combined patch for:

http://codereview.chromium.org/1574005 http://codereview.chromium.org/1604001 Review URL: http://codereview.chromium.org/1585007
author: Gaurav Shah <gauravsh@chromium.org> 2010-03-31 10:56:49 -0700
committer: Gaurav Shah <gauravsh@chromium.org> 2010-03-31 10:56:49 -0700
commit: 5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9 (patch)
tree: 07e0b1581437d7d0fd62130f432a12b750a5bc25
parent: 21c3f7fef79e1c6830c883b484d96c059012b18f (diff)
download: vboot-5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9.tar.gz
43 files changed, 240 insertions, 260 deletions
diff --git a/crypto/genpadding.sh b/crypto/genpadding.sh
index 6086c8de..baac71bd 100755
--- a/crypto/genpadding.sh
+++ b/crypto/genpadding.sh
@@ -48,8 +48,7 @@ cat <<EOF
 EOF
 
 
-echo '#include "rsa.h"'
-echo '#include "sha.h"'
+echo '#include "cryptolib.h"'
 echo
 echo
 cat <<EOF 
@@ -172,6 +171,18 @@ done
 echo "};"
 echo
 
+# Generate signature algorithm to messge digest algorithm map.
+echo "const int hash_type_map[] = {"
+for rsaalgo in ${RSAAlgos[@]}
+do
+  for hashalgo in ${HashAlgos[@]}
+  do
+    echo ${hashalgo}_DIGEST_ALGORITHM,
+  done
+done
+echo "};"
+echo
+
 # Generate algorithm to message digest's output size map.
 echo "const int hash_size_map[NUMALGORITHMS] = {"
 for rsaalgo in ${RSAAlgos[@]}
diff --git a/crypto/padding.c b/crypto/padding.c
index 5580d6ef..14d94458 100644
--- a/crypto/padding.c
+++ b/crypto/padding.c
@@ -5,8 +5,7 @@
  * arrays corresponding to various combinations of algorithms for RSA signatures.
  */
 
-#include "rsa.h"
-#include "sha.h"
+#include "cryptolib.h"
 
 
 /*
@@ -170,6 +169,21 @@ RSA8192NUMBYTES - SHA256_DIGEST_SIZE,
 RSA8192NUMBYTES - SHA512_DIGEST_SIZE,
 };
 
+const int hash_type_map[] = {
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+};
+
 const int hash_size_map[NUMALGORITHMS] = {
 SHA1_DIGEST_SIZE,
 SHA256_DIGEST_SIZE,
diff --git a/crypto/rsa.c b/crypto/rsa.c
index c84ae4e8..bfc64469 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -8,10 +8,7 @@
  * support multiple RSA key lengths and hash digest algorithms.
  */
 
-#include <stdio.h>
-
-#include "padding.h"
-#include "rsa.h"
+#include "cryptolib.h"
 #include "utility.h"
 
 /* a[] -= mod */
@@ -138,17 +135,17 @@ int RSAVerify(const RSAPublicKey *key,
   int success = 1;
 
   if (sig_len != (key->len * sizeof(uint32_t))) {
-    fprintf(stderr, "Signature is of incorrect length!\n");
+    debug("Signature is of incorrect length!\n");
     return 0;
   }
 
   if (sig_type >= kNumAlgorithms) {
-    fprintf(stderr, "Invalid signature type!\n");
+    debug("Invalid signature type!\n");
     return 0;
   }
 
   if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) {
-    fprintf(stderr, "Wrong key passed in!\n");
+    debug("Wrong key passed in!\n");
     return 0;
   }
 
