Revert "VBoot Reference: Refactor Part 2 - Crypto Libraries"
This reverts commit e018a80a37aaa45681f45f5852f04d20aedd8b2d.
Review URL: http://codereview.chromium.org/1593002
diff --git a/include/cryptolib.h b/include/cryptolib.h
deleted file mode 100644
index b65a71d..0000000
--- a/include/cryptolib.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Firmware Cryptolib includes.
- */
-
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#define VBOOT_REFERENCE_CRYPTOLIB_H_
-
-#include "padding.h"
-#include "rsa.h"
-#include "sha.h"
-
-#endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */
diff --git a/include/file_keys.h b/include/file_keys.h
index eac4df0..6e3851c 100644
--- a/include/file_keys.h
+++ b/include/file_keys.h
@@ -8,7 +8,7 @@
#ifndef VBOOT_REFERENCE_FILE_KEYS_H_
#define VBOOT_REFERENCE_FILE_KEYS_H_
-#include "cryptolib.h"
+#include "rsa.h"
/* Read file named [input_file] into a buffer and stores the length into
* [len].
@@ -25,12 +25,6 @@
*/
RSAPublicKey* RSAPublicKeyFromFile(const char* input_file);
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
/* Helper function to invoke external program to calculate signature on
* [input_file] using private key [key_file] and signature algorithm
* [algorithm].
diff --git a/include/firmware_image_fw.h b/include/firmware_image_fw.h
index dc6db90..53b558a 100644
--- a/include/firmware_image_fw.h
+++ b/include/firmware_image_fw.h
@@ -10,7 +10,8 @@
#define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
#include <stdint.h>
-#include "cryptolib.h"
+#include "rsa.h"
+#include "sha.h"
#define FIRMWARE_MAGIC "CHROMEOS"
#define FIRMWARE_MAGIC_SIZE 8
diff --git a/include/kernel_image_fw.h b/include/kernel_image_fw.h
index 6446e8c..d299b5a 100644
--- a/include/kernel_image_fw.h
+++ b/include/kernel_image_fw.h
@@ -10,8 +10,8 @@
#define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_
#include <stdint.h>
-
-#include "cryptolib.h"
+#include "rsa.h"
+#include "sha.h"
#define KERNEL_MAGIC "CHROMEOS"
#define KERNEL_MAGIC_SIZE 8
diff --git a/include/padding.h b/include/padding.h
index 8d8fc95..938cec2 100644
--- a/include/padding.h
+++ b/include/padding.h
@@ -6,11 +6,7 @@
#ifndef VBOOT_REFERENCE_PADDING_H_
#define VBOOT_REFERENCE_PADDING_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
extern const uint8_t paddingRSA1024_SHA1[];
extern const uint8_t paddingRSA1024_SHA256[];
@@ -31,7 +27,6 @@
extern const int siglen_map[];
extern const uint8_t* padding_map[];
extern const int padding_size_map[];
-extern const int hash_type_map[];
extern const int hash_size_map[];
extern const int hash_blocksize_map[];
extern const uint8_t* hash_digestinfo_map[];
diff --git a/include/rsa.h b/include/rsa.h
index 1a45803..8f2ede8 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -6,11 +6,7 @@
#ifndef VBOOT_REFERENCE_RSA_H_
#define VBOOT_REFERENCE_RSA_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
#define RSA1024NUMBYTES 128 /* 1024 bit key length */
#define RSA2048NUMBYTES 256 /* 2048 bit key length */
@@ -33,59 +29,9 @@
* against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
*/
int RSAVerify(const RSAPublicKey *key,
- const uint8_t* sig,
- const int sig_len,
- const uint8_t sig_type,
- const uint8_t* hash);
-
-/* Perform RSA signature verification on [buf] of length [len] against expected
- * signature [sig] using signature algorithm [algorithm]. The public key used
- * for verification can either be in the form of a pre-process key blob
- * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
- * be non-NULL, and the other NULL or the function will fail.
- *
- * Returns 1 on verification success, 0 on verification failure or invalid
- * arguments.
- *
- * Note: This function is for use in the firmware and assumes all pointers point
- * to areas in the memory of the right size.
- *
- */
-int RSAVerifyBinary_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* buf,
- uint64_t len,
- const uint8_t* sig,
- int algorithm);
-
-/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
- * of data, its digest is passed as the argument. */
-int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* digest,
- const uint8_t* sig,
- int algorithm);
-
-
-/* ----Some additional utility functions for RSA.---- */
-
-/* Returns the size of a pre-processed RSA public key in bytes with algorithm
- * [algorithm]. */
-int RSAProcessedKeySize(int algorithm);
-
-/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
- * NULL */
-RSAPublicKey* RSAPublicKeyNew(void);
-
-/* Deep free the contents of [key]. */
-void RSAPublicKeyFree(RSAPublicKey* key);
-
-/* Create a RSAPublic key structure from binary blob [buf] of length
- * [len].
