diff options
author | Julius Werner <jwerner@chromium.org> | 2020-03-10 23:27:10 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-04-06 18:54:38 +0000 |
commit | b1c6ef3892c4e36a1375249ce4494959d2457011 (patch) | |
tree | 2c584a236674c6d57c8064aec663d728e31812d6 /host | |
parent | 509a887c5a89530e9748241625ad3cb25f5de3c5 (diff) | |
download | vboot-b1c6ef3892c4e36a1375249ce4494959d2457011.tar.gz |
Rewrite algorithm type parsers and make them globally available
There is some code strewn around between futility and the vb21-specific
part of hostlib to allow parsing of textual algorithm names to vboot
enums, but it is somewhat disorganized and not written in a super
efficient way. This patch rewrites it and centralizes all the algorithm
mapping stuff under 2crypto.c so it can be a single source of truth for
all of vboot. (String parsing routines still need to stay in hostlib
since not all firmware targets support things like stroul() and
strcasecmp().)
BRANCH=None
BUG=None
TEST=make runtests
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: I719b2499992a6e4395a29231bc8b9a7680c5b174
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2099447
Reviewed-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'host')
-rw-r--r-- | host/include/vboot_host.h | 24 | ||||
-rw-r--r-- | host/lib/crypto.c | 44 | ||||
-rw-r--r-- | host/lib/include/host_common.h | 1 | ||||
-rw-r--r-- | host/lib21/host_key.c | 105 | ||||
-rw-r--r-- | host/lib21/include/host_key21.h | 51 |
5 files changed, 67 insertions, 158 deletions
diff --git a/host/include/vboot_host.h b/host/include/vboot_host.h index 81c5434f..328c063b 100644 --- a/host/include/vboot_host.h +++ b/host/include/vboot_host.h @@ -9,14 +9,16 @@ #define VBOOT_REFERENCE_VBOOT_HOST_H_ #include <inttypes.h> +#include <stdbool.h> #include <stdint.h> #include <stdlib.h> +#include "2crypto.h" +#include "cgpt_params.h" + /****************************************************************************/ /* EFI GPT manipulation */ -#include "cgpt_params.h" - #ifdef __cplusplus extern "C" { #endif /* __cplusplus */ @@ -73,6 +75,24 @@ char *FindKernelConfig(const char *filename, int ExtractVmlinuz(void *kpart_data, size_t kpart_size, void **vmlinuz_out, size_t *vmlinuz_size); +/** + * Look up a signature algorithm by its string representation. + * + * @param str String representation of algo (e.g. "rsa2048" or "1") + * @param alg Output parameter that will be filled with found enum + * @return True if algorithm was found, false otherwise. + */ +bool vb2_lookup_sig_alg(const char *str, enum vb2_signature_algorithm *sig_alg); + +/** + * Look up a hash algorithm by its string representation. + * + * @param str String representation of algorithm (e.g. "sha1" or "1") + * @param alg Output parameter that will be filled with found enum + * @return True if algorithm was found, false otherwise. + */ +bool vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *hash_alg); + #ifdef __cplusplus } #endif /* __cplusplus */ diff --git a/host/lib/crypto.c b/host/lib/crypto.c new file mode 100644 index 00000000..7103ed8a --- /dev/null +++ b/host/lib/crypto.c @@ -0,0 +1,44 @@ +/* Copyright 2020 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + +#include <stdlib.h> +#include <strings.h> + +#include "vboot_host.h" + +static int lookup_helper(const char *str, const char *table[], size_t size, + unsigned int *out) +{ + unsigned int algo; + char *e; + + /* try string first */ + for (algo = 0; algo < size; algo++) + if (table[algo] && !strcasecmp(table[algo], str)) + goto found; + + /* fine, try number */ + algo = strtoul(str, &e, 0); + if (!