@@ -165,7 +162,7 @@ int RSAVerify(const RSAPublicKey *key,
     if (buf[i] != padding[i]) {
 #ifndef NDEBUG
 /* TODO(gauravsh): Replace with a macro call for logging. */
-      fprintf(stderr, "Padding: Expecting = %02x Got = %02x\n", padding[i],
+      debug("Padding: Expecting = %02x Got = %02x\n", padding[i],
               buf[i]);
 #endif
       success = 0;
@@ -177,7 +174,7 @@ int RSAVerify(const RSAPublicKey *key,
     if (buf[i] != *hash++) {
 #ifndef NDEBUG
 /* TODO(gauravsh): Replace with a macro call for logging. */
-      fprintf(stderr, "Digest: Expecting = %02x Got = %02x\n", padding[i],
+      debug("Digest: Expecting = %02x Got = %02x\n", padding[i],
               buf[i]);
 #endif
       success = 0;
diff --git a/crypto/rsa_utility.c b/crypto/rsa_utility.c
index 5ac2db4b..bf322844 100644
--- a/crypto/rsa_utility.c
+++ b/crypto/rsa_utility.c
@@ -2,12 +2,10 @@
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  *
- * Utility functions for message digest functions.
+ * Implementation of RSA utility functions.
  */
 
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
+#include "cryptolib.h"
 #include "utility.h"
 
 int RSAProcessedKeySize(int algorithm) {
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 5844eccd..41b729b1 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -1,13 +1,14 @@
 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
- */
-
-/* SHA-1 implementation largely based on libmincrypt in the the Android
+ *
+ * SHA-1 implementation largely based on libmincrypt in the the Android
  * Open Source Project (platorm/system/core.git/libmincrypt/sha.c
  */
 
-#include "sha.h"
+#include "cryptolib.h"
+#include "utility.h"
+
 
 /* Some machines lack byteswap.h and endian.h. These have to use the
  * slower code, even if they're little-endian.
@@ -134,7 +135,7 @@ void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len) {
   ctx->count += len;
 
   while (len > sizeof(ctx->buf) - i) {
-    memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
+    Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
     len -= sizeof(ctx->buf) - i;
     p += sizeof(ctx->buf) - i;
     SHA1_Transform(ctx);
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 320bccbc..7f476567 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -35,8 +35,8 @@
  * SUCH DAMAGE.
  */
 
-#include "sha.h"
-#include <string.h>
+#include "cryptolib.h"
+#include "utility.h"
 
 #define SHFR(x, n)    (x >> n)
 #define ROTR(x, n)   ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -340,7 +340,7 @@ void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) {
     tmp_len = SHA256_BLOCK_SIZE - ctx->len;
     rem_len = len < tmp_len ? len : tmp_len;
 
-    memcpy(&ctx->block[ctx->len], data, rem_len);
+    Memcpy(&ctx->block[ctx->len], data, rem_len);
 
     if (ctx->len + len < SHA256_BLOCK_SIZE) {
         ctx->len += len;
@@ -357,7 +357,7 @@ void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) {
 
     rem_len = new_len % SHA256_BLOCK_SIZE;
 
-    memcpy(ctx->block, &shifted_data[block_nb << 6],
+    Memcpy(ctx->block, &shifted_data[block_nb << 6],
            rem_len);
 
     ctx->len = rem_len;
@@ -528,7 +528,7 @@ void SHA512_update(SHA512_CTX* ctx, const uint8_t* data,
     tmp_len = SHA512_BLOCK_SIZE - ctx->len;
     rem_len = len < tmp_len ? len : tmp_len;
 
-    memcpy(&ctx->block[ctx->len], data, rem_len);
+    Memcpy(&ctx->block[ctx->len], data, rem_len);
 
     if (ctx->len + len < SHA512_BLOCK_SIZE) {
         ctx->len += len;
@@ -545,7 +545,7 @@ void SHA512_update(SHA512_CTX* ctx, const uint8_t* data,
 
     rem_len = new_len % SHA512_BLOCK_SIZE;
 
