combined patch for:
http://codereview.chromium.org/1574005
http://codereview.chromium.org/1604001
Review URL: http://codereview.chromium.org/1585007
diff --git a/crypto/genpadding.sh b/crypto/genpadding.sh
index 6086c8d..baac71b 100755
--- a/crypto/genpadding.sh
+++ b/crypto/genpadding.sh
@@ -48,8 +48,7 @@
EOF
-echo '#include "rsa.h"'
-echo '#include "sha.h"'
+echo '#include "cryptolib.h"'
echo
echo
cat <<EOF
@@ -172,6 +171,18 @@
echo "};"
echo
+# Generate signature algorithm to messge digest algorithm map.
+echo "const int hash_type_map[] = {"
+for rsaalgo in ${RSAAlgos[@]}
+do
+ for hashalgo in ${HashAlgos[@]}
+ do
+ echo ${hashalgo}_DIGEST_ALGORITHM,
+ done
+done
+echo "};"
+echo
+
# Generate algorithm to message digest's output size map.
echo "const int hash_size_map[NUMALGORITHMS] = {"
for rsaalgo in ${RSAAlgos[@]}
diff --git a/crypto/padding.c b/crypto/padding.c
index 5580d6e..14d9445 100644
--- a/crypto/padding.c
+++ b/crypto/padding.c
@@ -5,8 +5,7 @@
* arrays corresponding to various combinations of algorithms for RSA signatures.
*/
-#include "rsa.h"
-#include "sha.h"
+#include "cryptolib.h"
/*
@@ -170,6 +169,21 @@
RSA8192NUMBYTES - SHA512_DIGEST_SIZE,
};
+const int hash_type_map[] = {
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+SHA1_DIGEST_ALGORITHM,
+SHA256_DIGEST_ALGORITHM,
+SHA512_DIGEST_ALGORITHM,
+};
+
const int hash_size_map[NUMALGORITHMS] = {
SHA1_DIGEST_SIZE,
SHA256_DIGEST_SIZE,
diff --git a/crypto/rsa.c b/crypto/rsa.c
index c84ae4e..bfc6446 100644
--- a/crypto/rsa.c
+++ b/crypto/rsa.c
@@ -8,10 +8,7 @@
* support multiple RSA key lengths and hash digest algorithms.
*/
-#include <stdio.h>
-
-#include "padding.h"
-#include "rsa.h"
+#include "cryptolib.h"
#include "utility.h"
/* a[] -= mod */
@@ -138,17 +135,17 @@
int success = 1;
if (sig_len != (key->len * sizeof(uint32_t))) {
- fprintf(stderr, "Signature is of incorrect length!\n");
+ debug("Signature is of incorrect length!\n");
return 0;
}
if (sig_type >= kNumAlgorithms) {
- fprintf(stderr, "Invalid signature type!\n");
+ debug("Invalid signature type!\n");
return 0;
}
if (key->len != siglen_map[sig_type] / sizeof(uint32_t)) {
- fprintf(stderr, "Wrong key passed in!\n");
+ debug("Wrong key passed in!\n");
return 0;
}
@@ -165,7 +162,7 @@
if (buf[i] != padding[i]) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- fprintf(stderr, "Padding: Expecting = %02x Got = %02x\n", padding[i],
+ debug("Padding: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
@@ -177,7 +174,7 @@
if (buf[i] != *hash++) {
#ifndef NDEBUG
/* TODO(gauravsh): Replace with a macro call for logging. */
- fprintf(stderr, "Digest: Expecting = %02x Got = %02x\n", padding[i],
+ debug("Digest: Expecting = %02x Got = %02x\n", padding[i],
buf[i]);
#endif
success = 0;
diff --git a/crypto/rsa_utility.c b/crypto/rsa_utility.c
index 5ac2db4..bf32284 100644
--- a/crypto/rsa_utility.c
+++ b/crypto/rsa_utility.c
@@ -2,12 +2,10 @@
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
- * Utility functions for message digest functions.
+ * Implementation of RSA utility functions.
