vboot: Convert vboot1 SHA calls to use vboot2
authorRandall Spangler <rspangler@chromium.org>
Wed, 11 May 2016 20:50:18 +0000 (13:50 -0700)
committerchrome-bot <chrome-bot@chromium.org>
Sat, 23 Jul 2016 01:40:04 +0000 (18:40 -0700)
This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.

This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it

Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
39 files changed:
Makefile
cgpt/cgpt_wrapper.c
firmware/lib/cryptolib/include/cryptolib.h
firmware/lib/cryptolib/include/padding.h
firmware/lib/cryptolib/include/sha.h [deleted file]
firmware/lib/cryptolib/padding.c
firmware/lib/cryptolib/rsa_utility.c
firmware/lib/cryptolib/sha1.c [deleted file]
firmware/lib/cryptolib/sha256.c [deleted file]
firmware/lib/cryptolib/sha512.c [deleted file]
firmware/lib/cryptolib/sha_utility.c [deleted file]
firmware/lib/include/vboot_common.h
firmware/lib/vboot_common.c
firmware/lib/vboot_display.c
firmware/lib/vboot_firmware.c
firmware/lib/vboot_kernel.c
futility/cmd_create.c
futility/cmd_pcr.c
futility/file_type_usbpd1.c
futility/misc.c
futility/ryu_root_header.c
futility/vb2_helper.c
host/lib/file_keys.c
host/lib/host_keyblock.c
host/lib/host_signature.c
host/lib/include/file_keys.h
host/lib/signature_digest.c
host/lib/util_misc.c
host/linktest/main.c
tests/rsa_utility_tests.c
tests/sha_benchmark.c
tests/sha_test_vectors.h
tests/vboot_common2_tests.c
tests/vboot_common3_tests.c
tests/vboot_firmware_tests.c
tests/vboot_kernel_tests.c
utility/pad_digest_utility.c
utility/signature_digest_utility.c
utility/verify_data.c

index b0fdf08..ef711fd 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -327,10 +327,6 @@ VBSF_SRCS = \
        firmware/lib/cryptolib/padding.c \
        firmware/lib/cryptolib/rsa.c \
        firmware/lib/cryptolib/rsa_utility.c \
-       firmware/lib/cryptolib/sha1.c \
-       firmware/lib/cryptolib/sha256.c \
-       firmware/lib/cryptolib/sha512.c \
-       firmware/lib/cryptolib/sha_utility.c \
        firmware/lib/stateful_util.c \
        firmware/lib/vboot_api_firmware.c \
        firmware/lib/vboot_common.c \
@@ -737,7 +733,6 @@ TEST_NAMES = \
        tests/rsa_utility_tests \
        tests/rsa_verify_benchmark \
        tests/sha_benchmark \
-       tests/sha_tests \
        tests/stateful_util_tests \
        tests/tpm_bootmode_tests \
        tests/utility_string_tests \
@@ -949,8 +944,8 @@ ${BDBLIB_OBJS}: INCLUDES += -Ifirmware/bdb
 ${BUILD}/firmware/linktest/main_vbinit: ${VBINIT_OBJS}
 ${BUILD}/firmware/linktest/main_vbinit: OBJS = ${VBINIT_OBJS}
 TEST_OBJS += ${BUILD}/firmware/linktest/main_vbinit.o
-${BUILD}/firmware/linktest/main_vbsf: ${VBSF_OBJS}
-${BUILD}/firmware/linktest/main_vbsf: OBJS = ${VBSF_OBJS}
+${BUILD}/firmware/linktest/main_vbsf: ${FWLIB}
+${BUILD}/firmware/linktest/main_vbsf: LIBS = ${FWLIB}
 TEST_OBJS += ${BUILD}/firmware/linktest/main_vbsf.o
 ${BUILD}/firmware/linktest/main: ${FWLIB}
 ${BUILD}/firmware/linktest/main: LIBS = ${FWLIB}
@@ -965,7 +960,7 @@ fwlinktest: \
 .PHONY: fwlib
 fwlib: $(if ${FIRMWARE_ARCH},${FWLIB},fwlinktest)
 
-${FWLIB}: ${FWLIB_OBJS}
+${FWLIB}: ${FWLIB_OBJS} ${FWLIB2X_OBJS}
        @${PRINTF} "    RM            $(subst ${BUILD}/,,$@)\n"
        ${Q}rm -f $@
        @${PRINTF} "    AR            $(subst ${BUILD}/,,$@)\n"
@@ -1020,7 +1015,7 @@ utillib: ${UTILLIB} \
        ${BUILD}/host/linktest/main
 
 # TODO: better way to make .a than duplicating this recipe each time?
-${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS}
+${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} ${FWLIB2X_OBJS}
        @${PRINTF} "    RM            $(subst ${BUILD}/,,$@)\n"
        ${Q}rm -f $@
        @${PRINTF} "    AR            $(subst ${BUILD}/,,$@)\n"
@@ -1459,7 +1454,6 @@ runmisctests: test_setup
        ${RUNTEST} ${BUILD_RUN}/tests/rollback_index2_tests
        ${RUNTEST} ${BUILD_RUN}/tests/rollback_index3_tests
        ${RUNTEST} ${BUILD_RUN}/tests/rsa_utility_tests
-       ${RUNTEST} ${BUILD_RUN}/tests/sha_tests
        ${RUNTEST} ${BUILD_RUN}/tests/stateful_util_tests
        ${RUNTEST} ${BUILD_RUN}/tests/tlcl_tests
        ${RUNTEST} ${BUILD_RUN}/tests/tpm_bootmode_tests
index 1716cdd..3903358 100644 (file)
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cgpt.h"
 #include "cgpt_nor.h"
 #include "cryptolib.h"
+#include "file_keys.h"
 
 // Check if cmdline |argv| has "-D". "-D" signifies that GPT structs are stored
 // off device, and hence we should not wrap around cgpt.
@@ -67,8 +72,8 @@ static const char *find_mtd_device(int argc, const char *const argv[]) {
 static int wrap_cgpt(int argc,
                      const char *const argv[],
                      const char *mtd_device) {
-  uint8_t *original_hash = NULL;
-  uint8_t *modified_hash = NULL;
+  uint8_t original_hash[VB2_SHA1_DIGEST_SIZE];
+  uint8_t modified_hash[VB2_SHA1_DIGEST_SIZE];
   int ret = 0;
 
   // Create a temp dir to work in.
@@ -81,7 +86,11 @@ static int wrap_cgpt(int argc,
   if (snprintf(rw_gpt_path, sizeof(rw_gpt_path), "%s/rw_gpt", temp_dir) < 0) {
     goto cleanup;
   }
-  original_hash = DigestFile(rw_gpt_path, SHA1_DIGEST_ALGORITHM);
+  if (VB2_SUCCESS != DigestFile(rw_gpt_path, VB2_HASH_SHA1,
+                               original_hash, sizeof(original_hash))) {
+    Error("Cannot compute original GPT digest.\n");
+    goto cleanup;
+  }
 
   // Obtain the MTD size.
   ret++;
@@ -126,9 +135,9 @@ static int wrap_cgpt(int argc,
 
   // Write back "rw_gpt" to NOR flash in two chunks.
   ret++;
-  modified_hash = DigestFile(rw_gpt_path, SHA1_DIGEST_ALGORITHM);
-  if (original_hash != NULL && modified_hash != NULL) {
-    if (memcmp(original_hash, modified_hash, SHA1_DIGEST_SIZE) != 0) {
+  if (VB2_SUCCESS == DigestFile(rw_gpt_path, VB2_HASH_SHA1,
+                               modified_hash, sizeof(modified_hash))) {
+    if (memcmp(original_hash, modified_hash, VB2_SHA1_DIGEST_SIZE) != 0) {
       ret = WriteNorFlash(temp_dir);
     } else {
       ret = 0;
@@ -136,8 +145,6 @@ static int wrap_cgpt(int argc,
   }
 
 cleanup:
-  free(original_hash);
-  free(modified_hash);
   RemoveDir(temp_dir);
   return ret;
 }
index b65a71d..95fb6e5 100644 (file)
@@ -10,6 +10,5 @@
 
 #include "padding.h"
 #include "rsa.h"
-#include "sha.h"
 
 #endif  /* VBOOT_REFERENCE_CRYPTOLIB_H_ */
index 8cb0030..2b2fcbe 100644 (file)
@@ -31,9 +31,6 @@ extern const int digestinfo_size_map[];
 extern const int siglen_map[];
 extern const uint8_t* const padding_map[];
 extern const int padding_size_map[];
-extern const int hash_type_map[];
-extern const int hash_size_map[];
-extern const int hash_blocksize_map[];
 extern const uint8_t* const hash_digestinfo_map[];
 extern const char* const algo_strings[];
 
diff --git a/firmware/lib/cryptolib/include/sha.h b/firmware/lib/cryptolib/include/sha.h
deleted file mode 100644 (file)
index 47a9e5f..0000000
+++ /dev/null
@@ -1,128 +0,0 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- */
-
-/* SHA-1, 256 and 512 functions. */
-
-#ifndef VBOOT_REFERENCE_SHA_H_
-#define VBOOT_REFERENCE_SHA_H_
-
-#ifndef VBOOT_REFERENCE_CRYPTOLIB_H_
-#error "Do not include this file directly. Use cryptolib.h instead."
-#endif
-
-#include "sysincludes.h"
-
-#define SHA1_DIGEST_SIZE 20
-#define SHA1_BLOCK_SIZE 64
-
-#define SHA256_DIGEST_SIZE 32
-#define SHA256_BLOCK_SIZE 64
-
-#define SHA512_DIGEST_SIZE 64
-#define SHA512_BLOCK_SIZE 128
-
-typedef struct SHA1_CTX {
-  uint64_t count;
-  uint32_t state[5];
-#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN)
-  union {
-    uint8_t b[64];
-    uint32_t w[16];
-  } buf;
-#else
-  uint8_t buf[64];
-#endif
-} SHA1_CTX;
-
-typedef struct {
-  uint32_t h[8];
-  uint32_t tot_len;
-  uint32_t len;
-  uint8_t block[2 * SHA256_BLOCK_SIZE];
-  uint8_t buf[SHA256_DIGEST_SIZE];  /* Used for storing the final digest. */
-} VB_SHA256_CTX;
-
-typedef struct {
-  uint64_t h[8];
-  uint32_t tot_len;
-  uint32_t len;
-  uint8_t block[2 * SHA512_BLOCK_SIZE];
-  uint8_t buf[SHA512_DIGEST_SIZE];  /* Used for storing the final digest. */
-} VB_SHA512_CTX;
-
-
-void SHA1_init(SHA1_CTX* ctx);
-void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len);
-uint8_t* SHA1_final(SHA1_CTX* ctx);
-
-void SHA256_init(VB_SHA256_CTX* ctx);
-void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len);
-uint8_t* SHA256_final(VB_SHA256_CTX* ctx);
-
-void SHA512_init(VB_SHA512_CTX* ctx);
-void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data, uint32_t len);
-uint8_t* SHA512_final(VB_SHA512_CTX* ctx);
-
-/* Convenience function for SHA-1.  Computes hash on [data] of length [len].
- * and stores it into [digest]. [digest] should be pre-allocated to
- * SHA1_DIGEST_SIZE bytes.
- */
-uint8_t* internal_SHA1(const uint8_t* data, uint64_t len, uint8_t* digest);
-
-/* Convenience function for SHA-256.  Computes hash on [data] of length [len].
- * and stores it into [digest]. [digest] should be pre-allocated to
- * SHA256_DIGEST_SIZE bytes.
- */
-uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest);
-
-/* Convenience function for SHA-512.  Computes hash on [data] of length [len].
- * and stores it into [digest]. [digest] should be pre-allocated to
- * SHA512_DIGEST_SIZE bytes.
- */
-uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
-
-
-/*---- Utility functions/wrappers for message digests. */
-
-#define SHA1_DIGEST_ALGORITHM 0
-#define SHA256_DIGEST_ALGORITHM 1
-#define SHA512_DIGEST_ALGORITHM 2
-
-/* A generic digest context structure which can be used to represent
- * the SHA*_CTX for multiple digest algorithms.
- */
-typedef struct DigestContext {
-  SHA1_CTX* sha1_ctx;
-  VB_SHA256_CTX* sha256_ctx;
-  VB_SHA512_CTX* sha512_ctx;
-  int algorithm;  /* Hashing algorithm to use. */
-} DigestContext;
-
-/* Wrappers for message digest algorithms. These are useful when the hashing
- * operation is being done in parallel with something else. DigestContext tracks
- * and stores the state of any digest algorithm (one at any given time).
- */
-
-/* Initialize a digest context for use with signature algorithm [algorithm]. */
-void DigestInit(DigestContext* ctx, int sig_algorithm);
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len);
-
-/* Caller owns the returned digest and must free it. */
-uint8_t* DigestFinal(DigestContext* ctx);
-
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
-
-/* Returns the appropriate digest of [buf] of length
- * [len] based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
- */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm);
-
-
-#endif  /* VBOOT_REFERENCE_SHA_H_ */
index 4fc939a..859e230 100644 (file)
@@ -1,12 +1,18 @@
+/* Copyright 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
 /*
- * DO NOT MODIFY THIS FILE DIRECTLY.
- *
- * This file is automatically generated by genpadding.sh and contains padding
- * arrays corresponding to various combinations of algorithms for RSA signatures.
+ * This file was automatically generated by genpadding.sh and contains padding
+ * arrays corresponding to various combinations of algorithms for RSA
+ * signatures.  It will go away soon, as we convert to vboot2 code.
  */
 
 #include "sysincludes.h"
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 
 
 
 #ifndef CHROMEOS_EC
 /* Algorithm Type 0 */
-const uint8_t paddingRSA1024_SHA1[RSA1024NUMBYTES - SHA1_DIGEST_SIZE] = {
+const uint8_t paddingRSA1024_SHA1[RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14
 };
 
 /* Algorithm Type 1 */
-const uint8_t paddingRSA1024_SHA256[RSA1024NUMBYTES - SHA256_DIGEST_SIZE] = {
+const uint8_t paddingRSA1024_SHA256[RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20
 };
 
 /* Algorithm Type 2 */
-const uint8_t paddingRSA1024_SHA512[RSA1024NUMBYTES - SHA512_DIGEST_SIZE] = {
+const uint8_t paddingRSA1024_SHA512[RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40
 };
 
 /* Algorithm Type 3 */
-const uint8_t paddingRSA2048_SHA1[RSA2048NUMBYTES - SHA1_DIGEST_SIZE] = {
+const uint8_t paddingRSA2048_SHA1[RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14
 };
 
 /* Algorithm Type 4 */
-const uint8_t paddingRSA2048_SHA256[RSA2048NUMBYTES - SHA256_DIGEST_SIZE] = {
+const uint8_t paddingRSA2048_SHA256[RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20
 };
 
