len0rd/rockbox
1
0
Fork 1
mirror of https://github.com/Rockbox/rockbox.git synced 2025-12-10 05:35:20 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

sbtools: convert crypto to libtomcrypt.

Browse source 
Replace the use of crypto++ with tomcrypt, which is much smaller and C.
This gets rid of various build issues for systems that don't ship
crypo++ (i.e. everything except Linux.)

Change-Id: Ic0799e17b94935c71b14765cf9a2a7ea2b0adc7a
This commit is contained in:
Dominik Riebeling 2020-08-08 18:46:43 +02:00
parent 815b289cb3
commit 2037b837f8
6 changed files with 50 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

33
rbutil/mkimxboot/Makefile
View file

@ -8,24 +8,18 @@
# We use the SB code available in the Rockbox utils/sbtools directory # We use the SB code available in the Rockbox utils/sbtools directory
IMXTOOLS_DIR=../../utils/imxtools/sbtools/ IMXTOOLS_DIR=../../utils/imxtools/sbtools/
CFLAGS += -I$(IMXTOOLS_DIR) -Wall
COMPILEFLAGS := -Wall -g -O3 -I$(IMXTOOLS_DIR)
# std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE) # std=gnu99 is required by MinGW on Windows (c99 is sufficient for Linux / MXE)
CFLAGS += -std=gnu99 -g -O3 CFLAGS += -std=gnu99 $(COMPILEFLAGS)
CXXFLAGS += $(COMPILEFLAGS)
# Location to pkg-config binary. TOMCRYPT_DIR := ../../utils/tomcrypt
PKGCONFIG := pkg-config
# Distros could use different names for the crypto library. We try a list CXXFLAGS += -I$(TOMCRYPT_DIR)/src/headers
# of candidate names, only one of them should be the valid one. CFLAGS += -I$(TOMCRYPT_DIR)/src/headers
LIBCRYPTO_NAMES = libcryptopp libcrypto++ cryptopp crypto++ LDOPTS += -lpthread $(TOMCRYPT_DIR)/librbtomcrypt.a
$(foreach l,$(LIBCRYPTO_NAMES),\
$(eval LDOPTS += $(shell $(PKGCONFIG) --silence-errors --libs $(l))))
$(foreach l,$(LIBCRYPTO_NAMES),\
$(eval CFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
$(foreach l,$(LIBCRYPTO_NAMES),\
$(eval CXXFLAGS += $(shell $(PKGCONFIG) --silence-errors --cflags $(l))))
LDOPTS += -lpthread
OUTPUT = mkimxboot OUTPUT = mkimxboot
@ -33,6 +27,10 @@ OUTPUT = mkimxboot
IMXTOOLS_SOURCES = misc.c sb.c crypto.cpp crc.c elf.c IMXTOOLS_SOURCES = misc.c sb.c crypto.cpp crc.c elf.c
LIBSOURCES := dualboot.c mkimxboot.c md5.c \ LIBSOURCES := dualboot.c mkimxboot.c md5.c \
$(addprefix $(IMXTOOLS_DIR),$(IMXTOOLS_SOURCES)) $(addprefix $(IMXTOOLS_DIR),$(IMXTOOLS_SOURCES))
# for now build tomcrypt as part of the lib.
LIBSOURCES += $(addprefix $(TOMCRYPT_DIR),$(TOMCRYPT_SOURCES))
# inputs for binary only # inputs for binary only
SOURCES := $(LIBSOURCES) main.c SOURCES := $(LIBSOURCES) main.c
# dependencies for binary # dependencies for binary
@ -43,3 +41,8 @@ include ../libtools.make
# explicit dependencies on dualboot.{c,h} and mkimxboot.h # explicit dependencies on dualboot.{c,h} and mkimxboot.h
$(OBJDIR)mkimxboot.o: dualboot.h dualboot.c mkimxboot.c mkimxboot.h $(OBJDIR)mkimxboot.o: dualboot.h dualboot.c mkimxboot.c mkimxboot.h
$(OBJDIR)main.o: dualboot.h dualboot.c main.c mkimxboot.h $(OBJDIR)main.o: dualboot.h dualboot.c main.c mkimxboot.h
$(BINARY): librbtomcrypt.a
librbtomcrypt.a:
$(MAKE) -C ../../utils/tomcrypt