*/
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
+#include "cryptolib.h"
#include "utility.h"
int RSAProcessedKeySize(int algorithm) {
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 5844ecc..41b729b 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -1,13 +1,14 @@
/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
- */
-
-/* SHA-1 implementation largely based on libmincrypt in the the Android
+ *
+ * SHA-1 implementation largely based on libmincrypt in the the Android
* Open Source Project (platorm/system/core.git/libmincrypt/sha.c
*/
-#include "sha.h"
+#include "cryptolib.h"
+#include "utility.h"
+
/* Some machines lack byteswap.h and endian.h. These have to use the
* slower code, even if they're little-endian.
@@ -134,7 +135,7 @@
ctx->count += len;
while (len > sizeof(ctx->buf) - i) {
- memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
+ Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
len -= sizeof(ctx->buf) - i;
p += sizeof(ctx->buf) - i;
SHA1_Transform(ctx);
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 320bccb..7f47656 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -35,8 +35,8 @@
* SUCH DAMAGE.
*/
-#include "sha.h"
-#include <string.h>
+#include "cryptolib.h"
+#include "utility.h"
#define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -340,7 +340,7 @@
tmp_len = SHA256_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- memcpy(&ctx->block[ctx->len], data, rem_len);
+ Memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA256_BLOCK_SIZE) {
ctx->len += len;
@@ -357,7 +357,7 @@
rem_len = new_len % SHA256_BLOCK_SIZE;
- memcpy(ctx->block, &shifted_data[block_nb << 6],
+ Memcpy(ctx->block, &shifted_data[block_nb << 6],
rem_len);
ctx->len = rem_len;
@@ -528,7 +528,7 @@
tmp_len = SHA512_BLOCK_SIZE - ctx->len;
rem_len = len < tmp_len ? len : tmp_len;
- memcpy(&ctx->block[ctx->len], data, rem_len);
+ Memcpy(&ctx->block[ctx->len], data, rem_len);
if (ctx->len + len < SHA512_BLOCK_SIZE) {
ctx->len += len;
@@ -545,7 +545,7 @@
rem_len = new_len % SHA512_BLOCK_SIZE;
- memcpy(ctx->block, &shifted_data[block_nb << 7],
+ Memcpy(ctx->block, &shifted_data[block_nb << 7],
rem_len);
ctx->len = rem_len;
diff --git a/crypto/sha_utility.c b/crypto/sha_utility.c
index 1478a7a..4e266f7 100644
--- a/crypto/sha_utility.c
+++ b/crypto/sha_utility.c
@@ -5,36 +5,11 @@
* Utility functions for message digest functions.
*/
-#include "sha_utility.h"
-
-#include <fcntl.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include "sha.h"
+#include "cryptolib.h"
#include "utility.h"
-int digest_type_map[] = {
- SHA1_DIGEST_ALGORITHM, /* RSA 1024 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 2048 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 4096 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
- SHA1_DIGEST_ALGORITHM, /* RSA 8192 */
- SHA256_DIGEST_ALGORITHM,
- SHA512_DIGEST_ALGORITHM,
-};
-
void DigestInit(DigestContext* ctx, int sig_algorithm) {
- ctx->algorithm = digest_type_map[sig_algorithm];
+ ctx->algorithm = hash_type_map[sig_algorithm];
switch(ctx->algorithm) {
case SHA1_DIGEST_ALGORITHM:
ctx->sha1_ctx = (SHA1_CTX*) Malloc(sizeof(SHA1_CTX));
@@ -87,27 +62,6 @@
return digest;
}
-uint8_t* DigestFile(char* input_file, int sig_algorithm) {
- int input_fd, len;
- uint8_t data[SHA1_BLOCK_SIZE];
- uint8_t* digest = NULL;
- DigestContext ctx;
-
- if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
- fprintf(stderr, "Couldn't open input file.\n");
- return NULL;
- }
- DigestInit(&ctx, sig_algorithm);
- while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
- SHA1_BLOCK_SIZE)
- DigestUpdate(&ctx, data, len);
- if (len != -1)
- DigestUpdate(&ctx, data, len);
- digest = DigestFinal(&ctx);
- close(input_fd);
- return digest;
-}
-
uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
uint8_t* digest = (uint8_t*) Malloc(SHA512_DIGEST_SIZE); /* Use the max. */
/* Define an array mapping [sig_algorithm] to function pointers to the
diff --git a/include/cryptolib.h b/include/cryptolib.h
new file mode 100644
index 0000000..b65a71d
--- /dev/null
+++ b/include/cryptolib.h
@@ -0,0 +1,15 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Firmware Cryptolib includes.
