VBoot Reference: Refactor Part 2 - Crypto Libraries

Removing multiple top level includes - now padding.h, rsa.h and sha.h are used internally and cryptolib.h must be used instead for all modules that wish to use crypto functions. I am trying to separate refactors involving code movement from one file to another, and the movement of files themselves into separate CLs so that it's clear what changed. Review URL: http://codereview.chromium.org/1574005
2025-11-27 03:33:50 +00:00 · 2010-03-30 23:08:10 -07:00
parent ed9c96a7aa
commit d46c347018
42 changed files with 234 additions and 255 deletions
--- a/include/rsa.h
+++ b/include/rsa.h
@@ -6,7 +6,11 @@
 #ifndef VBOOT_REFERENCE_RSA_H_
 #define VBOOT_REFERENCE_RSA_H_

-#include <inttypes.h>
+#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
+#error "Do not include this file directly. Use cryptolib.h instead."
+#endif
+
+#include <stdint.h>

 #define RSA1024NUMBYTES 128  /* 1024 bit key length */
 #define RSA2048NUMBYTES 256  /* 2048 bit key length */
@@ -29,9 +33,59 @@ typedef struct RSAPublicKey {
 * against an expected [hash] using [key]. Returns 0 on failure, 1 on success.
 */
 int RSAVerify(const RSAPublicKey *key,
-               const uint8_t* sig,
-               const int sig_len,
-               const uint8_t sig_type,
-               const uint8_t* hash);
+              const uint8_t* sig,
+              const int sig_len,
+              const uint8_t sig_type,
+              const uint8_t* hash);
+
+/* Perform RSA signature verification on [buf] of length [len] against expected
+ * signature [sig] using signature algorithm [algorithm]. The public key used
+ * for verification can either be in the form of a pre-process key blob
+ * [key_blob] or RSAPublicKey structure [key]. One of [key_blob] or [key] must
+ * be non-NULL, and the other NULL or the function will fail.
+ *
+ * Returns 1 on verification success, 0 on verification failure or invalid
+ * arguments.
+ *
+ * Note: This function is for use in the firmware and assumes all pointers point
+ * to areas in the memory of the right size.
+ *
+ */
+int RSAVerifyBinary_f(const uint8_t* key_blob,
+                      const RSAPublicKey* key,
+                      const uint8_t* buf,
+                      uint64_t len,
+                      const uint8_t* sig,
+                      int algorithm);
+
+/* Version of RSAVerifyBinary_f() where instead of the raw binary blob
+ * of data, its digest is passed as the argument. */
+int RSAVerifyBinaryWithDigest_f(const uint8_t* key_blob,
+                                const RSAPublicKey* key,
+                                const uint8_t* digest,
+                                const uint8_t* sig,
+                                int algorithm);
+
+
+/* ----Some additional utility functions for RSA.---- */
+
+/* Returns the size of a pre-processed RSA public key in bytes with algorithm
+ * [algorithm]. */
+int RSAProcessedKeySize(int algorithm);
+
+/* Allocate a new RSAPublicKey structure and initialize its pointer fields to
+ * NULL */
+RSAPublicKey* RSAPublicKeyNew(void);
+
+/* Deep free the contents of [key]. */
+void RSAPublicKeyFree(RSAPublicKey* key);
+
+/* Create a RSAPublic key structure from binary blob [buf] of length
+ * [len].
+ *
+ * Caller owns the returned key and must free it.
+ */
+RSAPublicKey* RSAPublicKeyFromBuf(const uint8_t* buf, int len);
+

 #endif  /* VBOOT_REFERENCE_RSA_H_ */