vboot: move vboot 2.1 functions and structs into host code

These structs and functions need to stick around for futility
to use, but they are no longer supported in firmware code.

Rename host/lib21/include/* files to end in 21 instead of 2.

BUG=b:124141368, chromium:968464
TEST=make clean && make runtests
BRANCH=none

Change-Id: I01e181e2f03553d60724fbdc826f5ada63777303
Cq-Depend: chromium:1969172
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1963621
Reviewed-by: Julius Werner <jwerner@chromium.org>
Tested-by: Joel Kitching <kitching@chromium.org>
Commit-Queue: Joel Kitching <kitching@chromium.org>

Makefile

@@ -337,7 +337,7 @@ INCLUDES += \
 # TPM commands and various external functions that are provided by the BIOS.
 ifeq (${FIRMWARE_ARCH},)
 INCLUDES += -Ihost/include -Ihost/lib/include
-INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include
+INCLUDES += -Ihost/lib21/include
 endif
 
 # Firmware library, used by the other firmware components (depthcharge,
@@ -348,7 +348,6 @@ FWLIB = ${BUILD}/vboot_fw.a
 # Separate TPM lightweight command library (TLCL)
 TLCL = ${BUILD}/tlcl.a
 
-# Additional firmware library sources needed by VbSelectAndLoadKernel() call
 FWLIB_SRCS = \
 	firmware/lib/cgptlib/cgptlib.c \
 	firmware/lib/cgptlib/cgptlib_internal.c \
@@ -364,7 +363,6 @@ FWLIB_SRCS = \
 	firmware/lib/vboot_ui_menu.c \
 	firmware/lib/vboot_ui_wilco.c
 
-# Code common to both vboot 2.0 (old structs) and 2.1 (new structs)
 FWLIB2X_SRCS = \
 	firmware/2lib/2api.c \
 	firmware/2lib/2auxfw_sync.c \
@@ -392,10 +390,6 @@ FWLIB20_SRCS = \
 	firmware/lib20/misc.c \
 	firmware/lib20/packed_key.c
 
-FWLIB21_SRCS = \
-	firmware/lib21/common.c \
-	firmware/lib21/packed_key.c
-
 # TPM lightweight command library
 ifeq (${TPM2_MODE},)
 TLCL_SRCS = \
@@ -438,10 +432,8 @@ endif
 FWLIB_OBJS = ${FWLIB_SRCS:%.c=${BUILD}/%.o}
 FWLIB2X_OBJS = ${FWLIB2X_SRCS:%.c=${BUILD}/%.o}
 FWLIB20_OBJS = ${FWLIB20_SRCS:%.c=${BUILD}/%.o}
-FWLIB21_OBJS = ${FWLIB21_SRCS:%.c=${BUILD}/%.o}
 TLCL_OBJS = ${TLCL_SRCS:%.c=${BUILD}/%.o}
-ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${FWLIB21_OBJS} \
-	${TLCL_OBJS}
+ALL_OBJS += ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} ${TLCL_OBJS}
 
 # Intermediate library for the vboot_reference utilities to link against.
 UTILLIB = ${BUILD}/libvboot_util.a
@@ -469,6 +461,7 @@ UTILLIB_SRCS = \
 	host/lib/signature_digest.c \
 	host/lib/subprocess.c \
 	host/lib/util_misc.c \
+	host/lib21/host_common.c \
 	host/lib21/host_key.c \
 	host/lib21/host_misc.c \
 	host/lib21/host_signature.c
@@ -655,7 +648,7 @@ FUTIL_CMD_LIST = ${BUILD}/gen/futility_cmds.c
 
 FUTIL_OBJS = ${FUTIL_SRCS:%.c=${BUILD}/%.o} ${FUTIL_CMD_LIST:%.c=%.o}
 
-${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include -Ifirmware/lib21/include
+${FUTIL_OBJS}: INCLUDES += -Ihost/lib21/include
 
