sbtools: convert crypto to libtomcrypt.

Replace the use of crypto++ with tomcrypt, which is much smaller and C. This gets rid of various build issues for systems that don't ship crypo++ (i.e. everything except Linux.) Change-Id: Ic0799e17b94935c71b14765cf9a2a7ea2b0adc7a
author: Dominik Riebeling <Dominik.Riebeling@gmail.com> 2020-08-08 18:46:43 +0200
committer: Dominik Riebeling <Dominik.Riebeling@gmail.com> 2020-10-18 19:08:32 +0200
commit: 2037b837f81485770fcb066adea70b1d22e9b727 (patch)
tree: 41d15b95f38843dfe5fb45327c25d3a116731b05
parent: 815b289cb3438ed566b3e9dc5074fe12e4b98f46 (diff)
download: rockbox-2037b837f81485770fcb066adea70b1d22e9b727.tar.gz
rockbox-2037b837f81485770fcb066adea70b1d22e9b727.zip
6 files changed, 50 insertions, 64 deletions
diff --git a/rbutil/mkimxboot/Makefile b/rbutil/mkimxboot/Makefile
index 9ad21a1966..d2c487c475 100644
--- a/rbutil/mkimxboot/Makefile
+++ b/rbutil/mkimxboot/Makefile
@@ -8,24 +8,18 @@
 # We use the SB code available in the Rockbox utils/sbtools directory
 IMXTOOLS_DIR=../../utils/imxtools/sbtools/
-CFLAGS += -I$(IMXTOOLS_DIR) -Wall
-# std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE)
-CFLAGS += -std=gnu99 -g -O3
-# Location to pkg-config binary.
+COMPILEFLAGS := -Wall -g -O3 -I$(IMXTOOLS_DIR)
-PKGCONFIG := pkg-config
+# std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE)
+CFLAGS += -std=gnu99 $(COMPILEFLAGS)
+CXXFLAGS += $(COMPILEFLAGS)
-# Distros could use different names for the crypto library. We try a list
+TOMCRYPT_DIR := ../../utils/tomcrypt
-# of candidate names, only one of them should be the valid one.
-LIBCRYPTO_NAMES = libcryptopp libcrypto++ cryptopp crypto++
-$(foreach l,$(LIBCRYPTO_NAMES),\
+CXXFLAGS += -I$(TOMCRYPT_DIR)/src/headers
-        $(eval LDOPTS += $(shell $(PKGCONFIG) --silence-errors --libs $(l))))
+CFLAGS += -I$(TOMCRYPT_DIR)/src/headers
-$(foreach l,$(LIBCRYPTO_NAMES),\
+LDOPTS += -lpthread $(TOMCRYPT_DIR)/librbtomcrypt.a
-        $(eval CFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
-$(foreach l,$(LIBCRYPTO_NAMES),\
-        $(eval CXXFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
-LDOPTS += -lpthread
 OUTPUT = mkimxboot
@@ -33,6 +27,10 @@ OUTPUT = mkimxboot
 IMXTOOLS_SOURCES = misc.c sb.c crypto.cpp crc.c elf.c
 LIBSOURCES := dualboot.c mkimxboot.c md5.c \
              $(addprefix $(IMXTOOLS_DIR),$(IMXTOOLS_SOURCES))
+# for now build tomcrypt as part of the lib.
+LIBSOURCES += $(addprefix $(TOMCRYPT_DIR),$(TOMCRYPT_SOURCES))
 # inputs for binary only
 SOURCES := $(LIBSOURCES) main.c
 # dependencies for binary
@@ -43,3 +41,8 @@ include ../libtools.make
 # explicit dependencies on dualboot.{c,h} and mkimxboot.h
 $(OBJDIR)mkimxboot.o: dualboot.h dualboot.c mkimxboot.c mkimxboot.h
 $(OBJDIR)main.o: dualboot.h dualboot.c main.c mkimxboot.h
+$(BINARY): librbtomcrypt.a
+librbtomcrypt.a:
+        $(MAKE) -C ../../utils/tomcrypt
diff --git a/rbutil/rbutilqt/Makefile.libs b/rbutil/rbutilqt/Makefile.libs
index 6d5c8c5354..938426f124 100644
--- a/rbutil/rbutilqt/Makefile.libs
+++ b/rbutil/rbutilqt/Makefile.libs
@@ -33,12 +33,14 @@ export CC=$(EXTRALIBS_CC)
 export CXX=$(EXTRALIBS_CXX)
 export AR=$(EXTRALIBS_AR)
-libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch
+libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch librbtomcrypt
 # To support cross compiles, we explicitly pass the CC flag below for
 # all tools which override CC or CXX in their makefiles. CXX is only
 # used by mkimxboot.
+librbtomcrypt:
+        $(SILENT) $(MAKE) -C $(RBBASE_DIR)/utils/tomcrypt BUILD_DIR=$(BUILD_DIR)/tomcrypt librbtomcrypt.a
 librbspeex:
        $(SILENT) $(MAKE) -C $(RBBASE_DIR)/tools/rbspeex BUILD_DIR=$(BUILD_DIR)/libspeex librbspeex.a
diff --git a/rbutil/rbutilqt/rbutilqt.pro b/rbutil/rbutilqt/rbutilqt.pro
index d07c1e01bc..9d7da92dbf 100644
--- a/rbutil/rbutilqt/rbutilqt.pro
+++ b/rbutil/rbutilqt/rbutilqt.pro
@@ -85,7 +85,8 @@ extralibs.commands = $$SILENT \
 # Note: order is important for RBLIBS! The libs are appended to the linker
 # flags in this order, put libucl at the end.
 RBLIBS = rbspeex ipodpatcher sansapatcher mkamsboot mktccboot \
-         mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl
+         mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl \
+         rbtomcrypt
 # NOTE: Linking bzip2 causes problems on Windows (Qt seems to export those
 # symbols as well, similar to what we have with zlib.) Only link that on
 # non-Windows for now.
@@ -139,9 +140,6 @@ for(rblib, RBLIBS) {
    LIBS += -l$$rblib
 }
-# We need libcrypto++
-LIBS += -lcryptopp
 # on win32 libz is linked implicitly.
 !win32 {
    LIBS += -lz
diff --git a/utils/imxtools/sbtools/Makefile b/utils/imxtools/sbtools/Makefile
index 3e284e20dd..b1d0313f77 100644
--- a/utils/imxtools/sbtools/Makefile
+++ b/utils/imxtools/sbtools/Makefile
@@ -3,10 +3,11 @@ CC := gcc
 CXX := g++
 LD := g++
-LIBUSB := $(shell pkg-config --cflags libusb-1.0)
+TOMCRYPT_DIR := ../../tomcrypt/
-CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES)
-CXXFLAGS := -O3 -g -Wall $(pkg-config --cflags libcrypto++) $(DEFINES)
+CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
-LDFLAGS := $(shell pkg-config --libs libusb-1.0) $(shell pkg-config --libs libcrypto++)
+CXXFLAGS := -O3 -g -Wall $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
+LDFLAGS := $(shell pkg-config --libs libusb-1.0)
 BINS := elftosb sbtoelf sbloader rsrctool elftosb1
 all: $(BINS)
@@ -17,10 +18,10 @@ all: $(BINS)
 %.o: %.cpp
        $(CXX) $(CXXFLAGS) -c -o $@ $<
-sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o
+sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o $(TOMCRYPT_DIR)/librbtomcrypt.a
        $(LD) -o $@ $^ $(LDFLAGS)
-elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o
+elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o $(TOMCRYPT_DIR)/librbtomcrypt.a
        $(LD) -o $@ $^ $(LDFLAGS)
 elftosb1: elftosb1.o xorcrypt.o elf.o misc.o sb1.o
@@ -37,3 +38,7 @@ clean:
 veryclean:
        rm -rf $(BINS)
+$(TOMCRYPT_DIR)/librbtomcrypt.a:
+        $(MAKE) -C $(TOMCRYPT_DIR)
