Remove unused files, and tidy the directory structure of the remaining ones.

Review URL: http://codereview.chromium.org/2815011

firmware/lib/cryptolib/include/cryptolib.h

@@ -0,0 +1,15 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Firmware Cryptolib includes.
+ */
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#define VBOOT_REFERENCE_CRYPTOLIB_H_
+
+#include "padding.h"
+#include "rsa.h"
+#include "sha.h"
+
+#endif  /* VBOOT_REFERENCE_CRYPTOLIB_H_ */

firmware/lib/cryptolib/include/padding.h

@@ -0,0 +1,40 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef VBOOT_REFERENCE_PADDING_H_
+#define VBOOT_REFERENCE_PADDING_H_
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include "sysincludes.h"
+
+extern const uint8_t paddingRSA1024_SHA1[];
+extern const uint8_t paddingRSA1024_SHA256[];
+extern const uint8_t paddingRSA1024_SHA512[];
+extern const uint8_t paddingRSA2048_SHA1[];
+extern const uint8_t paddingRSA2048_SHA256[];
+extern const uint8_t paddingRSA2048_SHA512[];
+extern const uint8_t paddingRSA4096_SHA1[];
+extern const uint8_t paddingRSA4096_SHA256[];
+extern const uint8_t paddingRSA4096_SHA512[];
+extern const uint8_t paddingRSA8192_SHA1[];
+extern const uint8_t paddingRSA8192_SHA256[];
+extern const uint8_t paddingRSA8192_SHA512[];
+
+extern const int kNumAlgorithms;
+
+extern const int digestinfo_size_map[];
+extern const int siglen_map[];
+extern const uint8_t* padding_map[];
+extern const int padding_size_map[];
+extern const int hash_type_map[];
+extern const int hash_size_map[];
+extern const int hash_blocksize_map[];
+extern const uint8_t* hash_digestinfo_map[];
+extern const char* algo_strings[];
+
+#endif  /* VBOOT_REFERENCE_PADDING_H_ */

firmware/lib/cryptolib/include/rsa.h

@@ -0,0 +1,92 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef VBOOT_REFERENCE_RSA_H_
+#define VBOOT_REFERENCE_RSA_H_
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include "sysincludes.h"
+
+#define RSA1024NUMBYTES 128  /* 1024 bit key length */
+#define RSA2048NUMBYTES 256  /* 2048 bit key length */
+#define RSA4096NUMBYTES 512  /* 4096 bit key length */
+#define RSA8192NUMBYTES 1024  /* 8192 bit key length */
+
+#define RSA1024NUMWORDS (RSA1024NUMBYTES / sizeof(uint32_t))
+#define RSA2048NUMWORDS (RSA2048NUMBYTES / sizeof(uint32_t))
+#define RSA4096NUMWORDS (RSA4096NUMBYTES / sizeof(uint32_t))
+#define RSA8192NUMWORDS (RSA8192NUMBYTES / sizeof(uint32_t))
+
+typedef struct RSAPublicKey {
+  uint32_t len;  /* Length of n[] in number of uint32_t */
+  uint32_t n0inv;  /* -1 / n[0] mod 2^32 */
+  uint32_t* n;  /* modulus as little endian array */
+  uint32_t* rr; /* R^2 as little endian array */
+  int algorithm; /* Algorithm to use when verifying binaries with the key */
+} RSAPublicKey;
+
+/* Verify a RSA PKCS1.5 signature [sig] of [sig_type] and length [sig_len]
+ * against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
+ */
+int RSAVerify(const RSAPublicKey *key,
+              const uint8_t* sig,
+              const int sig_len,
+              const uint8_t sig_type,
+              const uint8_t* hash);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+                      const RSAPublicKey* key,
+                      const uint8_t* buf,
+                      uint64_t len,
+                      const uint8_t* sig,
+                      int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+                                const RSAPublicKey* key,
+                                const uint8_t* digest,
+                                const uint8_t* sig,
+                                int algorithm);
+
+
+/* ----Some additional utility functions for RSA.---- */
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+
+
+#endif  /* VBOOT_REFERENCE_RSA_H_ */

