Revert "VBoot Reference: Refactor Part 2 - Crypto Libraries"
This reverts commit e018a80a37aaa45681f45f5852f04d20aedd8b2d.
Review URL: http://codereview.chromium.org/1593002
diff --git a/crypto/genpadding.sh b/crypto/genpadding.sh
index e429ddc..6086c8d 100755
--- a/crypto/genpadding.sh
+++ b/crypto/genpadding.sh
@@ -172,18 +172,6 @@
echo "};"
echo
-# Generate signature algorithm to messge digest algorithm map.
-echo "const int hash_type_map[] = {"
-for rsaalgo in ${RSAAlgos[@]}
-do
- for hashalgo in ${HashAlgos[@]}
- do
- echo ${hashalgo}_DIGEST_ALGORITHM,
- done
-done
-echo "};"
-echo
-
# Generate algorithm to message digest's output size map.
echo "const int hash_size_map[NUMALGORITHMS] = {"
for rsaalgo in ${RSAAlgos[@]}
diff --git a/crypto/padding.c b/crypto/padding.c
index 91424ba..5580d6e 100644
--- a/crypto/padding.c
+++ b/crypto/padding.c
@@ -5,7 +5,9 @@
* arrays corresponding to various combinations of algorithms for RSA signatures.
*/
-#include "cryptolib.h"
+#include "rsa.h"
+#include "sha.h"
+
/*
* PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard)
@@ -168,21 +170,6 @@
RSA8192NUMBYTES - SHA512_DIGEST_SIZE,
};
-const int hash_type_map[] = {
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-};
-
const int hash_size_map[NUMALGORITHMS] = {
SHA1_DIGEST_SIZE,
SHA256_DIGEST_SIZE,
@@ -242,3 +229,4 @@
"RSA8192 SHA256",
"RSA8192 SHA512",
};
+
diff --git a/crypto/rsa.c b/crypto/rsa.c
index bfc6446..c84ae4e 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -8,7 +8,10 @@
* support multiple RSA key lengths and hash digest algorithms.
*/
-#include "cryptolib.h"
+#include <stdio.h>
+
+#include "padding.h"
+#include "rsa.h"
#include "utility.h"
/* a[] -= mod */
@@ -135,17 +138,17 @@
int success = 1;
if (sig_len != (key->len * sizeof(uint32_t))) {
- debug("Signature is of incorrect length!\n");
+ fprintf(stderr, "Signature is of incorrect length!\n");
return 0;
}
if (sig_type >= kNumAlgorithms) {
- debug("Invalid signature type!\n");
+ fprintf(stderr, "Invalid signature type!\n");
return 0;
}
if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) {
- debug("Wrong key passed in!\n");
+ fprintf(stderr, "Wrong key passed in!\n");
return 0;
}
@@ -162,7 +165,7 @@
if (buf[i] != padding[i]) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- debug("Padding: Expecting = %02x Got = %02x\n", padding[i],
+ fprintf(stderr, "Padding: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
@@ -174,7 +177,7 @@
if (buf[i] != *hash++) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- debug("Digest: Expecting = %02x Got = %02x\n", padding[i],
+ fprintf(stderr, "Digest: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
diff --git a/crypto/rsa_utility.c b/crypto/rsa_utility.c
index bf32284..5ac2db4 100644
--- a/crypto/rsa_utility.c
+++ b/crypto/rsa_utility.c
@@ -2,10 +2,12 @@
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
- * Implementation of RSA utility functions.
+ * Utility functions for message digest functions.
*/
-#include "cryptolib.h"
+#include "padding.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "utility.h"
int RSAProcessedKeySize(int algorithm) {
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 41b729b..5844ecc 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -1,14 +1,13 @@
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
- *
- * SHA-1 implementation largely based on libmincrypt in the the Android
+ */
+
+/* SHA-1 implementation largely based on libmincrypt in the the Android
* Open Source Project (platorm/system/core.git/libmincrypt/sha.c
*/
-#include "cryptolib.h"
-#include "utility.h"
-
+#include "sha.h"
/* Some machines lack byteswap.h and endian.h. These have to use the
* slower code, even if they're little-endian.
@@ -135,7 +134,7 @@
ctx->count += len;
while (len > sizeof(ctx->buf) - i) {
- Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
+ memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
len -= sizeof(ctx->buf) - i;
p += sizeof(ctx->buf) - i;
SHA1_Transform(ctx);
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 7f47656..320bccb 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -35,8 +35,8 @@
* SUCH DAMAGE.
