host,test: Remove unneeded vb1 rsa functions

Another in a continued stream of refactoring.  This change removes more
of the vb1 rsa library code and associated tests, in favor of their vb2
equivalents.  This change touches only host-side code and its tests, not
firmware.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; emerge-kevin coreboot depthcharge

Change-Id: I1973bc2f03c60da62232e30bab0fa5fe791b6b34
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/400901

utility/verify_data.c

@@ -15,88 +15,130 @@
 #include <sys/types.h>
 #include <unistd.h>
 
+#define _STUB_IMPLEMENTATION_  /* For malloc()/free() */
+
 #include "2sysincludes.h"
 
 #include "2common.h"
 #include "2sha.h"
+#include "2rsa.h"
 #include "cryptolib.h"
 #include "file_keys.h"
-#include "verify_data.h"
+#include "host_key.h"
+#include "host_misc.h"
+#include "vb2_common.h"
 
 /* ANSI Color coding sequences. */
 #define COL_GREEN "\e[1;32m"
 #define COL_RED "\e[0;31m"
 #define COL_STOP "\e[m"
 
-uint8_t* read_signature(char* input_file, int len) {
-  int i, sigfd;
-  uint8_t* signature = NULL;
-  if ((sigfd = open(input_file, O_RDONLY)) == -1) {
-    fprintf(stderr, "Couldn't open signature file\n");
-    return NULL;
-  }
+uint8_t* read_signature(char* input_file, int len)
+{
+	int i, sigfd;
+	uint8_t* signature = NULL;
+	if ((sigfd = open(input_file, O_RDONLY)) == -1) {
+		fprintf(stderr, "Couldn't open signature file\n");
+		return NULL;
+	}
 
-  /* Read the signature into a buffer*/
-  signature = (uint8_t*) malloc(len);
-  if (!signature) {
-    close(sigfd);
-    return NULL;
-  }
+	/* Read the signature into a buffer*/
+	signature = (uint8_t*) malloc(len);
+	if (!signature) {
+		close(sigfd);
+		return NULL;
+	}
 
-  if( (i = read(sigfd, signature, len)) != len ) {
-    fprintf(stderr, "Wrong signature length - Expected = %d, Received = %d\n",
-            len, i);
-    close(sigfd);
-    free(signature);
-    return NULL;
-  }
+	if( (i = read(sigfd, signature, len)) != len ) {
+		fprintf(stderr, "Expected signature length %d, Received %d\n",
+			len, i);
+		close(sigfd);
+		free(signature);
+		return NULL;
+	}
 
-  close(sigfd);
-  return signature;
+	close(sigfd);
+	return signature;
 }
 
-int main(int argc, char* argv[]) {
-  int i, algorithm, sig_len;
-  int return_code = 1;  /* Default to error. */
-  uint8_t digest[VB2_MAX_DIGEST_SIZE];
-  uint8_t* signature = NULL;
-  RSAPublicKey* key = NULL;
+int main(int argc, char* argv[])
+{
+	uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
+		 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
+	struct vb2_workbuf wb;
+	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
-  if (argc!=5) {
-    fprintf(stderr, "Usage: %s <algorithm> <key file> <signature file>"
-            " <input file>\n\n", argv[0]);
-    fprintf(stderr, "where <algorithm> depends on the signature algorithm"
-            " used:\n");
-    for(i = 0; i<kNumAlgorithms; i++)
-      fprintf(stderr, "\t%d for %s\n", i, algo_strings[i]);
-    return -1;
-  }
+	int return_code = 1;  /* Default to error. */
+	uint8_t digest[VB2_MAX_DIGEST_SIZE];
+	struct vb2_packed_key *pk = NULL;
+	uint8_t *signature = NULL;
+	uint32_t sig_len = 0;
 
-  algorithm = atoi(argv[1]);
-  if (algorithm >= kNumAlgorithms) {
-    fprintf(stderr, "Invalid Algorithm!\n");
-    return 0;
-  }
-  /* Length of the RSA Signature/RSA Key */
-  sig_len = siglen_map[algorithm];
-  if ((key = RSAPublicKeyFromFile(argv[2])) &&
-      (signature = read_signature(argv[3], sig_len)) &&
-      (VB2_SUCCESS == DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
-				 digest, sizeof(digest)))) {
-    if (RSAVerify(key, signature, sig_len, algorithm, digest)) {
-      return_code = 0;
-      fprintf(stderr, "Signature Verification "
-              COL_GREEN "SUCCEEDED" COL_STOP "\n");
-    } else {
-      fprintf(stderr, "Signature Verification "
-              COL_RED "FAILED" COL_STOP "\n");
-    }
-  }
-  else
-    return_code = -1;
+	if (argc != 5) {
+		int i;
+		fprintf(stderr,
+			"Usage: %s <algorithm> <key file> <signature file>"
+			" <input file>\n\n", argv[0]);
+		fprintf(stderr,
+			"where <algorithm> depends on the signature algorithm"
+			" used:\n");
+		for(i = 0; i < VB2_ALG_COUNT; i++)
+			fprintf(stderr, "\t%d for %s\n", i, algo_strings[i]);
+		return -1;
+	}
 
-  free(key);
-  free(signature);
+	int algorithm = atoi(argv[1]);
+	if (algorithm >= kNumAlgorithms) {
+		fprintf(stderr, "Invalid algorithm %d\n", algorithm);
+		goto error;
+	}
 
-  return return_code;
+	pk = vb2_read_packed_keyb(argv[2], algorithm, 0);
+	if (!pk) {
+		fprintf(stderr, "Can't read RSA public key.\n");
+		goto error;
+	}
+
+	struct vb2_public_key k2;
+	if (VB2_SUCCESS != vb2_unpack_key(&k2, (const uint8_t *)pk,
+					  pk->key_offset + pk->key_size)) {
+		fprintf(stderr, "Can't unpack RSA public key.\n");
+		goto error;
+	}
+
+	if (VB2_SUCCESS != vb2_read_file(argv[3], &signature, &sig_len)) {
+		fprintf(stderr, "Can't read signature.\n");
+		goto error;
+	}
+
+	uint32_t expect_sig_size =
+			vb2_rsa_sig_size(vb2_crypto_to_signature(algorithm));
+	if (sig_len != expect_sig_size) {
+		fprintf(stderr, "Expected signature size %u, got %u\n",
+			expect_sig_size, sig_len);
+		goto error;
+	}
+
+	if (VB2_SUCCESS != DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
+				       digest, sizeof(digest))) {
+		fprintf(stderr, "Error calculating digest.\n");
+		goto error;
+	}
+
+	if (VB2_SUCCESS == vb2_rsa_verify_digest(&k2, signature, digest, &wb)) {
+		return_code = 0;
+		fprintf(stderr, "Signature Verification "
+			COL_GREEN "SUCCEEDED" COL_STOP "\n");
+	} else {
+		fprintf(stderr, "Signature Verification "
+			COL_RED "FAILED" COL_STOP "\n");
+	}
+
+error:
+	if (pk)
+		free(pk);
+	if (signature)
+		free(signature);
+
+	return return_code;
 }