libavb: Abstract crypto operations am: 725bff42d2 am: 5b3e2b6e8c am: 506a944791 am: 2c27016a65
Original change: https://android-review.googlesource.com/c/platform/external/avb/+/1691106
Change-Id: I6459d6af934211838ff57112c5a71b7c2355bc76
diff --git a/Android.bp b/Android.bp
index 60926e6..e61abe9 100644
--- a/Android.bp
+++ b/Android.bp
@@ -99,8 +99,6 @@
"libavb/avb_kernel_cmdline_descriptor.c",
"libavb/avb_property_descriptor.c",
"libavb/avb_rsa.c",
- "libavb/avb_sha256.c",
- "libavb/avb_sha512.c",
"libavb/avb_slot_verify.c",
"libavb/avb_util.c",
"libavb/avb_vbmeta_image.c",
@@ -108,6 +106,30 @@
],
}
+cc_defaults {
+ name: "avb_crypto_ops_impl_boringssl",
+ srcs: [
+ "libavb/boringssl/sha.c",
+ ],
+ local_include_dirs: [
+ "libavb/boringssl",
+ ],
+ shared_libs: [
+ "libcrypto",
+ ],
+}
+
+cc_defaults {
+ name: "avb_crypto_ops_impl_sha",
+ srcs: [
+ "libavb/sha/sha256_impl.c",
+ "libavb/sha/sha512_impl.c",
+ ],
+ local_include_dirs: [
+ "libavb/sha",
+ ],
+}
+
python_binary_host {
name: "avbtool",
srcs: ["avbtool.py"],
@@ -206,6 +228,7 @@
defaults: [
"avb_defaults",
"avb_sources",
+ "avb_crypto_ops_impl_boringssl",
],
host_supported: true,
recovery_available: true,
@@ -231,6 +254,7 @@
defaults: [
"avb_defaults",
"avb_sources",
+ "avb_crypto_ops_impl_boringssl",
],
recovery_available: true,
header_libs: [
@@ -258,7 +282,10 @@
"libavb_user",
"libfs_mgr",
],
- shared_libs: ["libbase"],
+ shared_libs: [
+ "libbase",
+ "libcrypto",
+ ],
srcs: ["tools/avbctl/avbctl.cc"],
}
@@ -281,6 +308,7 @@
defaults: [
"avb_defaults",
"avb_sources",
+ "avb_crypto_ops_impl_boringssl",
],
host_supported: true,
recovery_available: true,
@@ -311,6 +339,7 @@
"libavb",
"libavb_aftl",
],
+ shared_libs: ["libcrypto"],
host_supported: true,
corpus: ["test/corpus/*"],
fuzz_config: {
@@ -324,7 +353,10 @@
cc_library_host_static {
name: "libavb_atx_host",
- defaults: ["avb_defaults"],
+ defaults: [
+ "avb_defaults",
+ "avb_crypto_ops_impl_boringssl",
+ ],
header_libs: [
"avb_headers",
],
@@ -347,7 +379,10 @@
cc_library_host_static {
name: "libavb_things_example",
- defaults: ["avb_defaults"],
+ defaults: [
+ "avb_defaults",
+ "avb_crypto_ops_impl_boringssl",
+ ],
header_libs: [
"avb_headers",
],
@@ -355,8 +390,8 @@
srcs: ["examples/things/avb_atx_slot_verify.c"],
}
-cc_test_host {
- name: "libavb_host_unittest",
+cc_defaults {
+ name: "libavb_host_unittest_core",
defaults: ["avb_defaults"],
required: [
"simg2img",
@@ -368,10 +403,7 @@
},
compile_multilib: "first",
data: [
- ":img2simg",
- ":simg2img",
"avbtool",
- ":fec",
"test/avbtool_signing_helper_test.py",
"test/avbtool_signing_helper_with_files_test.py",
"test/data/*",
@@ -403,6 +435,7 @@
"test/avb_aftl_verify_unittest.cc",
"test/avb_atx_validate_unittest.cc",
"test/avb_atx_slot_verify_unittest.cc",
+ "test/avb_crypto_ops_unittest.cc",
"test/avb_slot_verify_unittest.cc",