 /* Algorithm Type 5 */
-const uint8_t paddingRSA2048_SHA512[RSA2048NUMBYTES - SHA512_DIGEST_SIZE] = {
+const uint8_t paddingRSA2048_SHA512[RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40
 };
 
 /* Algorithm Type 6 */
-const uint8_t paddingRSA4096_SHA1[RSA4096NUMBYTES - SHA1_DIGEST_SIZE] = {
+const uint8_t paddingRSA4096_SHA1[RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14
 };
 
 /* Algorithm Type 7 */
-const uint8_t paddingRSA4096_SHA256[RSA4096NUMBYTES - SHA256_DIGEST_SIZE] = {
+const uint8_t paddingRSA4096_SHA256[RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20
 };
 
 /* Algorithm Type 8 */
-const uint8_t paddingRSA4096_SHA512[RSA4096NUMBYTES - SHA512_DIGEST_SIZE] = {
+const uint8_t paddingRSA4096_SHA512[RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40
 };
 
 /* Algorithm Type 9 */
-const uint8_t paddingRSA8192_SHA1[RSA8192NUMBYTES - SHA1_DIGEST_SIZE] = {
+const uint8_t paddingRSA8192_SHA1[RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05,0x00,0x04,0x14
 };
 
 /* Algorithm Type 10 */
-const uint8_t paddingRSA8192_SHA256[RSA8192NUMBYTES - SHA256_DIGEST_SIZE] = {
+const uint8_t paddingRSA8192_SHA256[RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,0x00,0x04,0x20
 };
 
 /* Algorithm Type 11 */
-const uint8_t paddingRSA8192_SHA512[RSA8192NUMBYTES - SHA512_DIGEST_SIZE] = {
+const uint8_t paddingRSA8192_SHA512[RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE] = {
 0x00,0x01,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x00,0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,0x00,0x04,0x40
 };
 
@@ -164,63 +170,18 @@ paddingRSA8192_SHA512,
 };
 
 const int padding_size_map[NUMALGORITHMS] = {
-RSA1024NUMBYTES - SHA1_DIGEST_SIZE,
-RSA1024NUMBYTES - SHA256_DIGEST_SIZE,
-RSA1024NUMBYTES - SHA512_DIGEST_SIZE,
-RSA2048NUMBYTES - SHA1_DIGEST_SIZE,
-RSA2048NUMBYTES - SHA256_DIGEST_SIZE,
-RSA2048NUMBYTES - SHA512_DIGEST_SIZE,
-RSA4096NUMBYTES - SHA1_DIGEST_SIZE,
-RSA4096NUMBYTES - SHA256_DIGEST_SIZE,
-RSA4096NUMBYTES - SHA512_DIGEST_SIZE,
-RSA8192NUMBYTES - SHA1_DIGEST_SIZE,
-RSA8192NUMBYTES - SHA256_DIGEST_SIZE,
-RSA8192NUMBYTES - SHA512_DIGEST_SIZE,
-};
-
-const int hash_type_map[] = {
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-SHA1_DIGEST_ALGORITHM,
-SHA256_DIGEST_ALGORITHM,
-SHA512_DIGEST_ALGORITHM,
-};
-
-const int hash_size_map[NUMALGORITHMS] = {
-SHA1_DIGEST_SIZE,
-SHA256_DIGEST_SIZE,
-SHA512_DIGEST_SIZE,
-SHA1_DIGEST_SIZE,
-SHA256_DIGEST_SIZE,
-SHA512_DIGEST_SIZE,
-SHA1_DIGEST_SIZE,
-SHA256_DIGEST_SIZE,
-SHA512_DIGEST_SIZE,
-SHA1_DIGEST_SIZE,
-SHA256_DIGEST_SIZE,
-SHA512_DIGEST_SIZE,
-};
-
-const int hash_blocksize_map[NUMALGORITHMS] = {
-SHA1_BLOCK_SIZE,
-SHA256_BLOCK_SIZE,
-SHA512_BLOCK_SIZE,
-SHA1_BLOCK_SIZE,
-SHA256_BLOCK_SIZE,
-SHA512_BLOCK_SIZE,
-SHA1_BLOCK_SIZE,
-SHA256_BLOCK_SIZE,
-SHA512_BLOCK_SIZE,
-SHA1_BLOCK_SIZE,
-SHA256_BLOCK_SIZE,
-SHA512_BLOCK_SIZE,
+RSA1024NUMBYTES - VB2_SHA1_DIGEST_SIZE,
+RSA1024NUMBYTES - VB2_SHA256_DIGEST_SIZE,
+RSA1024NUMBYTES - VB2_SHA512_DIGEST_SIZE,
+RSA2048NUMBYTES - VB2_SHA1_DIGEST_SIZE,
+RSA2048NUMBYTES - VB2_SHA256_DIGEST_SIZE,
+RSA2048NUMBYTES - VB2_SHA512_DIGEST_SIZE,
+RSA4096NUMBYTES - VB2_SHA1_DIGEST_SIZE,
+RSA4096NUMBYTES - VB2_SHA256_DIGEST_SIZE,
+RSA4096NUMBYTES - VB2_SHA512_DIGEST_SIZE,
+RSA8192NUMBYTES - VB2_SHA1_DIGEST_SIZE,
+RSA8192NUMBYTES - VB2_SHA256_DIGEST_SIZE,
+RSA8192NUMBYTES - VB2_SHA512_DIGEST_SIZE,
 };
 
 const uint8_t* const hash_digestinfo_map[NUMALGORITHMS] = {
index f6eefe2..1195da0 100644 (file)
@@ -6,7 +6,10 @@
  */
 
 #include "sysincludes.h"
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "stateful_util.h"
 #include "utility.h"
@@ -87,10 +90,10 @@ int RSAVerifyBinary_f(const uint8_t* key_blob,
                       const uint8_t* sig,
                       unsigned int algorithm) {
   RSAPublicKey* verification_key = NULL;
-  uint8_t* digest = NULL;
+  uint8_t digest[VB2_MAX_DIGEST_SIZE];
   uint64_t key_size;
   int sig_size;
-  int success;
+  int success = 0;
 
   if (algorithm >= (unsigned int)kNumAlgorithms)
     return 0;  /* Invalid algorithm. */
@@ -109,13 +112,15 @@ int RSAVerifyBinary_f(const uint8_t* key_blob,
   if (!verification_key)
     return 0;
 
-  digest = DigestBuf(buf, len, algorithm);
-  success = RSAVerify(verification_key, sig, (uint32_t)sig_size,
-                      (uint8_t)algorithm, digest);
+  if (VB2_SUCCESS == vb2_digest_buffer(buf, len, vb2_crypto_to_hash(algorithm),
+                                      digest, sizeof(digest))) {
+         success = RSAVerify(verification_key, sig, (uint32_t)sig_size,
+                             (uint8_t)algorithm, digest);
+  }
 
-  VbExFree(digest);
   if (!key)
     RSAPublicKeyFree(verification_key);  /* Only free if we allocated it. */
+
   return success;
 }
 
