summaryrefslogtreecommitdiff
path: root/firmware/2lib/2crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'firmware/2lib/2crypto.c')
-rw-r--r--firmware/2lib/2crypto.c202
1 files changed, 202 insertions, 0 deletions
diff --git a/firmware/2lib/2crypto.c b/firmware/2lib/2crypto.c
new file mode 100644
index 00000000..5906301d
--- /dev/null
+++ b/firmware/2lib/2crypto.c
@@ -0,0 +1,202 @@
+/* Copyright 2020 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Hash and signature algorithm parsing helpers for host utilities.
+ */
+
+#include "2common.h"
+#include "2crypto.h"
+#include "2rsa.h"
+#include "2sha.h"
+#include "2sysincludes.h"
+
+/* These two need to be exported for host/lib/crypto.c */
+
+const char *vb2_sig_names[VB2_SIG_ALG_COUNT] = {
+ [VB2_SIG_NONE] = "none",
+ [VB2_SIG_RSA1024] = "RSA1024",
+ [VB2_SIG_RSA2048] = "RSA2048",
+ [VB2_SIG_RSA4096] = "RSA4096",
+ [VB2_SIG_RSA8192] = "RSA8192",
+ [VB2_SIG_RSA2048_EXP3] = "RSA2048EXP3",
+ [VB2_SIG_RSA3072_EXP3] = "RSA3072EXP3",
+};
+
+const char *vb2_hash_names[VB2_HASH_ALG_COUNT] = {
+ [VB2_HASH_NONE] = "none",
+#if VB2_SUPPORT_SHA1
+ [VB2_HASH_SHA1] = VB2_SHA1_ALG_NAME,
+#endif
+#if VB2_SUPPORT_SHA256
+ [VB2_HASH_SHA256] = VB2_SHA256_ALG_NAME,
+#endif
+#if VB2_SUPPORT_SHA512
+ [VB2_HASH_SHA512] = VB2_SHA512_ALG_NAME,
+#endif
+};
+
+/* The others are internal to this file. */
+
+static const char *crypto_names[] = {
+#if VB2_SUPPORT_SHA1
+ [VB2_ALG_RSA1024_SHA1] = "RSA1024 SHA1",
+ [VB2_ALG_RSA2048_SHA1] = "RSA2048 SHA1",
+ [VB2_ALG_RSA4096_SHA1] = "RSA4096 SHA1",
+ [VB2_ALG_RSA8192_SHA1] = "RSA8192 SHA1",
+ [VB2_ALG_RSA2048_EXP3_SHA1] = "RSA2048 EXP3 SHA1",
+ [VB2_ALG_RSA3072_EXP3_SHA1] = "RSA3072 EXP3 SHA1",
+#endif
+#if VB2_SUPPORT_SHA256
+ [VB2_ALG_RSA1024_SHA256] = "RSA1024 SHA256",
+ [VB2_ALG_RSA2048_SHA256] = "RSA2048 SHA256",
+ [VB2_ALG_RSA4096_SHA256] = "RSA4096 SHA256",
+ [VB2_ALG_RSA8192_SHA256] = "RSA8192 SHA256",
+ [VB2_ALG_RSA2048_EXP3_SHA256] = "RSA2048 EXP3 SHA256",
+ [VB2_ALG_RSA3072_EXP3_SHA256] = "RSA3072 EXP3 SHA256",
+#endif
+#if VB2_SUPPORT_SHA512
+ [VB2_ALG_RSA1024_SHA512] = "RSA1024 SHA512",
+ [VB2_ALG_RSA2048_SHA512] = "RSA2048 SHA512",
+ [VB2_ALG_RSA4096_SHA512] = "RSA4096 SHA512",
+ [VB2_ALG_RSA8192_SHA512] = "RSA8192 SHA512",
+ [VB2_ALG_RSA2048_EXP3_SHA512] = "RSA2048 EXP3 SHA512",
