From patchwork Mon Jun 3 08:55:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dominique Martinet X-Patchwork-Id: 1942759 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.a=rsa-sha256 header.s=20230601 header.b=OSxdoAIa; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com (client-ip=2607:f8b0:4864:20::23b; helo=mail-oi1-x23b.google.com; envelope-from=swupdate+bncbcwivbv7sugrbluk62zamgqet3sevui@googlegroups.com; receiver=patchwork.ozlabs.org) Received: from mail-oi1-x23b.google.com (mail-oi1-x23b.google.com [IPv6:2607:f8b0:4864:20::23b]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Vt6yp69cKz20Q1 for ; Mon, 3 Jun 2024 18:56:18 +1000 (AEST) Received: by mail-oi1-x23b.google.com with SMTP id 5614622812f47-3d1e52d78dcsf2688937b6e.0 for ; Mon, 03 Jun 2024 01:56:18 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717404975; cv=pass; d=google.com; s=arc-20160816; b=y64tmcfbtrQRMDXPKdVs6QIQTnfziSJfmozoiRovuOg8V96bxnVyJ2O0mikObb2+PW zQ6CDuUHGf7fecVGIgok0z5S7tfnSRQ8v38//VfyTja4o6EOogOagCGF9OJvL7vQUVIq 6Tkp57Qn/cPnXs/zDDF5jZdMyT1RxCZgSzeq5IUaMXKXMehVZFMgMfVQjhuUMLELvwrO TTWsFdgEYtOzPPDX1+hnhv0d/N/yqSnJCv+Jd+C75P9bsftPS6551tFwCnXE5leg6kJb QvCvFeAtmaq48Ebw8XUivPRO4pjfMU05JPNT2Ls3e213qzZAqzib94hM1UcfEHW5zLhs FYfA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:sender:dkim-signature; bh=G3AS4Uq7MCOKnTXDrkUmfuTyIHSQvdkFqibsWTHEggw=; fh=4PeZfhJgOZHoP/u6EkhE9cJqeWd08Fwa2pfbFypNw7s=; b=eEP58sL+a1gWaAPO2eKl18oXlirRPSktA1ek8k7gzADiMnWhX55tIea2fmKozFVKmW 138Uts86JH67BzDmrP2zqvgWRNrPbI/AkXoeobuyZOoDKpdAvji9qn9t2bfGFTC0Fq2W AmdjjmYnKqNNlA/XsfXyfNeXGSCPsK5Lwk1Pc9dv4bhYsmB25C0UOb/zUzsyOs8Q9DMe XSJPsUvK3nIO6HVAF12PqMtOPge5efzUyNH2Q7Ti+jDaH3ZKPFLcAqxSP45aQEcwzuBO yxLMoDG0w9oyM5O3P+u1QZWUEEIsilP75AWqei1YXRsKxs9XuublwvgsRKKnCS/pH2kz pZRg==; darn=patchwork.ozlabs.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm header.b=azWEhwKq; dkim=pass header.i=@atmark-techno.com header.s=google header.b=KGWogimL; spf=pass (google.com: domain of dominique.martinet@atmark-techno.com designates 35.74.137.57 as permitted sender) smtp.mailfrom=dominique.martinet@atmark-techno.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1717404975; x=1718009775; darn=patchwork.ozlabs.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id :reply-to; bh=G3AS4Uq7MCOKnTXDrkUmfuTyIHSQvdkFqibsWTHEggw=; b=OSxdoAIaSG/4C6us2mgeJ6ibk265dwi8Xyqk/V5yHZcRRPCe1vjtCruXb8wzSPhF3O /z3GiYNlGIZsL+Z3fqWwanqK3e0urI5GotGtsx27ciNgEWqPdDFmHi6WEbHct2POxGt3 IratTcaalP0CTm7jl982H8uNvp1n3PQehoMS96CM1izUw0V3LvBpLIvaqi24y3nGXMiF qZOEsG8OUcDTpRr6kGDdg4ALLdPFHKoSSheLqL9kiyPSYC3HFNKWITc1FJ/u8E9/Gw7A J9rwryXAtumAC1tuARPwgLJxQQ+UjYh7fEwYxygk1YoLwGWyhbt7Ds2IoQjswnCUqZOK jxPQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717404975; x=1718009775; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :x-spam-checked-in-group:list-id:mailing-list:precedence :x-original-authentication-results:x-original-sender:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date :message-id:reply-to; bh=G3AS4Uq7MCOKnTXDrkUmfuTyIHSQvdkFqibsWTHEggw=; b=VFCEw/vhZ3EgYRzS9hh18aP+qjwZvwWyKAoIvy1WJ3lA2gskB+GkQ7TvLVte4WccxY dC/A8g77Z6q/u4yWNNrVVTXt0cs/7ScelMPqr57mDMii3GGvr4tuBo2H5cV9P+QQLaKC 6LfXg4M5Q50PpTpmr+ZWgU4ciVH6AVnk129hobwBWLtSRctlKPF4PMG9oeDSVH7YfzTU 05s5Ai8JLpZOwTywWZE09AR3wsStfGO/hIPmFnx062ql8chKBURMLZztbW+rG6ZpSztk /2tgHoBH0nNrEWKMMZMCY3DUSkRGOjnZgjm1mVkKNsI1RZmzmb/8oehmi8Vg/9upVXmv 6Ofg== Sender: swupdate@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCXeJreHbUWHSYe690ZyYAH69ZDa1ROXCli2r1DnVX4Gh0grpw4qmrvCOjyRBn8svYBDGewf4uQG1C63AF0ThkrK5IjDr5xHr9pmWdEjUQ== X-Gm-Message-State: AOJu0YxcqKfRSZhduArl1aqGUPbu7RbCIqsew1CbdHerCAukxky097N5 XRH3lMMbF5dSot1Ps0FVSHcr69ixpgNwGdqkIMHJr+rsNW+YHOsG X-Google-Smtp-Source: AGHT+IE63O7Kyhp6dKjcqYJqU05IyQ3vr1bZgurWYCPKPdIvXc3Gg65lS13nFb2DfNyfBIGIM/0ecQ== X-Received: by 2002:a05:6808:614b:b0:3c9:c5e8:453d with SMTP id 5614622812f47-3d1e3472d03mr9247334b6e.8.1717404975382; Mon, 03 Jun 2024 01:56:15 -0700 (PDT) X-BeenThere: swupdate@googlegroups.com Received: by 2002:a05:622a:181f:b0:43a:c471:8fbc with SMTP id d75a77b69052e-43fe916566cls11846321cf.2.-pod-prod-08-us; Mon, 03 Jun 2024 01:56:13 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCV4bmGmnKwSME3ObL2aZFnFgthhDPHCPpgxxK7qexcUXDRrFimXhPPMmVLE53jDP5fua6CGTTk685qufEO+WGAxu+Xwe+Kju/qQ X-Received: by 2002:a05:620a:254d:b0:792:9fb4:9961 with SMTP id af79cd13be357-794f5c973cfmr968267385a.45.1717404973287; Mon, 03 Jun 2024 01:56:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1717404973; cv=none; d=google.com; s=arc-20160816; b=gSy0L7cC35qabwPaDRFhFQgW7bOSJ5j61+cp+SKe2EArSUgXu/n35mjUS8SxoVVznC dVK/ywrt/hqmbrWf10fN6Jg2NE4+MRZ1NCOwembIDtUglDPMkkU5GKZqk6z5gwckbZ9I M5P4RtrEfhr22l2ifx2atWulxzT790O2HC1BTNS676obOUeDwuDNnxL7Zyv73V+HsxcM BReeGziUo55YFmTdtIo8ivtM5bRC5+gJh5C3tRsYLjRiWxfwqSo0ycu4qARuhdJJOakb wkRaUTZBdvpL2KPTlSRhzqnZg5ozhLiXAbdg27ZT6zjFI5YKe2o6ckOeU7z12jaoSp2H 2zvA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature; bh=U/tlUQ0AUSY/FFXjT+LMBE7j3hV9DkP4Gwjsb0m51IE=; fh=5oScBr/i6uiUvtV1IuyM3BzLlbRa/vnA8SINcwYtluI=; b=zvEPgye8luPNnLuH6D8LX9h7pew7S9trf1bvq0OysXkd2PcTWh//2Hw656cKPsM3Ky ZY9CPmAuQD2UHgt0Zklcp/aTQE/1MEs6NrIVgI4nks9Skn+cpxK2bPjEeWAQYsNDgOGz EB6TbuLW6T8yedZ5hi6DB1G4vRxvKGhEa/63DB4UfibwNoXHh35Y+7UL047IQVRN73p7 f2UJCFxAYqEqBkDy4u0951KIgCteuvoZit/rMqtb4a8iqyGgcd0TKIaclSEL4MA2MWZl pUdmg7hg0Sg3mOy6B2IURcSgJfmbmcbCuGj2kErSHrRPt3L1wVkwtlr5oT6I6takRzk9 uUSg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm header.b=azWEhwKq; dkim=pass header.i=@atmark-techno.com header.s=google header.b=KGWogimL; spf=pass (google.com: domain of dominique.martinet@atmark-techno.com designates 35.74.137.57 as permitted sender) smtp.mailfrom=dominique.martinet@atmark-techno.