diff options
27 files changed, 205 insertions, 635 deletions
@@ -323,7 +323,6 @@ VBINIT_SRCS = \ # Additional firmware library sources needed by VbSelectFirmware() call VBSF_SRCS = \ - firmware/lib/cryptolib/padding.c \ firmware/lib/stateful_util.c \ firmware/lib/vboot_common.c \ firmware/lib/region-fw.c \ diff --git a/firmware/lib/cryptolib/include/cryptolib.h b/firmware/lib/cryptolib/include/cryptolib.h index 95fb6e57..7cdfdea0 100644 --- a/firmware/lib/cryptolib/include/cryptolib.h +++ b/firmware/lib/cryptolib/include/cryptolib.h @@ -8,7 +8,6 @@ #ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ #define VBOOT_REFERENCE_CRYPTOLIB_H_ -#include "padding.h" #include "rsa.h" #endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */ diff --git a/firmware/lib/cryptolib/include/padding.h b/firmware/lib/cryptolib/include/padding.h deleted file mode 100644 index 2b2fcbef..00000000 --- a/firmware/lib/cryptolib/include/padding.h +++ /dev/null @@ -1,37 +0,0 @@ -/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - */ - -#ifndef VBOOT_REFERENCE_PADDING_H_ -#define VBOOT_REFERENCE_PADDING_H_ - -#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_ -#error "Do not include this file directly. Use cryptolib.h instead." -#endif - -#include "sysincludes.h" - -extern const uint8_t paddingRSA1024_SHA1[]; -extern const uint8_t paddingRSA1024_SHA256[]; -extern const uint8_t paddingRSA1024_SHA512[]; -extern const uint8_t paddingRSA2048_SHA1[]; -extern const uint8_t paddingRSA2048_SHA256[]; -extern const uint8_t paddingRSA2048_SHA512[]; -extern const uint8_t paddingRSA4096_SHA1[]; -extern const uint8_t paddingRSA4096_SHA256[]; -extern const uint8_t paddingRSA4096_SHA512[]; -extern const uint8_t paddingRSA8192_SHA1[]; -extern const uint8_t paddingRSA8192_SHA256[]; -extern const uint8_t paddingRSA8192_SHA512[]; - -extern const int kNumAlgorithms; - -extern const int digestinfo_size_map[]; -extern const int siglen_map[]; -extern const uint8_t* const padding_map[]; -extern const int padding_size_map[]; -extern const uint8_t* const hash_digestinfo_map[]; -extern const char* const algo_strings[]; - -#endif /* VBOOT_REFERENCE_PADDING_H_ */ diff --git a/firmware/lib/cryptolib/include/rsa.h b/firmware/lib/cryptolib/include/rsa.h index 4e793763..8ea7f889 100644 --- a/firmware/lib/cryptolib/include/rsa.h +++ b/firmware/lib/cryptolib/include/rsa.h @@ -17,9 +17,4 @@ #define RSA4096NUMBYTES 512 /* 4096 bit key length */ #define RSA8192NUMBYTES 1024 /* 8192 bit key length */ -#define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t)) -#define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t)) -#define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t)) -#define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t)) - #endif /* VBOOT_REFERENCE_RSA_H_ */ diff --git a/firmware/lib/cryptolib/padding.c b/firmware/lib/cryptolib/padding.c deleted file mode 100644 index 859e2302..00000000 --- a/firmware/lib/cryptolib/padding.c +++ /dev/null @@ -1,217 +0,0 @@ -/* Copyright 2010 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - */ -/* - * This file was automatically generated by genpadding.sh and contains padding - * arrays corresponding to various combinations of algorithms for RSA - * signatures. It will go away soon, as we convert to vboot2 code. - */ - -#include "sysincludes.h" -#include "2sysincludes.h" - -#include "2common.h" -#include "2sha.h" -#include "cryptolib.h" - - -/* - * PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard) - * - * Depending on the RSA key size and hash function, the padding is calculated - * as follows: - * - * 0x00 || 0x01 || PS || 0x00 || T - * - * T: DER Encoded DigestInfo value which depends on the hash function used. - * - * SHA-1: (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H. - * SHA-256: (0x)30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || H. - * SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H. - * - * Length(T) = 35 octets for SHA-1 - * Length(T) = 51 octets for SHA-256 - * Length(T) = 83 octets for SHA-512 - * - * PS: octet string consisting of {Length(RSA Key) - Length(T) - 3} 0xFF - * - */ - - -#ifndef CHROMEOS_EC -/* Algorithm Type 0 */ -const uint8_t paddingRSA1024_SHA1[RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 -}; - -/* Algorithm Type 1 */ -const uint8_t paddingRSA1024_SHA256[RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 -}; - -/* Algorithm Type 2 */ -const uint8_t paddingRSA1024_SHA512[RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 -}; - -/* Algorithm Type 3 */ -const uint8_t paddingRSA2048_SHA1[RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 -}; - -/* Algorithm Type 4 */ -const uint8_t paddingRSA2048_SHA256[RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 -}; - -/* Algorithm Type 5 */ -const uint8_t paddingRSA2048_SHA512[RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 -}; - -/* Algorithm Type 6 */ -const uint8_t