diff options
| author | Randall Spangler <rspangler@chromium.org> | 2016-05-11 13:50:18 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-07-22 18:40:04 -0700 |
| commit | 7c3ae42e045935728a63a6d592ecf6c5bdbd005a (patch) | |
| tree | b03c1bde6af714d2229b2362ad1d64b99c8f581d | |
| parent | b3a625f8fef1768d78eab4cfaaea270cb3fbd0c3 (diff) | |
| download | vboot-7c3ae42e045935728a63a6d592ecf6c5bdbd005a.tar.gz | |
vboot: Convert vboot1 SHA calls to use vboot2
This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.
This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it
Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
39 files changed, 378 insertions, 1608 deletions
@@ -327,10 +327,6 @@ VBSF_SRCS = \ firmware/lib/cryptolib/padding.c \ firmware/lib/cryptolib/rsa.c \ firmware/lib/cryptolib/rsa_utility.c \ - firmware/lib/cryptolib/sha1.c \ - firmware/lib/cryptolib/sha256.c \ - firmware/lib/cryptolib/sha512.c \ - firmware/lib/cryptolib/sha_utility.c \ firmware/lib/stateful_util.c \ firmware/lib/vboot_api_firmware.c \ firmware/lib/vboot_common.c \ @@ -737,7 +733,6 @@ TEST_NAMES = \ tests/rsa_utility_tests \ tests/rsa_verify_benchmark \ tests/sha_benchmark \ - tests/sha_tests \ tests/stateful_util_tests \ tests/tpm_bootmode_tests \ tests/utility_string_tests \ @@ -949,8 +944,8 @@ ${BDBLIB_OBJS}: INCLUDES += -Ifirmware/bdb ${BUILD}/firmware/linktest/main_vbinit: ${VBINIT_OBJS} ${BUILD}/firmware/linktest/main_vbinit: OBJS = ${VBINIT_OBJS} TEST_OBJS += ${BUILD}/firmware/linktest/main_vbinit.o -${BUILD}/firmware/linktest/main_vbsf: ${VBSF_OBJS} -${BUILD}/firmware/linktest/main_vbsf: OBJS = ${VBSF_OBJS} +${BUILD}/firmware/linktest/main_vbsf: ${FWLIB} +${BUILD}/firmware/linktest/main_vbsf: LIBS = ${FWLIB} TEST_OBJS += ${BUILD}/firmware/linktest/main_vbsf.o ${BUILD}/firmware/linktest/main: ${FWLIB} ${BUILD}/firmware/linktest/main: LIBS = ${FWLIB} @@ -965,7 +960,7 @@ fwlinktest: \ .PHONY: fwlib fwlib: $(if ${FIRMWARE_ARCH},${FWLIB},fwlinktest) -${FWLIB}: ${FWLIB_OBJS} +${FWLIB}: ${FWLIB_OBJS} ${FWLIB2X_OBJS} @${PRINTF} " RM $(subst ${BUILD}/,,$@)\n" ${Q}rm -f $@ @${PRINTF} " AR $(subst ${BUILD}/,,$@)\n" @@ -1020,7 +1015,7 @@ utillib: ${UTILLIB} \ ${BUILD}/host/linktest/main # TODO: better way to make .a than duplicating this recipe each time? -${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} +${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} ${FWLIB2X_OBJS} @${PRINTF} " RM $(subst ${BUILD}/,,$@)\n" ${Q}rm -f $@ @${PRINTF} " AR $(subst ${BUILD}/,,$@)\n" @@ -1459,7 +1454,6 @@ runmisctests: test_setup ${RUNTEST} ${BUILD_RUN}/tests/rollback_index2_tests ${RUNTEST} ${BUILD_RUN}/tests/rollback_index3_tests ${RUNTEST} ${BUILD_RUN}/tests/rsa_utility_tests - ${RUNTEST} ${BUILD_RUN}/tests/sha_tests ${RUNTEST} ${BUILD_RUN}/tests/stateful_util_tests ${RUNTEST} ${BUILD_RUN}/tests/tlcl_tests ${RUNTEST} ${BUILD_RUN}/tests/tpm_bootmode_tests diff --git a/cgpt/cgpt_wrapper.c b/cgpt/cgpt_wrapper.c index 1716cdde..3903358e 100644 --- a/cgpt/cgpt_wrapper.c +++ b/cgpt/cgpt_wrapper.c @@ -22,9 +22,14 @@ #include <sys/types.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cgpt.h" #include "cgpt_nor.h" #include "cryptolib.h" +#include "file_keys.h" // Check if cmdline |argv| has "-D". "-D" signifies that GPT structs are stored // off device, and hence we should not wrap around cgpt. @@ -67,8 +72,8 @@ static const char *find_mtd_device(int argc, const char *const argv[]) { static int wrap_cgpt(int argc, const char *const argv[], const char *mtd_device) { - uint8_t *original_hash = NULL; - uint8_t *modified_hash = NULL; + uint8_t original_hash[VB2_SHA1_DIGEST_SIZE]; + uint8_t modified_hash[VB2_SHA1_DIGEST_SIZE]; int ret = 0; // Create a temp dir to work in. @@ -81,7 +86,11 @@ static int wrap_cgpt(int argc, if (snprintf(rw_gpt_path, sizeof(rw_gpt_path), "%s/rw_gpt", temp_dir) < 0) { goto cleanup; } - original_hash = DigestFile(rw_gpt_path, SHA1_DIGEST_ALGORITHM); + if (VB2_SUCCESS != DigestFile(rw_gpt_path, VB2_HASH_SHA1, + original_hash, sizeof(original_hash))) { + Error("Cannot compute original GPT digest.\n"); + goto cleanup; + } // Obtain the MTD size. ret++; @@ -126,9 +135,9 @@ static int wrap_cgpt(int argc, // Write back "rw_gpt" to NOR flash in two chunks. ret++; - modified_hash = DigestFile(rw_gpt_path, SHA1_DIGEST_ALGORITHM); - if (original_hash != NULL && modified_hash != NULL) { - if (memcmp(original_hash, modified_hash, SHA1_DIGEST_SIZE) != 0) { + if (VB2_SUCCESS == DigestFile(rw_gpt_path, VB2_HASH_SHA1, + modified_hash, sizeof(modified_hash))) { + if (memcmp(original_hash, modified_hash, VB2_SHA1_DIGEST_SIZE) != 0) { ret = WriteNorFlash(temp_dir); } else { ret = 0; @@ -136,8 +145,6 @@ static int wrap_cgpt(int argc, } cleanup: - free(original_hash); - free(modified_hash); RemoveDir(temp_dir); return ret; } diff --git a/firmware/lib/cryptolib/include/cryptolib.h b/firmware/lib/cryptolib/include/cryptolib.h index b65a71db..95fb6e57 100644 --- a/firmware/lib/cryptolib/include/cryptolib.h +++ b/firmware/lib/cryptolib/include/cryptolib.h @@ -10,6 +10,5 @@ #include "padding.h" #include "rsa.h" -#include "sha.h" #endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */ diff --git a/firmware/lib/cryptolib/include/padding.h b/firmware/lib/cryptolib/include/padding.h index 8cb00303..2b2fcbef 100644 --- a/firmware/lib/cryptolib/include/padding.h +++ b/firmware/lib/cryptolib/include/padding.h @@ -31,9 +31,6 @@ extern const int digestinfo_size_map[]; extern const int siglen_map[]; extern const uint8_t* const padding_map[]; extern const int padding_size_map[]; -extern const int hash_type_map[]; -extern const int hash_size_map[]; -extern const int hash_blocksize_map[]; extern const uint8_t* const hash_digestinfo_map[]; extern const char* const algo_strings[]; diff --git a/firmware/lib/cryptolib/include/sha.h b/firmware/lib/cryptolib/include/sha.h deleted file mode 100644 index 47a9e5ff..00000000 --- a/firmware/lib/cryptolib/include/sha.h +++ /dev/null @@ -1,128 +0,0 @@ -/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - */ - -/* SHA-1, 256 and 512 functions. */ - -#ifndef VBOOT_REFERENCE_SHA_H_ -#define VBOOT_REFERENCE_SHA_H_ - -#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ -#error "Do not include this file directly. Use cryptolib.h instead." -#endif - -#include "sysincludes.h" - -#define SHA1_DIGEST_SIZE 20 -#define SHA1_BLOCK_SIZE 64 - -#define SHA256_DIGEST_SIZE 32 -#define SHA256_BLOCK_SIZE 64 - -#define SHA512_DIGEST_SIZE 64 -#define SHA512_BLOCK_SIZE 128 - -typedef struct SHA1_CTX { - uint64_t count; - uint32_t state[5]; -#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN) - union { - uint8_t b[64]; - uint32_t w[16]; - } buf; -#else - uint8_t buf[64]; -#endif -} SHA1_CTX; - -typedef struct { - uint32_t h[8]; - uint32_t tot_len; - uint32_t len; - uint8_t block[2 * SHA256_BLOCK_SIZE]; - uint8_t buf[SHA256_DIGEST_SIZE]; /* Used for storing the final digest. */ -} VB_SHA256_CTX; - -typedef struct { - uint64_t h[8]; - uint32_t tot_len; - uint32_t len; - uint8_t block[2 * SHA512_BLOCK_SIZE]; - uint8_t buf[SHA512_DIGEST_SIZE]; /* Used for storing the final digest. */ -} VB_SHA512_CTX; - - -void SHA1_init(SHA1_CTX* ctx); -void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len); -uint8_t* SHA1_final(SHA1_CTX* ctx); - -void SHA256_init(VB_SHA256_CTX* ctx); -void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len); -uint8_t* SHA256_final(VB_SHA256_CTX* ctx); - -void SHA512_init(VB_SHA512_CTX* ctx); -void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data, uint32_t len); -uint8_t* SHA512_final(VB_SHA512_CTX* ctx); - -/* Convenience function for SHA-1. Computes hash on [data] of length [len]. - * and stores it into [digest]. [digest] should be pre-allocated to - * SHA1_DIGEST_SIZE bytes. - */ -uint8_t* internal_SHA1(const uint8_t* data, uint64_t len, uint8_t* digest); - -/* Convenience function for SHA-256. Computes hash on [data] of length [len]. - * and stores it into [digest]. [digest] should be pre-allocated to - * SHA256_DIGEST_SIZE bytes. - */ -uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest); - -/* Convenience function for SHA-512. Computes hash on [data] of length [len]. - * and stores it into [digest]. [digest] should be pre-allocated to - * SHA512_DIGEST_SIZE bytes. - */ -uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest); - - -/*---- Utility functions/wrappers for message digests. */ - -#define SHA1_DIGEST_ALGORITHM 0 -#define SHA256_DIGEST_ALGORITHM 1 -#define SHA512_DIGEST_ALGORITHM 2 - -/* A generic digest context structure which can be used to represent - * the SHA*_CTX for multiple digest algorithms. - */ -typedef struct DigestContext { - SHA1_CTX* sha1_ctx; - VB_SHA256_CTX* sha256_ctx; - VB_SHA512_CTX* sha512_ctx; - int algorithm; /* Hashing algorithm to use. */ -} DigestContext; - -/* Wrappers for message digest algorithms. These are useful when the hashing - * operation is being done in parallel with something else. DigestContext tracks - * and stores the state of any digest algorithm (one at any given time). - */ - -/* Initialize a digest context for use with signature algorithm [algorithm]. */ -void DigestInit(DigestContext* ctx, int sig_algorithm); -void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len); - -/* Caller owns the returned digest and must free it. */ -uint8_t* DigestFinal(DigestContext* ctx); - -/* Returns the appropriate digest for the data in [input_file] - * based on the signature [algorithm]. - * Caller owns the returned digest and must free it. - */ -uint8_t* DigestFile(char* input_file, int sig_algorithm); - -/* Returns the appropriate digest of [buf] of length - * [len] based on the signature [algorithm]. - * Caller owns the returned digest and must free it. - */ -uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm); - - -#endif /* VBOOT_REFERENCE_SHA_H_ */ diff --git a/firmware/lib/cryptolib/padding.c b/firmware/lib/cryptolib/padding.c index 4fc939a5..859e2302 100644 --- a/firmware/lib/cryptolib/padding.c +++ b/firmware/lib/cryptolib/padding.c @@ -1,12 +1,18 @@ +/* Copyright 2010 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ /* - * DO NOT MODIFY THIS FILE DIRECTLY. - * - * This file is automatically generated by genpadding.sh and contains padding - * arrays corresponding to various combinations of algorithms for RSA signatures. + * This file was automatically generated by genpadding.sh and contains padding + * arrays corresponding to various combinations of algorithms for RSA + * signatures. It will go away soon, as we convert to vboot2 code. */ #include "sysincludes.