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com Received: from gw2.atmark-techno.com (gw2.atmark-techno.com. [35.74.137.57]) by gmr-mx.google.com with ESMTPS id af79cd13be357-794f305ae8fsi35871085a.4.2024.06.03.01.56.12 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 03 Jun 2024 01:56:13 -0700 (PDT) Received-SPF: pass (google.com: domain of dominique.martinet@atmark-techno.com designates 35.74.137.57 as permitted sender) client-ip=35.74.137.57; Received: from gw2.atmark-techno.com (localhost [127.0.0.1]) by gw2.atmark-techno.com (Postfix) with ESMTP id 4116DA78 for ; Mon, 3 Jun 2024 17:56:10 +0900 (JST) Received: from mail-pj1-f70.google.com (mail-pj1-f70.google.com [209.85.216.70]) by gw2.atmark-techno.com (Postfix) with ESMTPS id 63A2B92B for ; Mon, 3 Jun 2024 17:56:09 +0900 (JST) Received: by mail-pj1-f70.google.com with SMTP id 98e67ed59e1d1-2c2083b00bbso1747478a91.3 for ; Mon, 03 Jun 2024 01:56:09 -0700 (PDT) X-Forwarded-Encrypted: i=1; AJvYcCVBDT0kH1j68Iz1w82RzCSWKLS2Hg4il3eIApe6miqsX9ptYk/75Crvqu8FKS7+F5aMDaB1J1Mzphp8jZJcxtf3iuxXSqf1IWxo X-Received: by 2002:a17:90b:1c11:b0:2c2:154c:d02a with SMTP id 98e67ed59e1d1-2c2154cd39dmr3179977a91.45.1717404968438; Mon, 03 Jun 2024 01:56:08 -0700 (PDT) X-Received: by 2002:a17:90b:1c11:b0:2c2:154c:d02a with SMTP id 98e67ed59e1d1-2c2154cd39dmr3179962a91.45.1717404967959; Mon, 03 Jun 2024 01:56:07 -0700 (PDT) Received: from pc-0182.atmarktech (103.131.189.35.bc.googleusercontent.com. [35.189.131.103]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2c1a77afb3fsm7916344a91.37.2024.06.03.01.56.07 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 03 Jun 2024 01:56:07 -0700 (PDT) Received: from [::1] (helo=pc-0182.atmark.tech) by pc-0182.atmarktech with esmtp (Exim 4.96) (envelope-from ) id 1sE3U6-009riT-0S; Mon, 03 Jun 2024 17:56:06 +0900 From: Dominique Martinet To: stefano.babic@swupdate.org, swupdate@googlegroups.com Cc: Dominique Martinet Subject: [swupdate] [PATCH RFC 2/9] cpio_utils: move out hash comparison Date: Mon, 3 Jun 2024 17:55:55 +0900 Message-Id: <20240603085602.2351411-3-dominique.martinet@atmark-techno.com> X-Mailer: git-send-email 2.39.2 In-Reply-To: <20240603085602.2351411-1-dominique.martinet@atmark-techno.com> References: <20240603085602.2351411-1-dominique.martinet@atmark-techno.com> MIME-Version: 1.0 X-Original-Sender: dominique.martinet@atmark-techno.