"test/avb_unittest_util.cc",
"test/avb_util_unittest.cc",
@@ -413,6 +446,32 @@
],
}
+cc_test_host {
+ name: "libavb_host_unittest",
+ defaults: [
+ "avb_crypto_ops_impl_boringssl",
+ "libavb_host_unittest_core",
+ ],
+ data: [
+ ":img2simg",
+ ":simg2img",
+ ":fec",
+ ],
+}
+
+cc_test_host {
+ name: "libavb_host_unittest_sha",
+ defaults: [
+ "avb_crypto_ops_impl_sha",
+ "libavb_host_unittest_core",
+ ],
+ data: [
+ ":img2simg",
+ ":simg2img",
+ ":fec",
+ ],
+}
+
cc_library_host_static {
name: "libavb_host_user_code_test",
defaults: ["avb_defaults"],
@@ -432,6 +491,7 @@
],
shared_libs: [
"libbase",
+ "libcrypto",
"libcutils",
],
cflags: [
diff --git a/TEST_MAPPING b/TEST_MAPPING
new file mode 100644
index 0000000..b97c31b
--- /dev/null
+++ b/TEST_MAPPING
@@ -0,0 +1,10 @@
+{
+ "presubmit": [
+ {
+ "name": "libavb_host_unittest"
+ },
+ {
+ "name": "libavb_host_unittest_sha"
+ }
+ ]
+}
diff --git a/libavb/avb_sha.h b/libavb/avb_sha.h
index 82ac9a5..f4c42ea 100644
--- a/libavb/avb_sha.h
+++ b/libavb/avb_sha.h
@@ -40,28 +40,28 @@
#include "avb_crypto.h"
#include "avb_sysdeps.h"
-/* Block size in bytes of a SHA-256 digest. */
-#define AVB_SHA256_BLOCK_SIZE 64
-
-
-/* Block size in bytes of a SHA-512 digest. */
-#define AVB_SHA512_BLOCK_SIZE 128
+/* The following defines must be set to something appropriate
+ *
+ * AVB_SHA256_CONTEXT_SIZE - the size of AvbSHA256Ctx, excluding the buffer
+ * AVB_SHA512_CONTEXT_SIZE - the size of AvbSHA512Ctx, exclusing the buffer
+ *
+ * For example, if AvbSHA512Ctx is implemented using BoringSSL this would be
+ * defined as sizeof(SHA256_CTX).
+ *
+ * We expect the implementation to provide a header file with the name
+ * avb_crypto_ops_impl.h to do all this.
+ */
+#include "avb_crypto_ops_impl.h"
/* Data structure used for SHA-256. */
typedef struct {
- uint32_t h[8];
- uint64_t tot_len;
- size_t len;
- uint8_t block[2 * AVB_SHA256_BLOCK_SIZE];
+ uint8_t reserved[AVB_SHA256_CONTEXT_SIZE];
uint8_t buf[AVB_SHA256_DIGEST_SIZE]; /* Used for storing the final digest. */
} AvbSHA256Ctx;
/* Data structure used for SHA-512. */
typedef struct {
- uint64_t h[8];
- uint64_t tot_len;
- size_t len;
- uint8_t block[2 * AVB_SHA512_BLOCK_SIZE];
+ uint8_t reserved[AVB_SHA512_CONTEXT_SIZE];
uint8_t buf[AVB_SHA512_DIGEST_SIZE]; /* Used for storing the final digest. */
} AvbSHA512Ctx;
diff --git a/libavb/boringssl/avb_crypto_ops_impl.h b/libavb/boringssl/avb_crypto_ops_impl.h
new file mode 100644
index 0000000..abfbcad
--- /dev/null
+++ b/libavb/boringssl/avb_crypto_ops_impl.h
@@ -0,0 +1,50 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+#ifdef AVB_INSIDE_LIBAVB_H
+#error "You can't include avb_crypto_ops_impl.h in the public header libavb.h."
+#endif
+
+#ifndef AVB_COMPILATION
+#error "Never include this file, it may only be used from internal avb code."
