Rename mincrypt to constrainedcrypto
Increasing the clumsiness of the library name will hopefully
discourage further use. This change also adds a README file that
explains the current thinking regarding native crypto library usage
for the Android platform.
BUG: 27287913
Change-Id: I48d4aa4b928756403a59d3755a0caf34c6172b26
diff --git a/Android.mk b/Android.mk
index 2d3e44c..76e53c5 100644
--- a/Android.mk
+++ b/Android.mk
@@ -2,28 +2,20 @@
#
LOCAL_PATH := $(call my-dir)
-# Determine whether to build mincrypt from system/core or from
-# external/libmincrypt. The mincrypt source is temporarily present in both
-# locations during the process of moving mincrypt to external/libmincrypt.
-# TODO(mnissler): Remove this after the transition is complete.
-ifndef MINCRYPT_STANDALONE
-MINCRYPT_STANDALONE := true
-endif
-
-ifeq ($(MINCRYPT_STANDALONE),true)
-
include $(CLEAR_VARS)
-LOCAL_MODULE := libmincrypt
+LOCAL_MODULE := libconstrainedcrypto
LOCAL_SRC_FILES := dsa_sig.c p256.c p256_ec.c p256_ecdsa.c rsa.c sha.c sha256.c
LOCAL_CFLAGS := -Wall -Werror
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
include $(BUILD_STATIC_LIBRARY)
include $(CLEAR_VARS)
-LOCAL_MODULE := libmincrypt
+LOCAL_MODULE := libconstrainedcrypto
LOCAL_SRC_FILES := dsa_sig.c p256.c p256_ec.c p256_ecdsa.c rsa.c sha.c sha256.c
LOCAL_CFLAGS := -Wall -Werror
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_PATH)/include
include $(BUILD_HOST_STATIC_LIBRARY)
include $(LOCAL_PATH)/test/Android.mk
-
-endif # MINCRYPT_STANDALONE == true
diff --git a/README b/README
new file mode 100644
index 0000000..42eab90
--- /dev/null
+++ b/README
@@ -0,0 +1,17 @@
+libconstrainedcrypto provides a random set of basic crypto algorithms
+originating from Google-internal code.
+
+This is *NOT* a general purpose crypto library. Our goal is to standardize on
+only one native crypto library for the Android platform, and that library is
+BoringSSL. Wherever possible, you should prefer BoringSSL's libcrypto over
+libconstrainedcrypto. In particular, all code running in Android user space
+should use BoringSSL.
+
+There a few rare exceptions where BoringSSL is can't be used yet (such as
+bare-bones bootloaders etc.). There is a plan to reduce BoringSSL' libcrypto's
+dependency footprint to make libcrypto usable in these environments as well
+though.
+
+A number of projects still rely on libconstrainedcrypto (formerly known as
+libmincrypt) due to historic reasons, the goal is to clean these up and switch
+them over to BoringSSL wherever possible.
diff --git a/dsa_sig.c b/dsa_sig.c
index 101314b..c9db6d3 100644
--- a/dsa_sig.c
+++ b/dsa_sig.c
@@ -26,8 +26,8 @@
#include <string.h>
-#include "mincrypt/dsa_sig.h"
-#include "mincrypt/p256.h"
+#include "constrainedcrypto/dsa_sig.h"
+#include "constrainedcrypto/p256.h"
/**
* Trims off the leading zero bytes and copy it to a buffer aligning it to the end.
diff --git a/include/mincrypt/dsa_sig.h b/include/constrainedcrypto/dsa_sig.h
similarity index 90%
rename from include/mincrypt/dsa_sig.h
rename to include/constrainedcrypto/dsa_sig.h
index b0d91cd..3cdf194 100644
--- a/include/mincrypt/dsa_sig.h
+++ b/include/constrainedcrypto/dsa_sig.h
@@ -24,10 +24,10 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_
+#ifndef CONSTRAINEDCRYPTO_DSA_SIG_H_
+#define CONSTRAINEDCRYPTO_DSA_SIG_H_
-#include "mincrypt/p256.h"
+#include "constrainedcrypto/p256.h"
#ifdef __cplusplus
extern "C" {
@@ -40,4 +40,4 @@
}
#endif
-#endif /* SYSTEM_CORE_INCLUDE_MINCRYPT_DSA_SIG_H_ */
+#endif /* CONSTRAINEDCRYPTO_DSA_SIG_H_ */
diff --git a/include/mincrypt/hash-internal.h b/include/constrainedcrypto/hash-internal.h
similarity index 93%
rename from include/mincrypt/hash-internal.h
rename to include/constrainedcrypto/hash-internal.h
index c813b44..f0a00f9 100644
--- a/include/mincrypt/hash-internal.h
+++ b/include/constrainedcrypto/hash-internal.h
@@ -24,8 +24,8 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_
+#ifndef CONSTRAINEDCRYPTO_HASH_INTERNAL_H_
+#define CONSTRAINEDCRYPTO_HASH_INTERNAL_H_
#include <stdint.h>
@@ -60,4 +60,4 @@
}
#endif // __cplusplus
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_HASH_INTERNAL_H_
+#endif // CONSTRAINEDCRYPTO_HASH_INTERNAL_H_
diff --git a/include/mincrypt/p256.h b/include/constrainedcrypto/p256.h
similarity index 96%
rename from include/mincrypt/p256.h
rename to include/constrainedcrypto/p256.h
index 465a1b9..0bbd7e5 100644
--- a/include/mincrypt/p256.h
+++ b/include/constrainedcrypto/p256.h
@@ -24,8 +24,8 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_
+#ifndef CONSTRAINEDCRYPTO_LITE_P256_H_
+#define CONSTRAINEDCRYPTO_LITE_P256_H_
// Collection of routines manipulating 256 bit unsigned integers.
