -8,9 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "rsa_utility.h" #include "rollback_index.h" #include "test_common.h" #include "utility.h" diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c index da29eb1f..d4c9bb5d 100644 --- a/tests/kernel_splicing_tests.c +++ b/tests/kernel_splicing_tests.c @@ -8,10 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "padding.h" -#include "rsa_utility.h" #include "test_common.h" #include "utility.h" diff --git a/tests/kernel_verify_benchmark.c b/tests/kernel_verify_benchmark.c index c3259fc5..369785c8 100644 --- a/tests/kernel_verify_benchmark.c +++ b/tests/kernel_verify_benchmark.c @@ -8,10 +8,9 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "padding.h" -#include "rsa_utility.h" #include "test_common.h" #include "timer_utils.h" #include "utility.h" diff --git a/tests/rollback_index_mock.c b/tests/rollback_index_mock.c index 63172143..37dde48c 100644 --- a/tests/rollback_index_mock.c +++ b/tests/rollback_index_mock.c @@ -7,8 +7,8 @@ #include "rollback_index.h" -#include <stdio.h> #include <stdint.h> +#include <stdio.h> uint16_t g_firmware_key_version = 0; uint16_t g_firmware_version = 0; diff --git a/tests/rsa_padding_test.c b/tests/rsa_padding_test.c index b565e789..4ccb4b44 100644 --- a/tests/rsa_padding_test.c +++ b/tests/rsa_padding_test.c @@ -7,8 +7,8 @@ #include <stdio.h> +#include "cryptolib.h" #include "file_keys.h" -#include "rsa_utility.h" int main(int argc, char* argv[]) { int i; diff --git a/tests/rsa_padding_test.h b/tests/rsa_padding_test.h index 22577845..ce1ab247 100644 --- a/tests/rsa_padding_test.h +++ b/tests/rsa_padding_test.h @@ -12,9 +12,7 @@ #ifndef VBOOT_REFERENCE_RSA_PADDING_TEST_H_ #define VBOOT_REFERENCE_RSA_PADDING_TEST_H_ -#include <inttypes.h> - -#include "rsa.h" +#include "cryptolib.h" /* The modulus of the public key (RSA-1024). */ static const uint8_t pubkey_n[] = { diff --git a/tests/rsa_verify_benchmark.c b/tests/rsa_verify_benchmark.c index ba108be2..ccd6eafa 100644 --- a/tests/rsa_verify_benchmark.c +++ b/tests/rsa_verify_benchmark.c @@ -6,10 +6,8 @@ #include <stdio.h> #include <stdlib.h> +#include "cryptolib.h" #include "file_keys.h" -#include "padding.h" -#include "rsa.h" -#include "rsa_utility.h" #include "timer_utils.h" #include "utility.h" diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c index b36695b5..8532ffa8 100644 --- a/tests/sha_benchmark.c +++ b/tests/sha_benchmark.c @@ -6,7 +6,7 @@ #include <stdio.h> #include <stdlib.h> -#include "sha.h" +#include "cryptolib.h" #include "timer_utils.h" #include "utility.h" diff --git a/tests/sha_test_vectors.h b/tests/sha_test_vectors.h index 640c06b9..c75e9165 100644 --- a/tests/sha_test_vectors.h +++ b/tests/sha_test_vectors.h @@ -8,15 +8,15 @@ #ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_ #define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_ -#include "sha.h" +#include "cryptolib.h" -char *oneblock_msg = "abc"; -char *multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl" +char* oneblock_msg = "abc"; +char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl" "jklmklmnlmnomnopnopq"; -char *multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi" +char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi" "jklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnop" "qrsmnopqrstnopqrstu"; -char *long_msg; +char* long_msg; uint8_t sha1_results[][SHA1_DIGEST_SIZE] = { { diff --git a/tests/sha_tests.c b/tests/sha_tests.c index 2c07b3fc..2b75a037 100644 --- a/tests/sha_tests.c +++ b/tests/sha_tests.c @@ -9,8 +9,7 @@ #include <stdlib.h> #include <string.h> -#include "sha.h" - +#include "cryptolib.h" #include "sha_test_vectors.h" int SHA1_tests(void) { diff --git a/tests/test_common.c b/tests/test_common.c index b57f6ed8..25913102 100644 --- a/tests/test_common.c +++ b/tests/test_common.c @@ -9,8 +9,8 @@ #include <stdio.h> +#include "cryptolib.h" #include "file_keys.h" -#include "rsa_utility.h" #include "utility.h" /* ANSI Color coding sequences. */ diff --git a/utils/file_keys.c b/utils/file_keys.c index 84383514..275ca6b7 100644 --- a/utils/file_keys.c +++ b/utils/file_keys.c @@ -15,8 +15,7 @@ #include <sys/types.h> #include <unistd.h> -#include "padding.h" -#include "rsa_utility.h" +#include "cryptolib.h" #include "signature_digest.h" #include "utility.h" @@ -60,6 +59,27 @@ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) { return key; } +uint8_t* DigestFile(char* input_file, int sig_algorithm) { + int input_fd, len; + uint8_t data[SHA1_BLOCK_SIZE]; + uint8_t* digest = NULL; + DigestContext ctx; + + if( (input_fd = open(input_file, O_RDONLY)) == -1 ) { + debug("Couldn't open input file.