+#endif
+
+#ifndef AVB_CRYPTO_OPS_IMPL_H_
+#define AVB_CRYPTO_OPS_IMPL_H_
+
+#include <openssl/is_boringssl.h>
+#include <openssl/sha.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define AVB_SHA256_CONTEXT_SIZE sizeof(SHA256_CTX)
+#define AVB_SHA512_CONTEXT_SIZE sizeof(SHA512_CTX)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* AVB_CRYPTO_OPS_IMPL_H_ */
diff --git a/libavb/boringssl/sha.c b/libavb/boringssl/sha.c
new file mode 100644
index 0000000..96973ec
--- /dev/null
+++ b/libavb/boringssl/sha.c
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+#include <libavb/avb_sha.h>
+
+#include "avb_crypto_ops_impl.h"
+
+/* SHA-256 implementation */
+void avb_sha256_init(AvbSHA256Ctx* ctx) {
+ SHA256_CTX* realCtx = (SHA256_CTX*)ctx->reserved;
+ SHA256_Init(realCtx);
+}
+
+void avb_sha256_update(AvbSHA256Ctx* ctx, const uint8_t* data, size_t len) {
+ SHA256_CTX* realCtx = (SHA256_CTX*)ctx->reserved;
+ SHA256_Update(realCtx, data, len);
+}
+
+uint8_t* avb_sha256_final(AvbSHA256Ctx* ctx) {
+ SHA256_CTX* realCtx = (SHA256_CTX*)ctx->reserved;
+ SHA256_Final(ctx->buf, realCtx);
+ return ctx->buf;
+}
+
+/* SHA-512 implementation */
+void avb_sha512_init(AvbSHA512Ctx* ctx) {
+ SHA512_CTX* realCtx = (SHA512_CTX*)ctx->reserved;
+ SHA512_Init(realCtx);
+}
+
+void avb_sha512_update(AvbSHA512Ctx* ctx, const uint8_t* data, size_t len) {
+ SHA512_CTX* realCtx = (SHA512_CTX*)ctx->reserved;
+ SHA512_Update(realCtx, data, len);
+}
+
+uint8_t* avb_sha512_final(AvbSHA512Ctx* ctx) {
+ SHA512_CTX* realCtx = (SHA512_CTX*)ctx->reserved;
+ SHA512_Final(ctx->buf, realCtx);
+ return ctx->buf;
+}
diff --git a/libavb/sha/avb_crypto_ops_impl.h b/libavb/sha/avb_crypto_ops_impl.h
new file mode 100644
index 0000000..321e0fb
--- /dev/null
+++ b/libavb/sha/avb_crypto_ops_impl.h
@@ -0,0 +1,71 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+#ifdef AVB_INSIDE_LIBAVB_H
+#error "You can't include avb_crypto_ops_impl.h in the public header libavb.h."
+#endif
+
+#ifndef AVB_COMPILATION
+#error "Never include this file, it may only be used from internal avb code."
+#endif
+
+#ifndef AVB_CRYPTO_OPS_IMPL_H_
+#define AVB_CRYPTO_OPS_IMPL_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <libavb/avb_sysdeps.h>
+
+/* Block size in bytes of a SHA-256 digest. */
+#define AVB_SHA256_BLOCK_SIZE 64
+
+/* Block size in bytes of a SHA-512 digest. */
+#define AVB_SHA512_BLOCK_SIZE 128
+
+/* Data structure used for SHA-256. */
+typedef struct {
+ uint32_t h[8];
+ uint64_t tot_len;
+ size_t len;
+ uint8_t block[2 * AVB_SHA256_BLOCK_SIZE];
+} AvbSHA256ImplCtx;
+
+/* Data structure used for SHA-512. */
+typedef struct {
+ uint64_t h[8];
+ uint64_t tot_len;
+ size_t len;
+ uint8_t block[2 * AVB_SHA512_BLOCK_SIZE];
+} AvbSHA512ImplCtx;
+
+#define AVB_SHA256_CONTEXT_SIZE sizeof(AvbSHA256ImplCtx)
+#define AVB_SHA512_CONTEXT_SIZE sizeof(AvbSHA512ImplCtx)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* AVB_CRYPTO_OPS_IMPL_H_ */
diff --git a/libavb/avb_sha256.c b/libavb/sha/sha256_impl.c
similarity index 92%
rename from libavb/avb_sha256.c
rename to libavb/sha/sha256_impl.c
index 8a1c3ae..7e99358 100644
--- a/libavb/avb_sha256.c
+++ b/libavb/sha/sha256_impl.c
@@ -35,7 +35,9 @@
* SUCH DAMAGE.