diff --git a/utils/imxtools/sbtools/crypto.cpp b/utils/imxtools/sbtools/crypto.cpp
index 5563fcfd3b..d3ec18bd11 100644
--- a/utils/imxtools/sbtools/crypto.cpp
+++ b/utils/imxtools/sbtools/crypto.cpp
@@ -20,21 +20,13 @@
 ****************************************************************************/
 #include "crypto.h"
 #include "misc.h"
-#include <cryptopp/modes.h>
-#include <cryptopp/aes.h>
-#include <cryptopp/sha.h>
-using namespace CryptoPP;
+#include "tomcrypt.h"
-namespace
-{
 enum crypto_method_t g_cur_method = CRYPTO_NONE;
 uint8_t g_key[16];
-CBC_Mode<AES>::Encryption g_aes_enc;
-CBC_Mode<AES>::Decryption g_aes_dec;
-bool g_aes_enc_key_dirty; /* true of g_aes_enc key needs to be updated */
-bool g_aes_dec_key_dirty; /* same for g_aes_dec */
 int cbc_mac2(
    const uint8_t *in_data, /* Input data */
@@ -46,25 +38,20 @@ int cbc_mac2(
    bool encrypt /* 1 to encrypt, 0 to decrypt */
    )
 {
+    int cipher = register_cipher(&aes_desc);
+    symmetric_CBC cbc;
+    cbc_start(cipher, iv, key, 16, 0, &cbc);
    /* encrypt */
    if(encrypt)
    {
-        /* update keys if neeeded */
-        if(g_aes_enc_key_dirty)
-        {
-            /* we need to provide an IV with the key, although we change it
-             * everytime we run the cipher anyway */
-            g_aes_enc.SetKeyWithIV(g_key, 16, iv, 16);
-            g_aes_enc_key_dirty = false;
-        }
-        g_aes_enc.Resynchronize(iv, 16);
        uint8_t tmp[16];
        /* we need some output buffer, either a temporary one if we are CBC-MACing
         * only, or use output buffer if available */
        uint8_t *out_ptr = (out_data == NULL) ? tmp : out_data;
        while(nr_blocks-- > 0)
        {
-            g_aes_enc.ProcessData(out_ptr, in_data, 16);
+            cbc_encrypt(in_data, out_ptr, 16, &cbc);
            /* if this is the last block, copy CBC-MAC */
            if(nr_blocks == 0 && out_cbc_mac)
                memcpy(out_cbc_mac, out_ptr, 16);
@@ -78,24 +65,17 @@ int cbc_mac2(
    /* decrypt */
    else
    {
+        cbc_decrypt(in_data, out_data, nr_blocks * 16, &cbc);
        /* update keys if neeeded */
-        if(g_aes_dec_key_dirty)
-        {
-            /* we need to provide an IV with the key, although we change it
-             * everytime we run the cipher anyway */
-            g_aes_dec.SetKeyWithIV(g_key, 16, iv, 16);
-            g_aes_dec_key_dirty = false;
-        }
        /* we cannot produce a CBC-MAC in decrypt mode, output buffer exists */
        if(out_cbc_mac || out_data == NULL)
            return CRYPTO_ERROR_INVALID_OP;
-        g_aes_dec.Resynchronize(iv, 16);
-        g_aes_dec.ProcessData(out_data, in_data, nr_blocks * 16);
        return CRYPTO_ERROR_SUCCESS;
    }
 }
-}
 int crypto_setup(struct crypto_key_t *key)
 {
@@ -104,8 +84,7 @@ int crypto_setup(struct crypto_key_t *key)
    {
        case CRYPTO_KEY:
