[09/17] verify: let choose the SHA length

Message ID	1511176210-28928-9-git-send-email-sbabic@denx.de
State	Accepted
Headers	show Return-Path: <swupdate+bncBCXPLOXJ6IKRBLPQZLIAKGQEPN22H3Q@googlegroups.com> Sender: swupdate@googlegroups.com MIME-Version: 1.0 Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor denied by best guess record for domain of sbabic@denx.de) client-ip=212.18.0.9; From: Stefano Babic <sbabic@denx.de> To: swupdate@googlegroups.com Cc: Stefano Babic <sbabic@denx.de> Subject: [swupdate] [PATCH 09/17] verify: let choose the SHA length Date: Mon, 20 Nov 2017 12:10:02 +0100 Message-Id: <1511176210-28928-9-git-send-email-sbabic@denx.de> In-Reply-To: <1511176210-28928-1-git-send-email-sbabic@denx.de> References: <1511176210-28928-1-git-send-email-sbabic@denx.de> Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com
Series	[01/17] parser: added function to get net child in tree \| expand [01/17] parser: added function to get net child in tree [02/17] dictionary: allow duplication of keys [03/17] dictionary: add utility to drop the database [04/17] Add set of properties for each image [05/17] drop db properties in cleanup [06/17] Kconfig: adding a CURL switch [07/17] channel_hawkbit: move to corelib for reusing [08/17] channel_curl: drop reference to hawkbit [09/17] verify: let choose the SHA length [10/17] channel_curl: use runtime detection for SSL [11/17] Debug output in curl just if debug is set [12/17] Drop prototypes from suricatta API [13/17] Remove dependencies from suricatta for channel API [14/17] Move channel.h away from suricatta [15/17] Factorize some json function for reuse [16/17] handler: swupdate forwarder [17/17] doc: add doc for SWU forwarder handler

Message ID

1511176210-28928-9-git-send-email-sbabic@denx.de

State

Accepted

Headers

Sender: swupdate@googlegroups.com
MIME-Version: 1.0
Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor
	denied by best guess record for domain of sbabic@denx.de)
	client-ip=212.18.0.9; 
From: Stefano Babic <sbabic@denx.de>
To: swupdate@googlegroups.com
Cc: Stefano Babic <sbabic@denx.de>
Subject: [swupdate] [PATCH 09/17] verify: let choose the SHA length
Date: Mon, 20 Nov 2017 12:10:02 +0100
Message-Id: <1511176210-28928-9-git-send-email-sbabic@denx.de>
In-Reply-To: <1511176210-28928-1-git-send-email-sbabic@denx.de>
References: <1511176210-28928-1-git-send-email-sbabic@denx.de>
Content-Type: text/plain; charset="UTF-8"
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
	contact swupdate+owners@googlegroups.com

Series

[01/17] parser: added function to get net child in tree | expand

Commit Message

Stefano Babic Nov. 20, 2017, 11:10 a.m. UTC

SWUpdate uses only sha256 to compute hashes. Add a parameter
to swupdate_HASH_init to let decide the caller the alg
to be used.

Signed-off-by: Stefano Babic <sbabic@denx.de>
---
 core/cpio_utils.c          |  2 +-
 corelib/verify_signature.c | 19 +++++++++++++------
 include/sslapi.h           | 21 ++++++++++++++++-----
 3 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index de674ec..0112f12 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -137,7 +137,7 @@  int copyfile(int fdin, void *out, unsigned int nbytes, unsigned long *offs, unsi
 	}
 
 	if (IsValidHash(hash)) {
-		dgst = swupdate_HASH_init();
+		dgst = swupdate_HASH_init(SHA_DEFAULT);
 		if (!dgst)
 			return -EFAULT;
 	}
diff --git a/corelib/verify_signature.c b/corelib/verify_signature.c
index 0596578..3ffa328 100644
--- a/corelib/verify_signature.c
+++ b/corelib/verify_signature.c
@@ -29,12 +29,12 @@ 
 
 #define BUFSIZE	(1024 * 8)
 
-static int dgst_init(struct swupdate_digest *dgst)
+static int dgst_init(struct swupdate_digest *dgst, const EVP_MD *md)
 {
 	int rc;
 
 	ERR_clear_error();
-	rc = EVP_DigestInit_ex(dgst->ctx, EVP_sha256(), NULL);
+	rc = EVP_DigestInit_ex(dgst->ctx, md, NULL);
 	if (rc != 1) {
 		ERROR("EVP_DigestInit_ex failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
 		return -EINVAL; /* failed */
@@ -158,7 +158,7 @@  int swupdate_verify_file(struct swupdate_digest *dgst, const char *sigfile,
 		goto out;
 	}
 
