From patchwork Fri Jun 28 02:42:00 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Dominique Martinet
 <dominique.martinet@atmark-techno.com>
X-Patchwork-Id: 1953668
Return-Path: <swupdate+bncBCWIVBV7SUGRBBWG7CZQMGQEPZCIJTI@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=googlegroups.com header.i=@googlegroups.com
 header.a=rsa-sha256 header.s=20230601 header.b=js7CyJIK;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com
 (client-ip=2607:f8b0:4864:20::d38; helo=mail-io1-xd38.google.com;
 envelope-from=swupdate+bncbcwivbv7sugrbbwg7czqmgqepzcijti@googlegroups.com;
 receiver=patchwork.ozlabs.org)
Received: from mail-io1-xd38.google.com (mail-io1-xd38.google.com
 [IPv6:2607:f8b0:4864:20::d38])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4W9KTk67Shz20Zy
	for <incoming@patchwork.ozlabs.org>; Fri, 28 Jun 2024 12:42:18 +1000 (AEST)
Received: by mail-io1-xd38.google.com with SMTP id
 ca18e2360f4ac-7f4e270277csf89482639f.0
        for <incoming@patchwork.ozlabs.org>;
 Thu, 27 Jun 2024 19:42:18 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1719542535; cv=pass;
        d=google.com; s=arc-20160816;
        b=H7t6o0zVEeR2UZUxt+iL72iaVi3UuaPwC6YvWfmu/qhHKoik1oq+DrUkcLIi8L3QnH
         cc7lmhbNAiOoKUrhqcLc1ELnKzBJT7IZUqdENeZuSJMQ0u0djGB9me8Ergea5mhF1ori
         f6JhyQG9Xw2TKtBm0tRCIEUk/41F4UZ105T0BRk5B5G8I0uJfvOkVX6l7nfhWl+c0OZ1
         P9Bvl//Hd7Sy3/XLREEf1juti2aRLJjLIaCTUJSK2F78oPWQjEj0zEA8fkZwqPxzVjWG
         kg6EwbASr4Hjsf0zgQqYirXxMTPPZFSmP3beapUas8xSok6JVyHd/Jg27hJuDsOWzYgf
         EMNg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:dkim-signature;
        bh=nNzlHcpv6VPdyC++dByBRkismcoJhL8aOR3l/dohsFg=;
        fh=ToGl7A5Zw6Ym6/Las9zN5OmNzGgR/S6lfFxo4odVg5g=;
        b=RjYgEpFmGOAVJtrTSpIgH08vI6WxRwKZ+D49Z9FDxdQej4D5P3HHbwN8jZkUECirw+
         Vtg4jRKRejW0ccljo59YiQt1IZE9cMHr7UMDwakFxu//3Us1lPnfSIeJU3fNWVnNVLN5
         X3mLWt1lwwCXA9ZrmJn7LEirSLUzID9X1Xyt42jdjEEa29tWAxjEcSEze+loxalV0Cp8
         qqosaPD/7RBg4hcWH3TDNEITkOrM6bxDN/al1kHjDqP9SAVO6Wvpp2zYuBg69wz/5H47
         8SB6nii/rYir871CExrRq49aoZut1HidGo5E1p5DCuiPvEvCnoQbJambcf9GeHZm/8tC
         hE5w==;
        darn=patchwork.ozlabs.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm
 header.b=F2pA67a4;
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=HaMCxLe2;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1719542535; x=1720147335;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:references:in-reply-to:message-id
         :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=nNzlHcpv6VPdyC++dByBRkismcoJhL8aOR3l/dohsFg=;
        b=js7CyJIK9LHlx3FnEuFHXLwTDjlSfpO4tKTMnzGBO7AOxxkS4w/bOPHzf5qT25djmO
         hfKKXl286D7oGH/JvrjN7Q05S0zm6OSyAQJ8AL+Q9AlHuFi4KFyNI5TsO7W9Vyv/iMT2
         yyveMYG9X4Pu1DwuPVXlWI5Q8G8tLwu3b2BGKQi0G3BnkkWC1cqcOWUhzgZbKjwmz0RW
         TPEyDikBnqTDrubibX72e1RFZcYN9t6ZjT9MXUIQtT7RAaXQBycIJhu4pzwV4gD8RKHy
         RrH3dCjUzFBHfBLZMo+YE+QjrPUb3/bOWC82A4Kqt9/byd8gpMMKksxzR58YRlDGWupo