4
rbutil/rbutilqt/Makefile.libs
View file

@ -33,12 +33,14 @@ export CC=$(EXTRALIBS_CC)
export CXX=$(EXTRALIBS_CXX) export CXX=$(EXTRALIBS_CXX)
export AR=$(EXTRALIBS_AR) export AR=$(EXTRALIBS_AR)
libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch libs: librbspeex libucl libipodpatcher libsansapatcher libmkamsboot libmktccboot libmkmpioboot libchinachippatcher libmkimxboot libmks5lboot libbzip2 libbspatch librbtomcrypt
# To support cross compiles, we explicitly pass the CC flag below for # To support cross compiles, we explicitly pass the CC flag below for
# all tools which override CC or CXX in their makefiles. CXX is only # all tools which override CC or CXX in their makefiles. CXX is only
# used by mkimxboot. # used by mkimxboot.
librbtomcrypt:
$(SILENT) $(MAKE) -C $(RBBASE_DIR)/utils/tomcrypt BUILD_DIR=$(BUILD_DIR)/tomcrypt librbtomcrypt.a
librbspeex: librbspeex:
$(SILENT) $(MAKE) -C $(RBBASE_DIR)/tools/rbspeex BUILD_DIR=$(BUILD_DIR)/libspeex librbspeex.a $(SILENT) $(MAKE) -C $(RBBASE_DIR)/tools/rbspeex BUILD_DIR=$(BUILD_DIR)/libspeex librbspeex.a

6
rbutil/rbutilqt/rbutilqt.pro
View file

@ -85,7 +85,8 @@ extralibs.commands = $$SILENT \
# Note: order is important for RBLIBS! The libs are appended to the linker # Note: order is important for RBLIBS! The libs are appended to the linker
# flags in this order, put libucl at the end. # flags in this order, put libucl at the end.
RBLIBS = rbspeex ipodpatcher sansapatcher mkamsboot mktccboot \ RBLIBS = rbspeex ipodpatcher sansapatcher mkamsboot mktccboot \
mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl mkmpioboot chinachippatcher mkimxboot mks5lboot bspatch ucl \
rbtomcrypt
# NOTE: Linking bzip2 causes problems on Windows (Qt seems to export those # NOTE: Linking bzip2 causes problems on Windows (Qt seems to export those
# symbols as well, similar to what we have with zlib.) Only link that on # symbols as well, similar to what we have with zlib.) Only link that on
# non-Windows for now. # non-Windows for now.
@ -139,9 +140,6 @@ for(rblib, RBLIBS) {
LIBS += -l$$rblib LIBS += -l$$rblib
} }
# We need libcrypto++
LIBS += -lcryptopp
# on win32 libz is linked implicitly. # on win32 libz is linked implicitly.
!win32 { !win32 {
LIBS += -lz LIBS += -lz