*/
-#include "cryptolib.h"
-#include "utility.h"
+#include "sha.h"
+#include <string.h>
#define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -340,7 +340,7 @@
tmp_len = SHA256_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- Memcpy(&ctx->block[ctx->len], data, rem_len);
+ memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA256_BLOCK_SIZE) {
ctx->len += len;
@@ -357,7 +357,7 @@
rem_len = new_len % SHA256_BLOCK_SIZE;
- Memcpy(ctx->block, &shifted_data[block_nb << 6],
+ memcpy(ctx->block, &shifted_data[block_nb << 6],
rem_len);
ctx->len = rem_len;
@@ -528,7 +528,7 @@
tmp_len = SHA512_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- Memcpy(&ctx->block[ctx->len], data, rem_len);
+ memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA512_BLOCK_SIZE) {
ctx->len += len;
@@ -545,7 +545,7 @@
rem_len = new_len % SHA512_BLOCK_SIZE;
- Memcpy(ctx->block, &shifted_data[block_nb << 7],
+ memcpy(ctx->block, &shifted_data[block_nb << 7],
rem_len);
ctx->len = rem_len;
diff --git a/crypto/sha_utility.c b/crypto/sha_utility.c
index 4e266f7..1478a7a 100644
--- a/crypto/sha_utility.c
+++ b/crypto/sha_utility.c
@@ -5,11 +5,36 @@
* Utility functions for message digest functions.
*/
-#include "cryptolib.h"
+#include "sha_utility.h"
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "sha.h"
#include "utility.h"
+int digest_type_map[] = {
+ SHA1_DIGEST_ALGORITHM, /* RSA 1024 */
+ SHA256_DIGEST_ALGORITHM,
+ SHA512_DIGEST_ALGORITHM,
+ SHA1_DIGEST_ALGORITHM, /* RSA 2048 */
+ SHA256_DIGEST_ALGORITHM,
+ SHA512_DIGEST_ALGORITHM,
+ SHA1_DIGEST_ALGORITHM, /* RSA 4096 */
+ SHA256_DIGEST_ALGORITHM,
+ SHA512_DIGEST_ALGORITHM,
+ SHA1_DIGEST_ALGORITHM, /* RSA 8192 */
+ SHA256_DIGEST_ALGORITHM,
+ SHA512_DIGEST_ALGORITHM,
+};
+
void DigestInit(DigestContext* ctx, int sig_algorithm) {
- ctx->algorithm = hash_type_map[sig_algorithm];
+ ctx->algorithm = digest_type_map[sig_algorithm];
switch(ctx->algorithm) {
case SHA1_DIGEST_ALGORITHM:
ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX));
@@ -62,6 +87,27 @@
return digest;
}
+uint8_t* DigestFile(char* input_file, int sig_algorithm) {
+ int input_fd, len;
+ uint8_t data[SHA1_BLOCK_SIZE];
+ uint8_t* digest = NULL;
+ DigestContext ctx;
+
+ if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
+ fprintf(stderr, "Couldn't open input file.\n");
+ return NULL;
+ }
+ DigestInit(&ctx, sig_algorithm);
+ while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
+ SHA1_BLOCK_SIZE)
+ DigestUpdate(&ctx, data, len);
+ if (len != -1)
+ DigestUpdate(&ctx, data, len);
+ digest = DigestFinal(&ctx);
+ close(input_fd);
+ return digest;
+}
+
uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */
/* Define an array mapping [sig_algorithm] to function pointers to the
diff --git a/include/cryptolib.h b/include/cryptolib.h
deleted file mode 100644
index b65a71d..0000000
--- a/include/cryptolib.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Firmware Cryptolib includes.
- */
-
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#define VBOOT_REFERENCE_CRYPTOLIB_H_
-
-#include "padding.h"
-#include "rsa.h"
-#include "sha.h"
-
-#endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */
diff --git a/include/file_keys.h b/include/file_keys.h
index eac4df0..6e3851c 100644
--- a/include/file_keys.h
+++ b/include/file_keys.h
@@ -8,7 +8,7 @@
#ifndef VBOOT_REFERENCE_FILE_KEYS_H_
#define VBOOT_REFERENCE_FILE_KEYS_H_
-#include "cryptolib.h"
+#include "rsa.h"
/* Read file named [input_file] into a buffer and stores the length into
* [len].