+ */
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#define VBOOT_REFERENCE_CRYPTOLIB_H_
+
+#include "padding.h"
+#include "rsa.h"
+#include "sha.h"
+
+#endif /* VBOOT_REFERENCE_CRYPTOLIB_H_ */
diff --git a/include/file_keys.h b/include/file_keys.h
index 6e3851c..eac4df0 100644
--- a/include/file_keys.h
+++ b/include/file_keys.h
@@ -8,7 +8,7 @@
#ifndef VBOOT_REFERENCE_FILE_KEYS_H_
#define VBOOT_REFERENCE_FILE_KEYS_H_
-#include "rsa.h"
+#include "cryptolib.h"
/* Read file named [input_file] into a buffer and stores the length into
* [len].
@@ -25,6 +25,12 @@
*/
RSAPublicKey* RSAPublicKeyFromFile(const char* input_file);
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
/* Helper function to invoke external program to calculate signature on
* [input_file] using private key [key_file] and signature algorithm
* [algorithm].
diff --git a/include/firmware_image_fw.h b/include/firmware_image_fw.h
index 53b558a..dc6db90 100644
--- a/include/firmware_image_fw.h
+++ b/include/firmware_image_fw.h
@@ -10,8 +10,7 @@
#define VBOOT_REFERENCE_FIRMWARE_IMAGE_FW_H_
#include <stdint.h>
-#include "rsa.h"
-#include "sha.h"
+#include "cryptolib.h"
#define FIRMWARE_MAGIC "CHROMEOS"
#define FIRMWARE_MAGIC_SIZE 8
diff --git a/include/kernel_image_fw.h b/include/kernel_image_fw.h
index d299b5a..6446e8c 100644
--- a/include/kernel_image_fw.h
+++ b/include/kernel_image_fw.h
@@ -10,8 +10,8 @@
#define VBOOT_REFERENCE_KERNEL_IMAGE_FW_H_
#include <stdint.h>
-#include "rsa.h"
-#include "sha.h"
+
+#include "cryptolib.h"
#define KERNEL_MAGIC "CHROMEOS"
#define KERNEL_MAGIC_SIZE 8
diff --git a/include/padding.h b/include/padding.h
index 938cec2..8d8fc95 100644
--- a/include/padding.h
+++ b/include/padding.h
@@ -6,7 +6,11 @@
#ifndef VBOOT_REFERENCE_PADDING_H_
#define VBOOT_REFERENCE_PADDING_H_
-#include <inttypes.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
extern const uint8_t paddingRSA1024_SHA1[];
extern const uint8_t paddingRSA1024_SHA256[];
@@ -27,6 +31,7 @@
extern const int siglen_map[];
extern const uint8_t* padding_map[];
extern const int padding_size_map[];
+extern const int hash_type_map[];
extern const int hash_size_map[];
extern const int hash_blocksize_map[];
extern const uint8_t* hash_digestinfo_map[];
diff --git a/include/rsa.h b/include/rsa.h
index 8f2ede8..1a45803 100644
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -6,7 +6,11 @@
#ifndef VBOOT_REFERENCE_RSA_H_
#define VBOOT_REFERENCE_RSA_H_
-#include <inttypes.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
#define RSA1024NUMBYTES 128 /* 1024 bit key length */
#define RSA2048NUMBYTES 256 /* 2048 bit key length */
@@ -29,9 +33,59 @@
* against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
*/
int RSAVerify(const RSAPublicKey *key,
- const uint8_t* sig,
- const int sig_len,
- const uint8_t sig_type,
- const uint8_t* hash);
+ const uint8_t* sig,
+ const int sig_len,
+ const uint8_t sig_type,
+ const uint8_t* hash);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* buf,
+ uint64_t len,
+ const uint8_t* sig,
+ int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+ const RSAPublicKey* key,
+ const uint8_t* digest,
+ const uint8_t* sig,
+ int algorithm);
+
+
+/* ----Some additional utility functions for RSA.---- */
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+
#endif /* VBOOT_REFERENCE_RSA_H_ */
diff --git a/include/rsa_utility.h b/include/rsa_utility.h
deleted file mode 100644
index 652227c..0000000
--- a/include/rsa_utility.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Some utility functions for use with RSA signature verification.