paddingRSA4096_SHA1[RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 -}; - -/* Algorithm Type 7 */ -const uint8_t paddingRSA4096_SHA256[RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 -}; - -/* Algorithm Type 8 */ -const uint8_t paddingRSA4096_SHA512[RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 -}; - -/* Algorithm Type 9 */ -const uint8_t paddingRSA8192_SHA1[RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 -}; - -/* Algorithm Type 10 */ -const uint8_t paddingRSA8192_SHA256[RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 -}; - -/* Algorithm Type 11 */ -const uint8_t paddingRSA8192_SHA512[RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE] = { -0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 -}; - -const int kNumAlgorithms = 12; -#define NUMALGORITHMS 12 - -#define SHA1_DIGESTINFO_LEN 15 -const uint8_t SHA1_digestinfo[] = { -0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14 -}; - -#endif /* !CHROMEOS_EC */ - -/* CHROMEOS_EC needs just this itty-bitty part... */ - -#define SHA256_DIGESTINFO_LEN 19 -const uint8_t SHA256_digestinfo[] = { -0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20 -}; - -#ifndef CHROMEOS_EC - -#define SHA512_DIGESTINFO_LEN 19 -const uint8_t SHA512_digestinfo[] = { -0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40 -}; - -const int digestinfo_size_map[] = { -SHA1_DIGESTINFO_LEN, -SHA256_DIGESTINFO_LEN, -SHA512_DIGESTINFO_LEN, -SHA1_DIGESTINFO_LEN, -SHA256_DIGESTINFO_LEN, -SHA512_DIGESTINFO_LEN, -SHA1_DIGESTINFO_LEN, -SHA256_DIGESTINFO_LEN, -SHA512_DIGESTINFO_LEN, -SHA1_DIGESTINFO_LEN, -SHA256_DIGESTINFO_LEN, -SHA512_DIGESTINFO_LEN, -}; - -const int siglen_map[NUMALGORITHMS] = { -RSA1024NUMBYTES, -RSA1024NUMBYTES, -RSA1024NUMBYTES, -RSA2048NUMBYTES, -RSA2048NUMBYTES, -RSA2048NUMBYTES, -RSA4096NUMBYTES, -RSA4096NUMBYTES, -RSA4096NUMBYTES, -RSA8192NUMBYTES, -RSA8192NUMBYTES, -RSA8192NUMBYTES, -}; - -const uint8_t* const padding_map[NUMALGORITHMS] = { -paddingRSA1024_SHA1, -paddingRSA1024_SHA256, -paddingRSA1024_SHA512, -paddingRSA2048_SHA1, -paddingRSA2048_SHA256, -paddingRSA2048_SHA512, -paddingRSA4096_SHA1, -paddingRSA4096_SHA256, -paddingRSA4096_SHA512, -paddingRSA8192_SHA1, -paddingRSA8192_SHA256, -paddingRSA8192_SHA512, -}; - -const int padding_size_map[NUMALGORITHMS] = { -RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE, -RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE, -RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE, -RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE, -RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE, -RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE, -RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE, -RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE, -RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE, -RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE, -RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE, -RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE, -}; - -const uint8_t* const hash_digestinfo_map[NUMALGORITHMS] = { -SHA1_digestinfo, -SHA256_digestinfo, -SHA512_digestinfo, -SHA1_digestinfo, -SHA256_digestinfo, -SHA512_digestinfo, -SHA1_digestinfo, -SHA256_digestinfo, -SHA512_digestinfo, -SHA1_digestinfo, -SHA256_digestinfo, -SHA512_digestinfo, -}; - -const char* const algo_strings[NUMALGORITHMS] = { -"RSA1024 SHA1", -"RSA1024 SHA256", -"RSA1024 SHA512", -"RSA2048 SHA1", -"RSA2048 SHA256", -"RSA2048 SHA512", -"RSA4096 SHA1", -"RSA4096 SHA256", -"RSA4096 SHA512", -"RSA8192 SHA1", -"RSA8192 SHA256", -"RSA8192 SHA512", -}; - -#endif /* !CHROMEOS_EC */ diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 3d5f2e22..452677ef 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -10,6 +10,7 @@ #include "2sysincludes.h" #include "2common.h" +#include "2rsa.h" #include "2sha.h" #include "vboot_api.h" #include "vboot_common.h" @@ -107,7 +108,7 @@ void PublicKeyInit(VbPublicKey *key, uint8_t *key_data, uint64_t key_size) { key->key_offset = OffsetOf(key, key_data); key->key_size = key_size; - key->algorithm = kNumAlgorithms; /* Key not present yet */ + key->algorithm = VB2_ALG_COUNT; /* Key not present yet */ key->key_version = 0; } @@ -190,7 +191,8 @@ int VbSharedDataSetKernelKey(VbSharedDataHeader *header, const VbPublicKey *src) kdest = &header->kernel_subkey; VBDEBUG(("Saving kernel subkey to shared data: size %d, algo %d\n", - siglen_map[src->algorithm], (int)src->algorithm)); + vb2_rsa_sig_size(vb2_crypto_to_signature(src->algorithm)), + (int)src->algorithm)); /* Attempt to allocate space for key, if it hasn't been allocated yet */ if (!header->kernel_subkey_data_offset) { diff --git a/futility/cmd_show.c b/futility/cmd_show.c index 9ad55ad8..91c24d0b 100644 --- a/futility/cmd_show.c +++ b/futility/cmd_show.c @@ -49,7 +49,7 @@ void show_pubkey(const struct vb2_packed_key *pubkey, const char *sp) { printf("%sVboot API: 1.0\n", sp); printf("%sAlgorithm: %d %s\n", sp, pubkey->algorithm, - vb1_crypto_name(pubkey->algorithm)); + vb2_get_crypto_algorithm_name(pubkey->algorithm)); printf("%sKey Version: %d\n", sp, pubkey->key_version); printf("%sKey sha1sum: %s\n", sp, packed_key_sha1_string(pubkey)); @@ -78,7 +78,7 @@ static void show_keyblock(struct vb2_keyblock *keyblock, const char *name, struct vb2_packed_key *data_key = &keyblock->data_key; printf(" Data key algorithm: %d %s\n", data_key->algorithm, - vb1_crypto_name(data_key->algorithm)); + vb2_get_crypto_algorithm_name(data_key->algorithm)); printf(" Data key version: %d\n", data_key->key_version); printf(" Data key sha1sum: %s\n", packed_key_sha1_string(data_key)); @@ -116,7 +116,7 @@ int ft_show_privkey(const char *name, uint8_t *buf, uint32_t len, void *data) printf("Private Key file: %s\n", name); printf(" Vboot API: 1.0\n"); printf(" Algorithm: %u %s\n", pkey->algorithm, - vb1_crypto_name(pkey->algorithm)); + vb2_get_crypto_algorithm_name(pkey->algorithm)); printf(" Key sha1sum: %s\n", private_key_sha1_string(&key)); @@ -230,8 +230,8 @@ int ft_show_fw_preamble(const char *name, uint8_t *buf, uint32_t len, struct vb2_packed_key *kernel_subkey = &pre2->kernel_subkey; printf(" Kernel key algorithm: %d %s\n", kernel_subkey->algorithm, - vb1_crypto_name(kernel_subkey->algorithm)); - if (kernel_subkey->algorithm >= kNumAlgorithms) + vb2_get_crypto_algorithm_name(kernel_subkey->algorithm)); + if (kernel_subkey->algorithm >= VB2_ALG_COUNT) retval = 1; printf(" Kernel key version: %d\n", kernel_subkey->key_version); printf(" Kernel key sha1sum: %s\n", diff --git a/futility/cmd_sign.c b/futility/cmd_sign.c index 661eb3da..63bbfea0 100644 --- a/futility/cmd_sign.c +++ b/futility/cmd_sign.c @@ -309,7 +309,7 @@ static const char usage_pubkey[] = "\n" "\n"; static void print_help_pubkey(int argc, char *argv[]) { - printf(usage_pubkey, kNumAlgorithms - 1); + printf(usage_pubkey, VB2_ALG_COUNT - 1); } @@ -800,7 +800,7 @@ static int do_sign(int argc, char *argv[]) sign_option.pem_algo_specified = 1; sign_option.pem_algo = strtoul(optarg, &e, 0); if (!*optarg || (e && *e) || - (sign_option.pem_algo >= kNumAlgorithms)) { + (sign_option.pem_algo >= VB2_ALG_COUNT)) { fprintf(stderr, "Invalid --pem_algo \"%s\"\n", optarg); errorcnt++; diff --git a/futility/cmd_vbutil_firmware.c b/futility/cmd_vbutil_firmware.c index 2afb29f9..242dfc21 100644 --- a/futility/cmd_vbutil_firmware.c +++ b/futility/cmd_vbutil_firmware.c @@ -248,7 +248,7 @@ static int do_verify(const char *infile, const char *signpubkey, struct vb2_packed_key *packed_key = &keyblock->data_key; printf(" Data key algorithm: %d %s\n", packed_key->algorithm, - vb1_crypto_name(packed_key->algorithm)); + vb2_get_crypto_algorithm_name(packed_key->algorithm)); printf(" Data key version: %d\n", packed_key->key_version); printf(" Data key sha1sum: %s\n", packed_key_sha1_string(packed_key)); @@ -283,7 +283,7 @@ static int do_verify(const char *infile, const char *signpubkey, struct vb2_packed_key *kernel_subkey = &pre2->kernel_subkey; printf(" Kernel key algorithm: %d %s\n", kernel_subkey->algorithm, - vb1_crypto_name(kernel_subkey->algorithm)); + vb2_get_crypto_algorithm_name(kernel_subkey->algorithm)); printf(" Kernel key version: %d\n", kernel_subkey->key_version); printf(" Kernel key sha1sum: %s\n", packed_key_sha1_string(kernel_subkey)); diff --git a/futility/cmd_vbutil_key.c b/futility/cmd_vbutil_key.c index bc013127..15aa9edc 100644 --- a/futility/cmd_vbutil_key.c +++ b/futility/cmd_vbutil_key.c @@ -59,9 +59,9 @@ static void print_help(int argc, char *argv[]) " --algorithm <number> " "Signing algorithm to use with key:\n", argv[0]); - for (i = 0; i < kNumAlgorithms; i++) { + for (i = 0; i < VB2_ALG_COUNT; i++) { printf(" %d = (%s)\n", - i, vb1_crypto_name(i)); + i, vb2_get_crypto_algorithm_name(i)); } printf("\nOR\n\n" @@ -123,7 +123,7 @@ static int do_unpack(const char *infile, const char *outfile) if (pubkey) { printf("Public Key file: %s\n", infile); printf("Algorithm: %u %s\n", pubkey->algorithm, - vb1_crypto_name(pubkey->algorithm)); + vb2_get_crypto_algorithm_name(pubkey->algorithm)); printf("Key Version: %u\n", pubkey->key_version); printf("Key sha1sum: %s\n", packed_key_sha1_string(pubkey)); @@ -144,7 +144,8 @@ static int do_unpack(const char *infile, const char *outfile) enum vb2_crypto_algorithm alg = vb2_get_crypto_algorithm(privkey->hash_alg, privkey->sig_alg); - printf("Algorithm: %u %s\n", alg, vb1_crypto_name(alg)); + printf("Algorithm: %u %s\n", alg, + vb2_get_crypto_algorithm_name(alg)); if (outfile && VB2_SUCCESS != vb2_write_private_key(outfile, privkey)) { fprintf(stderr,"vbutil_key: Error writing key copy\n"); diff --git a/futility/cmd_vbutil_keyblock.c b/futility/cmd_vbutil_keyblock.c index 246616b8..18cf63ab 100644 --- a/futility/cmd_vbutil_keyblock.c +++ b/futility/cmd_vbutil_keyblock.c @@ -17,6 +17,7 @@ #include "cryptolib.h" #include "futility.h" #include "host_common.h" +#include "host_key2.h" #include "util_misc.h" #include "vb1_helper.h" #include "vb2_common.h" @@ -110,7 +111,7 @@ static int Pack(const char *outfile, const char *datapubkey, } if (signprivate_pem) { - if (pem_algorithm >= kNumAlgorithms) { + if (pem_algorithm >= VB2_ALG_COUNT) { fprintf(stderr, "vbutil_keyblock: Invalid --pem_algorithm %" PRIu64 "\n", pem_algorithm); @@ -222,7 +223,7 @@ static int Unpack(const char *infile, const char *datapubkey, struct vb2_packed_key *data_key = &block->data_key; printf("Data key algorithm: %u %s\n", data_key->algorithm, - vb1_crypto_name(data_key->algorithm)); + vb2_get_crypto_algorithm_name(data_key->algorithm)); printf("Data key version: %u\n", data_key->key_version); printf("Data key sha1sum: %s\n", packed_key_sha1_string(data_key)); diff --git a/futility/vb1_helper.c b/futility/vb1_helper.c index fdd3ece0..83acba59 100644 --- a/futility/vb1_helper.c +++ b/futility/vb1_helper.c @@ -24,11 +24,6 @@ #include "vb1_helper.h" #include "vb2_common.h" -const char *vb1_crypto_name(uint32_t algo) -{ - return algo < kNumAlgorithms ? algo_strings[algo] : "(invalid)"; -} - /****************************************************************************/ /* Here are globals containing all the bits & pieces I'm working on. * @@ -544,8 +539,7 @@ int VerifyKernelBlob(uint8_t *kernel_blob, printf(" REC"); printf("\n"); printf(" Data key algorithm: %u %s\n", data_key->algorithm, - (data_key->algorithm < kNumAlgorithms ? - algo_strings[data_key->algorithm] : "(invalid)")); + vb2_get_crypto_algorithm_name(data_key->algorithm)); printf(" Data key version: %u\n", data_key->key_version); printf(" Data key sha1sum: %s\n", packed_key_sha1_string(data_key)); diff --git a/futility/vb1_helper.h b/futility/vb1_helper.h index 41e6fbf6..f0904a90 100644 --- a/futility/vb1_helper.h +++ b/futility/vb1_helper.h @@ -10,14 +10,6 @@ struct vb2_kernel_preamble; struct vb2_keyblock; struct vb2_packed_key; -/** - * Return the name of the vb1 crypto algorithm - * - * @param algo Crypto algorithm - * @return The name of the algorithm, or "(invalid)" if algo is not valid. - */ -const char *vb1_crypto_name(uint32_t algo); - /* Display a public key with variable indentation */ void show_pubkey(const struct vb2_packed_key *pubkey, const char *sp); diff --git a/host/lib/include/host_common.h b/host/lib/include/host_common.h index 84536634..8c14942e 100644 --- a/host/lib/include/host_common.h +++ b/host/lib/include/host_common.h @@ -16,6 +16,7 @@ #include "cryptolib.h" #include "host_key.h" +#include "host_key2.h" #include "host_keyblock.h" #include "host_misc.h" #include "host_signature.h" diff --git a/host/lib/include/signature_digest.h b/host/lib/include/signature_digest.h index 40c27036..936591a8 100644 --- a/host/lib/include/signature_digest.h +++ b/host/lib/include/signature_digest.h @@ -11,7 +11,7 @@ /* Returns a buffer with DigestInfo (which depends on [algorithm]) * prepended to [digest]. */ -uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest); +uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest); /* Function that outputs the message digest of the contents of a buffer in a * format that can be used as input to OpenSSL for an RSA signature. diff --git a/host/lib/signature_digest.c b/host/lib/signature_digest.c index e90a56ed..2050d4a4 100644 --- a/host/lib/signature_digest.c +++ b/host/lib/signature_digest.c @@ -12,16 +12,23 @@ #include "2sysincludes.h" #include "2common.h" +#include "2rsa.h" #include "2sha.h" #include "cryptolib.h" #include "host_common.h" +#include "host_signature2.h" #include "signature_digest.h" -uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) +uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest) { - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - const int digestinfo_size = digestinfo_size_map[algorithm]; - const uint8_t* digestinfo = hash_digestinfo_map[algorithm]; + const int digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) + return NULL; + uint8_t* p = malloc(digestinfo_size + digest_size); memcpy(p, digestinfo, digestinfo_size); memcpy(p + digestinfo_size, digest, digest_size); @@ -35,7 +42,7 @@ uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, uint8_t digest[VB2_SHA512_DIGEST_SIZE]; /* Longest digest */ - if (algorithm >= kNumAlgorithms) { + if (algorithm >= VB2_ALG_COUNT) { VBDEBUG(("SignatureDigest() called with invalid algorithm!