*/
-#include "avb_sha.h"
+#include <libavb/avb_sha.h>
+
+#include "avb_crypto_ops_impl.h"
#define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -112,7 +114,8 @@
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2};
/* SHA-256 implementation */
-void avb_sha256_init(AvbSHA256Ctx* ctx) {
+void avb_sha256_init(AvbSHA256Ctx* avb_ctx) {
+ AvbSHA256ImplCtx* ctx = (AvbSHA256ImplCtx*)avb_ctx->reserved;
#ifndef UNROLL_LOOPS
int i;
for (i = 0; i < 8; i++) {
@@ -133,7 +136,7 @@
ctx->tot_len = 0;
}
-static void SHA256_transform(AvbSHA256Ctx* ctx,
+static void SHA256_transform(AvbSHA256ImplCtx* ctx,
const uint8_t* message,
size_t block_nb) {
uint32_t w[64];
@@ -332,7 +335,8 @@
}
}
-void avb_sha256_update(AvbSHA256Ctx* ctx, const uint8_t* data, size_t len) {
+void avb_sha256_update(AvbSHA256Ctx* avb_ctx, const uint8_t* data, size_t len) {
+ AvbSHA256ImplCtx* ctx = (AvbSHA256ImplCtx*)avb_ctx->reserved;
size_t block_nb;
size_t new_len, rem_len, tmp_len;
const uint8_t* shifted_data;
@@ -363,7 +367,8 @@
ctx->tot_len += (block_nb + 1) << 6;
}
-uint8_t* avb_sha256_final(AvbSHA256Ctx* ctx) {
+uint8_t* avb_sha256_final(AvbSHA256Ctx* avb_ctx) {
+ AvbSHA256ImplCtx* ctx = (AvbSHA256ImplCtx*)avb_ctx->reserved;
size_t block_nb;
size_t pm_len;
uint64_t len_b;
@@ -385,18 +390,18 @@
#ifndef UNROLL_LOOPS
for (i = 0; i < 8; i++) {
- UNPACK32(ctx->h[i], &ctx->buf[i << 2]);
+ UNPACK32(ctx->h[i], &avb_ctx->buf[i << 2]);
}
#else
- UNPACK32(ctx->h[0], &ctx->buf[0]);
- UNPACK32(ctx->h[1], &ctx->buf[4]);
- UNPACK32(ctx->h[2], &ctx->buf[8]);
- UNPACK32(ctx->h[3], &ctx->buf[12]);
- UNPACK32(ctx->h[4], &ctx->buf[16]);
- UNPACK32(ctx->h[5], &ctx->buf[20]);
- UNPACK32(ctx->h[6], &ctx->buf[24]);
- UNPACK32(ctx->h[7], &ctx->buf[28]);
+ UNPACK32(ctx->h[0], &avb_ctx->buf[0]);
+ UNPACK32(ctx->h[1], &avb_ctx->buf[4]);
+ UNPACK32(ctx->h[2], &avb_ctx->buf[8]);
+ UNPACK32(ctx->h[3], &avb_ctx->buf[12]);
+ UNPACK32(ctx->h[4], &avb_ctx->buf[16]);
+ UNPACK32(ctx->h[5], &avb_ctx->buf[20]);
+ UNPACK32(ctx->h[6], &avb_ctx->buf[24]);
+ UNPACK32(ctx->h[7], &avb_ctx->buf[28]);
#endif /* !UNROLL_LOOPS */
- return ctx->buf;
+ return avb_ctx->buf;
}
diff --git a/libavb/avb_sha512.c b/libavb/sha/sha512_impl.c
similarity index 92%
rename from libavb/avb_sha512.c
rename to libavb/sha/sha512_impl.c
index 6cdc494..1eb9ba4 100644
--- a/libavb/avb_sha512.c
+++ b/libavb/sha/sha512_impl.c
@@ -35,7 +35,9 @@
* SUCH DAMAGE.