- */
-
-#ifndef VBOOT_REFERENCE_RSA_UTILITY_H_
-#define VBOOT_REFERENCE_RSA_UTILITY_H_
-
-#include "rsa.h"
-
-/* Returns the size of a pre-processed RSA public key in bytes with algorithm
- * [algorithm]. */
-int RSAProcessedKeySize(int algorithm);
-
-/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
- * NULL */
-RSAPublicKey* RSAPublicKeyNew(void);
-
-/* Deep free the contents of [key]. */
-void RSAPublicKeyFree(RSAPublicKey* key);
-
-/* Create a RSAPublic key structure from binary blob [buf] of length
- * [len].
- *
- * Caller owns the returned key and must free it.
- */
-RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
-
-/* Perform RSA signature verification on [buf] of length [len] against expected
- * signature [sig] using signature algorithm [algorithm]. The public key used
- * for verification can either be in the form of a pre-process key blob
- * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
- * be non-NULL, and the other NULL or the function will fail.
- *
- * Returns 1 on verification success, 0 on verification failure or invalid
- * arguments.
- *
- * Note: This function is for use in the firmware and assumes all pointers point
- * to areas in the memory of the right size.
- *
- */
-int RSAVerifyBinary_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* buf,
- uint64_t len,
- const uint8_t* sig,
- int algorithm);
-
-/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
- * of data, its digest is passed as the argument. */
-int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
- const RSAPublicKey* key,
- const uint8_t* digest,
- const uint8_t* sig,
- int algorithm);
-#endif /* VBOOT_REFERENCE_RSA_UTILITY_H_ */
diff --git a/include/sha.h b/include/sha.h
index c3edcbc..1686894 100644
--- a/include/sha.h
+++ b/include/sha.h
@@ -8,8 +8,11 @@
#ifndef VBOOT_REFERENCE_SHA_H_
#define VBOOT_REFERENCE_SHA_H_
-#include <inttypes.h>
-#include <string.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>
#define SHA1_DIGEST_SIZE 20
#define SHA1_BLOCK_SIZE 64
@@ -81,4 +84,45 @@
uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
+/*---- Utility functions/wrappers for message digests. */
+
+#define SHA1_DIGEST_ALGORITHM 0
+#define SHA256_DIGEST_ALGORITHM 1
+#define SHA512_DIGEST_ALGORITHM 2
+
+/* A generic digest context structure which can be used to represent
+ * the SHA*_CTX for multiple digest algorithms.
+ */
+typedef struct DigestContext {
+ SHA1_CTX* sha1_ctx;
+ SHA256_CTX* sha256_ctx;
+ SHA512_CTX* sha512_ctx;
+ int algorithm; /* Hashing algorithm to use. */
+} DigestContext;
+
+/* Wrappers for message digest algorithms. These are useful when the hashing
+ * operation is being done in parallel with something else. DigestContext tracks
+ * and stores the state of any digest algorithm (one at any given time).
+ */
+
+/* Initialize a digest context for use with signature algorithm [algorithm]. */
+void DigestInit(DigestContext* ctx, int sig_algorithm);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
+
+/* Caller owns the returned digest and must free it. */
+uint8_t* DigestFinal(DigestContext* ctx);
+
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
+/* Returns the appropriate digest of [buf] of length
+ * [len] based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
+
+
#endif /* VBOOT_REFERENCE_SHA_H_ */
diff --git a/include/sha_utility.h b/include/sha_utility.h
deleted file mode 100644
index 21a5e18..0000000
--- a/include/sha_utility.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility functions for message digests.