         4h8g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1719542535; x=1720147335;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=nNzlHcpv6VPdyC++dByBRkismcoJhL8aOR3l/dohsFg=;
        b=J0HQAL3QZxCYqMPfkNfW9UUOU+emnEM2EYyusrDAGlUTjrzepufOCQ3hu6Ezdb4YDz
         9YnbCdbKvYUhYdeEudFlW+7e6s+qJq8PI9dSrDDxRyDh6T9jmz1hbJAvUs12L1K+jRyZ
         CjUvHpBhnZ3NtCxyl9kYyf7ybvaabz7WRZmvZ+RJFKFKlnpl2JdNv+ppS4xjS2uc52Sy
         jPA8MXfIeqqvkIv/E8AUPSevUF8vrYgE2UGxqNz0NEub9qBekE6OAa79dOexKI5j/o9d
         XqwYDOr01i9niOz9pyYNjQgsvLawrHicymZMkh469DEOBsAPfS6OIGcXflBNe50KbiAd
         PlPQ==
Sender: swupdate@googlegroups.com
X-Forwarded-Encrypted: i=2;
 AJvYcCWzKqGmZ0WiW0nI6jJVkV7khvpr3MfnF3wTTOBkxOWD9pwn5d9Cn2JzZXrI3qZ1DeCSAfm6ks9MlIFe+YnDh6Gs+8CJUCUd4DO6+tU0Mg==
X-Gm-Message-State: AOJu0YwhCILTV/Sj5XHzHBSlJ77xGS7pHZ/jsG7Y2/eoeJSf/rysyJ2g
	o9avNv9wIoqATJ34yavRMMIXsDA7OF8uUNB/T6hUBPD7LgWLAMq4
X-Google-Smtp-Source: 
 AGHT+IEcXgopGfiQRDJ8wpzC8YRYmDuAtoNH6JiDwGBXwrBw4DBAoIAE1xsMuhbyYTdOk0Z714zGSw==
X-Received: by 2002:a05:6e02:198e:b0:375:eb20:d10 with SMTP id
 e9e14a558f8ab-37b2955a73dmr2297135ab.4.1719542534607;
        Thu, 27 Jun 2024 19:42:14 -0700 (PDT)
X-BeenThere: swupdate@googlegroups.com
Received: by 2002:a05:6e02:1543:b0:375:93f4:7453 with SMTP id
 e9e14a558f8ab-37af1844da0ls1555655ab.2.-pod-prod-00-us; Thu, 27 Jun 2024
 19:42:13 -0700 (PDT)
X-Forwarded-Encrypted: i=2;
 AJvYcCWfCLkf46iVeUsf/pd+bLJsGoGGhYWkXVwMJHYCgQIJFPNG0ZxldSnDG47N8BedQt+vLrIJ0/E7SVuvdXvK8+EdflYkF3iC/349
X-Received: by 2002:a05:6602:445:b0:7f3:a0aa:164a with SMTP id
 ca18e2360f4ac-7f61f4c1e8amr20569339f.4.1719542533468;
        Thu, 27 Jun 2024 19:42:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1719542533; cv=none;
        d=google.com; s=arc-20160816;
        b=jDGMV0issAR8X+XmbIy/eeCjqhy4BHs/V1NHb4K4r++OSQTJrqaeCyawHJ4GOnmoF0
         kN+eGQzdPw40XCcvsVO1siCKSNfCkJkIC1UMMH9+eVv++9Dtl45cHaLqjXHEqiyer9tH
         nuOcyzeZPHkXovbTg1X1gW8c2emO0M3m8pUX7Keu9xXorZkQcwOboDKYuKMvhWAKjeXZ
         PRXxMXnpyIbTWMYTPXwSTanN6lHvpfXj6XlEHnJJ0TA4OCXoE8l2q90FQsyya3HdNCaW
         nc56/SpeWAtzZMS0iw4m70s+A4mRviDZzAhPlG2Uf0w6wUtcdi5CBjrkIqzNQJkQTJ4s
         0SXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:dkim-signature:dkim-signature;
        bh=bKS7wCIEm4kSRl9DI+NIp80QB7bPnvbUkOXAnjMpRzw=;
        fh=rCF26bkZ+BNKAZJjmoq/6THHWAGaZ3iFIMPEgf5EtCY=;
        b=Eu6LsVNc/Iu7z1EdYIxbgWRXy0kmhImBymKuUWCA6D9AyT3hYVyuoaTRhKOn1Vjsm3
         BBQMk/Yu8v3pkwcB3br0pzd+353avIgvKCncXTTiE4KCNs/YkbeAQ/z34yTJdufUuYJ8
         8OMnBv9so4e/uNcLP17o0r353Xj99gsOj1s5+M0cGObm9ZneoM0O7fMYvejWOlkABk5q
         9/BeS77g/obwb2ZronDd2M/yIS5gCNy1waN690yDI4hksjpDZ1WNqeQhIBwwzZ8yCerI
         fsxlVztEFG4o8bSU+BrDriNJAlLiD9MEFrCP+drJwBxMpNrTMqpCA3/C5pjAdw+bDU6T
         bACA==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@atmark-techno.com header.s=gw2_bookworm
 header.b=F2pA67a4;
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=HaMCxLe2;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
Received: from gw2.atmark-techno.com (gw2.atmark-techno.com. [35.74.137.57])
        by gmr-mx.google.com with ESMTPS id