diff --git a/firmware/lib/cryptolib/sha1.c b/firmware/lib/cryptolib/sha1.c
deleted file mode 100644 (file)
index b34b8a9..0000000
+++ /dev/null
@@ -1,289 +0,0 @@
-/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * SHA-1 implementation largely based on libmincrypt in the the Android
- * Open Source Project (platorm/system/core.git/libmincrypt/sha.c
- */
-
-#include "sysincludes.h"
-
-#include "cryptolib.h"
-#include "utility.h"
-
-
-/* Some machines lack byteswap.h and endian.h. These have to use the
- * slower code, even if they're little-endian.
- */
-
-#if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN)
-
-/* This version is about 28% faster than the generic version below,
- * but assumes little-endianness.
- */
-static uint32_t ror27(uint32_t val) {
-  return (val >> 27) | (val << 5);
-}
-static uint32_t ror2(uint32_t val) {
-  return (val >> 2) | (val << 30);
-}
-static uint32_t ror31(uint32_t val) {
-  return (val >> 31) | (val << 1);
-}
-
-static void SHA1_Transform(SHA1_CTX* ctx) {
-  uint32_t W[80];
-  register uint32_t A, B, C, D, E;
-  int t;
-
-  A = ctx->state[0];
-  B = ctx->state[1];
-  C = ctx->state[2];
-  D = ctx->state[3];
-  E = ctx->state[4];
-
-#define SHA_F1(A,B,C,D,E,t)                     \
-  E += ror27(A) +                               \
-      (W[t] = bswap_32(ctx->buf.w[t])) +        \
-      (D^(B&(C^D))) + 0x5A827999;               \
-  B = ror2(B);
-
-  for (t = 0; t < 15; t += 5) {
-    SHA_F1(A,B,C,D,E,t + 0);
-    SHA_F1(E,A,B,C,D,t + 1);
-    SHA_F1(D,E,A,B,C,t + 2);
-    SHA_F1(C,D,E,A,B,t + 3);
-    SHA_F1(B,C,D,E,A,t + 4);
-  }
-  SHA_F1(A,B,C,D,E,t + 0);  /* 16th one, t == 15 */
-
-#undef SHA_F1
-
-#define SHA_F1(A,B,C,D,E,t)                                     \
-  E += ror27(A) +                                               \
-      (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) +     \
-      (D^(B&(C^D))) + 0x5A827999;                               \
-  B = ror2(B);
-
-  SHA_F1(E,A,B,C,D,t + 1);
-  SHA_F1(D,E,A,B,C,t + 2);
-  SHA_F1(C,D,E,A,B,t + 3);
-  SHA_F1(B,C,D,E,A,t + 4);
-
-#undef SHA_F1
-
-#define SHA_F2(A,B,C,D,E,t)                                     \
-  E += ror27(A) +                                               \
-      (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) +     \
-      (B^C^D) + 0x6ED9EBA1;                                     \
-  B = ror2(B);
-
-  for (t = 20; t < 40; t += 5) {
-    SHA_F2(A,B,C,D,E,t + 0);
-    SHA_F2(E,A,B,C,D,t + 1);
-    SHA_F2(D,E,A,B,C,t + 2);
-    SHA_F2(C,D,E,A,B,t + 3);
-    SHA_F2(B,C,D,E,A,t + 4);
-  }
-
-#undef SHA_F2
-
-#define SHA_F3(A,B,C,D,E,t)                                     \
-  E += ror27(A) +                                               \
-      (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) +     \
-      ((B&C)|(D&(B|C))) + 0x8F1BBCDC;                           \
-  B = ror2(B);
-
-  for (; t < 60; t += 5) {
-    SHA_F3(A,B,C,D,E,t + 0);
-    SHA_F3(E,A,B,C,D,t + 1);
-    SHA_F3(D,E,A,B,C,t + 2);
-    SHA_F3(C,D,E,A,B,t + 3);
-    SHA_F3(B,C,D,E,A,t + 4);
-  }
-
-#undef SHA_F3
-
-#define SHA_F4(A,B,C,D,E,t)                                     \
-  E += ror27(A) +                                               \
-      (W[t] = ror31(W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16])) +     \
-      (B^C^D) + 0xCA62C1D6;                                     \
-  B = ror2(B);
-
-  for (; t < 80; t += 5) {
-    SHA_F4(A,B,C,D,E,t + 0);
-    SHA_F4(E,A,B,C,D,t + 1);
-    SHA_F4(D,E,A,B,C,t + 2);
-    SHA_F4(C,D,E,A,B,t + 3);
-    SHA_F4(B,C,D,E,A,t + 4);
-  }
-
-#undef SHA_F4
-
-  ctx->state[0] += A;
-  ctx->state[1] += B;
-  ctx->state[2] += C;
-  ctx->state[3] += D;
-  ctx->state[4] += E;
-}
-
-void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len) {
-  int i = ctx->count % sizeof(ctx->buf);
-  const uint8_t* p = (const uint8_t*)data;
-
-  ctx->count += len;
-
-  while (len > sizeof(ctx->buf) - i) {
-    Memcpy(&ctx->buf.b[i], p, sizeof(ctx->buf) - i);
-    len -= sizeof(ctx->buf) - i;
-    p += sizeof(ctx->buf) - i;
-    SHA1_Transform(ctx);
-    i = 0;
-  }
-
-  while (len--) {
-    ctx->buf.b[i++] = *p++;
-    if (i == sizeof(ctx->buf)) {
-      SHA1_Transform(ctx);
-      i = 0;
-    }
-  }
-}
-
-
-uint8_t* SHA1_final(SHA1_CTX* ctx) {
-  uint64_t cnt = ctx->count * 8;
-  int i;
-
-  SHA1_update(ctx, (uint8_t*)"\x80", 1);
-  while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8)) {
-    SHA1_update(ctx, (uint8_t*)"\0", 1);
-  }
-  for (i = 0; i < 8; ++i) {
-    uint8_t tmp = cnt >> ((7 - i) * 8);
-    SHA1_update(ctx, &tmp, 1);
-  }
-
-  for (i = 0; i < 5; i++) {
-    ctx->buf.w[i] = bswap_32(ctx->state[i]);
-  }
-
-  return ctx->buf.b;
-}
-
-#else   /* #if defined(HAVE_ENDIAN_H) && defined(HAVE_LITTLE_ENDIAN) */
-
-#define rol(bits, value) (((value) << (bits)) | ((value) >> (32 - (bits))))
-
-static void SHA1_transform(SHA1_CTX *ctx) {
-  uint32_t W[80];
-  uint32_t A, B, C, D, E;
-  uint8_t *p = ctx->buf;
-  int t;
-
-  for(t = 0; t < 16; ++t) {
-    uint32_t tmp =  *p++ << 24;
-    tmp |= *p++ << 16;
-    tmp |= *p++ << 8;
-    tmp |= *p++;
-    W[t] = tmp;
-  }
-
-  for(; t < 80; t++) {
-    W[t] = rol(1,W[t-3] ^ W[t-8] ^ W[t-14] ^ W[t-16]);
-  }
-
-  A = ctx->state[0];
-  B = ctx->state[1];
-  C = ctx->state[2];
-  D = ctx->state[3];
-  E = ctx->state[4];
-
-  for(t = 0; t < 80; t++) {
-    uint32_t tmp = rol(5,A) + E + W[t];
-
-    if (t < 20)
-      tmp += (D^(B&(C^D))) + 0x5A827999;
-    else if ( t < 40)
-      tmp += (B^C^D) + 0x6ED9EBA1;
-    else if ( t < 60)
-      tmp += ((B&C)|(D&(B|C))) + 0x8F1BBCDC;
-    else
-      tmp += (B^C^D) + 0xCA62C1D6;
-
-    E = D;
-    D = C;
-    C = rol(30,B);
-    B = A;
-    A = tmp;
-  }
-
-  ctx->state[0] += A;
-  ctx->state[1] += B;
-  ctx->state[2] += C;
-  ctx->state[3] += D;
-  ctx->state[4] += E;
-}
-
-void SHA1_update(SHA1_CTX *ctx, const uint8_t *data, uint64_t len) {
-  int i = (int)(ctx->count % sizeof(ctx->buf));
-  const uint8_t* p = (const uint8_t*) data;
-
-  ctx->count += len;
-
-  while (len--) {
-    ctx->buf[i++] = *p++;
-    if (i == sizeof(ctx->buf)) {
-      SHA1_transform(ctx);
-      i = 0;
-    }
-  }
-}
-uint8_t* SHA1_final(SHA1_CTX *ctx) {
-  uint8_t *p = ctx->buf;
-  uint64_t cnt = ctx->count << 3;
-  int i;
-
-  SHA1_update(ctx, (uint8_t*)"\x80", 1);
-  while ((ctx->count % sizeof(ctx->buf)) != (sizeof(ctx->buf) - 8)) {
-    SHA1_update(ctx, (uint8_t*)"\0", 1);
-  }
-  for (i = 0; i < 8; ++i) {
-    uint8_t tmp = (uint8_t)((uint64_t)cnt >> ((7 - i) * 8));
-    SHA1_update(ctx, &tmp, 1);
-  }
-
-  for (i = 0; i < 5; i++) {
-    uint32_t tmp = ctx->state[i];
-    *p++ = (uint8_t)(tmp >> 24);
-    *p++ = (uint8_t)(tmp >> 16);
-    *p++ = (uint8_t)(tmp >> 8);
-    *p++ = (uint8_t)(tmp >> 0);
-  }
-
-  return ctx->buf;
-}
-
-#endif /* endianness */
-
-void SHA1_init(SHA1_CTX* ctx) {
-  ctx->state[0] = 0x67452301;
-  ctx->state[1] = 0xEFCDAB89;
-  ctx->state[2] = 0x98BADCFE;
-  ctx->state[3] = 0x10325476;
-  ctx->state[4] = 0xC3D2E1F0;
-  ctx->count = 0;
-}
-
-uint8_t* internal_SHA1(const uint8_t *data, uint64_t len, uint8_t *digest) {
-  const uint8_t *p;
-  int i;
-  SHA1_CTX ctx;
-  SHA1_init(&ctx);
-  SHA1_update(&ctx, data, len);
-  p = SHA1_final(&ctx);
-  for (i = 0; i < SHA1_DIGEST_SIZE; ++i) {
-    digest[i] = *p++;
-  }
-  return digest;
-}
diff --git a/firmware/lib/cryptolib/sha256.c b/firmware/lib/cryptolib/sha256.c
deleted file mode 100644 (file)
index 128e356..0000000
+++ /dev/null
@@ -1,342 +0,0 @@
-/* SHA-256 and SHA-512 implementation based on code by Oliver Gay
- * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below.
- */
-
-/*
- * FIPS 180-2 SHA-224/256/384/512 implementation
- * Last update: 02/02/2007
- * Issue date:  04/30/2005
- *
- * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "sysincludes.h"
-
-#include "cryptolib.h"
-#include "utility.h"
-
-#define SHFR(x, n)    (x >> n)
-#define ROTR(x, n)   ((x >> n) | (x << ((sizeof(x) << 3) - n)))
-#define ROTL(x, n)   ((x << n) | (x >> ((sizeof(x) << 3) - n)))
-#define CH(x, y, z)  ((x & y) ^ (~x & z))
-#define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
-
-#define SHA256_F1(x) (ROTR(x,  2) ^ ROTR(x, 13) ^ ROTR(x, 22))
-#define SHA256_F2(x) (ROTR(x,  6) ^ ROTR(x, 11) ^ ROTR(x, 25))
-#define SHA256_F3(x) (ROTR(x,  7) ^ ROTR(x, 18) ^ SHFR(x,  3))
-#define SHA256_F4(x) (ROTR(x, 17) ^ ROTR(x, 19) ^ SHFR(x, 10))
-
-#define UNPACK32(x, str)                        \
-  {                                             \
-    *((str) + 3) = (uint8_t) ((x)      );       \
-    *((str) + 2) = (uint8_t) ((x) >>  8);       \
-    *((str) + 1) = (uint8_t) ((x) >> 16);       \
-    *((str) + 0) = (uint8_t) ((x) >> 24);       \
-  }
-
-#define PACK32(str, x)                          \
-  {                                             \
-    *(x) =   ((uint32_t) *((str) + 3)      )    \
-        | ((uint32_t) *((str) + 2) <<  8)       \
-        | ((uint32_t) *((str) + 1) << 16)       \
-        | ((uint32_t) *((str) + 0) << 24);      \
-  }
-
-/* Macros used for loops unrolling */
-
-#define SHA256_SCR(i)                         \
-  {                                           \
-    w[i] =  SHA256_F4(w[i -  2]) + w[i -  7]  \
-        + SHA256_F3(w[i - 15]) + w[i - 16];   \
-  }
-
-#define SHA256_EXP(a, b, c, d, e, f, g, h, j)               \
-  {                                                         \
-    t1 = wv[h] + SHA256_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \
-        + sha256_k[j] + w[j];                               \
-    t2 = SHA256_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]);       \
-    wv[d] += t1;                                            \
-    wv[h] = t1 + t2;                                        \
-  }
-
-static const uint32_t sha256_h0[8] = {
-  0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a,
-  0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19};
-
-static const uint32_t sha256_k[64] = {
-  0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
-  0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
-  0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
-  0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
-  0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
-  0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
-  0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
-  0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
-  0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
-  0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
-  0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
-  0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
-  0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
-  0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
-  0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
-  0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2};
-
-
-/* SHA-256 implementation */
-void SHA256_init(VB_SHA256_CTX *ctx) {
-#ifndef UNROLL_LOOPS
-    int i;
-    for (i = 0; i < 8; i++) {
-        ctx->h[i] = sha256_h0[i];
-    }
-#else
-    ctx->h[0] = sha256_h0[0]; ctx->h[1] = sha256_h0[1];
-    ctx->h[2] = sha256_h0[2]; ctx->h[3] = sha256_h0[3];
-    ctx->h[4] = sha256_h0[4]; ctx->h[5] = sha256_h0[5];
-    ctx->h[6] = sha256_h0[6]; ctx->h[7] = sha256_h0[7];
-#endif /* !UNROLL_LOOPS */
-
-    ctx->len = 0;
-    ctx->tot_len = 0;
-}
-
-
-static void SHA256_transform(VB_SHA256_CTX* ctx, const uint8_t* message,
-                             unsigned int block_nb) {
-  uint32_t w[64];
-  uint32_t wv[8];
-  uint32_t t1, t2;
-  const unsigned char *sub_block;
-  int i;
-
-#ifndef UNROLL_LOOPS
-  int j;
-#endif
-
-  for (i = 0; i < (int) block_nb; i++) {
-    sub_block = message + (i << 6);
-
-#ifndef UNROLL_LOOPS
-    for (j = 0; j < 16; j++) {
-      PACK32(&sub_block[j << 2], &w[j]);
-    }
-
-    for (j = 16; j < 64; j++) {
-      SHA256_SCR(j);
-    }
-
-    for (j = 0; j < 8; j++) {
-      wv[j] = ctx->h[j];
-    }
-
-    for (j = 0; j < 64; j++) {
-      t1 = wv[7] + SHA256_F2(wv[4]) + CH(wv[4], wv[5], wv[6])
-          + sha256_k[j] + w[j];
-      t2 = SHA256_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]);
-      wv[7] = wv[6];
-      wv[6] = wv[5];
-      wv[5] = wv[4];
-      wv[4] = wv[3] + t1;
-      wv[3] = wv[2];
-      wv[2] = wv[1];
-      wv[1] = wv[0];
-      wv[0] = t1 + t2;
-    }
-
-    for (j = 0; j < 8; j++) {
-      ctx->h[j] += wv[j];
-    }
-#else
-    PACK32(&sub_block[ 0], &w[ 0]); PACK32(&sub_block[ 4], &w[ 1]);
-    PACK32(&sub_block[ 8], &w[ 2]); PACK32(&sub_block[12], &w[ 3]);
-    PACK32(&sub_block[16], &w[ 4]); PACK32(&sub_block[20], &w[ 5]);
-    PACK32(&sub_block[24], &w[ 6]); PACK32(&sub_block[28], &w[ 7]);
-    PACK32(&sub_block[32], &w[ 8]); PACK32(&sub_block[36], &w[ 9]);
-    PACK32(&sub_block[40], &w[10]); PACK32(&sub_block[44], &w[11]);
-    PACK32(&sub_block[48], &w[12]); PACK32(&sub_block[52], &w[13]);
-    PACK32(&sub_block[56], &w[14]); PACK32(&sub_block[60], &w[15]);
-
-    SHA256_SCR(16); SHA256_SCR(17); SHA256_SCR(18); SHA256_SCR(19);
-    SHA256_SCR(20); SHA256_SCR(21); SHA256_SCR(22); SHA256_SCR(23);
-    SHA256_SCR(24); SHA256_SCR(25); SHA256_SCR(26); SHA256_SCR(27);
-    SHA256_SCR(28); SHA256_SCR(29); SHA256_SCR(30); SHA256_SCR(31);
-    SHA256_SCR(32); SHA256_SCR(33); SHA256_SCR(34); SHA256_SCR(35);
-    SHA256_SCR(36); SHA256_SCR(37); SHA256_SCR(38); SHA256_SCR(39);
-    SHA256_SCR(40); SHA256_SCR(41); SHA256_SCR(42); SHA256_SCR(43);
-    SHA256_SCR(44); SHA256_SCR(45); SHA256_SCR(46); SHA256_SCR(47);
-    SHA256_SCR(48); SHA256_SCR(49); SHA256_SCR(50); SHA256_SCR(51);
-    SHA256_SCR(52); SHA256_SCR(53); SHA256_SCR(54); SHA256_SCR(55);
-    SHA256_SCR(56); SHA256_SCR(57); SHA256_SCR(58); SHA256_SCR(59);
-    SHA256_SCR(60); SHA256_SCR(61); SHA256_SCR(62); SHA256_SCR(63);
-
-    wv[0] = ctx->h[0]; wv[1] = ctx->h[1];
-    wv[2] = ctx->h[2]; wv[3] = ctx->h[3];
-    wv[4] = ctx->h[4]; wv[5] = ctx->h[5];
-    wv[6] = ctx->h[6]; wv[7] = ctx->h[7];
-
-    SHA256_EXP(0,1,2,3,4,5,6,7, 0); SHA256_EXP(7,0,1,2,3,4,5,6, 1);
-    SHA256_EXP(6,7,0,1,2,3,4,5, 2); SHA256_EXP(5,6,7,0,1,2,3,4, 3);
-    SHA256_EXP(4,5,6,7,0,1,2,3, 4); SHA256_EXP(3,4,5,6,7,0,1,2, 5);
-    SHA256_EXP(2,3,4,5,6,7,0,1, 6); SHA256_EXP(1,2,3,4,5,6,7,0, 7);
-    SHA256_EXP(0,1,2,3,4,5,6,7, 8); SHA256_EXP(7,0,1,2,3,4,5,6, 9);
-    SHA256_EXP(6,7,0,1,2,3,4,5,10); SHA256_EXP(5,6,7,0,1,2,3,4,11);
-    SHA256_EXP(4,5,6,7,0,1,2,3,12); SHA256_EXP(3,4,5,6,7,0,1,2,13);
-    SHA256_EXP(2,3,4,5,6,7,0,1,14); SHA256_EXP(1,2,3,4,5,6,7,0,15);
-    SHA256_EXP(0,1,2,3,4,5,6,7,16); SHA256_EXP(7,0,1,2,3,4,5,6,17);
-    SHA256_EXP(6,7,0,1,2,3,4,5,18); SHA256_EXP(5,6,7,0,1,2,3,4,19);
-    SHA256_EXP(4,5,6,7,0,1,2,3,20); SHA256_EXP(3,4,5,6,7,0,1,2,21);
-    SHA256_EXP(2,3,4,5,6,7,0,1,22); SHA256_EXP(1,2,3,4,5,6,7,0,23);
-    SHA256_EXP(0,1,2,3,4,5,6,7,24); SHA256_EXP(7,0,1,2,3,4,5,6,25);
-    SHA256_EXP(6,7,0,1,2,3,4,5,26); SHA256_EXP(5,6,7,0,1,2,3,4,27);
-    SHA256_EXP(4,5,6,7,0,1,2,3,28); SHA256_EXP(3,4,5,6,7,0,1,2,29);
-    SHA256_EXP(2,3,4,5,6,7,0,1,30); SHA256_EXP(1,2,3,4,5,6,7,0,31);
-    SHA256_EXP(0,1,2,3,4,5,6,7,32); SHA256_EXP(7,0,1,2,3,4,5,6,33);
-    SHA256_EXP(6,7,0,1,2,3,4,5,34); SHA256_EXP(5,6,7,0,1,2,3,4,35);
-    SHA256_EXP(4,5,6,7,0,1,2,3,36); SHA256_EXP(3,4,5,6,7,0,1,2,37);
-    SHA256_EXP(2,3,4,5,6,7,0,1,38); SHA256_EXP(1,2,3,4,5,6,7,0,39);
-    SHA256_EXP(0,1,2,3,4,5,6,7,40); SHA256_EXP(7,0,1,2,3,4,5,6,41);
-    SHA256_EXP(6,7,0,1,2,3,4,5,42); SHA256_EXP(5,6,7,0,1,2,3,4,43);
-    SHA256_EXP(4,5,6,7,0,1,2,3,44); SHA256_EXP(3,4,5,6,7,0,1,2,45);
-    SHA256_EXP(2,3,4,5,6,7,0,1,46); SHA256_EXP(1,2,3,4,5,6,7,0,47);
-    SHA256_EXP(0,1,2,3,4,5,6,7,48); SHA256_EXP(7,0,1,2,3,4,5,6,49);
-    SHA256_EXP(6,7,0,1,2,3,4,5,50); SHA256_EXP(5,6,7,0,1,2,3,4,51);
-    SHA256_EXP(4,5,6,7,0,1,2,3,52); SHA256_EXP(3,4,5,6,7,0,1,2,53);
-    SHA256_EXP(2,3,4,5,6,7,0,1,54); SHA256_EXP(1,2,3,4,5,6,7,0,55);
-    SHA256_EXP(0,1,2,3,4,5,6,7,56); SHA256_EXP(7,0,1,2,3,4,5,6,57);
-    SHA256_EXP(6,7,0,1,2,3,4,5,58); SHA256_EXP(5,6,7,0,1,2,3,4,59);
-    SHA256_EXP(4,5,6,7,0,1,2,3,60); SHA256_EXP(3,4,5,6,7,0,1,2,61);
-    SHA256_EXP(2,3,4,5,6,7,0,1,62); SHA256_EXP(1,2,3,4,5,6,7,0,63);
-
-    ctx->h[0] += wv[0]; ctx->h[1] += wv[1];
-    ctx->h[2] += wv[2]; ctx->h[3] += wv[3];
-    ctx->h[4] += wv[4]; ctx->h[5] += wv[5];
-    ctx->h[6] += wv[6]; ctx->h[7] += wv[7];
-#endif /* !UNROLL_LOOPS */
-  }
-}
-
-
-
-void SHA256_update(VB_SHA256_CTX* ctx, const uint8_t* data, uint32_t len) {
-    unsigned int block_nb;
-    unsigned int new_len, rem_len, tmp_len;
-    const uint8_t *shifted_data;
-
-    tmp_len = SHA256_BLOCK_SIZE - ctx->len;
-    rem_len = len < tmp_len ? len : tmp_len;
-
-    Memcpy(&ctx->block[ctx->len], data, rem_len);
-
-    if (ctx->len + len < SHA256_BLOCK_SIZE) {
-        ctx->len += len;
-        return;
-    }
-
-    new_len = len - rem_len;
-    block_nb = new_len / SHA256_BLOCK_SIZE;
-
-    shifted_data = data + rem_len;
-
-    SHA256_transform(ctx, ctx->block, 1);
-    SHA256_transform(ctx, shifted_data, block_nb);
-
-    rem_len = new_len % SHA256_BLOCK_SIZE;
-
-    Memcpy(ctx->block, &shifted_data[block_nb << 6],
-           rem_len);
-
-    ctx->len = rem_len;
-    ctx->tot_len += (block_nb + 1) << 6;
-}
-
-uint8_t* SHA256_final(VB_SHA256_CTX* ctx) {
-    unsigned int block_nb;
-    unsigned int pm_len;
-    unsigned int len_b;
-#ifndef UNROLL_LOOPS
-    int i;
-#endif
-
-    block_nb = (1 + ((SHA256_BLOCK_SIZE - 9)
-                     < (ctx->len % SHA256_BLOCK_SIZE)));
-
-    len_b = (ctx->tot_len + ctx->len) << 3;
-    pm_len = block_nb << 6;