*/
-#include "avb_sha.h"
+#include <libavb/avb_sha.h>
+
+#include "avb_crypto_ops_impl.h"
#define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
@@ -131,7 +133,8 @@
/* SHA-512 implementation */
-void avb_sha512_init(AvbSHA512Ctx* ctx) {
+void avb_sha512_init(AvbSHA512Ctx* avb_ctx) {
+ AvbSHA512ImplCtx* ctx = (AvbSHA512ImplCtx*)avb_ctx->reserved;
#ifdef UNROLL_LOOPS_SHA512
ctx->h[0] = sha512_h0[0];
ctx->h[1] = sha512_h0[1];
@@ -152,7 +155,7 @@
ctx->tot_len = 0;
}
-static void SHA512_transform(AvbSHA512Ctx* ctx,
+static void SHA512_transform(AvbSHA512ImplCtx* ctx,
const uint8_t* message,
size_t block_nb) {
uint64_t w[80];
@@ -318,7 +321,8 @@
}
}
-void avb_sha512_update(AvbSHA512Ctx* ctx, const uint8_t* data, size_t len) {
+void avb_sha512_update(AvbSHA512Ctx* avb_ctx, const uint8_t* data, size_t len) {
+ AvbSHA512ImplCtx* ctx = (AvbSHA512ImplCtx*)avb_ctx->reserved;
size_t block_nb;
size_t new_len, rem_len, tmp_len;
const uint8_t* shifted_data;
@@ -349,7 +353,8 @@
ctx->tot_len += (block_nb + 1) << 7;
}
-uint8_t* avb_sha512_final(AvbSHA512Ctx* ctx) {
+uint8_t* avb_sha512_final(AvbSHA512Ctx* avb_ctx) {
+ AvbSHA512ImplCtx* ctx = (AvbSHA512ImplCtx*)avb_ctx->reserved;
size_t block_nb;
size_t pm_len;
uint64_t len_b;
@@ -371,18 +376,18 @@
SHA512_transform(ctx, ctx->block, block_nb);
#ifdef UNROLL_LOOPS_SHA512
- UNPACK64(ctx->h[0], &ctx->buf[0]);
- UNPACK64(ctx->h[1], &ctx->buf[8]);
- UNPACK64(ctx->h[2], &ctx->buf[16]);
- UNPACK64(ctx->h[3], &ctx->buf[24]);
- UNPACK64(ctx->h[4], &ctx->buf[32]);
- UNPACK64(ctx->h[5], &ctx->buf[40]);
- UNPACK64(ctx->h[6], &ctx->buf[48]);
- UNPACK64(ctx->h[7], &ctx->buf[56]);
+ UNPACK64(ctx->h[0], &avb_ctx->buf[0]);
+ UNPACK64(ctx->h[1], &avb_ctx->buf[8]);
+ UNPACK64(ctx->h[2], &avb_ctx->buf[16]);
+ UNPACK64(ctx->h[3], &avb_ctx->buf[24]);
+ UNPACK64(ctx->h[4], &avb_ctx->buf[32]);
+ UNPACK64(ctx->h[5], &avb_ctx->buf[40]);
+ UNPACK64(ctx->h[6], &avb_ctx->buf[48]);
+ UNPACK64(ctx->h[7], &avb_ctx->buf[56]);
#else
for (i = 0; i < 8; i++)
- UNPACK64(ctx->h[i], &ctx->buf[i << 3]);
+ UNPACK64(ctx->h[i], &avb_ctx->buf[i << 3]);
#endif /* UNROLL_LOOPS_SHA512 */
- return ctx->buf;
+ return avb_ctx->buf;
}
diff --git a/test/avb_crypto_ops_unittest.cc b/test/avb_crypto_ops_unittest.cc
new file mode 100644
index 0000000..94141c7
--- /dev/null
+++ b/test/avb_crypto_ops_unittest.cc
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Permission is hereby granted, free of charge, to any person
+ * obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without
+ * restriction, including without limitation the rights to use, copy,
+ * modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+#include <string.h>
+
+#include <gtest/gtest.h>
+
+#include <libavb/avb_sha.h>
+
+#include "avb_unittest_util.h"
+
+namespace avb {
+
+/* These smoke tests are intended to check that the cryptographic operations
+ * conform to the AVB interface and not to check the correctness of the
+ * cryptograhpy.