 ALL_OBJS += ${FUTIL_OBJS}
 
@@ -729,8 +722,8 @@ TEST20_NAMES = \
 	tests/vb20_verify_fw
 
 TEST21_NAMES = \
-	tests/vb21_common_tests \
-	tests/vb21_common2_tests \
+	tests/vb21_host_common2_tests \
+	tests/vb21_host_common_tests \
 	tests/vb21_host_key_tests \
 	tests/vb21_host_misc_tests \
 	tests/vb21_host_sig_tests
@@ -866,7 +859,7 @@ utillib: ${UTILLIB}
 
 # TODO: better way to make .a than duplicating this recipe each time?
 ${UTILLIB}: ${UTILLIB_OBJS} ${FWLIB_OBJS} ${FWLIB2X_OBJS} ${FWLIB20_OBJS} \
-		${FWLIB21_OBJS} ${TLCL_OBJS}
+		${TLCL_OBJS}
 	@${PRINTF} "    RM            $(subst ${BUILD}/,,$@)\n"
 	${Q}rm -f $@
 	@${PRINTF} "    AR            $(subst ${BUILD}/,,$@)\n"
@@ -1231,8 +1224,8 @@ run2tests: install_for_test
 	${RUNTEST} ${BUILD_RUN}/tests/vb20_api_kernel_tests
 	${RUNTEST} ${BUILD_RUN}/tests/vb20_kernel_tests
 	${RUNTEST} ${BUILD_RUN}/tests/vb20_misc_tests
-	${RUNTEST} ${BUILD_RUN}/tests/vb21_common_tests
-	${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS}
+	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common_tests
+	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS}
 	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_key_tests ${TEST_KEYS} ${BUILD}
 	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_misc_tests ${BUILD}
 	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_sig_tests ${TEST_KEYS}
@@ -1250,7 +1243,7 @@ runfutiltests: install_for_test
 runlongtests: install_for_test genkeys genfuzztestcases
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_common2_tests ${TEST_KEYS} --all
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_common3_tests ${TEST_KEYS} --all
-	${RUNTEST} ${BUILD_RUN}/tests/vb21_common2_tests ${TEST_KEYS} --all
+	${RUNTEST} ${BUILD_RUN}/tests/vb21_host_common2_tests ${TEST_KEYS} --all
 	tests/run_preamble_tests.sh --all
 	tests/run_vbutil_tests.sh --all
 

firmware/README

@@ -34,10 +34,3 @@ lib20/
   This was deployed slightly before it was ready. That's not a problem,
   thanks to the binary compatibility, but this directory will be abandoned
   Real Soon Now, except for the product support branches.
-
-lib21/
-
-  This is where the current development of the second-generation vboot API
-  is taking place. It uses the public (2lib/) API, but will NOT be binary
-  compatible with vboot1 structs. Because of the early release of the lib20
-  stuff, we're actually calling this lib21.