            memcpy(g_key, key->u.key, 16);
-            g_aes_dec_key_dirty = true;
-            g_aes_enc_key_dirty = true;
            return CRYPTO_ERROR_SUCCESS;
        default:
            return CRYPTO_ERROR_BADSETUP;
@@ -128,19 +107,17 @@ int crypto_apply(
 void sha_1_init(struct sha_1_params_t *params)
 {
-    params->object = new SHA1;
+    sha1_init(&params->state);
 }
 void sha_1_update(struct sha_1_params_t *params, uint8_t *buffer, int size)
 {
-    reinterpret_cast<SHA1 *>(params->object)->Update(buffer, size);
+    sha1_process(&params->state, buffer, size);
 }
 void sha_1_finish(struct sha_1_params_t *params)
 {
-    SHA1 *obj = reinterpret_cast<SHA1 *>(params->object);
+    sha1_done(&params->state, params->hash);
-    obj->Final(params->hash);
-    delete obj;
 }
 void sha_1_output(struct sha_1_params_t *params, uint8_t *out)
diff --git a/utils/imxtools/sbtools/crypto.h b/utils/imxtools/sbtools/crypto.h
index bdb94bb881..446891b7f2 100644
--- a/utils/imxtools/sbtools/crypto.h
+++ b/utils/imxtools/sbtools/crypto.h
@@ -77,11 +77,12 @@ int crypto_apply(
 uint32_t crc(uint8_t *data, int size);
 uint32_t crc_continue(uint32_t previous_crc, uint8_t *data, int size);
+#include "tomcrypt.h"
 /* sha1.c */
 struct sha_1_params_t
 {
    uint8_t hash[20]; /* final hash */
-    void *object; /* pointer to CryptoPP::SHA1 object */
+    hash_state state; /* libtomcrypt state */
 };
 void sha_1_init(struct sha_1_params_t *params);
author	Dominik Riebeling <Dominik.Riebeling@gmail.com>	2020-08-08 18:46:43 +0200
committer	Dominik Riebeling <Dominik.Riebeling@gmail.com>	2020-10-18 19:08:32 +0200
commit	2037b837f81485770fcb066adea70b1d22e9b727 (patch)
tree	41d15b95f38843dfe5fb45327c25d3a116731b05
parent	815b289cb3438ed566b3e9dc5074fe12e4b98f46 (diff)
download	rockbox-2037b837f81485770fcb066adea70b1d22e9b727.tar.gz rockbox-2037b837f81485770fcb066adea70b1d22e9b727.zip

diff --git a/rbutil/mkimxboot/Makefile b/rbutil/mkimxboot/Makefile index 9ad21a1966..d2c487c475 100644 --- a/rbutil/mkimxboot/Makefile +++ b/rbutil/mkimxboot/Makefile
@@ -8,24 +8,18 @@
8	# We use the SB code available in the Rockbox utils/sbtools directory	8	# We use the SB code available in the Rockbox utils/sbtools directory
9		9
10	IMXTOOLS_DIR=../../utils/imxtools/sbtools/	10	IMXTOOLS_DIR=../../utils/imxtools/sbtools/
11	CFLAGS += -I$(IMXTOOLS_DIR) -Wall
12	# std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE)
13	CFLAGS += -std=gnu99 -g -O3
14		11
15	# Location to pkg-config binary.	12	COMPILEFLAGS := -Wall -g -O3 -I$(IMXTOOLS_DIR)
16	PKGCONFIG := pkg-config	13
		14	# std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE)
		15	CFLAGS += -std=gnu99 $(COMPILEFLAGS)
		16	CXXFLAGS += $(COMPILEFLAGS)
17		17
18	# Distros could use different names for the crypto library. We try a list	18	TOMCRYPT_DIR := ../../utils/tomcrypt
19	# of candidate names, only one of them should be the valid one.