// Just enough to implement ecdsa-p256 and related algorithms.
@@ -159,4 +159,4 @@
}
#endif
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_LITE_P256_H_
+#endif // CONSTRAINEDCRYPTO_LITE_P256_H_
diff --git a/include/mincrypt/p256_ecdsa.h b/include/constrainedcrypto/p256_ecdsa.h
similarity index 92%
rename from include/mincrypt/p256_ecdsa.h
rename to include/constrainedcrypto/p256_ecdsa.h
index da339fa..7b0cc96 100644
--- a/include/mincrypt/p256_ecdsa.h
+++ b/include/constrainedcrypto/p256_ecdsa.h
@@ -24,8 +24,8 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_
+#ifndef CONSTRAINEDCRYPTO_P256_ECDSA_H_
+#define CONSTRAINEDCRYPTO_P256_ECDSA_H_
// Using current directory as relative include path here since
// this code typically gets lifted into a variety of build systems
@@ -50,4 +50,4 @@
}
#endif
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_P256_ECDSA_H_
+#endif // CONSTRAINEDCRYPTO_P256_ECDSA_H_
diff --git a/include/mincrypt/rsa.h b/include/constrainedcrypto/rsa.h
similarity index 94%
rename from include/mincrypt/rsa.h
rename to include/constrainedcrypto/rsa.h
index 3d0556b..2090ae3 100644
--- a/include/mincrypt/rsa.h
+++ b/include/constrainedcrypto/rsa.h
@@ -25,8 +25,8 @@
** ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_
+#ifndef CONSTRAINEDCRYPTO_RSA_H_
+#define CONSTRAINEDCRYPTO_RSA_H_
#include <inttypes.h>
@@ -55,4 +55,4 @@
}
#endif
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_RSA_H_
+#endif // CONSTRAINEDCRYPTO_RSA_H_
diff --git a/include/mincrypt/sha.h b/include/constrainedcrypto/sha.h
similarity index 93%
rename from include/mincrypt/sha.h
rename to include/constrainedcrypto/sha.h
index ef60aab..94dcdb4 100644
--- a/include/mincrypt/sha.h
+++ b/include/constrainedcrypto/sha.h
@@ -23,8 +23,8 @@
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_
+#ifndef CONSTRAINEDCRYPTO_SHA1_H_
+#define CONSTRAINEDCRYPTO_SHA1_H_
#include <stdint.h>
#include "hash-internal.h"
@@ -49,4 +49,4 @@
}
#endif // __cplusplus
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_SHA1_H_
+#endif // CONSTRAINEDCRYPTO_SHA1_H_
diff --git a/include/mincrypt/sha256.h b/include/constrainedcrypto/sha256.h
similarity index 92%
rename from include/mincrypt/sha256.h
rename to include/constrainedcrypto/sha256.h
index 3a87c31..eb2917c 100644
--- a/include/mincrypt/sha256.h
+++ b/include/constrainedcrypto/sha256.h
@@ -24,8 +24,8 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_
-#define SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_
+#ifndef CONSTRAINEDCRYPTO_SHA256_H_
+#define CONSTRAINEDCRYPTO_SHA256_H_
#include <stdint.h>
#include "hash-internal.h"
@@ -49,4 +49,4 @@
}
#endif // __cplusplus
-#endif // SYSTEM_CORE_INCLUDE_MINCRYPT_SHA256_H_
+#endif // CONSTRAINEDCRYPTO_SHA256_H_
diff --git a/p256.c b/p256.c
index 555a07a..993cd4e 100644
--- a/p256.c
+++ b/p256.c
@@ -37,7 +37,7 @@
#include <string.h>
#include <stdio.h>
-#include "mincrypt/p256.h"
+#include "constrainedcrypto/p256.h"
const p256_int SECP256r1_n = // curve order
{{0xfc632551, 0xf3b9cac2, 0xa7179e84, 0xbce6faad, -1, -1, 0, -1}};
diff --git a/p256_ec.c b/p256_ec.c