firmware/lib21/packed_key.c

@@ -1,99 +0,0 @@
-/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Key unpacking functions
- */
-
-#include "2common.h"
-#include "2rsa.h"
-#include "2sysincludes.h"
-#include "vb21_common.h"
-
-vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
-				const uint8_t *key_data, uint32_t key_size)
-{
-	const uint32_t *buf32 = (const uint32_t *)key_data;
-	uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg);
-
-	/* Make sure buffer is the correct length */
-	if (!expected_key_size || expected_key_size != key_size) {
-		VB2_DEBUG("Wrong key size for algorithm\n");
-		return VB2_ERROR_UNPACK_KEY_SIZE;
-	}
-
-	/* Check for alignment */
-	if (!vb2_aligned(buf32, sizeof(uint32_t)))
-		return VB2_ERROR_UNPACK_KEY_ALIGN;
-
-	key->arrsize = buf32[0];
-
-	/* Sanity check key array size */
-	if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
-		return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
-
-	key->n0inv = buf32[1];
-
-	/* Arrays point inside the key data */
-	key->n = buf32 + 2;
-	key->rr = buf32 + 2 + key->arrsize;
-
-	return VB2_SUCCESS;
-}
-
-vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
-			    uint32_t size)
-{
-	const struct vb21_packed_key *pkey =
-		(const struct vb21_packed_key *)buf;
-	uint32_t sig_size;
-	uint32_t min_offset = 0;
-	vb2_error_t rv;
-
-	/* Check magic number */
-	if (pkey->c.magic != VB21_MAGIC_PACKED_KEY)
-		return VB2_ERROR_UNPACK_KEY_MAGIC;
-
-	rv = vb21_verify_common_header(buf, size);
-	if (rv)
-		return rv;
-
-	/* Make sure key data is inside */
-	rv = vb21_verify_common_member(pkey, &min_offset,
-				       pkey->key_offset, pkey->key_size);
-	if (rv)
-		return rv;
-
-	/*
-	 * Check for compatible version.  No need to check minor version, since
-	 * that's compatible across readers matching the major version, and we
-	 * haven't added any new fields.
-	 */
-	if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR)
-		return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
-
-	/* Copy key algorithms */
-	key->hash_alg = pkey->hash_alg;
-	if (!vb2_digest_size(key->hash_alg))
-		return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
-
-	key->sig_alg = pkey->sig_alg;
-	if (key->sig_alg != VB2_SIG_NONE) {
-		sig_size = vb2_rsa_sig_size(key->sig_alg);
-		if (!sig_size)
-			return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
-		rv = vb2_unpack_key_data(
-				key,
-				(const uint8_t *)pkey + pkey->key_offset,
-				pkey->key_size);
-		if (rv)
-			return rv;
-	}
-
-	/* Key description */
-	key->desc = vb21_common_desc(pkey);
-	key->version = pkey->key_version;
-	key->id = &pkey->id;
-
-	return VB2_SUCCESS;
-}

futility/cmd_create.c

@@ -16,12 +16,12 @@
 #include "2sysincludes.h"
 #include "futility.h"
 #include "futility_options.h"
-#include "host_key2.h"
+#include "host_common21.h"
 #include "host_key.h"
-#include "host_misc2.h"
+#include "host_key21.h"
+#include "host_misc21.h"
 #include "openssl_compat.h"
 #include "util_misc.h"
-#include "vb21_common.h"
 #include "vb2_common.h"
 
 /* Command line options */

futility/cmd_show.c

@@ -28,7 +28,7 @@
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
 #include "vb2_common.h"

futility/cmd_sign.c

@@ -18,17 +18,17 @@
 #include <unistd.h>
 
 #include "2common.h"
-#include "file_type_bios.h"
 #include "file_type.h"
+#include "file_type_bios.h"
 #include "fmap.h"
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
 #include "kernel_blob.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
-#include "vb21_common.h"
 #include "vb2_common.h"
 
 /* Options */

futility/cmd_vbutil_firmware.c

@@ -18,7 +18,7 @@
 #include "2sysincludes.h"
 #include "futility.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "kernel_blob.h"
 #include "util_misc.h"
 #include "vb1_helper.h"

futility/cmd_vbutil_key.c

@@ -14,7 +14,7 @@
 
 #include "futility.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
 #include "vb2_common.h"

futility/cmd_vbutil_keyblock.c

@@ -16,7 +16,7 @@
 #include "2sysincludes.h"
 #include "futility.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "util_misc.h"
 #include "vb1_helper.h"
 #include "vb2_common.h"

futility/file_type_rwsig.c

@@ -23,11 +23,11 @@
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
 #include "host_misc.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
 #include "util_misc.h"
-#include "vb21_common.h"
 
 #define SIGNATURE_RSVD_SIZE 1024
 #define EC_RW_FILENAME "EC_RW.bin"

futility/file_type_usbpd1.c

@@ -24,10 +24,10 @@
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
 #include "util_misc.h"
-#include "vb21_common.h"
 
