VBoot Reference: Refactor Part 2 - Crypto Libraries
Removing multiple top level includes - now padding.h, rsa.h and sha.h are used internally and cryptolib.h must be used instead for all modules that wish to use crypto functions.
I am trying to separate refactors involving code movement from one file to another, and the movement of files themselves into separate CLs so that it's clear what changed.
Review URL: http://codereview.chromium.org/1574005
diff --git a/crypto/genpadding.sh b/crypto/genpadding.sh
index 6086c8d..e429ddc 100755
--- a/crypto/genpadding.sh
+++ b/crypto/genpadding.sh
@@ -172,6 +172,18 @@
echo "};"
echo
+# Generate signature algorithm to messge digest algorithm map.
+echo "const int hash_type_map[] = {"
+for rsaalgo in ${RSAAlgos[@]}
+do
+ for hashalgo in ${HashAlgos[@]}
+ do
+ echo ${hashalgo}_DIGEST_ALGORITHM,
+ done
+done
+echo "};"
+echo
+
# Generate algorithm to message digest's output size map.
echo "const int hash_size_map[NUMALGORITHMS] = {"
for rsaalgo in ${RSAAlgos[@]}
diff --git a/crypto/padding.c b/crypto/padding.c
index 5580d6e..91424ba 100644
--- a/crypto/padding.c
+++ b/crypto/padding.c
@@ -5,9 +5,7 @@
* arrays corresponding to various combinations of algorithms for RSA signatures.
*/
-#include "rsa.h"
-#include "sha.h"
-
+#include "cryptolib.h"
/*
* PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard)
@@ -170,6 +168,21 @@
RSA8192NUMBYTES - SHA512_DIGEST_SIZE,
};
+const int hash_type_map[] = {
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+};
+
const int hash_size_map[NUMALGORITHMS] = {
SHA1_DIGEST_SIZE,
SHA256_DIGEST_SIZE,
@@ -229,4 +242,3 @@
"RSA8192 SHA256",
"RSA8192 SHA512",
};
-
diff --git a/crypto/rsa.c b/crypto/rsa.c
index c84ae4e..bfc6446 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -8,10 +8,7 @@
* support multiple RSA key lengths and hash digest algorithms.
*/
-#include <stdio.h>
-
-#include "padding.h"
-#include "rsa.h"
+#include "cryptolib.h"
#include "utility.h"
/* a[] -= mod */
@@ -138,17 +135,17 @@
int success = 1;
if (sig_len != (key->len * sizeof(uint32_t))) {
- fprintf(stderr, "Signature is of incorrect length!\n");
+ debug("Signature is of incorrect length!\n");
return 0;
}
if (sig_type >= kNumAlgorithms) {
- fprintf(stderr, "Invalid signature type!\n");
+ debug("Invalid signature type!\n");
return 0;
}
if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) {
- fprintf(stderr, "Wrong key passed in!\n");
+ debug("Wrong key passed in!\n");
return 0;
}
@@ -165,7 +162,7 @@
if (buf[i] != padding[i]) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- fprintf(stderr, "Padding: Expecting = %02x Got = %02x\n", padding[i],
+ debug("Padding: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
@@ -177,7 +174,7 @@
if (buf[i] != *hash++) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- fprintf(stderr, "Digest: Expecting = %02x Got = %02x\n", padding[i],
+ debug("Digest: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
diff --git a/crypto/rsa_utility.c b/crypto/rsa_utility.c
index 5ac2db4..bf32284 100644
--- a/crypto/rsa_utility.c
+++ b/crypto/rsa_utility.c
@@ -2,12 +2,10 @@
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
- * Utility functions for message digest functions.
+ * Implementation of RSA utility functions.
*/
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
+#include "cryptolib.h"
#include "utility.h"
int RSAProcessedKeySize(int algorithm) {
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 5844ecc..41b729b 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -1,13 +1,14 @@
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
- */
-
-/* SHA-1 implementation largely based on libmincrypt in the the Android
+ *
+ * SHA-1 implementation largely based on libmincrypt in the the Android
* Open Source Project (platorm/system/core.git/libmincrypt/sha.c
*/
-#include "sha.h"
+#include "cryptolib.h"
+#include "utility.h"
+
/* Some machines lack byteswap.h and endian.h. These have to use the
* slower code, even if they're little-endian.
@@ -134,7 +135,7 @@
ctx->count += len;
while (len > sizeof(ctx->buf) - i) {
- memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
+ Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
len -= sizeof(ctx->buf) - i;
p += sizeof(ctx->buf) - i;
SHA1_Transform(ctx);
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 320bccb..7f47656 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -35,8 +35,8 @@
* SUCH DAMAGE.
*/
-#include "sha.h"
-#include <string.h>
+#include "cryptolib.h"
+#include "utility.h"
#define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -340,7 +340,7 @@
tmp_len = SHA256_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- memcpy(&ctx->block[ctx->len], data, rem_len);
+ Memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA256_BLOCK_SIZE) {
ctx->len += len;
@@ -357,7 +357,7 @@
rem_len = new_len % SHA256_BLOCK_SIZE;
- memcpy(ctx->block, &shifted_data[block_nb << 6],
+ Memcpy(ctx->block, &shifted_data[block_nb << 6],
rem_len);
ctx->len = rem_len;
@@ -528,7 +528,7 @@
tmp_len = SHA512_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- memcpy(&ctx->block[ctx->len], data, rem_len);
+ Memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA512_BLOCK_SIZE) {
ctx->len += len;
@@ -545,7 +545,7 @@
rem_len = new_len % SHA512_BLOCK_SIZE;
- memcpy(ctx->block, &shifted_data[block_nb << 7],
+ Memcpy(ctx->block, &shifted_data[block_nb << 7],
rem_len);
ctx->len = rem_len;
diff --git a/crypto/sha_utility.c b/crypto/sha_utility.c
index 1478a7a..4e266f7 100644
--- a/crypto/sha_utility.c
+++ b/crypto/sha_utility.c
@@ -5,36 +5,11 @@
* Utility functions for message digest functions.
*/
-#include "sha_utility.h"
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include "sha.h"
+#include "cryptolib.h"
#include "utility.h"
-int digest_type_map[] = {
- SHA1_DIGEST_ALGORITHM, /* RSA 1024 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 2048 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 4096 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 8192 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
-};
-
void DigestInit(DigestContext* ctx, int sig_algorithm) {
- ctx->algorithm = digest_type_map[sig_algorithm];
+ ctx->algorithm = hash_type_map[sig_algorithm];
switch(ctx->algorithm) {
case SHA1_DIGEST_ALGORITHM:
ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX));
@@ -87,27 +62,6 @@
return digest;
}
-uint8_t* DigestFile(char* input_file, int sig_algorithm) {
- int input_fd, len;
- uint8_t data[SHA1_BLOCK_SIZE];
- uint8_t* digest = NULL;
- DigestContext ctx;
-
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- fprintf(stderr, "Couldn't open input file.\n");
- return NULL;
- }
- DigestInit(&ctx, sig_algorithm);
- while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
- SHA1_BLOCK_SIZE)
- DigestUpdate(&ctx, data, len);
- if (len != -1)
- DigestUpdate(&ctx, data, len);
- digest = DigestFinal(&ctx);
- close(input_fd);
- return digest;
-}
-
uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */
/* Define an array mapping [sig_algorithm] to function pointers to the