Rename mincrypt to constrainedcrypto Increasing the clumsiness of the library name will hopefully discourage further use. This change also adds a README file that explains the current thinking regarding native crypto library usage for the Android platform. BUG: 27287913 Change-Id: I48d4aa4b928756403a59d3755a0caf34c6172b26
diff --git a/Android.mk b/Android.mk index 2d3e44c..76e53c5 100644 --- a/Android.mk +++ b/Android.mk
@@ -2,28 +2,20 @@ # LOCAL_PATH := $(call my-dir) -# Determine whether to build mincrypt from system/core or from -# external/libmincrypt. The mincrypt source is temporarily present in both -# locations during the process of moving mincrypt to external/libmincrypt. -# TODO(mnissler): Remove this after the transition is complete. -ifndef MINCRYPT_STANDALONE -MINCRYPT_STANDALONE := true -endif - -ifeq ($(MINCRYPT_STANDALONE),true) - include $(CLEAR_VARS) -LOCAL_MODULE := libmincrypt +LOCAL_MODULE := libconstrainedcrypto LOCAL_SRC_FILES := dsa_sig.c p256.c p256_ec.c p256_ecdsa.c rsa.c sha.c sha256.c LOCAL_CFLAGS := -Wall -Werror +LOCAL_C_INCLUDES := $(LOCAL_PATH)/include +LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include include $(BUILD_STATIC_LIBRARY) include $(CLEAR_VARS) -LOCAL_MODULE := libmincrypt +LOCAL_MODULE := libconstrainedcrypto LOCAL_SRC_FILES := dsa_sig.c p256.c p256_ec.c p256_ecdsa.c rsa.c sha.c sha256.c LOCAL_CFLAGS := -Wall -Werror +LOCAL_C_INCLUDES := $(LOCAL_PATH)/include +LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include include $(BUILD_HOST_STATIC_LIBRARY) include $(LOCAL_PATH)/test/Android.mk - -endif # MINCRYPT_STANDALONE == true
diff --git a/README b/README new file mode 100644 index 0000000..42eab90 --- /dev/null +++ b/README
@@ -0,0 +1,17 @@ +libconstrainedcrypto provides a random set of basic crypto algorithms +originating from Google-internal code. + +This is *NOT* a general purpose crypto library. Our goal is to standardize on +only one native crypto library for the Android platform, and that library is +BoringSSL. Wherever possible, you should prefer BoringSSL's libcrypto over +libconstrainedcrypto. In particular, all code running in Android user space +should use BoringSSL. + +There a few rare exceptions where BoringSSL is can't be used yet (such as +bare-bones bootloaders etc.). There is a plan to reduce BoringSSL' libcrypto's +dependency footprint to make libcrypto usable in these environments as well +though. + +A number of projects still rely on libconstrainedcrypto (formerly known as +libmincrypt) due to historic reasons, the goal is to clean these up and switch +them over to BoringSSL wherever possible.
diff --git a/dsa_sig.c b/dsa_sig.c index 101314b..c9db6d3 100644 --- a/dsa_sig.c +++ b/dsa_sig.c
@@ -26,8 +26,8 @@ #include <string.h> -#include "mincrypt/dsa_sig.h" -#include "mincrypt/p256.h" +#include "constrainedcrypto/dsa_sig.h" +#include "constrainedcrypto/p256.h" /** * Trims off the leading zero bytes and copy it to a buffer aligning it to the end.