-    memcpy(ctx->block, &shifted_data[block_nb << 7],
+    Memcpy(ctx->block, &shifted_data[block_nb << 7],
            rem_len);
 
     ctx->len = rem_len;
diff --git a/crypto/sha_utility.c b/crypto/sha_utility.c
index 1478a7a4..4e266f7c 100644
--- a/crypto/sha_utility.c
+++ b/crypto/sha_utility.c
@@ -5,36 +5,11 @@
  * Utility functions for message digest functions.
  */
 
-#include "sha_utility.h"
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include "sha.h"
+#include "cryptolib.h"
 #include "utility.h"
 
-int digest_type_map[] = {
-  SHA1_DIGEST_ALGORITHM,  /* RSA 1024 */
-  SHA256_DIGEST_ALGORITHM,
-  SHA512_DIGEST_ALGORITHM,
-  SHA1_DIGEST_ALGORITHM,  /* RSA 2048 */
-  SHA256_DIGEST_ALGORITHM,
-  SHA512_DIGEST_ALGORITHM,
-  SHA1_DIGEST_ALGORITHM,  /* RSA 4096 */
-  SHA256_DIGEST_ALGORITHM,
-  SHA512_DIGEST_ALGORITHM,
-  SHA1_DIGEST_ALGORITHM,  /* RSA 8192 */
-  SHA256_DIGEST_ALGORITHM,
-  SHA512_DIGEST_ALGORITHM,
-};
-
 void DigestInit(DigestContext* ctx, int sig_algorithm) {
-  ctx->algorithm = digest_type_map[sig_algorithm];
+  ctx->algorithm = hash_type_map[sig_algorithm];
   switch(ctx->algorithm) {
     case SHA1_DIGEST_ALGORITHM:
       ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX));
@@ -87,27 +62,6 @@ uint8_t* DigestFinal(DigestContext* ctx) {
   return digest;
 }
 
-uint8_t* DigestFile(char* input_file, int sig_algorithm) {
-  int input_fd, len;
-  uint8_t data[SHA1_BLOCK_SIZE];
-  uint8_t* digest = NULL;
-  DigestContext ctx;
-
-  if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
-    fprintf(stderr, "Couldn't open input file.\n");
-    return NULL;
-  }
-  DigestInit(&ctx, sig_algorithm);
-  while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
-          SHA1_BLOCK_SIZE)
-    DigestUpdate(&ctx, data, len);
-  if (len != -1)
-    DigestUpdate(&ctx, data, len);
-  digest = DigestFinal(&ctx);
-  close(input_fd);
-  return digest;
-}
-
 uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
   uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */
   /* Define an array mapping [sig_algorithm] to function pointers to the
diff --git a/include/cryptolib.h b/include/cryptolib.h
new file mode 100644
index 00000000..b65a71db
--- /dev/null
+++ b/include/cryptolib.h
@@ -0,0 +1,15 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Firmware Cryptolib includes.
+ */
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#define VBOOT_REFERENCE_CRYPTOLIB_H_
+
+#include "padding.h"
+#include "rsa.h"
+#include "sha.h"
+
+#endif  /* VBOOT_REFERENCE_CRYPTOLIB_H_ */
diff --git a/include/file_keys.h b/include/file_keys.h
index 6e3851c8..eac4df0e 100644
--- a/include/file_keys.h
+++ b/include/file_keys.h
@@ -8,7 +8,7 @@
 #ifndef VBOOT_REFERENCE_FILE_KEYS_H_
 #define VBOOT_REFERENCE_FILE_KEYS_H_
 
-#include "rsa.h"
+#include "cryptolib.h"
 
 /* Read file named [input_file] into a buffer and stores the length into
  * [len].
@@ -25,6 +25,12 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len);
  */
 RSAPublicKey* RSAPublicKeyFromFile(const char* input_file);
 
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
 /* Helper function to invoke external program to calculate signature on
  * [input_file] using private key [key_file] and signature algorithm
  * [algorithm].
diff --git a/include/firmware_image_fw.h b/include/firmware_image_fw.h
index 53b558ae..dc6db90d 100644
--- a/include/firmware_image_fw.h
+++ b/include/firmware_image_fw.h
@@ -10,8 +10,7 @@
 #define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
 
