commit 8febafa67e93b2159804b1130a41f15b009de1cd
author Elliott Hughes <enh@google.com> Wed Apr 13 16:39:56 2016 -0700
committer Elliott Hughes <enh@google.com> Wed Apr 13 16:39:56 2016 -0700
tree dfc6e4e42d45f1766fe35f82929d190b74b21d64
parent a58a6dbe3d06aace0d1419838e162aa5267a4fc0

Use BoringSSL instead of mincrypt to speed up package verification.

This changes the verification code in bootable/recovery to use
BoringSSL instead of mincrypt.

Cherry-pick of 452df6d99c81c4eeee3d2c7b2171901e8b7bc54a, with
merge conflict resolution, extra logging in verifier.cpp, and
an increase in the hash chunk size from 4KiB to 1MiB.

Bug: http://b/28135231
Change-Id: I1ed7efd52223dd6f6a4629cad187cbc383d5aa84

verifier.h

diff --git a/verifier.h b/verifier.h
index 4eafc75..58083fe 100644
--- a/verifier.h
+++ b/verifier.h
@@ -20,32 +20,42 @@
 #include <memory>
 #include <vector>
 
-#include "mincrypt/p256.h"
-#include "mincrypt/rsa.h"
+#include <openssl/ec_key.h>
+#include <openssl/rsa.h>
+#include <openssl/sha.h>
 
-typedef struct {
-    p256_int x;
-    p256_int y;
-} ECPublicKey;
+struct RSADeleter {
+  void operator()(RSA* rsa) {
+    RSA_free(rsa);
+  }
+};
+
+struct ECKEYDeleter {
+  void operator()(EC_KEY* ec_key) {
+    EC_KEY_free(ec_key);
+  }
+};
 
 struct Certificate {
     typedef enum {
-        RSA,
-        EC,
+        KEY_TYPE_RSA,
+        KEY_TYPE_EC,
     } KeyType;
 
-    Certificate(int hash_len_, KeyType key_type_,
-            std::unique_ptr<RSAPublicKey>&& rsa_,
-            std::unique_ptr<ECPublicKey>&& ec_) :
-        hash_len(hash_len_),
-        key_type(key_type_),
-        rsa(std::move(rsa_)),
-        ec(std::move(ec_)) { }
+    Certificate(int hash_len_,
+                KeyType key_type_,
+                std::unique_ptr<RSA, RSADeleter>&& rsa_,
+                std::unique_ptr<EC_KEY, ECKEYDeleter>&& ec_)
+        : hash_len(hash_len_),
+          key_type(key_type_),
+          rsa(std::move(rsa_)),
+          ec(std::move(ec_)) {}
 
-    int hash_len;  // SHA_DIGEST_SIZE (SHA-1) or SHA256_DIGEST_SIZE (SHA-256)
+    // SHA_DIGEST_LENGTH (SHA-1) or SHA256_DIGEST_LENGTH (SHA-256)
+    int hash_len;
     KeyType key_type;
-    std::unique_ptr<RSAPublicKey> rsa;
-    std::unique_ptr<ECPublicKey> ec;
+    std::unique_ptr<RSA, RSADeleter> rsa;
+    std::unique_ptr<EC_KEY, ECKEYDeleter> ec;
 };
 
 /* addr and length define a an update package file that has been