From patchwork Mon Jun 21 20:23:45 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steffen Jaeckel X-Patchwork-Id: 1495302 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4G81Gj0VBJz9sTD for ; Tue, 22 Jun 2021 06:24:44 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 71EC6829E9; Mon, 21 Jun 2021 22:24:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=eyet-services.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 4A6FF829E9; Mon, 21 Jun 2021 22:24:29 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H2, SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from bumble.birch.relay.mailchannels.net (bumble.birch.relay.mailchannels.net [23.83.209.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 108C7829E9 for ; Mon, 21 Jun 2021 22:24:22 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=eyet-services.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=jaeckel-floss@eyet-services.de X-Sender-Id: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 1EDDF921C08; Mon, 21 Jun 2021 20:24:19 +0000 (UTC) Received: from cpanel-004-fra.hostingww.com (100-96-16-80.trex.outbound.svc.cluster.local [100.96.16.80]) (Authenticated sender: instrampxe0y3a) by relay.mailchannels.net (Postfix) with ESMTPA id 0DD4A921B77; Mon, 21 Jun 2021 20:24:17 +0000 (UTC) X-Sender-Id: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de Received: from cpanel-004-fra.hostingww.com (ec2-18-198-100-52.eu-central-1.compute.amazonaws.com [18.198.100.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.16.80 (trex/6.3.3); Mon, 21 Jun 2021 20:24:18 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de X-MailChannels-Auth-Id: instrampxe0y3a X-Wiry-Print: 13127a6b0cc4c190_1624307058721_390657508 X-MC-Loop-Signature: 1624307058721:2451998069 X-MC-Ingress-Time: 1624307058721 Received: from hsi-kbw-46-223-101-50.hsi.kabel-badenwuerttemberg.de ([46.223.101.50]:39002 helo=draupnir.jaeckel.lan) by cpanel-004-fra.hostingww.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1lvQSq-00066a-FX; Mon, 21 Jun 2021 20:24:16 +0000 From: Steffen Jaeckel To: u-boot@lists.denx.de Cc: Steffen Jaeckel , Simon Glass Subject: [PATCH v3 2/8] lib: wrap crypt API to hide errno usage Date: Mon, 21 Jun 2021 22:23:45 +0200 Message-Id: <20210621202352.1250303-3-jaeckel-floss@eyet-services.de> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210621202352.1250303-1-jaeckel-floss@eyet-services.de> References: <20210621202352.1250303-1-jaeckel-floss@eyet-services.de> MIME-Version: 1.0 X-OutGoing-Spam-Status: No, score=-1.0 X-AuthUser: jaeckel@eyet-services.de X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean In order to prevent using the global errno, replace it with a static version and create a wrapper function which returns the error value. Signed-off-by: Steffen Jaeckel Reviewed-by: Simon Glass --- (no changes since v1) include/crypt.h | 3 ++- lib/crypt/alg-sha256.h | 6 ------ lib/crypt/alg-sha512.h | 6 ------ lib/crypt/crypt-port.h | 18 ++++++++++-------- lib/crypt/crypt-sha256.c | 26 ++++++++++++++++++++++++-- lib/crypt/crypt-sha512.c | 26 ++++++++++++++++++++++++-- lib/crypt/crypt.c | 25 ++++++++++++++----------- test/lib/test_crypt.c | 24 ++++++++++++++++++++++-- 8 files changed, 96 insertions(+), 38 deletions(-) diff --git a/include/crypt.h b/include/crypt.h index e0be2832ff..f18a1705d4 100644 --- a/include/crypt.h +++ b/include/crypt.h @@ -9,5 +9,6 @@ * @equal Pointer to an int where the result is stored * '0' = unequal * '1' = equal + * @return 0 on success, error code of errno else */ -void crypt_compare(const char *should, const char *passphrase, int *equal); +int crypt_compare(const char *should, const char *passphrase, int *equal); diff --git a/lib/crypt/alg-sha256.h b/lib/crypt/alg-sha256.h index e4b29c9f31..62e7b9d5c0 100644 --- a/lib/crypt/alg-sha256.h +++ b/lib/crypt/alg-sha256.h @@ -1,12 +1,6 @@ /* SPDX-License-Identifier: GPL-2.0+ */ /* Copyright (C) 2020 Steffen Jaeckel */ -#ifndef USE_HOSTCC -#include "common.h" -#else -#include -#endif - #include "u-boot/sha256.h" #define INCLUDE_sha256crypt 1 diff --git a/lib/crypt/alg-sha512.h b/lib/crypt/alg-sha512.h index 93b6109fae..47e45730cc 100644 --- a/lib/crypt/alg-sha512.h +++ b/lib/crypt/alg-sha512.h @@ -1,12 +1,6 @@ /* SPDX-License-Identifier: GPL-2.0+ */ /* Copyright (C) 2020 Steffen Jaeckel */ -#ifndef USE_HOSTCC -#include "common.h" -#else -#include -#endif - #include "u-boot/sha512.h" #define INCLUDE_sha512crypt 1 diff --git a/lib/crypt/crypt-port.h b/lib/crypt/crypt-port.h index 680ffe9349..6b9542d75b 100644 --- a/lib/crypt/crypt-port.h +++ b/lib/crypt/crypt-port.h @@ -18,11 +18,13 @@ extern const unsigned char ascii64[65]; #define b64t ((const char *)ascii64) -void crypt_sha256crypt_rn(const char *phrase, size_t phr_size, - const char *setting, size_t ARG_UNUSED(set_size), - uint8_t *output, size_t out_size, void *scratch, - size_t scr_size); -void crypt_sha512crypt_rn(const char *phrase, size_t phr_size, - const char *setting, size_t ARG_UNUSED(set_size), - uint8_t *output, size_t out_size, void *scratch, - size_t scr_size); +int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size, + const char *setting, + size_t ARG_UNUSED(set_size), uint8_t *output, + size_t out_size, void *scratch, + size_t scr_size); +int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size, + const char *setting, + size_t ARG_UNUSED(set_size), uint8_t *output, + size_t out_size, void *scratch, + size_t scr_size); diff --git a/lib/crypt/crypt-sha256.c b/lib/crypt/crypt-sha256.c index 37127d41e1..e1c1eff060 100644 --- a/lib/crypt/crypt-sha256.c +++ b/lib/crypt/crypt-sha256.c @@ -1,10 +1,13 @@ +// SPDX-License-Identifier: CC0-1.0 /* One way encryption based on the SHA256-based Unix crypt implementation. * * Written by Ulrich Drepper in 2007 [1]. * Modified by Zack Weinberg in 2017, 2018. * Composed by Björn Esser in 2018. * Modified by Björn Esser in 2020. - * Modified by Steffen Jaeckel in 2020. + * Modified by Steffen Jaeckel in 2021 + * for U-Boot, instead of using the global errno to use a static one + * inside this file. * To the extent possible under law, the named authors have waived all * copyright and related or neighboring rights to this work. * @@ -20,7 +23,7 @@ #include "crypt-port.h" #include "alg-sha256.h" -#include +#include #include #include @@ -69,6 +72,25 @@ static_assert (sizeof (struct sha256_buffer) <= ALG_SPECIFIC_SIZE, "ALG_SPECIFIC_SIZE is too small for SHA256"); +/* Use this instead of including errno.h */ +static int errno; + +void crypt_sha256crypt_rn(const char *phrase, size_t phr_size, + const char *setting, size_t ARG_UNUSED(set_size), + uint8_t *output, size_t out_size, void *scratch, + size_t scr_size); + +int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size, + const char *setting, size_t set_size, + u8 *output, size_t out_size, void *scratch, + size_t scr_size) +{ + errno = 0; + crypt_sha256crypt_rn(phrase, phr_size, setting, set_size, output, + out_size, scratch, scr_size); + return -errno; +} + /* Feed CTX with LEN bytes of a virtual byte sequence consisting of BLOCK repeated over and over indefinitely. */ static void diff --git a/lib/crypt/crypt-sha512.c b/lib/crypt/crypt-sha512.c index 3616019445..6f5be3b460 100644 --- a/lib/crypt/crypt-sha512.c +++ b/lib/crypt/crypt-sha512.c @@ -1,10 +1,13 @@ +// SPDX-License-Identifier: CC0-1.0 /* One way encryption based on the SHA512-based Unix crypt implementation. * * Written by Ulrich Drepper in 2007 [1]. * Modified by Zack Weinberg in 2017, 2018. * Composed by Björn Esser in 2018. * Modified by Björn Esser in 2020. - * Modified by Steffen Jaeckel in 2020. + * Modified by Steffen Jaeckel in 2021 + * for U-Boot, instead of using the global errno to use a static one + * inside this file. * To the extent possible under law, the named authors have waived all * copyright and related or neighboring rights to this work. * @@ -20,7 +23,7 @@ #include "crypt-port.h" #include "alg-sha512.h" -#include +#include #include #include @@ -69,6 +72,25 @@ static_assert (sizeof (struct sha512_buffer) <= ALG_SPECIFIC_SIZE, "ALG_SPECIFIC_SIZE is too small for SHA512"); +/* Use this instead of including