20	LIBCRYPTO_NAMES = libcryptopp libcrypto++ cryptopp crypto++
21		19
22	$(foreach l,$(LIBCRYPTO_NAMES),\	20	CXXFLAGS += -I$(TOMCRYPT_DIR)/src/headers
23	$(eval LDOPTS += $(shell $(PKGCONFIG) --silence-errors --libs $(l))))	21	CFLAGS += -I$(TOMCRYPT_DIR)/src/headers
24	$(foreach l,$(LIBCRYPTO_NAMES),\	22	LDOPTS += -lpthread $(TOMCRYPT_DIR)/librbtomcrypt.a
25	$(eval CFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
26	$(foreach l,$(LIBCRYPTO_NAMES),\
27	$(eval CXXFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
28	LDOPTS += -lpthread
29		23
30	OUTPUT = mkimxboot	24	OUTPUT = mkimxboot
31		25
@@ -33,6 +27,10 @@ OUTPUT = mkimxboot
33	IMXTOOLS_SOURCES = misc.c sb.c crypto.cpp crc.c elf.c	27	IMXTOOLS_SOURCES = misc.c sb.c crypto.cpp crc.c elf.c
34	LIBSOURCES := dualboot.c mkimxboot.c md5.c \	28	LIBSOURCES := dualboot.c mkimxboot.c md5.c \
35	$(addprefix $(IMXTOOLS_DIR),$(IMXTOOLS_SOURCES))	29	$(addprefix $(IMXTOOLS_DIR),$(IMXTOOLS_SOURCES))
		30
		31	# for now build tomcrypt as part of the lib.
		32	LIBSOURCES += $(addprefix $(TOMCRYPT_DIR),$(TOMCRYPT_SOURCES))
		33
36	# inputs for binary only	34	# inputs for binary only
37	SOURCES := $(LIBSOURCES) main.c	35	SOURCES := $(LIBSOURCES) main.c
38	# dependencies for binary	36	# dependencies for binary
@@ -43,3 +41,8 @@ include ../libtools.make
43	# explicit dependencies on dualboot.{c,h} and mkimxboot.h	41	# explicit dependencies on dualboot.{c,h} and mkimxboot.h
44	$(OBJDIR)mkimxboot.o: dualboot.h dualboot.c mkimxboot.c mkimxboot.h	42	$(OBJDIR)mkimxboot.o: dualboot.h dualboot.c mkimxboot.c mkimxboot.h
45	$(OBJDIR)main.o: dualboot.h dualboot.c main.c mkimxboot.h	43	$(OBJDIR)main.o: dualboot.h dualboot.c main.c mkimxboot.h
		44	$(BINARY): librbtomcrypt.a
		45
		46	librbtomcrypt.a:
		47	$(MAKE) -C ../../utils/tomcrypt
		48


diff --git a/rbutil/rbutilqt/Makefile.libs b/rbutil/rbutilqt/Makefile.libs index 6d5c8c5354..938426f124 100644 --- a/rbutil/rbutilqt/Makefile.libs +++ b/rbutil/rbutilqt/Makefile.libs
@@ -33,12 +33,14 @@ export CC=$(EXTRALIBS_CC)
33	export CXX=$(EXTRALIBS_CXX)	33	export CXX=$(EXTRALIBS_CXX)
34	export AR=$(EXTRALIBS_AR)	34	export AR=$(EXTRALIBS_AR)
35		35
36	libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch	36	libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch librbtomcrypt
37		37
38	# To support cross compiles, we explicitly pass the CC flag below for	38	# To support cross compiles, we explicitly pass the CC flag below for
39	# all tools which override CC or CXX in their makefiles. CXX is only	39	# all tools which override CC or CXX in their makefiles. CXX is only
40	# used by mkimxboot.	40	# used by mkimxboot.
41		41
		42	librbtomcrypt:
		43	$(SILENT) $(MAKE) -C $(RBBASE_DIR)/utils/tomcrypt BUILD_DIR=$(BUILD_DIR)/tomcrypt librbtomcrypt.a
42	librbspeex:	44	librbspeex:
43	$(SILENT) $(MAKE) -C $(RBBASE_DIR)/tools/rbspeex BUILD_DIR=$(BUILD_DIR)/libspeex librbspeex.a	45	$(SILENT) $(MAKE) -C $(RBBASE_DIR)/tools/rbspeex BUILD_DIR=$(BUILD_DIR)/libspeex librbspeex.a
44		46


diff --git a/rbutil/rbutilqt/rbutilqt.pro b/rbutil/rbutilqt/rbutilqt.pro index d07c1e01bc..9d7da92dbf 100644 --- a/rbutil/rbutilqt/rbutilqt.pro +++ b/rbutil/rbutilqt/rbutilqt.pro
@@ -85,7 +85,8 @@ extralibs.commands = $$SILENT \
85	# Note: order is important for RBLIBS! The libs are appended to the linker	85	# Note: order is important for RBLIBS! The libs are appended to the linker
86	# flags in this order, put libucl at the end.	86	# flags in this order, put libucl at the end.
