| OLD | NEW |
|---|
| (Empty) | |
| 1 #!/bin/bash |
| 2 |
| 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 4 # Use of this source code is governed by a BSD-style license that can be |
| 5 # found in the LICENSE file. |
| 6 |
| 7 # Script to generate padding.c containing PKCS 1.5 padding byte arrays for |
| 8 # various combinations of RSA key lengths and message digest algorithms. |
| 9 |
| 10 Pad_Preamble="0x00,0x01" |
| 11 |
| 12 SHA1_Suffix="0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05"\ |
| 13 ",0x00,0x04,0x14" |
| 14 SHA256_Suffix="0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ |
| 15 ",0x04,0x02,0x01,0x05,0x00,0x04,0x20" |
| 16 SHA512_Suffix="0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ |
| 17 ",0x04,0x02,0x03,0x05,0x00,0x04,0x40" |
| 18 |
| 19 RSA1024_Len=128 |
| 20 RSA2048_Len=256 |
| 21 RSA4096_Len=512 |
| 22 RSA8192_Len=1024 |
| 23 |
| 24 SHA1_T_Len=35 |
| 25 SHA256_T_Len=51 |
| 26 SHA512_T_Len=83 |
| 27 |
| 28 HashAlgos=( SHA1 SHA256 SHA512 ) |
| 29 RSAAlgos=( RSA1024 RSA2048 RSA4096 RSA8192 ) |
| 30 |
| 31 function genFFOctets { |
| 32 count=$1 |
| 33 while [ $count -gt 0 ]; do |
| 34 echo -n "0xff," |
| 35 let count=count-1 |
| 36 done |
| 37 } |
| 38 |
| 39 |
| 40 cat <<EOF |
| 41 /* |
| 42 * DO NOT MODIFY THIS FILE DIRECTLY. |
| 43 * |
| 44 * This file is automatically generated by genpadding.sh and contains padding |
| 45 * arrays corresponding to various combinations of algorithms for RSA signatures
. |
| 46 */ |
| 47 |
| 48 EOF |
| 49 |
| 50 |
| 51 echo '#include "rsa.h"' |
| 52 echo '#include "sha.h"' |
| 53 echo |
| 54 echo |
| 55 cat <<EOF |
| 56 /* |
| 57 * PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard) |
| 58 * |
| 59 * Depending on the RSA key size and hash function, the padding is calculated |
| 60 * as follows: |
| 61 * |
| 62 * 0x00 || 0x01 || PS || 0x00 || T |
| 63 * |
| 64 * T: DER Encoded DigestInfo value which depends on the hash function used. |
| 65 * |
| 66 * SHA-1: (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H. |
| 67 * SHA-256: (0x)30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || H. |
| 68 * SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H. |
| 69 * |
| 70 * Length(T) = 35 octets for SHA-1 |
| 71 * Length(T) = 51 octets for SHA-256 |
| 72 * Length(T) = 83 octets for SHA-512 |
| 73 * |
| 74 * PS: octet string consisting of {Length(RSA Key) - Length(T) - 3} 0xFF |
| 75 * |
| 76 */ |
| 77 EOF |
| 78 echo |
| 79 echo |
| 80 |
| 81 |
| 82 # Generate padding arrays. |
| 83 algorithmcounter=0 |
| 84 |
| 85 for rsaalgo in ${RSAAlgos[@]} |
| 86 do |
| 87 for hashalgo in ${HashAlgos[@]} |
| 88 do |
| 89 echo "/* Algorithm Type $algorithmcounter */" |
| 90 let algorithmcounter=algorithmcounter+1 |
| 91 eval rsalen=${rsaalgo}_Len |
| 92 eval hashlen=${hashalgo}_T_Len |
| 93 let nums=rsalen-hashlen-3 |
| 94 echo "const uint8_t padding${rsaalgo}_${hashalgo}[${rsaalgo}NUMBYTES - ${has
halgo}_DIGEST_SIZE] = {" |
| 95 echo -n $Pad_Preamble, |
| 96 genFFOctets $nums |
| 97 echo -n "0x00," |
| 98 eval suffix=\$${hashalgo}_Suffix |
| 99 echo $suffix |
| 100 echo "};" |
| 101 echo |
| 102 done |
| 103 done |
| 104 |
| 105 echo "const int kNumAlgorithms = $algorithmcounter;"; |
| 106 echo "#define NUMALGORITHMS $algorithmcounter" |
| 107 echo |
| 108 |
| 109 # Generate algorithm signature length map |
| 110 echo "const int siglen_map[NUMALGORITHMS] = {" |
| 111 for rsaalgo in ${RSAAlgos[@]} |
| 112 do |
| 113 for hashalgo in ${HashAlgos[@]} |
| 114 do |
| 115 echo ${rsaalgo}NUMWORDS, |
| 116 done |
| 117 done |
| 118 echo "};" |
| 119 echo |
| 120 |
| 121 # Generate algorithm padding array map |
| 122 echo "const uint8_t* padding_map[NUMALGORITHMS] = {" |
| 123 for rsaalgo in ${RSAAlgos[@]} |
| 124 do |
| 125 for hashalgo in ${HashAlgos[@]} |
| 126 do |
| 127 echo padding${rsaalgo}_${hashalgo}, |
| 128 done |
| 129 done |
| 130 echo "};" |
| 131 echo |
| 132 |
| 133 # Generate algorithm padding size map |
| 134 echo "const int padding_size_map[NUMALGORITHMS] = {" |
| 135 for rsaalgo in ${RSAAlgos[@]} |
| 136 do |
| 137 for hashalgo in ${HashAlgos[@]} |
| 138 do |
| 139 echo ${rsaalgo}NUMBYTES - ${hashalgo}_DIGEST_SIZE, |
| 140 done |
| 141 done |
| 142 echo "};" |
| 143 echo |
| 144 |
| 145 # Generate algorithm message digest's input block size. |
| 146 echo "const int hash_blocksize_map[NUMALGORITHMS] = {" |
| 147 for rsaalgo in ${RSAAlgos[@]} |
| 148 do |
| 149 for hashalgo in ${HashAlgos[@]} |
| 150 do |
| 151 echo ${hashalgo}_BLOCK_SIZE, |
| 152 done |
| 153 done |
| 154 echo "};" |
| 155 echo |
| 156 |
| 157 # Generate algorithm description strings. |
| 158 echo "const char* algo_strings[NUMALGORITHMS] = {" |
| 159 for rsaalgo in ${RSAAlgos[@]} |
| 160 do |
| 161 for hashalgo in ${HashAlgos[@]} |
| 162 do |
| 163 echo \"${rsaalgo} ${hashalgo}\", |
| 164 done |
| 165 done |
| 166 echo "};" |
| 167 echo |
| 168 |
| 169 #echo "#endif /* VBOOT_REFERENCE_PADDING_H_ */" |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 553023:
RSA signature verification and SHA-1/256/512 reference implementation for verified boot. (Closed)
