From patchwork Mon Nov 20 11:10:02 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefano Babic <sbabic@denx.de>
X-Patchwork-Id: 839513
Return-Path: <swupdate+bncBCXPLOXJ6IKRBLPQZLIAKGQEPN22H3Q@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=googlegroups.com
	(client-ip=2a00:1450:400c:c0c::238;
	helo=mail-wr0-x238.google.com;
	envelope-from=swupdate+bncbcxploxj6ikrblpqzliakgqepn22h3q@googlegroups.com;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=googlegroups.com header.i=@googlegroups.com
	header.b="tcSLx14+"; dkim-atps=neutral
Received: from mail-wr0-x238.google.com (mail-wr0-x238.google.com
	[IPv6:2a00:1450:400c:c0c::238])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3ygQxY2R3dz9s4s
	for <incoming@patchwork.ozlabs.org>;
	Mon, 20 Nov 2017 22:10:41 +1100 (AEDT)
Received: by mail-wr0-x238.google.com with SMTP id v69sf2144311wrb.3
	for <incoming@patchwork.ozlabs.org>;
	Mon, 20 Nov 2017 03:10:41 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1511176237; cv=pass;
	d=google.com; s=arc-20160816;
	b=olrXTjus/3v5cL5ihZsyoYJNVoDs+pCZiyob0u2nL13HYyUE0iJZk2wavR/AUxrmrq
	JZHWEZ7FL2ppDZAEpYh6B6otyFUjWB7JIP/X43aHSk3GJSxcKabTUwMajkpLaJMBD3m0
	U4Q9Al+p140zDVQ4YX3QV+NqiOSQhq2MWoVFoJNF5Wra4mZHq4ClDoC+CqphACSRlwNE
	peg0Euc16eG/EmtseRUl6BUKh76S8wIOT0jKW5dKzI0BIh/NUjCtpC1DrZFPl3/Ifeb2
	vYJUGqBujfhOljKmFL+QeQWHWUjQa78QRqHRKKeUVLjT/Pj/O7QMyloQwVxAgLdUWMrW
	+SQw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
	:list-id:mailing-list:precedence:references:in-reply-to:message-id
	:date:subject:cc:to:from:arc-authentication-results
	:arc-message-signature:mime-version:sender:dkim-signature
	:arc-authentication-results;
	bh=LRoSdRebQE1qWbBUYb00WQ6bF2A3JwGvkPV1nz+Pgrc=;
	b=JZhH4zme6kN7BEnAgJNgPPh/W62klbS2xyBB7GOjk0PfLWirVX5MfRXWljdWz7j5it
	ED7K063Uu2VKpGPjvIFCv41sWDzLartCnX/3D81RGt8y4mKsp0cKARZqXFngPrEgDbtH
	W2FXAxKsX+JWukww/eY9sIRmV/TR4LjmpTnHrNtcFRIf9iY0uAx826lQbEugU62LSmyA
	CR98W6nqkir0VFEcsk7G5JNxN+e7laCiMRk4yBY0mcNq5pLYYVGj9E5Zzl+g9U9EwPL6
	FYgpFvSnSAImvcCyKP6EtrGwEN4hXvQq0qCdQvs0bnvDfuF58i2A5ZBPZVWSYP5XawRu
	67ow==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
	spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied
	by best guess record for domain of sbabic@denx.de)
	smtp.mailfrom=sbabic@denx.de
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlegroups.com; s=20161025;
	h=sender:mime-version:from:to:cc:subject:date:message-id:in-reply-to
	:references:x-original-sender:x-original-authentication-results
	:precedence:mailing-list:list-id:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=LRoSdRebQE1qWbBUYb00WQ6bF2A3JwGvkPV1nz+Pgrc=;
	b=tcSLx14+R91ieA6dq+xXnq50r7k7951EVrhxyrawLaBs3GFGQkfUS/xScY2LeRif56
	QsvplepMDdZ+hVPpFepK1wr78hMvRKPfXu+RSMFaaQxM4CFnuXXSj8uoPgRA83X+eu1Y
	bKvsz/MZKHWeEVpx72eZzedvYDYhe+GptKdXkQiZa7pSzovv+ZkmOTbnLqeeSTJ1toj4
	NqvO9HJhRC2GBl2j5gAfX+/rf0+y0Svd0FOELtmzZAZuA8Z6i3QexIZFDlFTgRy6jKhC
	aDcyxmRNKQIM98XN88xvBGt163L0PNjky8ZbxgQvpkoclwn+OIy/0eGjYQ5ZQwwFybEf
	UVTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date
	:message-id:in-reply-to:references:x-original-sender
	:x-original-authentication-results:precedence:mailing-list:list-id
	:x-spam-checked-in-group:list-post:list-help:list-archive
	:list-subscribe:list-unsubscribe;
	bh=LRoSdRebQE1qWbBUYb00WQ6bF2A3JwGvkPV1nz+Pgrc=;
	b=byJ1T3yxEAwfchlXpk5xYy2diPhvYpEE/+rXCQVQ83ePG1PiarrCAU3o2KN3jd2pYY
	4m+Qcy7Ec+aPsQnFHgeKBZhJXj4wu3pYOcXZm71XoA9iWeAqM+rs7l5Kkh2KJTvngG01
	YomYkUX4zAMTWakPAGS+SA+UAVEJt/vaFfGCWcEAYoklV5LQe6ouEHpoqwkxnkoEkyNz
	cMVp6edZpkzi15ivTaiQCv5hb+Qtq5L0iE9O2xUuCG4hKdecl0yGl5u4UkXXZnCRXsA6
	sVMX+z2Y8f7vURn1GIntCFEEwpLLWpyP2eYMQvOSqcpVrhBry93AqU2F+w62eKwTqhRy
	tMYQ==
Sender: swupdate@googlegroups.com
X-Gm-Message-State: AJaThX4DYql+aX3Sw+6frfcwSdn05GXjX+eyg8Q+rpdrSoT/ClUcG1m5
	A3X86XT9m/QRzYK/LRJ/vX0=
X-Google-Smtp-Source: 
 AGs4zMYuMVmpGtsV8S6/S7uIE7NnSnMmVoRx6/zZ/6fix/jVNgqeXl8Bfi5pGsw2SWVFZ9Y9njyYWg==
X-Received: by 10.28.147.75 with SMTP id v72mr143607wmd.2.1511176237881;
	Mon, 20 Nov 2017 03:10:37 -0800 (PST)
MIME-Version: 1.0
X-BeenThere: swupdate@googlegroups.com
Received: by 10.28.144.2 with SMTP id s2ls877046wmd.12.canary-gmail; Mon, 20
