Fix RSA verification test.

I previously refactored some of the signature generation code to directly use the OpenSSL library instead of invoking the "openssl" command line utility. The signature_digest command line utility got lost in the process. This restores the utility which in turn fixes the RSA verification test.

Review URL: http://codereview.chromium.org/669040

tests/Makefile

@@ -3,7 +3,7 @@
 # found in the LICENSE file.
 
 CC ?= gcc
-CFLAGS = -Wall -DNDEBUG
+CFLAGS = -Wall -DNDEBUG -O3
 INCLUDES ?= -I../include/
 TOP ?= ../
 

tests/run_rsa_tests.sh

@@ -26,8 +26,8 @@ function generate_signatures {
   do
     for hashalgo in ${hash_algos[@]}
     do
-      ${UTIL_DIR}/signature_digest $algorithmcounter $1 | openssl rsautl -sign \
+      ${UTIL_DIR}/signature_digest_utility $algorithmcounter $1 | openssl \
-        -pkcs -inkey ${KEY_DIR}/key_rsa${keylen}.pem \
+        rsautl -sign -pkcs -inkey ${KEY_DIR}/key_rsa${keylen}.pem \
         > $1.rsa${keylen}\_${hashalgo}.sig
       let algorithmcounter=algorithmcounter+1
     done

utils/Makefile

@@ -4,15 +4,16 @@
 
 CC ?= gcc
 CXX ?= g++
-CFLAGS = -Wall -DNDEBUG
+CFLAGS = -Wall -DNDEBUG -O3
 INCLUDES ?= -I../include/
 TOP ?= ../
 
 LIBS =  firmware_image.o kernel_image.o signature_digest.o file_keys.o
 FIRMWARELIBS = $(TOP)/crypto/libcrypto.a $(TOP)/common/libcommon.a
 
-all: dumpRSAPublicKey verify_data file_keys.o signature_digest.o firmware_image.o \
+all: dumpRSAPublicKey verify_data file_keys.o signature_digest.o \
-	kernel_image.o signature_digest.o firmware_utility kernel_utility
+	firmware_image.o kernel_image.o signature_digest.o \
+	signature_digest_utility firmware_utility kernel_utility
 
 dumpRSAPublicKey: dumpRSAPublicKey.c
 	$(CC) $(CFLAGS) $< -o $@ -lcrypto
@@ -20,6 +21,9 @@ dumpRSAPublicKey: dumpRSAPublicKey.c
 verify_data: verify_data.c $(LIBS) $(FIRMWARELIBS)
 	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto
 
+signature_digest_utility: signature_digest_utility.c $(LIBS) $(FIRMWARELIBS)
+	$(CC) $(CFLAGS) $(INCLUDES) $< -o $@ $(LIBS) $(FIRMWARELIBS) -lcrypto
+
 firmware_utility: firmware_utility.cc $(LIBS) $(FIRMWARELIBS)
 	$(CXX) $(CFLAGS) $(INCLUDES) -ggdb -D__STDC_LIMIT_MACROS $< \
 	-o $@ $(FIRMWARELIBS) $(LIBS) -lcrypto
@@ -41,4 +45,4 @@ kernel_image.o: kernel_image.c
 	$(CC) $(CFLAGS) -ansi $(INCLUDES) -c $< -o $@
 clean:
 	rm -f dumpRSAPublicKey verify_data signature_digest firmware_utility \
-	kernel_utility $(LIBS)
+	kernel_utility signature_digest_utility $(LIBS)

utils/signature_digest_utility.c

@@ -0,0 +1,54 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Utility that outputs the cryptographic digest of a contents of a
+ * file in a format that can be directly used to generate PKCS#1 v1.5
+ * signatures via the "openssl" command line utility.
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "file_keys.h"
+#include "padding.h"
+#include "signature_digest.h"
+#include "utility.h"
+
+int main(int argc, char* argv[]) {
+  int algorithm = -1;
+  int error_code = 0;
+  uint8_t* buf = NULL;
+  uint8_t* signature_digest = NULL;
+  uint32_t len;
+  uint32_t signature_digest_len;
+
+  if (argc != 3) {
+    fprintf(stderr, "Usage: %s <algoid> <file>", argv[0]);
+    return -1;
+  }
+  algorithm = atoi(argv[1]);
+  if (algorithm < 0 || algorithm >= kNumAlgorithms) {
+    fprintf(stderr, "Invalid Algorithm!\n");
+    return -1;
+  }
+
+  buf = BufferFromFile(argv[2], &len);
+  if (!buf) {
+    fprintf(stderr, "Could read file: %s\n", argv[2]);
+    return -1;
+  }
+
+  signature_digest = SignatureDigest(buf, len, algorithm);
+  signature_digest_len = (hash_size_map[algorithm] +
+                          digestinfo_size_map[algorithm]);
+  if (!signature_digest)
+    error_code = -1;
+  if(signature_digest &&
+     1 != fwrite(signature_digest, signature_digest_len, 1, stdout))
+    error_code = -1;
+  Free(signature_digest);
+  Free(buf);
+  return error_code;
+}