-	if ((dgst_init(dgst) < 0) || (dgst_verify_init(dgst) < 0)) {
+	if ((dgst_init(dgst, EVP_sha256()) < 0) || (dgst_verify_init(dgst) < 0)) {
 		status = -ENOKEY;
 		goto out;
 	}
@@ -331,9 +331,10 @@  out:
 	return status;
 }
 #endif
-struct swupdate_digest *swupdate_HASH_init(void)
+struct swupdate_digest *swupdate_HASH_init(const char *SHAlength)
 {
 	struct swupdate_digest *dgst;
+	const EVP_MD *md;
 	int ret;
 
 	dgst = calloc(1, sizeof(*dgst));
@@ -341,6 +342,11 @@  struct swupdate_digest *swupdate_HASH_init(void)
 		return NULL;
 	}
 
+	if ((!SHAlength) || strcmp(SHAlength, "sha1"))
+		md = EVP_sha256();
+	else
+		md = EVP_sha1();
+
  	dgst->ctx = EVP_MD_CTX_create();
 	if(dgst->ctx == NULL) {
 		ERROR("EVP_MD_CTX_create failed, error 0x%lx\n", ERR_get_error());
@@ -348,7 +354,7 @@  struct swupdate_digest *swupdate_HASH_init(void)
 		return NULL;
 	}
 
-	ret = dgst_init(dgst);
+	ret = dgst_init(dgst, md);
 	if (ret) {
 		free(dgst);
 		return NULL;
@@ -363,7 +369,8 @@  int swupdate_HASH_update(struct swupdate_digest *dgst, unsigned char *buf,
 	if (!dgst)
 		return -EFAULT;
 
-	EVP_DigestUpdate (dgst->ctx, buf, len);
+	if (EVP_DigestUpdate (dgst->ctx, buf, len) != 1)
+		return -EIO;
 
 	return 0;
 }
diff --git a/include/sslapi.h b/include/sslapi.h
index 1df656d..9d02502 100644
--- a/include/sslapi.h
+++ b/include/sslapi.h
@@ -20,12 +20,14 @@ 
 #ifndef _SWUPDATE_SSL_H
 #define _SWUPDATE_SSL_H
 
+#define SHA_DEFAULT	"sha256"
+
 /*
  * openSSL is not mandatory
  * Let compile when openSSL is not activated
  */
-#if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_ENCRYPTED_IMAGES)
-
+#if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_ENCRYPTED_IMAGES) || \
+	defined(CONFIG_SURICATTA_SSL)
 #include <openssl/bio.h>
 #include <openssl/objects.h>
 #include <openssl/err.h>
@@ -35,6 +37,7 @@ 
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 #include <openssl/aes.h>
+
 #ifdef CONFIG_SIGALG_CMS
 #if defined(LIBRESSL_VERSION_NUMBER)
 #error "LibreSSL does not support CMS, please select RSA PKCS"
@@ -42,6 +45,7 @@ 
 #include <openssl/cms.h>
 #endif
 #endif
+
 #include <openssl/opensslv.h>
 
 struct swupdate_digest {
@@ -84,7 +88,7 @@  struct swupdate_digest {
 
 #if defined(CONFIG_HASH_VERIFY)
 int swupdate_dgst_init(struct swupdate_cfg *sw, const char *keyfile);
-struct swupdate_digest *swupdate_HASH_init(void);
+struct swupdate_digest *swupdate_HASH_init(const char *SHALength);
 int swupdate_HASH_update(struct swupdate_digest *dgst, unsigned char *buf,
 				size_t len);
 int swupdate_HASH_final(struct swupdate_digest *dgst, unsigned char *md_value,
@@ -99,8 +103,8 @@  int swupdate_HASH_compare(unsigned char *hash1, unsigned char *hash2);
 #define swupdate_dgst_init(sw, keyfile) ( 0 )
 #define swupdate_HASH_init(p) ( NULL )
 #define swupdate_verify_file(dgst, sigfile, file) ( 0 )
-#define swupdate_HASH_update(p, buf, len)
-#define swupdate_HASH_final(p, result, len)
+#define swupdate_HASH_update(p, buf, len)	(-1)
+#define swupdate_HASH_final(p, result, len)	(-1)
 #define swupdate_HASH_cleanup(sw)
 #define swupdate_HASH_compare(hash1,hash2)	(0)
 #endif
@@ -123,5 +127,12 @@  void swupdate_DECRYPT_cleanup(struct swupdate_digest *dgst);
 #define swupdate_DECRYPT_cleanup(p)
 #endif
 
+/*
+ * if openSSL is not selected
+ */
+#ifndef SHA_DIGEST_LENGTH
+#define SHA_DIGEST_LENGTH 20
+#endif
+
 #endif

[09/17] verify: let choose the SHA length

Commit Message

Patch