 /* Return 1 if okay, 0 if not */
 static int parse_size_opts(uint32_t len,

futility/vb2_helper.c

@@ -14,11 +14,11 @@
 #include "futility.h"
 #include "futility_options.h"
 #include "host_common.h"
-#include "host_key2.h"
-#include "host_misc2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_misc21.h"
 #include "openssl_compat.h"
 #include "util_misc.h"
-#include "vb21_common.h"
 
 int vb2_lookup_hash_alg(const char *str, enum vb2_hash_algorithm *alg)
 {

host/lib/host_common.c

@@ -11,7 +11,7 @@
 #include "2rsa.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "utility.h"
 #include "vb2_common.h"
 

host/lib/host_key2.c

@@ -16,7 +16,7 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "host_key.h"
 #include "host_misc.h"
 #include "vb2_common.h"
@@ -296,3 +296,34 @@ vb2_error_t vb2_packed_key_looks_ok(const struct vb2_packed_key *key,
 
 	return VB2_SUCCESS;
 }
+
+vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
+				const uint8_t *key_data, uint32_t key_size)
+{
+	const uint32_t *buf32 = (const uint32_t *)key_data;
+	uint32_t expected_key_size = vb2_packed_key_size(key->sig_alg);
+
+	/* Make sure buffer is the correct length */
+	if (!expected_key_size || expected_key_size != key_size) {
+		VB2_DEBUG("Wrong key size for algorithm\n");
+		return VB2_ERROR_UNPACK_KEY_SIZE;
+	}
+
+	/* Check for alignment */
+	if (!vb2_aligned(buf32, sizeof(uint32_t)))
+		return VB2_ERROR_UNPACK_KEY_ALIGN;
+
+	key->arrsize = buf32[0];
+
+	/* Sanity check key array size */
+	if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
+		return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
+
+	key->n0inv = buf32[1];
+
+	/* Arrays point inside the key data */
+	key->n = buf32 + 2;
+	key->rr = buf32 + 2 + key->arrsize;
+
+	return VB2_SUCCESS;
+}

host/lib/host_keyblock.c

@@ -14,7 +14,7 @@
 #include "2rsa.h"
 #include "2sha.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "host_keyblock.h"
 #include "host_key.h"
 #include "vb2_common.h"

host/lib/host_signature.c

@@ -20,7 +20,7 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
 #include "vb2_common.h"
 
 /* Invoke [external_signer] command with [pem_file] as an argument, contents of

host/lib/host_signature2.c

@@ -20,8 +20,8 @@
 #include "2sha.h"
 #include "file_keys.h"
 #include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_key21.h"
+#include "host_signature21.h"
 #include "vb2_common.h"
 
 struct vb2_signature *vb2_alloc_signature(uint32_t sig_size,

host/lib/include/host_common.h

@@ -9,7 +9,7 @@
 #define VBOOT_REFERENCE_HOST_COMMON_H_
 
 #include "host_key.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "host_keyblock.h"
 #include "host_misc.h"
 #include "host_signature.h"

host/lib/include/host_key.h

@@ -11,6 +11,7 @@
 #include "2crypto.h"
 #include "2return_codes.h"
 
+struct vb2_public_key;
 struct vb2_packed_key;
 struct vb2_private_key;
 
@@ -146,4 +147,17 @@ struct vb2_packed_key *vb2_read_packed_keyb(const char *filename,
 vb2_error_t vb2_write_packed_key(const char *filename,
 				 const struct vb2_packed_key *key);
 
+/**
+ * Unpack the RSA data fields for a public key
+ *
+ * This is called by vb21_unpack_key() to extract the arrays from a packed key.
+ * These elements of *key will point inside the key_data buffer.
+ *
+ * @param key		Destination key for RSA data fields
+ * @param key_data	Packed key data (from inside a packed key buffer)
+ * @param key_size	Size of packed key data in bytes
+ */
+vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
+				const uint8_t *key_data, uint32_t key_size);
+
 #endif  /* VBOOT_REFERENCE_HOST_KEY_H_ */

host/lib/signature_digest.c

@@ -14,7 +14,7 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
 #include "signature_digest.h"
 
 uint8_t* PrependDigestInfo(enum vb2_hash_algorithm hash_alg, uint8_t* digest)

host/lib/util_misc.c

@@ -17,7 +17,7 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "openssl_compat.h"
 #include "util_misc.h"
 #include "vb2_common.h"