+ [VB2_ALG_RSA3072_EXP3_SHA512] = "RSA3072 EXP3 SHA512",
+#endif
+};
+
+static const char *crypto_filenames[] = {
+#if VB2_SUPPORT_SHA1
+ [VB2_ALG_RSA1024_SHA1] = "rsa1024",
+ [VB2_ALG_RSA2048_SHA1] = "rsa2048",
+ [VB2_ALG_RSA4096_SHA1] = "rsa4096",
+ [VB2_ALG_RSA8192_SHA1] = "rsa8192",
+ [VB2_ALG_RSA2048_EXP3_SHA1] = "rsa2048_exp3",
+ [VB2_ALG_RSA3072_EXP3_SHA1] = "rsa3072_exp3",
+#endif
+#if VB2_SUPPORT_SHA256
+ [VB2_ALG_RSA1024_SHA256] = "rsa1024",
+ [VB2_ALG_RSA2048_SHA256] = "rsa2048",
+ [VB2_ALG_RSA4096_SHA256] = "rsa4096",
+ [VB2_ALG_RSA8192_SHA256] = "rsa8192",
+ [VB2_ALG_RSA2048_EXP3_SHA256] = "rsa2048_exp3",
+ [VB2_ALG_RSA3072_EXP3_SHA256] = "rsa3072_exp3",
+#endif
+#if VB2_SUPPORT_SHA512
+ [VB2_ALG_RSA1024_SHA512] = "rsa1024",
+ [VB2_ALG_RSA2048_SHA512] = "rsa2048",
+ [VB2_ALG_RSA4096_SHA512] = "rsa4096",
+ [VB2_ALG_RSA8192_SHA512] = "rsa8192",
+ [VB2_ALG_RSA2048_EXP3_SHA512] = "rsa2048_exp3",
+ [VB2_ALG_RSA3072_EXP3_SHA512] = "rsa3072_exp3",
+#endif
+};
+
+static const uint8_t crypto_to_sig[] = {
+#if VB2_SUPPORT_SHA1
+ [VB2_ALG_RSA1024_SHA1] = VB2_SIG_RSA1024,
+ [VB2_ALG_RSA2048_SHA1] = VB2_SIG_RSA2048,
+ [VB2_ALG_RSA4096_SHA1] = VB2_SIG_RSA4096,
+ [VB2_ALG_RSA8192_SHA1] = VB2_SIG_RSA8192,
+ [VB2_ALG_RSA2048_EXP3_SHA1] = VB2_SIG_RSA2048_EXP3,
+ [VB2_ALG_RSA3072_EXP3_SHA1] = VB2_SIG_RSA3072_EXP3,
+#endif
+#if VB2_SUPPORT_SHA256
+ [VB2_ALG_RSA1024_SHA256] = VB2_SIG_RSA1024,
+ [VB2_ALG_RSA2048_SHA256] = VB2_SIG_RSA2048,
+ [VB2_ALG_RSA4096_SHA256] = VB2_SIG_RSA4096,
+ [VB2_ALG_RSA8192_SHA256] = VB2_SIG_RSA8192,
+ [VB2_ALG_RSA2048_EXP3_SHA256] = VB2_SIG_RSA2048_EXP3,
+ [VB2_ALG_RSA3072_EXP3_SHA256] = VB2_SIG_RSA3072_EXP3,
+#endif
+#if VB2_SUPPORT_SHA512
+ [VB2_ALG_RSA1024_SHA512] = VB2_SIG_RSA1024,
+ [VB2_ALG_RSA2048_SHA512] = VB2_SIG_RSA2048,
+ [VB2_ALG_RSA4096_SHA512] = VB2_SIG_RSA4096,
+ [VB2_ALG_RSA8192_SHA512] = VB2_SIG_RSA8192,
+ [VB2_ALG_RSA2048_EXP3_SHA512] = VB2_SIG_RSA2048_EXP3,
+ [VB2_ALG_RSA3072_EXP3_SHA512] = VB2_SIG_RSA3072_EXP3,
+#endif
+};
+
+static const uint8_t crypto_to_hash[] = {
+#if VB2_SUPPORT_SHA1
+ [VB2_ALG_RSA1024_SHA1] = VB2_HASH_SHA1,
+ [VB2_ALG_RSA2048_SHA1] = VB2_HASH_SHA1,
+ [VB2_ALG_RSA4096_SHA1] = VB2_HASH_SHA1,
+ [VB2_ALG_RSA8192_SHA1] = VB2_HASH_SHA1,
+ [VB2_ALG_RSA2048_EXP3_SHA1] = VB2_HASH_SHA1,