 #include <stdint.h>
-#include "rsa.h"
-#include "sha.h"
+#include "cryptolib.h"
 
 #define FIRMWARE_MAGIC "CHROMEOS"
 #define FIRMWARE_MAGIC_SIZE 8
diff --git a/include/kernel_image_fw.h b/include/kernel_image_fw.h
index d299b5a2..6446e8c1 100644
--- a/include/kernel_image_fw.h
+++ b/include/kernel_image_fw.h
@@ -10,8 +10,8 @@
 #define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_
 
 #include <stdint.h>
-#include "rsa.h"
-#include "sha.h"
+
+#include "cryptolib.h"
 
 #define KERNEL_MAGIC "CHROMEOS"
 #define KERNEL_MAGIC_SIZE 8
diff --git a/include/padding.h b/include/padding.h
index 938cec2f..8d8fc95f 100644
--- a/include/padding.h
+++ b/include/padding.h
@@ -6,7 +6,11 @@
 #ifndef VBOOT_REFERENCE_PADDING_H_
 #define VBOOT_REFERENCE_PADDING_H_
 
-#include <inttypes.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
 
 extern const uint8_t paddingRSA1024_SHA1[];
 extern const uint8_t paddingRSA1024_SHA256[];
@@ -27,6 +31,7 @@ extern const int digestinfo_size_map[];
 extern const int siglen_map[];
 extern const uint8_t* padding_map[];
 extern const int padding_size_map[];
+extern const int hash_type_map[];
 extern const int hash_size_map[];
 extern const int hash_blocksize_map[];
 extern const uint8_t* hash_digestinfo_map[];
diff --git a/include/rsa.h b/include/rsa.h
index 8f2ede8a..1a458037 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -6,7 +6,11 @@
 #ifndef VBOOT_REFERENCE_RSA_H_
 #define VBOOT_REFERENCE_RSA_H_
 
-#include <inttypes.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
 
 #define RSA1024NUMBYTES 128  /* 1024 bit key length */
 #define RSA2048NUMBYTES 256  /* 2048 bit key length */
@@ -29,9 +33,59 @@ typedef struct RSAPublicKey {
  * against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
  */
 int RSAVerify(const RSAPublicKey *key,
-               const uint8_t* sig,
-               const int sig_len,
-               const uint8_t sig_type,
-               const uint8_t* hash);
+              const uint8_t* sig,
+              const int sig_len,
+              const uint8_t sig_type,
+              const uint8_t* hash);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+                      const RSAPublicKey* key,
+                      const uint8_t* buf,
+                      uint64_t len,
+                      const uint8_t* sig,
+                      int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+                                const RSAPublicKey* key,
+                                const uint8_t* digest,
+                                const uint8_t* sig,
+                                int algorithm);
+
+
+/* ----Some additional utility functions for RSA.---- */
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+
 
