Add generic wrappers for performing message digest operations.
A DigestContext structure now wraps state for all the SHA* algorithms. Replaced the old SHA*_file functions to use these new wrappers. Also moved the digest utility functions from tests/ to crypto/.
BUG=670
TEST=Modified existing tests to use the new wrappers and they pass.
Review URL: http://codereview.chromium.org/579007
diff --git a/tests/Makefile b/tests/Makefile
index 7e2601d..ba50ecc 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -2,7 +2,7 @@
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
-SRCS=sha_tests.c verify_data.c digest_utility.c signature_digest.c
+SRCS=sha_tests.c verify_data.c signature_digest.c
OBJS=$(SRCS:.c=.o)
LIBS=$(TOP)/crypto/libcrypto.a $(TOP)/common/libcommon.a
@@ -12,12 +12,9 @@
$(CC) $(CFLAGS) -DNDEBUG $(INCLUDES) $< -o $@ $(LIBS)
verify_data: verify_data.c digest_utility.o
- $(CC) $(CFLAGS) -DNDEBUG $(INCLUDES) $< -o $@ digest_utility.o $(LIBS)
+ $(CC) $(CFLAGS) -DNDEBUG $(INCLUDES) $< -o $@ $(LIBS)
-signature_digest: signature_digest.c digest_utility.o
- $(CC) $(CFLAGS) -DNDEBUG $(INCLUDES) $< -o $@ digest_utility.o $(LIBS)
-
-digest_utility.o: digest_utility.c
- $(CC) $(CFLAGS) $(INCLUDES) -c $< -o $@
+signature_digest: signature_digest.c
+ $(CC) $(CFLAGS) -DNDEBUG $(INCLUDES) $< -o $@ $(LIBS)
clean:
rm -f $(OBJS) sha_tests verify_data signature_digest
diff --git a/tests/digest_utility.c b/tests/digest_utility.c
deleted file mode 100644
index 81e7caf..0000000
--- a/tests/digest_utility.c
+++ /dev/null
@@ -1,105 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility functions for message digest functions.
- */
-
-#include "digest_utility.h"
-#include "sha.h"
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-uint8_t* SHA1_file(char* input_file) {
- int input_fd, len;
- uint8_t data[ SHA1_BLOCK_SIZE], *digest = NULL, *p = NULL;
- SHA1_CTX ctx;
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- fprintf(stderr, "Couldn't open input file.\n");
- return NULL;
- }
- SHA1_init(&ctx);
- while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
- SHA1_BLOCK_SIZE)
- SHA1_update(&ctx, data, len);
- if (len != -1)
- SHA1_update(&ctx, data, len);
- p = SHA1_final(&ctx);
- close(input_fd);
- digest = (uint8_t*) malloc(SHA1_DIGEST_SIZE);
- if (!digest)
- return NULL;
- memcpy(digest, p, SHA1_DIGEST_SIZE);
- return digest;
-}
-
-uint8_t* SHA256_file(char* input_file) {
- int input_fd, len;
- uint8_t data[ SHA256_BLOCK_SIZE], *digest = NULL, *p = NULL;
- SHA256_CTX ctx;
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- fprintf(stderr, "Couldn't open input file.\n");
- return NULL;
- }
- SHA256_init(&ctx);
- while ( (len = read(input_fd, data, SHA256_BLOCK_SIZE)) ==
- SHA256_BLOCK_SIZE)
- SHA256_update(&ctx, data, len);
- if (len != -1)
- SHA256_update(&ctx, data, len);
- p = SHA256_final(&ctx);
- close(input_fd);
- digest = (uint8_t*) malloc(SHA256_DIGEST_SIZE);
- if (!digest)
- return NULL;
- memcpy(digest, p, SHA256_DIGEST_SIZE);
- return digest;
-}
-
-uint8_t* SHA512_file(char* input_file) {
- int input_fd, len;
- uint8_t data[ SHA512_BLOCK_SIZE], *digest = NULL, *p = NULL;
- SHA512_CTX ctx;
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- fprintf(stderr, "Couldn't open input file.\n");
- return NULL;
- }
- SHA512_init(&ctx);