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" @@ -35,62 +41,62 @@ #ifndef CHROMEOS_EC /* Algorithm Type 0 */ -const uint8_t paddingRSA1024_SHA1[RSA1024NUMBYTES - SHA1_DIGEST_SIZE] = { +const uint8_t paddingRSA1024_SHA1[RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 }; /* Algorithm Type 1 */ -const uint8_t paddingRSA1024_SHA256[RSA1024NUMBYTES - SHA256_DIGEST_SIZE] = { +const uint8_t paddingRSA1024_SHA256[RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 }; /* Algorithm Type 2 */ -const uint8_t paddingRSA1024_SHA512[RSA1024NUMBYTES - SHA512_DIGEST_SIZE] = { +const uint8_t paddingRSA1024_SHA512[RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 }; /* Algorithm Type 3 */ -const uint8_t paddingRSA2048_SHA1[RSA2048NUMBYTES - SHA1_DIGEST_SIZE] = { +const uint8_t paddingRSA2048_SHA1[RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 }; /* Algorithm Type 4 */ -const uint8_t paddingRSA2048_SHA256[RSA2048NUMBYTES - SHA256_DIGEST_SIZE] = { +const uint8_t paddingRSA2048_SHA256[RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 }; /* Algorithm Type 5 */ -const uint8_t paddingRSA2048_SHA512[RSA2048NUMBYTES - SHA512_DIGEST_SIZE] = { +const uint8_t paddingRSA2048_SHA512[RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 }; /* Algorithm Type 6 */ -const uint8_t paddingRSA4096_SHA1[RSA4096NUMBYTES - SHA1_DIGEST_SIZE] = { +const uint8_t paddingRSA4096_SHA1[RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 }; /* Algorithm Type 7 */ -const uint8_t paddingRSA4096_SHA256[RSA4096NUMBYTES - SHA256_DIGEST_SIZE] = { +const uint8_t paddingRSA4096_SHA256[RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 }; /* Algorithm Type 8 */ -const uint8_t paddingRSA4096_SHA512[RSA4096NUMBYTES - SHA512_DIGEST_SIZE] = { +const uint8_t paddingRSA4096_SHA512[RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 }; /* Algorithm Type 9 */ -const uint8_t paddingRSA8192_SHA1[RSA8192NUMBYTES - SHA1_DIGEST_SIZE] = { +const uint8_t paddingRSA8192_SHA1[RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 }; /* Algorithm Type 10 */ -const uint8_t paddingRSA8192_SHA256[RSA8192NUMBYTES - SHA256_DIGEST_SIZE] = { +const uint8_t paddingRSA8192_SHA256[RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 }; /* Algorithm Type 11 */ -const uint8_t paddingRSA8192_SHA512[RSA8192NUMBYTES - SHA512_DIGEST_SIZE] = { +const uint8_t paddingRSA8192_SHA512[RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 }; @@ -164,63 +170,18 @@ paddingRSA8192_SHA512, }; const int padding_size_map[NUMALGORITHMS] = { -RSA1024NUMBYTES - SHA1_DIGEST_SIZE, -RSA1024NUMBYTES - SHA256_DIGEST_SIZE, -RSA1024NUMBYTES - SHA512_DIGEST_SIZE, -RSA2048NUMBYTES - SHA1_DIGEST_SIZE, -RSA2048NUMBYTES - SHA256_DIGEST_SIZE, -RSA2048NUMBYTES - SHA512_DIGEST_SIZE, -RSA4096NUMBYTES - SHA1_DIGEST_SIZE, -RSA4096NUMBYTES - SHA256_DIGEST_SIZE, -RSA4096NUMBYTES - SHA512_DIGEST_SIZE, -RSA8192NUMBYTES - SHA1_DIGEST_SIZE, -RSA8192NUMBYTES - SHA256_DIGEST_SIZE, -RSA8192NUMBYTES - SHA512_DIGEST_SIZE, -}; - -const int hash_type_map[] = { -SHA1_DIGEST_ALGORITHM, -SHA256_DIGEST_ALGORITHM, -SHA512_DIGEST_ALGORITHM, -SHA1_DIGEST_ALGORITHM, -SHA256_DIGEST_ALGORITHM, -SHA512_DIGEST_ALGORITHM, -SHA1_DIGEST_ALGORITHM, -SHA256_DIGEST_ALGORITHM, -SHA512_DIGEST_ALGORITHM, -SHA1_DIGEST_ALGORITHM, -SHA256_DIGEST_ALGORITHM, -SHA512_DIGEST_ALGORITHM, -}; - -const int hash_size_map[NUMALGORITHMS] = { -SHA1_DIGEST_SIZE, -SHA256_DIGEST_SIZE, -SHA512_DIGEST_SIZE, -SHA1_DIGEST_SIZE, -SHA256_DIGEST_SIZE, -SHA512_DIGEST_SIZE, -SHA1_DIGEST_SIZE, -SHA256_DIGEST_SIZE, -SHA512_DIGEST_SIZE, -SHA1_DIGEST_SIZE, -SHA256_DIGEST_SIZE, -SHA512_DIGEST_SIZE, -}; - -const int hash_blocksize_map[NUMALGORITHMS] = { -SHA1_BLOCK_SIZE, -SHA256_BLOCK_SIZE, -SHA512_BLOCK_SIZE, -SHA1_BLOCK_SIZE, -SHA256_BLOCK_SIZE, -SHA512_BLOCK_SIZE, -SHA1_BLOCK_SIZE, -SHA256_BLOCK_SIZE, -SHA512_BLOCK_SIZE, -SHA1_BLOCK_SIZE, -SHA256_BLOCK_SIZE, -SHA512_BLOCK_SIZE, +RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE, +RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE, +RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE, +RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE, +RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE, +RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE, +RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE, +RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE, +RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE, +RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE, +RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE, +RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE, }; const uint8_t* const hash_digestinfo_map[NUMALGORITHMS] = { diff --git a/firmware/lib/cryptolib/rsa_utility.c b/firmware/lib/cryptolib/rsa_utility.c index f6eefe2b..1195da04 100644 --- a/firmware/lib/cryptolib/rsa_utility.c +++ b/firmware/lib/cryptolib/rsa_utility.c @@ -6,7 +6,10 @@ */ #include "sysincludes.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "stateful_util.h" #include "utility.h" @@ -87,10 +90,10 @@ int RSAVerifyBinary_f(const uint8_t* key_blob, const uint8_t* sig, unsigned int algorithm) { RSAPublicKey* verification_key = NULL; - uint8_t* digest = NULL; + uint8_t digest[VB2_MAX_DIGEST_SIZE]; uint64_t key_size; int sig_size; - int success; + int success = 0; if (algorithm >= (unsigned int)kNumAlgorithms) return 0; /* Invalid algorithm. */ @@ -109,13 +112,15 @@ int RSAVerifyBinary_f(const uint8_t* key_blob, if (!verification_key) return 0; - digest = DigestBuf(buf, len, algorithm); - success = RSAVerify(verification_key, sig, (uint32_t)sig_size, - (uint8_t)algorithm, digest); + if (VB2_SUCCESS == vb2_digest_buffer(buf, len, vb2_crypto_to_hash(algorithm), + digest, sizeof(digest))) { + success = RSAVerify(verification_key, sig, (uint32_t)sig_size, + (uint8_t)algorithm, digest); + } - VbExFree(digest); if (!key) RSAPublicKeyFree(verification_key); /* Only free if we allocated it. */ + return success; } diff --git a/firmware/lib/cryptolib/sha1.c b/firmware/lib/cryptolib/sha1.c deleted file mode 100644 index b34b8a95..00000000 --- a/firmware/lib/cryptolib/sha1.c +++ /dev/null @@ -1,289 +0,0 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * SHA-1 implementation largely based on libmincrypt in the the Android - * Open Source Project (platorm/system/core.git/libmincrypt/sha.c - */ - -#include "sysincludes.h" - -#include "cryptolib.h" -#include "utility.h" - - -/* Some machines lack byteswap.h and endian.h. These have to use the - * slower code, even if they're little-endian. - */ - -#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN) - -/* This version is about 28% faster than the generic version below, - * but assumes little-endianness. - */ -static uint32_t ror27(uint32_t val) { - return (val >> 27) | (val << 5); -} -static uint32_t ror2(uint32_t val) { - return (val >> 2) | (val << 30); -} -static uint32_t ror31(uint32_t val) { - return (val >> 31) | (val << 1); -} - -static void SHA1_Transform(SHA1_CTX* ctx) { - uint32_t W[80]; - register uint32_t A, B, C, D, E; - int t; - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - -#define SHA_F1(A,B,C,D,E,t) \ - E += ror27(A) + \ - (W[t] = bswap_32(ctx->buf.w[t])) + \ - (D^(B&(C^D))) + 0x5A827999; \ - B = ror2(B); - - for (t = 0; t < 15; t += 5) { - SHA_F1(A,B,C,D,E,t + 0); - SHA_F1(E,A,B,C,D,t + 1); - SHA_F1(D,E,A,B,C,t + 2); - SHA_F1(C,D,E,A,B,t + 3); - SHA_F1(B,C,D,E,A,t + 4); - } - SHA_F1(A,B,C,D,E,t + 0); /* 16th one, t == 15 */ - -#undef SHA_F1 - -#define SHA_F1(A,B,C,D,E,t) \ - E += ror27(A) + \ - (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \ - (D^(B&(C^D))) + 0x5A827999; \ - B = ror2(B); - - SHA_F1(E,A,B,C,D,t + 1); - SHA_F1(D,E,A,B,C,t + 2); - SHA_F1(C,D,E,A,B,t + 3); - SHA_F1(B,C,D,E,A,t + 4); - -#undef SHA_F1 - -#define SHA_F2(A,B,C,D,E,t) \ - E += ror27(A) + \ - (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \ - (B^C^D) + 0x6ED9EBA1; \ - B = ror2(B); - - for (t = 20; t < 40; t += 5) { - SHA_F2(A,B,C,D,E,t + 0); - SHA_F2(E,A,B,C,D,t + 1); - SHA_F2(D,E,A,B,C,t + 2); - SHA_F2(C,D,E,A,B,t + 3); - SHA_F2(B,C,D,E,A,t + 4); - } - -#undef SHA_F2 - -#define SHA_F3(A,B,C,D,E,t) \ - E += ror27(A) + \ - (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \ - ((B&C)|(D&(B|C))) + 0x8F1BBCDC; \ - B = ror2(B); - - for (; t < 60; t += 5) { - SHA_F3(A,B,C,D,E,t + 0); - SHA_F3(E,A,B,C,D,t + 1); - SHA_F3(D,E,A,B,C,t + 2); - SHA_F3(C,D,E,A,B,t + 3); - SHA_F3(B,C,D,E,A,t + 4); - } - -#undef SHA_F3 - -#define SHA_F4(A,B,C,D,E,t) \ - E += ror27(A) + \ - (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) + \ - (B^C^D) + 0xCA62C1D6; \ - B = ror2(B); - - for (; t < 80; t += 5) { - SHA_F4(A,B,C,D,E,t + 0); - SHA_F4(E,A,B,C,D,t + 1); - SHA_F4(D,E,A,B,C,t + 2); - SHA_F4(C,D,E,A,B,t + 3); - SHA_F4(B,C,D,E,A,t + 4); - } - -#undef SHA_F4 - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; -} - -void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len) { - int i = ctx->count % sizeof(ctx->buf); - const uint8_t* p = (const uint8_t*)data; - - ctx->count += len; - - while (len > sizeof(ctx->buf) - i) { - Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i); - len -= sizeof(ctx->buf) - i; - p += sizeof(ctx->buf) - i; - SHA1_Transform(ctx); - i = 0; - } - - while (len--) { - ctx->buf.b[i++] = *p++; - if (i == sizeof(ctx->buf)) { - SHA1_Transform(ctx); - i = 0; - } - } -} - - -uint8_t* SHA1_final(SHA1_CTX* ctx) { - uint64_t cnt = ctx->count * 8; - int i; - - SHA1_update(ctx, (uint8_t*)"\x80", 1); - while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8)) { - SHA1_update(ctx, (uint8_t*)"\0", 1); - } - for (i = 0; i < 8; ++i) { - uint8_t tmp = cnt >> ((7 - i) * 8); - SHA1_update(ctx, &tmp, 1); - } - - for (i = 0; i < 5; i++) { - ctx->buf.w[i] = bswap_32(ctx->state[i]); - } - - return ctx->buf.b; -} - -#else /* #if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN) */ - -#define rol(bits, value) (((value) << (bits)) | ((value) >> (32 - (bits)))) - -static void SHA1_transform(SHA1_CTX *ctx) { - uint32_t W[80]; - uint32_t A, B, C, D, E; - uint8_t *p = ctx->buf; - int t; - - for(t = 0; t < 16; ++t) { - uint32_t tmp = *p++ << 24; - tmp |= *p++ << 16; - tmp |= *p++ << 8; - tmp |= *p++; - W[t] = tmp; - } - - for(; t < 80; t++) { - W[t] = rol(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]); - } - - A = ctx->state[0]; - B = ctx->state[1]; - C = ctx->state[2]; - D = ctx->state[3]; - E = ctx->state[4]; - - for(t = 0; t < 80; t++) { - uint32_t tmp = rol(5,A) + E + W[t]; - - if (t < 20) - tmp += (D^(B&(C^D))) + 0x5A827999; - else if ( t < 40) - tmp += (B^C^D) + 0x6ED9EBA1; - else if ( t < 60) - tmp += ((B&C)|(D&(B|C))) + 0x8F1BBCDC; - else - tmp += (B^C^D) + 0xCA62C1D6; - - E = D; - D = C; - C = rol(30,B); - B = A; - A = tmp; - } - - ctx->state[0] += A; - ctx->state[1] += B; - ctx->state[2] += C; - ctx->state[3] += D; - ctx->state[4] += E; -} - -void SHA1_update(SHA1_CTX *ctx, const uint8_t *data, uint64_t len) { - int i = (int)(ctx->count % sizeof(ctx->buf)); - const uint8_t* p = (const uint8_t*) data; - - ctx->count += len; - - while (len--) { - ctx->buf[i++] = *p++; - if (i == sizeof(ctx->buf)) { - SHA1_transform(ctx); - i = 0; - } - } -} -uint8_t* SHA1_final(SHA1_CTX *ctx) { - uint8_t *p = ctx->buf; - uint64_t cnt = ctx->count << 3; - int i; - - SHA1_update(ctx, (uint8_t*)"\x80", 1); - while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8)) { - SHA1_update(ctx, (uint8_t*)"\0", 1); - } - for (i = 0; i < 8; ++i) { - uint8_t tmp = (uint8_t)((uint64_t)cnt >> ((7 - i) * 8)); - SHA1_update(ctx, &tmp, 1); - } - - for (i = 0; i < 5; i++) { - uint32_t tmp = ctx->state[i]; - *p++ = (uint8_t)(tmp >> 24); - *p++ = (uint8_t)(tmp >> 16); - *p++ = (uint8_t)(tmp >> 8); - *p++ = (uint8_t)(tmp >> 0); - } - - return ctx->buf; -} - -#endif /* endianness */ - -void SHA1_init(SHA1_CTX* ctx) { - ctx->state[0] = 0x67452301; - ctx->state[1] = 0xEFCDAB89; - ctx->state[2] = 0x98BADCFE; - ctx->state[3] = 0x10325476; - ctx->state[4] = 0xC3D2E1F0; - ctx->count = 0; -} - -uint8_t* internal_SHA1(const uint8_t *data, uint64_t len, uint8_t *digest) { - const