17
utils/imxtools/sbtools/Makefile
View file

@ -3,10 +3,11 @@ CC := gcc
CXX := g++ CXX := g++
LD := g++ LD := g++
LIBUSB := $(shell pkg-config --cflags libusb-1.0) TOMCRYPT_DIR := ../../tomcrypt/
CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES)
CXXFLAGS := -O3 -g -Wall $(pkg-config --cflags libcrypto++) $(DEFINES) CFLAGS := -O3 -g -std=c99 -Wall $(shell pkg-config --cflags libusb-1.0) $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
LDFLAGS := $(shell pkg-config --libs libusb-1.0) $(shell pkg-config --libs libcrypto++) CXXFLAGS := -O3 -g -Wall $(DEFINES) -I$(TOMCRYPT_DIR)/src/headers
LDFLAGS := $(shell pkg-config --libs libusb-1.0)
BINS := elftosb sbtoelf sbloader rsrctool elftosb1 BINS := elftosb sbtoelf sbloader rsrctool elftosb1
all: $(BINS) all: $(BINS)
@ -17,10 +18,10 @@ all: $(BINS)
%.o: %.cpp %.o: %.cpp
$(CXX) $(CXXFLAGS) -c -o $@ $< $(CXX) $(CXXFLAGS) -c -o $@ $<
sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o sbtoelf: sbtoelf.o crc.o crypto.o xorcrypt.o dbparser.o elf.o misc.o sb.o sb1.o $(TOMCRYPT_DIR)/librbtomcrypt.a
$(LD) -o $@ $^ $(LDFLAGS) $(LD) -o $@ $^ $(LDFLAGS)
elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o elftosb: elftosb.o crc.o crypto.o elf.o dbparser.o misc.o sb.o $(TOMCRYPT_DIR)/librbtomcrypt.a
$(LD) -o $@ $^ $(LDFLAGS) $(LD) -o $@ $^ $(LDFLAGS)
elftosb1: elftosb1.o xorcrypt.o elf.o misc.o sb1.o elftosb1: elftosb1.o xorcrypt.o elf.o misc.o sb1.o
@ -37,3 +38,7 @@ clean:
veryclean: veryclean:
rm -rf $(BINS) rm -rf $(BINS)
$(TOMCRYPT_DIR)/librbtomcrypt.a:
$(MAKE) -C $(TOMCRYPT_DIR)

