Add utility to pad a given hash for PKCS1.5 signatures

BUG=n0ne
TEST=manual

Review URL: http://codereview.chromium.org/6334133

Change-Id: I2dced174f41e5dea2e165f18ecbd22a7f40acab3

5 files changed, 62 insertions, 4 deletions

diff --git a/firmware/version.c b/firmware/version.c
index 3776bc8b..3f9c99b4 100644
--- a/firmware/version.c
+++ b/firmware/version.c
@@ -1 +1 @@
-char* VbootVersion = "VBOOv=0a42e63b";
+char* VbootVersion = "VBOOv=b849a043";
diff --git a/scripts/sign_data.sh b/scripts/sign_data.sh
index bd9e1be2..05de5a6b 100755
--- a/scripts/sign_data.sh
+++ b/scripts/sign_data.sh
@@ -10,4 +10,4 @@ then
   exit -1
 fi
 
-./signature_digest $1 $3 | openssl rsautl -sign -pkcs -inkey $2 
+./signature_digest_utility $1 $3 | openssl rsautl -sign -pkcs -inkey $2 
diff --git a/utility/Makefile b/utility/Makefile
index 973d7855..021ac8d8 100644
--- a/utility/Makefile
+++ b/utility/Makefile
@@ -21,6 +21,7 @@ TARGET_NAMES = dumpRSAPublicKey \
 		dump_kernel_config \
 		gbb_utility \
 		load_kernel_test \
+		pad_digest_utility \
 		signature_digest_utility \
 		tlcl_generator \
 		tpm_init_temp_fix \
@@ -60,6 +61,9 @@ ${BUILD_ROOT}/bmpblk_utility: bmpblk_utility.cc
 ${BUILD_ROOT}/load_kernel_test: load_kernel_test.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
 
+${BUILD_ROOT}/pad_digest_utility: pad_digest_utility.c $(LIBS)
+	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
+
 ${BUILD_ROOT}/signature_digest_utility: signature_digest_utility.c $(LIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) -lcrypto
 
diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c
new file mode 100644
index 00000000..50f81461
--- /dev/null
+++ b/utility/pad_digest_utility.c
@@ -0,0 +1,54 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Utility for to generate a padded hash suitable for generating
+ * PKCS#1.5 signatures.
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "file_keys.h"
+#include "padding.h"
+#include "signature_digest.h"
+#include "utility.h"
+
+int main(int argc, char* argv[]) {
+  int algorithm = -1;
+  int error_code = 0;
+  uint8_t* digest = NULL;
+  uint8_t* padded_digest = NULL;
+  uint64_t len;
+  uint32_t padded_digest_len;
+
+  if (argc != 3) {
+    fprintf(stderr, "Usage: %s <alg_id> <digest_file>", argv[0]);
+    return -1;
+  }
+  algorithm = atoi(argv[1]);
+  if (algorithm < 0 || algorithm >= kNumAlgorithms) {
+    fprintf(stderr, "Invalid Algorithm!\n");
+    return -1;
+  }
+
+  digest = BufferFromFile(argv[2], &len);
+  if (!digest) {
+    fprintf(stderr, "Could not read file: %s\n", argv[2]);
+    return -1;
+  }
+
+  padded_digest = PrependDigestInfo(algorithm, digest);
+  padded_digest_len = (hash_size_map[algorithm] +
+                       digestinfo_size_map[algorithm]);
+
+  if (!padded_digest)
+    error_code = -1;
+  if(padded_digest &&
+     1 != fwrite(padded_digest, padded_digest_len, 1, stdout))
+    error_code = -1;
+  Free(padded_digest);
+  Free(digest);
+  return error_code;
+}
diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c
index 6c8891b9..bf23ebd5 100644
--- a/utility/signature_digest_utility.c
+++ b/utility/signature_digest_utility.c
@@ -25,7 +25,7 @@ int main(int argc, char* argv[]) {
   uint32_t signature_digest_len;
 
   if (argc != 3) {
-    fprintf(stderr, "Usage: %s <algoid> <file>", argv[0]);
+    fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]);
     return -1;
   }
   algorithm = atoi(argv[1]);
@@ -36,7 +36,7 @@ int main(int argc, char* argv[]) {
 
   buf = BufferFromFile(argv[2], &len);
   if (!buf) {
-    fprintf(stderr, "Could read file: %s\n", argv[2]);
+    fprintf(stderr, "Could not read file: %s\n", argv[2]);
     return -1;
   }