 8926c6da1cb9f-4bb73fc67efsi45687173.4.2024.06.27.19.42.13
        for <swupdate@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 27 Jun 2024 19:42:13 -0700 (PDT)
Received-SPF: pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender) client-ip=35.74.137.57;
Received: from gw2.atmark-techno.com (localhost [127.0.0.1])
	by gw2.atmark-techno.com (Postfix) with ESMTP id 4239D4AB
	for <swupdate@googlegroups.com>; Fri, 28 Jun 2024 11:42:11 +0900 (JST)
Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com
 [209.85.214.198])
	by gw2.atmark-techno.com (Postfix) with ESMTPS id F1AE6A0C
	for <swupdate@googlegroups.com>; Fri, 28 Jun 2024 11:42:10 +0900 (JST)
Received: by mail-pl1-f198.google.com with SMTP id
 d9443c01a7336-1f6810e43e0so1680775ad.0
        for <swupdate@googlegroups.com>; Thu, 27 Jun 2024 19:42:10 -0700 (PDT)
X-Forwarded-Encrypted: i=1;
 AJvYcCUew/ZPL4CxMTamgw6trH6Eddz9yz58j2NrmdAlM0snpH6P2StepW8OwrLwU/da4GrJUsotC3gw+1kQtgCcD5laPTr3sqbDzF6Z
X-Received: by 2002:a17:902:cecc:b0:1f6:e338:2a6 with SMTP id
 d9443c01a7336-1fac7ee78ccmr3706775ad.23.1719542529991;
        Thu, 27 Jun 2024 19:42:09 -0700 (PDT)
X-Received: by 2002:a17:902:cecc:b0:1f6:e338:2a6 with SMTP id
 d9443c01a7336-1fac7ee78ccmr3706525ad.23.1719542529481;
        Thu, 27 Jun 2024 19:42:09 -0700 (PDT)
Received: from pc-0182.atmarktech (145.82.198.104.bc.googleusercontent.com.
 [104.198.82.145])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-1fac10e2239sm4649325ad.67.2024.06.27.19.42.08
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 27 Jun 2024 19:42:09 -0700 (PDT)
Received: from [::1] (helo=pc-0182.atmark.tech)
	by pc-0182.atmarktech with esmtp (Exim 4.96)
	(envelope-from <dominique.martinet@atmark-techno.com>)
	id 1sN1Yt-007bPN-0p;
	Fri, 28 Jun 2024 11:42:07 +0900
From: Dominique Martinet <dominique.martinet@atmark-techno.com>
To: stefano.babic@swupdate.org,
	swupdate@googlegroups.com
Cc: Dominique Martinet <dominique.martinet@atmark-techno.com>
Subject: [swupdate] [PATCH 1/2] cpio_utils: move out hash comparison
Date: Fri, 28 Jun 2024 11:42:00 +0900
Message-Id: <20240628024201.1812065-3-dominique.martinet@atmark-techno.com>
X-Mailer: git-send-email 2.39.2
In-Reply-To: <20240628024201.1812065-1-dominique.martinet@atmark-techno.com>
References: <20240628024201.1812065-1-dominique.martinet@atmark-techno.com>
MIME-Version: 1.0
X-Original-Sender: dominique.martinet@atmark-techno.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@atmark-techno.com header.s=gw2_bookworm header.b=F2pA67a4;
       dkim=pass header.i=@atmark-techno.com header.s=google
 header.b=HaMCxLe2;
       spf=pass (google.com: domain of dominique.martinet@atmark-techno.com
 designates 35.74.137.57 as permitted sender)
 smtp.mailfrom=dominique.martinet@atmark-techno.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=atmark-techno.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
 <mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
 <mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/swupdate/subscribe>