host/lib21/host_common.c

@@ -9,7 +9,7 @@
 #include "2rsa.h"
 #include "2sha.h"
 #include "2sysincludes.h"
-#include "vb21_common.h"
+#include "host_common21.h"
 
 const char *vb21_common_desc(const void *buf)
 {

host/lib21/host_key.c

@@ -14,10 +14,10 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
 #include "host_misc.h"
 #include "openssl_compat.h"
-#include "vb21_common.h"
 
 const struct vb2_text_vs_enum vb2_text_vs_sig[] = {
 	{"RSA1024", VB2_SIG_RSA1024},
@@ -651,3 +651,60 @@ vb2_error_t vb21_public_key_write(const struct vb2_public_key *key,
 	free(pkey);
 	return ret;
 }
+
+vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
+			    uint32_t size)
+{
+	const struct vb21_packed_key *pkey =
+		(const struct vb21_packed_key *)buf;
+	uint32_t sig_size;
+	uint32_t min_offset = 0;
+	vb2_error_t rv;
+
+	/* Check magic number */
+	if (pkey->c.magic != VB21_MAGIC_PACKED_KEY)
+		return VB2_ERROR_UNPACK_KEY_MAGIC;
+
+	rv = vb21_verify_common_header(buf, size);
+	if (rv)
+		return rv;
+
+	/* Make sure key data is inside */
+	rv = vb21_verify_common_member(pkey, &min_offset,
+				       pkey->key_offset, pkey->key_size);
+	if (rv)
+		return rv;
+
+	/*
+	 * Check for compatible version.  No need to check minor version, since
+	 * that's compatible across readers matching the major version, and we
+	 * haven't added any new fields.
+	 */
+	if (pkey->c.struct_version_major != VB21_PACKED_KEY_VERSION_MAJOR)
+		return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
+
+	/* Copy key algorithms */
+	key->hash_alg = pkey->hash_alg;
+	if (!vb2_digest_size(key->hash_alg))
+		return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
+
+	key->sig_alg = pkey->sig_alg;
+	if (key->sig_alg != VB2_SIG_NONE) {
+		sig_size = vb2_rsa_sig_size(key->sig_alg);
+		if (!sig_size)
+			return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
+		rv = vb2_unpack_key_data(
+				key,
+				(const uint8_t *)pkey + pkey->key_offset,
+				pkey->key_size);
+		if (rv)
+			return rv;
+	}
+
+	/* Key description */
+	key->desc = vb21_common_desc(pkey);
+	key->version = pkey->key_version;
+	key->id = &pkey->id;
+
+	return VB2_SUCCESS;
+}

host/lib21/host_misc.c

@@ -14,8 +14,8 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_misc2.h"
-#include "vb21_common.h"
+#include "host_common21.h"
+#include "host_misc21.h"
 
 vb2_error_t vb2_read_file(const char *filename, uint8_t **data_ptr,
 			  uint32_t *size_ptr)

host/lib21/host_signature.c

@@ -12,10 +12,10 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
 #include "host_misc.h"
-#include "host_signature2.h"
-#include "vb21_common.h"
+#include "host_signature21.h"
 
 vb2_error_t vb2_digest_info(enum vb2_hash_algorithm hash_alg,
 			    const uint8_t **buf_ptr, uint32_t *size_ptr)

host/lib21/include/host_common21.h

@@ -11,7 +11,7 @@
 #include "2common.h"
 #include "2return_codes.h"
 #include "2struct.h"
-#include "vb21_struct.h"
+#include "host_struct21.h"
 
 #ifdef __cplusplus
 extern "C" {
@@ -78,33 +78,6 @@ vb2_error_t vb21_verify_common_subobject(const void *parent,
 					 uint32_t *min_offset,
 					 uint32_t member_offset);
 