uint8_t *p; - int i; - SHA1_CTX ctx; - SHA1_init(&ctx); - SHA1_update(&ctx, data, len); - p = SHA1_final(&ctx); - for (i = 0; i < SHA1_DIGEST_SIZE; ++i) { - digest[i] = *p++; - } - return digest; -} diff --git a/firmware/lib/cryptolib/sha256.c b/firmware/lib/cryptolib/sha256.c deleted file mode 100644 index 128e3566..00000000 --- a/firmware/lib/cryptolib/sha256.c +++ /dev/null @@ -1,342 +0,0 @@ -/* SHA-256 and SHA-512 implementation based on code by Oliver Gay - * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below. - */ - -/* - * FIPS 180-2 SHA-224/256/384/512 implementation - * Last update: 02/02/2007 - * Issue date: 04/30/2005 - * - * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sysincludes.h" - -#include "cryptolib.h" -#include "utility.h" - -#define SHFR(x, n) (x >> n) -#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) -#define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n))) -#define CH(x, y, z) ((x & y) ^ (~x & z)) -#define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) - -#define SHA256_F1(x) (ROTR(x, 2) ^ ROTR(x, 13) ^ ROTR(x, 22)) -#define SHA256_F2(x) (ROTR(x, 6) ^ ROTR(x, 11) ^ ROTR(x, 25)) -#define SHA256_F3(x) (ROTR(x, 7) ^ ROTR(x, 18) ^ SHFR(x, 3)) -#define SHA256_F4(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHFR(x, 10)) - -#define UNPACK32(x, str) \ - { \ - *((str) + 3) = (uint8_t) ((x) ); \ - *((str) + 2) = (uint8_t) ((x) >> 8); \ - *((str) + 1) = (uint8_t) ((x) >> 16); \ - *((str) + 0) = (uint8_t) ((x) >> 24); \ - } - -#define PACK32(str, x) \ - { \ - *(x) = ((uint32_t) *((str) + 3) ) \ - | ((uint32_t) *((str) + 2) << 8) \ - | ((uint32_t) *((str) + 1) << 16) \ - | ((uint32_t) *((str) + 0) << 24); \ - } - -/* Macros used for loops unrolling */ - -#define SHA256_SCR(i) \ - { \ - w[i] = SHA256_F4(w[i - 2]) + w[i - 7] \ - + SHA256_F3(w[i - 15]) + w[i - 16]; \ - } - -#define SHA256_EXP(a, b, c, d, e, f, g, h, j) \ - { \ - t1 = wv[h] + SHA256_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \ - + sha256_k[j] + w[j]; \ - t2 = SHA256_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]); \ - wv[d] += t1; \ - wv[h] = t1 + t2; \ - } - -static const uint32_t sha256_h0[8] = { - 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, - 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19}; - -static const uint32_t sha256_k[64] = { - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, - 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, - 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, - 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, - 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, - 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2}; - - -/* SHA-256 implementation */ -void SHA256_init(VB_SHA256_CTX *ctx) { -#ifndef UNROLL_LOOPS - int i; - for (i = 0; i < 8; i++) { - ctx->h[i] = sha256_h0[i]; - } -#else - ctx->h[0] = sha256_h0[0]; ctx->h[1] = sha256_h0[1]; - ctx->h[2] = sha256_h0[2]; ctx->h[3] = sha256_h0[3]; - ctx->h[4] = sha256_h0[4]; ctx->h[5] = sha256_h0[5]; - ctx->h[6] = sha256_h0[6]; ctx->h[7] = sha256_h0[7]; -#endif /* !UNROLL_LOOPS */ - - ctx->len = 0; - ctx->tot_len = 0; -} - - -static void SHA256_transform(VB_SHA256_CTX* ctx, const uint8_t* message, - unsigned int block_nb) { - uint32_t w[64]; - uint32_t wv[8]; - uint32_t t1, t2; - const unsigned char *sub_block; - int i; - -#ifndef UNROLL_LOOPS - int j; -#endif - - for (i = 0; i < (int) block_nb; i++) { - sub_block = message + (i << 6); - -#ifndef UNROLL_LOOPS - for (j = 0; j < 16; j++) { - PACK32(&sub_block[j << 2], &w[j]); - } - - for (j = 16; j < 64; j++) { - SHA256_SCR(j); - } - - for (j = 0; j < 8; j++) { - wv[j] = ctx->h[j]; - } - - for (j = 0; j < 64; j++) { - t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) - + sha256_k[j] + w[j]; - t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]); - wv[7] = wv[6]; - wv[6] = wv[5]; - wv[5] = wv[4]; - wv[4] = wv[3] + t1; - wv[3] = wv[2]; - wv[2] = wv[1]; - wv[1] = wv[0]; - wv[0] = t1 + t2; - } - - for (j = 0; j < 8; j++) { - ctx->h[j] += wv[j]; - } -#else - PACK32(&sub_block[ 0], &w[ 0]); PACK32(&sub_block[ 4], &w[ 1]); - PACK32(&sub_block[ 8], &w[ 2]); PACK32(&sub_block[12], &w[ 3]); - PACK32(&sub_block[16], &w[ 4]); PACK32(&sub_block[20], &w[ 5]); - PACK32(&sub_block[24], &w[ 6]); PACK32(&sub_block[28], &w[ 7]); - PACK32(&sub_block[32], &w[ 8]); PACK32(&sub_block[36], &w[ 9]); - PACK32(&sub_block[40], &w[10]); PACK32(&sub_block[44], &w[11]); - PACK32(&sub_block[48], &w[12]); PACK32(&sub_block[52], &w[13]); - PACK32(&sub_block[56], &w[14]); PACK32(&sub_block[60], &w[15]); - - SHA256_SCR(16); SHA256_SCR(17); SHA256_SCR(18); SHA256_SCR(19); - SHA256_SCR(20); SHA256_SCR(21); SHA256_SCR(22); SHA256_SCR(23); - SHA256_SCR(24); SHA256_SCR(25); SHA256_SCR(26); SHA256_SCR(27); - SHA256_SCR(28); SHA256_SCR(29); SHA256_SCR(30); SHA256_SCR(31); - SHA256_SCR(32); SHA256_SCR(33); SHA256_SCR(34); SHA256_SCR(35); - SHA256_SCR(36); SHA256_SCR(37); SHA256_SCR(38); SHA256_SCR(39); - SHA256_SCR(40); SHA256_SCR(41); SHA256_SCR(42); SHA256_SCR(43); - SHA256_SCR(44); SHA256_SCR(45); SHA256_SCR(46); SHA256_SCR(47); - SHA256_SCR(48); SHA256_SCR(49); SHA256_SCR(50); SHA256_SCR(51); - SHA256_SCR(52); SHA256_SCR(53); SHA256_SCR(54); SHA256_SCR(55); - SHA256_SCR(56); SHA256_SCR(57); SHA256_SCR(58); SHA256_SCR(59); - SHA256_SCR(60); SHA256_SCR(61); SHA256_SCR(62); SHA256_SCR(63); - - wv[0] = ctx->h[0]; wv[1] = ctx->h[1]; - wv[2] = ctx->h[2]; wv[3] = ctx->h[3]; - wv[4] = ctx->h[4]; wv[5] = ctx->h[5]; - wv[6] = ctx->h[6]; wv[7] = ctx->h[7]; - - SHA256_EXP(0,1,2,3,4,5,6,7, 0); SHA256_EXP(7,0,1,2,3,4,5,6, 1); - SHA256_EXP(6,7,0,1,2,3,4,5, 2); SHA256_EXP(5,6,7,0,1,2,3,4, 3); - SHA256_EXP(4,5,6,7,0,1,2,3, 4); SHA256_EXP(3,4,5,6,7,0,1,2, 5); - SHA256_EXP(2,3,4,5,6,7,0,1, 6); SHA256_EXP(1,2,3,4,5,6,7,0, 7); - SHA256_EXP(0,1,2,3,4,5,6,7, 8); SHA256_EXP(7,0,1,2,3,4,5,6, 9); - SHA256_EXP(6,7,0,1,2,3,4,5,10); SHA256_EXP(5,6,7,0,1,2,3,4,11); - SHA256_EXP(4,5,6,7,0,1,2,3,12); SHA256_EXP(3,4,5,6,7,0,1,2,13); - SHA256_EXP(2,3,4,5,6,7,0,1,14); SHA256_EXP(1,2,3,4,5,6,7,0,15); - SHA256_EXP(0,1,2,3,4,5,6,7,16); SHA256_EXP(7,0,1,2,3,4,5,6,17); - SHA256_EXP(6,7,0,1,2,3,4,5,18); SHA256_EXP(5,6,7,0,1,2,3,4,19); - SHA256_EXP(4,5,6,7,0,1,2,3,20); SHA256_EXP(3,4,5,6,7,0,1,2,21); - SHA256_EXP(2,3,4,5,6,7,0,1,22); SHA256_EXP(1,2,3,4,5,6,7,0,23); - SHA256_EXP(0,1,2,3,4,5,6,7,24); SHA256_EXP(7,0,1,2,3,4,5,6,25); - SHA256_EXP(6,7,0,1,2,3,4,5,26); SHA256_EXP(5,6,7,0,1,2,3,4,27); - SHA256_EXP(4,5,6,7,0,1,2,3,28); SHA256_EXP(3,4,5,6,7,0,1,2,29); - SHA256_EXP(2,3,4,5,6,7,0,1,30); SHA256_EXP(1,2,3,4,5,6,7,0,31); - SHA256_EXP(0,1,2,3,4,5,6,7,32); SHA256_EXP(7,0,1,2,3,4,5,6,33); - SHA256_EXP(6,7,0,1,2,3,4,5,34); SHA256_EXP(5,6,7,0,1,2,3,4,35); - SHA256_EXP(4,5,6,7,0,1,2,3,36); SHA256_EXP(3,4,5,6,7,0,1,2,37); - SHA256_EXP(2,3,4,5,6,7,0,1,38); SHA256_EXP(1,2,3,4,5,6,7,0,39); - SHA256_EXP(0,1,2,3,4,5,6,7,40); SHA256_EXP(7,0,1,2,3,4,5,6,41); - SHA256_EXP(6,7,0,1,2,3,4,5,42); SHA256_EXP(5,6,7,0,1,2,3,4,43); - SHA256_EXP(4,5,6,7,0,1,2,3,44); SHA256_EXP(3,4,5,6,7,0,1,2,45); - SHA256_EXP(2,3,4,5,6,7,0,1,46); SHA256_EXP(1,2,3,4,5,6,7,0,47); - SHA256_EXP(0,1,2,3,4,5,6,7,48); SHA256_EXP(7,0,1,2,3,4,5,6,49); - SHA256_EXP(6,7,0,1,2,3,4,5,50); SHA256_EXP(5,6,7,0,1,2,3,4,51); - SHA256_EXP(4,5,6,7,0,1,2,3,52); SHA256_EXP(3,4,5,6,7,0,1,2,53); - SHA256_EXP(2,3,4,5,6,7,0,1,54); SHA256_EXP(1,2,3,4,5,6,7,0,55); - SHA256_EXP(0,1,2,3,4,5,6,7,56); SHA256_EXP(7,0,1,2,3,4,5,6,57); - SHA256_EXP(6,7,0,1,2,3,4,5,58); SHA256_EXP(5,6,7,0,1,2,3,4,59); - SHA256_EXP(4,5,6,7,0,1,2,3,60); SHA256_EXP(3,4,5,6,7,0,1,2,61); - SHA256_EXP(2,3,4,5,6,7,0,1,62); SHA256_EXP(1,2,3,4,5,6,7,0,63); - - ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; - ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; - ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; - ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; -#endif /* !UNROLL_LOOPS */ - } -} - - - -void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { - unsigned int block_nb; - unsigned int new_len, rem_len, tmp_len; - const uint8_t *shifted_data; - - tmp_len = SHA256_BLOCK_SIZE - ctx->len; - rem_len = len < tmp_len ? len : tmp_len; - - Memcpy(&ctx->block[ctx->len], data, rem_len); - - if (ctx->len + len < SHA256_BLOCK_SIZE) { - ctx->len += len; - return; - } - - new_len = len - rem_len; - block_nb = new_len / SHA256_BLOCK_SIZE; - - shifted_data = data + rem_len; - - SHA256_transform(ctx, ctx->block, 1); - SHA256_transform(ctx, shifted_data, block_nb); - - rem_len = new_len % SHA256_BLOCK_SIZE; - - Memcpy(ctx->block, &shifted_data[block_nb << 6], - rem_len); - - ctx->len = rem_len; - ctx->tot_len += (block_nb + 1) << 6; -} - -uint8_t* SHA256_final(VB_SHA256_CTX* ctx) { - unsigned int block_nb; - unsigned int pm_len; - unsigned int len_b; -#ifndef UNROLL_LOOPS - int i; -#endif - - block_nb = (1 + ((SHA256_BLOCK_SIZE - 9) - < (ctx->len % SHA256_BLOCK_SIZE))); - - len_b = (ctx->tot_len + ctx->len) << 3; - pm_len = block_nb << 6; - - Memset(ctx->block + ctx->len, 0, pm_len - ctx->len); - ctx->block[ctx->len] = 0x80; - UNPACK32(len_b, ctx->block + pm_len - 4); - - SHA256_transform(ctx, ctx->block, block_nb); - -#ifndef UNROLL_LOOPS - for (i = 0 ; i < 8; i++) { - UNPACK32(ctx->h[i], &ctx->buf[i << 2]); - } -#else - UNPACK32(ctx->h[0], &ctx->buf[ 0]); - UNPACK32(ctx->h[1], &ctx->buf[ 4]); - UNPACK32(ctx->h[2], &ctx->buf[ 8]); - UNPACK32(ctx->h[3], &ctx->buf[12]); - UNPACK32(ctx->h[4], &ctx->buf[16]); - UNPACK32(ctx->h[5], &ctx->buf[20]); - UNPACK32(ctx->h[6], &ctx->buf[24]); - UNPACK32(ctx->h[7], &ctx->buf[28]); -#endif /* !UNROLL_LOOPS */ - - return ctx->buf; -} - -uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) { - const uint8_t* input_ptr; - const uint8_t* result; - uint64_t remaining_len; - int i; - VB_SHA256_CTX ctx; - - SHA256_init(&ctx); - - input_ptr = data; - remaining_len = len; - - /* Process data in at most UINT32_MAX byte chunks at a time. */ - while (remaining_len) { - uint32_t block_size; - block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? - UINT32_MAX : remaining_len); - SHA256_update(&ctx, input_ptr, block_size); - remaining_len -= block_size; - input_ptr += block_size; - } - - result = SHA256_final(&ctx); - for (i = 0; i < SHA256_DIGEST_SIZE; ++i) { - digest[i] = *result++; - } - return digest; -} diff --git a/firmware/lib/cryptolib/sha512.c b/firmware/lib/cryptolib/sha512.c deleted file mode 100644 index 33d47a15..00000000 --- a/firmware/lib/cryptolib/sha512.c +++ /dev/null @@ -1,365 +0,0 @@ -/* SHA-256 and SHA-512 implementation based on code by Oliver Gay - * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below. - */ - -/* - * FIPS 180-2 SHA-224/256/384/512 implementation - * Last update: 02/02/2007 - * Issue date: 04/30/2005 - * - * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch> - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. Neither the name of the project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sysincludes.h" - -#include "cryptolib.h" -#include "utility.h" - -#define SHFR(x, n) (x >> n) -#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) -#define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n))) -#define CH(x, y, z) ((x & y) ^ (~x & z)) -#define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z)) - -#define