From patchwork Fri Jun 28 02:41:59 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dominique Martinet
 <dominique.martinet@atmark-techno.com>
X-Patchwork-Id: 1953666
X-Patchwork-Delegate: sbabic@denx.de
Return-Path: <swupdate+bncBCWIVBV7SUGRBBWG7CZQMGQEPZCIJTI@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=googlegroups.com header.i=@googlegroups.com
 header.a=rsa-sha256 header.s=20230601 header.b=m+KS97VU;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com
 (client-ip=2001:4860:4864:20::3f; helo=mail-oa1-x3f.google.com;
 envelope-from=swupdate+bncbcwivbv7sugrbbwg7czqmgqepzcijti@googlegroups.com;
 receiver=patchwork.ozlabs.org)
Received: from mail-oa1-x3f.google.com (mail-oa1-x3f.google.com
 [IPv6:2001:4860:4864:20::3f])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4W9KTh5nLtz20Xf
	for <incoming@patchwork.ozlabs.org>; Fri, 28 Jun 2024 12:42:16 +1000 (AEST)
Received: by mail-oa1-x3f.google.com with SMTP id
 586e51a60fabf-2547e18cb07sf274742fac.2
        for <incoming@patchwork.ozlabs.org>;
 Thu, 27 Jun 2024 19:42:16 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1719542535; cv=pass;
        d=google.com; s=arc-20160816;
        b=NsGR3qkKw8w0BgBw9/j/DkDnBndJE061Ko1JZtZCjavizHN7MeoUafoA6Y6kgvlQAi
         VV97WgTXkme1SD1wGQpM781VMEOvj8bXhAxhh7ADbZ4eIIPgOzSMQjVlm1HRDCkMXqXN
         gKayAF/XDxsLGbz+dzEwNm54LSq08ri/guWh20i3huQzn8mE8erLmkfFV2rif9z/iX4e
         X38Hhkf7M2k5aI7NUxHLqhWidyuhx+NGiVGEA+aFXFLozvQnanfEdV6aYu6Btqo4ZHKz
         YaSMFUYm5kP3y8FDMoIYC+RUR8opjVtJn9XryfXyitdAvS7lUKEn+3CMad+ZtYHj3qrm
         Ehtg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:dkim-signature;
        bh=dPqTCtFwhA2bEGWrloXnl7kzh9LIXH65SiXCWY/Dh+E=;
        fh=kbG+l+MdYy3lN1qEvPTqUJ3f6c8i8I9JbCA1v4imbno=;
        b=K8SAhrCygkL2ZNrxR+hP8zDcgHEHgrObn3wivojUkYIAiWu1DtwcaxWWmQYUxYvOSW
         XkYB6OuN5Y1iKI9GQO6KtJN508dJC3TnpVp3i5bfJ2vWfSp1FTBSgo/LwBvU04GfvCGR
         huxY/kPSa8WhXvVjxQ9JbYEjmQs7puRta5ZECyOvblrWHk2yCGdAnGMLlB9Dal7+Mi/L
         n5RSv7YkyHPP+cGPon/vazA4i1T1zFkiQiR8ibJsTZONEmJXOc4L7jjlQWfYKvVuh9ME
         39jLLTeqsnCUYlq9EJa//A6VAexEBSYR6ebYgNoClciKx21b7Py0wvdeRCHHUYVSWluG
         s4Zw==;
        darn=patchwork.ozlabs.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm
 header.b="Iv72n/9t";
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=jQaJpdu1;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1719542535; x=1720147335;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:references:in-reply-to:message-id
         :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=dPqTCtFwhA2bEGWrloXnl7kzh9LIXH65SiXCWY/Dh+E=;
        b=m+KS97VUa9LfCgTgOVqhNAtJsXDEXQqea4/6dte4j5ElwnGTTWDrbS329Jt1QqLTXH
         JNlFTOCONMz/YJPnlMlSSmTrmvFgJ2iC6hEq7yxQsbZqrIfaJdmavaAA1xJE/hQmmP70
         vuRjqDRThwPnlpke4Jtzl+zJdlYdz7dTtXk4C2t+q053YOTgjO6IFML2kwgrKDs6483/
         0rIainBxCWmDUrkbKN/cE7oy/HIOwdTOVxQu6oNXIt340WLh1Er6284lcCPrAQF39029