@@ -25,12 +25,6 @@
*/
RSAPublicKey* RSAPublicKeyFromFile(const char* input_file);
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
/* Helper function to invoke external program to calculate signature on
* [input_file] using private key [key_file] and signature algorithm
* [algorithm].
diff --git a/include/firmware_image_fw.h b/include/firmware_image_fw.h
index dc6db90..53b558a 100644
--- a/include/firmware_image_fw.h
+++ b/include/firmware_image_fw.h
@@ -10,7 +10,8 @@
#define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
#include <stdint.h>
-#include "cryptolib.h"
+#include "rsa.h"
+#include "sha.h"
#define FIRMWARE_MAGIC "CHROMEOS"
#define FIRMWARE_MAGIC_SIZE 8
diff --git a/include/kernel_image_fw.h b/include/kernel_image_fw.h
index 6446e8c..d299b5a 100644
--- a/include/kernel_image_fw.h
+++ b/include/kernel_image_fw.h
@@ -10,8 +10,8 @@
#define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_
#include <stdint.h>
-
-#include "cryptolib.h"
+#include "rsa.h"
+#include "sha.h"
#define KERNEL_MAGIC "CHROMEOS"
#define KERNEL_MAGIC_SIZE 8
diff --git a/include/padding.h b/include/padding.h
index 8d8fc95..938cec2 100644
--- a/include/padding.h
+++ b/include/padding.h
@@ -6,11 +6,7 @@
#ifndef VBOOT_REFERENCE_PADDING_H_
#define VBOOT_REFERENCE_PADDING_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
extern const uint8_t paddingRSA1024_SHA1[];
extern const uint8_t paddingRSA1024_SHA256[];
@@ -31,7 +27,6 @@
extern const int siglen_map[];
extern const uint8_t* padding_map[];
extern const int padding_size_map[];
-extern const int hash_type_map[];
extern const int hash_size_map[];
extern const int hash_blocksize_map[];
extern const uint8_t* hash_digestinfo_map[];
diff --git a/include/rsa.h b/include/rsa.h
index 1a45803..8f2ede8 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -6,11 +6,7 @@
#ifndef VBOOT_REFERENCE_RSA_H_
#define VBOOT_REFERENCE_RSA_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
#define RSA1024NUMBYTES 128 /* 1024 bit key length */
#define RSA2048NUMBYTES 256 /* 2048 bit key length */
@@ -33,59 +29,9 @@
* against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
*/
int RSAVerify(const RSAPublicKey *key,
- const uint8_t* sig,
- const int sig_len,
- const uint8_t sig_type,
- const uint8_t* hash);
-
-/* Perform RSA signature verification on [buf] of length [len] against expected
- * signature [sig] using signature algorithm [algorithm]. The public key used
- * for verification can either be in the form of a pre-process key blob
- * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
- * be non-NULL, and the other NULL or the function will fail.
- *
- * Returns 1 on verification success, 0 on verification failure or invalid
- * arguments.
- *
- * Note: This function is for use in the firmware and assumes all pointers point
- * to areas in the memory of the right size.
- *
- */
-int RSAVerifyBinary_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* buf,
- uint64_t len,
- const uint8_t* sig,
- int algorithm);
-
-/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
- * of data, its digest is passed as the argument. */
-int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* digest,
- const uint8_t* sig,
- int algorithm);
-
-
-/* ----Some additional utility functions for RSA.---- */
-
-/* Returns the size of a pre-processed RSA public key in bytes with algorithm
- * [algorithm]. */
-int RSAProcessedKeySize(int algorithm);
-
-/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
- * NULL */
-RSAPublicKey* RSAPublicKeyNew(void);
-
-/* Deep free the contents of [key]. */
-void RSAPublicKeyFree(RSAPublicKey* key);
-
-/* Create a RSAPublic key structure from binary blob [buf] of length
- * [len].
- *
- * Caller owns the returned key and must free it.
- */
-RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
-
+ const uint8_t* sig,
+ const int sig_len,
+ const uint8_t sig_type,
+ const uint8_t* hash);
#endif /* VBOOT_REFERENCE_RSA_H_ */
diff --git a/include/rsa_utility.h b/include/rsa_utility.h
new file mode 100644
index 0000000..652227c
--- /dev/null
+++ b/include/rsa_utility.h
@@ -0,0 +1,58 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Some utility functions for use with RSA signature verification.
