diff mbox series

[1/2] cpio_utils: move out hash comparison in a helper

Message ID 20240628024201.1812065-2-dominique.martinet@atmark-techno.com
State New
Headers show
Series further copyfile cleanups | expand

Commit Message

Dominique Martinet June 28, 2024, 2:41 a.m. UTC 
While here, also a couple of minor improvements:
- reword comment about 64 bytes for md_value
- only convert to ascii if we're going to use it for logging

Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
---
 core/cpio_utils.c | 65 +++++++++++++++++++++++++----------------------
 1 file changed, 35 insertions(+), 30 deletions(-)
diff mbox series

Patch

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 65f301909f0c..cc6e32619751 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -434,6 +434,38 @@  static int zstd_step(void* state, void* buffer, size_t size)
 
 #endif
 
+static int hash_compare(struct swupdate_digest *dgst, unsigned char *hash)
+{
+	/*
+	 * SHA256_HASH_LENGTH should be enough but openssl might write
+	 * up to EVP_MAX_MD_SIZE = 64 bytes (sha512 size)
+	 */
+	unsigned char md_value[64];
+	unsigned int md_len = 0;
+
+	if (swupdate_HASH_final(dgst, md_value, &md_len) < 0) {
+		return -EFAULT;
+	}
+	/*
+	 * Now check if the computed hash is equal
+	 * to the value retrieved from sw-descritpion
+	 */
+	if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
+#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
+		char hashstring[2 * SHA256_HASH_LENGTH + 1];
+		char newhashstring[2 * SHA256_HASH_LENGTH + 1];
+
+		hash_to_ascii(hash, hashstring);
+		hash_to_ascii(md_value, newhashstring);
+
+		ERROR("HASH mismatch : %s <--> %s",
+		      hashstring, newhashstring);
+#endif
+		return -EFAULT;
+	}
+	return 0;
+}
+
 static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nbytes, unsigned long *offs, unsigned long long seek,
 	int skip_file, int __attribute__ ((__unused__)) compressed,
 	uint32_t *checksum, unsigned char *hash, bool encrypted, const char *imgivt, writeimage callback)
@@ -441,11 +473,6 @@  static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 	unsigned int percent, prevpercent = 0;
 	int ret = 0;
 	int len;
-	unsigned char md_value[64]; /*
-				     *  Maximum hash is 64 bytes for SHA512
-				     *  and we use sha256 in swupdate
-				     */
-	unsigned int md_len = 0;
 	unsigned char *aes_key = NULL;
 	unsigned char *ivt = NULL;
 	unsigned char ivtbuf[AES_BLK_SIZE];
@@ -639,31 +666,9 @@  static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 		}
 	}
 
-	if (IsValidHash(hash)) {
-		if (swupdate_HASH_final(input_state.dgst, md_value, &md_len) < 0) {
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
-
-
-		/*
-		 * Now check if the computed hash is equal
-		 * to the value retrieved from sw-descritpion
-		 */
-		if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
-			char hashstring[2 * SHA256_HASH_LENGTH + 1];
-			char newhashstring[2 * SHA256_HASH_LENGTH + 1];
-
-			hash_to_ascii(hash, hashstring);
-			hash_to_ascii(md_value, newhashstring);
-
-#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
-			ERROR("HASH mismatch : %s <--> %s",
-				hashstring, newhashstring);
-#endif
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
+	if (IsValidHash(hash) && hash_compare(input_state.dgst, hash) < 0) {
+		ret = -EFAULT;
+		goto copyfile_exit;
 	}
 
 	if (!inbuf) {