firmware/lib/cryptolib/include/sha.h

@@ -0,0 +1,128 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+/* SHA-1, 256 and 512 functions. */
+
+#ifndef VBOOT_REFERENCE_SHA_H_
+#define VBOOT_REFERENCE_SHA_H_
+
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include "sysincludes.h"
+
+#define SHA1_DIGEST_SIZE 20
+#define SHA1_BLOCK_SIZE 64
+
+#define SHA256_DIGEST_SIZE 32
+#define SHA256_BLOCK_SIZE 64
+
+#define SHA512_DIGEST_SIZE 64
+#define SHA512_BLOCK_SIZE 128
+
+typedef struct SHA1_CTX {
+  uint64_t count;
+  uint32_t state[5];
+#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN)
+  union {
+    uint8_t b[64];
+    uint32_t w[16];
+  } buf;
+#else
+  uint8_t buf[64];
+#endif
+} SHA1_CTX;
+
+typedef struct {
+  uint32_t h[8];
+  uint32_t tot_len;
+  uint32_t len;
+  uint8_t block[2 * SHA256_BLOCK_SIZE];
+  uint8_t buf[SHA256_DIGEST_SIZE];  /* Used for storing the final digest. */
+} SHA256_CTX;
+
+typedef struct {
+  uint64_t h[8];
+  uint32_t tot_len;
+  uint32_t len;
+  uint8_t block[2 * SHA512_BLOCK_SIZE];
+  uint8_t buf[SHA512_DIGEST_SIZE];  /* Used for storing the final digest. */
+} SHA512_CTX;
+
+
+void SHA1_init(SHA1_CTX* ctx);
+void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len);
+uint8_t* SHA1_final(SHA1_CTX* ctx);
+
+void SHA256_init(SHA256_CTX* ctx);
+void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len);
+uint8_t* SHA256_final(SHA256_CTX* ctx);
+
+void SHA512_init(SHA512_CTX* ctx);
+void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, uint64_t len);
+uint8_t* SHA512_final(SHA512_CTX* ctx);
+
+/* Convenience function for SHA-1.  Computes hash on [data] of length [len].
+ * and stores it into [digest]. [digest] should be pre-allocated to
+ * SHA1_DIGEST_SIZE bytes.
+ */
+uint8_t* SHA1(const uint8_t* data, uint64_t len, uint8_t* digest);
+
+/* Convenience function for SHA-256.  Computes hash on [data] of length [len].
+ * and stores it into [digest]. [digest] should be pre-allocated to
+ * SHA256_DIGEST_SIZE bytes.
+ */
+uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest);
+
+/* Convenience function for SHA-512.  Computes hash on [data] of length [len].
+ * and stores it into [digest]. [digest] should be pre-allocated to
+ * SHA512_DIGEST_SIZE bytes.
+ */
+uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
+
+
+/*---- Utility functions/wrappers for message digests. */
+
+#define SHA1_DIGEST_ALGORITHM 0
+#define SHA256_DIGEST_ALGORITHM 1
+#define SHA512_DIGEST_ALGORITHM 2
+
+/* A generic digest context structure which can be used to represent
+ * the SHA*_CTX for multiple digest algorithms.
+ */
+typedef struct DigestContext {
+  SHA1_CTX* sha1_ctx;
+  SHA256_CTX* sha256_ctx;
+  SHA512_CTX* sha512_ctx;
+  int algorithm;  /* Hashing algorithm to use. */
+} DigestContext;
+
+/* Wrappers for message digest algorithms. These are useful when the hashing
+ * operation is being done in parallel with something else. DigestContext tracks
+ * and stores the state of any digest algorithm (one at any given time).
+ */
+
+/* Initialize a digest context for use with signature algorithm [algorithm]. */
+void DigestInit(DigestContext* ctx, int sig_algorithm);
+void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint64_t len);
+
+/* Caller owns the returned digest and must free it. */
+uint8_t* DigestFinal(DigestContext* ctx);
+
+/* Returns the appropriate digest for the data in [input_file]
+ * based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestFile(char* input_file, int sig_algorithm);
+
+/* Returns the appropriate digest of [buf] of length
+ * [len] based on the signature [algorithm].
+ * Caller owns the returned digest and must free it.
+ */
+uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
+
+
+#endif  /* VBOOT_REFERENCE_SHA_H_ */