+ */
+
+TEST(CryptoOpsTest, Sha256) {
+ AvbSHA256Ctx ctx;
+
+ /* Compare with
+ *
+ * $ echo -n foobar |sha256sum
+ * c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2 -
+ */
+ avb_sha256_init(&ctx);
+ avb_sha256_update(&ctx, (const uint8_t*)"foobar", 6);
+ EXPECT_EQ("c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2",
+ mem_to_hexstring(avb_sha256_final(&ctx), AVB_SHA256_DIGEST_SIZE));
+}
+
+// Disabled for now because it takes ~30 seconds to run.
+TEST(CryptoOpsTest, DISABLED_Sha256Large) {
+ AvbSHA256Ctx ctx;
+
+ /* Also check we this works with greater than 4GiB input. Compare with
+ *
+ * $ dd if=/dev/zero bs=1048576 count=4097 |sha256sum
+ * 829816e339ff597ec3ada4c30fc840d3f2298444169d242952a54bcf3fcd7747 -
+ */
+ const size_t kMebibyte = 1048576;
+ uint8_t* megabuf;
+ megabuf = new uint8_t[kMebibyte];
+ memset((char*)megabuf, '\0', kMebibyte);
+ avb_sha256_init(&ctx);
+ for (size_t n = 0; n < 4097; n++) {
+ avb_sha256_update(&ctx, megabuf, kMebibyte);
+ }
+ EXPECT_EQ("829816e339ff597ec3ada4c30fc840d3f2298444169d242952a54bcf3fcd7747",
+ mem_to_hexstring(avb_sha256_final(&ctx), AVB_SHA256_DIGEST_SIZE));
+ delete[] megabuf;
+}
+
+TEST(CryptoOpsTest, Sha512) {
+ AvbSHA512Ctx ctx;
+
+ /* Compare with
+ *
+ * $ echo -n foobar |sha512sum
+ * 0a50261ebd1a390fed2bf326f2673c145582a6342d523204973d0219337f81616a8069b012587cf5635f6925f1b56c360230c19b273500ee013e030601bf2425
+ * -
+ */
+ avb_sha512_init(&ctx);
+ avb_sha512_update(&ctx, (const uint8_t*)"foobar", 6);
+ EXPECT_EQ(
+ "0a50261ebd1a390fed2bf326f2673c145582a6342d523204973d0219337f81616a8069b0"
+ "12587cf5635f6925f1b56c360230c19b273500ee013e030601bf2425",
+ mem_to_hexstring(avb_sha512_final(&ctx), AVB_SHA512_DIGEST_SIZE));
+}
+
+// Disabled for now because it takes ~30 seconds to run.
+TEST(CryptoOpsTest, DISABLED_Sha512Large) {
+ AvbSHA512Ctx ctx;
+
+ /* Also check we this works with greater than 4GiB input. Compare with
+ *
+ * $ dd if=/dev/zero bs=1048576 count=4097 |sha512sum
+ * eac1685671cc2060315888746de072398116c0c83b7ee9463f0576e11bfdea9cdd5ddbf291fb3ffc4ee8a1b459c798d9fb9b50b7845e2871c4b1402470aaf4c0
+ * -
+ */
+ const size_t kMebibyte = 1048576;
+ uint8_t* megabuf;
+ megabuf = new uint8_t[kMebibyte];
+ memset((char*)megabuf, '\0', kMebibyte);
+ avb_sha512_init(&ctx);
+ for (size_t n = 0; n < 4097; n++) {
+ avb_sha512_update(&ctx, megabuf, kMebibyte);
+ }
+ EXPECT_EQ(
+ "eac1685671cc2060315888746de072398116c0c83b7ee9463f0576e11bfdea9cdd5ddbf2"
+ "91fb3ffc4ee8a1b459c798d9fb9b50b7845e2871c4b1402470aaf4c0",
+ mem_to_hexstring(avb_sha512_final(&ctx), AVB_SHA512_DIGEST_SIZE));
+ delete[] megabuf;
+}
+
+} // namespace avb
diff --git a/test/avb_util_unittest.cc b/test/avb_util_unittest.cc
index defdfab..5670f85 100644
--- a/test/avb_util_unittest.cc
+++ b/test/avb_util_unittest.cc
@@ -27,7 +27,6 @@
#include <gtest/gtest.h>
-#include <libavb/avb_sha.h>
#include <libavb/libavb.h>
#include "avb_unittest_util.h"
@@ -543,82 +542,4 @@
EXPECT_EQ("/", std::string(avb_basename("/")));
}
-TEST_F(UtilTest, Sha256) {
- AvbSHA256Ctx ctx;
-
- /* Compare with
- *
- * $ echo -n foobar |sha256sum
- * c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2 -
- */
- avb_sha256_init(&ctx);
- avb_sha256_update(&ctx, (const uint8_t*)"foobar", 6);
- EXPECT_EQ("c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2",
- mem_to_hexstring(avb_sha256_final(&ctx), AVB_SHA256_DIGEST_SIZE));
-}
-
-// Disabled for now because it takes ~30 seconds to run.