-*/
-
-#ifndef VBOOT_REFERENCE_SHA_UTILITY_H_
-#define VBOOT_REFERENCE_SHA_UTILITY_H_
-
-#include <inttypes.h>
-
-#include "sha.h"
-
-#define SHA1_DIGEST_ALGORITHM 0
-#define SHA256_DIGEST_ALGORITHM 1
-#define SHA512_DIGEST_ALGORITHM 2
-
-/* A generic digest context structure which can be used to represent
- * the SHA*_CTX for multiple digest algorithms.
- */
-typedef struct DigestContext {
- SHA1_CTX* sha1_ctx;
- SHA256_CTX* sha256_ctx;
- SHA512_CTX* sha512_ctx;
- int algorithm; /* Hashing algorithm to use. */
-} DigestContext;
-
-/* Wrappers for message digest algorithms. These are useful when the hashing
- * operation is being done in parallel with something else. DigestContext tracks
- * and stores the state of any digest algorithm (one at any given time).
- */
-
-/* Initialize a digest context for use with signature algorithm [algorithm]. */
-void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
-
-/* Caller owns the returned digest and must free it. */
-uint8_t* DigestFinal(DigestContext* ctx);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
-/* Returns the appropriate digest of [buf] of length
- * [len] based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
-
-#endif /* VBOOT_REFERENCE_SHA_UTILITY_H_ */
diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c
index 2368b47..44328ea 100644
--- a/tests/big_firmware_tests.c
+++ b/tests/big_firmware_tests.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c
index 7fc5fb3..c78f622 100644
--- a/tests/big_kernel_tests.c
+++ b/tests/big_kernel_tests.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_image_tests.c b/tests/firmware_image_tests.c
index fd19560..a2ce472 100644
--- a/tests/firmware_image_tests.c
+++ b/tests/firmware_image_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c
index 9973ec7..3608db7 100644
--- a/tests/firmware_rollback_tests.c
+++ b/tests/firmware_rollback_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "rsa_utility.h"
#include "utility.h"
#include "rollback_index.h"
#include "test_common.h"
diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c
index c71b8b4..c3259b7 100644
--- a/tests/firmware_splicing_tests.c
+++ b/tests/firmware_splicing_tests.c
@@ -8,10 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/firmware_verify_benchmark.c b/tests/firmware_verify_benchmark.c
index 8eafc70..3d06dc9 100644
--- a/tests/firmware_verify_benchmark.c
+++ b/tests/firmware_verify_benchmark.c
@@ -8,10 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c
index c8f8035..eee0417 100644
--- a/tests/kernel_image_tests.c
+++ b/tests/kernel_image_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c
index eafbaaa..08f874c 100644
--- a/tests/kernel_rollback_tests.c
+++ b/tests/kernel_rollback_tests.c
@@ -8,9 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "rsa_utility.h"
#include "rollback_index.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c
index da29eb1..d4c9bb5 100644
--- a/tests/kernel_splicing_tests.c
+++ b/tests/kernel_splicing_tests.c
@@ -8,10 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "utility.h"
diff --git a/tests/kernel_verify_benchmark.c b/tests/kernel_verify_benchmark.c
index c3259fc..369785c 100644
--- a/tests/kernel_verify_benchmark.c
+++ b/tests/kernel_verify_benchmark.c
@@ -8,10 +8,9 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
#include "test_common.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/rollback_index_mock.c b/tests/rollback_index_mock.c
index 6317214..37dde48 100644
--- a/tests/rollback_index_mock.c