SHA512_F1(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39)) -#define SHA512_F2(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41)) -#define SHA512_F3(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHFR(x, 7)) -#define SHA512_F4(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHFR(x, 6)) - -#define UNPACK32(x, str) \ - { \ - *((str) + 3) = (uint8_t) ((x) ); \ - *((str) + 2) = (uint8_t) ((x) >> 8); \ - *((str) + 1) = (uint8_t) ((x) >> 16); \ - *((str) + 0) = (uint8_t) ((x) >> 24); \ - } - -#define UNPACK64(x, str) \ - { \ - *((str) + 7) = (uint8_t) x; \ - *((str) + 6) = (uint8_t) ((uint64_t)x >> 8); \ - *((str) + 5) = (uint8_t) ((uint64_t)x >> 16); \ - *((str) + 4) = (uint8_t) ((uint64_t)x >> 24); \ - *((str) + 3) = (uint8_t) ((uint64_t)x >> 32); \ - *((str) + 2) = (uint8_t) ((uint64_t)x >> 40); \ - *((str) + 1) = (uint8_t) ((uint64_t)x >> 48); \ - *((str) + 0) = (uint8_t) ((uint64_t)x >> 56); \ - } - -#define PACK64(str, x) \ - { \ - *(x) = ((uint64_t) *((str) + 7) ) \ - | ((uint64_t) *((str) + 6) << 8) \ - | ((uint64_t) *((str) + 5) << 16) \ - | ((uint64_t) *((str) + 4) << 24) \ - | ((uint64_t) *((str) + 3) << 32) \ - | ((uint64_t) *((str) + 2) << 40) \ - | ((uint64_t) *((str) + 1) << 48) \ - | ((uint64_t) *((str) + 0) << 56); \ - } - -/* Macros used for loops unrolling */ - -#define SHA512_SCR(i) \ - { \ - w[i] = SHA512_F4(w[i - 2]) + w[i - 7] \ - + SHA512_F3(w[i - 15]) + w[i - 16]; \ - } - -#define SHA512_EXP(a, b, c, d, e, f, g ,h, j) \ - { \ - t1 = wv[h] + SHA512_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \ - + sha512_k[j] + w[j]; \ - t2 = SHA512_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]); \ - wv[d] += t1; \ - wv[h] = t1 + t2; \ - } - -static const uint64_t sha512_h0[8] = { - 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, - 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, - 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, - 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL}; - -static const uint64_t sha512_k[80] = { - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, - 0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL, - 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, - 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, - 0xd807aa98a3030242ULL, 0x12835b0145706fbeULL, - 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, - 0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL, - 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, - 0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL, - 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, - 0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL, - 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, - 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, - 0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL, - 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, - 0x81c2c92e47edaee6ULL, 0x92722c851482353bULL, - 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, - 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, - 0xd192e819d6ef5218ULL, 0xd69906245565a910ULL, - 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, - 0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL, - 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, - 0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL, - 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, - 0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL, - 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, - 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, - 0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL, - 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, - 0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL, - 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL}; - - -/* SHA-512 implementation */ - -void SHA512_init(VB_SHA512_CTX *ctx) { -#ifdef UNROLL_LOOPS_SHA512 - ctx->h[0] = sha512_h0[0]; ctx->h[1] = sha512_h0[1]; - ctx->h[2] = sha512_h0[2]; ctx->h[3] = sha512_h0[3]; - ctx->h[4] = sha512_h0[4]; ctx->h[5] = sha512_h0[5]; - ctx->h[6] = sha512_h0[6]; ctx->h[7] = sha512_h0[7]; -#else - int i; - - for (i = 0; i < 8; i++) - ctx->h[i] = sha512_h0[i]; -#endif /* UNROLL_LOOPS_SHA512 */ - - ctx->len = 0; - ctx->tot_len = 0; -} - - -static void SHA512_transform(VB_SHA512_CTX* ctx, const uint8_t* message, - unsigned int block_nb) { - uint64_t w[80]; - uint64_t wv[8]; - uint64_t t1, t2; - const uint8_t *sub_block; - int i, j; - - for (i = 0; i < (int) block_nb; i++) { - sub_block = message + (i << 7); - -#ifdef UNROLL_LOOPS_SHA512 - PACK64(&sub_block[ 0], &w[ 0]); PACK64(&sub_block[ 8], &w[ 1]); - PACK64(&sub_block[ 16], &w[ 2]); PACK64(&sub_block[ 24], &w[ 3]); - PACK64(&sub_block[ 32], &w[ 4]); PACK64(&sub_block[ 40], &w[ 5]); - PACK64(&sub_block[ 48], &w[ 6]); PACK64(&sub_block[ 56], &w[ 7]); - PACK64(&sub_block[ 64], &w[ 8]); PACK64(&sub_block[ 72], &w[ 9]); - PACK64(&sub_block[ 80], &w[10]); PACK64(&sub_block[ 88], &w[11]); - PACK64(&sub_block[ 96], &w[12]); PACK64(&sub_block[104], &w[13]); - PACK64(&sub_block[112], &w[14]); PACK64(&sub_block[120], &w[15]); - - SHA512_SCR(16); SHA512_SCR(17); SHA512_SCR(18); SHA512_SCR(19); - SHA512_SCR(20); SHA512_SCR(21); SHA512_SCR(22); SHA512_SCR(23); - SHA512_SCR(24); SHA512_SCR(25); SHA512_SCR(26); SHA512_SCR(27); - SHA512_SCR(28); SHA512_SCR(29); SHA512_SCR(30); SHA512_SCR(31); - SHA512_SCR(32); SHA512_SCR(33); SHA512_SCR(34); SHA512_SCR(35); - SHA512_SCR(36); SHA512_SCR(37); SHA512_SCR(38); SHA512_SCR(39); - SHA512_SCR(40); SHA512_SCR(41); SHA512_SCR(42); SHA512_SCR(43); - SHA512_SCR(44); SHA512_SCR(45); SHA512_SCR(46); SHA512_SCR(47); - SHA512_SCR(48); SHA512_SCR(49); SHA512_SCR(50); SHA512_SCR(51); - SHA512_SCR(52); SHA512_SCR(53); SHA512_SCR(54); SHA512_SCR(55); - SHA512_SCR(56); SHA512_SCR(57); SHA512_SCR(58); SHA512_SCR(59); - SHA512_SCR(60); SHA512_SCR(61); SHA512_SCR(62); SHA512_SCR(63); - SHA512_SCR(64); SHA512_SCR(65); SHA512_SCR(66); SHA512_SCR(67); - SHA512_SCR(68); SHA512_SCR(69); SHA512_SCR(70); SHA512_SCR(71); - SHA512_SCR(72); SHA512_SCR(73); SHA512_SCR(74); SHA512_SCR(75); - SHA512_SCR(76); SHA512_SCR(77); SHA512_SCR(78); SHA512_SCR(79); - - wv[0] = ctx->h[0]; wv[1] = ctx->h[1]; - wv[2] = ctx->h[2]; wv[3] = ctx->h[3]; - wv[4] = ctx->h[4]; wv[5] = ctx->h[5]; - wv[6] = ctx->h[6]; wv[7] = ctx->h[7]; - - j = 0; - - do { - SHA512_EXP(0,1,2,3,4,5,6,7,j); j++; - SHA512_EXP(7,0,1,2,3,4,5,6,j); j++; - SHA512_EXP(6,7,0,1,2,3,4,5,j); j++; - SHA512_EXP(5,6,7,0,1,2,3,4,j); j++; - SHA512_EXP(4,5,6,7,0,1,2,3,j); j++; - SHA512_EXP(3,4,5,6,7,0,1,2,j); j++; - SHA512_EXP(2,3,4,5,6,7,0,1,j); j++; - SHA512_EXP(1,2,3,4,5,6,7,0,j); j++; - } while (j < 80); - - ctx->h[0] += wv[0]; ctx->h[1] += wv[1]; - ctx->h[2] += wv[2]; ctx->h[3] += wv[3]; - ctx->h[4] += wv[4]; ctx->h[5] += wv[5]; - ctx->h[6] += wv[6]; ctx->h[7] += wv[7]; -#else - for (j = 0; j < 16; j++) { - PACK64(&sub_block[j << 3], &w[j]); - } - - for (j = 16; j < 80; j++) { - SHA512_SCR(j); - } - - for (j = 0; j < 8; j++) { - wv[j] = ctx->h[j]; - } - - for (j = 0; j < 80; j++) { - t1 = wv[7] + SHA512_F2(wv[4]) + CH(wv[4], wv[5], wv[6]) - + sha512_k[j] + w[j]; - t2 = SHA512_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]); - wv[7] = wv[6]; - wv[6] = wv[5]; - wv[5] = wv[4]; - wv[4] = wv[3] + t1; - wv[3] = wv[2]; - wv[2] = wv[1]; - wv[1] = wv[0]; - wv[0] = t1 + t2; - } - - for (j = 0; j < 8; j++) - ctx->h[j] += wv[j]; -#endif /* UNROLL_LOOPS_SHA512 */ - } -} - - -void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data, - uint32_t len) { - unsigned int block_nb; - unsigned int new_len, rem_len, tmp_len; - const uint8_t* shifted_data; - - tmp_len = SHA512_BLOCK_SIZE - ctx->len; - rem_len = len < tmp_len ? len : tmp_len; - - Memcpy(&ctx->block[ctx->len], data, rem_len); - - if (ctx->len + len < SHA512_BLOCK_SIZE) { - ctx->len += len; - return; - } - - new_len = len - rem_len; - block_nb = new_len / SHA512_BLOCK_SIZE; - - shifted_data = data + rem_len; - - SHA512_transform(ctx, ctx->block, 1); - SHA512_transform(ctx, shifted_data, block_nb); - - rem_len = new_len % SHA512_BLOCK_SIZE; - - Memcpy(ctx->block, &shifted_data[block_nb << 7], - rem_len); - - ctx->len = rem_len; - ctx->tot_len += (block_nb + 1) << 7; -} - -uint8_t* SHA512_final(VB_SHA512_CTX* ctx) -{ - unsigned int block_nb; - unsigned int pm_len; - unsigned int len_b; - -#ifndef UNROLL_LOOPS_SHA512 - int i; -#endif - - block_nb = 1 + ((SHA512_BLOCK_SIZE - 17) - < (ctx->len % SHA512_BLOCK_SIZE)); - - len_b = (ctx->tot_len + ctx->len) << 3; - pm_len = block_nb << 7; - - Memset(ctx->block + ctx->len, 0, pm_len - ctx->len); - ctx->block[ctx->len] = 0x80; - UNPACK32(len_b, ctx->block + pm_len - 4); - - SHA512_transform(ctx, ctx->block, block_nb); - -#ifdef UNROLL_LOOPS_SHA512 - UNPACK64(ctx->h[0], &ctx->buf[ 0]); - UNPACK64(ctx->h[1], &ctx->buf[ 8]); - UNPACK64(ctx->h[2], &ctx->buf[16]); - UNPACK64(ctx->h[3], &ctx->buf[24]); - UNPACK64(ctx->h[4], &ctx->buf[32]); - UNPACK64(ctx->h[5], &ctx->buf[40]); - UNPACK64(ctx->h[6], &ctx->buf[48]); - UNPACK64(ctx->h[7], &ctx->buf[56]); -#else - for (i = 0 ; i < 8; i++) - UNPACK64(ctx->h[i], &ctx->buf[i << 3]); -#endif /* UNROLL_LOOPS_SHA512 */ - - return ctx->buf; -} - - -uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) { - const uint8_t* input_ptr; - const uint8_t* result; - uint64_t remaining_len; - int i; - VB_SHA512_CTX ctx; - SHA512_init(&ctx); - - input_ptr = data; - remaining_len = len; - - /* Process data in at most UINT32_MAX byte chunks at a time. */ - while (remaining_len) { - uint32_t block_size; - block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? - UINT32_MAX : remaining_len); - SHA512_update(&ctx, input_ptr, block_size); - remaining_len -= block_size; - input_ptr += block_size; - } - - result = SHA512_final(&ctx); - for (i = 0; i < SHA512_DIGEST_SIZE; ++i) { - digest[i] = *result++; - } - return digest; -} diff --git a/firmware/lib/cryptolib/sha_utility.c b/firmware/lib/cryptolib/sha_utility.c deleted file mode 100644 index 38bce14d..00000000 --- a/firmware/lib/cryptolib/sha_utility.c +++ /dev/null @@ -1,118 +0,0 @@ -/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Utility functions for message digest functions. - */ - -#include "sysincludes.h" - -#include "cryptolib.h" -#include "utility.h" -#include "vboot_api.h" - -void DigestInit(DigestContext* ctx, int sig_algorithm) { - ctx->algorithm = hash_type_map[sig_algorithm]; - switch(ctx->algorithm) { -#ifndef CHROMEOS_EC - case SHA1_DIGEST_ALGORITHM: - ctx->sha1_ctx = (SHA1_CTX*) VbExMalloc(sizeof(SHA1_CTX)); - SHA1_init(ctx->sha1_ctx); - break; -#endif - case SHA256_DIGEST_ALGORITHM: - ctx->sha256_ctx = (VB_SHA256_CTX*) VbExMalloc(sizeof(VB_SHA256_CTX)); - SHA256_init(ctx->sha256_ctx); - break; -#ifndef CHROMEOS_EC - case SHA512_DIGEST_ALGORITHM: - ctx->sha512_ctx = (VB_SHA512_CTX*) VbExMalloc(sizeof(VB_SHA512_CTX)); - SHA512_init(ctx->sha512_ctx); - break; -#endif - }; -} - -void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) { - switch(ctx->algorithm) { -#ifndef CHROMEOS_EC - case SHA1_DIGEST_ALGORITHM: - SHA1_update(ctx->sha1_ctx, data, len); - break; -#endif - case SHA256_DIGEST_ALGORITHM: - SHA256_update(ctx->sha256_ctx, data, len); - break; -#ifndef CHROMEOS_EC - case SHA512_DIGEST_ALGORITHM: - SHA512_update(ctx->sha512_ctx, data, len); - break; -#endif - }; -} - -uint8_t* DigestFinal(DigestContext* ctx) { - uint8_t* digest = NULL; - switch(ctx->algorithm) { -#ifndef CHROMEOS_EC - case SHA1_DIGEST_ALGORITHM: - digest = (uint8_t*) VbExMalloc(SHA1_DIGEST_SIZE); - Memcpy(digest, SHA1_final(ctx->sha1_ctx), SHA1_DIGEST_SIZE); - VbExFree(ctx->sha1_ctx); - break; -#endif - case SHA256_DIGEST_ALGORITHM: - digest = (uint8_t*) VbExMalloc(SHA256_DIGEST_SIZE); - Memcpy(digest, SHA256_final(ctx->sha256_ctx), SHA256_DIGEST_SIZE); - VbExFree(ctx->sha256_ctx); - break; -#ifndef CHROMEOS_EC - case SHA512_DIGEST_ALGORITHM: - digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE); - Memcpy(digest, SHA512_final(ctx->sha512_ctx), SHA512_DIGEST_SIZE); - VbExFree(ctx->sha512_ctx); - break; -#endif - }; - return digest; -} - -uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) { - /* Allocate enough space for the largest digest */ - uint8_t* digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE); - /* Define an array mapping [sig_algorithm] to function pointers to the - * SHA{1|256|512} functions. - */ - typedef uint8_t* (*Hash_ptr) (const uint8_t*, uint64_t, uint8_t*); - Hash_ptr hash[] = { -#ifdef CHROMEOS_EC - 0, /* RSA 1024 */ - 0, - 0, - 0, /* RSA 2048 */ - 0, - 0, - 0, /* RSA 4096 */ - internal_SHA256, - 0, - 0, /* RSA 8192 */ - 0, - 0, -#else - internal_SHA1, /* RSA 1024 */ - internal_SHA256, - internal_SHA512, - internal_SHA1, /* RSA 2048 */ - internal_SHA256, - internal_SHA512, - internal_SHA1, /* RSA 4096 */ - internal_SHA256, - internal_SHA512, - internal_SHA1, /* RSA 8192 */ - internal_SHA256, - internal_SHA512, -#endif - }; - /* Call the appropriate hash function. */ - return hash[sig_algorithm](buf, len, digest); -} diff --git a/firmware/lib/include/vboot_common.h b/firmware/lib/include/vboot_common.h index 4d50ff62..35d7676d 100644 --- a/firmware/lib/include/vboot_common.h +++ b/firmware/lib/include/vboot_common.h @@ -106,8 +106,8 @@ int VerifyData(const uint8_t *data, uint64_t size, const VbSignature *sig, const RSAPublicKey *key); /** - * Verify a secure hash digest from DigestBuf() or DigestFinal(), using - * [key]. Returns 0 on success. + * Verify a secure hash digest from vb2_digest_buffer() or + * vb2_digest_finalize(), using [key]. Returns 0 on success. */ int VerifyDigest(const uint8_t *digest, const VbSignature *sig, const RSAPublicKey *key); diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 226cdb7b..308bfeed 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -7,7 +7,10 @@ */ #include "sysincludes.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "vboot_api.h" #include "vboot_common.h" #include "utility.h" @@ -219,7 +222,7 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size, */ if (hash_only) { /* Check hash */ - uint8_t *header_checksum = NULL; + uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE]; int rv; sig = &block->key_block_checksum; @@ -228,7 +231,7 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size, VBDEBUG(("Key block hash off end of block\n")); return VBOOT_KEY_BLOCK_INVALID; } - if (sig->sig_size != SHA512_DIGEST_SIZE) { + if (sig->sig_size != VB2_SHA512_DIGEST_SIZE) { VBDEBUG(("Wrong hash size for key block.\n")); return VBOOT_KEY_BLOCK_INVALID; } @@ -240,12 +243,15 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size, } VBDEBUG(("Checking key block hash only...\n")); - header_checksum = DigestBuf((const uint8_t *)block, - sig->data_size, - SHA512_DIGEST_ALGORITHM); - rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig), - SHA512_DIGEST_SIZE); - VbExFree(header_checksum); + rv = vb2_digest_buffer((const uint8_t *)block, + sig->data_size, + VB2_HASH_SHA512, + header_checksum, + sizeof(header_checksum)); + if (!rv) + rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig), + sizeof(header_checksum)); + if (rv) { VBDEBUG(("Invalid key block hash.\n")); return VBOOT_KEY_BLOCK_HASH; diff --git a/firmware/lib/vboot_display.c b/firmware/lib/vboot_display.c index b178f2cd..2ef87034 100644 --- a/firmware/lib/vboot_display.c +++ b/firmware/lib/vboot_display.c @@ -6,7 +6,10 @@ */ #include "sysincludes.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "bmpblk_font.h" #include "gbb_access.h" #include "gbb_header.h" @@ -379,14 +382,15 @@ static void FillInSha1Sum(char *outbuf, VbPublicKey *key) { uint8_t *buf = ((uint8_t *)key) + key->key_offset; uint64_t buflen = key->key_size; - uint8_t *digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM); + uint8_t digest[VB2_SHA1_DIGEST_SIZE]; int i; - for (i = 0; i < SHA1_DIGEST_SIZE; i++) { + + vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest)); + for (i = 0; i < sizeof(digest); i++) { Uint8ToString(outbuf, digest[i]); outbuf += 2; } *outbuf = '\0'; - VbExFree(digest); } const char *RecoveryReasonString(uint8_t code) @@ -549,7 +553,7 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr) (VbSharedDataHeader *)cparams->shared_data_blob; GoogleBinaryBlockHeader *gbb = cparams->gbb; char buf[DEBUG_INFO_SIZE] = ""; - char sha1sum[SHA1_DIGEST_SIZE * 2 + 1]; + char sha1sum[VB2_SHA1_DIGEST_SIZE * 2 + 1]; char hwid[256]; uint32_t used = 0; VbPublicKey *key; diff --git a/firmware/lib/vboot_firmware.c b/firmware/lib/vboot_firmware.c index 7e6010bb..bfabfd48 100644 --- a/firmware/lib/vboot_firmware.c +++ b/firmware/lib/vboot_firmware.c @@ -7,7 +7,10 @@ */ #include "sysincludes.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "region.h" #include "gbb_access.h" #include "gbb_header.h" @@ -24,7 +27,7 @@ * struct back to us. */ typedef struct VbLoadFirmwareInternal { - DigestContext body_digest_context; + struct vb2_digest_context body_digest_context; uint32_t body_size_accum; } VbLoadFirmwareInternal; @@ -34,7 +37,7 @@ void VbUpdateFirmwareBodyHash(VbCommonParams *cparams, uint8_t *data, VbLoadFirmwareInternal *lfi = (VbLoadFirmwareInternal*)cparams->vboot_context; - DigestUpdate(&lfi->body_digest_context, data, size); + vb2_digest_extend(&lfi->body_digest_context, data, size); lfi->body_size_accum += size; } @@ -96,7 +99,6 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams, RSAPublicKey *data_key; uint64_t key_version; uint32_t combined_version; - uint8_t *body_digest; uint8_t *check_result; /* If try B count is non-zero try firmware B first */ @@ -230,8 +232,8 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams, VbError_t rv; /* Read the firmware data */ - DigestInit(&lfi->body_digest_context, - data_key->algorithm); + vb2_digest_init(&lfi->body_digest_context, + vb2_crypto_to_hash(data_key->algorithm)); lfi->body_size_accum = 0; rv = VbExHashFirmwareBody( cparams, @@ -255,17 +257,17 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams, } /* Verify firmware data */ - body_digest = DigestFinal(&lfi->body_digest_context); + uint8_t body_digest[VB2_MAX_DIGEST_SIZE]; + vb2_digest_finalize(&lfi->body_digest_context, + body_digest, sizeof(body_digest)); if (0 != VerifyDigest(body_digest, &preamble->body_signature, data_key)) { VBDEBUG(("FW body verification failed.\n")); *check_result = VBSD_LF_CHECK_VERIFY_BODY; RSAPublicKeyFree(data_key); - VbExFree(body_digest); continue; } - VbExFree(body_digest); } /* Done with the data key, so can free it now */ diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c index 6ab52b7e..4a7154ed 100644 --- a/firmware/lib/vboot_kernel.c +++ b/firmware/lib/vboot_kernel.c @@ -8,6 +8,8 @@ #include "sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cgptlib.h" #include "cgptlib_internal.h" #include "region.h" @@ -281,29 +283,27 @@ VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams) VbPublicKey *key = &key_block->data_key; uint8_t *buf = ((uint8_t *)key) + key->key_offset; uint64_t buflen = key->key_size; - uint8_t *digest; + uint8_t digest[VB2_SHA256_DIGEST_SIZE]; VBDEBUG(("Checking developer key hash.\n")); - digest = DigestBuf(buf, buflen, - SHA256_DIGEST_ALGORITHM); + vb2_digest_buffer(buf, buflen, VB2_HASH_SHA256, + digest, sizeof(digest)); if (0 != SafeMemcmp(digest, params->fwmp->dev_key_hash, - SHA256_DIGEST_SIZE)) { + VB2_SHA256_DIGEST_SIZE)) { int i; VBDEBUG(("Wrong developer key hash.\n")); VBDEBUG(("Want: ")); - for (i = 0; i < SHA256_DIGEST_SIZE; i++) + for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++) VBDEBUG(("%02x", params->fwmp->dev_key_hash[i])); VBDEBUG(("\nGot: ")); - for (i = 0; i < SHA256_DIGEST_SIZE; i++) + for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++) VBDEBUG(("%02x", digest[i])); VBDEBUG(("\n")); - VbExFree(digest); goto bad_kernel; } - VbExFree(digest); } /* Get key for preamble/data verification from the key block. */ diff --git a/futility/cmd_create.c b/futility/cmd_create.c index 143ea9ae..70568f46 100644 --- a/futility/cmd_create.c +++ b/futility/cmd_create.c @@ -13,6 +13,7 @@ #include "2common.h" #include "2id.h" #include "2rsa.h" +#include "2sha.h" #include "util_misc.h" #include "vb2_common.h" #include "vb2_struct.h" @@ -254,10 +255,8 @@ static int vb2_make_keypair() /* Update the IDs */ if (!force_id) { - uint8_t *digest = DigestBuf(keyb_data, keyb_size, - SHA1_DIGEST_ALGORITHM); - memcpy(&opt_id, digest, sizeof(opt_id)); - free(digest); + vb2_digest_buffer(keyb_data, keyb_size, VB2_HASH_SHA1, + opt_id.raw, sizeof(opt_id.raw)); } memcpy((struct vb2_id *)pubkey->id, &opt_id, sizeof(opt_id)); diff --git a/futility/cmd_pcr.c b/futility/cmd_pcr.c index 241bfb2f..ecb5dc07 100644 --- a/futility/cmd_pcr.c +++ b/futility/cmd_pcr.c @@ -10,6 +10,9 @@ #include <stdio.h> #include <string.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "futility.h" static const char usage[] = "\n" @@ -105,13 +108,12 @@ static const struct option long_opts[] = { }; static int do_pcr(int argc, char *argv[]) { - uint8_t accum[SHA256_DIGEST_SIZE * 2]; - uint8_t pcr[SHA256_DIGEST_SIZE]; - int digest_alg = SHA1_DIGEST_ALGORITHM; - int digest_size = SHA1_DIGEST_SIZE; + uint8_t accum[VB2_MAX_DIGEST_SIZE * 2]; + uint8_t pcr[VB2_MAX_DIGEST_SIZE]; + int digest_alg = VB2_HASH_SHA1; + int digest_size; int opt_init = 0; int errorcnt = 0; - uint8_t *digest; int i; opterr = 0; /* quiet, you */ @@ -121,8 +123,7 @@ static int do_pcr(int argc, char *argv[]) opt_init = 1; break; case '2': - digest_alg = SHA256_DIGEST_ALGORITHM; - digest_size = SHA256_DIGEST_SIZE; + digest_alg = VB2_HASH_SHA256; break; case OPT_HELP: print_help(argc, argv); @@ -157,6 +158,12 @@ static int do_pcr(int argc, char *argv[]) memset(pcr, 0, sizeof(pcr)); + digest_size = vb2_digest_size(digest_alg); + if (!digest_size) { + fprintf(stderr, "Error determining digest size!\n"); + return 1; + } + if (opt_init) { parse_digest_or_die(pcr, digest_size, argv[optind]); optind++; @@ -174,13 +181,12 @@ static int do_pcr(int argc, char *argv[]) print_digest(accum + digest_size, digest_size); printf("\n"); - digest = DigestBuf(accum, digest_size * 2, digest_alg); - if (!digest) { + if (VB2_SUCCESS != vb2_digest_buffer(accum, digest_size * 2, + digest_alg, + pcr, digest_size)) { fprintf(stderr, "Error computing digest!