87	RBLIBS = rbspeex ipodpatcher sansapatcher mkamsboot mktccboot \	87	RBLIBS = rbspeex ipodpatcher sansapatcher mkamsboot mktccboot \
88	mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl	88	mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl \
		89	rbtomcrypt
89	# NOTE: Linking bzip2 causes problems on Windows (Qt seems to export those	90	# NOTE: Linking bzip2 causes problems on Windows (Qt seems to export those
90	# symbols as well, similar to what we have with zlib.) Only link that on	91	# symbols as well, similar to what we have with zlib.) Only link that on
91	# non-Windows for now.	92	# non-Windows for now.
@@ -139,9 +140,6 @@ for(rblib, RBLIBS) {
139	LIBS += -l$$rblib	140	LIBS += -l$$rblib
140	}	141	}
141		142
142	# We need libcrypto++
143	LIBS += -lcryptopp
144
145	# on win32 libz is linked implicitly.	143	# on win32 libz is linked implicitly.
146	!win32 {	144	!win32 {
147	LIBS += -lz	145	LIBS += -lz


diff --git a/utils/imxtools/sbtools/Makefile b/utils/imxtools/sbtools/Makefile index 3e284e20dd..b1d0313f77 100644 --- a/utils/imxtools/sbtools/Makefile +++ b/utils/imxtools/sbtools/Makefile
@@ -3,10 +3,11 @@ CC := gcc
3	CXX := g++	3	CXX := g++
4	LD := g++	4	LD := g++
5		5
6	LIBUSB := $(shell pkg-config --cflags libusb-1.0)	6	TOMCRYPT_DIR := ../../tomcrypt/
7	CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES)	7
8	CXXFLAGS := -O3 -g -Wall $(pkg-config --cflags libcrypto++) $(DEFINES)	8	CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
9	LDFLAGS := $(shell pkg-config --libs libusb-1.0) $(shell pkg-config --libs libcrypto++)	9	CXXFLAGS := -O3 -g -Wall $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
		10	LDFLAGS := $(shell pkg-config --libs libusb-1.0)
10	BINS := elftosb sbtoelf sbloader rsrctool elftosb1	11	BINS := elftosb sbtoelf sbloader rsrctool elftosb1
11		12
12	all: $(BINS)	13	all: $(BINS)
@@ -17,10 +18,10 @@ all: $(BINS)
17	%.o: %.cpp	18	%.o: %.cpp
18	$(CXX) $(CXXFLAGS) -c -o $@ $<	19	$(CXX) $(CXXFLAGS) -c -o $@ $<
19		20
20	sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o	21	sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o $(TOMCRYPT_DIR)/librbtomcrypt.a
21	$(LD) -o $@ $^ $(LDFLAGS)	22	$(LD) -o $@ $^ $(LDFLAGS)
22		23
23	elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o	24	elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o $(TOMCRYPT_DIR)/librbtomcrypt.a
24	$(LD) -o $@ $^ $(LDFLAGS)	25	$(LD) -o $@ $^ $(LDFLAGS)
25		26
26	elftosb1: elftosb1.o xorcrypt.o elf.o misc.o sb1.o	27	elftosb1: elftosb1.o xorcrypt.o elf.o misc.o sb1.o
@@ -37,3 +38,7 @@ clean:
37		38
38	veryclean:	39	veryclean:
39	rm -rf $(BINS)	40	rm -rf $(BINS)
		41
		42	$(TOMCRYPT_DIR)/librbtomcrypt.a:
		43	$(MAKE) -C $(TOMCRYPT_DIR)
		44


diff --git a/utils/imxtools/sbtools/crypto.cpp b/utils/imxtools/sbtools/crypto.cpp index 5563fcfd3b..d3ec18bd11 100644 --- a/utils/imxtools/sbtools/crypto.cpp +++ b/utils/imxtools/sbtools/crypto.cpp