	Nov 2017 03:10:37 -0800 (PST)
X-Received: by 10.28.190.7 with SMTP id o7mr1373902wmf.2.1511176237452;
	Mon, 20 Nov 2017 03:10:37 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1511176237; cv=none;
	d=google.com; s=arc-20160816;
	b=OBaO8wGscwrjnv8Au8z/Jbp2X7IuTd2VNeHc9aflc9AClPaJi5qI4qwfp9c2BUK+g6
	HmUfcgqKUMCiCtyCyEiOEtAlXcPie01iLh62+3F84VIV5pNNPlQyZVrdjTm+2MR2TxyK
	GCsa6LpZLFL8RyZXydUq0kVA9UwKQgvYX9IE9bsSmPydZMAUUMF6NyyKO1QIoAE+5C4Q
	6LtoG19tSa6co9utFjG/wqTHAgNpUyaQYylpi606AFBlj/GcUAP/dPDzgT0p7V+XgK0D
	J7UfPq3GQ1/ZGlHxgtDiNgKAKJ5qQRhnBnquw8G6gb1oA/9+8w452vbZp++eX13kwhZL
	3CgQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
	s=arc-20160816;
	h=references:in-reply-to:message-id:date:subject:cc:to:from
	:arc-authentication-results;
	bh=nJDZVUXlX2J09yH+Bciao3Dj/zCnUMS6rVLbdV9SG9U=;
	b=oqwgLtAKH+plmGXF/6tpsW+un3f6GQNu5AAutYmsVqpPsxTJc98sZiwuPwSJUkyphv
	VTgnsz28TjgHqLgUpjC9dFlTChj5qyzdfUJ4Ys2/9rf0MTy7pOCoq/oklnngivwl8LYh
	DZqDiC8IQHF9Quamyer5I3IbUFjBHVIceGdxPbSKtF4z5EmSVUKOyvNHXAD2MqzG1KTm
	vktx4MiN+w6zx3DvoCw1T/oMDbWj1EoN5RqasQstrOz5qZb9SpRWFTPwwjJtakVhJn4p
	8T/+uN+pDOtYyxbRg7sYk7kQFAO2P/hgT0Z/6XWQVEzI+I/ragBJhEZKmltOk0hUKiK8
	3hsg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
	spf=neutral (google.com: 212.18.0.9 is neither permitted nor denied
	by best guess record for domain of sbabic@denx.de)
	smtp.mailfrom=sbabic@denx.de
Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.9])
	by gmr-mx.google.com with ESMTPS id
	t37si824106wrc.3.2017.11.20.03.10.37
	for <swupdate@googlegroups.com>
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 20 Nov 2017 03:10:37 -0800 (PST)
Received-SPF: neutral (google.com: 212.18.0.9 is neither permitted nor
	denied by best guess record for domain of sbabic@denx.de)
	client-ip=212.18.0.9;
Received: from frontend01.mail.m-online.net (unknown [192.168.8.182])
	by mail-out.m-online.net (Postfix) with ESMTP id 3ygQxT1YjWz1qsDt;
	Mon, 20 Nov 2017 12:10:37 +0100 (CET)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.70])
	by mail.m-online.net (Postfix) with ESMTP id 3ygQxT1Gl8z1qqkZ;
	Mon, 20 Nov 2017 12:10:37 +0100 (CET)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.182])
	by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new,
	port 10024)
	with ESMTP id bJmltKClTyA8; Mon, 20 Nov 2017 12:10:36 +0100 (CET)
Received: from babic.homelinux.org
	(host-88-217-136-221.customer.m-online.net [88.217.136.221])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mail.mnet-online.de (Postfix) with ESMTPS;
	Mon, 20 Nov 2017 12:10:35 +0100 (CET)
Received: from localhost (mail.babic.homelinux.org [127.0.0.1])
	by babic.homelinux.org (Postfix) with ESMTP id 8105A454057C;
	Mon, 20 Nov 2017 12:10:35 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at babic.homelinux.org
Received: from babic.homelinux.org ([127.0.0.1])
	by localhost (mail.babic.homelinux.org [127.0.0.1]) (amavisd-new,
	port 10024)
	with ESMTP id V-oDY_l8cD95; Mon, 20 Nov 2017 12:10:32 +0100 (CET)
Received: from papero.fritz.box (papero.fritz.box [192.168.178.132])
	by babic.homelinux.org (Postfix) with ESMTP id DC6724540641;
	Mon, 20 Nov 2017 12:10:19 +0100 (CET)
From: Stefano Babic <sbabic@denx.de>
To: swupdate@googlegroups.com
Cc: Stefano Babic <sbabic@denx.de>
Subject: [swupdate] [PATCH 09/17] verify: let choose the SHA length
Date: Mon, 20 Nov 2017 12:10:02 +0100
Message-Id: <1511176210-28928-9-git-send-email-sbabic@denx.de>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <1511176210-28928-1-git-send-email-sbabic@denx.de>
References: <1511176210-28928-1-git-send-email-sbabic@denx.de>
X-Original-Sender: sbabic@denx.de
X-Original-Authentication-Results: gmr-mx.google.com;       spf=neutral
	(google.com: 212.18.0.9 is neither permitted nor denied by best guess
	record
	for domain of sbabic@denx.de) smtp.mailfrom=sbabic@denx.de
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
	contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
	<mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
	<mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
	<mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
	<https://groups.google.com/group/swupdate/subscribe>