 #endif  /* VBOOT_REFERENCE_RSA_H_ */
diff --git a/include/rsa_utility.h b/include/rsa_utility.h
deleted file mode 100644
index 652227c3..00000000
--- a/include/rsa_utility.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Some utility functions for use with RSA signature verification.
- */
-
-#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_
-#define VBOOT_REFERENCE_RSA_UTILITY_H_
-
-#include "rsa.h"
-
-/* Returns the size of a pre-processed RSA public key in bytes with algorithm
- * [algorithm]. */
-int RSAProcessedKeySize(int algorithm);
-
-/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
- * NULL */
-RSAPublicKey* RSAPublicKeyNew(void);
-
-/* Deep free the contents of [key]. */
-void RSAPublicKeyFree(RSAPublicKey* key);
-
-/* Create a RSAPublic key structure from binary blob [buf] of length
- * [len].
- *
- * Caller owns the returned key and must free it.
- */
-RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
-
-/* Perform RSA signature verification on [buf] of length [len] against expected
- * signature [sig] using signature algorithm [algorithm]. The public key used
- * for verification can either be in the form of a pre-process key blob
- * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
- * be non-NULL, and the other NULL or the function will fail.
- *
- * Returns 1 on verification success, 0 on verification failure or invalid
- * arguments.
- *
- * Note: This function is for use in the firmware and assumes all pointers point
- * to areas in the memory of the right size.
- *
- */
-int RSAVerifyBinary_f(const uint8_t* key_blob,
-                      const RSAPublicKey* key,
-                      const uint8_t* buf,
-                      uint64_t len,
-                      const uint8_t* sig,
-                      int algorithm);
-
-/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
- * of data, its digest is passed as the argument. */
-int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
-                                const RSAPublicKey* key,
-                                const uint8_t* digest,
-                                const uint8_t* sig,
-                                int algorithm);
-#endif  /* VBOOT_REFERENCE_RSA_UTILITY_H_ */
diff --git a/include/sha.h b/include/sha.h
index c3edcbc2..16868942 100644
--- a/include/sha.h
+++ b/include/sha.h
@@ -8,8 +8,11 @@
 #ifndef VBOOT_REFERENCE_SHA_H_
 #define VBOOT_REFERENCE_SHA_H_
 
-#include <inttypes.h>
-#include <string.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
 
 #define SHA1_DIGEST_SIZE 20
 #define SHA1_BLOCK_SIZE 64
@@ -81,4 +84,45 @@ uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest);
 uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
 