+ */
+
+#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_
+#define VBOOT_REFERENCE_RSA_UTILITY_H_
+
+#include "rsa.h"
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* buf,
+ uint64_t len,
+ const uint8_t* sig,
+ int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* digest,
+ const uint8_t* sig,
+ int algorithm);
+#endif /* VBOOT_REFERENCE_RSA_UTILITY_H_ */
diff --git a/include/sha.h b/include/sha.h
index 1686894..c3edcbc 100644
--- a/include/sha.h
+++ b/include/sha.h
@@ -8,11 +8,8 @@
#ifndef VBOOT_REFERENCE_SHA_H_
#define VBOOT_REFERENCE_SHA_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
+#include <string.h>
#define SHA1_DIGEST_SIZE 20
#define SHA1_BLOCK_SIZE 64
@@ -84,45 +81,4 @@
uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
-/*---- Utility functions/wrappers for message digests. */
-
-#define SHA1_DIGEST_ALGORITHM 0
-#define SHA256_DIGEST_ALGORITHM 1
-#define SHA512_DIGEST_ALGORITHM 2
-
-/* A generic digest context structure which can be used to represent
- * the SHA*_CTX for multiple digest algorithms.
- */
-typedef struct DigestContext {
- SHA1_CTX* sha1_ctx;
- SHA256_CTX* sha256_ctx;
- SHA512_CTX* sha512_ctx;
- int algorithm; /* Hashing algorithm to use. */
-} DigestContext;
-
-/* Wrappers for message digest algorithms. These are useful when the hashing
- * operation is being done in parallel with something else. DigestContext tracks
- * and stores the state of any digest algorithm (one at any given time).
- */
-
-/* Initialize a digest context for use with signature algorithm [algorithm]. */
-void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
-
-/* Caller owns the returned digest and must free it. */
-uint8_t* DigestFinal(DigestContext* ctx);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
-/* Returns the appropriate digest of [buf] of length
- * [len] based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
-
-
#endif /* VBOOT_REFERENCE_SHA_H_ */
diff --git a/include/sha_utility.h b/include/sha_utility.h
new file mode 100644
index 0000000..21a5e18
--- /dev/null
+++ b/include/sha_utility.h
@@ -0,0 +1,53 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Utility functions for message digests.
+*/
+
+#ifndef VBOOT_REFERENCE_SHA_UTILITY_H_
+#define VBOOT_REFERENCE_SHA_UTILITY_H_
+
+#include <inttypes.h>
+
+#include "sha.h"
+
+#define SHA1_DIGEST_ALGORITHM 0
+#define SHA256_DIGEST_ALGORITHM 1
+#define SHA512_DIGEST_ALGORITHM 2
+
+/* A generic digest context structure which can be used to represent
+ * the SHA*_CTX for multiple digest algorithms.
+ */
+typedef struct DigestContext {
+ SHA1_CTX* sha1_ctx;
+ SHA256_CTX* sha256_ctx;
+ SHA512_CTX* sha512_ctx;
+ int algorithm; /* Hashing algorithm to use. */
+} DigestContext;
+
+/* Wrappers for message digest algorithms. These are useful when the hashing
+ * operation is being done in parallel with something else. DigestContext tracks
+ * and stores the state of any digest algorithm (one at any given time).