+ [VB2_ALG_RSA3072_EXP3_SHA1] = VB2_HASH_SHA1,
+#endif
+#if VB2_SUPPORT_SHA256
+ [VB2_ALG_RSA1024_SHA256] = VB2_HASH_SHA256,
+ [VB2_ALG_RSA2048_SHA256] = VB2_HASH_SHA256,
+ [VB2_ALG_RSA4096_SHA256] = VB2_HASH_SHA256,
+ [VB2_ALG_RSA8192_SHA256] = VB2_HASH_SHA256,
+ [VB2_ALG_RSA2048_EXP3_SHA256] = VB2_HASH_SHA256,
+ [VB2_ALG_RSA3072_EXP3_SHA256] = VB2_HASH_SHA256,
+#endif
+#if VB2_SUPPORT_SHA512
+ [VB2_ALG_RSA1024_SHA512] = VB2_HASH_SHA512,
+ [VB2_ALG_RSA2048_SHA512] = VB2_HASH_SHA512,
+ [VB2_ALG_RSA4096_SHA512] = VB2_HASH_SHA512,
+ [VB2_ALG_RSA8192_SHA512] = VB2_HASH_SHA512,
+ [VB2_ALG_RSA2048_EXP3_SHA512] = VB2_HASH_SHA512,
+ [VB2_ALG_RSA3072_EXP3_SHA512] = VB2_HASH_SHA512,
+#endif
+};
+
+#if VB2_SUPPORT_SHA512
+_Static_assert(ARRAY_SIZE(crypto_names) == VB2_ALG_COUNT, "");
+_Static_assert(ARRAY_SIZE(crypto_filenames) == VB2_ALG_COUNT, "");
+_Static_assert(ARRAY_SIZE(crypto_to_sig) == VB2_ALG_COUNT, "");
+_Static_assert(ARRAY_SIZE(crypto_to_hash) == VB2_ALG_COUNT, "");
+#endif
+
+const char *vb2_get_hash_algorithm_name(enum vb2_hash_algorithm hash_alg)
+{ if (hash_alg < ARRAY_SIZE(vb2_hash_names) && vb2_hash_names[hash_alg])
+ return vb2_hash_names[hash_alg];
+ else
+ return VB2_INVALID_ALG_NAME;
+}
+
+const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg)
+{
+ if (sig_alg < ARRAY_SIZE(vb2_sig_names) && vb2_sig_names[sig_alg])
+ return vb2_sig_names[sig_alg];
+ else
+ return VB2_INVALID_ALG_NAME;
+}
+
+const char *vb2_get_crypto_algorithm_name(enum vb2_crypto_algorithm alg)
+{
+ if (alg < ARRAY_SIZE(crypto_names) && crypto_names[alg])
+ return crypto_names[alg];
+ else
+ return VB2_INVALID_ALG_NAME;
+}
+
+const char *vb2_get_crypto_algorithm_file(enum vb2_crypto_algorithm alg)
+{
+ if (alg < ARRAY_SIZE(crypto_filenames) && crypto_filenames[alg])
+ return crypto_filenames[alg];
+ else
+ return VB2_INVALID_ALG_NAME;
+}
+
+enum vb2_signature_algorithm vb2_crypto_to_signature(
+ enum vb2_crypto_algorithm algorithm)
+{
+ if (algorithm < ARRAY_SIZE(crypto_to_sig))
+ return crypto_to_sig[algorithm];
+ else
+ return VB2_SIG_INVALID;
+}
+
+enum vb2_hash_algorithm vb2_crypto_to_hash(enum vb2_crypto_algorithm algorithm)
+{
+ if (algorithm < ARRAY_SIZE(crypto_to_hash))
+ return crypto_to_hash[algorithm];
+ else
+ return VB2_HASH_INVALID;
+}
View Lorry Controller Status