@@ -20,21 +20,13 @@
20	****************************************************************************/	20	****************************************************************************/
21	#include "crypto.h"	21	#include "crypto.h"
22	#include "misc.h"	22	#include "misc.h"
23	#include <cryptopp/modes.h>
24	#include <cryptopp/aes.h>
25	#include <cryptopp/sha.h>
26		23
27	using namespace CryptoPP;	24	#include "tomcrypt.h"
		25
28		26
29	namespace
30	{
31		27
32	enum crypto_method_t g_cur_method = CRYPTO_NONE;	28	enum crypto_method_t g_cur_method = CRYPTO_NONE;
33	uint8_t g_key[16];	29	uint8_t g_key[16];
34	CBC_Mode<AES>::Encryption g_aes_enc;
35	CBC_Mode<AES>::Decryption g_aes_dec;
36	bool g_aes_enc_key_dirty; /* true of g_aes_enc key needs to be updated */
37	bool g_aes_dec_key_dirty; /* same for g_aes_dec */
38		30
39	int cbc_mac2(	31	int cbc_mac2(
40	const uint8_t in_data, / Input data */	32	const uint8_t in_data, / Input data */
@@ -46,25 +38,20 @@ int cbc_mac2(
46	bool encrypt /* 1 to encrypt, 0 to decrypt */	38	bool encrypt /* 1 to encrypt, 0 to decrypt */
47	)	39	)
48	{	40	{
		41	int cipher = register_cipher(&aes_desc);
		42	symmetric_CBC cbc;
		43	cbc_start(cipher, iv, key, 16, 0, &cbc);
		44
49	/* encrypt */	45	/* encrypt */
50	if(encrypt)	46	if(encrypt)
51	{	47	{
52	/* update keys if neeeded */
53	if(g_aes_enc_key_dirty)
54	{
55	/* we need to provide an IV with the key, although we change it
56	* everytime we run the cipher anyway */
57	g_aes_enc.SetKeyWithIV(g_key, 16, iv, 16);
58	g_aes_enc_key_dirty = false;
59	}
60	g_aes_enc.Resynchronize(iv, 16);
61	uint8_t tmp[16];	48	uint8_t tmp[16];
62	/* we need some output buffer, either a temporary one if we are CBC-MACing	49	/* we need some output buffer, either a temporary one if we are CBC-MACing
63	* only, or use output buffer if available */	50	* only, or use output buffer if available */
64	uint8_t *out_ptr = (out_data == NULL) ? tmp : out_data;	51	uint8_t *out_ptr = (out_data == NULL) ? tmp : out_data;
65	while(nr_blocks-- > 0)	52	while(nr_blocks-- > 0)
66	{	53	{
67	g_aes_enc.ProcessData(out_ptr, in_data, 16);	54	cbc_encrypt(in_data, out_ptr, 16, &cbc);
68	/* if this is the last block, copy CBC-MAC */	55	/* if this is the last block, copy CBC-MAC */
69	if(nr_blocks == 0 && out_cbc_mac)	56	if(nr_blocks == 0 && out_cbc_mac)
70	memcpy(out_cbc_mac, out_ptr, 16);	57	memcpy(out_cbc_mac, out_ptr, 16);
@@ -78,24 +65,17 @@ int cbc_mac2(
78	/* decrypt */	65	/* decrypt */
79	else	66	else
80	{	67	{
		68	cbc_decrypt(in_data, out_data, nr_blocks * 16, &cbc);
		69
81	/* update keys if neeeded */	70	/* update keys if neeeded */
82	if(g_aes_dec_key_dirty)
83	{
84	/* we need to provide an IV with the key, although we change it
85	* everytime we run the cipher anyway */
86	g_aes_dec.SetKeyWithIV(g_key, 16, iv, 16);
87	g_aes_dec_key_dirty = false;