 
+/*---- Utility functions/wrappers for message digests. */
+
+#define SHA1_DIGEST_ALGORITHM 0
+#define SHA256_DIGEST_ALGORITHM 1
+#define SHA512_DIGEST_ALGORITHM 2
+
+/* A generic digest context structure which can be used to represent
+ * the SHA*_CTX for multiple digest algorithms.
+ */
+typedef struct DigestContext {
+  SHA1_CTX* sha1_ctx;
+  SHA256_CTX* sha256_ctx;
+  SHA512_CTX* sha512_ctx;
+  int algorithm;  /* Hashing algorithm to use. */
+} DigestContext;
+
+/* Wrappers for message digest algorithms. These are useful when the hashing
+ * operation is being done in parallel with something else. DigestContext tracks
+ * and stores the state of any digest algorithm (one at any given time).
+ */
+
+/* Initialize a digest context for use with signature algorithm [algorithm]. */
+void DigestInit(DigestContext* ctx, int sig_algorithm);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
+
+/* Caller owns the returned digest and must free it. */
+uint8_t* DigestFinal(DigestContext* ctx);
+
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
+/* Returns the appropriate digest of [buf] of length
+ * [len] based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
+
+
 #endif  /* VBOOT_REFERENCE_SHA_H_ */
diff --git a/include/sha_utility.h b/include/sha_utility.h
deleted file mode 100644
index 21a5e18a..00000000
--- a/include/sha_utility.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility functions for message digests.
-*/
-
-#ifndef VBOOT_REFERENCE_SHA_UTILITY_H_
-#define VBOOT_REFERENCE_SHA_UTILITY_H_
-
-#include <inttypes.h>
-
-#include "sha.h"
-
-#define SHA1_DIGEST_ALGORITHM 0
-#define SHA256_DIGEST_ALGORITHM 1
-#define SHA512_DIGEST_ALGORITHM 2
-
-/* A generic digest context structure which can be used to represent
- * the SHA*_CTX for multiple digest algorithms.
- */
-typedef struct DigestContext {
-  SHA1_CTX* sha1_ctx;
-  SHA256_CTX* sha256_ctx;
-  SHA512_CTX* sha512_ctx;
-  int algorithm;  /* Hashing algorithm to use. */
-} DigestContext;
-
-/* Wrappers for message digest algorithms. These are useful when the hashing
- * operation is being done in parallel with something else. DigestContext tracks
- * and stores the state of any digest algorithm (one at any given time).
- */
-
-/* Initialize a digest context for use with signature algorithm [algorithm]. */
-void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
-
-/* Caller owns the returned digest and must free it. */
-uint8_t* DigestFinal(DigestContext* ctx);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
-/* Returns the appropriate digest of [buf] of length
- * [len] based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
-
-#endif  /* VBOOT_REFERENCE_SHA_UTILITY_H_ */
diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c
index 2368b471..44328ea9 100644
--- a/tests/big_firmware_tests.c
+++ b/tests/big_firmware_tests.c
@@ -9,9 +9,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c
index 7fc5fb36..c78f622f 100644
--- a/tests/big_kernel_tests.c
+++ b/tests/big_kernel_tests.c
@@ -9,9 +9,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/firmware_image_tests.c b/tests/firmware_image_tests.c
index fd195606..a2ce472f 100644
--- a/tests/firmware_image_tests.c
+++ b/tests/firmware_image_tests.c
@@ -8,9 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c
index 9973ec73..3608db73 100644
--- a/tests/firmware_rollback_tests.c
+++ b/tests/firmware_rollback_tests.c
@@ -8,9 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "rsa_utility.h"
 #include "utility.h"
 #include "rollback_index.h"
 #include "test_common.h"
diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c
index c71b8b42..c3259b76 100644
--- a/tests/firmware_splicing_tests.c
+++ b/tests/firmware_splicing_tests.c
@@ -8,10 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/firmware_verify_benchmark.c b/tests/firmware_verify_benchmark.c
index 8eafc70c..3d06dc93 100644
--- a/tests/firmware_verify_benchmark.c
+++ b/tests/firmware_verify_benchmark.c
@@ -8,10 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "timer_utils.h"
 #include "utility.h"
diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c
index c8f80356..eee0417c 100644
--- a/tests/kernel_image_tests.c
+++ b/tests/kernel_image_tests.c
@@ -8,9 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c
index eafbaaa0..08f874ca 100644
--- a/tests/kernel_rollback_tests.c
+++ b/tests/kernel_rollback_tests.c
@@ -8,9 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "rsa_utility.h"
 #include "rollback_index.h"
 #include "test_common.h"
 #include "utility.h"
diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c
index da29eb1f..d4c9bb5d 100644
--- a/tests/kernel_splicing_tests.c
+++ b/tests/kernel_splicing_tests.c
@@ -8,10 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "utility.h"
 
diff --git a/tests/kernel_verify_benchmark.c b/tests/kernel_verify_benchmark.c
index c3259fc5..369785c8 100644
--- a/tests/kernel_verify_benchmark.c
+++ b/tests/kernel_verify_benchmark.c
@@ -8,10 +8,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
 #include "test_common.h"
 #include "timer_utils.h"
 #include "utility.h"
diff --git a/tests/rollback_index_mock.c b/tests/rollback_index_mock.c
index 63172143..37dde48c 100644
--- a/tests/rollback_index_mock.c
+++ b/tests/rollback_index_mock.c
@@ -7,8 +7,8 @@
 
 #include "rollback_index.h"
 
-#include <stdio.h>
 #include <stdint.h>
+#include <stdio.h>
 
 uint16_t g_firmware_key_version = 0;
 uint16_t g_firmware_version = 0;
diff --git a/tests/rsa_padding_test.c b/tests/rsa_padding_test.c
index b565e789..4ccb4b44 100644
--- a/tests/rsa_padding_test.c
+++ b/tests/rsa_padding_test.c
@@ -7,8 +7,8 @@
 
 #include <stdio.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "rsa_utility.h"
 
 int main(int argc, char* argv[]) {
   int i;
diff --git a/tests/rsa_padding_test.h b/tests/rsa_padding_test.h
index 22577845..ce1ab247 100644
--- a/tests/rsa_padding_test.h
+++ b/tests/rsa_padding_test.h
@@ -12,9 +12,7 @@
 #ifndef VBOOT_REFERENCE_RSA_PADDING_TEST_H_
 #define VBOOT_REFERENCE_RSA_PADDING_TEST_H_
 