+ */
+
+/* Initialize a digest context for use with signature algorithm [algorithm]. */
+void DigestInit(DigestContext* ctx, int sig_algorithm);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
+
+/* Caller owns the returned digest and must free it. */
+uint8_t* DigestFinal(DigestContext* ctx);
+
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
+/* Returns the appropriate digest of [buf] of length
+ * [len] based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
+
+#endif /* VBOOT_REFERENCE_SHA_UTILITY_H_ */
diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c
index 44328ea..2368b47 100644
--- a/tests/big_firmware_tests.c
+++ b/tests/big_firmware_tests.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c
index c78f622..7fc5fb3 100644
--- a/tests/big_kernel_tests.c
+++ b/tests/big_kernel_tests.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_image_tests.c b/tests/firmware_image_tests.c
index a2ce472..fd19560 100644
--- a/tests/firmware_image_tests.c
+++ b/tests/firmware_image_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c
index 3608db7..9973ec7 100644
--- a/tests/firmware_rollback_tests.c
+++ b/tests/firmware_rollback_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "rsa_utility.h"
#include "utility.h"
#include "rollback_index.h"
#include "test_common.h"
diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c
index c3259b7..c71b8b4 100644
--- a/tests/firmware_splicing_tests.c
+++ b/tests/firmware_splicing_tests.c
@@ -8,9 +8,10 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_verify_benchmark.c b/tests/firmware_verify_benchmark.c
index 3d06dc9..8eafc70 100644
--- a/tests/firmware_verify_benchmark.c
+++ b/tests/firmware_verify_benchmark.c
@@ -8,9 +8,10 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c
index eee0417..c8f8035 100644
--- a/tests/kernel_image_tests.c
+++ b/tests/kernel_image_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c
index 08f874c..eafbaaa 100644
--- a/tests/kernel_rollback_tests.c
+++ b/tests/kernel_rollback_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "rsa_utility.h"
#include "rollback_index.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c
index d4c9bb5..da29eb1 100644
--- a/tests/kernel_splicing_tests.c
+++ b/tests/kernel_splicing_tests.c
@@ -8,9 +8,10 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_verify_benchmark.c b/tests/kernel_verify_benchmark.c
index 369785c..c3259fc 100644
--- a/tests/kernel_verify_benchmark.c
+++ b/tests/kernel_verify_benchmark.c
@@ -8,9 +8,10 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
#include "test_common.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/rollback_index_mock.c b/tests/rollback_index_mock.c
index 37dde48..6317214 100644
--- a/tests/rollback_index_mock.c
+++ b/tests/rollback_index_mock.c
@@ -7,8 +7,8 @@
#include "rollback_index.h"
-#include <stdint.h>
#include <stdio.h>
+#include <stdint.h>
uint16_t g_firmware_key_version = 0;
uint16_t g_firmware_version = 0;
diff --git a/tests/rsa_padding_test.c b/tests/rsa_padding_test.c
index 4ccb4b4..b565e78 100644
--- a/tests/rsa_padding_test.c
+++ b/tests/rsa_padding_test.c
@@ -7,8 +7,8 @@
#include <stdio.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "rsa_utility.h"
int main(int argc, char* argv[]) {
int i;
diff --git a/tests/rsa_padding_test.h b/tests/rsa_padding_test.h
index ce1ab24..2257784 100644
--- a/tests/rsa_padding_test.h
+++ b/tests/rsa_padding_test.h
@@ -12,7 +12,9 @@
#ifndef VBOOT_REFERENCE_RSA_PADDING_TEST_H_
#define VBOOT_REFERENCE_RSA_PADDING_TEST_H_
-#include "cryptolib.h"
+#include <inttypes.h>
+
+#include "rsa.h"
/* The modulus of the public key (RSA-1024). */
static const uint8_t pubkey_n[] = {
diff --git a/tests/rsa_verify_benchmark.c b/tests/rsa_verify_benchmark.c
index ccd6eaf..ba108be 100644
--- a/tests/rsa_verify_benchmark.c
+++ b/tests/rsa_verify_benchmark.c
@@ -6,8 +6,10 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "padding.h"
+#include "rsa.h"
+#include "rsa_utility.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c
index 8532ffa..b36695b 100644
--- a/tests/sha_benchmark.c
+++ b/tests/sha_benchmark.c
@@ -6,7 +6,7 @@
#include <stdio.h>
#include <stdlib.h>
-#include "cryptolib.h"
+#include "sha.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/sha_tests.c b/tests/sha_tests.c
index 2b75a03..2c07b3f 100644
--- a/tests/sha_tests.c
+++ b/tests/sha_tests.c
@@ -9,7 +9,8 @@
#include <stdlib.h>
#include <string.h>
-#include "cryptolib.h"
+#include "sha.h"
+