- *
- * Caller owns the returned key and must free it.
- */
-RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
-
+ const uint8_t* sig,
+ const int sig_len,
+ const uint8_t sig_type,
+ const uint8_t* hash);
#endif /* VBOOT_REFERENCE_RSA_H_ */
diff --git a/include/rsa_utility.h b/include/rsa_utility.h
new file mode 100644
index 0000000..652227c
--- /dev/null
+++ b/include/rsa_utility.h
@@ -0,0 +1,58 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Some utility functions for use with RSA signature verification.
+ */
+
+#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_
+#define VBOOT_REFERENCE_RSA_UTILITY_H_
+
+#include "rsa.h"
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* buf,
+ uint64_t len,
+ const uint8_t* sig,
+ int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* digest,
+ const uint8_t* sig,
+ int algorithm);
+#endif /* VBOOT_REFERENCE_RSA_UTILITY_H_ */
diff --git a/include/sha.h b/include/sha.h
index 1686894..c3edcbc 100644
--- a/include/sha.h
+++ b/include/sha.h
@@ -8,11 +8,8 @@
#ifndef VBOOT_REFERENCE_SHA_H_
#define VBOOT_REFERENCE_SHA_H_
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include <stdint.h>
+#include <inttypes.h>
+#include <string.h>
#define SHA1_DIGEST_SIZE 20
#define SHA1_BLOCK_SIZE 64
@@ -84,45 +81,4 @@
uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
-/*---- Utility functions/wrappers for message digests. */
-
-#define SHA1_DIGEST_ALGORITHM 0
-#define SHA256_DIGEST_ALGORITHM 1
-#define SHA512_DIGEST_ALGORITHM 2
-
-/* A generic digest context structure which can be used to represent
- * the SHA*_CTX for multiple digest algorithms.
- */
-typedef struct DigestContext {
- SHA1_CTX* sha1_ctx;
- SHA256_CTX* sha256_ctx;
- SHA512_CTX* sha512_ctx;
- int algorithm; /* Hashing algorithm to use. */
-} DigestContext;
-
-/* Wrappers for message digest algorithms. These are useful when the hashing
- * operation is being done in parallel with something else. DigestContext tracks
- * and stores the state of any digest algorithm (one at any given time).
- */
-
-/* Initialize a digest context for use with signature algorithm [algorithm]. */
-void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
-
-/* Caller owns the returned digest and must free it. */
-uint8_t* DigestFinal(DigestContext* ctx);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
-/* Returns the appropriate digest of [buf] of length
- * [len] based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
-
-
#endif /* VBOOT_REFERENCE_SHA_H_ */
diff --git a/include/sha_utility.h b/include/sha_utility.h
new file mode 100644
index 0000000..21a5e18
--- /dev/null
+++ b/include/sha_utility.h
@@ -0,0 +1,53 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Utility functions for message digests.
+*/
+
+#ifndef VBOOT_REFERENCE_SHA_UTILITY_H_
+#define VBOOT_REFERENCE_SHA_UTILITY_H_
+
+#include <inttypes.h>
+
+#include "sha.h"
+
+#define SHA1_DIGEST_ALGORITHM 0
+#define SHA256_DIGEST_ALGORITHM 1
+#define SHA512_DIGEST_ALGORITHM 2
+
+/* A generic digest context structure which can be used to represent
+ * the SHA*_CTX for multiple digest algorithms.
+ */
+typedef struct DigestContext {
+ SHA1_CTX* sha1_ctx;
+ SHA256_CTX* sha256_ctx;
+ SHA512_CTX* sha512_ctx;
+ int algorithm; /* Hashing algorithm to use. */
+} DigestContext;
+
+/* Wrappers for message digest algorithms. These are useful when the hashing
+ * operation is being done in parallel with something else. DigestContext tracks
+ * and stores the state of any digest algorithm (one at any given time).
+ */
+
+/* Initialize a digest context for use with signature algorithm [algorithm]. */
+void DigestInit(DigestContext* ctx, int sig_algorithm);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
+
+/* Caller owns the returned digest and must free it. */
+uint8_t* DigestFinal(DigestContext* ctx);
+
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
+/* Returns the appropriate digest of [buf] of length
+ * [len] based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
+
+#endif /* VBOOT_REFERENCE_SHA_UTILITY_H_ */