*str || (e && *e)) + /* that's not a number */ + return false; + if (algo >= size || !table[algo]) + /* that's not a valid algorithm */ + return false; + + found: + *out = algo; + return true; +} + +bool vb2_lookup_sig_alg(const char *str, enum vb2_signature_algorithm *sig_alg) +{ + return lookup_helper(str, vb2_sig_names, VB2_SIG_ALG_COUNT, sig_alg); +} + +bool vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *hash_alg) +{ + return lookup_helper(str, vb2_hash_names, VB2_HASH_ALG_COUNT, hash_alg); +} diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h index 43cb0250..55b15d3b 100644 --- a/host/lib/include/host_common.h +++ b/host/lib/include/host_common.h @@ -14,6 +14,7 @@ #include "host_misc.h" #include "host_signature.h" #include "vboot_api.h" +#include "vboot_host.h" #include "vboot_struct.h" /** diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c index 6e3a2765..cfa99419 100644 --- a/host/lib21/host_key.c +++ b/host/lib21/host_key.c @@ -19,111 +19,6 @@ #include "host_misc.h" #include "openssl_compat.h" -const struct vb2_text_vs_enum vb2_text_vs_sig[] = { - {"RSA1024", VB2_SIG_RSA1024}, - {"RSA2048", VB2_SIG_RSA2048}, - {"RSA4096", VB2_SIG_RSA4096}, - {"RSA8192", VB2_SIG_RSA8192}, - {"RSA2048EXP3", VB2_SIG_RSA2048_EXP3}, - {"RSA3072EXP3", VB2_SIG_RSA3072_EXP3}, - {0, 0} -}; - -const struct vb2_text_vs_enum vb2_text_vs_hash[] = { - {"SHA1", VB2_HASH_SHA1}, - {"SHA256", VB2_HASH_SHA256}, - {"SHA512", VB2_HASH_SHA512}, - {0, 0} -}; - -const struct vb2_text_vs_enum vb2_text_vs_crypto[] = { - {"RSA1024 SHA1", VB2_ALG_RSA1024_SHA1}, - {"RSA1024 SHA256", VB2_ALG_RSA1024_SHA256}, - {"RSA1024 SHA512", VB2_ALG_RSA1024_SHA512}, - {"RSA2048 SHA1", VB2_ALG_RSA2048_SHA1}, - {"RSA2048 SHA256", VB2_ALG_RSA2048_SHA256}, - {"RSA2048 SHA512", VB2_ALG_RSA2048_SHA512}, - {"RSA4096 SHA1", VB2_ALG_RSA4096_SHA1}, - {"RSA4096 SHA256", VB2_ALG_RSA4096_SHA256}, - {"RSA4096 SHA512", VB2_ALG_RSA4096_SHA512}, - {"RSA8192 SHA1", VB2_ALG_RSA8192_SHA1}, - {"RSA8192 SHA256", VB2_ALG_RSA8192_SHA256}, - {"RSA8192 SHA512", VB2_ALG_RSA8192_SHA512}, - {"RSA2048 EXP3 SHA1", VB2_ALG_RSA2048_EXP3_SHA1}, - {"RSA2048 EXP3 SHA256", VB2_ALG_RSA2048_EXP3_SHA256}, - {"RSA2048 EXP3 SHA512", VB2_ALG_RSA2048_EXP3_SHA512}, - {"RSA3072 EXP3 SHA1", VB2_ALG_RSA3072_EXP3_SHA1}, - {"RSA3072 EXP3 SHA256", VB2_ALG_RSA3072_EXP3_SHA256}, - {"RSA3072 EXP3 SHA512", VB2_ALG_RSA3072_EXP3_SHA512}, - {0, 0} -}; - -const struct vb2_text_vs_enum vb2_file_vs_crypto[] = { - {"rsa1024", VB2_ALG_RSA1024_SHA1}, - {"rsa1024", VB2_ALG_RSA1024_SHA256}, - {"rsa1024", VB2_ALG_RSA1024_SHA512}, - {"rsa2048", VB2_ALG_RSA2048_SHA1}, - {"rsa2048", VB2_ALG_RSA2048_SHA256}, - {"rsa2048", VB2_ALG_RSA2048_SHA512}, - {"rsa4096", VB2_ALG_RSA4096_SHA1}, - {"rsa4096", VB2_ALG_RSA4096_SHA256}, - {"rsa4096", VB2_ALG_RSA4096_SHA512}, - {"rsa8192", VB2_ALG_RSA8192_SHA1}, - {"rsa8192", VB2_ALG_RSA8192_SHA256}, - {"rsa8192", VB2_ALG_RSA8192_SHA512}, - {"rsa2048_exp3", VB2_ALG_RSA2048_EXP3_SHA1}, - {"rsa2048_exp3", VB2_ALG_RSA2048_EXP3_SHA256}, - {"rsa2048_exp3", VB2_ALG_RSA2048_EXP3_SHA512}, - {"rsa3072_exp3", VB2_ALG_RSA3072_EXP3_SHA1}, - {"rsa3072_exp3", VB2_ALG_RSA3072_EXP3_SHA256}, - {"rsa3072_exp3", VB2_ALG_RSA3072_EXP3_SHA512}, - {0, 