\n"); + return NULL; + } + DigestInit(&ctx, sig_algorithm); + while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) == + SHA1_BLOCK_SIZE) + DigestUpdate(&ctx, data, len); + if (len != -1) + DigestUpdate(&ctx, data, len); + digest = DigestFinal(&ctx); + close(input_fd); + return digest; +} + uint8_t* SignatureFile(const char* input_file, const char* key_file, int algorithm) { char* sign_utility = "./sign_data.sh"; diff --git a/utils/firmware_image.c b/utils/firmware_image.c index 803ef893..b633d1a7 100644 --- a/utils/firmware_image.c +++ b/utils/firmware_image.c @@ -7,16 +7,13 @@ #include "firmware_image.h" -#include <fcntl.h> -#include <limits.h> #include <sys/types.h> #include <sys/stat.h> +#include <fcntl.h> #include <unistd.h> +#include "cryptolib.h" #include "file_keys.h" -#include "padding.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "signature_digest.h" #include "utility.h" diff --git a/utils/firmware_image_fw.c b/utils/firmware_image_fw.c index f5c7d891..5387d95b 100644 --- a/utils/firmware_image_fw.c +++ b/utils/firmware_image_fw.c @@ -8,10 +8,8 @@ #include "firmware_image_fw.h" -#include "padding.h" +#include "cryptolib.h" #include "rollback_index.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "utility.h" /* Macro to determine the size of a field structure in the FirmwareImage diff --git a/utils/firmware_utility.cc b/utils/firmware_utility.cc index 6b543f52..85275e73 100644 --- a/utils/firmware_utility.cc +++ b/utils/firmware_utility.cc @@ -17,11 +17,9 @@ #include <iostream> extern "C" { +#include "cryptolib.h" #include "file_keys.h" #include "firmware_image.h" -#include "padding.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "utility.h" } diff --git a/utils/kernel_image.c b/utils/kernel_image.c index e66ce384..8c8c0922 100644 --- a/utils/kernel_image.c +++ b/utils/kernel_image.c @@ -14,11 +14,9 @@ #include <sys/stat.h> #include <unistd.h> +#include "cryptolib.h" #include "file_keys.h" -#include "padding.h" #include "rollback_index.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "signature_digest.h" #include "utility.h" diff --git a/utils/kernel_image_fw.c b/utils/kernel_image_fw.c index 466d34af..734111c6 100644 --- a/utils/kernel_image_fw.c +++ b/utils/kernel_image_fw.c @@ -8,10 +8,8 @@ #include "kernel_image_fw.h" -#include "padding.h" +#include "cryptolib.h" #include "rollback_index.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "utility.h" /* Macro to determine the size of a field structure in the KernelImage diff --git a/utils/kernel_utility.cc b/utils/kernel_utility.cc index 9a4f34b8..9fedeb5f 100644 --- a/utils/kernel_utility.cc +++ b/utils/kernel_utility.cc @@ -17,11 +17,9 @@ #include <iostream> extern "C" { +#include "cryptolib.h" #include "file_keys.h" #include "kernel_image.h" -#include "padding.h" -#include "rsa_utility.h" -#include "sha_utility.h" #include "utility.h" } diff --git a/utils/signature_digest.c b/utils/signature_digest.c index 8f4c2389..d8d425ba 100644 --- a/utils/signature_digest.c +++ b/utils/signature_digest.c @@ -13,9 +13,7 @@ #include <stdlib.h> #include <unistd.h> -#include "padding.h" -#include "sha.h" -#include "sha_utility.h" +#include "cryptolib.h" #include "utility.h" uint8_t* PrependDigestInfo(int algorithm, uint8_t* digest) { diff --git a/utils/verify_data.c b/utils/verify_data.c index 4b0b785a..e6cc8529 100644 --- a/utils/verify_data.c +++ b/utils/verify_data.c @@ -15,11 +15,8 @@ #include <sys/types.h> #include <unistd.h> +#include "cryptolib.h" #include "file_keys.h" -#include "sha_utility.h" -#include "padding.h" -#include "rsa.h" -#include "rsa_utility.h" #include "verify_data.h" /* ANSI Color coding sequences. */ |