- reword comment about 64 bytes for md_value
- only convert to ascii if we're going to use it for logging

Change-Id: I1b8f017b0df86a3fa28e108363da9c67cfd7b410
---
 core/cpio_utils.c | 65 +++++++++++++++++++++++++----------------------
 1 file changed, 35 insertions(+), 30 deletions(-)

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 65f301909f0c..cc6e32619751 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -434,6 +434,38 @@ static int zstd_step(void* state, void* buffer, size_t size)
 
 #endif
 
+static int hash_compare(struct swupdate_digest *dgst, unsigned char *hash)
+{
+	/*
+	 * SHA256_HASH_LENGTH should be enough but openssl might write
+	 * up to EVP_MAX_MD_SIZE = 64 bytes (sha512 size)
+	 */
+	unsigned char md_value[64];
+	unsigned int md_len = 0;
+
+	if (swupdate_HASH_final(dgst, md_value, &md_len) < 0) {
+		return -EFAULT;
+	}
+	/*
+	 * Now check if the computed hash is equal
+	 * to the value retrieved from sw-descritpion
+	 */
+	if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
+#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
+		char hashstring[2 * SHA256_HASH_LENGTH + 1];
+		char newhashstring[2 * SHA256_HASH_LENGTH + 1];
+
+		hash_to_ascii(hash, hashstring);
+		hash_to_ascii(md_value, newhashstring);
+
+		ERROR("HASH mismatch : %s <--> %s",
+		      hashstring, newhashstring);
+#endif
+		return -EFAULT;
+	}
+	return 0;
+}
+
 static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nbytes, unsigned long *offs, unsigned long long seek,
 	int skip_file, int __attribute__ ((__unused__)) compressed,
 	uint32_t *checksum, unsigned char *hash, bool encrypted, const char *imgivt, writeimage callback)
@@ -441,11 +473,6 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 	unsigned int percent, prevpercent = 0;
 	int ret = 0;
 	int len;
-	unsigned char md_value[64]; /*
-				     *  Maximum hash is 64 bytes for SHA512
-				     *  and we use sha256 in swupdate
-				     */
-	unsigned int md_len = 0;
 	unsigned char *aes_key = NULL;
 	unsigned char *ivt = NULL;
 	unsigned char ivtbuf[AES_BLK_SIZE];
@@ -639,31 +666,9 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 		}
 	}
 
-	if (IsValidHash(hash)) {
-		if (swupdate_HASH_final(input_state.dgst, md_value, &md_len) < 0) {
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
-
-
-		/*
-		 * Now check if the computed hash is equal
-		 * to the value retrieved from sw-descritpion
-		 */
-		if (md_len != SHA256_HASH_LENGTH || swupdate_HASH_compare(hash, md_value)) {
-			char hashstring[2 * SHA256_HASH_LENGTH + 1];
-			char newhashstring[2 * SHA256_HASH_LENGTH + 1];
-
-			hash_to_ascii(hash, hashstring);
-			hash_to_ascii(md_value, newhashstring);
-
-#ifndef CONFIG_ENCRYPTED_IMAGES_HARDEN_LOGGING
-			ERROR("HASH mismatch : %s <--> %s",
-				hashstring, newhashstring);
-#endif
-			ret = -EFAULT;
-			goto copyfile_exit;
-		}
+	if (IsValidHash(hash) && hash_compare(input_state.dgst, hash) < 0) {
+		ret = -EFAULT;
+		goto copyfile_exit;
 	}
 
 	if (!inbuf) {