-
-    Memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
-    ctx->block[ctx->len] = 0x80;
-    UNPACK32(len_b, ctx->block + pm_len - 4);
-
-    SHA256_transform(ctx, ctx->block, block_nb);
-
-#ifndef UNROLL_LOOPS
-    for (i = 0 ; i < 8; i++) {
-        UNPACK32(ctx->h[i], &ctx->buf[i << 2]);
-    }
-#else
-   UNPACK32(ctx->h[0], &ctx->buf[ 0]);
-   UNPACK32(ctx->h[1], &ctx->buf[ 4]);
-   UNPACK32(ctx->h[2], &ctx->buf[ 8]);
-   UNPACK32(ctx->h[3], &ctx->buf[12]);
-   UNPACK32(ctx->h[4], &ctx->buf[16]);
-   UNPACK32(ctx->h[5], &ctx->buf[20]);
-   UNPACK32(ctx->h[6], &ctx->buf[24]);
-   UNPACK32(ctx->h[7], &ctx->buf[28]);
-#endif /* !UNROLL_LOOPS */
-
-   return ctx->buf;
-}
-
-uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) {
-  const uint8_t* input_ptr;
-  const uint8_t* result;
-  uint64_t remaining_len;
-  int i;
-  VB_SHA256_CTX ctx;
-
-  SHA256_init(&ctx);
-
-  input_ptr = data;
-  remaining_len = len;
-
-  /* Process data in at most UINT32_MAX byte chunks at a time. */
-  while (remaining_len) {
-    uint32_t block_size;
-    block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ?
-                             UINT32_MAX : remaining_len);
-    SHA256_update(&ctx, input_ptr, block_size);
-    remaining_len -= block_size;
-    input_ptr += block_size;
-  }
-
-  result = SHA256_final(&ctx);
-  for (i = 0; i < SHA256_DIGEST_SIZE; ++i) {
-    digest[i] = *result++;
-  }
-  return digest;
-}
diff --git a/firmware/lib/cryptolib/sha512.c b/firmware/lib/cryptolib/sha512.c
deleted file mode 100644 (file)
index 33d47a1..0000000
+++ /dev/null
@@ -1,365 +0,0 @@
-/* SHA-256 and SHA-512 implementation based on code by Oliver Gay
- * <olivier.gay@a3.epfl.ch> under a BSD-style license. See below.
- */
-
-/*
- * FIPS 180-2 SHA-224/256/384/512 implementation
- * Last update: 02/02/2007
- * Issue date:  04/30/2005
- *
- * Copyright (C) 2005, 2007 Olivier Gay <olivier.gay@a3.epfl.ch>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. Neither the name of the project nor the names of its contributors
- *    may be used to endorse or promote products derived from this software
- *    without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "sysincludes.h"
-
-#include "cryptolib.h"
-#include "utility.h"
-
-#define SHFR(x, n)    (x >> n)
-#define ROTR(x, n)   ((x >> n) | (x << ((sizeof(x) << 3) - n)))
-#define ROTL(x, n)   ((x << n) | (x >> ((sizeof(x) << 3) - n)))
-#define CH(x, y, z)  ((x & y) ^ (~x & z))
-#define MAJ(x, y, z) ((x & y) ^ (x & z) ^ (y & z))
-
-#define SHA512_F1(x) (ROTR(x, 28) ^ ROTR(x, 34) ^ ROTR(x, 39))
-#define SHA512_F2(x) (ROTR(x, 14) ^ ROTR(x, 18) ^ ROTR(x, 41))
-#define SHA512_F3(x) (ROTR(x,  1) ^ ROTR(x,  8) ^ SHFR(x,  7))
-#define SHA512_F4(x) (ROTR(x, 19) ^ ROTR(x, 61) ^ SHFR(x,  6))
-
-#define UNPACK32(x, str)                        \
-  {                                             \
-    *((str) + 3) = (uint8_t) ((x)      );       \
-    *((str) + 2) = (uint8_t) ((x) >>  8);       \
-    *((str) + 1) = (uint8_t) ((x) >> 16);       \
-    *((str) + 0) = (uint8_t) ((x) >> 24);       \
-  }
-
-#define UNPACK64(x, str)                          \
-  {                                               \
-    *((str) + 7) = (uint8_t) x;                   \
-    *((str) + 6) = (uint8_t) ((uint64_t)x >> 8);  \
-    *((str) + 5) = (uint8_t) ((uint64_t)x >> 16); \
-    *((str) + 4) = (uint8_t) ((uint64_t)x >> 24); \
-    *((str) + 3) = (uint8_t) ((uint64_t)x >> 32); \
-    *((str) + 2) = (uint8_t) ((uint64_t)x >> 40); \
-    *((str) + 1) = (uint8_t) ((uint64_t)x >> 48); \
-    *((str) + 0) = (uint8_t) ((uint64_t)x >> 56); \
-  }
-
-#define PACK64(str, x)                          \
-  {                                             \
-    *(x) =   ((uint64_t) *((str) + 7)      )    \
-        | ((uint64_t) *((str) + 6) <<  8)       \
-        | ((uint64_t) *((str) + 5) << 16)       \
-        | ((uint64_t) *((str) + 4) << 24)       \
-        | ((uint64_t) *((str) + 3) << 32)       \
-        | ((uint64_t) *((str) + 2) << 40)       \
-        | ((uint64_t) *((str) + 1) << 48)       \
-        | ((uint64_t) *((str) + 0) << 56);      \
-  }
-
-/* Macros used for loops unrolling */
-
-#define SHA512_SCR(i)                         \
-  {                                           \
-    w[i] =  SHA512_F4(w[i -  2]) + w[i -  7]  \
-        + SHA512_F3(w[i - 15]) + w[i - 16];   \
-  }
-
-#define SHA512_EXP(a, b, c, d, e, f, g ,h, j)               \
-  {                                                         \
-    t1 = wv[h] + SHA512_F2(wv[e]) + CH(wv[e], wv[f], wv[g]) \
-        + sha512_k[j] + w[j];                               \
-    t2 = SHA512_F1(wv[a]) + MAJ(wv[a], wv[b], wv[c]);       \
-    wv[d] += t1;                                            \
-    wv[h] = t1 + t2;                                        \
-  }
-
-static const uint64_t sha512_h0[8] = {
-  0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
-  0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
-  0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
-  0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL};
-
-static const uint64_t sha512_k[80] = {
-  0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
-  0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
-  0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
-  0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
-  0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
-  0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
-  0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
-  0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
-  0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
-  0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
-  0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
-  0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
-  0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
-  0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
-  0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
-  0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
-  0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
-  0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
-  0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
-  0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
-  0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
-  0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
-  0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
-  0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
-  0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
-  0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
-  0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
-  0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
-  0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
-  0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
-  0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
-  0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
-  0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
-  0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
-  0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
-  0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
-  0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
-  0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
-  0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
-  0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL};
-
-
-/* SHA-512 implementation */
-
-void SHA512_init(VB_SHA512_CTX *ctx) {
-#ifdef UNROLL_LOOPS_SHA512
-    ctx->h[0] = sha512_h0[0]; ctx->h[1] = sha512_h0[1];
-    ctx->h[2] = sha512_h0[2]; ctx->h[3] = sha512_h0[3];
-    ctx->h[4] = sha512_h0[4]; ctx->h[5] = sha512_h0[5];
-    ctx->h[6] = sha512_h0[6]; ctx->h[7] = sha512_h0[7];
-#else
-    int i;
-
-    for (i = 0; i < 8; i++)
-        ctx->h[i] = sha512_h0[i];
-#endif /* UNROLL_LOOPS_SHA512 */
-
-    ctx->len = 0;
-    ctx->tot_len = 0;
-}
-
-
-static void SHA512_transform(VB_SHA512_CTX* ctx, const uint8_t* message,
-                             unsigned int block_nb) {
-  uint64_t w[80];
-  uint64_t wv[8];
-  uint64_t t1, t2;
-  const uint8_t *sub_block;
-  int i, j;
-
-  for (i = 0; i < (int) block_nb; i++) {
-    sub_block = message + (i << 7);
-
-#ifdef UNROLL_LOOPS_SHA512
-    PACK64(&sub_block[  0], &w[ 0]); PACK64(&sub_block[  8], &w[ 1]);
-    PACK64(&sub_block[ 16], &w[ 2]); PACK64(&sub_block[ 24], &w[ 3]);
-    PACK64(&sub_block[ 32], &w[ 4]); PACK64(&sub_block[ 40], &w[ 5]);
-    PACK64(&sub_block[ 48], &w[ 6]); PACK64(&sub_block[ 56], &w[ 7]);
-    PACK64(&sub_block[ 64], &w[ 8]); PACK64(&sub_block[ 72], &w[ 9]);
-    PACK64(&sub_block[ 80], &w[10]); PACK64(&sub_block[ 88], &w[11]);
-    PACK64(&sub_block[ 96], &w[12]); PACK64(&sub_block[104], &w[13]);
-    PACK64(&sub_block[112], &w[14]); PACK64(&sub_block[120], &w[15]);
-
-    SHA512_SCR(16); SHA512_SCR(17); SHA512_SCR(18); SHA512_SCR(19);
-    SHA512_SCR(20); SHA512_SCR(21); SHA512_SCR(22); SHA512_SCR(23);
-    SHA512_SCR(24); SHA512_SCR(25); SHA512_SCR(26); SHA512_SCR(27);
-    SHA512_SCR(28); SHA512_SCR(29); SHA512_SCR(30); SHA512_SCR(31);
-    SHA512_SCR(32); SHA512_SCR(33); SHA512_SCR(34); SHA512_SCR(35);
-    SHA512_SCR(36); SHA512_SCR(37); SHA512_SCR(38); SHA512_SCR(39);
-    SHA512_SCR(40); SHA512_SCR(41); SHA512_SCR(42); SHA512_SCR(43);
-    SHA512_SCR(44); SHA512_SCR(45); SHA512_SCR(46); SHA512_SCR(47);
-    SHA512_SCR(48); SHA512_SCR(49); SHA512_SCR(50); SHA512_SCR(51);
-    SHA512_SCR(52); SHA512_SCR(53); SHA512_SCR(54); SHA512_SCR(55);
-    SHA512_SCR(56); SHA512_SCR(57); SHA512_SCR(58); SHA512_SCR(59);
-    SHA512_SCR(60); SHA512_SCR(61); SHA512_SCR(62); SHA512_SCR(63);
-    SHA512_SCR(64); SHA512_SCR(65); SHA512_SCR(66); SHA512_SCR(67);
-    SHA512_SCR(68); SHA512_SCR(69); SHA512_SCR(70); SHA512_SCR(71);
-    SHA512_SCR(72); SHA512_SCR(73); SHA512_SCR(74); SHA512_SCR(75);
-    SHA512_SCR(76); SHA512_SCR(77); SHA512_SCR(78); SHA512_SCR(79);
-
-    wv[0] = ctx->h[0]; wv[1] = ctx->h[1];
-    wv[2] = ctx->h[2]; wv[3] = ctx->h[3];
-    wv[4] = ctx->h[4]; wv[5] = ctx->h[5];
-    wv[6] = ctx->h[6]; wv[7] = ctx->h[7];
-
-    j = 0;
-
-    do {
-      SHA512_EXP(0,1,2,3,4,5,6,7,j); j++;
-      SHA512_EXP(7,0,1,2,3,4,5,6,j); j++;
-      SHA512_EXP(6,7,0,1,2,3,4,5,j); j++;
-      SHA512_EXP(5,6,7,0,1,2,3,4,j); j++;
-      SHA512_EXP(4,5,6,7,0,1,2,3,j); j++;
-      SHA512_EXP(3,4,5,6,7,0,1,2,j); j++;
-      SHA512_EXP(2,3,4,5,6,7,0,1,j); j++;
-      SHA512_EXP(1,2,3,4,5,6,7,0,j); j++;
-    } while (j < 80);
-
-    ctx->h[0] += wv[0]; ctx->h[1] += wv[1];
-    ctx->h[2] += wv[2]; ctx->h[3] += wv[3];
-    ctx->h[4] += wv[4]; ctx->h[5] += wv[5];
-    ctx->h[6] += wv[6]; ctx->h[7] += wv[7];
-#else
-    for (j = 0; j < 16; j++) {
-      PACK64(&sub_block[j << 3], &w[j]);
-    }
-
-    for (j = 16; j < 80; j++) {
-      SHA512_SCR(j);
-    }
-
-    for (j = 0; j < 8; j++) {
-      wv[j] = ctx->h[j];
-    }
-
-    for (j = 0; j < 80; j++) {
-      t1 = wv[7] + SHA512_F2(wv[4]) + CH(wv[4], wv[5], wv[6])
-          + sha512_k[j] + w[j];
-      t2 = SHA512_F1(wv[0]) + MAJ(wv[0], wv[1], wv[2]);
-      wv[7] = wv[6];
-      wv[6] = wv[5];
-      wv[5] = wv[4];
-      wv[4] = wv[3] + t1;
-      wv[3] = wv[2];
-      wv[2] = wv[1];
-      wv[1] = wv[0];
-      wv[0] = t1 + t2;
-    }
-
-    for (j = 0; j < 8; j++)
-      ctx->h[j] += wv[j];
-#endif /* UNROLL_LOOPS_SHA512 */
-  }
-}
-
-
-void SHA512_update(VB_SHA512_CTX* ctx, const uint8_t* data,
-                   uint32_t len) {
-    unsigned int block_nb;
-    unsigned int new_len, rem_len, tmp_len;
-    const uint8_t* shifted_data;
-
-    tmp_len = SHA512_BLOCK_SIZE - ctx->len;
-    rem_len = len < tmp_len ? len : tmp_len;
-
-    Memcpy(&ctx->block[ctx->len], data, rem_len);
-
-    if (ctx->len + len < SHA512_BLOCK_SIZE) {
-        ctx->len += len;
-        return;
-    }
-
-    new_len = len - rem_len;
-    block_nb = new_len / SHA512_BLOCK_SIZE;
-
-    shifted_data = data + rem_len;
-
-    SHA512_transform(ctx, ctx->block, 1);
-    SHA512_transform(ctx, shifted_data, block_nb);
-
-    rem_len = new_len % SHA512_BLOCK_SIZE;
-
-    Memcpy(ctx->block, &shifted_data[block_nb << 7],
-           rem_len);
-
-    ctx->len = rem_len;
-    ctx->tot_len += (block_nb + 1) << 7;
-}
-
-uint8_t* SHA512_final(VB_SHA512_CTX* ctx)
-{
-    unsigned int block_nb;
-    unsigned int pm_len;
-    unsigned int len_b;
-
-#ifndef UNROLL_LOOPS_SHA512
-    int i;
-#endif
-
-    block_nb = 1 + ((SHA512_BLOCK_SIZE - 17)
-                     < (ctx->len % SHA512_BLOCK_SIZE));
-
-    len_b = (ctx->tot_len + ctx->len) << 3;
-    pm_len = block_nb << 7;
-
-    Memset(ctx->block + ctx->len, 0, pm_len - ctx->len);
-    ctx->block[ctx->len] = 0x80;
-    UNPACK32(len_b, ctx->block + pm_len - 4);
-
-    SHA512_transform(ctx, ctx->block, block_nb);
-
-#ifdef UNROLL_LOOPS_SHA512
-    UNPACK64(ctx->h[0], &ctx->buf[ 0]);
-    UNPACK64(ctx->h[1], &ctx->buf[ 8]);
-    UNPACK64(ctx->h[2], &ctx->buf[16]);
-    UNPACK64(ctx->h[3], &ctx->buf[24]);
-    UNPACK64(ctx->h[4], &ctx->buf[32]);
-    UNPACK64(ctx->h[5], &ctx->buf[40]);
-    UNPACK64(ctx->h[6], &ctx->buf[48]);
-    UNPACK64(ctx->h[7], &ctx->buf[56]);
-#else
-    for (i = 0 ; i < 8; i++)
-        UNPACK64(ctx->h[i], &ctx->buf[i << 3]);
-#endif /* UNROLL_LOOPS_SHA512 */
-
-    return ctx->buf;
-}
-
-
-uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) {
-  const uint8_t* input_ptr;
-  const uint8_t* result;
-  uint64_t remaining_len;
-  int i;
-  VB_SHA512_CTX ctx;
-  SHA512_init(&ctx);
-
-  input_ptr = data;
-  remaining_len = len;
-
-  /* Process data in at most UINT32_MAX byte chunks at a time. */
-  while (remaining_len) {
-    uint32_t block_size;
-    block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ?
-                             UINT32_MAX : remaining_len);
-       SHA512_update(&ctx, input_ptr, block_size);
-    remaining_len -= block_size;
-    input_ptr += block_size;
-  }
-
-  result = SHA512_final(&ctx);
-  for (i = 0; i < SHA512_DIGEST_SIZE; ++i) {
-    digest[i] = *result++;
-  }
-  return digest;
-}
diff --git a/firmware/lib/cryptolib/sha_utility.c b/firmware/lib/cryptolib/sha_utility.c
deleted file mode 100644 (file)
index 38bce14..0000000
+++ /dev/null
@@ -1,118 +0,0 @@
-/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Utility functions for message digest functions.
- */
-
-#include "sysincludes.h"
-
-#include "cryptolib.h"
-#include "utility.h"
-#include "vboot_api.h"
-
-void DigestInit(DigestContext* ctx, int sig_algorithm) {
-  ctx->algorithm = hash_type_map[sig_algorithm];
-  switch(ctx->algorithm) {
-#ifndef CHROMEOS_EC
-    case SHA1_DIGEST_ALGORITHM:
-      ctx->sha1_ctx = (SHA1_CTX*) VbExMalloc(sizeof(SHA1_CTX));
-      SHA1_init(ctx->sha1_ctx);
-      break;
-#endif
-    case SHA256_DIGEST_ALGORITHM:
-      ctx->sha256_ctx = (VB_SHA256_CTX*) VbExMalloc(sizeof(VB_SHA256_CTX));
-      SHA256_init(ctx->sha256_ctx);
-      break;
-#ifndef CHROMEOS_EC
-    case SHA512_DIGEST_ALGORITHM:
-      ctx->sha512_ctx = (VB_SHA512_CTX*) VbExMalloc(sizeof(VB_SHA512_CTX));
-      SHA512_init(ctx->sha512_ctx);
-      break;
-#endif
-  };
-}
-
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) {
-  switch(ctx->algorithm) {
-#ifndef CHROMEOS_EC
-    case SHA1_DIGEST_ALGORITHM:
-      SHA1_update(ctx->sha1_ctx, data, len);
-      break;
-#endif
-    case SHA256_DIGEST_ALGORITHM:
-      SHA256_update(ctx->sha256_ctx, data, len);
-      break;
-#ifndef CHROMEOS_EC
-    case SHA512_DIGEST_ALGORITHM:
-      SHA512_update(ctx->sha512_ctx, data, len);
-      break;
-#endif
-  };
-}
-
-uint8_t* DigestFinal(DigestContext* ctx) {
-  uint8_t* digest = NULL;
-  switch(ctx->algorithm) {
-#ifndef CHROMEOS_EC
-    case SHA1_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA1_DIGEST_SIZE);
-      Memcpy(digest, SHA1_final(ctx->sha1_ctx), SHA1_DIGEST_SIZE);
-      VbExFree(ctx->sha1_ctx);
-      break;
-#endif
-    case SHA256_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA256_DIGEST_SIZE);
-      Memcpy(digest, SHA256_final(ctx->sha256_ctx), SHA256_DIGEST_SIZE);
-      VbExFree(ctx->sha256_ctx);
-      break;
-#ifndef CHROMEOS_EC
-    case SHA512_DIGEST_ALGORITHM:
-      digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE);
-      Memcpy(digest, SHA512_final(ctx->sha512_ctx), SHA512_DIGEST_SIZE);
-      VbExFree(ctx->sha512_ctx);
-      break;
-#endif
-  };
-  return digest;
-}
-
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
-  /* Allocate enough space for the largest digest */
-  uint8_t* digest = (uint8_t*) VbExMalloc(SHA512_DIGEST_SIZE);
-  /* Define an array mapping [sig_algorithm] to function pointers to the
-   * SHA{1|256|512} functions.
-   */
-  typedef uint8_t* (*Hash_ptr) (const uint8_t*, uint64_t, uint8_t*);
-  Hash_ptr hash[] = {
-#ifdef CHROMEOS_EC
-    0,  /* RSA 1024 */
-    0,
-    0,
-    0,  /* RSA 2048 */
-    0,
-    0,
-    0,  /* RSA 4096 */
-    internal_SHA256,
-    0,
-    0,  /* RSA 8192 */
-    0,
-    0,
-#else
-    internal_SHA1,  /* RSA 1024 */
-    internal_SHA256,
-    internal_SHA512,
-    internal_SHA1,  /* RSA 2048 */
-    internal_SHA256,
-    internal_SHA512,
-    internal_SHA1,  /* RSA 4096 */
-    internal_SHA256,
-    internal_SHA512,
-    internal_SHA1,  /* RSA 8192 */
-    internal_SHA256,
-    internal_SHA512,
-#endif
-  };
-  /* Call the appropriate hash function. */
-  return hash[sig_algorithm](buf, len, digest);
-}
index 4d50ff6..35d7676 100644 (file)
@@ -106,8 +106,8 @@ int VerifyData(const uint8_t *data, uint64_t size, const VbSignature *sig,
               const RSAPublicKey *key);
 
