1 #!/bin/bash 2 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4 # Use of this source code is governed by a BSD-style license that can be 5 # found in the LICENSE file. 6 7 # Script to generate padding.c containing PKCS 1.5 padding byte arrays for 8 # various combinations of RSA key lengths and message digest algorithms. 9 10 Pad_Preamble="0x00,0x01" 11 12 SHA1_digestinfo="0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a,0x05"\ 13 ",0x00,0x04,0x14" 14 SHA256_digestinfo="0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ 15 ",0x04,0x02,0x01,0x05,0x00,0x04,0x20" 16 SHA512_digestinfo="0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,0x48,0x01,0x65,0x03"\ 17 ",0x04,0x02,0x03,0x05,0x00,0x04,0x40" 18 19 RSA1024_Len=128 20 RSA2048_Len=256 21 RSA4096_Len=512 22 RSA8192_Len=1024 23 24 SHA1_T_Len=35 25 SHA256_T_Len=51 26 SHA512_T_Len=83 27 28 HashAlgos=( SHA1 SHA256 SHA512 ) 29 RSAAlgos=( RSA1024 RSA2048 RSA4096 RSA8192 ) 30 31 function genFFOctets { 32 count=$1 33 while [ $count -gt 0 ]; do 34 echo -n "0xff," 35 let count=count-1 36 done 37 } 38 39 40 cat <<EOF 41 /* 42 * DO NOT MODIFY THIS FILE DIRECTLY. 43 * 44 * This file is automatically generated by genpadding.sh and contains padding 45 * arrays corresponding to various combinations of algorithms for RSA signatures. 46 */ 47 48 EOF 49 50 51 echo '#include "cryptolib.h"' 52 echo 53 echo 54 cat <<EOF 55 /* 56 * PKCS 1.5 padding (from the RSA PKCS#1 v2.1 standard) 57 * 58 * Depending on the RSA key size and hash function, the padding is calculated 59 * as follows: 60 * 61 * 0x00 || 0x01 || PS || 0x00 || T 62 * 63 * T: DER Encoded DigestInfo value which depends on the hash function used. 64 * 65 * SHA-1: (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H. 66 * SHA-256: (0x)30 31 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 04 20 || H. 67 * SHA-512: (0x)30 51 30 0d 06 09 60 86 48 01 65 03 04 02 03 05 00 04 40 || H. 68 * 69 * Length(T) = 35 octets for SHA-1 70 * Length(T) = 51 octets for SHA-256 71 * Length(T) = 83 octets for SHA-512 72 * 73 * PS: octet string consisting of {Length(RSA Key) - Length(T) - 3} 0xFF 74 * 75 */ 76 EOF 77 echo 78 echo 79 80 81 # Generate padding arrays. 82 algorithmcounter=0 83 84 for rsaalgo in ${RSAAlgos[@]} 85 do 86 for hashalgo in ${HashAlgos[@]} 87 do 88 echo "/* Algorithm Type $algorithmcounter */" 89 let algorithmcounter=algorithmcounter+1 90 eval rsalen=${rsaalgo}_Len 91 eval hashlen=${hashalgo}_T_Len 92 let nums=rsalen-hashlen-3 93 echo "const uint8_t padding${rsaalgo}_${hashalgo}[${rsaalgo}NUMBYTES - ${hashalgo}_DIGEST_SIZE] = {" 94 echo -n $Pad_Preamble, 95 genFFOctets $nums 96 echo -n "0x00," 97 eval digestinfo=\$${hashalgo}_digestinfo 98 echo $digestinfo 99 echo "};" 100 echo 101 done 102 done 103 104 echo "const int kNumAlgorithms = $algorithmcounter;"; 105 echo "#define NUMALGORITHMS $algorithmcounter" 106 echo 107 108 # Output DigestInfo field lengths. 