SWUpdate uses only sha256 to compute hashes. Add a parameter
to swupdate_HASH_init to let decide the caller the alg
to be used.

Signed-off-by: Stefano Babic <sbabic@denx.de>
---
 core/cpio_utils.c          |  2 +-
 corelib/verify_signature.c | 19 +++++++++++++------
 include/sslapi.h           | 21 ++++++++++++++++-----
 3 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index de674ec..0112f12 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -137,7 +137,7 @@ int copyfile(int fdin, void *out, unsigned int nbytes, unsigned long *offs, unsi
 	}
 
 	if (IsValidHash(hash)) {
-		dgst = swupdate_HASH_init();
+		dgst = swupdate_HASH_init(SHA_DEFAULT);
 		if (!dgst)
 			return -EFAULT;
 	}
diff --git a/corelib/verify_signature.c b/corelib/verify_signature.c
index 0596578..3ffa328 100644
--- a/corelib/verify_signature.c
+++ b/corelib/verify_signature.c
@@ -29,12 +29,12 @@
 
 #define BUFSIZE	(1024 * 8)
 
-static int dgst_init(struct swupdate_digest *dgst)
+static int dgst_init(struct swupdate_digest *dgst, const EVP_MD *md)
 {
 	int rc;
 
 	ERR_clear_error();
-	rc = EVP_DigestInit_ex(dgst->ctx, EVP_sha256(), NULL);
+	rc = EVP_DigestInit_ex(dgst->ctx, md, NULL);
 	if (rc != 1) {
 		ERROR("EVP_DigestInit_ex failed: %s\n", ERR_error_string(ERR_get_error(), NULL));
 		return -EINVAL; /* failed */
@@ -158,7 +158,7 @@ int swupdate_verify_file(struct swupdate_digest *dgst, const char *sigfile,
 		goto out;
 	}
 