0} -}; - -const struct vb2_text_vs_enum *vb2_lookup_by_num( - const struct vb2_text_vs_enum *table, - const unsigned int num) -{ - for (; table->name; table++) - if (table->num == num) - return table; - return 0; -} - -const struct vb2_text_vs_enum *vb2_lookup_by_name( - const struct vb2_text_vs_enum *table, - const char *name) -{ - for (; table->name; table++) - if (!strcasecmp(table->name, name)) - return table; - return 0; -} - -const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg) -{ - const struct vb2_text_vs_enum *entry = - vb2_lookup_by_num(vb2_text_vs_sig, sig_alg); - - return entry ? entry->name : VB2_INVALID_ALG_NAME; -} - -const char *vb2_get_crypto_algorithm_name(enum vb2_crypto_algorithm alg) -{ - const struct vb2_text_vs_enum *entry = - vb2_lookup_by_num(vb2_text_vs_crypto, alg); - - return entry ? entry->name : VB2_INVALID_ALG_NAME; -} - -const char *vb2_get_crypto_algorithm_file(enum vb2_crypto_algorithm alg) -{ - const struct vb2_text_vs_enum *entry = - vb2_lookup_by_num(vb2_file_vs_crypto, alg); - - return entry ? entry->name : VB2_INVALID_ALG_NAME; -} - void vb2_private_key_free(struct vb2_private_key *key) { if (!key) diff --git a/host/lib21/include/host_key21.h b/host/lib21/include/host_key21.h index 219e98ab..ae53ad5c 100644 --- a/host/lib21/include/host_key21.h +++ b/host/lib21/include/host_key21.h @@ -32,57 +32,6 @@ struct vb2_packed_private_key { uint8_t key_data[0]; }; -/* Convert between enums and human-readable form. Terminated with {0, 0}. */ -struct vb2_text_vs_enum { - const char *name; - unsigned int num; -}; - -/** - * @param table Table to search - * @param num Enum value to search for - * @return pointer to table entry or NULL if no match - */ -const struct vb2_text_vs_enum *vb2_lookup_by_num( - const struct vb2_text_vs_enum *table, - const unsigned int num); - -/** - * @param table Table to search - * @param name String value to search for - * @return pointer to table entry or NULL if no match - */ -const struct vb2_text_vs_enum *vb2_lookup_by_name( - const struct vb2_text_vs_enum *table, - const char *name); - -extern const struct vb2_text_vs_enum vb2_text_vs_sig[]; -extern const struct vb2_text_vs_enum vb2_text_vs_hash[]; - -/** - * Return the name of a signature algorithm. - * - * @param sig_alg Signature algorithm to look up - * @return The corresponding name, or VB2_INVALID_ALG_NAME if no match. - */ -const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg); - -/** - * Return the name of a crypto algorithm. - * - * @param alg Crypto algorithm to look up - * @return The corresponding name, or VB2_INVALID_ALG_NAME if no match. - */ -const char *vb2_get_crypto_algorithm_name(enum vb2_crypto_algorithm alg); - -/** - * Return the name of a crypto algorithm. - * - * @param alg Crypto algorithm to look up - * @return The corresponding stem filename, or VB2_INVALID_ALG_NAME if no match. - */ -const char *vb2_get_crypto_algorithm_file(enum vb2_crypto_algorithm alg); - /** * Free a private key. * |