109 cat <<EOF 110 #define SHA1_DIGESTINFO_LEN 15 111 #define SHA256_DIGESTINFO_LEN 19 112 #define SHA512_DIGESTINFO_LEN 19 113 EOF 114 115 116 # Generate DigestInfo arrays. 117 for hashalgo in ${HashAlgos[@]} 118 do 119 echo "const uint8_t ${hashalgo}_digestinfo[] = {" 120 eval digestinfo=\$${hashalgo}_digestinfo 121 echo $digestinfo 122 echo "};" 123 echo 124 done 125 126 # Generate DigestInfo to size map. 127 echo "const int digestinfo_size_map[] = {" 128 for rsaalgo in ${RSAAlgos[@]} 129 do 130 for hashalgo in ${HashAlgos[@]} 131 do 132 echo ${hashalgo}_DIGESTINFO_LEN, 133 done 134 done 135 echo "};" 136 echo 137 138 # Generate algorithm signature length map. 139 echo "const int siglen_map[NUMALGORITHMS] = {" 140 for rsaalgo in ${RSAAlgos[@]} 141 do 142 for hashalgo in ${HashAlgos[@]} 143 do 144 echo ${rsaalgo}NUMBYTES, 145 done 146 done 147 echo "};" 148 echo 149 150 # Generate algorithm padding array map. 151 echo "const uint8_t* padding_map[NUMALGORITHMS] = {" 152 for rsaalgo in ${RSAAlgos[@]} 153 do 154 for hashalgo in ${HashAlgos[@]} 155 do 156 echo padding${rsaalgo}_${hashalgo}, 157 done 158 done 159 echo "};" 160 echo 161 162 # Generate algorithm padding size map. 163 echo "const int padding_size_map[NUMALGORITHMS] = {" 164 for rsaalgo in ${RSAAlgos[@]} 165 do 166 for hashalgo in ${HashAlgos[@]} 167 do 168 echo ${rsaalgo}NUMBYTES - ${hashalgo}_DIGEST_SIZE, 169 done 170 done 171 echo "};" 172 echo 173 174 # Generate signature algorithm to messge digest algorithm map. 175 echo "const int hash_type_map[] = {" 176 for rsaalgo in ${RSAAlgos[@]} 177 do 178 for hashalgo in ${HashAlgos[@]} 179 do 180 echo ${hashalgo}_DIGEST_ALGORITHM, 181 done 182 done 183 echo "};" 184 echo 185 186 # Generate algorithm to message digest's output size map. 187 echo "const int hash_size_map[NUMALGORITHMS] = {" 188 for rsaalgo in ${RSAAlgos[@]} 189 do 190 for hashalgo in ${HashAlgos[@]} 191 do 192 echo ${hashalgo}_DIGEST_SIZE, 193 done 194 done 195 echo "};" 196 echo 197 198 # Generate algorithm to message digest's input block size map. 199 echo "const int hash_blocksize_map[NUMALGORITHMS] = {" 200 for rsaalgo in ${RSAAlgos[@]} 201 do 202 for hashalgo in ${HashAlgos[@]} 203 do 204 echo ${hashalgo}_BLOCK_SIZE, 205 done 206 done 207 echo "};" 208 echo 209 210 # Generate algorithm to message's digest ASN.1 DigestInfo map. 211 echo "const uint8_t* hash_digestinfo_map[NUMALGORITHMS] = {" 212 for rsaalgo in ${RSAAlgos[@]} 213 do 214 for hashalgo in ${HashAlgos[@]} 215 do 216 echo ${hashalgo}_digestinfo, 217 done 218 done 219 echo "};" 220 echo 221 222 223 # Generate algorithm description strings. 224 echo "const char* algo_strings[NUMALGORITHMS] = {" 225 for rsaalgo in ${RSAAlgos[@]} 226 do 227 for hashalgo in ${HashAlgos[@]} 228 do 229 echo \"${rsaalgo} ${hashalgo}\", 230 done 231 done 232 echo "};" 233 echo 234 235 #echo "#endif /* VBOOT_REFERENCE_PADDING_H_ */" 236