diff options
author | Chris Palmer <palmer@chromium.org> | 2023-04-06 16:55:50 -0700 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-04-26 16:35:20 +0000 |
commit | a8b375dbe9c9af826d4e62605d0c17069efaa61e (patch) | |
tree | b7bb0166b9f98e1fe09e11d6b7a509169162acbb | |
parent | 328a5cb766bd5569fcfa11579578c9c1aafae99e (diff) | |
download | chrome-ec-a8b375dbe9c9af826d4e62605d0c17069efaa61e.tar.gz |
Reland "gsctool: Use OpenSSL EVP API for compat"
This is a reland of commit c0d219f6a26a3c379f90201dff4dac8f93c13467
Original change's description:
> gsctool: Use OpenSSL EVP API for compat
>
> The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
> which causes the build to fail (warnings treated as errors, as is good
> and proper). Using the EVP APIs should work both with OSSL v1 and v3,
> enabling us to upgrade to 3.
>
> BUG=b:275420721
> TEST=builds and tests pass
>
> Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Tested-by: Chris Palmer <palmer@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>
Bug: b:275420721
Change-Id: I77d9cbafc638f32932b1049729d8b8bf0249c155
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4412089
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Chris Palmer <palmer@chromium.org>
Tested-by: Chris Palmer <palmer@chromium.org>
-rw-r--r-- | extra/usb_updater/gsctool.c | 61 |
1 files changed, 27 insertions, 34 deletions
diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c index aab5b6ac14..738b57d974 100644 --- a/extra/usb_updater/gsctool.c +++ b/extra/usb_updater/gsctool.c @@ -11,6 +11,7 @@ #include <fcntl.h> #include <getopt.h> #include <libusb.h> +#include <openssl/evp.h> #include <openssl/sha.h> #include <stdarg.h> #include <stdbool.h> @@ -312,15 +313,9 @@ struct option_container { const char *help_text; }; -/* SHA context used with our local sha_* abstraction functions */ -union sha_ctx { - SHA_CTX sha1; - SHA256_CTX sha256; -}; - -static void sha_init(union sha_ctx *ctx); -static void sha_update(union sha_ctx *ctx, const void *data, size_t len); -static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest, +static void sha_init(EVP_MD_CTX *ctx); +static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len); +static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest, size_t size); /* @@ -1022,7 +1017,7 @@ static void transfer_section(struct transfer_descriptor *td, printf("sending 0x%zx bytes to %#x\n", data_len, section_addr); while (data_len) { size_t payload_size; - union sha_ctx ctx; + EVP_MD_CTX* ctx; int max_retries; struct update_pdu updu; @@ -1034,12 +1029,14 @@ static void transfer_section(struct transfer_descriptor *td, updu.cmd.block_base = htobe32(section_addr); /* Calculate the digest. */ - sha_init(&ctx); - sha_update(&ctx, &updu.cmd.block_base, + ctx = EVP_MD_CTX_new(); + sha_init(ctx); + sha_update(ctx, &updu.cmd.block_base, sizeof(updu.cmd.block_base)); - sha_update(&ctx, data_ptr, payload_size); - sha_final_into_block_digest(&ctx, &updu.cmd.block_digest, + sha_update(ctx, data_ptr, payload_size); + sha_final_into_block_digest(ctx, &updu.cmd.block_digest, sizeof(updu.cmd.block_digest)); + EVP_MD_CTX_free(ctx); if (td->ep_type == usb_xfer) { for (max_retries = 10; max_retries; max_retries--) @@ -1541,7 +1538,7 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand, struct update_frame_header *ufh; uint16_t *frame_ptr; size_t usb_msg_size; - union sha_ctx ctx; + EVP_MD_CTX* ctx; usb_msg_size = sizeof(struct update_frame_header) + sizeof(subcommand) + body_size; @@ -1562,12 +1559,14 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand, memcpy(frame_ptr + 1, cmd_body, body_size); /* Calculate the digest. */ - sha_init(&ctx); - sha_update(&ctx, &ufh->cmd.block_base, + ctx = EVP_MD_CTX_new(); + sha_init(ctx); + sha_update(ctx, &ufh->cmd.block_base, usb_msg_size - offsetof(struct update_frame_header, cmd.block_base)); - sha_final_into_block_digest(&ctx, &ufh->cmd.block_digest, + sha_final_into_block_digest(ctx, &ufh->cmd.block_digest, sizeof(ufh->cmd.block_digest)); + EVP_MD_CTX_free(ctx); do_xfer(uep, ufh, usb_msg_size, resp, resp_size ? *resp_size : 0, 1, resp_size); @@ -2010,37 +2009,31 @@ static void generate_reset_request(struct transfer_descriptor *td) } /* Forward to correct SHA implementation based on image type */ -static void sha_init(union sha_ctx *ctx) +static void sha_init(EVP_MD_CTX *ctx) { if (image_magic == MAGIC_HAVEN) - SHA1_Init(&ctx->sha1); + EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); else if (image_magic == MAGIC_DAUNTLESS) - SHA256_Init(&ctx->sha256); + EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); } /* Forward to correct SHA implementation based on image type */ -static void sha_update(union sha_ctx *ctx, const void *data, size_t len) +static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len) { - if (image_magic == MAGIC_HAVEN) - SHA1_Update(&ctx->sha1, data, len); - else if (image_magic == MAGIC_DAUNTLESS) - SHA256_Update(&ctx->sha256, data, len); + EVP_DigestUpdate(ctx, data, len); } /* Forward to correct SHA implementation based on image type */ -static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest, +static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest, size_t size) { /* Big enough for either hash algo */ uint8_t full_digest[SHA256_DIGEST_LENGTH]; + unsigned int length; + EVP_DigestFinal(ctx, full_digest, &length); - if (image_magic == MAGIC_HAVEN) - SHA1_Final(full_digest, &ctx->sha1); - else if (image_magic == MAGIC_DAUNTLESS) - SHA256_Final(full_digest, &ctx->sha256); - - /* Don't try to copy out more than the smallest (SHA1) digest */ - memcpy(block_digest, full_digest, MIN(size, SHA_DIGEST_LENGTH)); + /* Copy out the smaller of the 2 byte counts. */ + memcpy(block_digest, full_digest, MIN(size, length)); } /* |