diff --git a/include/mincrypt/dsa_sig.h b/include/constrainedcrypto/dsa_sig.h similarity index 90% rename from include/mincrypt/dsa_sig.h rename to include/constrainedcrypto/dsa_sig.h index b0d91cd..3cdf194 100644 --- a/include/mincrypt/dsa_sig.h +++ b/include/constrainedcrypto/dsa_sig.h
@@ -24,10 +24,10 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_ +#ifndef CONSTRAINEDCRYPTO_DSA_SIG_H_ +#define CONSTRAINEDCRYPTO_DSA_SIG_H_ -#include "mincrypt/p256.h" +#include "constrainedcrypto/p256.h" #ifdef __cplusplus extern "C" { @@ -40,4 +40,4 @@ } #endif -#endif /* SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_ */ +#endif /* CONSTRAINEDCRYPTO_DSA_SIG_H_ */ diff --git a/include/mincrypt/hash-internal.h b/include/constrainedcrypto/hash-internal.h similarity index 93% rename from include/mincrypt/hash-internal.h rename to include/constrainedcrypto/hash-internal.h index c813b44..f0a00f9 100644 --- a/include/mincrypt/hash-internal.h +++ b/include/constrainedcrypto/hash-internal.h
@@ -24,8 +24,8 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_ +#ifndef CONSTRAINEDCRYPTO_HASH_INTERNAL_H_ +#define CONSTRAINEDCRYPTO_HASH_INTERNAL_H_ #include <stdint.h> @@ -60,4 +60,4 @@ } #endif // __cplusplus -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_ +#endif // CONSTRAINEDCRYPTO_HASH_INTERNAL_H_
diff --git a/include/mincrypt/p256.h b/include/constrainedcrypto/p256.h similarity index 96% rename from include/mincrypt/p256.h rename to include/constrainedcrypto/p256.h index 465a1b9..0bbd7e5 100644 --- a/include/mincrypt/p256.h +++ b/include/constrainedcrypto/p256.h
@@ -24,8 +24,8 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_ +#ifndef CONSTRAINEDCRYPTO_LITE_P256_H_ +#define CONSTRAINEDCRYPTO_LITE_P256_H_ // Collection of routines manipulating 256 bit unsigned integers. // Just enough to implement ecdsa-p256 and related algorithms. @@ -159,4 +159,4 @@ } #endif -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_ +#endif // CONSTRAINEDCRYPTO_LITE_P256_H_
diff --git a/include/mincrypt/p256_ecdsa.h b/include/constrainedcrypto/p256_ecdsa.h similarity index 92% rename from include/mincrypt/p256_ecdsa.h rename to include/constrainedcrypto/p256_ecdsa.h index da339fa..7b0cc96 100644 --- a/include/mincrypt/p256_ecdsa.h +++ b/include/constrainedcrypto/p256_ecdsa.h
@@ -24,8 +24,8 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_ +#ifndef CONSTRAINEDCRYPTO_P256_ECDSA_H_ +#define CONSTRAINEDCRYPTO_P256_ECDSA_H_ // Using current directory as relative include path here since // this code typically gets lifted into a variety of build systems @@ -50,4 +50,4 @@ } #endif -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_ +#endif // CONSTRAINEDCRYPTO_P256_ECDSA_H_
diff --git a/include/mincrypt/rsa.h b/include/constrainedcrypto/rsa.h similarity index 94% rename from include/mincrypt/rsa.h rename to include/constrainedcrypto/rsa.h index 3d0556b..2090ae3 100644 --- a/include/mincrypt/rsa.h +++ b/include/constrainedcrypto/rsa.h
@@ -25,8 +25,8 @@ ** ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_ +#ifndef CONSTRAINEDCRYPTO_RSA_H_ +#define CONSTRAINEDCRYPTO_RSA_H_ #include <inttypes.h> @@ -55,4 +55,4 @@ } #endif -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_ +#endif // CONSTRAINEDCRYPTO_RSA_H_
diff --git a/include/mincrypt/sha.h b/include/constrainedcrypto/sha.h similarity index 93% rename from include/mincrypt/sha.h rename to include/constrainedcrypto/sha.h index ef60aab..94dcdb4 100644 --- a/include/mincrypt/sha.h +++ b/include/constrainedcrypto/sha.h
@@ -23,8 +23,8 @@ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_ +#ifndef CONSTRAINEDCRYPTO_SHA1_H_ +#define CONSTRAINEDCRYPTO_SHA1_H_ #include <stdint.h> #include "hash-internal.h" @@ -49,4 +49,4 @@ } #endif // __cplusplus -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_ +#endif // CONSTRAINEDCRYPTO_SHA1_H_