 /**
- * Verify a secure hash digest from DigestBuf() or DigestFinal(), using
- * [key]. Returns 0 on success.
+ * Verify a secure hash digest from vb2_digest_buffer() or
+ * vb2_digest_finalize(), using [key]. Returns 0 on success.
  */
 int VerifyDigest(const uint8_t *digest, const VbSignature *sig,
                 const RSAPublicKey *key);
index 226cdb7..308bfee 100644 (file)
@@ -7,7 +7,10 @@
  */
 
 #include "sysincludes.h"
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "vboot_api.h"
 #include "vboot_common.h"
 #include "utility.h"
@@ -219,7 +222,7 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size,
         */
        if (hash_only) {
                /* Check hash */
-               uint8_t *header_checksum = NULL;
+               uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE];
                int rv;
 
                sig = &block->key_block_checksum;
@@ -228,7 +231,7 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size,
                        VBDEBUG(("Key block hash off end of block\n"));
                        return VBOOT_KEY_BLOCK_INVALID;
                }
-               if (sig->sig_size != SHA512_DIGEST_SIZE) {
+               if (sig->sig_size != VB2_SHA512_DIGEST_SIZE) {
                        VBDEBUG(("Wrong hash size for key block.\n"));
                        return VBOOT_KEY_BLOCK_INVALID;
                }
@@ -240,12 +243,15 @@ int KeyBlockVerify(const VbKeyBlockHeader *block, uint64_t size,
                }
 
                VBDEBUG(("Checking key block hash only...\n"));
-               header_checksum = DigestBuf((const uint8_t *)block,
-                                           sig->data_size,
-                                           SHA512_DIGEST_ALGORITHM);
-               rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig),
-                               SHA512_DIGEST_SIZE);
-               VbExFree(header_checksum);
+               rv = vb2_digest_buffer((const uint8_t *)block,
+                                      sig->data_size,
+                                      VB2_HASH_SHA512,
+                                      header_checksum,
+                                      sizeof(header_checksum));
+               if (!rv)
+                       rv = SafeMemcmp(header_checksum, GetSignatureDataC(sig),
+                                       sizeof(header_checksum));
+
                if (rv) {
                        VBDEBUG(("Invalid key block hash.\n"));
                        return VBOOT_KEY_BLOCK_HASH;
index b178f2c..2ef8703 100644 (file)
@@ -6,7 +6,10 @@
  */
 
 #include "sysincludes.h"
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "bmpblk_font.h"
 #include "gbb_access.h"
 #include "gbb_header.h"
@@ -379,14 +382,15 @@ static void FillInSha1Sum(char *outbuf, VbPublicKey *key)
 {
        uint8_t *buf = ((uint8_t *)key) + key->key_offset;
        uint64_t buflen = key->key_size;
-       uint8_t *digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+       uint8_t digest[VB2_SHA1_DIGEST_SIZE];
        int i;
-       for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
+
+       vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest));
+       for (i = 0; i < sizeof(digest); i++) {
                Uint8ToString(outbuf, digest[i]);
                outbuf += 2;
        }
        *outbuf = '\0';
-       VbExFree(digest);
 }
 
 const char *RecoveryReasonString(uint8_t code)
@@ -549,7 +553,7 @@ VbError_t VbDisplayDebugInfo(VbCommonParams *cparams, VbNvContext *vncptr)
                (VbSharedDataHeader *)cparams->shared_data_blob;
        GoogleBinaryBlockHeader *gbb = cparams->gbb;
        char buf[DEBUG_INFO_SIZE] = "";
-       char sha1sum[SHA1_DIGEST_SIZE * 2 + 1];
+       char sha1sum[VB2_SHA1_DIGEST_SIZE * 2 + 1];
        char hwid[256];
        uint32_t used = 0;
        VbPublicKey *key;
index 7e6010b..bfabfd4 100644 (file)
@@ -7,7 +7,10 @@
  */
 
 #include "sysincludes.h"
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "region.h"
 #include "gbb_access.h"
 #include "gbb_header.h"
@@ -24,7 +27,7 @@
  * struct back to us.
  */
 typedef struct VbLoadFirmwareInternal {
-       DigestContext body_digest_context;
+       struct vb2_digest_context body_digest_context;
        uint32_t body_size_accum;
 } VbLoadFirmwareInternal;
 
@@ -34,7 +37,7 @@ void VbUpdateFirmwareBodyHash(VbCommonParams *cparams, uint8_t *data,
        VbLoadFirmwareInternal *lfi =
                (VbLoadFirmwareInternal*)cparams->vboot_context;
 
-       DigestUpdate(&lfi->body_digest_context, data, size);
+       vb2_digest_extend(&lfi->body_digest_context, data, size);
        lfi->body_size_accum += size;
 }
 
@@ -96,7 +99,6 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams,
                RSAPublicKey *data_key;
                uint64_t key_version;
                uint32_t combined_version;
-               uint8_t *body_digest;
                uint8_t *check_result;
 
                /* If try B count is non-zero try firmware B first */
@@ -230,8 +232,8 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams,
                        VbError_t rv;
 
                        /* Read the firmware data */
-                       DigestInit(&lfi->body_digest_context,
-                                  data_key->algorithm);
+                       vb2_digest_init(&lfi->body_digest_context,
+                               vb2_crypto_to_hash(data_key->algorithm));
                        lfi->body_size_accum = 0;
                        rv = VbExHashFirmwareBody(
                                        cparams,
@@ -255,17 +257,17 @@ int LoadFirmware(VbCommonParams *cparams, VbSelectFirmwareParams *fparams,
                        }
 
                        /* Verify firmware data */
-                       body_digest = DigestFinal(&lfi->body_digest_context);
+                       uint8_t body_digest[VB2_MAX_DIGEST_SIZE];
+                       vb2_digest_finalize(&lfi->body_digest_context,
+                                           body_digest, sizeof(body_digest));
                        if (0 != VerifyDigest(body_digest,
                                              &preamble->body_signature,
                                              data_key)) {
                                VBDEBUG(("FW body verification failed.\n"));
                                *check_result = VBSD_LF_CHECK_VERIFY_BODY;
                                RSAPublicKeyFree(data_key);
-                               VbExFree(body_digest);
                                continue;
                        }
-                       VbExFree(body_digest);
                }
 
                /* Done with the data key, so can free it now */
index 6ab52b7..4a7154e 100644 (file)
@@ -8,6 +8,8 @@
 
 #include "sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "cgptlib.h"
 #include "cgptlib_internal.h"
 #include "region.h"
@@ -281,29 +283,27 @@ VbError_t LoadKernel(LoadKernelParams *params, VbCommonParams *cparams)
                        VbPublicKey *key = &key_block->data_key;
                        uint8_t *buf = ((uint8_t *)key) + key->key_offset;
                        uint64_t buflen = key->key_size;
-                       uint8_t *digest;
+                       uint8_t digest[VB2_SHA256_DIGEST_SIZE];
 
