diff options
author | Randall Spangler <rspangler@chromium.org> | 2016-10-18 12:00:07 -0700 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2016-11-06 02:33:02 +0000 |
commit | 46a382d6136f2fd206fd8c95180dbb816c9ad5ce (patch) | |
tree | d97739fd8373f7b3a0844fc5dc854caa9919aae3 /utility | |
parent | a03a164a76a97f3f6a60ddf18c466b38f8a77400 (diff) | |
download | vboot-46a382d6136f2fd206fd8c95180dbb816c9ad5ce.tar.gz |
vboot: Remove vboot1 cryptolib padding source
The old vboot1 cryptolib hard-coded many of its padding arrays in a
padding.c file. Use the equivalent vboot2 apis instead.
This change is almost exclusively on the host and test side; the only
firmware impact is on a single line of debug output.
BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge
Change-Id: If689ffd92f0255847bea2424950da4547b2c0df3
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400902
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'utility')
-rw-r--r-- | utility/pad_digest_utility.c | 86 | ||||
-rw-r--r-- | utility/signature_digest_utility.c | 80 | ||||
-rw-r--r-- | utility/verify_data.c | 8 |
3 files changed, 92 insertions, 82 deletions
diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c index 440cca3a..3861e5fe 100644 --- a/utility/pad_digest_utility.c +++ b/utility/pad_digest_utility.c @@ -9,56 +9,62 @@ #include <string.h> #include "2sysincludes.h" - #include "2common.h" #include "2sha.h" -#include "file_keys.h" #include "host_common.h" -#include "padding.h" +#include "host_signature2.h" #include "signature_digest.h" static void usage(char* argv[]) { - fprintf(stderr, - "Usage: %s <alg_id> <digest_file>\n" - "\n" - "Generate a padded hash suitable for generating PKCS#1.5 " - "signatures.\n", - basename(argv[0])); + fprintf(stderr, + "Usage: %s <alg_id> <digest_file>\n" + "\n" + "Generate a padded hash suitable for generating PKCS#1.5 " + "signatures.\n", + basename(argv[0])); } -int main(int argc, char* argv[]) { - int algorithm = -1; - int error_code = 0; - uint8_t* digest = NULL; - uint8_t* padded_digest = NULL; - uint32_t len; - uint32_t padded_digest_len; +int main(int argc, char* argv[]) +{ + int algorithm = -1; + int error_code = -1; + uint8_t* digest = NULL; + uint8_t* padded_digest = NULL; + uint32_t len; + + if (argc != 3) { + usage(argv); + goto cleanup; + } + algorithm = atoi(argv[1]); + if (algorithm < 0 || algorithm >= VB2_ALG_COUNT) { + fprintf(stderr, "Invalid Algorithm!\n"); + goto cleanup; + } - if (argc != 3) { - usage(argv); - return -1; - } - algorithm = atoi(argv[1]); - if (algorithm < 0 || algorithm >= kNumAlgorithms) { - fprintf(stderr, "Invalid Algorithm!\n"); - return -1; - } + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); + uint32_t digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) { + fprintf(stderr, "SignatureBuf(): Couldn't get digest info\n"); + goto cleanup; + } + uint32_t padded_digest_len = digest_size + digestinfo_size; - if (VB2_SUCCESS != vb2_read_file(argv[2], &digest, &len)) { - fprintf(stderr, "Could not read file: %s\n", argv[2]); - return -1; - } + if (VB2_SUCCESS != vb2_read_file(argv[2], &digest, &len)) { + fprintf(stderr, "Could not read file: %s\n", argv[2]); + goto cleanup; + } - padded_digest = PrependDigestInfo(algorithm, digest); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - padded_digest_len = (digest_size + digestinfo_size_map[algorithm]); + padded_digest = PrependDigestInfo(hash_alg, digest); + if(padded_digest && + fwrite(padded_digest, padded_digest_len, 1, stdout) == 1) + error_code = 0; - if (!padded_digest) - error_code = -1; - if(padded_digest && - 1 != fwrite(padded_digest, padded_digest_len, 1, stdout)) - error_code = -1; - free(padded_digest); - free(digest); - return error_code; +cleanup: + free(padded_digest); + free(digest); + return error_code; } diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 0ed1a99d..edabf71d 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -13,45 +13,49 @@ #include "2sysincludes.h" #include "2common.h" - -#include "file_keys.h" #include "host_common.h" -#include "padding.h" +#include "host_signature2.h" #include "signature_digest.h" - -int main(int argc, char* argv[]) { - int algorithm = -1; - int error_code = 0; - uint8_t* buf = NULL; - uint8_t* signature_digest = NULL; - uint32_t len; - uint32_t signature_digest_len; - - if (argc != 3) { - fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]); - return -1; - } - algorithm = atoi(argv[1]); - if (algorithm < 0 || algorithm >= kNumAlgorithms) { - fprintf(stderr, "Invalid Algorithm!\n"); - return -1; - } - - if (VB2_SUCCESS != vb2_read_file(argv[2], &buf, &len)) { - fprintf(stderr, "Could not read file: %s\n", argv[2]); - return -1; - } - - signature_digest = SignatureDigest(buf, len, algorithm); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - signature_digest_len = (digest_size + digestinfo_size_map[algorithm]); - if (!signature_digest) - error_code = -1; - if(signature_digest && - 1 != fwrite(signature_digest, signature_digest_len, 1, stdout)) - error_code = -1; - free(signature_digest); - free(buf); - return error_code; +int main(int argc, char* argv[]) +{ + int error_code = -1; + uint8_t *buf = NULL; + uint8_t *signature_digest = NULL; + uint32_t len; + + if (argc != 3) { + fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]); + goto cleanup; + } + + int algorithm = atoi(argv[1]); + if (algorithm < 0 || algorithm >= VB2_ALG_COUNT) { + fprintf(stderr, "Invalid Algorithm!\n"); + goto cleanup; + } + + if (VB2_SUCCESS != vb2_read_file(argv[2], &buf, &len)) { + fprintf(stderr, "Could not read file: %s\n", argv[2]); + goto cleanup; + } + + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); + uint32_t digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t *digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) + goto cleanup; + + uint32_t signature_digest_len = digest_size + digestinfo_size; + signature_digest = SignatureDigest(buf, len, algorithm); + if(signature_digest && + fwrite(signature_digest, signature_digest_len, 1, stdout) == 1) + error_code = 0; + +cleanup: + free(signature_digest); + free(buf); + return error_code; } diff --git a/utility/verify_data.c b/utility/verify_data.c index d68f8909..d160809b 100644 --- a/utility/verify_data.c +++ b/utility/verify_data.c @@ -24,8 +24,7 @@ #include "2rsa.h" #include "cryptolib.h" #include "file_keys.h" -#include "host_key.h" -#include "host_misc.h" +#include "host_common.h" #include "vb2_common.h" /* ANSI Color coding sequences. */ @@ -83,12 +82,13 @@ int main(int argc, char* argv[]) "where <algorithm> depends on the signature algorithm" " used:\n"); for(i = 0; i < VB2_ALG_COUNT; i++) - fprintf(stderr, "\t%d for %s\n", i, algo_strings[i]); + fprintf(stderr, "\t%d for %s\n", i, + vb2_get_crypto_algorithm_name(i)); return -1; } int algorithm = atoi(argv[1]); - if (algorithm >= kNumAlgorithms) { + if (algorithm >= VB2_ALG_COUNT) { fprintf(stderr, "Invalid algorithm %d\n", algorithm); goto error; } |