diff --git a/include/mincrypt/sha256.h b/include/constrainedcrypto/sha256.h similarity index 92% rename from include/mincrypt/sha256.h rename to include/constrainedcrypto/sha256.h index 3a87c31..eb2917c 100644 --- a/include/mincrypt/sha256.h +++ b/include/constrainedcrypto/sha256.h
@@ -24,8 +24,8 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_ -#define SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_ +#ifndef CONSTRAINEDCRYPTO_SHA256_H_ +#define CONSTRAINEDCRYPTO_SHA256_H_ #include <stdint.h> #include "hash-internal.h" @@ -49,4 +49,4 @@ } #endif // __cplusplus -#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_ +#endif // CONSTRAINEDCRYPTO_SHA256_H_
diff --git a/p256.c b/p256.c index 555a07a..993cd4e 100644 --- a/p256.c +++ b/p256.c
@@ -37,7 +37,7 @@ #include <string.h> #include <stdio.h> -#include "mincrypt/p256.h" +#include "constrainedcrypto/p256.h" const p256_int SECP256r1_n = // curve order {{0xfc632551, 0xf3b9cac2, 0xa7179e84, 0xbce6faad, -1, -1, 0, -1}}; diff --git a/p256_ec.c b/p256_ec.c index 90262cc..72e80e6 100644 --- a/p256_ec.c +++ b/p256_ec.c
@@ -38,7 +38,7 @@ #include <string.h> #include <stdlib.h> -#include "mincrypt/p256.h" +#include "constrainedcrypto/p256.h" typedef uint8_t u8; typedef uint32_t u32;
diff --git a/p256_ecdsa.c b/p256_ecdsa.c index f2264b0..47dcd7b 100644 --- a/p256_ecdsa.c +++ b/p256_ecdsa.c
@@ -26,8 +26,8 @@ #include <string.h> -#include "mincrypt/p256_ecdsa.h" -#include "mincrypt/p256.h" +#include "constrainedcrypto/p256_ecdsa.h" +#include "constrainedcrypto/p256.h" int p256_ecdsa_verify(const p256_int* key_x, const p256_int* key_y, const p256_int* message,
diff --git a/rsa.c b/rsa.c index 9061b3a..52a29e4 100644 --- a/rsa.c +++ b/rsa.c
@@ -25,9 +25,9 @@ ** ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include "mincrypt/rsa.h" -#include "mincrypt/sha.h" -#include "mincrypt/sha256.h" +#include "constrainedcrypto/rsa.h" +#include "constrainedcrypto/sha.h" +#include "constrainedcrypto/sha256.h" // a[] -= mod static void subM(const RSAPublicKey* key,
diff --git a/sha.c b/sha.c index 5bef32e..43440a0 100644 --- a/sha.c +++ b/sha.c
@@ -27,7 +27,7 @@ // Optimized for minimal code size. -#include "mincrypt/sha.h" +#include "constrainedcrypto/sha.h" #include <stdio.h> #include <string.h>
diff --git a/sha256.c b/sha256.c index eb6e308..2b5f073 100644 --- a/sha256.c +++ b/sha256.c
@@ -27,7 +27,7 @@ // Optimized for minimal code size. -#include "mincrypt/sha256.h" +#include "constrainedcrypto/sha256.h" #include <stdio.h> #include <string.h>
diff --git a/test/Android.mk b/test/Android.mk index 73ff7d0..97b107a 100644 --- a/test/Android.mk +++ b/test/Android.mk
@@ -3,13 +3,13 @@ LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) -LOCAL_MODULE := rsa_test +LOCAL_MODULE := constrainedcrypto_rsa_test LOCAL_SRC_FILES := rsa_test.c -LOCAL_STATIC_LIBRARIES := libmincrypt +LOCAL_STATIC_LIBRARIES := libconstrainedcrypto include $(BUILD_HOST_NATIVE_TEST) include $(CLEAR_VARS) -LOCAL_MODULE := ecdsa_test +LOCAL_MODULE := constrainedcrypto_ecdsa_test LOCAL_SRC_FILES := ecdsa_test.c -LOCAL_STATIC_LIBRARIES := libmincrypt +LOCAL_STATIC_LIBRARIES := libconstrainedcrypto include $(BUILD_HOST_NATIVE_TEST)
diff --git a/test/ecdsa_test.c b/test/ecdsa_test.c index 24ec013..4a40c5b 100644 --- a/test/ecdsa_test.c +++ b/test/ecdsa_test.c
@@ -30,10 +30,10 @@ #include <string.h> #include <sys/cdefs.h> -#include "mincrypt/dsa_sig.h" -#include "mincrypt/p256.h" -#include "mincrypt/p256_ecdsa.h" -#include "mincrypt/sha256.h" +#include "constrainedcrypto/dsa_sig.h" +#include "constrainedcrypto/p256.h" +#include "constrainedcrypto/p256_ecdsa.h" +#include "constrainedcrypto/sha256.h" #ifndef __unused #define __unused __attribute__((__unused__))
diff --git a/test/rsa_test.c b/test/rsa_test.c index 055138f..d579e2f 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c
@@ -30,8 +30,8 @@ #include <string.h> #include <sys/cdefs.h> -#include "mincrypt/rsa.h" -#include "mincrypt/sha.h" +#include "constrainedcrypto/rsa.h" +#include "constrainedcrypto/sha.h" #ifndef __unused #define __unused __attribute__((unused))