                        VBDEBUG(("Checking developer key hash.\n"));
-                       digest = DigestBuf(buf, buflen,
-                                          SHA256_DIGEST_ALGORITHM);
+                       vb2_digest_buffer(buf, buflen, VB2_HASH_SHA256,
+                                         digest, sizeof(digest));
                        if (0 != SafeMemcmp(digest, params->fwmp->dev_key_hash,
-                                           SHA256_DIGEST_SIZE)) {
+                                           VB2_SHA256_DIGEST_SIZE)) {
                                int i;
 
                                VBDEBUG(("Wrong developer key hash.\n"));
                                VBDEBUG(("Want: "));
-                               for (i = 0; i < SHA256_DIGEST_SIZE; i++)
+                               for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++)
                                        VBDEBUG(("%02x",
                                                 params->fwmp->dev_key_hash[i]));
                                VBDEBUG(("\nGot:  "));
-                               for (i = 0; i < SHA256_DIGEST_SIZE; i++)
+                               for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++)
                                        VBDEBUG(("%02x", digest[i]));
                                VBDEBUG(("\n"));
 
-                               VbExFree(digest);
                                goto bad_kernel;
                        }
-                       VbExFree(digest);
                }
 
                /* Get key for preamble/data verification from the key block. */
index 143ea9a..70568f4 100644 (file)
@@ -13,6 +13,7 @@
 #include "2common.h"
 #include "2id.h"
 #include "2rsa.h"
+#include "2sha.h"
 #include "util_misc.h"
 #include "vb2_common.h"
 #include "vb2_struct.h"
@@ -254,10 +255,8 @@ static int vb2_make_keypair()
 
        /* Update the IDs */
        if (!force_id) {
-               uint8_t *digest = DigestBuf(keyb_data, keyb_size,
-                                           SHA1_DIGEST_ALGORITHM);
-               memcpy(&opt_id, digest, sizeof(opt_id));
-               free(digest);
+               vb2_digest_buffer(keyb_data, keyb_size, VB2_HASH_SHA1,
+                                 opt_id.raw, sizeof(opt_id.raw));
        }
 
        memcpy((struct vb2_id *)pubkey->id, &opt_id, sizeof(opt_id));
index 241bfb2..ecb5dc0 100644 (file)
@@ -10,6 +10,9 @@
 #include <stdio.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "futility.h"
 
 static const char usage[] = "\n"
@@ -105,13 +108,12 @@ static const struct option long_opts[] = {
 };
 static int do_pcr(int argc, char *argv[])
 {
-       uint8_t accum[SHA256_DIGEST_SIZE * 2];
-       uint8_t pcr[SHA256_DIGEST_SIZE];
-       int digest_alg = SHA1_DIGEST_ALGORITHM;
-       int digest_size = SHA1_DIGEST_SIZE;
+       uint8_t accum[VB2_MAX_DIGEST_SIZE * 2];
+       uint8_t pcr[VB2_MAX_DIGEST_SIZE];
+       int digest_alg = VB2_HASH_SHA1;
+       int digest_size;
        int opt_init = 0;
        int errorcnt = 0;
-       uint8_t *digest;
        int i;
 
        opterr = 0;             /* quiet, you */
@@ -121,8 +123,7 @@ static int do_pcr(int argc, char *argv[])
                        opt_init = 1;
                        break;
                case '2':
-                       digest_alg = SHA256_DIGEST_ALGORITHM;
-                       digest_size = SHA256_DIGEST_SIZE;
+                       digest_alg = VB2_HASH_SHA256;
                        break;
                case OPT_HELP:
                        print_help(argc, argv);
@@ -157,6 +158,12 @@ static int do_pcr(int argc, char *argv[])
 
        memset(pcr, 0, sizeof(pcr));
 
+       digest_size = vb2_digest_size(digest_alg);
+       if (!digest_size) {
+               fprintf(stderr, "Error determining digest size!\n");
+               return 1;
+       }
+
        if (opt_init) {
                parse_digest_or_die(pcr, digest_size, argv[optind]);
                optind++;
@@ -174,13 +181,12 @@ static int do_pcr(int argc, char *argv[])
                print_digest(accum + digest_size, digest_size);
                printf("\n");
 
-               digest = DigestBuf(accum, digest_size * 2, digest_alg);
-               if (!digest) {
+               if (VB2_SUCCESS != vb2_digest_buffer(accum, digest_size * 2,
+                                                    digest_alg,
+                                                    pcr, digest_size)) {
                        fprintf(stderr, "Error computing digest!\n");
                        return 1;
                }
-               memcpy(pcr, digest, digest_size);
-               free(digest);
 
                printf("PCR: ");
                print_digest(pcr, digest_size);
index c0f5397..fe0042b 100644 (file)
@@ -21,6 +21,7 @@
 
 #include "2sysincludes.h"
 #include "2common.h"
+#include "2sha.h"
 #include "2rsa.h"
 #include "file_type.h"
 #include "futility.h"
@@ -339,7 +340,7 @@ static void show_usbpd1_stuff(const char *name,
 {
        struct vb2_public_key key;
        struct vb2_packed_key *pkey;
-       uint8_t *sha1sum;
+       uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
        int i;
 
        vb2_pubkey_from_usbpd1(&key, sig_alg, hash_alg,
@@ -348,19 +349,18 @@ static void show_usbpd1_stuff(const char *name,
        if (vb2_public_key_pack(&pkey, &key))
                return;
 
-       sha1sum = DigestBuf((uint8_t *)pkey + pkey->key_offset,
-                       pkey->key_size, SHA1_DIGEST_ALGORITHM);
+       vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size,
+                         VB2_HASH_SHA1, sha1sum, sizeof(sha1sum));
 
        printf("USB-PD v1 image:       %s\n", name);
        printf("  Algorithm:           %s %s\n",
               vb2_lookup_by_num(vb2_text_vs_sig, sig_alg)->name,
               vb2_lookup_by_num(vb2_text_vs_hash, hash_alg)->name);
        printf("  Key sha1sum:         ");
-       for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+       for (i = 0; i < VB2_SHA1_DIGEST_SIZE; i++)
                printf("%02x", sha1sum[i]);
        printf("\n");
 
-       free(sha1sum);
        free(pkey);
 }
 
index 1e91eb8..703033c 100644 (file)
 #include <sys/wait.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cgptlib_internal.h"
 #include "file_type.h"
 #include "futility.h"
@@ -142,19 +146,19 @@ int print_hwid_digest(GoogleBinaryBlockHeader *gbb,
        uint8_t *buf = (uint8_t *)gbb;
        char *hwid_str = (char *)(buf + gbb->hwid_offset);
        int is_valid = 0;
-       uint8_t *digest = DigestBuf(buf + gbb->hwid_offset,
-                                   strlen(hwid_str),
-                                   SHA256_DIGEST_ALGORITHM);
-       if (digest) {
+       uint8_t digest[VB2_SHA256_DIGEST_SIZE];
+
+       if (VB2_SUCCESS == vb2_digest_buffer(buf + gbb->hwid_offset,
+                                            strlen(hwid_str), VB2_HASH_SHA256,
+                                            digest, sizeof(digest))) {
                int i;
                is_valid = 1;
                /* print it, comparing as we go */
-               for (i = 0; i < SHA256_DIGEST_SIZE; i++) {
+               for (i = 0; i < VB2_SHA256_DIGEST_SIZE; i++) {
                        printf("%02x", gbb->hwid_digest[i]);
                        if (gbb->hwid_digest[i] != digest[i])
                                is_valid = 0;
                }
-               free(digest);
        }
 
        printf("   %s", is_valid ? "valid" : "<invalid>");
@@ -171,11 +175,10 @@ void update_hwid_digest(GoogleBinaryBlockHeader *gbb)
 
        uint8_t *buf = (uint8_t *)gbb;
        char *hwid_str = (char *)(buf + gbb->hwid_offset);
-       uint8_t *digest = DigestBuf(buf + gbb->hwid_offset,
-                                   strlen(hwid_str),
-                                   SHA256_DIGEST_ALGORITHM);
-       memcpy(gbb->hwid_digest, digest, SHA256_DIGEST_SIZE);
-       free(digest);
+
+       vb2_digest_buffer(buf + gbb->hwid_offset, strlen(hwid_str),
+                         VB2_HASH_SHA256,
+                         gbb->hwid_digest, sizeof(gbb->hwid_digest));
 }
 
 /*
index a88f34c..0797d7b 100644 (file)
@@ -15,7 +15,9 @@
 #include <sys/types.h>
 #include <unistd.h>
 
-#include "2struct.h"
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "futility.h"
 #include "gbb_header.h"
@@ -100,9 +102,11 @@ static void calculate_root_key_hash(uint8_t *digest, size_t digest_size,
 {
        const uint8_t *gbb_base = (const uint8_t *)gbb;
 
-       internal_SHA256(gbb_base + gbb->rootkey_offset,
-                       gbb->rootkey_size,
-                       digest);
+       vb2_digest_buffer(gbb_base + gbb->rootkey_offset,
+                         gbb->rootkey_size,
+                         VB2_HASH_SHA256,
+                         digest,
+                         digest_size);
 }
 
 int fill_ryu_root_header(uint8_t *ptr, size_t size,
@@ -130,7 +134,7 @@ int fill_ryu_root_header(uint8_t *ptr, size_t size,
 int verify_ryu_root_header(uint8_t *ptr, size_t size,
                           const GoogleBinaryBlockHeader *gbb)
 {
-       uint8_t digest[SHA256_DIGEST_SIZE] = {0};
+       uint8_t digest[VB2_SHA256_DIGEST_SIZE] = {0};
 
        struct vb2_ryu_root_key_hash *hash;
 
@@ -145,8 +149,7 @@ int verify_ryu_root_header(uint8_t *ptr, size_t size,
        }
 
        /* Check for all 0's, which means hash hasn't been set */
-       if (0 == memcmp(digest, hash->root_key_hash_digest,
-                       SHA256_DIGEST_SIZE)) {
+       if (0 == memcmp(digest, hash->root_key_hash_digest, sizeof(digest))) {
                printf(" - ryu root hash is unset\n");
                return 0;
        }
@@ -154,8 +157,7 @@ int verify_ryu_root_header(uint8_t *ptr, size_t size,
        /* Update the hash stored in the header based on the root key */
        calculate_root_key_hash(digest, sizeof(digest), gbb);
 
-       if (0 == memcmp(digest, hash->root_key_hash_digest,
-                       SHA256_DIGEST_SIZE)) {
+       if (0 == memcmp(digest, hash->root_key_hash_digest, sizeof(digest))) {
                printf(" - ryu root hash verified\n");
                return 0;
        } else {
index 51a7837..f8118ec 100644 (file)
@@ -11,6 +11,7 @@
 #include "2common.h"
 #include "2id.h"
 #include "2rsa.h"
+#include "2sha.h"
 #include "util_misc.h"
 #include "vb2_common.h"
 #include "vb2_struct.h"
@@ -75,34 +76,31 @@ static inline void vb2_print_bytes(const void *ptr, uint32_t len)
                printf("%02x", *buf++);
 }
 
-static uint8_t *vb2_public_key_sha1sum(struct vb2_public_key *key)
+static int vb2_public_key_sha1sum(struct vb2_public_key *key, uint8_t *digest)
 {
        struct vb2_packed_key *pkey;
-       uint8_t *digest;
 
        if (vb2_public_key_pack(&pkey, key))
                return 0;
 
-       digest = DigestBuf((uint8_t *)pkey + pkey->key_offset,
-                          pkey->key_size, SHA1_DIGEST_ALGORITHM);
-       free(pkey);
+       vb2_digest_buffer((uint8_t *)pkey + pkey->key_offset, pkey->key_size,
+                         VB2_HASH_SHA1, digest, VB2_SHA1_DIGEST_SIZE);
 
-       return digest;
+       free(pkey);
+       return 1;
 }
 
 int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
 {
        struct vb2_public_key key;
        const struct vb2_text_vs_enum *entry;
-       uint8_t *sha1sum;
+       uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
 
        /* The key's members will point into the state buffer after this. Don't
         * free anything. */
        if (VB2_SUCCESS != vb2_unpack_key(&key, buf, len))
                return 1;
 
-       sha1sum = vb2_public_key_sha1sum(&key);
-
        printf("Public Key file:       %s\n", name);
        printf("  Vboot API:           2.1\n");
        printf("  Desc:                \"%s\"\n", key.desc);
@@ -116,27 +114,28 @@ int ft_show_vb2_pubkey(const char *name, uint8_t *buf, uint32_t len, void *data)
        printf("  ID:                  ");
        vb2_print_bytes(key.id, sizeof(*key.id));
        printf("\n");
-       if (sha1sum && memcmp(key.id, sha1sum, sizeof(*key.id))) {
+       if (vb2_public_key_sha1sum(&key, sha1sum) &&
+           memcmp(key.id, sha1sum, sizeof(*key.id))) {
                printf("  Key sha1sum:         ");
-               vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE);
+               vb2_print_bytes(sha1sum, sizeof(sha1sum));
                printf("\n");
        }
-       free(sha1sum);
        return 0;
 }
 
-static uint8_t *vb2_private_key_sha1sum(struct vb2_private_key *key)
+static int vb2_private_key_sha1sum(struct vb2_private_key *key, uint8_t *digest)
 {
-       uint8_t *buf, *digest;
+       uint8_t *buf;
        uint32_t buflen;
 
        if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen))
                return 0;
 
-       digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
-       free(buf);
+       vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest,
+                         VB2_SHA1_DIGEST_SIZE);
 
-       return digest;
+       free(buf);
+       return 1;
 }
 
 int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len,
@@ -144,13 +143,11 @@ int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len,
 {
        struct vb2_private_key *key = 0;
        const struct vb2_text_vs_enum *entry;
-       uint8_t *sha1sum;
+       uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
 
        if (VB2_SUCCESS != vb2_private_key_unpack(&key, buf, len))
                return 1;
 
-       sha1sum = vb2_private_key_sha1sum(key);
-
        printf("Private key file:      %s\n", name);
        printf("  Vboot API:           2.1\n");
        printf("  Desc:                \"%s\"\n", key->desc ? key->desc : "");
@@ -163,12 +160,12 @@ int ft_show_vb2_privkey(const char *name, uint8_t *buf, uint32_t len,
        printf("  ID:                  ");
        vb2_print_bytes(&key->id, sizeof(key->id));
        printf("\n");
-       if (sha1sum && memcmp(&key->id, sha1sum, sizeof(key->id))) {
+       if (vb2_private_key_sha1sum(key, sha1sum) &&
+           memcmp(&key->id, sha1sum, sizeof(key->id))) {
                printf("  Key sha1sum:         ");
-               vb2_print_bytes(sha1sum, SHA1_DIGEST_SIZE);
+               vb2_print_bytes(sha1sum, sizeof(sha1sum));
                printf("\n");
        }
-       free(sha1sum);
        vb2_private_key_free(key);
        return 0;
 }
@@ -213,7 +210,8 @@ enum futil_file_type ft_recognize_pem(uint8_t *buf, uint32_t len)
 int ft_show_pem(const char *name, uint8_t *buf, uint32_t len, void *data)
 {
        RSA *rsa_key;
-       uint8_t *keyb, *digest;
+       uint8_t *keyb;
+       uint8_t digest[VB2_SHA1_DIGEST_SIZE];
        uint32_t keyb_len;
        int i, bits;
 