-/**
- * Unpack a key for use in verification
- *
- * The elements of the unpacked key will point into the source buffer, so don't
- * free the source buffer until you're done with the key.
- *
- * @param key		Destintion for unpacked key
- * @param buf		Source buffer containing packed key
- * @param size		Size of buffer in bytes
- * @return VB2_SUCCESS, or non-zero error code if error.
- */
-vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
-			    uint32_t size);
-
-/**
- * Unpack the RSA data fields for a public key
- *
- * This is called by vb21_unpack_key() to extract the arrays from a packed key.
- * These elements of *key will point inside the key_data buffer.
- *
- * @param key		Destination key for RSA data fields
- * @param key_data	Packed key data (from inside a packed key buffer)
- * @param key_size	Size of packed key data in bytes
- */
-vb2_error_t vb2_unpack_key_data(struct vb2_public_key *key,
-				const uint8_t *key_data, uint32_t key_size);
-
 /**
  * Verify the integrity of a signature struct
  * @param sig		Signature struct

host/lib21/include/host_key21.h

@@ -267,4 +267,18 @@ enum vb2_signature_algorithm vb2_rsa_sig_alg(struct rsa_st *rsa);
 vb2_error_t vb21_public_key_write(const struct vb2_public_key *key,
 				  const char *filename);
 
+/**
+ * Unpack a key for use in verification
+ *
+ * The elements of the unpacked key will point into the source buffer, so don't
+ * free the source buffer until you're done with the key.
+ *
+ * @param key		Destintion for unpacked key
+ * @param buf		Source buffer containing packed key
+ * @param size		Size of buffer in bytes
+ * @return VB2_SUCCESS, or non-zero error code if error.
+ */
+vb2_error_t vb21_unpack_key(struct vb2_public_key *key, const uint8_t *buf,
+			    uint32_t size);
+
 #endif  /* VBOOT_REFERENCE_HOST_KEY2_H_ */

tests/vb21_host_common2_tests.c

@@ -13,11 +13,11 @@
 #include "2rsa.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
 #include "test_common.h"
 #include "util_misc.h"
-#include "vb21_common.h"
 
 static const uint8_t test_data[] = "This is some test data to sign.";
 static const uint32_t test_size = sizeof(test_data);

tests/vb21_host_common_tests.c

@@ -8,10 +8,10 @@
 #include "2common.h"
 #include "2rsa.h"
 #include "2sysincludes.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
 #include "test_common.h"
-#include "vb21_common.h"
 
 static const uint8_t test_data[] = "This is some test data to sign.";
 

tests/vb21_host_key_tests.c

@@ -12,9 +12,9 @@
 #include "2rsa.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_common21.h"
+#include "host_key21.h"
 #include "test_common.h"
-#include "vb21_common.h"
 
 /* Test only the algorithms we use */
 struct alg_combo {

tests/vb21_host_misc_tests.c

@@ -11,9 +11,9 @@
 #include "2common.h"
 #include "2sysincludes.h"
 #include "host_common.h"
+#include "host_common21.h"
 #include "host_misc.h"
 #include "test_common.h"
-#include "vb21_common.h"
 
 static void misc_tests(void)
 {

tests/vb21_host_sig_tests.c

@@ -12,10 +12,10 @@
 #include "2rsa.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
+#include "host_common21.h"
+#include "host_key21.h"
+#include "host_signature21.h"
 #include "test_common.h"
-#include "vb21_common.h"
 
 /* Test only the algorithms we use */
 struct alg_combo {

tests/vb2_common2_tests.c

@@ -13,7 +13,7 @@
 #include "2sysincludes.h"
 #include "file_keys.h"
 #include "host_common.h"
-#include "host_key2.h"
+#include "host_key21.h"
 #include "test_common.h"
 #include "vb2_common.h"
 

utility/pad_digest_utility.c

@@ -12,7 +12,7 @@
 #include "2sha.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
 #include "signature_digest.h"
 
 static void usage(char* argv[]) {

utility/signature_digest_utility.c

@@ -14,7 +14,7 @@
 #include "2common.h"
 #include "2sysincludes.h"
 #include "host_common.h"
-#include "host_signature2.h"
+#include "host_signature21.h"
 #include "signature_digest.h"
 
 int main(int argc, char* argv[])