-#include <inttypes.h>
-
-#include "rsa.h"
+#include "cryptolib.h"
 
 /* The modulus of the public key (RSA-1024). */
 static const uint8_t pubkey_n[] = {
diff --git a/tests/rsa_verify_benchmark.c b/tests/rsa_verify_benchmark.c
index ba108be2..ccd6eafa 100644
--- a/tests/rsa_verify_benchmark.c
+++ b/tests/rsa_verify_benchmark.c
@@ -6,10 +6,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "padding.h"
-#include "rsa.h"
-#include "rsa_utility.h"
 #include "timer_utils.h"
 #include "utility.h"
 
diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c
index b36695b5..8532ffa8 100644
--- a/tests/sha_benchmark.c
+++ b/tests/sha_benchmark.c
@@ -6,7 +6,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#include "sha.h"
+#include "cryptolib.h"
 #include "timer_utils.h"
 #include "utility.h"
 
diff --git a/tests/sha_test_vectors.h b/tests/sha_test_vectors.h
index 640c06b9..c75e9165 100644
--- a/tests/sha_test_vectors.h
+++ b/tests/sha_test_vectors.h
@@ -8,15 +8,15 @@
 #ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 #define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 
-#include "sha.h"
+#include "cryptolib.h"
 
-char *oneblock_msg = "abc";
-char *multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
+char* oneblock_msg = "abc";
+char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
     "jklmklmnlmnomnopnopq";
-char *multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
+char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
     "jklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnop"
     "qrsmnopqrstnopqrstu";
-char *long_msg;
+char* long_msg;
 
 uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
   {
diff --git a/tests/sha_tests.c b/tests/sha_tests.c
index 2c07b3fc..2b75a037 100644
--- a/tests/sha_tests.c
+++ b/tests/sha_tests.c
@@ -9,8 +9,7 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include "sha.h"
-
+#include "cryptolib.h"
 #include "sha_test_vectors.h"
 
 int SHA1_tests(void) {
diff --git a/tests/test_common.c b/tests/test_common.c
index b57f6ed8..25913102 100644
--- a/tests/test_common.c
+++ b/tests/test_common.c
@@ -9,8 +9,8 @@
 
 #include <stdio.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "rsa_utility.h"
 #include "utility.h"
 
 /* ANSI Color coding sequences. */
diff --git a/utils/file_keys.c b/utils/file_keys.c
index 84383514..275ca6b7 100644
--- a/utils/file_keys.c
+++ b/utils/file_keys.c
@@ -15,8 +15,7 @@
 #include <sys/types.h>
 #include <unistd.h>
 
-#include "padding.h"
-#include "rsa_utility.h"
+#include "cryptolib.h"
 #include "signature_digest.h"
 #include "utility.h"
 
@@ -60,6 +59,27 @@ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) {
   return key;
 }
 
+uint8_t* DigestFile(char* input_file, int sig_algorithm) {
+  int input_fd, len;
+  uint8_t data[SHA1_BLOCK_SIZE];
+  uint8_t* digest = NULL;
+  DigestContext ctx;
+
+  if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
+    debug("Couldn't open input file.\n");
+    return NULL;
+  }
+  DigestInit(&ctx, sig_algorithm);
+  while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
+          SHA1_BLOCK_SIZE)
+    DigestUpdate(&ctx, data, len);
+  if (len != -1)
+    DigestUpdate(&ctx, data, len);
+  digest = DigestFinal(&ctx);
+  close(input_fd);
+  return digest;
+}
+
 uint8_t* SignatureFile(const char* input_file, const char* key_file,
                        int algorithm) {
   char* sign_utility = "./sign_data.sh";
diff --git a/utils/firmware_image.c b/utils/firmware_image.c
index 803ef893..b633d1a7 100644
--- a/utils/firmware_image.c
+++ b/utils/firmware_image.c
@@ -7,16 +7,13 @@
 