\n"); return 1; } - memcpy(pcr, digest, digest_size); - free(digest); printf("PCR: "); print_digest(pcr, digest_size); diff --git a/futility/file_type_usbpd1.c b/futility/file_type_usbpd1.c index c0f5397e..fe0042b1 100644 --- a/futility/file_type_usbpd1.c +++ b/futility/file_type_usbpd1.c @@ -21,6 +21,7 @@ #include "2sysincludes.h" #include "2common.h" +#include "2sha.h" #include "2rsa.h" #include "file_type.h" #include "futility.h" @@ -339,7 +340,7 @@ static void show_usbpd1_stuff(const char *name, { struct vb2_public_key key; struct vb2_packed_key *pkey; - uint8_t *sha1sum; + uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE]; int i; vb2_pubkey_from_usbpd1(&key, sig_alg, hash_alg, @@ -348,19 +349,18 @@ static void show_usbpd1_stuff(const char *name, if (vb2_public_key_pack(&pkey, &key)) return; - sha1sum = DigestBuf((uint8_t *)pkey + pkey->key_offset, - pkey->key_size, SHA1_DIGEST_ALGORITHM); + vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size, + VB2_HASH_SHA1, sha1sum, sizeof(sha1sum)); printf("USB-PD v1 image: %s\n", name); printf(" Algorithm: %s %s\n", vb2_lookup_by_num(vb2_text_vs_sig, sig_alg)->name, vb2_lookup_by_num(vb2_text_vs_hash, hash_alg)->name); printf(" Key sha1sum: "); - for (i = 0; i < SHA1_DIGEST_SIZE; i++) + for (i = 0; i < VB2_SHA1_DIGEST_SIZE; i++) printf("%02x", sha1sum[i]); printf("\n"); - free(sha1sum); free(pkey); } diff --git a/futility/misc.c b/futility/misc.c index 1e91eb88..703033c5 100644 --- a/futility/misc.c +++ b/futility/misc.c @@ -20,6 +20,10 @@ #include <sys/wait.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cgptlib_internal.h" #include "file_type.h" #include "futility.h" @@ -142,19 +146,19 @@ int print_hwid_digest(GoogleBinaryBlockHeader *gbb, uint8_t *buf = (uint8_t *)gbb; char *hwid_str = (char *)(buf + gbb->hwid_offset); int is_valid = 0; - uint8_t *digest = DigestBuf(buf + gbb->hwid_offset, - strlen(hwid_str), - SHA256_DIGEST_ALGORITHM); - if (digest) { + uint8_t digest[VB2_SHA256_DIGEST_SIZE]; + + if (VB2_SUCCESS == vb2_digest_buffer(buf + gbb->hwid_offset, + strlen(hwid_str), VB2_HASH_SHA256, + digest, sizeof(digest))) { int i; is_valid = 1; /* print it, comparing as we go */ - for (i = 0; i < SHA256_DIGEST_SIZE; i++) { + for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++) { printf("%02x", gbb->hwid_digest[i]); if (gbb->hwid_digest[i] != digest[i]) is_valid = 0; } - free(digest); } printf(" %s", is_valid ? "valid" : "<invalid>"); @@ -171,11 +175,10 @@ void update_hwid_digest(GoogleBinaryBlockHeader *gbb) uint8_t *buf = (uint8_t *)gbb; char *hwid_str = (char *)(buf + gbb->hwid_offset); - uint8_t *digest = DigestBuf(buf + gbb->hwid_offset, - strlen(hwid_str), - SHA256_DIGEST_ALGORITHM); - memcpy(gbb->hwid_digest, digest, SHA256_DIGEST_SIZE); - free(digest); + + vb2_digest_buffer(buf + gbb->hwid_offset, strlen(hwid_str), + VB2_HASH_SHA256, + gbb->hwid_digest, sizeof(gbb->hwid_digest)); } /* diff --git a/futility/ryu_root_header.c b/futility/ryu_root_header.c index a88f34c2..0797d7bc 100644 --- a/futility/ryu_root_header.c +++ b/futility/ryu_root_header.c @@ -15,7 +15,9 @@ #include <sys/types.h> #include <unistd.h> -#include "2struct.h" +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "futility.h" #include "gbb_header.h" @@ -100,9 +102,11 @@ static void calculate_root_key_hash(uint8_t *digest, size_t digest_size, { const uint8_t *gbb_base = (const uint8_t *)gbb; - internal_SHA256(gbb_base + gbb->rootkey_offset, - gbb->rootkey_size, - digest); + vb2_digest_buffer(gbb_base + gbb->rootkey_offset, + gbb->rootkey_size, + VB2_HASH_SHA256, + digest, + digest_size); } int fill_ryu_root_header(uint8_t *ptr, size_t size, @@ -130,7 +134,7 @@ int fill_ryu_root_header(uint8_t *ptr, size_t size, int verify_ryu_root_header(uint8_t *ptr, size_t size, const GoogleBinaryBlockHeader *gbb) { - uint8_t digest[SHA256_DIGEST_SIZE] = {0}; + uint8_t digest[VB2_SHA256_DIGEST_SIZE] = {0}; struct vb2_ryu_root_key_hash *hash; @@ -145,8 +149,7 @@ int verify_ryu_root_header(uint8_t *ptr, size_t size, } /* Check for all 0's, which means hash hasn't been set */ - if (0 == memcmp(digest, hash->root_key_hash_digest, - SHA256_DIGEST_SIZE)) { + if (0 == memcmp(digest, hash->root_key_hash_digest, sizeof(digest))) { printf(" - ryu root hash is unset\n"); return 0; } @@ -154,8 +157,7 @@ int verify_ryu_root_header(uint8_t *ptr, size_t size, /* Update the hash stored in the header based on the root key */ calculate_root_key_hash(digest, sizeof(digest), gbb); - if (0 == memcmp(digest, hash->root_key_hash_digest, - SHA256_DIGEST_SIZE)) { + if (0 == memcmp(digest, hash->root_key_hash_digest, sizeof(digest))) { printf(" - ryu root hash verified\n"); return 0; } else { diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c index 51a78375..f8118ecf 100644 --- a/futility/vb2_helper.c +++ b/futility/vb2_helper.c @@ -11,6 +11,7 @@ #include "2common.h" #include "2id.h" #include "2rsa.h" +#include "2sha.h" #include "util_misc.h" #include "vb2_common.h" #include "vb2_struct.h" @@ -75,34 +76,31 @@ static inline void vb2_print_bytes(const void *ptr, uint32_t len) printf("%02x", *buf++); } -static uint8_t *vb2_public_key_sha1sum(struct vb2_public_key *key) +static int vb2_public_key_sha1sum(struct vb2_public_key *key, uint8_t *digest) { struct vb2_packed_key *pkey; - uint8_t *digest; if (vb2_public_key_pack(&pkey, key)) return 0; - digest = DigestBuf((uint8_t *)pkey + pkey->key_offset, - pkey->key_size, SHA1_DIGEST_ALGORITHM); - free(pkey); + vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size, + VB2_HASH_SHA1, digest, VB2_SHA1_DIGEST_SIZE); - return digest; + free(pkey); + return 1; } int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) { struct vb2_public_key key; const struct vb2_text_vs_enum *entry; - uint8_t *sha1sum; + uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE]; /* The key's members will point into the state buffer after this. Don't * free anything. */ if (VB2_SUCCESS != vb2_unpack_key(&key, buf, len)) return 1; - sha1sum = vb2_public_key_sha1sum(&key); - printf("Public Key file: %s\n", name); printf(" Vboot API: 2.1\n"); printf(" Desc: \"%s\"\n", key.desc); @@ -116,27 +114,28 @@ int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data) printf(" ID: "); vb2_print_bytes(key.id, sizeof(*key.id)); printf("\n"); - if (sha1sum && memcmp(key.id, sha1sum, sizeof(*key.id))) { + if (vb2_public_key_sha1sum(&key, sha1sum) && + memcmp(key.id, sha1sum, sizeof(*key.id))) { printf(" Key sha1sum: "); - vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE); + vb2_print_bytes(sha1sum, sizeof(sha1sum)); printf("\n"); } - free(sha1sum); return 0; } -static uint8_t *vb2_private_key_sha1sum(struct vb2_private_key *key) +static int vb2_private_key_sha1sum(struct vb2_private_key *key, uint8_t *digest) { - uint8_t *buf, *digest; + uint8_t *buf; uint32_t buflen; if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen)) return 0; - digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM); - free(buf); + vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, + VB2_SHA1_DIGEST_SIZE); - return digest; + free(buf); + return 1; } int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len, @@ -144,13 +143,11 @@ int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len, { struct vb2_private_key *key = 0; const struct vb2_text_vs_enum *entry; - uint8_t *sha1sum; + uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE]; if (VB2_SUCCESS != vb2_private_key_unpack(&key, buf, len)) return 1; - sha1sum = vb2_private_key_sha1sum(key); - printf("Private key file: %s\n", name); printf(" Vboot API: 2.1\n"); printf(" Desc: \"%s\"\n", key->desc ? key->desc : ""); @@ -163,12 +160,12 @@ int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len, printf(" ID: "); vb2_print_bytes(&key->id, sizeof(key->id)); printf("\n"); - if (sha1sum && memcmp(&key->id, sha1sum, sizeof(key->id))) { + if (vb2_private_key_sha1sum(key, sha1sum) && + memcmp(&key->id, sha1sum, sizeof(key->id))) { printf(" Key sha1sum: "); - vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE); + vb2_print_bytes(sha1sum, sizeof(sha1sum)); printf("\n"); } - free(sha1sum); vb2_private_key_free(key); return 0; } @@ -213,7 +210,8 @@ enum futil_file_type ft_recognize_pem(uint8_t *buf, uint32_t len) int ft_show_pem(const char *name, uint8_t *buf, uint32_t len, void *data) { RSA *rsa_key; - uint8_t *keyb, *digest; + uint8_t *keyb; + uint8_t digest[VB2_SHA1_DIGEST_SIZE]; uint32_t keyb_len; int i, bits; @@ -236,12 +234,12 @@ int ft_show_pem(const char *name, uint8_t *buf, uint32_t len, void *data) } printf(" Key sha1sum: "); - digest = DigestBuf(keyb, keyb_len, SHA1_DIGEST_ALGORITHM); - for (i = 0; i < SHA1_DIGEST_SIZE; i++) + vb2_digest_buffer(keyb, keyb_len, VB2_HASH_SHA1, + digest, sizeof(digest)); + for (i = 0; i < sizeof(digest); i++) printf("%02x", digest[i]); printf("\n"); - free(digest); free(keyb); RSA_free(rsa_key); return 0; diff --git a/host/lib/file_keys.c b/host/lib/file_keys.c index ac9af17d..fd07752b 100644 --- a/host/lib/file_keys.c +++ b/host/lib/file_keys.c @@ -13,6 +13,10 @@ #include <sys/types.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "host_common.h" @@ -59,23 +63,22 @@ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) { return key; } -uint8_t* DigestFile(char* input_file, int sig_algorithm) { - int input_fd, len; - uint8_t data[SHA1_BLOCK_SIZE]; - uint8_t* digest = NULL; - DigestContext ctx; +int DigestFile(char *input_file, enum vb2_hash_algorithm alg, + uint8_t *digest, uint32_t digest_size) { + int input_fd, len; + uint8_t data[VB2_SHA1_BLOCK_SIZE]; + struct vb2_digest_context ctx; - if( (input_fd = open(input_file, O_RDONLY)) == -1 ) { - VBDEBUG(("Couldn't open %s\n", input_file)); - return NULL; - } - DigestInit(&ctx, sig_algorithm); - while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) == - SHA1_BLOCK_SIZE) - DigestUpdate(&ctx, data, len); - if (len != -1) - DigestUpdate(&ctx, data, len); - digest = DigestFinal(&ctx); - close(input_fd); - return digest; + if( (input_fd = open(input_file, O_RDONLY)) == -1 ) { + VBDEBUG(("Couldn't open %s\n", input_file)); + return VB2_ERROR_UNKNOWN; + } + vb2_digest_init(&ctx, alg); + while ((len = read(input_fd, data, sizeof(data))) == sizeof(data)) + vb2_digest_extend(&ctx, data, len); + if (len != -1) + vb2_digest_extend(&ctx, data, len); + close(input_fd); + + return vb2_digest_finalize(&ctx, digest, digest_size); } diff --git a/host/lib/host_keyblock.c b/host/lib/host_keyblock.c index e1dd95be..333b7d4f 100644 --- a/host/lib/host_keyblock.c +++ b/host/lib/host_keyblock.c @@ -5,7 +5,10 @@ * Host functions for verified boot. */ +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "host_common.h" #include "host_keyblock.h" @@ -18,7 +21,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, VbKeyBlockHeader* h; uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size; - uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE + + uint64_t block_size = (signed_size + VB2_SHA512_DIGEST_SIZE + (signing_key ? siglen_map[signing_key->algorithm] : 0)); uint8_t* data_key_dest; @@ -32,7 +35,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, return NULL; data_key_dest = (uint8_t*)(h + 1); block_chk_dest = data_key_dest + data_key->key_size; - block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE; + block_sig_dest = block_chk_dest + VB2_SHA512_DIGEST_SIZE; Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE); h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR; @@ -46,7 +49,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key, /* Set up signature structs so we can calculate the signatures */ SignatureInit(&h->key_block_checksum, block_chk_dest, - SHA512_DIGEST_SIZE, signed_size); + VB2_SHA512_DIGEST_SIZE, signed_size); if (signing_key) SignatureInit(&h->key_block_signature, block_sig_dest, siglen_map[signing_key->algorithm], signed_size); @@ -79,7 +82,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, const char* external_signer) { VbKeyBlockHeader* h; uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size; - uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE + + uint64_t block_size = (signed_size + VB2_SHA512_DIGEST_SIZE + siglen_map[algorithm]); uint8_t* data_key_dest; uint8_t* block_sig_dest; @@ -95,7 +98,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, data_key_dest = (uint8_t*)(h + 1); block_chk_dest = data_key_dest + data_key->key_size; - block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE; + block_sig_dest = block_chk_dest + VB2_SHA512_DIGEST_SIZE; Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE); h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR; @@ -109,7 +112,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key, /* Set up signature structs so we can calculate the signatures */ SignatureInit(&h->key_block_checksum, block_chk_dest, - SHA512_DIGEST_SIZE, signed_size); + VB2_SHA512_DIGEST_SIZE, signed_size); SignatureInit(&h->key_block_signature, block_sig_dest, siglen_map[algorithm], signed_size); diff --git a/host/lib/host_signature.c b/host/lib/host_signature.c index 68eba295..57676842 100644 --- a/host/lib/host_signature.c +++ b/host/lib/host_signature.c @@ -15,6 +15,10 @@ #include <sys/wait.