-TEST_F(UtilTest, DISABLED_Sha256Large) {
- AvbSHA256Ctx ctx;
-
- /* Also check we this works with greater than 4GiB input. Compare with
- *
- * $ dd if=/dev/zero bs=1048576 count=4097 |sha256sum
- * 829816e339ff597ec3ada4c30fc840d3f2298444169d242952a54bcf3fcd7747 -
- */
- const size_t kMebibyte = 1048576;
- uint8_t* megabuf;
- megabuf = new uint8_t[kMebibyte];
- memset((char*)megabuf, '\0', kMebibyte);
- avb_sha256_init(&ctx);
- for (size_t n = 0; n < 4097; n++) {
- avb_sha256_update(&ctx, megabuf, kMebibyte);
- }
- EXPECT_EQ("829816e339ff597ec3ada4c30fc840d3f2298444169d242952a54bcf3fcd7747",
- mem_to_hexstring(avb_sha256_final(&ctx), AVB_SHA256_DIGEST_SIZE));
- delete[] megabuf;
-}
-
-TEST_F(UtilTest, Sha512) {
- AvbSHA512Ctx ctx;
-
- /* Compare with
- *
- * $ echo -n foobar |sha512sum
- * 0a50261ebd1a390fed2bf326f2673c145582a6342d523204973d0219337f81616a8069b012587cf5635f6925f1b56c360230c19b273500ee013e030601bf2425
- * -
- */
- avb_sha512_init(&ctx);
- avb_sha512_update(&ctx, (const uint8_t*)"foobar", 6);
- EXPECT_EQ(
- "0a50261ebd1a390fed2bf326f2673c145582a6342d523204973d0219337f81616a8069b0"
- "12587cf5635f6925f1b56c360230c19b273500ee013e030601bf2425",
- mem_to_hexstring(avb_sha512_final(&ctx), AVB_SHA512_DIGEST_SIZE));
-}
-
-// Disabled for now because it takes ~30 seconds to run.
-TEST_F(UtilTest, DISABLED_Sha512Large) {
- AvbSHA512Ctx ctx;
-
- /* Also check we this works with greater than 4GiB input. Compare with
- *
- * $ dd if=/dev/zero bs=1048576 count=4097 |sha512sum
- * eac1685671cc2060315888746de072398116c0c83b7ee9463f0576e11bfdea9cdd5ddbf291fb3ffc4ee8a1b459c798d9fb9b50b7845e2871c4b1402470aaf4c0
- * -
- */
- const size_t kMebibyte = 1048576;
- uint8_t* megabuf;
- megabuf = new uint8_t[kMebibyte];
- memset((char*)megabuf, '\0', kMebibyte);
- avb_sha512_init(&ctx);
- for (size_t n = 0; n < 4097; n++) {
- avb_sha512_update(&ctx, megabuf, kMebibyte);
- }
- EXPECT_EQ(
- "eac1685671cc2060315888746de072398116c0c83b7ee9463f0576e11bfdea9cdd5ddbf2"
- "91fb3ffc4ee8a1b459c798d9fb9b50b7845e2871c4b1402470aaf4c0",
- mem_to_hexstring(avb_sha512_final(&ctx), AVB_SHA512_DIGEST_SIZE));
- delete[] megabuf;
-}
-
} // namespace avb