- while ( (len = read(input_fd, data, SHA512_BLOCK_SIZE)) ==
- SHA512_BLOCK_SIZE)
- SHA512_update(&ctx, data, len);
- if (len != -1)
- SHA512_update(&ctx, data, len);
- p = SHA512_final(&ctx);
- close(input_fd);
- digest = (uint8_t*) malloc(SHA512_DIGEST_SIZE);
- if (!digest)
- return NULL;
- memcpy(digest, p, SHA512_DIGEST_SIZE);
- return digest;
-}
-
-uint8_t* calculate_digest(char *input_file, int algorithm) {
- typedef uint8_t* (*Hash_file_ptr) (char*);
- Hash_file_ptr hash_file[] = {
- SHA1_file, /* RSA 1024 */
- SHA256_file,
- SHA512_file,
- SHA1_file, /* RSA 2048 */
- SHA256_file,
- SHA512_file,
- SHA1_file, /* RSA 4096 */
- SHA256_file,
- SHA512_file,
- SHA1_file, /* RSA 8192 */
- SHA256_file,
- SHA512_file,
- };
- return hash_file[algorithm](input_file);
-}
diff --git a/tests/digest_utility.h b/tests/digest_utility.h
deleted file mode 100644
index 9d59efb..0000000
--- a/tests/digest_utility.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- */
-
-/* Utility functions for message digest functions. */
-
-#ifndef VBOOT_REFERENCE_DIGEST_UTILITY_H_
-#define VBOOT_REFERENCE_DIGEST_UTILITY_H_
-
-#include <inttypes.h>
-
-/* Returns the SHA-1 digest of data in [input_file].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* SHA1_file(char *input_file);
-
-/* Returns the SHA-256 digest of data in [input_file].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* SHA256_file(char *input_file);
-
-/* Returns the SHA-512 digest of data in [input_file].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* SHA512_file(char *input_file);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* calculate_digest(char *input_file, int algorithm);
-
-#endif /* VBOOT_REFERENCE_DIGEST_UTILITY_H_ */
diff --git a/tests/signature_digest.c b/tests/signature_digest.c
index 89d98fe..8dcd8c9 100644
--- a/tests/signature_digest.c
+++ b/tests/signature_digest.c
@@ -17,9 +17,9 @@
#include <stdlib.h>
#include <unistd.h>
-#include "digest_utility.h"
#include "padding.h"
#include "sha.h"
+#include "sha_utility.h"
uint8_t* prepend_digestinfo(int algorithm, uint8_t* digest) {
const int digest_size = hash_size_map[algorithm];
@@ -52,7 +52,7 @@
goto failure;
}
- if (!(digest = calculate_digest(argv[2], algorithm)))
+ if (!(digest = DigestFile(argv[2], algorithm)))
goto failure;
info_digest = prepend_digestinfo(algorithm, digest);
diff --git a/tests/verify_data.c b/tests/verify_data.c
index ac51daf..0f0dc02 100644
--- a/tests/verify_data.c
+++ b/tests/verify_data.c
@@ -15,7 +15,7 @@
#include <sys/types.h>
#include <unistd.h>
-#include "digest_utility.h"
+#include "sha_utility.h"
#include "padding.h"
#include "rsa.h"
#include "rsa_utility.h"
@@ -23,9 +23,7 @@
RSAPublicKey* read_RSAkey(char* input_file, int len) {
int key_fd;
- int buf_len;
- struct stat stat_fd;
- uint8_t* buf = NULL;
+ RSAPublicKey* key = NULL;
if ((key_fd = open(input_file, O_RDONLY)) == -1) {
fprintf(stderr, "Couldn't open pre-processed key file\n");
@@ -105,7 +103,7 @@
goto failure;
if (!(signature = read_signature(argv[3], sig_len)))
goto failure;
- if (!(digest = calculate_digest(argv[4], algorithm)))
+ if (!(digest = DigestFile(argv[4], algorithm)))
goto failure;
if(RSA_verify(key, signature, sig_len, algorithm, digest))
fprintf(stderr, "Signature Verification SUCCEEDED.\n");