88	}
89	/* we cannot produce a CBC-MAC in decrypt mode, output buffer exists */	71	/* we cannot produce a CBC-MAC in decrypt mode, output buffer exists */
90	if(out_cbc_mac \|\| out_data == NULL)	72	if(out_cbc_mac \|\| out_data == NULL)
91	return CRYPTO_ERROR_INVALID_OP;	73	return CRYPTO_ERROR_INVALID_OP;
92	g_aes_dec.Resynchronize(iv, 16);	74
93	g_aes_dec.ProcessData(out_data, in_data, nr_blocks * 16);
94	return CRYPTO_ERROR_SUCCESS;	75	return CRYPTO_ERROR_SUCCESS;
95	}	76	}
96	}	77	}
97		78
98	}
99		79
100	int crypto_setup(struct crypto_key_t *key)	80	int crypto_setup(struct crypto_key_t *key)
101	{	81	{
@@ -104,8 +84,7 @@ int crypto_setup(struct crypto_key_t *key)
104	{	84	{
105	case CRYPTO_KEY:	85	case CRYPTO_KEY:
106	memcpy(g_key, key->u.key, 16);	86	memcpy(g_key, key->u.key, 16);
107	g_aes_dec_key_dirty = true;	87
108	g_aes_enc_key_dirty = true;
109	return CRYPTO_ERROR_SUCCESS;	88	return CRYPTO_ERROR_SUCCESS;
110	default:	89	default:
111	return CRYPTO_ERROR_BADSETUP;	90	return CRYPTO_ERROR_BADSETUP;
@@ -128,19 +107,17 @@ int crypto_apply(
128		107
129	void sha_1_init(struct sha_1_params_t *params)	108	void sha_1_init(struct sha_1_params_t *params)
130	{	109	{
131	params->object = new SHA1;	110	sha1_init(&params->state);
132	}	111	}
133		112
134	void sha_1_update(struct sha_1_params_t params, uint8_t buffer, int size)	113	void sha_1_update(struct sha_1_params_t params, uint8_t buffer, int size)
135	{	114	{
136	reinterpret_cast<SHA1 *>(params->object)->Update(buffer, size);	115	sha1_process(&params->state, buffer, size);
137	}	116	}
138		117
139	void sha_1_finish(struct sha_1_params_t *params)	118	void sha_1_finish(struct sha_1_params_t *params)
140	{	119	{
141	SHA1 obj = reinterpret_cast<SHA1 >(params->object);	120	sha1_done(&params->state, params->hash);
142	obj->Final(params->hash);
143	delete obj;
144	}	121	}
145		122
146	void sha_1_output(struct sha_1_params_t params, uint8_t out)	123	void sha_1_output(struct sha_1_params_t params, uint8_t out)


diff --git a/utils/imxtools/sbtools/crypto.h b/utils/imxtools/sbtools/crypto.h index bdb94bb881..446891b7f2 100644 --- a/utils/imxtools/sbtools/crypto.h +++ b/utils/imxtools/sbtools/crypto.h
@@ -77,11 +77,12 @@ int crypto_apply(
77	uint32_t crc(uint8_t *data, int size);	77	uint32_t crc(uint8_t *data, int size);
78	uint32_t crc_continue(uint32_t previous_crc, uint8_t *data, int size);	78	uint32_t crc_continue(uint32_t previous_crc, uint8_t *data, int size);
79		79
		80	#include "tomcrypt.h"
80	/* sha1.c */	81	/* sha1.c */
81	struct sha_1_params_t	82	struct sha_1_params_t
82	{	83	{
83	uint8_t hash[20]; /* final hash */	84	uint8_t hash[20]; /* final hash */
84	void object; / pointer to CryptoPP::SHA1 object */	85	hash_state state; /* libtomcrypt state */
85	};	86	};
86		87
87	void sha_1_init(struct sha_1_params_t *params);	88	void sha_1_init(struct sha_1_params_t *params);