 #include "firmware_image.h"
 
-#include <fcntl.h>
-#include <limits.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <fcntl.h>
 #include <unistd.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "signature_digest.h"
 #include "utility.h"
 
diff --git a/utils/firmware_image_fw.c b/utils/firmware_image_fw.c
index f5c7d891..5387d95b 100644
--- a/utils/firmware_image_fw.c
+++ b/utils/firmware_image_fw.c
@@ -8,10 +8,8 @@
 
 #include "firmware_image_fw.h"
 
-#include "padding.h"
+#include "cryptolib.h"
 #include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "utility.h"
 
 /* Macro to determine the size of a field structure in the FirmwareImage
diff --git a/utils/firmware_utility.cc b/utils/firmware_utility.cc
index 6b543f52..85275e73 100644
--- a/utils/firmware_utility.cc
+++ b/utils/firmware_utility.cc
@@ -17,11 +17,9 @@
 #include <iostream>
 
 extern "C" {
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "utility.h"
 }
 
diff --git a/utils/kernel_image.c b/utils/kernel_image.c
index e66ce384..8c8c0922 100644
--- a/utils/kernel_image.c
+++ b/utils/kernel_image.c
@@ -14,11 +14,9 @@
 #include <sys/stat.h>
 #include <unistd.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "padding.h"
 #include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "signature_digest.h"
 #include "utility.h"
 
diff --git a/utils/kernel_image_fw.c b/utils/kernel_image_fw.c
index 466d34af..734111c6 100644
--- a/utils/kernel_image_fw.c
+++ b/utils/kernel_image_fw.c
@@ -8,10 +8,8 @@
 
 #include "kernel_image_fw.h"
 
-#include "padding.h"
+#include "cryptolib.h"
 #include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "utility.h"
 
 /* Macro to determine the size of a field structure in the KernelImage
diff --git a/utils/kernel_utility.cc b/utils/kernel_utility.cc
index 9a4f34b8..9fedeb5f 100644
--- a/utils/kernel_utility.cc
+++ b/utils/kernel_utility.cc
@@ -17,11 +17,9 @@
 #include <iostream>
 
 extern "C" {
+#include "cryptolib.h"
 #include "file_keys.h"
 #include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
 #include "utility.h"
 }
 
diff --git a/utils/signature_digest.c b/utils/signature_digest.c
index 8f4c2389..d8d425ba 100644
--- a/utils/signature_digest.c
+++ b/utils/signature_digest.c
@@ -13,9 +13,7 @@
 #include <stdlib.h>
 #include <unistd.h>
 
-#include "padding.h"
-#include "sha.h"
-#include "sha_utility.h"
+#include "cryptolib.h"
 #include "utility.h"
 
 uint8_t* PrependDigestInfo(int algorithm, uint8_t* digest) {
diff --git a/utils/verify_data.c b/utils/verify_data.c
index 4b0b785a..e6cc8529 100644
--- a/utils/verify_data.c
+++ b/utils/verify_data.c
@@ -15,11 +15,8 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "cryptolib.h"
 #include "file_keys.h"
-#include "sha_utility.h"
-#include "padding.h"
-#include "rsa.h"
-#include "rsa_utility.h"
 #include "verify_data.h"
 
 /* ANSI Color coding sequences. */
author	Gaurav Shah <gauravsh@chromium.org>	2010-03-31 10:56:49 -0700
committer	Gaurav Shah <gauravsh@chromium.org>	2010-03-31 10:56:49 -0700
commit	5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9 (patch)
tree	07e0b1581437d7d0fd62130f432a12b750a5bc25
parent	21c3f7fef79e1c6830c883b484d96c059012b18f (diff)
download	vboot-5411c7a9f03f91bf2c1cd1cf852db9d4585a05c9.tar.gz