index 90262cc..72e80e6 100644
--- a/p256_ec.c
+++ b/p256_ec.c
@@ -38,7 +38,7 @@
#include <string.h>
#include <stdlib.h>
-#include "mincrypt/p256.h"
+#include "constrainedcrypto/p256.h"
typedef uint8_t u8;
typedef uint32_t u32;
diff --git a/p256_ecdsa.c b/p256_ecdsa.c
index f2264b0..47dcd7b 100644
--- a/p256_ecdsa.c
+++ b/p256_ecdsa.c
@@ -26,8 +26,8 @@
#include <string.h>
-#include "mincrypt/p256_ecdsa.h"
-#include "mincrypt/p256.h"
+#include "constrainedcrypto/p256_ecdsa.h"
+#include "constrainedcrypto/p256.h"
int p256_ecdsa_verify(const p256_int* key_x, const p256_int* key_y,
const p256_int* message,
diff --git a/rsa.c b/rsa.c
index 9061b3a..52a29e4 100644
--- a/rsa.c
+++ b/rsa.c
@@ -25,9 +25,9 @@
** ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#include "mincrypt/rsa.h"
-#include "mincrypt/sha.h"
-#include "mincrypt/sha256.h"
+#include "constrainedcrypto/rsa.h"
+#include "constrainedcrypto/sha.h"
+#include "constrainedcrypto/sha256.h"
// a[] -= mod
static void subM(const RSAPublicKey* key,
diff --git a/sha.c b/sha.c
index 5bef32e..43440a0 100644
--- a/sha.c
+++ b/sha.c
@@ -27,7 +27,7 @@
// Optimized for minimal code size.
-#include "mincrypt/sha.h"
+#include "constrainedcrypto/sha.h"
#include <stdio.h>
#include <string.h>
diff --git a/sha256.c b/sha256.c
index eb6e308..2b5f073 100644
--- a/sha256.c
+++ b/sha256.c
@@ -27,7 +27,7 @@
// Optimized for minimal code size.
-#include "mincrypt/sha256.h"
+#include "constrainedcrypto/sha256.h"
#include <stdio.h>
#include <string.h>
diff --git a/test/Android.mk b/test/Android.mk
index 73ff7d0..97b107a 100644
--- a/test/Android.mk
+++ b/test/Android.mk
@@ -3,13 +3,13 @@
LOCAL_PATH := $(call my-dir)
include $(CLEAR_VARS)
-LOCAL_MODULE := rsa_test
+LOCAL_MODULE := constrainedcrypto_rsa_test
LOCAL_SRC_FILES := rsa_test.c
-LOCAL_STATIC_LIBRARIES := libmincrypt
+LOCAL_STATIC_LIBRARIES := libconstrainedcrypto
include $(BUILD_HOST_NATIVE_TEST)
include $(CLEAR_VARS)
-LOCAL_MODULE := ecdsa_test
+LOCAL_MODULE := constrainedcrypto_ecdsa_test
LOCAL_SRC_FILES := ecdsa_test.c
-LOCAL_STATIC_LIBRARIES := libmincrypt
+LOCAL_STATIC_LIBRARIES := libconstrainedcrypto
include $(BUILD_HOST_NATIVE_TEST)
diff --git a/test/ecdsa_test.c b/test/ecdsa_test.c
index 24ec013..4a40c5b 100644
--- a/test/ecdsa_test.c
+++ b/test/ecdsa_test.c
@@ -30,10 +30,10 @@
#include <string.h>
#include <sys/cdefs.h>
-#include "mincrypt/dsa_sig.h"
-#include "mincrypt/p256.h"
-#include "mincrypt/p256_ecdsa.h"
-#include "mincrypt/sha256.h"
+#include "constrainedcrypto/dsa_sig.h"
+#include "constrainedcrypto/p256.h"
+#include "constrainedcrypto/p256_ecdsa.h"
+#include "constrainedcrypto/sha256.h"
#ifndef __unused
#define __unused __attribute__((__unused__))
diff --git a/test/rsa_test.c b/test/rsa_test.c
index 055138f..d579e2f 100644
--- a/test/rsa_test.c
+++ b/test/rsa_test.c
@@ -30,8 +30,8 @@
#include <string.h>
#include <sys/cdefs.h>
-#include "mincrypt/rsa.h"
-#include "mincrypt/sha.h"
+#include "constrainedcrypto/rsa.h"
+#include "constrainedcrypto/sha.h"
#ifndef __unused
#define __unused __attribute__((unused))