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "host_common.h" @@ -53,49 +57,46 @@ int SignatureCopy(VbSignature* dest, const VbSignature* src) { VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) { - uint8_t* header_checksum; + uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE]; VbSignature* sig; - header_checksum = DigestBuf(data, size, SHA512_DIGEST_ALGORITHM); - if (!header_checksum) + if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512, + header_checksum, + sizeof(header_checksum))) return NULL; - sig = SignatureAlloc(SHA512_DIGEST_SIZE, 0); - if (!sig) { - VbExFree(header_checksum); + sig = SignatureAlloc(VB2_SHA512_DIGEST_SIZE, 0); + if (!sig) return NULL; - } + sig->sig_offset = sizeof(VbSignature); - sig->sig_size = SHA512_DIGEST_SIZE; + sig->sig_size = VB2_SHA512_DIGEST_SIZE; sig->data_size = size; /* Signature data immediately follows the header */ - Memcpy(GetSignatureData(sig), header_checksum, SHA512_DIGEST_SIZE); - VbExFree(header_checksum); + Memcpy(GetSignatureData(sig), header_checksum, VB2_SHA512_DIGEST_SIZE); return sig; } VbSignature* CalculateHash(const uint8_t* data, uint64_t size, const VbPrivateKey* key) { - uint8_t* digest = NULL; - int digest_size = hash_size_map[key->algorithm]; + int vb2_alg = vb2_crypto_to_hash(key->algorithm); + uint8_t digest[VB2_MAX_DIGEST_SIZE]; + int digest_size = vb2_digest_size(vb2_alg); VbSignature* sig = NULL; /* Calculate the digest */ - digest = DigestBuf(data, size, key->algorithm); - if (!digest) + if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg, + digest, sizeof(digest))) return NULL; /* Allocate output signature */ sig = SignatureAlloc(digest_size, size); - if (!sig) { - free(digest); + if (!sig) return NULL; - } /* The digest itself is the signature data */ Memcpy(GetSignatureData(sig), digest, digest_size); - free(digest); /* Return the signature */ return sig; @@ -103,9 +104,9 @@ VbSignature* CalculateHash(const uint8_t* data, uint64_t size, VbSignature* CalculateSignature(const uint8_t* data, uint64_t size, const VbPrivateKey* key) { - - uint8_t* digest; - int digest_size = hash_size_map[key->algorithm]; + int vb2_alg = vb2_crypto_to_hash(key->algorithm); + uint8_t digest[VB2_MAX_DIGEST_SIZE]; + int digest_size = vb2_digest_size(vb2_alg); const uint8_t* digestinfo = hash_digestinfo_map[key->algorithm]; int digestinfo_size = digestinfo_size_map[key->algorithm]; @@ -117,20 +118,17 @@ VbSignature* CalculateSignature(const uint8_t* data, uint64_t size, int rv; /* Calculate the digest */ - /* TODO: rename param 3 of DigestBuf to hash_type */ - digest = DigestBuf(data, size, hash_type_map[key->algorithm]); - if (!digest) + if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg, + digest, sizeof(digest))) return NULL; /* Prepend the digest info to the digest */ signature_digest = malloc(signature_digest_len); - if (!signature_digest) { - VbExFree(digest); + if (!signature_digest) return NULL; - } + Memcpy(signature_digest, digestinfo, digestinfo_size); Memcpy(signature_digest + digestinfo_size, digest, digest_size); - VbExFree(digest); /* Allocate output signature */ sig = SignatureAlloc(siglen_map[key->algorithm], size); @@ -249,8 +247,9 @@ VbSignature* CalculateSignature_external(const uint8_t* data, uint64_t size, const char* key_file, uint64_t key_algorithm, const char* external_signer) { - uint8_t* digest; - uint64_t digest_size = hash_size_map[key_algorithm]; + int vb2_alg = vb2_crypto_to_hash(key_algorithm); + uint8_t digest[VB2_MAX_DIGEST_SIZE]; + int digest_size = vb2_digest_size(vb2_alg); const uint8_t* digestinfo = hash_digestinfo_map[key_algorithm]; uint64_t digestinfo_size = digestinfo_size_map[key_algorithm]; @@ -262,20 +261,17 @@ VbSignature* CalculateSignature_external(const uint8_t* data, uint64_t size, int rv; /* Calculate the digest */ - /* TODO: rename param 3 of DigestBuf to hash_type */ - digest = DigestBuf(data, size, hash_type_map[key_algorithm]); - if (!digest) + if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg, + digest, sizeof(digest))) return NULL; /* Prepend the digest info to the digest */ signature_digest = malloc(signature_digest_len); - if (!signature_digest) { - free(digest); + if (!signature_digest) return NULL; - } + Memcpy(signature_digest, digestinfo, digestinfo_size); Memcpy(signature_digest + digestinfo_size, digest, digest_size); - free(digest); /* Allocate output signature */ sig = SignatureAlloc(siglen_map[key_algorithm], size); diff --git a/host/lib/include/file_keys.h b/host/lib/include/file_keys.h index ac6f9ee4..e783c85e 100644 --- a/host/lib/include/file_keys.h +++ b/host/lib/include/file_keys.h @@ -9,6 +9,7 @@ #define VBOOT_REFERENCE_FILE_KEYS_H_ #include "cryptolib.h" +#include "2sha.h" /* Read file named [input_file] into a buffer and stores the length into * [len]. @@ -25,10 +26,11 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len); */ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file); -/* Returns the appropriate digest for the data in [input_file] - * based on the signature [algorithm]. - * Caller owns the returned digest and must free it. +/* Calculates the appropriate digest for the data in [input_file] based on the + * hash algorithm [alg] and stores it into [digest], which is of size + * [digest_size]. Returns VB2_SUCCESS, or non-zero on error. */ -uint8_t* DigestFile(char* input_file, int sig_algorithm); +int DigestFile(char *input_file, enum vb2_hash_algorithm alg, + uint8_t *digest, uint32_t digest_size); #endif /* VBOOT_REFERENCE_FILE_KEYS_H_ */ diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c index dcc2cf26..b56233a0 100644 --- a/host/lib/signature_digest.c +++ b/host/lib/signature_digest.c @@ -9,13 +9,17 @@ #include <stdlib.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "host_common.h" #include "signature_digest.h" uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) { - const int digest_size = hash_size_map[algorithm]; + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); const int digestinfo_size = digestinfo_size_map[algorithm]; const uint8_t* digestinfo = hash_digestinfo_map[algorithm]; uint8_t* p = malloc(digestinfo_size + digest_size); @@ -27,14 +31,16 @@ uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) { uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, unsigned int algorithm) { uint8_t* info_digest = NULL; - uint8_t* digest = NULL; + + uint8_t digest[VB2_SHA512_DIGEST_SIZE]; /* Longest digest */ if (algorithm >= kNumAlgorithms) { VBDEBUG(("SignatureDigest() called with invalid algorithm!\n")); - } else if ((digest = DigestBuf(buf, len, algorithm))) { + } else if (VB2_SUCCESS == vb2_digest_buffer(buf, len, + vb2_crypto_to_hash(algorithm), + digest, sizeof(digest))) { info_digest = PrependDigestInfo(algorithm, digest); } - free(digest); return info_digest; } @@ -44,8 +50,8 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, RSA* key = NULL; uint8_t* signature = NULL; uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); - int signature_digest_len = (hash_size_map[algorithm] + - digestinfo_size_map[algorithm]); + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); + int signature_digest_len = (digest_size + digestinfo_size_map[algorithm]); key_fp = fopen(key_file, "r"); if (!key_fp) { VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", key_file)); diff --git a/host/lib/util_misc.c b/host/lib/util_misc.c index 03ec683f..dbcdc6e1 100644 --- a/host/lib/util_misc.c +++ b/host/lib/util_misc.c @@ -13,6 +13,10 @@ #include <string.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "host_common.h" #include "util_misc.h" @@ -22,17 +26,20 @@ void PrintPubKeySha1Sum(VbPublicKey *key) { uint8_t *buf = ((uint8_t *)key) + key->key_offset; uint64_t buflen = key->key_size; - uint8_t *digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM); + uint8_t digest[VB2_SHA1_DIGEST_SIZE]; + + vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest)); + int i; - for (i = 0; i < SHA1_DIGEST_SIZE; i++) + for (i = 0; i < sizeof(digest); i++) printf("%02x", digest[i]); - free(digest); } void PrintPrivKeySha1Sum(VbPrivateKey *key) { - uint8_t *buf, *digest; + uint8_t *buf; uint32_t buflen; + uint8_t digest[VB2_SHA1_DIGEST_SIZE]; int i; if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen)) { @@ -40,11 +47,11 @@ void PrintPrivKeySha1Sum(VbPrivateKey *key) return; } - digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM); - for (i = 0; i < SHA1_DIGEST_SIZE; i++) + vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest)); + + for (i = 0; i < sizeof(digest); i++) printf("%02x", digest[i]); - free(digest); free(buf); } diff --git a/host/linktest/main.c b/host/linktest/main.c index 8e1525fa..5e7aa275 100644 --- a/host/linktest/main.c +++ b/host/linktest/main.c @@ -46,7 +46,7 @@ int main(void) /* file_keys.h */ BufferFromFile(0, 0); RSAPublicKeyFromFile(0); - DigestFile(0, 0); + DigestFile(0, 0, 0, 0); /* signature_digest.h */ PrependDigestInfo(0, 0); diff --git a/tests/rsa_utility_tests.c b/tests/rsa_utility_tests.c index 47c483b2..7beeed68 100644 --- a/tests/rsa_utility_tests.c +++ b/tests/rsa_utility_tests.c @@ -20,12 +20,6 @@ /* Data for mock functions */ static int mock_rsaverify_retval; -/* Mock functions */ -uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) { - /* Just need to return something; it's only passed to the mock RSAVerify() */ - return VbExMalloc(4); -} - int RSAVerify(const RSAPublicKey *key, const uint8_t* sig, const uint32_t sig_len, diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c index 2193b781..49ff829f 100644 --- a/tests/sha_benchmark.c +++ b/tests/sha_benchmark.c @@ -7,52 +7,42 @@ #include <stdio.h> #include <stdlib.