errno.h */ +static int errno; + +void crypt_sha512crypt_rn(const char *phrase, size_t phr_size, + const char *setting, size_t ARG_UNUSED(set_size), + uint8_t *output, size_t out_size, void *scratch, + size_t scr_size); + +int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size, + const char *setting, size_t set_size, + u8 *output, size_t out_size, void *scratch, + size_t scr_size) +{ + errno = 0; + crypt_sha512crypt_rn(phrase, phr_size, setting, set_size, output, + out_size, scratch, scr_size); + return -errno; +} + /* Subroutine of _xcrypt_crypt_sha512crypt_rn: Feed CTX with LEN bytes of a virtual byte sequence consisting of BLOCK repeated over and over indefinitely. */ diff --git a/lib/crypt/crypt.c b/lib/crypt/crypt.c index 4ec6079768..247c34b2a9 100644 --- a/lib/crypt/crypt.c +++ b/lib/crypt/crypt.c @@ -5,8 +5,8 @@ #include #include "crypt-port.h" -typedef void (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *, - size_t, void *, size_t); +typedef int (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *, + size_t, void *, size_t); const unsigned char ascii64[65] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; @@ -29,19 +29,20 @@ static void equals_constant_time(const void *a_, const void *b_, size_t len, *equal = ret ^ 1; } -void crypt_compare(const char *should, const char *passphrase, int *equal) +int crypt_compare(const char *should, const char *passphrase, int *equal) { u8 output[CRYPT_OUTPUT_SIZE], scratch[ALG_SPECIFIC_SIZE]; size_t n; + int err; struct { const char *prefix; crypt_fn crypt; } crypt_algos[] = { #if defined(CONFIG_CRYPT_PW_SHA256) - { "$5$", crypt_sha256crypt_rn }, + { "$5$", crypt_sha256crypt_rn_wrapped }, #endif #if defined(CONFIG_CRYPT_PW_SHA512) - { "$6$", crypt_sha512crypt_rn }, + { "$6$", crypt_sha512crypt_rn_wrapped }, #endif { NULL, NULL } }; @@ -56,18 +57,20 @@ void crypt_compare(const char *should, const char *passphrase, int *equal) } if (n >= ARRAY_SIZE(crypt_algos)) - return; - - crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0, output, - sizeof(output), scratch, sizeof(scratch)); + return -EINVAL; + err = crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0, + output, sizeof(output), scratch, + sizeof(scratch)); /* early return on error, nothing really happened inside the crypt() function */ - if (errno == ERANGE || errno == EINVAL) - return; + if (err) + return err; equals_constant_time(should, output, strlen((const char *)output), equal); memset(scratch, 0, sizeof(scratch)); memset(output, 0, sizeof(output)); + + return 0; } diff --git a/test/lib/test_crypt.c b/test/lib/test_crypt.c index 277e4efed1..fb21edf974 100644 --- a/test/lib/test_crypt.c +++ b/test/lib/test_crypt.c @@ -21,19 +21,39 @@ static int lib_crypt(struct unit_test_state *uts) { int equals = 0; + int err; + + err = crypt_compare("", "password", &equals); + ut_assertf(err != 0, "crypt_compare successful but should not\n"); + ut_assertf(equals != 1, + "crypt_compare password hash matched but should not\n"); if (IS_ENABLED(CONFIG_CRYPT_PW_SHA256)) { - crypt_compare( + err = crypt_compare("$5$", "password", &equals); + ut_assertf(err == 0, "crypt-sha256 not successful\n"); + ut_assertf( + equals != 1, + "crypt-sha256 password hash matched but should not\n"); + + err = crypt_compare( "$5$rounds=640000$TM4lL4zXDG7F4aRX$JM7a9wmvodnA0WasjTztj6mxg.KVuk6doQ/eBhdcapB", "password", &equals); + ut_assertf(err == 0, "crypt-sha256 failed: %d\n", err); ut_assertf(equals == 1, "crypt-sha256 password hash didn't match\n"); } equals = 0; if (IS_ENABLED(CONFIG_CRYPT_PW_SHA512)) { - crypt_compare( + err = crypt_compare("$6$", "password", &equals); + ut_assertf(err == 0, "crypt-sha512 not successful\n"); + ut_assertf( + equals != 1, + "crypt-sha512 password hash matched but should not\n"); + + err = crypt_compare( "$6$rounds=640000$fCTP1F0N5JLq2eND$z5EzK5KZJA9JnOaj5d1Gg/2v6VqFOQJ3bVekWuCPauabutBt/8qzV1exJnytUyhbq3H0bSBXtodwNbtGEi/Tm/", "password", &equals); + ut_assertf(err == 0, "crypt-sha512 failed: %d\n", err); ut_assertf(equals == 1, "crypt-sha512 password hash didn't match\n"); }