-	if ((dgst_init(dgst) < 0) || (dgst_verify_init(dgst) < 0)) {
+	if ((dgst_init(dgst, EVP_sha256()) < 0) || (dgst_verify_init(dgst) < 0)) {
 		status = -ENOKEY;
 		goto out;
 	}
@@ -331,9 +331,10 @@ out:
 	return status;
 }
 #endif
-struct swupdate_digest *swupdate_HASH_init(void)
+struct swupdate_digest *swupdate_HASH_init(const char *SHAlength)
 {
 	struct swupdate_digest *dgst;
+	const EVP_MD *md;
 	int ret;
 
 	dgst = calloc(1, sizeof(*dgst));
@@ -341,6 +342,11 @@ struct swupdate_digest *swupdate_HASH_init(void)
 		return NULL;
 	}
 
+	if ((!SHAlength) || strcmp(SHAlength, "sha1"))
+		md = EVP_sha256();
+	else
+		md = EVP_sha1();
+
  	dgst->ctx = EVP_MD_CTX_create();
 	if(dgst->ctx == NULL) {
 		ERROR("EVP_MD_CTX_create failed, error 0x%lx\n", ERR_get_error());
@@ -348,7 +354,7 @@ struct swupdate_digest *swupdate_HASH_init(void)
 		return NULL;
 	}
 
-	ret = dgst_init(dgst);
+	ret = dgst_init(dgst, md);
 	if (ret) {
 		free(dgst);
 		return NULL;
@@ -363,7 +369,8 @@ int swupdate_HASH_update(struct swupdate_digest *dgst, unsigned char *buf,
 	if (!dgst)
 		return -EFAULT;
 
-	EVP_DigestUpdate (dgst->ctx, buf, len);
+	if (EVP_DigestUpdate (dgst->ctx, buf, len) != 1)
+		return -EIO;
 
 	return 0;
 }
diff --git a/include/sslapi.h b/include/sslapi.h
index 1df656d..9d02502 100644
--- a/include/sslapi.h
+++ b/include/sslapi.h
@@ -20,12 +20,14 @@
 #ifndef _SWUPDATE_SSL_H
 #define _SWUPDATE_SSL_H
 
+#define SHA_DEFAULT	"sha256"
+
 /*
  * openSSL is not mandatory
  * Let compile when openSSL is not activated
  */
-#if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_ENCRYPTED_IMAGES)
-
+#if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_ENCRYPTED_IMAGES) || \
+	defined(CONFIG_SURICATTA_SSL)
 #include <openssl/bio.h>
 #include <openssl/objects.h>
 #include <openssl/err.h>
@@ -35,6 +37,7 @@
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
 #include <openssl/aes.h>
+
 #ifdef CONFIG_SIGALG_CMS
 #if defined(LIBRESSL_VERSION_NUMBER)
 #error "LibreSSL does not support CMS, please select RSA PKCS"
@@ -42,6 +45,7 @@
 #include <openssl/cms.h>
 #endif
 #endif
+
 #include <openssl/opensslv.h>
 
 struct swupdate_digest {
@@ -84,7 +88,7 @@ struct swupdate_digest {
 
 #if defined(CONFIG_HASH_VERIFY)
 int swupdate_dgst_init(struct swupdate_cfg *sw, const char *keyfile);
-struct swupdate_digest *swupdate_HASH_init(void);
+struct swupdate_digest *swupdate_HASH_init(const char *SHALength);
 int swupdate_HASH_update(struct swupdate_digest *dgst, unsigned char *buf,
 				size_t len);
 int swupdate_HASH_final(struct swupdate_digest *dgst, unsigned char *md_value,
@@ -99,8 +103,8 @@ int swupdate_HASH_compare(unsigned char *hash1, unsigned char *hash2);
 #define swupdate_dgst_init(sw, keyfile) ( 0 )
 #define swupdate_HASH_init(p) ( NULL )
 #define swupdate_verify_file(dgst, sigfile, file) ( 0 )
-#define swupdate_HASH_update(p, buf, len)
-#define swupdate_HASH_final(p, result, len)
+#define swupdate_HASH_update(p, buf, len)	(-1)
+#define swupdate_HASH_final(p, result, len)	(-1)
 #define swupdate_HASH_cleanup(sw)
 #define swupdate_HASH_compare(hash1,hash2)	(0)
 #endif
@@ -123,5 +127,12 @@ void swupdate_DECRYPT_cleanup(struct swupdate_digest *dgst);
 #define swupdate_DECRYPT_cleanup(p)
 #endif
 
+/*
+ * if openSSL is not selected
+ */
+#ifndef SHA_DIGEST_LENGTH
+#define SHA_DIGEST_LENGTH 20
+#endif
+
 #endif