@@ -236,12 +234,12 @@ int ft_show_pem(const char *name, uint8_t *buf, uint32_t len, void *data)
        }
 
        printf("  Key sha1sum:         ");
-       digest = DigestBuf(keyb, keyb_len, SHA1_DIGEST_ALGORITHM);
-       for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+       vb2_digest_buffer(keyb, keyb_len, VB2_HASH_SHA1,
+                         digest, sizeof(digest));
+       for (i = 0; i < sizeof(digest); i++)
                printf("%02x", digest[i]);
        printf("\n");
 
-       free(digest);
        free(keyb);
        RSA_free(rsa_key);
        return 0;
index ac9af17..fd07752 100644 (file)
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
@@ -59,23 +63,22 @@ RSAPublicKey* RSAPublicKeyFromFile(const char* input_file) {
   return key;
 }
 
-uint8_t* DigestFile(char* input_file, int sig_algorithm) {
-  int input_fd, len;
-  uint8_t data[SHA1_BLOCK_SIZE];
-  uint8_t* digest = NULL;
-  DigestContext ctx;
+int DigestFile(char *input_file, enum vb2_hash_algorithm alg,
+              uint8_t *digest, uint32_t digest_size) {
+       int input_fd, len;
+       uint8_t data[VB2_SHA1_BLOCK_SIZE];
+       struct vb2_digest_context ctx;
 
-  if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
-    VBDEBUG(("Couldn't open %s\n", input_file));
-    return NULL;
-  }
-  DigestInit(&ctx, sig_algorithm);
-  while ( (len = read(input_fd, data, SHA1_BLOCK_SIZE)) ==
-          SHA1_BLOCK_SIZE)
-    DigestUpdate(&ctx, data, len);
-  if (len != -1)
-    DigestUpdate(&ctx, data, len);
-  digest = DigestFinal(&ctx);
-  close(input_fd);
-  return digest;
+       if( (input_fd = open(input_file, O_RDONLY)) == -1 ) {
+               VBDEBUG(("Couldn't open %s\n", input_file));
+               return VB2_ERROR_UNKNOWN;
+       }
+       vb2_digest_init(&ctx, alg);
+       while ((len = read(input_fd, data, sizeof(data))) == sizeof(data))
+               vb2_digest_extend(&ctx, data, len);
+       if (len != -1)
+               vb2_digest_extend(&ctx, data, len);
+       close(input_fd);
+
+       return vb2_digest_finalize(&ctx, digest, digest_size);
 }
index e1dd95b..333b7d4 100644 (file)
@@ -5,7 +5,10 @@
  * Host functions for verified boot.
  */
 
+#include "2sysincludes.h"
 
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "host_common.h"
 #include "host_keyblock.h"
@@ -18,7 +21,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
 
   VbKeyBlockHeader* h;
   uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;
-  uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +
+  uint64_t block_size = (signed_size + VB2_SHA512_DIGEST_SIZE +
                          (signing_key ?
                           siglen_map[signing_key->algorithm] : 0));
   uint8_t* data_key_dest;
@@ -32,7 +35,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
     return NULL;
   data_key_dest = (uint8_t*)(h + 1);
   block_chk_dest = data_key_dest + data_key->key_size;
-  block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;
+  block_sig_dest = block_chk_dest + VB2_SHA512_DIGEST_SIZE;
 
   Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);
   h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;
@@ -46,7 +49,7 @@ VbKeyBlockHeader* KeyBlockCreate(const VbPublicKey* data_key,
 
   /* Set up signature structs so we can calculate the signatures */
   SignatureInit(&h->key_block_checksum, block_chk_dest,
-                SHA512_DIGEST_SIZE, signed_size);
+                VB2_SHA512_DIGEST_SIZE, signed_size);
   if (signing_key)
     SignatureInit(&h->key_block_signature, block_sig_dest,
                   siglen_map[signing_key->algorithm], signed_size);
@@ -79,7 +82,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
                                           const char* external_signer) {
   VbKeyBlockHeader* h;
   uint64_t signed_size = sizeof(VbKeyBlockHeader) + data_key->key_size;
-  uint64_t block_size = (signed_size + SHA512_DIGEST_SIZE +
+  uint64_t block_size = (signed_size + VB2_SHA512_DIGEST_SIZE +
                          siglen_map[algorithm]);
   uint8_t* data_key_dest;
   uint8_t* block_sig_dest;
@@ -95,7 +98,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
 
   data_key_dest = (uint8_t*)(h + 1);
   block_chk_dest = data_key_dest + data_key->key_size;
-  block_sig_dest = block_chk_dest + SHA512_DIGEST_SIZE;
+  block_sig_dest = block_chk_dest + VB2_SHA512_DIGEST_SIZE;
 
   Memcpy(h->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE);
   h->header_version_major = KEY_BLOCK_HEADER_VERSION_MAJOR;
@@ -109,7 +112,7 @@ VbKeyBlockHeader* KeyBlockCreate_external(const VbPublicKey* data_key,
 
   /* Set up signature structs so we can calculate the signatures */
   SignatureInit(&h->key_block_checksum, block_chk_dest,
-                SHA512_DIGEST_SIZE, signed_size);
+                VB2_SHA512_DIGEST_SIZE, signed_size);
   SignatureInit(&h->key_block_signature, block_sig_dest,
                 siglen_map[algorithm], signed_size);
 
index 68eba29..5767684 100644 (file)
 #include <sys/wait.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
@@ -53,49 +57,46 @@ int SignatureCopy(VbSignature* dest, const VbSignature* src) {
 
 VbSignature* CalculateChecksum(const uint8_t* data, uint64_t size) {
 
-  uint8_t* header_checksum;
+  uint8_t header_checksum[VB2_SHA512_DIGEST_SIZE];
   VbSignature* sig;
 
-  header_checksum = DigestBuf(data, size, SHA512_DIGEST_ALGORITHM);
-  if (!header_checksum)
+  if (VB2_SUCCESS != vb2_digest_buffer(data, size, VB2_HASH_SHA512,
+                                      header_checksum,
+                                      sizeof(header_checksum)))
     return NULL;
 
-  sig = SignatureAlloc(SHA512_DIGEST_SIZE, 0);
-  if (!sig) {
-    VbExFree(header_checksum);
+  sig = SignatureAlloc(VB2_SHA512_DIGEST_SIZE, 0);
+  if (!sig)
     return NULL;
-  }
+
   sig->sig_offset = sizeof(VbSignature);
-  sig->sig_size = SHA512_DIGEST_SIZE;
+  sig->sig_size = VB2_SHA512_DIGEST_SIZE;
   sig->data_size = size;
 
   /* Signature data immediately follows the header */
-  Memcpy(GetSignatureData(sig), header_checksum, SHA512_DIGEST_SIZE);
-  VbExFree(header_checksum);
+  Memcpy(GetSignatureData(sig), header_checksum, VB2_SHA512_DIGEST_SIZE);
   return sig;
 }
 
 VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
                            const VbPrivateKey* key) {
-  uint8_t* digest = NULL;
-  int digest_size = hash_size_map[key->algorithm];
+  int vb2_alg = vb2_crypto_to_hash(key->algorithm);
+  uint8_t digest[VB2_MAX_DIGEST_SIZE];
+  int digest_size = vb2_digest_size(vb2_alg);
   VbSignature* sig = NULL;
 
   /* Calculate the digest */
-  digest = DigestBuf(data, size, key->algorithm);
-  if (!digest)
+  if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg,
+                                      digest, sizeof(digest)))
     return NULL;
 
   /* Allocate output signature */
   sig = SignatureAlloc(digest_size, size);
-  if (!sig) {
-    free(digest);
+  if (!sig)
     return NULL;
-  }
 
   /* The digest itself is the signature data */
   Memcpy(GetSignatureData(sig), digest, digest_size);
-  free(digest);
 
   /* Return the signature */
   return sig;
@@ -103,9 +104,9 @@ VbSignature* CalculateHash(const uint8_t* data, uint64_t size,
 
 VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
                                 const VbPrivateKey* key) {
-
-  uint8_t* digest;
-  int digest_size = hash_size_map[key->algorithm];
+  int vb2_alg = vb2_crypto_to_hash(key->algorithm);
+  uint8_t digest[VB2_MAX_DIGEST_SIZE];
+  int digest_size = vb2_digest_size(vb2_alg);
 
   const uint8_t* digestinfo = hash_digestinfo_map[key->algorithm];
   int digestinfo_size = digestinfo_size_map[key->algorithm];
@@ -117,20 +118,17 @@ VbSignature* CalculateSignature(const uint8_t* data, uint64_t size,
   int rv;
 
   /* Calculate the digest */
-  /* TODO: rename param 3 of DigestBuf to hash_type */
-  digest = DigestBuf(data, size, hash_type_map[key->algorithm]);
-  if (!digest)
+  if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg,
+                                      digest, sizeof(digest)))
     return NULL;
 
   /* Prepend the digest info to the digest */
   signature_digest = malloc(signature_digest_len);
-  if (!signature_digest) {
-    VbExFree(digest);
+  if (!signature_digest)
     return NULL;
-  }
+
   Memcpy(signature_digest, digestinfo, digestinfo_size);
   Memcpy(signature_digest + digestinfo_size, digest, digest_size);
-  VbExFree(digest);
 
   /* Allocate output signature */
   sig = SignatureAlloc(siglen_map[key->algorithm], size);
@@ -249,8 +247,9 @@ VbSignature* CalculateSignature_external(const uint8_t* data, uint64_t size,
                                          const char* key_file,
                                          uint64_t key_algorithm,
                                          const char* external_signer) {
-  uint8_t* digest;
-  uint64_t digest_size = hash_size_map[key_algorithm];
+  int vb2_alg = vb2_crypto_to_hash(key_algorithm);
+  uint8_t digest[VB2_MAX_DIGEST_SIZE];
+  int digest_size = vb2_digest_size(vb2_alg);
 
   const uint8_t* digestinfo = hash_digestinfo_map[key_algorithm];
   uint64_t digestinfo_size = digestinfo_size_map[key_algorithm];
@@ -262,20 +261,17 @@ VbSignature* CalculateSignature_external(const uint8_t* data, uint64_t size,
   int rv;
 
   /* Calculate the digest */
-  /* TODO: rename param 3 of DigestBuf to hash_type */
-  digest = DigestBuf(data, size, hash_type_map[key_algorithm]);
-  if (!digest)
+  if (VB2_SUCCESS != vb2_digest_buffer(data, size, vb2_alg,
+                                      digest, sizeof(digest)))
     return NULL;
 
   /* Prepend the digest info to the digest */
   signature_digest = malloc(signature_digest_len);
-  if (!signature_digest) {
-    free(digest);
+  if (!signature_digest)
     return NULL;
-  }
+
   Memcpy(signature_digest, digestinfo, digestinfo_size);
   Memcpy(signature_digest + digestinfo_size, digest, digest_size);
-  free(digest);
 
   /* Allocate output signature */
   sig = SignatureAlloc(siglen_map[key_algorithm], size);
index ac6f9ee..e783c85 100644 (file)
@@ -9,6 +9,7 @@
 #define VBOOT_REFERENCE_FILE_KEYS_H_
 
 #include "cryptolib.h"
+#include "2sha.h"
 
 /* Read file named [input_file] into a buffer and stores the length into
  * [len].
@@ -25,10 +26,11 @@ uint8_t* BufferFromFile(const char* input_file, uint64_t* len);
  */
 RSAPublicKey* RSAPublicKeyFromFile(const char* input_file);
 
-/* Returns the appropriate digest for the data in [input_file]
- * based on the signature [algorithm].
- * Caller owns the returned digest and must free it.
+/* Calculates the appropriate digest for the data in [input_file] based on the
+ * hash algorithm [alg] and stores it into [digest], which is of size
+ * [digest_size].  Returns VB2_SUCCESS, or non-zero on error.
  */
-uint8_t* DigestFile(char* input_file, int sig_algorithm);
+int DigestFile(char *input_file, enum vb2_hash_algorithm alg,
+              uint8_t *digest, uint32_t digest_size);
 
 #endif  /* VBOOT_REFERENCE_FILE_KEYS_H_ */
index dcc2cf2..b56233a 100644 (file)
@@ -9,13 +9,17 @@
 #include <stdlib.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "host_common.h"
 #include "signature_digest.h"
 
 
 uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) {
-  const int digest_size = hash_size_map[algorithm];
+  const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm));
   const int digestinfo_size = digestinfo_size_map[algorithm];
   const uint8_t* digestinfo = hash_digestinfo_map[algorithm];
   uint8_t* p = malloc(digestinfo_size + digest_size);
@@ -27,14 +31,16 @@ uint8_t* PrependDigestInfo(unsigned int algorithm, uint8_t* digest) {
 uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len,
                          unsigned int algorithm) {
   uint8_t* info_digest  = NULL;
-  uint8_t* digest = NULL;
+
+  uint8_t digest[VB2_SHA512_DIGEST_SIZE];  /* Longest digest */
 
   if (algorithm >= kNumAlgorithms) {
     VBDEBUG(("SignatureDigest() called with invalid algorithm!\n"));
-  } else if ((digest = DigestBuf(buf, len, algorithm))) {
+  } else if (VB2_SUCCESS == vb2_digest_buffer(buf, len,
+                                             vb2_crypto_to_hash(algorithm),
+                                             digest, sizeof(digest))) {
     info_digest = PrependDigestInfo(algorithm, digest);
   }
-  free(digest);
   return info_digest;
 }
 
@@ -44,8 +50,8 @@ uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file,
   RSA* key = NULL;
   uint8_t* signature = NULL;
   uint8_t* signature_digest = SignatureDigest(buf, len, algorithm);
-  int signature_digest_len = (hash_size_map[algorithm] +
-                              digestinfo_size_map[algorithm]);
+  const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm));
+  int signature_digest_len = (digest_size + digestinfo_size_map[algorithm]);
   key_fp  = fopen(key_file, "r");
   if (!key_fp) {
     VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", key_file));
index 03ec683..dbcdc6e 100644 (file)
 #include <string.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "host_common.h"
 #include "util_misc.h"
@@ -22,17 +26,20 @@ void PrintPubKeySha1Sum(VbPublicKey *key)
 {
        uint8_t *buf = ((uint8_t *)key) + key->key_offset;
        uint64_t buflen = key->key_size;
-       uint8_t *digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
+       uint8_t digest[VB2_SHA1_DIGEST_SIZE];
+
+       vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest));
+
        int i;
-       for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+       for (i = 0; i < sizeof(digest); i++)
                printf("%02x", digest[i]);
-       free(digest);
 }
 
 void PrintPrivKeySha1Sum(VbPrivateKey *key)
 {
-       uint8_t *buf, *digest;
+       uint8_t *buf;
        uint32_t buflen;
+       uint8_t digest[VB2_SHA1_DIGEST_SIZE];
        int i;
 
        if (vb_keyb_from_rsa(key->rsa_private_key, &buf, &buflen)) {
@@ -40,11 +47,11 @@ void PrintPrivKeySha1Sum(VbPrivateKey *key)
                return;
        }
 