         irCopovc7sQAuo7r79b1RJbw3XNxK3WcDjktbY0BbNizf3dzWaiMfiwFNMOK2DtgcDq6
         /DtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1719542535; x=1720147335;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=dPqTCtFwhA2bEGWrloXnl7kzh9LIXH65SiXCWY/Dh+E=;
        b=Y8GUz16pMHRhDTIXjJgFPMlsuuJj2bJd+J8XZYuRqSUW1SCru9h5dyWPGNB7YgWjz+
         LvTASC1VWwU3or+hAjysZUFUkkbA1vDEf4D5MNYyEGdtI80tJtkf+pePiWOWuQBmMDoY
         jCGDyNwDzGxOL3MriG4p0luijD/djKLCUhDjLMFBSVeRGtiIa8Dtgnt78ZDoMWN/gZUn
         XaZOYP/5m3b5LCayrp9TEj/ujJ3VznsnCSv3mKeG0WvJGNl6ksXnn/tcMW8tBm+6iGhB
         s8hBMm5YTalaQCMHckyKeJMPhWt1pTnKvWZwf/Nvumm0YcSJBu7/MwU9WmTZUoyLroYk
         9EtA==
Sender: swupdate@googlegroups.com
X-Forwarded-Encrypted: i=2;
 AJvYcCUvBvsKh94+3ejcMyJjx8g31pWaf53T7pxxBEE27KE1AxGJzHbDE5Z7fciC6LK4LhznhkFBhxz8i0gl11EIVX3cZi6RX6cigzrnljUjVw==
X-Gm-Message-State: AOJu0YxAe6avpo/cjpvleAru6XpMblTObxfeFUiw8Bdkjv4BnDi459m7
	nO21kn57FSEEgiklF6J9VDfwWhod97wSEyxJfjcgaWDfJZs5zRho
X-Google-Smtp-Source: 
 AGHT+IE3OnK3E4QWHepOfmoNUCGZpEDm3++06MAVpRMMbuZ39x/Mn6eAidtm/NH3E3PBEwOP9U/ong==
X-Received: by 2002:a05:6870:ecaa:b0:25c:ad1f:b334 with SMTP id
 586e51a60fabf-25d016f3502mr16481449fac.21.1719542535121;
        Thu, 27 Jun 2024 19:42:15 -0700 (PDT)
X-BeenThere: swupdate@googlegroups.com
Received: by 2002:a05:6870:b8a:b0:259:89be:cd7e with SMTP id
 586e51a60fabf-25d92caebefls260812fac.2.-pod-prod-02-us; Thu, 27 Jun 2024
 19:42:14 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCVXZFyge76gKcZ7Uuo/sZFDsGQKwkS5PY+SnBQRDgKFnhPUr6BQ9hYQxfAYLQ7i7NXcDz8nBk5DlLgJ7z2PE1ZfobYzy0HXugRU
X-Received: by 2002:a05:6808:10d1:b0:3d5:63f0:ee9e with SMTP id
 5614622812f47-3d563f0f047mr7017917b6e.20.1719542534017;
        Thu, 27 Jun 2024 19:42:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1719542534; cv=none;
        d=google.com; s=arc-20160816;
        b=jrQpRE0dSkR2bWUtuNXfNG5uDkKxrHgtDKF+F0n0oUtRqpRf1zOnkpkZy5JaN+VC+Z
         RRJjcpXqCnhntBAAMr1zkPdeaUpfYt/glCgXLLFdQnzSmZXNSx9DBu6yZaBNwf8QqTon
         aaug9uHv3g7+vvbriFUuR9rgCflwC7TKquZ5nBTmhkEeAp6WlnGrl3yVw+pw5+I02sIl
         wZbqZUzEcqCMlzJq5KjZpxGjOrlY3u/EyByrSyLHdzjzhE8kbTpq6NRTzs4V7NDxiX69
         NGwYBxjQEOjgqcnbCOnIcWDrdjzgeh7gvxhNYBmJGcYl/1z0GxCK4Dcb9q9Kvqmwlbos
         Z+kw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature;
        bh=DKuBrzIyTyx1vBMR5ehy5ixaO/AKf8M9Hku4D/EwGoc=;
        fh=igJvc4PZKVhDEuXhGrn4n6CchvGhOSkNg4OURqn4Rlo=;
        b=hbs9VC0zQjLs+eX1pG1gHi0WDSWb4PDMqtxL73ysyov7L6Poap2b3DRrA/cWidAAeD
         9qKOk/H0/5brsYy1M/K8Bb/71ZKpj0IE8a+barG8xpg1jHRwKAtXlYaRODmfI0haC2K8
         nnV0YJcS0WHm83xVlaiuaiq/6y1pFddA8Z7RRsweg6WdvwXH5OyAJu/F+LjohNRZI29c
         /0yBzmmY3+7xvO8WbEx+oVPGmBIATrCHTNAv3nqho2bHc4fM1ynJywLmkZMZzXZc2GH8
         m95mBLZVOxt+l9T4bq8GJCsIOIDrN4v51ADGEN5vnpwuRrunVhZDxs3a8OLWjH14/TyI
         N9Dg==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm
 header.b="Iv72n/9t";
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=jQaJpdu1;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