\n")); } else if (VB2_SUCCESS == vb2_digest_buffer(buf, len, vb2_crypto_to_hash(algorithm), @@ -48,12 +55,29 @@ uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, unsigned int algorithm) { + const enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); FILE* key_fp = NULL; RSA* key = NULL; uint8_t* signature = NULL; uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - int signature_digest_len = digest_size + digestinfo_size_map[algorithm]; + if (!signature_digest) { + VBDEBUG(("SignatureBuf(): Couldn't get signature digest\n")); + return NULL; + } + + const int digest_size = vb2_digest_size(hash_alg); + + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) { + VBDEBUG(("SignatureBuf(): Couldn't get digest info\n")); + free(signature_digest); + return NULL; + } + + int signature_digest_len = digest_size + digestinfo_size; + key_fp = fopen(key_file, "r"); if (!key_fp) { VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", @@ -62,7 +86,8 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, return NULL; } if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL))) - signature = (uint8_t*) malloc(siglen_map[algorithm]); + signature = (uint8_t *)malloc( + vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm))); else VBDEBUG(("SignatureBuf(): Couldn't read private key from: %s\n", key_file)); diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c index 2ebd08a1..ecb7328b 100644 --- a/host/lib21/host_key.c +++ b/host/lib21/host_key.c @@ -33,6 +33,22 @@ const struct vb2_text_vs_enum vb2_text_vs_hash[] = { {0, 0} }; +const struct vb2_text_vs_enum vb2_text_vs_crypto[] = { + {"RSA1024 SHA1", VB2_ALG_RSA1024_SHA1}, + {"RSA1024 SHA256", VB2_ALG_RSA1024_SHA256}, + {"RSA1024 SHA512", VB2_ALG_RSA1024_SHA512}, + {"RSA2048 SHA1", VB2_ALG_RSA2048_SHA1}, + {"RSA2048 SHA256", VB2_ALG_RSA2048_SHA256}, + {"RSA2048 SHA512", VB2_ALG_RSA2048_SHA512}, + {"RSA4096 SHA1", VB2_ALG_RSA4096_SHA1}, + {"RSA4096 SHA256", VB2_ALG_RSA4096_SHA256}, + {"RSA4096 SHA512", VB2_ALG_RSA4096_SHA512}, + {"RSA8192 SHA1", VB2_ALG_RSA8192_SHA1}, + {"RSA8192 SHA256", VB2_ALG_RSA8192_SHA256}, + {"RSA8192 SHA512", VB2_ALG_RSA8192_SHA512}, + {0, 0} +}; + const struct vb2_text_vs_enum *vb2_lookup_by_num( const struct vb2_text_vs_enum *table, const unsigned int num) @@ -61,6 +77,14 @@ const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg) return entry ? entry->name : VB2_INVALID_ALG_NAME; } +const char *vb2_get_crypto_algorithm_name(enum vb2_crypto_algorithm alg) +{ + const struct vb2_text_vs_enum *entry = + vb2_lookup_by_num(vb2_text_vs_crypto, alg); + + return entry ? entry->name : VB2_INVALID_ALG_NAME; +} + void vb2_private_key_free(struct vb2_private_key *key) { if (!key) diff --git a/host/lib21/include/host_key2.h b/host/lib21/include/host_key2.h index 5a2ec0ad..f786ec9f 100644 --- a/host/lib21/include/host_key2.h +++ b/host/lib21/include/host_key2.h @@ -67,6 +67,14 @@ extern const struct vb2_text_vs_enum vb2_text_vs_hash[]; const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg); /** + * Return the name of a crypto algorithm. + * + * @param alg Crypto algorithm to look up + * @return The corresponding name, or VB2_INVALID_ALG_NAME if no match. + */ +const char *vb2_get_crypto_algorithm_name(enum vb2_crypto_algorithm alg); + +/** * Free a private key. * * @param key Key containing internal data to free. diff --git a/scripts/genpadding.sh b/scripts/genpadding.sh deleted file mode 100755 index baac71bd..00000000 --- a/scripts/genpadding.sh +++ /dev/null @@ -1,235 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -# Script to generate padding.c containing PKCS 1.5 padding byte arrays for -# various combinations of RSA key lengths and message digest algorithms. - -Pad_Preamble="0x00,0x01" - -SHA1_digestinfo="0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05"\ -",0x00,0x04,0x14" -SHA256_digestinfo="0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ -",0x04,0x02,0x01,0x05,0x00,0x04,0x20" -SHA512_digestinfo="0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ -",0x04,0x02,0x03,0x05,0x00,0x04,0x40" - -RSA1024_Len=128 -RSA2048_Len=256 -RSA4096_Len=512 -RSA8192_Len=1024 - -SHA1_T_Len=35 -SHA256_T_Len=51 -SHA512_T_Len=83 - -HashAlgos=( SHA1 SHA256 SHA512 ) -RSAAlgos=( RSA1024 RSA2048 RSA4096 RSA8192 ) - -function genFFOctets { - count=$1 - while [ $count -gt 0 ]; do - echo -n "0xff," - let count=count-1 - done -} - - -cat <<EOF -/* - * DO NOT MODIFY THIS FILE DIRECTLY. - * - * This file is automatically generated by genpadding.sh and contains padding - * arrays corresponding to various combinations of algorithms for RSA signatures. - */ - -EOF - - -echo '#include "cryptolib.h"' -echo -echo -cat <<EOF -/* - * PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard) - * - * Depending on the RSA key size and hash function, the padding is calculated - * as follows: - * - * 0x00 || 0x01 || PS || 0x00 || T - * - * T: DER Encoded DigestInfo value which depends on the hash function used. - * - * SHA-1: (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H. - * SHA-256: (0x)30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || H. - * SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H. - * - * Length(T) = 35 octets for SHA-1 - * Length(T) = 51 octets for SHA-256 - * Length(T) = 83 octets for SHA-512 - * - * PS: octet string consisting of {Length(RSA Key) - Length(T) - 3} 0xFF - * - */ -EOF -echo -echo - - -# Generate padding arrays. -algorithmcounter=0 - -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo "/* Algorithm Type $algorithmcounter */" - let algorithmcounter=algorithmcounter+1 - eval rsalen=${rsaalgo}_Len - eval hashlen=${hashalgo}_T_Len - let nums=rsalen-hashlen-3 - echo "const uint8_t padding${rsaalgo}_${hashalgo}[${rsaalgo}NUMBYTES - ${hashalgo}_DIGEST_SIZE] = {" - echo -n $Pad_Preamble, - genFFOctets $nums - echo -n "0x00," - eval digestinfo=\$${hashalgo}_digestinfo - echo $digestinfo - echo "};" - echo - done -done - -echo "const int kNumAlgorithms = $algorithmcounter;"; -echo "#define NUMALGORITHMS $algorithmcounter" -echo - -# Output DigestInfo field lengths. -cat <<EOF -#define SHA1_DIGESTINFO_LEN 15 -#define SHA256_DIGESTINFO_LEN 19 -#define SHA512_DIGESTINFO_LEN 19 -EOF - - -# Generate DigestInfo arrays. -for hashalgo in ${HashAlgos[@]} -do - echo "const uint8_t ${hashalgo}_digestinfo[] = {" - eval digestinfo=\$${hashalgo}_digestinfo - echo $digestinfo - echo "};" - echo -done - -# Generate DigestInfo to size map. -echo "const int digestinfo_size_map[] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${hashalgo}_DIGESTINFO_LEN, - done -done -echo "};" -echo - -# Generate algorithm signature length map. -echo "const int siglen_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${rsaalgo}NUMBYTES, - done -done -echo "};" -echo - -# Generate algorithm padding array map. -echo "const uint8_t* padding_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo padding${rsaalgo}_${hashalgo}, - done -done -echo "};" -echo - -# Generate algorithm padding size map. -echo "const int padding_size_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${rsaalgo}NUMBYTES - ${hashalgo}_DIGEST_SIZE, - done -done -echo "};" -echo - -# Generate signature algorithm to messge digest algorithm map. -echo "const int hash_type_map[] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${hashalgo}_DIGEST_ALGORITHM, - done -done -echo "};" -echo - -# Generate algorithm to message digest's output size map. -echo "const int hash_size_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${hashalgo}_DIGEST_SIZE, - done -done -echo "};" -echo - -# Generate algorithm to message digest's input block size map. -echo "const int hash_blocksize_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${hashalgo}_BLOCK_SIZE, - done -done -echo "};" -echo - -# Generate algorithm to message's digest ASN.1 DigestInfo map. -echo "const uint8_t* hash_digestinfo_map[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo ${hashalgo}_digestinfo, - done -done -echo "};" -echo - - -# Generate algorithm description strings. -echo "const char* algo_strings[NUMALGORITHMS] = {" -for rsaalgo in ${RSAAlgos[@]} -do - for hashalgo in ${HashAlgos[@]} - do - echo \"${rsaalgo} ${hashalgo}\", - done -done -echo "};" -echo - -#echo "#endif /* VBOOT_REFERENCE_PADDING_H_ */" diff --git a/tests/vb20_common2_tests.c b/tests/vb20_common2_tests.c index 671fa9fe..00861e58 100644 --- a/tests/vb20_common2_tests.c +++ b/tests/vb20_common2_tests.c @@ -13,6 +13,7 @@ #include "2rsa.h" #include "file_keys.h" #include "host_common.h" +#include "host_key2.h" #include "vb2_common.h" #include "vboot_common.h" #include "test_common.h" @@ -138,7 +139,8 @@ static void test_verify_data(const struct vb2_packed_key *key1, int test_algorithm(int key_algorithm, const char *keys_dir) { char filename[1024]; - int rsa_len = siglen_map[key_algorithm] * 8; + int rsa_bits = 8 * vb2_rsa_sig_size( + vb2_crypto_to_signature(key_algorithm)); struct vb2_private_key *private_key = NULL; struct vb2_signature *sig = NULL; @@ -146,10 +148,11 @@ int test_algorithm(int key_algorithm, const char *keys_dir) int retval = 1; - printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); + printf("***Testing algorithm: %s\n", + vb2_get_crypto_algorithm_name(key_algorithm)); snprintf(filename, sizeof(filename), - "%s/key_rsa%d.pem", keys_dir, rsa_len); + "%s/key_rsa%d.pem", keys_dir, rsa_bits); private_key = vb2_read_private_key_pem(filename, key_algorithm); if (!private_key) { fprintf(stderr, "Error reading private_key: %s\n", filename); @@ -157,7 +160,7 @@ int test_algorithm(int key_algorithm, const char *keys_dir) } snprintf(filename, sizeof(filename), - "%s/key_rsa%d.keyb", keys_dir, rsa_len); + "%s/key_rsa%d.keyb", keys_dir, rsa_bits); key1 = vb2_read_packed_keyb(filename, key_algorithm, 1); if (!key1) { fprintf(stderr, "Error reading public_key: %s\n", filename); @@ -208,7 +211,7 @@ int main(int argc, char *argv[]) { /* Test all the algorithms */ int alg; - for (alg = 0; alg < kNumAlgorithms; alg++) { + for (alg = 0; alg < VB2_ALG_COUNT; alg++) { if (test_algorithm(alg, argv[1])) return 1; } diff --git a/tests/vb20_common3_tests.c b/tests/vb20_common3_tests.c index b4e5bf5e..e5538673 100644 --- a/tests/vb20_common3_tests.c +++ b/tests/vb20_common3_tests.c @@ -515,8 +515,10 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, const char *keys_dir) { char filename[1024]; - int signing_rsa_len = siglen_map[signing_key_algorithm] * 8; - int data_rsa_len = siglen_map[data_key_algorithm] * 8; + int signing_rsa_len = 8 * vb2_rsa_sig_size( + vb2_crypto_to_signature(signing_key_algorithm)); + int data_rsa_len = 8 * vb2_rsa_sig_size( + vb2_crypto_to_signature(data_key_algorithm)); int retval = 1; struct vb2_private_key *signing_private_key = NULL; @@ -524,9 +526,9 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, struct vb2_packed_key *data_public_key = NULL; printf("***Testing signing algorithm: %s\n", - algo_strings[signing_key_algorithm]); + vb2_get_crypto_algorithm_name(signing_key_algorithm)); printf("***With data key algorithm: %s\n", - algo_strings[data_key_algorithm]); + vb2_get_crypto_algorithm_name(data_key_algorithm)); snprintf(filename, sizeof(filename), "%s/key_rsa%d.pem", keys_dir, signing_rsa_len); diff --git a/tests/vb21_common2_tests.c b/tests/vb21_common2_tests.c index 15e4d505..b121fa5a 100644 --- a/tests/vb21_common2_tests.c +++ b/tests/vb21_common2_tests.c @@ -239,7 +239,8 @@ static void test_verify_data(const struct vb2_public_key *pubk_orig, int test_algorithm(int key_algorithm, const char *keys_dir) { char filename[1024]; - int rsa_len = siglen_map[key_algorithm] * 8; + int rsa_bits = 8 * vb2_rsa_sig_size( + vb2_crypto_to_signature(key_algorithm)); enum vb2_signature_algorithm sig_alg = vb2_crypto_to_signature(key_algorithm); @@ -250,10 +251,11 @@ int test_algorithm(int key_algorithm, const char *keys_dir) struct vb2_public_key *pubk = NULL; struct vb21_packed_key *key2 = NULL; - printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); + printf("***Testing algorithm: %s\n", + vb2_get_crypto_algorithm_name(key_algorithm)); snprintf(filename, sizeof(filename), - "%s/key_rsa%d.pem", keys_dir, rsa_len); + "%s/key_rsa%d.pem", keys_dir, rsa_bits); TEST_SUCC(vb2_private_key_read_pem(&prik, filename), "Read private key"); prik->hash_alg = hash_alg; @@ -261,7 +263,7 @@ int test_algorithm(int key_algorithm, const char *keys_dir) vb2_private_key_set_desc(prik, "private key"); snprintf(filename, sizeof(filename), - "%s/key_rsa%d.keyb", keys_dir, rsa_len); + "%s/key_rsa%d.keyb", keys_dir, rsa_bits); TEST_SUCC(vb2_public_key_read_keyb(&pubk, filename), "Read public key"); pubk->hash_alg = hash_alg; @@ -305,7 +307,7 @@ int main(int argc, char *argv[]) { /* Test all the algorithms */ int alg; - for (alg = 0; alg < kNumAlgorithms; alg++) { + for (alg = 0; alg < VB2_ALG_COUNT; alg++) { if (test_algorithm(alg, argv[1])) return 1; } diff --git a/tests/vb2_rsa_utility_tests.c b/tests/vb2_rsa_utility_tests.c index 99282bf7..df603272 100644 --- a/tests/vb2_rsa_utility_tests.c +++ b/tests/vb2_rsa_utility_tests.c @@ -40,7 +40,7 @@ static void test_utils(void) .hash_alg = VB2_HASH_INVALID}; /* Verify old and new algorithm count constants match */ - TEST_EQ(kNumAlgorithms, VB2_ALG_COUNT, "Algorithm counts"); + TEST_EQ(VB2_ALG_COUNT, VB2_ALG_COUNT, "Algorithm counts"); /* Crypto algorithm to sig algorithm mapping */ TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA1024_SHA1), diff --git a/tests/vboot_common_tests.c b/tests/vboot_common_tests.c index d5494d42..8e005260 100644 --- a/tests/vboot_common_tests.c +++ b/tests/vboot_common_tests.c @@ -9,6 +9,7 @@ #include <stdio.h> #include <stdlib.h> +#include "host_common.h" #include "test_common.h" #include "utility.h" #include "vboot_common.h" @@ -154,7 +155,7 @@ static void PublicKeyTest(void) PublicKeyInit(k, (uint8_t*)(k + 1), 2 * sizeof(VbPublicKey)); TEST_EQ(k->key_offset, sizeof(VbPublicKey), "PublicKeyInit key_offset"); TEST_EQ(k->key_size, 2 * sizeof(VbPublicKey), "PublicKeyInit key_size"); - TEST_EQ(k->algorithm, kNumAlgorithms, "PublicKeyInit algorithm"); + TEST_EQ(k->algorithm, VB2_ALG_COUNT, "PublicKeyInit algorithm"); TEST_EQ(k->key_version, 0, "PublicKeyInit key_version"); /* Set algorithm and version, so we can tell if they get copied */ diff --git a/utility/pad_digest_utility.c b/utility/pad_digest_utility.c index 440cca3a..3861e5fe 100644 --- a/utility/pad_digest_utility.c +++ b/utility/pad_digest_utility.c @@ -9,56 +9,62 @@ #include <string.h> #include "2sysincludes.h" - #include "2common.h" #include "2sha.h" -#include "file_keys.h" #include "host_common.h" -#include "padding.h" +#include "host_signature2.h" #include "signature_digest.h" static void usage(char* argv[]) { - fprintf(stderr, - "Usage: %s <alg_id> <digest_file>\n" - "\n" - "Generate a padded hash suitable for generating PKCS#1.5 " - "signatures.\n", - basename(argv[0])); + fprintf(stderr, + "Usage: %s <alg_id> <digest_file>\n" + "\n" + "Generate a padded hash suitable for generating PKCS#1.5 " + "signatures.\n", + basename(argv[0])); } -int main(int argc, char* argv[]) { - int algorithm = -1; - int error_code = 0; - uint8_t* digest = NULL; - uint8_t* padded_digest = NULL; - uint32_t len; - uint32_t padded_digest_len; +int main(int argc, char* argv[]) +{ + int algorithm = -1; + int error_code = -1; + uint8_t* digest = NULL; + uint8_t* padded_digest = NULL; + uint32_t len; + + if (argc != 3) { + usage(argv); + goto cleanup; + } + algorithm = atoi(argv[1]); + if (algorithm < 0 || algorithm >= VB2_ALG_COUNT) { + fprintf(stderr, "Invalid Algorithm!