#include "sha_test_vectors.h"
int SHA1_tests(void) {
diff --git a/tests/test_common.c b/tests/test_common.c
index 2591310..b57f6ed 100644
--- a/tests/test_common.c
+++ b/tests/test_common.c
@@ -9,8 +9,8 @@
#include <stdio.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "rsa_utility.h"
#include "utility.h"
/* ANSI Color coding sequences. */
diff --git a/utils/file_keys.c b/utils/file_keys.c
index 275ca6b..8438351 100644
--- a/utils/file_keys.c
+++ b/utils/file_keys.c
@@ -15,7 +15,8 @@
#include <sys/types.h>
#include <unistd.h>
-#include "cryptolib.h"
+#include "padding.h"
+#include "rsa_utility.h"
#include "signature_digest.h"
#include "utility.h"
@@ -59,27 +60,6 @@
return key;
}
-uint8_t* DigestFile(char* input_file, int sig_algorithm) {
- int input_fd, len;
- uint8_t data[SHA1_BLOCK_SIZE];
- uint8_t* digest = NULL;
- DigestContext ctx;
-
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- debug("Couldn't open input file.\n");
- return NULL;
- }
- DigestInit(&ctx, sig_algorithm);
- while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
- SHA1_BLOCK_SIZE)
- DigestUpdate(&ctx, data, len);
- if (len != -1)
- DigestUpdate(&ctx, data, len);
- digest = DigestFinal(&ctx);
- close(input_fd);
- return digest;
-}
-
uint8_t* SignatureFile(const char* input_file, const char* key_file,
int algorithm) {
char* sign_utility = "./sign_data.sh";
diff --git a/utils/firmware_image.c b/utils/firmware_image.c
index b633d1a..803ef89 100644
--- a/utils/firmware_image.c
+++ b/utils/firmware_image.c
@@ -7,13 +7,16 @@
#include "firmware_image.h"
+#include <fcntl.h>
+#include <limits.h>
#include <sys/types.h>
#include <sys/stat.h>
-#include <fcntl.h>
#include <unistd.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "padding.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "signature_digest.h"
#include "utility.h"
diff --git a/utils/firmware_image_fw.c b/utils/firmware_image_fw.c
index 5387d95..f5c7d89 100644
--- a/utils/firmware_image_fw.c
+++ b/utils/firmware_image_fw.c
@@ -8,8 +8,10 @@
#include "firmware_image_fw.h"
-#include "cryptolib.h"
+#include "padding.h"
#include "rollback_index.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "utility.h"
/* Macro to determine the size of a field structure in the FirmwareImage
diff --git a/utils/firmware_utility.cc b/utils/firmware_utility.cc
index 85275e7..6b543f5 100644
--- a/utils/firmware_utility.cc
+++ b/utils/firmware_utility.cc
@@ -17,9 +17,11 @@
#include <iostream>
extern "C" {
-#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "utility.h"
}
diff --git a/utils/kernel_image.c b/utils/kernel_image.c
index 8c8c092..e66ce38 100644
--- a/utils/kernel_image.c
+++ b/utils/kernel_image.c
@@ -14,9 +14,11 @@
#include <sys/stat.h>
#include <unistd.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "padding.h"
#include "rollback_index.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "signature_digest.h"
#include "utility.h"
diff --git a/utils/kernel_image_fw.c b/utils/kernel_image_fw.c
index 734111c..466d34a 100644
--- a/utils/kernel_image_fw.c
+++ b/utils/kernel_image_fw.c
@@ -8,8 +8,10 @@
#include "kernel_image_fw.h"
-#include "cryptolib.h"
+#include "padding.h"
#include "rollback_index.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "utility.h"
/* Macro to determine the size of a field structure in the KernelImage
diff --git a/utils/kernel_utility.cc b/utils/kernel_utility.cc
index 9fedeb5..9a4f34b 100644
--- a/utils/kernel_utility.cc
+++ b/utils/kernel_utility.cc
@@ -17,9 +17,11 @@
#include <iostream>
extern "C" {
-#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
+#include "padding.h"
+#include "rsa_utility.h"
+#include "sha_utility.h"
#include "utility.h"
}
diff --git a/utils/signature_digest.c b/utils/signature_digest.c
index d8d425b..8f4c238 100644
--- a/utils/signature_digest.c
+++ b/utils/signature_digest.c
@@ -13,7 +13,9 @@
#include <stdlib.h>
#include <unistd.h>
-#include "cryptolib.h"
+#include "padding.h"
+#include "sha.h"
+#include "sha_utility.h"
#include "utility.h"
uint8_t* PrependDigestInfo(int algorithm, uint8_t* digest) {
diff --git a/utils/verify_data.c b/utils/verify_data.c
index e6cc852..4b0b785 100644
--- a/utils/verify_data.c
+++ b/utils/verify_data.c
@@ -15,8 +15,11 @@
#include <sys/types.h>
#include <unistd.h>
-#include "cryptolib.h"
#include "file_keys.h"
+#include "sha_utility.h"
+#include "padding.h"
+#include "rsa.h"
+#include "rsa_utility.h"
#include "verify_data.h"
/* ANSI Color coding sequences. */