Received: from gw2.atmark-techno.com (gw2.atmark-techno.com. [35.74.137.57])
        by gmr-mx.google.com with ESMTPS id
 5614622812f47-3d62fa43be7si41235b6e.3.2024.06.27.19.42.13
        for <swupdate@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 27 Jun 2024 19:42:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender) client-ip=35.74.137.57;
Received: from gw2.atmark-techno.com (localhost [127.0.0.1])
	by gw2.atmark-techno.com (Postfix) with ESMTP id C7D9D9AA
	for <swupdate@googlegroups.com>; Fri, 28 Jun 2024 11:42:11 +0900 (JST)
Received: from mail-pf1-f199.google.com (mail-pf1-f199.google.com
 [209.85.210.199])
	by gw2.atmark-techno.com (Postfix) with ESMTPS id 5A7DAA6A
	for <swupdate@googlegroups.com>; Fri, 28 Jun 2024 11:42:11 +0900 (JST)
Received: by mail-pf1-f199.google.com with SMTP id
 d2e1a72fcca58-7086fe615afso76476b3a.1
        for <swupdate@googlegroups.com>; Thu, 27 Jun 2024 19:42:11 -0700 (PDT)
X-Forwarded-Encrypted: i=1;
 AJvYcCXz9W8ByOxSwZcLSqRo0QYOD6ze/ci/SaQyvcvV/FzKXJe1Gd8O//7fkWddS1ByNw5fYgpO+JYMS/fY7buwHCKP4B79iDsGtTzi
X-Received: by 2002:aa7:92d4:0:b0:705:bc32:534e with SMTP id
 d2e1a72fcca58-70670e9ed1bmr15401579b3a.9.1719542530252;
        Thu, 27 Jun 2024 19:42:10 -0700 (PDT)
X-Received: by 2002:aa7:92d4:0:b0:705:bc32:534e with SMTP id
 d2e1a72fcca58-70670e9ed1bmr15401563b3a.9.1719542529792;
        Thu, 27 Jun 2024 19:42:09 -0700 (PDT)
Received: from pc-0182.atmarktech (178.101.200.35.bc.googleusercontent.com.
 [35.200.101.178])
        by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-7080246ee80sm436387b3a.69.2024.06.27.19.42.08
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 27 Jun 2024 19:42:09 -0700 (PDT)
Received: from [::1] (helo=pc-0182.atmark.tech)
	by pc-0182.atmarktech with esmtp (Exim 4.96)
	(envelope-from <dominique.martinet@atmark-techno.com>)
	id 1sN1Yt-007bPN-0d;
	Fri, 28 Jun 2024 11:42:07 +0900
From: Dominique Martinet <dominique.martinet@atmark-techno.com>
To: stefano.babic@swupdate.org,
	swupdate@googlegroups.com
Cc: Dominique Martinet <dominique.martinet@atmark-techno.com>
Subject: [swupdate] [PATCH 1/2] cpio_utils: move out hash comparison in a
 helper
Date: Fri, 28 Jun 2024 11:41:59 +0900
Message-Id: <20240628024201.1812065-2-dominique.martinet@atmark-techno.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240628024201.1812065-1-dominique.martinet@atmark-techno.com>
References: <20240628024201.1812065-1-dominique.martinet@atmark-techno.com>
MIME-Version: 1.0
X-Original-Sender: dominique.martinet@atmark-techno.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@atmark-techno.com header.s=gw2_bookworm header.b="Iv72n/9t";
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=jQaJpdu1;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
 <mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
 <mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/swupdate/subscribe>