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm header.b=azWEhwKq; dkim=pass header.i=@atmark-techno.com header.s=google header.b=KGWogimL; spf=pass (google.com: domain of dominique.martinet@atmark-techno.com designates 35.74.137.57 as permitted sender) smtp.mailfrom=dominique.martinet@atmark-techno.com; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , - reword comment about 64 bytes for md_value - only convert to ascii if we're going to use it for logging Signed-off-by: Dominique Martinet --- core/cpio_utils.c | 65 +++++++++++++++++++++++++---------------------- 1 file changed, 35 insertions(+), 30 deletions(-) diff --git a/core/cpio_utils.c b/core/cpio_utils.c index 00b15f030c74..a05a32cd59b5 100644 --- a/core/cpio_utils.c +++ b/core/cpio_utils.c @@ -434,6 +434,38 @@ static int zstd_step(void* state, void* buffer, size_t size) #endif +static int hash_compare(struct swupdate_digest *dgst, unsigned char *hash) +{ + /* + * SHA256_HASH_LENGTH should be enough but openssl might write + * up to EVP_MAX_MD_SIZE = 64 bytes (sha512 size) + */ + unsigned char md_value[64]; + unsigned int md_len = 0; + + if (swupdate_HASH_final(dgst, md_value, &md_len) < 0) { + return -EFAULT; + } + /* + * Now check if the computed hash is equal + * to the value retrieved from sw-descritpion + */ + if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) { +#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING + char hashstring[2 * SHA256_HASH_LENGTH + 1]; + char newhashstring[2 * SHA256_HASH_LENGTH + 1]; + + hash_to_ascii(hash, hashstring); + hash_to_ascii(md_value, newhashstring); + + ERROR("HASH mismatch : %s <--> %s", + hashstring, newhashstring); +#endif + return -EFAULT; + } + return 0; +} + static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nbytes, unsigned long *offs, unsigned long long seek, int skip_file, int __attribute__ ((__unused__)) compressed, uint32_t *checksum, unsigned char *hash, bool encrypted, const char *imgivt, writeimage callback) @@ -441,11 +473,6 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby unsigned int percent, prevpercent = 0; int ret = 0; int len; - unsigned char md_value[64]; /* - * Maximum hash is 64 bytes for SHA512 - * and we use sha256 in swupdate - */ - unsigned int md_len = 0; unsigned char *aes_key = NULL; unsigned char *ivt = NULL; unsigned char ivtbuf[AES_BLK_SIZE]; @@ -648,31 +675,9 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby } } - if (IsValidHash(hash)) { - if (swupdate_HASH_final(input_state.dgst, md_value, &md_len) < 0) { - ret = -EFAULT; - goto copyfile_exit; - } - - - /* - * Now check if the computed hash is equal - * to the value retrieved from sw-descritpion - */ - if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) { - char hashstring[2 * SHA256_HASH_LENGTH + 1]; - char newhashstring[2 * SHA256_HASH_LENGTH + 1]; - - hash_to_ascii(hash, hashstring); - hash_to_ascii(md_value, newhashstring); - -#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING - ERROR("HASH mismatch : %s <--> %s", - hashstring, newhashstring); -#endif - ret = -EFAULT; - goto copyfile_exit; - } + if (IsValidHash(hash) && hash_compare(input_state.dgst, hash) < 0) { + ret = -EFAULT; + goto copyfile_exit; } if (!inbuf) {