+++ b/tests/rollback_index_mock.c
@@ -7,8 +7,8 @@
#include "rollback_index.h"
-#include <stdio.h>
#include <stdint.h>
+#include <stdio.h>
uint16_t g_firmware_key_version = 0;
uint16_t g_firmware_version = 0;
diff --git a/tests/rsa_padding_test.c b/tests/rsa_padding_test.c
index b565e78..4ccb4b4 100644
--- a/tests/rsa_padding_test.c
+++ b/tests/rsa_padding_test.c
@@ -7,8 +7,8 @@
#include <stdio.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "rsa_utility.h"
int main(int argc, char* argv[]) {
int i;
diff --git a/tests/rsa_padding_test.h b/tests/rsa_padding_test.h
index 2257784..ce1ab24 100644
--- a/tests/rsa_padding_test.h
+++ b/tests/rsa_padding_test.h
@@ -12,9 +12,7 @@
#ifndef VBOOT_REFERENCE_RSA_PADDING_TEST_H_
#define VBOOT_REFERENCE_RSA_PADDING_TEST_H_
-#include <inttypes.h>
-
-#include "rsa.h"
+#include "cryptolib.h"
/* The modulus of the public key (RSA-1024). */
static const uint8_t pubkey_n[] = {
diff --git a/tests/rsa_verify_benchmark.c b/tests/rsa_verify_benchmark.c
index ba108be..ccd6eaf 100644
--- a/tests/rsa_verify_benchmark.c
+++ b/tests/rsa_verify_benchmark.c
@@ -6,10 +6,8 @@
#include <stdio.h>
#include <stdlib.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "padding.h"
-#include "rsa.h"
-#include "rsa_utility.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c
index b36695b..8532ffa 100644
--- a/tests/sha_benchmark.c
+++ b/tests/sha_benchmark.c
@@ -6,7 +6,7 @@
#include <stdio.h>
#include <stdlib.h>
-#include "sha.h"
+#include "cryptolib.h"
#include "timer_utils.h"
#include "utility.h"
diff --git a/tests/sha_test_vectors.h b/tests/sha_test_vectors.h
index 640c06b..c75e916 100644
--- a/tests/sha_test_vectors.h
+++ b/tests/sha_test_vectors.h
@@ -8,15 +8,15 @@
#ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
#define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
-#include "sha.h"
+#include "cryptolib.h"
-char *oneblock_msg = "abc";
-char *multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
+char* oneblock_msg = "abc";
+char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
"jklmklmnlmnomnopnopq";
-char *multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
+char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
"jklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnop"
"qrsmnopqrstnopqrstu";
-char *long_msg;
+char* long_msg;
uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
{
diff --git a/tests/sha_tests.c b/tests/sha_tests.c
index 2c07b3f..2b75a03 100644
--- a/tests/sha_tests.c
+++ b/tests/sha_tests.c
@@ -9,8 +9,7 @@
#include <stdlib.h>
#include <string.h>
-#include "sha.h"
-
+#include "cryptolib.h"
#include "sha_test_vectors.h"
int SHA1_tests(void) {
diff --git a/tests/test_common.c b/tests/test_common.c
index b57f6ed..2591310 100644
--- a/tests/test_common.c
+++ b/tests/test_common.c
@@ -9,8 +9,8 @@
#include <stdio.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "rsa_utility.h"
#include "utility.h"
/* ANSI Color coding sequences. */
diff --git a/utils/file_keys.c b/utils/file_keys.c
index 8438351..275ca6b 100644
--- a/utils/file_keys.c
+++ b/utils/file_keys.c
@@ -15,8 +15,7 @@
#include <sys/types.h>
#include <unistd.h>
-#include "padding.h"
-#include "rsa_utility.h"
+#include "cryptolib.h"
#include "signature_digest.h"
#include "utility.h"
@@ -60,6 +59,27 @@
return key;
}
+uint8_t* DigestFile(char* input_file, int sig_algorithm) {
+ int input_fd, len;
+ uint8_t data[SHA1_BLOCK_SIZE];
+ uint8_t* digest = NULL;
+ DigestContext ctx;
+
+ if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