51
utils/imxtools/sbtools/crypto.cpp
View file

@ -20,21 +20,13 @@
****************************************************************************/ ****************************************************************************/
#include "crypto.h" #include "crypto.h"
#include "misc.h" #include "misc.h"
#include <cryptopp/modes.h>
#include <cryptopp/aes.h>
#include <cryptopp/sha.h>
using namespace CryptoPP; #include "tomcrypt.h"
namespace
{
enum crypto_method_t g_cur_method = CRYPTO_NONE; enum crypto_method_t g_cur_method = CRYPTO_NONE;
uint8_t g_key[16]; uint8_t g_key[16];
CBC_Mode<AES>::Encryption g_aes_enc;
CBC_Mode<AES>::Decryption g_aes_dec;
bool g_aes_enc_key_dirty; /* true of g_aes_enc key needs to be updated */
bool g_aes_dec_key_dirty; /* same for g_aes_dec */
int cbc_mac2( int cbc_mac2(
const uint8_t *in_data, /* Input data */ const uint8_t *in_data, /* Input data */
@ -46,25 +38,20 @@ int cbc_mac2(
bool encrypt /* 1 to encrypt, 0 to decrypt */ bool encrypt /* 1 to encrypt, 0 to decrypt */
) )
{ {
int cipher = register_cipher(&aes_desc);
symmetric_CBC cbc;
cbc_start(cipher, iv, key, 16, 0, &cbc);
/* encrypt */ /* encrypt */
if(encrypt) if(encrypt)
{ {
/* update keys if neeeded */
if(g_aes_enc_key_dirty)
{
/* we need to provide an IV with the key, although we change it
* everytime we run the cipher anyway */
g_aes_enc.SetKeyWithIV(g_key, 16, iv, 16);
g_aes_enc_key_dirty = false;
}
g_aes_enc.Resynchronize(iv, 16);
uint8_t tmp[16]; uint8_t tmp[16];
/* we need some output buffer, either a temporary one if we are CBC-MACing /* we need some output buffer, either a temporary one if we are CBC-MACing
* only, or use output buffer if available */ * only, or use output buffer if available */
uint8_t *out_ptr = (out_data == NULL) ? tmp : out_data; uint8_t *out_ptr = (out_data == NULL) ? tmp : out_data;
while(nr_blocks-- > 0) while(nr_blocks-- > 0)
{ {
g_aes_enc.ProcessData(out_ptr, in_data, 16); cbc_encrypt(in_data, out_ptr, 16, &cbc);
/* if this is the last block, copy CBC-MAC */ /* if this is the last block, copy CBC-MAC */
if(nr_blocks == 0 && out_cbc_mac) if(nr_blocks == 0 && out_cbc_mac)
memcpy(out_cbc_mac, out_ptr, 16); memcpy(out_cbc_mac, out_ptr, 16);
@ -78,24 +65,17 @@ int cbc_mac2(
/* decrypt */ /* decrypt */
else else
{ {
cbc_decrypt(in_data, out_data, nr_blocks * 16, &cbc);
/* update keys if neeeded */ /* update keys if neeeded */
if(g_aes_dec_key_dirty)
{
/* we need to provide an IV with the key, although we change it
* everytime we run the cipher anyway */
g_aes_dec.SetKeyWithIV(g_key, 16, iv, 16);
g_aes_dec_key_dirty = false;
}
/* we cannot produce a CBC-MAC in decrypt mode, output buffer exists */ /* we cannot produce a CBC-MAC in decrypt mode, output buffer exists */
if(out_cbc_mac || out_data == NULL) if(out_cbc_mac || out_data == NULL)
return CRYPTO_ERROR_INVALID_OP; return CRYPTO_ERROR_INVALID_OP;
g_aes_dec.Resynchronize(iv, 16);
g_aes_dec.ProcessData(out_data, in_data, nr_blocks * 16);
return CRYPTO_ERROR_SUCCESS; return CRYPTO_ERROR_SUCCESS;
} }
} }
}
int crypto_setup(struct crypto_key_t *key) int crypto_setup(struct crypto_key_t *key)
{ {
@ -104,8 +84,7 @@ int crypto_setup(struct crypto_key_t *key)
{ {
case CRYPTO_KEY: case CRYPTO_KEY:
memcpy(g_key, key->u.key, 16); memcpy(g_key, key->u.key, 16);
g_aes_dec_key_dirty = true;
g_aes_enc_key_dirty = true;
return CRYPTO_ERROR_SUCCESS; return CRYPTO_ERROR_SUCCESS;
default: default:
return CRYPTO_ERROR_BADSETUP; return CRYPTO_ERROR_BADSETUP;
@ -128,19 +107,17 @@ int crypto_apply(
void sha_1_init(struct sha_1_params_t *params) void sha_1_init(struct sha_1_params_t *params)
{ {
params->object = new SHA1; sha1_init(&params->state);
} }
void sha_1_update(struct sha_1_params_t *params, uint8_t *buffer, int size) void sha_1_update(struct sha_1_params_t *params, uint8_t *buffer, int size)
{ {
reinterpret_cast<SHA1 *>(params->object)->Update(buffer, size); sha1_process(&params->state, buffer, size);
} }
void sha_1_finish(struct sha_1_params_t *params) void sha_1_finish(struct sha_1_params_t *params)
{ {
SHA1 *obj = reinterpret_cast<SHA1 *>(params->object); sha1_done(&params->state, params->hash);
obj->Final(params->hash);
delete obj;
} }
void sha_1_output(struct sha_1_params_t *params, uint8_t *out) void sha_1_output(struct sha_1_params_t *params, uint8_t *out)

3
utils/imxtools/sbtools/crypto.h
View file

@ -77,11 +77,12 @@ int crypto_apply(
uint32_t crc(uint8_t *data, int size); uint32_t crc(uint8_t *data, int size);
uint32_t crc_continue(uint32_t previous_crc, uint8_t *data, int size); uint32_t crc_continue(uint32_t previous_crc, uint8_t *data, int size);
#include "tomcrypt.h"
/* sha1.c */ /* sha1.c */
struct sha_1_params_t struct sha_1_params_t
{ {
uint8_t hash[20]; /* final hash */ uint8_t hash[20]; /* final hash */
void *object; /* pointer to CryptoPP::SHA1 object */ hash_state state; /* libtomcrypt state */
}; };
void sha_1_init(struct sha_1_params_t *params); void sha_1_init(struct sha_1_params_t *params);