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" + #include "cryptolib.h" #include "host_common.h" #include "timer_utils.h" -#define NUM_HASH_ALGORITHMS 3 #define TEST_BUFFER_SIZE 4000000 -/* Table of hash function pointers and their description. */ -typedef uint8_t* (*Hashptr) (const uint8_t*, uint64_t, uint8_t*); -typedef struct HashFxTable { - Hashptr hash; - char* description; -} HashFxTable; - -HashFxTable hash_functions[NUM_HASH_ALGORITHMS] = { - {internal_SHA1, "sha1"}, - {internal_SHA256, "sha256"}, - {internal_SHA512, "sha512"} -}; - -int main(int argc, char* argv[]) { - int i; - double speed; - uint32_t msecs; - uint8_t* buffer = (uint8_t*) malloc(TEST_BUFFER_SIZE); - uint8_t* digest = (uint8_t*) malloc(SHA512_DIGEST_SIZE); /* Maximum size of - * the digest. */ - ClockTimerState ct; - - /* Iterate through all the hash functions. */ - for(i = 0; i < NUM_HASH_ALGORITHMS; i++) { - StartTimer(&ct); - hash_functions[i].hash(buffer, TEST_BUFFER_SIZE, digest); - StopTimer(&ct); - - msecs = GetDurationMsecs(&ct); - speed = ((TEST_BUFFER_SIZE / 10e6) - / (msecs / 10e3)); /* Mbytes/sec */ - - fprintf(stderr, "# %s Time taken = %u ms, Speed = %f Mbytes/sec\n", - hash_functions[i].description, msecs, speed); - fprintf(stdout, "mbytes_per_sec_%s:%f\n", - hash_functions[i].description, speed); - } - - free(digest); - free(buffer); - return 0; +int main(int argc, char *argv[]) { + int i; + double speed; + uint32_t msecs; + uint8_t *buffer = malloc(TEST_BUFFER_SIZE); + uint8_t digest[VB2_MAX_DIGEST_SIZE]; + ClockTimerState ct; + + /* Iterate through all the hash functions. */ + for(i = VB2_HASH_SHA1; i < VB2_HASH_ALG_COUNT; i++) { + StartTimer(&ct); + vb2_digest_buffer(buffer, TEST_BUFFER_SIZE, i, + digest, sizeof(digest)); + StopTimer(&ct); + + msecs = GetDurationMsecs(&ct); + speed = ((TEST_BUFFER_SIZE / 10e6) + / (msecs / 10e3)); /* Mbytes/sec */ + + fprintf(stderr, + "# %s Time taken = %u ms, Speed = %f Mbytes/sec\n", + vb2_get_hash_algorithm_name(i), msecs, speed); + fprintf(stdout, "mbytes_per_sec_%s:%f\n", + vb2_get_hash_algorithm_name(i), speed); + } + + free(buffer); + return 0; } diff --git a/tests/sha_test_vectors.h b/tests/sha_test_vectors.h index c75e9165..310f5703 100644 --- a/tests/sha_test_vectors.h +++ b/tests/sha_test_vectors.h @@ -8,8 +8,6 @@ #ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_ #define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_ -#include "cryptolib.h" - char* oneblock_msg = "abc"; char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl" "jklmklmnlmnomnopnopq"; @@ -18,7 +16,7 @@ char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi" "qrsmnopqrstnopqrstu"; char* long_msg; -uint8_t sha1_results[][SHA1_DIGEST_SIZE] = { +uint8_t sha1_results[][VB2_SHA1_DIGEST_SIZE] = { { 0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a, 0xba,0x3e,0x25,0x71,0x78,0x50,0xc2,0x6c, @@ -36,7 +34,7 @@ uint8_t sha1_results[][SHA1_DIGEST_SIZE] = { } }; -uint8_t sha256_results[][SHA256_DIGEST_SIZE] = { +uint8_t sha256_results[][VB2_SHA256_DIGEST_SIZE] = { { 0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea, 0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23, @@ -57,7 +55,7 @@ uint8_t sha256_results[][SHA256_DIGEST_SIZE] = { } }; -uint8_t sha512_results[][SHA512_DIGEST_SIZE] = { +uint8_t sha512_results[][VB2_SHA512_DIGEST_SIZE] = { { 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba, 0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31, diff --git a/tests/vboot_common2_tests.c b/tests/vboot_common2_tests.c index 40953117..8f662d38 100644 --- a/tests/vboot_common2_tests.c +++ b/tests/vboot_common2_tests.c @@ -10,6 +10,9 @@ #include <stdlib.h> #include <string.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "host_common.h" @@ -82,14 +85,17 @@ static void VerifyDigestTest(const VbPublicKey *public_key, const uint8_t test_data[] = "This is some other test data to sign."; VbSignature *sig; RSAPublicKey *rsa; - uint8_t *digest; + uint8_t digest[VB2_MAX_DIGEST_SIZE]; sig = CalculateSignature(test_data, sizeof(test_data), private_key); rsa = PublicKeyToRSA(public_key); - digest = DigestBuf(test_data, sizeof(test_data), - (int)public_key->algorithm); - TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites"); - if (!sig || !rsa || !digest) + TEST_SUCC(vb2_digest_buffer(test_data, sizeof(test_data), + vb2_crypto_to_hash(public_key->algorithm), + digest, sizeof(digest)), + "VerifyData() digest"); + + TEST_NEQ(sig && rsa, 0, "VerifyData() prerequisites"); + if (!sig || !rsa) return; TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok"); @@ -102,7 +108,6 @@ static void VerifyDigestTest(const VbPublicKey *public_key, RSAPublicKeyFree(rsa); free(sig); - VbExFree(digest); } static void ReSignKernelPreamble(VbKernelPreambleHeader *h, diff --git a/tests/vboot_common3_tests.c b/tests/vboot_common3_tests.c index b5c0cc93..7ae7eb27 100644 --- a/tests/vboot_common3_tests.c +++ b/tests/vboot_common3_tests.c @@ -10,6 +10,9 @@ #include <stdlib.h> #include <string.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "host_common.h" @@ -19,12 +22,11 @@ static void ReChecksumKeyBlock(VbKeyBlockHeader *h) { - uint8_t *newchk = DigestBuf((const uint8_t *)h, - h->key_block_checksum.data_size, - SHA512_DIGEST_ALGORITHM); - Memcpy(GetSignatureData(&h->key_block_checksum), newchk, - SHA512_DIGEST_SIZE); - VbExFree(newchk); + vb2_digest_buffer((const uint8_t *)h, + h->key_block_checksum.data_size, + VB2_HASH_SHA512, + GetSignatureData(&h->key_block_checksum), + VB2_SHA512_DIGEST_SIZE); } static void KeyBlockVerifyTest(const VbPublicKey *public_key, diff --git a/tests/vboot_firmware_tests.c b/tests/vboot_firmware_tests.c index f83d970f..97782951 100644 --- a/tests/vboot_firmware_tests.c +++ b/tests/vboot_firmware_tests.c @@ -10,6 +10,10 @@ #include <stdlib.h> #include <string.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "gbb_header.h" #include "host_common.h" #include "load_firmware_fw.h" @@ -30,7 +34,6 @@ static uint8_t gbb_data[sizeof(GoogleBinaryBlockHeader) + 2048]; static GoogleBinaryBlockHeader* gbb = (GoogleBinaryBlockHeader*)gbb_data; static RSAPublicKey data_key; static uint32_t digest_size; -static uint8_t* digest_returned; static uint8_t* digest_expect_ptr; static int hash_fw_index; @@ -95,7 +98,6 @@ static void ResetMocks(void) { Memset(&data_key, 0, sizeof(data_key)); digest_size = 1234; - digest_returned = NULL; digest_expect_ptr = NULL; hash_fw_index = -1; } @@ -144,18 +146,27 @@ void RSAPublicKeyFree(RSAPublicKey* key) { data_key.len--; } -void DigestInit(DigestContext* ctx, int sig_algorithm) { - digest_size = 0; +int vb2_digest_init(struct vb2_digest_context *dc, + enum vb2_hash_algorithm hash_alg) +{ + digest_size = 0; + return VB2_SUCCESS; } -void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) { - TEST_PTR_EQ(data, digest_expect_ptr, " Digesting expected data"); - digest_size += len; +int vb2_digest_extend(struct vb2_digest_context *dc, + const uint8_t *buf, + uint32_t size) +{ + TEST_PTR_EQ(buf, digest_expect_ptr, " Digesting expected data"); + digest_size += size; + return VB2_SUCCESS; } -uint8_t* DigestFinal(DigestContext* ctx) { - digest_returned = (uint8_t*)VbExMalloc(4); - return digest_returned; +int vb2_digest_finalize(struct vb2_digest_context *dc, + uint8_t *digest, + uint32_t digest_size) +{ + return VB2_SUCCESS; } VbError_t VbExHashFirmwareBody(VbCommonParams* cparams, @@ -185,7 +196,6 @@ VbError_t VbExHashFirmwareBody(VbCommonParams* cparams, int VerifyDigest(const uint8_t* digest, const VbSignature *sig, const RSAPublicKey* key) { - TEST_PTR_EQ(digest, digest_returned, "Verifying expected digest"); TEST_PTR_EQ(key, &data_key, "Verifying using data key"); TEST_PTR_EQ(sig, &mpreamble[hash_fw_index].body_signature, "Verifying sig"); /* Mocked function uses sig size as return value for verifying digest */ diff --git a/tests/vboot_kernel_tests.c b/tests/vboot_kernel_tests.c index 16cf1a9f..5818db26 100644 --- a/tests/vboot_kernel_tests.c +++ b/tests/vboot_kernel_tests.c @@ -10,6 +10,9 @@ #include <stdlib.h> #include <string.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2sha.h" #include "cgptlib.h" #include "cgptlib_internal.h" #include "crc32.h" @@ -71,7 +74,7 @@ static GptHeader *mock_gpt_primary = (GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * 1]; static GptHeader *mock_gpt_secondary = (GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * (MOCK_SECTOR_COUNT - 1)]; -static uint8_t mock_digest[SHA256_DIGEST_SIZE] = {12, 34, 56, 78}; +static uint8_t mock_digest[VB2_SHA256_DIGEST_SIZE] = {12, 34, 56, 78}; /** * Prepare a valid GPT header that will pass CheckHeader() tests @@ -293,12 +296,14 @@ int VerifyData(const uint8_t *data, uint64_t size, const VbSignature *sig, return VBERROR_SUCCESS; } -uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) +int vb2_digest_buffer(const uint8_t *buf, + uint32_t size, + enum vb2_hash_algorithm hash_alg, + uint8_t *digest, + uint32_t digest_size) { - uint8_t *d = VbExMalloc(sizeof(mock_digest)); - - memcpy(d, mock_digest, sizeof(mock_digest)); - return d; + Memcpy(digest, mock_digest, sizeof(mock_digest)); + return VB2_SUCCESS; } /** diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c index cee89640..7e833fe5 100644 --- a/utility/pad_digest_utility.c +++ b/utility/pad_digest_utility.c @@ -10,6 +10,10 @@ #include <stdio.h> #include <stdlib.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "file_keys.h" #include "host_common.h" #include "padding.h" @@ -41,8 +45,8 @@ int main(int argc, char* argv[]) { } padded_digest = PrependDigestInfo(algorithm, digest); - padded_digest_len = (hash_size_map[algorithm] + - digestinfo_size_map[algorithm]); + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); + padded_digest_len = (digest_size + digestinfo_size_map[algorithm]); if (!padded_digest) error_code = -1; diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 85ba0c9b..781f9ff6 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -42,8 +42,8 @@ int main(int argc, char* argv[]) { } signature_digest = SignatureDigest(buf, len, algorithm); - signature_digest_len = (hash_size_map[algorithm] + - digestinfo_size_map[algorithm]); + const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); + signature_digest_len = (digest_size + digestinfo_size_map[algorithm]); if (!signature_digest) error_code = -1; if(signature_digest && diff --git a/utility/verify_data.c b/utility/verify_data.c index c9da2401..95c1bbd5 100644 --- a/utility/verify_data.c +++ b/utility/verify_data.c @@ -15,6 +15,10 @@ #include <sys/types.h> #include <unistd.h> +#include "2sysincludes.h" + +#include "2common.h" +#include "2sha.h" #include "cryptolib.h" #include "file_keys.h" #include "verify_data.h" @@ -51,7 +55,7 @@ uint8_t* read_signature(char* input_file, int len) { int main(int argc, char* argv[]) { int i, algorithm, sig_len; int return_code = 1; /* Default to error. */ - uint8_t* digest = NULL; + uint8_t digest[VB2_MAX_DIGEST_SIZE]; uint8_t* signature = NULL; RSAPublicKey* key = NULL; @@ -74,7 +78,8 @@ int main(int argc, char* argv[]) { sig_len = siglen_map[algorithm]; if ((key = RSAPublicKeyFromFile(argv[2])) && (signature = read_signature(argv[3], sig_len)) && - (digest = DigestFile(argv[4], algorithm))) { + (VB2_SUCCESS == DigestFile(argv[4], vb2_crypto_to_hash(algorithm), + digest, sizeof(digest)))) { if (RSAVerify(key, signature, sig_len, algorithm, digest)) { return_code = 0; fprintf(stderr, "Signature Verification " @@ -89,7 +94,6 @@ int main(int argc, char* argv[]) { free(key); free(signature); - free(digest); return return_code; } |