-       digest = DigestBuf(buf, buflen, SHA1_DIGEST_ALGORITHM);
-       for (i = 0; i < SHA1_DIGEST_SIZE; i++)
+       vb2_digest_buffer(buf, buflen, VB2_HASH_SHA1, digest, sizeof(digest));
+
+       for (i = 0; i < sizeof(digest); i++)
                printf("%02x", digest[i]);
 
-       free(digest);
        free(buf);
 }
 
index 8e1525f..5e7aa27 100644 (file)
@@ -46,7 +46,7 @@ int main(void)
   /* file_keys.h */
   BufferFromFile(0, 0);
   RSAPublicKeyFromFile(0);
-  DigestFile(0, 0);
+  DigestFile(0, 0, 0, 0);
 
   /* signature_digest.h */
   PrependDigestInfo(0, 0);
index 47c483b..7beeed6 100644 (file)
 /* Data for mock functions */
 static int mock_rsaverify_retval;
 
-/* Mock functions */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
-  /* Just need to return something; it's only passed to the mock RSAVerify() */
-  return VbExMalloc(4);
-}
-
 int RSAVerify(const RSAPublicKey *key,
               const uint8_t* sig,
               const uint32_t sig_len,
index 2193b78..49ff829 100644 (file)
@@ -7,52 +7,42 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
+
 #include "cryptolib.h"
 #include "host_common.h"
 #include "timer_utils.h"
 
-#define NUM_HASH_ALGORITHMS 3
 #define TEST_BUFFER_SIZE 4000000
 
-/* Table of hash function pointers and their description. */
-typedef uint8_t* (*Hashptr) (const uint8_t*, uint64_t, uint8_t*);
-typedef struct HashFxTable {
-  Hashptr hash;
-  char* description;
-} HashFxTable;
-
-HashFxTable hash_functions[NUM_HASH_ALGORITHMS] = {
-  {internal_SHA1, "sha1"},
-  {internal_SHA256, "sha256"},
-  {internal_SHA512, "sha512"}
-};
-
-int main(int argc, char* argv[]) {
-  int i;
-  double speed;
-  uint32_t msecs;
-  uint8_t* buffer = (uint8_t*) malloc(TEST_BUFFER_SIZE);
-  uint8_t* digest = (uint8_t*) malloc(SHA512_DIGEST_SIZE); /* Maximum size of
-                                                            * the digest. */
-  ClockTimerState ct;
-
-  /* Iterate through all the hash functions. */
-  for(i = 0; i < NUM_HASH_ALGORITHMS; i++) {
-    StartTimer(&ct);
-    hash_functions[i].hash(buffer, TEST_BUFFER_SIZE, digest);
-    StopTimer(&ct);
-
-    msecs = GetDurationMsecs(&ct);
-    speed = ((TEST_BUFFER_SIZE / 10e6)
-             / (msecs / 10e3)); /* Mbytes/sec */
-
-    fprintf(stderr, "# %s Time taken = %u ms, Speed = %f Mbytes/sec\n",
-            hash_functions[i].description, msecs, speed);
-    fprintf(stdout, "mbytes_per_sec_%s:%f\n",
-            hash_functions[i].description, speed);
-  }
-
-  free(digest);
-  free(buffer);
-  return 0;
+int main(int argc, char *argv[]) {
+       int i;
+       double speed;
+       uint32_t msecs;
+       uint8_t *buffer = malloc(TEST_BUFFER_SIZE);
+       uint8_t digest[VB2_MAX_DIGEST_SIZE];
+       ClockTimerState ct;
+
+       /* Iterate through all the hash functions. */
+       for(i = VB2_HASH_SHA1; i < VB2_HASH_ALG_COUNT; i++) {
+               StartTimer(&ct);
+               vb2_digest_buffer(buffer, TEST_BUFFER_SIZE, i,
+                                 digest, sizeof(digest));
+               StopTimer(&ct);
+
+               msecs = GetDurationMsecs(&ct);
+               speed = ((TEST_BUFFER_SIZE / 10e6)
+                        / (msecs / 10e3)); /* Mbytes/sec */
+
+               fprintf(stderr,
+                       "# %s Time taken = %u ms, Speed = %f Mbytes/sec\n",
+                       vb2_get_hash_algorithm_name(i), msecs, speed);
+               fprintf(stdout, "mbytes_per_sec_%s:%f\n",
+                       vb2_get_hash_algorithm_name(i), speed);
+       }
+
+       free(buffer);
+       return 0;
 }
index c75e916..310f570 100644 (file)
@@ -8,8 +8,6 @@
 #ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 #define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 
-#include "cryptolib.h"
-
 char* oneblock_msg = "abc";
 char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
     "jklmklmnlmnomnopnopq";
@@ -18,7 +16,7 @@ char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
     "qrsmnopqrstnopqrstu";
 char* long_msg;
 
-uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
+uint8_t sha1_results[][VB2_SHA1_DIGEST_SIZE] = {
   {
     0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,
     0xba,0x3e,0x25,0x71,0x78,0x50,0xc2,0x6c,
@@ -36,7 +34,7 @@ uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
   }
 };
 
-uint8_t sha256_results[][SHA256_DIGEST_SIZE] = {
+uint8_t sha256_results[][VB2_SHA256_DIGEST_SIZE] = {
   {
     0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
     0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
@@ -57,7 +55,7 @@ uint8_t sha256_results[][SHA256_DIGEST_SIZE] = {
   }
 };
 
-uint8_t sha512_results[][SHA512_DIGEST_SIZE] = {
+uint8_t sha512_results[][VB2_SHA512_DIGEST_SIZE] = {
   {
     0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
     0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
index 4095311..8f662d3 100644 (file)
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
@@ -82,14 +85,17 @@ static void VerifyDigestTest(const VbPublicKey *public_key,
        const uint8_t test_data[] = "This is some other test data to sign.";
        VbSignature *sig;
        RSAPublicKey *rsa;
-       uint8_t *digest;
+       uint8_t digest[VB2_MAX_DIGEST_SIZE];
 
        sig = CalculateSignature(test_data, sizeof(test_data), private_key);
        rsa = PublicKeyToRSA(public_key);
-       digest = DigestBuf(test_data, sizeof(test_data),
-                          (int)public_key->algorithm);
-       TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites");
-       if (!sig || !rsa || !digest)
+       TEST_SUCC(vb2_digest_buffer(test_data, sizeof(test_data),
+                                   vb2_crypto_to_hash(public_key->algorithm),
+                                   digest, sizeof(digest)),
+                 "VerifyData() digest");
+
+       TEST_NEQ(sig && rsa, 0, "VerifyData() prerequisites");
+       if (!sig || !rsa)
                return;
 
        TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok");
@@ -102,7 +108,6 @@ static void VerifyDigestTest(const VbPublicKey *public_key,
 
        RSAPublicKeyFree(rsa);
        free(sig);
-       VbExFree(digest);
 }
 
 static void ReSignKernelPreamble(VbKernelPreambleHeader *h,
index b5c0cc9..7ae7eb2 100644 (file)
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
 
 static void ReChecksumKeyBlock(VbKeyBlockHeader *h)
 {
-       uint8_t *newchk = DigestBuf((const uint8_t *)h,
-                                   h->key_block_checksum.data_size,
-                                   SHA512_DIGEST_ALGORITHM);
-       Memcpy(GetSignatureData(&h->key_block_checksum), newchk,
-              SHA512_DIGEST_SIZE);
-       VbExFree(newchk);
+       vb2_digest_buffer((const uint8_t *)h,
+                         h->key_block_checksum.data_size,
+                         VB2_HASH_SHA512,
+                         GetSignatureData(&h->key_block_checksum),
+                         VB2_SHA512_DIGEST_SIZE);
 }
 
 static void KeyBlockVerifyTest(const VbPublicKey *public_key,
index f83d970..9778295 100644 (file)
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "gbb_header.h"
 #include "host_common.h"
 #include "load_firmware_fw.h"
@@ -30,7 +34,6 @@ static uint8_t gbb_data[sizeof(GoogleBinaryBlockHeader) + 2048];
 static GoogleBinaryBlockHeader* gbb = (GoogleBinaryBlockHeader*)gbb_data;
 static RSAPublicKey data_key;
 static uint32_t digest_size;
-static uint8_t* digest_returned;
 static uint8_t* digest_expect_ptr;
 static int hash_fw_index;
 
@@ -95,7 +98,6 @@ static void ResetMocks(void) {
   Memset(&data_key, 0, sizeof(data_key));
 
   digest_size = 1234;
-  digest_returned = NULL;
   digest_expect_ptr = NULL;
   hash_fw_index = -1;
 }
@@ -144,18 +146,27 @@ void RSAPublicKeyFree(RSAPublicKey* key) {
   data_key.len--;
 }
 
-void DigestInit(DigestContext* ctx, int sig_algorithm) {
-  digest_size = 0;
+int vb2_digest_init(struct vb2_digest_context *dc,
+                   enum vb2_hash_algorithm hash_alg)
+{
+       digest_size = 0;
+       return VB2_SUCCESS;
 }
 
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) {
-  TEST_PTR_EQ(data, digest_expect_ptr, "  Digesting expected data");
-  digest_size += len;
+int vb2_digest_extend(struct vb2_digest_context *dc,
+                     const uint8_t *buf,
+                     uint32_t size)
+{
+       TEST_PTR_EQ(buf, digest_expect_ptr, "  Digesting expected data");
+       digest_size += size;
+       return VB2_SUCCESS;
 }
 
-uint8_t* DigestFinal(DigestContext* ctx) {
-  digest_returned = (uint8_t*)VbExMalloc(4);
-  return digest_returned;
+int vb2_digest_finalize(struct vb2_digest_context *dc,
+                       uint8_t *digest,
+                       uint32_t digest_size)
+{
+       return VB2_SUCCESS;
 }
 
 VbError_t VbExHashFirmwareBody(VbCommonParams* cparams,
@@ -185,7 +196,6 @@ VbError_t VbExHashFirmwareBody(VbCommonParams* cparams,
 
 int VerifyDigest(const uint8_t* digest, const VbSignature *sig,
                  const RSAPublicKey* key) {
-  TEST_PTR_EQ(digest, digest_returned, "Verifying expected digest");
   TEST_PTR_EQ(key, &data_key, "Verifying using data key");
   TEST_PTR_EQ(sig, &mpreamble[hash_fw_index].body_signature, "Verifying sig");
   /* Mocked function uses sig size as return value for verifying digest */
index 16cf1a9..5818db2 100644 (file)
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cgptlib.h"
 #include "cgptlib_internal.h"
 #include "crc32.h"
@@ -71,7 +74,7 @@ static GptHeader *mock_gpt_primary =
        (GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * 1];
 static GptHeader *mock_gpt_secondary =
        (GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * (MOCK_SECTOR_COUNT - 1)];
-static uint8_t mock_digest[SHA256_DIGEST_SIZE] = {12, 34, 56, 78};
+static uint8_t mock_digest[VB2_SHA256_DIGEST_SIZE] = {12, 34, 56, 78};
 
 /**
  * Prepare a valid GPT header that will pass CheckHeader() tests
@@ -293,12 +296,14 @@ int VerifyData(const uint8_t *data, uint64_t size, const VbSignature *sig,
        return VBERROR_SUCCESS;
 }
 
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm)
+int vb2_digest_buffer(const uint8_t *buf,
+                     uint32_t size,
+                     enum vb2_hash_algorithm hash_alg,
+                     uint8_t *digest,
+                     uint32_t digest_size)
 {
-       uint8_t *d = VbExMalloc(sizeof(mock_digest));
-
-       memcpy(d, mock_digest, sizeof(mock_digest));
-       return d;
+       Memcpy(digest, mock_digest, sizeof(mock_digest));
+       return VB2_SUCCESS;
 }
 
 /**
index cee8964..7e833fe 100644 (file)
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "file_keys.h"
 #include "host_common.h"
 #include "padding.h"
@@ -41,8 +45,8 @@ int main(int argc, char* argv[]) {
   }
 
   padded_digest = PrependDigestInfo(algorithm, digest);
-  padded_digest_len = (hash_size_map[algorithm] +
-                       digestinfo_size_map[algorithm]);
+  const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm));
+  padded_digest_len = (digest_size + digestinfo_size_map[algorithm]);
 
   if (!padded_digest)
     error_code = -1;
index 85ba0c9..781f9ff 100644 (file)
@@ -42,8 +42,8 @@ int main(int argc, char* argv[]) {
   }
 
   signature_digest = SignatureDigest(buf, len, algorithm);
-  signature_digest_len = (hash_size_map[algorithm] +
-                          digestinfo_size_map[algorithm]);
+  const int digest_size = vb2_digest_size(vb2_crypto_to_hash(algorithm));
+  signature_digest_len = (digest_size + digestinfo_size_map[algorithm]);
   if (!signature_digest)
     error_code = -1;
   if(signature_digest &&
index c9da240..95c1bbd 100644 (file)
 #include <sys/types.h>
 #include <unistd.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "verify_data.h"
@@ -51,7 +55,7 @@ uint8_t* read_signature(char* input_file, int len) {
 int main(int argc, char* argv[]) {
   int i, algorithm, sig_len;
   int return_code = 1;  /* Default to error. */
-  uint8_t* digest = NULL;
+  uint8_t digest[VB2_MAX_DIGEST_SIZE];
   uint8_t* signature = NULL;
   RSAPublicKey* key = NULL;
 
@@ -74,7 +78,8 @@ int main(int argc, char* argv[]) {
   sig_len = siglen_map[algorithm];
   if ((key = RSAPublicKeyFromFile(argv[2])) &&
       (signature = read_signature(argv[3], sig_len)) &&
-      (digest = DigestFile(argv[4], algorithm))) {
+      (VB2_SUCCESS == DigestFile(argv[4], vb2_crypto_to_hash(algorithm),
+                                digest, sizeof(digest)))) {
     if (RSAVerify(key, signature, sig_len, algorithm, digest)) {
       return_code = 0;
       fprintf(stderr, "Signature Verification "
@@ -89,7 +94,6 @@ int main(int argc, char* argv[]) {
 
   free(key);
   free(signature);
-  free(digest);
 
   return return_code;
 }