+ debug("Couldn't open input file.\n");
+ return NULL;
+ }
+ DigestInit(&ctx, sig_algorithm);
+ while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
+ SHA1_BLOCK_SIZE)
+ DigestUpdate(&ctx, data, len);
+ if (len != -1)
+ DigestUpdate(&ctx, data, len);
+ digest = DigestFinal(&ctx);
+ close(input_fd);
+ return digest;
+}
+
uint8_t* SignatureFile(const char* input_file, const char* key_file,
int algorithm) {
char* sign_utility = "./sign_data.sh";
diff --git a/utils/firmware_image.c b/utils/firmware_image.c
index 803ef89..b633d1a 100644
--- a/utils/firmware_image.c
+++ b/utils/firmware_image.c
@@ -7,16 +7,13 @@
#include "firmware_image.h"
-#include <fcntl.h>
-#include <limits.h>
#include <sys/types.h>
#include <sys/stat.h>
+#include <fcntl.h>
#include <unistd.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "signature_digest.h"
#include "utility.h"
diff --git a/utils/firmware_image_fw.c b/utils/firmware_image_fw.c
index f5c7d89..5387d95 100644
--- a/utils/firmware_image_fw.c
+++ b/utils/firmware_image_fw.c
@@ -8,10 +8,8 @@
#include "firmware_image_fw.h"
-#include "padding.h"
+#include "cryptolib.h"
#include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "utility.h"
/* Macro to determine the size of a field structure in the FirmwareImage
diff --git a/utils/firmware_utility.cc b/utils/firmware_utility.cc
index 6b543f5..85275e7 100644
--- a/utils/firmware_utility.cc
+++ b/utils/firmware_utility.cc
@@ -17,11 +17,9 @@
#include <iostream>
extern "C" {
+#include "cryptolib.h"
#include "file_keys.h"
#include "firmware_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "utility.h"
}
diff --git a/utils/kernel_image.c b/utils/kernel_image.c
index e66ce38..8c8c092 100644
--- a/utils/kernel_image.c
+++ b/utils/kernel_image.c
@@ -14,11 +14,9 @@
#include <sys/stat.h>
#include <unistd.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "padding.h"
#include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "signature_digest.h"
#include "utility.h"
diff --git a/utils/kernel_image_fw.c b/utils/kernel_image_fw.c
index 466d34a..734111c 100644
--- a/utils/kernel_image_fw.c
+++ b/utils/kernel_image_fw.c
@@ -8,10 +8,8 @@
#include "kernel_image_fw.h"
-#include "padding.h"
+#include "cryptolib.h"
#include "rollback_index.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "utility.h"
/* Macro to determine the size of a field structure in the KernelImage
diff --git a/utils/kernel_utility.cc b/utils/kernel_utility.cc
index 9a4f34b..9fedeb5 100644
--- a/utils/kernel_utility.cc
+++ b/utils/kernel_utility.cc
@@ -17,11 +17,9 @@
#include <iostream>
extern "C" {
+#include "cryptolib.h"
#include "file_keys.h"
#include "kernel_image.h"
-#include "padding.h"
-#include "rsa_utility.h"
-#include "sha_utility.h"
#include "utility.h"
}
diff --git a/utils/signature_digest.c b/utils/signature_digest.c
index 8f4c238..d8d425b 100644
--- a/utils/signature_digest.c
+++ b/utils/signature_digest.c
@@ -13,9 +13,7 @@
#include <stdlib.h>
#include <unistd.h>
-#include "padding.h"
-#include "sha.h"
-#include "sha_utility.h"
+#include "cryptolib.h"
#include "utility.h"
uint8_t* PrependDigestInfo(int algorithm, uint8_t* digest) {
diff --git a/utils/verify_data.c b/utils/verify_data.c
index 4b0b785..e6cc852 100644
--- a/utils/verify_data.c
+++ b/utils/verify_data.c
@@ -15,11 +15,8 @@
#include <sys/types.h>
#include <unistd.h>
+#include "cryptolib.h"
#include "file_keys.h"
-#include "sha_utility.h"
-#include "padding.h"
-#include "rsa.h"
-#include "rsa_utility.h"
#include "verify_data.h"
/* ANSI Color coding sequences. */