While here, also a couple of minor improvements:
- reword comment about 64 bytes for md_value
- only convert to ascii if we're going to use it for logging

Signed-off-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
---
 core/cpio_utils.c | 65 +++++++++++++++++++++++++----------------------
 1 file changed, 35 insertions(+), 30 deletions(-)

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 65f301909f0c..cc6e32619751 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -434,6 +434,38 @@ static int zstd_step(void* state, void* buffer, size_t size)
 
 #endif
 
+static int hash_compare(struct swupdate_digest *dgst, unsigned char *hash)
+{
+	/*
+	 * SHA256_HASH_LENGTH should be enough but openssl might write
+	 * up to EVP_MAX_MD_SIZE = 64 bytes (sha512 size)
+	 */
+	unsigned char md_value[64];
+	unsigned int md_len = 0;
+
+	if (swupdate_HASH_final(dgst, md_value, &md_len) < 0) {
+		return -EFAULT;
+	}
+	/*
+	 * Now check if the computed hash is equal
+	 * to the value retrieved from sw-descritpion
+	 */
+	if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
+#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
+		char hashstring[2 * SHA256_HASH_LENGTH + 1];
+		char newhashstring[2 * SHA256_HASH_LENGTH + 1];
+
+		hash_to_ascii(hash, hashstring);
+		hash_to_ascii(md_value, newhashstring);
+
+		ERROR("HASH mismatch : %s <--> %s",
+		      hashstring, newhashstring);
+#endif
+		return -EFAULT;
+	}
+	return 0;
+}
+
 static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nbytes, unsigned long *offs, unsigned long long seek,
 	int skip_file, int __attribute__ ((__unused__)) compressed,
 	uint32_t *checksum, unsigned char *hash, bool encrypted, const char *imgivt, writeimage callback)
@@ -441,11 +473,6 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 	unsigned int percent, prevpercent = 0;
 	int ret = 0;
 	int len;
-	unsigned char md_value[64]; /*
-				     *  Maximum hash is 64 bytes for SHA512
-				     *  and we use sha256 in swupdate
-				     */
-	unsigned int md_len = 0;
 	unsigned char *aes_key = NULL;
 	unsigned char *ivt = NULL;
 	unsigned char ivtbuf[AES_BLK_SIZE];
@@ -639,31 +666,9 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 		}
 	}
 
-	if (IsValidHash(hash)) {
-		if (swupdate_HASH_final(input_state.dgst, md_value, &md_len) < 0) {
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
-
-
-		/*
-		 * Now check if the computed hash is equal
-		 * to the value retrieved from sw-descritpion
-		 */
-		if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
-			char hashstring[2 * SHA256_HASH_LENGTH + 1];
-			char newhashstring[2 * SHA256_HASH_LENGTH + 1];
-
-			hash_to_ascii(hash, hashstring);
-			hash_to_ascii(md_value, newhashstring);
-
-#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
-			ERROR("HASH mismatch : %s <--> %s",
-				hashstring, newhashstring);
-#endif
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
+	if (IsValidHash(hash) && hash_compare(input_state.dgst, hash) < 0) {
+		ret = -EFAULT;
+		goto copyfile_exit;
 	}
 
 	if (!inbuf) {