\n"); + goto cleanup; + } - if (argc != 3) { - usage(argv); - return -1; - } - algorithm = atoi(argv[1]); - if (algorithm < 0 || algorithm >= kNumAlgorithms) { - fprintf(stderr, "Invalid Algorithm!\n"); - return -1; - } + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); + uint32_t digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t* digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) { + fprintf(stderr, "SignatureBuf(): Couldn't get digest info\n"); + goto cleanup; + } + uint32_t padded_digest_len = digest_size + digestinfo_size; - if (VB2_SUCCESS != vb2_read_file(argv[2], &digest, &len)) { - fprintf(stderr, "Could not read file: %s\n", argv[2]); - return -1; - } + if (VB2_SUCCESS != vb2_read_file(argv[2], &digest, &len)) { + fprintf(stderr, "Could not read file: %s\n", argv[2]); + goto cleanup; + } - padded_digest = PrependDigestInfo(algorithm, digest); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - padded_digest_len = (digest_size + digestinfo_size_map[algorithm]); + padded_digest = PrependDigestInfo(hash_alg, digest); + if(padded_digest && + fwrite(padded_digest, padded_digest_len, 1, stdout) == 1) + error_code = 0; - if (!padded_digest) - error_code = -1; - if(padded_digest && - 1 != fwrite(padded_digest, padded_digest_len, 1, stdout)) - error_code = -1; - free(padded_digest); - free(digest); - return error_code; +cleanup: + free(padded_digest); + free(digest); + return error_code; } diff --git a/utility/signature_digest_utility.c b/utility/signature_digest_utility.c index 0ed1a99d..edabf71d 100644 --- a/utility/signature_digest_utility.c +++ b/utility/signature_digest_utility.c @@ -13,45 +13,49 @@ #include "2sysincludes.h" #include "2common.h" - -#include "file_keys.h" #include "host_common.h" -#include "padding.h" +#include "host_signature2.h" #include "signature_digest.h" - -int main(int argc, char* argv[]) { - int algorithm = -1; - int error_code = 0; - uint8_t* buf = NULL; - uint8_t* signature_digest = NULL; - uint32_t len; - uint32_t signature_digest_len; - - if (argc != 3) { - fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]); - return -1; - } - algorithm = atoi(argv[1]); - if (algorithm < 0 || algorithm >= kNumAlgorithms) { - fprintf(stderr, "Invalid Algorithm!\n"); - return -1; - } - - if (VB2_SUCCESS != vb2_read_file(argv[2], &buf, &len)) { - fprintf(stderr, "Could not read file: %s\n", argv[2]); - return -1; - } - - signature_digest = SignatureDigest(buf, len, algorithm); - const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm)); - signature_digest_len = (digest_size + digestinfo_size_map[algorithm]); - if (!signature_digest) - error_code = -1; - if(signature_digest && - 1 != fwrite(signature_digest, signature_digest_len, 1, stdout)) - error_code = -1; - free(signature_digest); - free(buf); - return error_code; +int main(int argc, char* argv[]) +{ + int error_code = -1; + uint8_t *buf = NULL; + uint8_t *signature_digest = NULL; + uint32_t len; + + if (argc != 3) { + fprintf(stderr, "Usage: %s <alg_id> <file>", argv[0]); + goto cleanup; + } + + int algorithm = atoi(argv[1]); + if (algorithm < 0 || algorithm >= VB2_ALG_COUNT) { + fprintf(stderr, "Invalid Algorithm!\n"); + goto cleanup; + } + + if (VB2_SUCCESS != vb2_read_file(argv[2], &buf, &len)) { + fprintf(stderr, "Could not read file: %s\n", argv[2]); + goto cleanup; + } + + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(algorithm); + uint32_t digest_size = vb2_digest_size(hash_alg); + uint32_t digestinfo_size = 0; + const uint8_t *digestinfo = NULL; + if (VB2_SUCCESS != vb2_digest_info(hash_alg, &digestinfo, + &digestinfo_size)) + goto cleanup; + + uint32_t signature_digest_len = digest_size + digestinfo_size; + signature_digest = SignatureDigest(buf, len, algorithm); + if(signature_digest && + fwrite(signature_digest, signature_digest_len, 1, stdout) == 1) + error_code = 0; + +cleanup: + free(signature_digest); + free(buf); + return error_code; } diff --git a/utility/verify_data.c b/utility/verify_data.c index d68f8909..d160809b 100644 --- a/utility/verify_data.c +++ b/utility/verify_data.c @@ -24,8 +24,7 @@ #include "2rsa.h" #include "cryptolib.h" #include "file_keys.h" -#include "host_key.h" -#include "host_misc.h" +#include "host_common.h" #include "vb2_common.h" /* ANSI Color coding sequences. */ @@ -83,12 +82,13 @@ int main(int argc, char* argv[]) "where <algorithm> depends on the signature algorithm" " used:\n"); for(i = 0; i < VB2_ALG_COUNT; i++) - fprintf(stderr, "\t%d for %s\n", i, algo_strings[i]); + fprintf(stderr, "\t%d for %s\n", i, + vb2_get_crypto_algorithm_name(i)); return -1; } int algorithm = atoi(argv[1]); - if (algorithm >= kNumAlgorithms) { + if (algorithm >= VB2_ALG_COUNT) { fprintf(stderr, "Invalid algorithm %d\n", algorithm); goto error; } |