From a45d66e4eb1502afc3b6ffedd2dd18cd9e94007b Mon Sep 17 00:00:00 2001
From: Mary Ruthven <mruthven@chromium.org>
Date: Mon, 10 Apr 2023 18:11:14 +0000
Subject: Revert "gsctool: Use OpenSSL EVP API for compat"

This reverts commit c0d219f6a26a3c379f90201dff4dac8f93c13467.

Reason for revert: We aren't ready to land this yet.

Original change's description:
> gsctool: Use OpenSSL EVP API for compat
>
> The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
> which causes the build to fail (warnings treated as errors, as is good
> and proper). Using the EVP APIs should work both with OSSL v1 and v3,
> enabling us to upgrade to 3.
>
> BUG=b:275420721
> TEST=builds and tests pass
>
> Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Tested-by: Chris Palmer <palmer@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>

Bug: b:275420721
Change-Id: Ic702ee6cea62e1e854d2fcebc46e7bd59f41fb63
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4411763
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
---
 extra/usb_updater/gsctool.c | 56 ++++++++++++++++++++++++++-------------------
 1 file changed, 32 insertions(+), 24 deletions(-)

diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c
index 51920d9c0e..bfe02915fb 100644
--- a/extra/usb_updater/gsctool.c
+++ b/extra/usb_updater/gsctool.c
@@ -11,7 +11,6 @@
 #include <fcntl.h>
 #include <getopt.h>
 #include <libusb.h>
-#include <openssl/evp.h>
 #include <openssl/sha.h>
 #include <stdarg.h>
 #include <stdbool.h>
@@ -313,9 +312,15 @@ struct option_container {
 	const char *help_text;
 };
 
-static void sha_init(EVP_MD_CTX *ctx);
-static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len);
-static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest,
+/* SHA context used with our local sha_* abstraction functions */
+union sha_ctx {
+	SHA_CTX sha1;
+	SHA256_CTX sha256;
+};
+
+static void sha_init(union sha_ctx *ctx);
+static void sha_update(union sha_ctx *ctx, const void *data, size_t len);
+static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest,
 					size_t size);
 
 /*
@@ -1014,7 +1019,7 @@ static void transfer_section(struct transfer_descriptor *td,
 	printf("sending 0x%zx bytes to %#x\n", data_len, section_addr);
 	while (data_len) {
 		size_t payload_size;
-		EVP_MD_CTX* ctx;
+		union sha_ctx ctx;
 		int max_retries;
 		struct update_pdu updu;
 
@@ -1026,14 +1031,12 @@ static void transfer_section(struct transfer_descriptor *td,
 		updu.cmd.block_base = htobe32(section_addr);
 
 		/* Calculate the digest. */
-		ctx = EVP_MD_CTX_new();
-		sha_init(ctx);
-		sha_update(ctx, &updu.cmd.block_base,
+		sha_init(&ctx);
+		sha_update(&ctx, &updu.cmd.block_base,
 			   sizeof(updu.cmd.block_base));
-		sha_update(ctx, data_ptr, payload_size);
-		sha_final_into_block_digest(ctx, &updu.cmd.block_digest,
+		sha_update(&ctx, data_ptr, payload_size);
+		sha_final_into_block_digest(&ctx, &updu.cmd.block_digest,
 					    sizeof(updu.cmd.block_digest));
-		EVP_MD_CTX_free(ctx);
 
 		if (td->ep_type == usb_xfer) {
 			for (max_retries = 10; max_retries; max_retries--)
@@ -1535,7 +1538,7 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand,
 	struct update_frame_header *ufh;
 	uint16_t *frame_ptr;
 	size_t usb_msg_size;
-	EVP_MD_CTX* ctx;
+	union sha_ctx ctx;
 
 	usb_msg_size = sizeof(struct update_frame_header) +
 		sizeof(subcommand) + body_size;
@@ -1556,14 +1559,12 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand,
 		memcpy(frame_ptr + 1, cmd_body, body_size);
 
 	/* Calculate the digest. */
-	ctx = EVP_MD_CTX_new();
-	sha_init(ctx);
-	sha_update(ctx, &ufh->cmd.block_base,
+	sha_init(&ctx);
+	sha_update(&ctx, &ufh->cmd.block_base,
 		   usb_msg_size -
 		   offsetof(struct update_frame_header, cmd.block_base));
-	sha_final_into_block_digest(ctx, &ufh->cmd.block_digest,
+	sha_final_into_block_digest(&ctx, &ufh->cmd.block_digest,
 				    sizeof(ufh->cmd.block_digest));
-	EVP_MD_CTX_free(ctx);
 
 	do_xfer(uep, ufh, usb_msg_size, resp,
 		resp_size ? *resp_size : 0, 1, resp_size);
@@ -2006,27 +2007,34 @@ static void generate_reset_request(struct transfer_descriptor *td)
 }
 
 /* Forward to correct SHA implementation based on image type */
-static void sha_init(EVP_MD_CTX *ctx)
+static void sha_init(union sha_ctx *ctx)
 {
 	if (image_magic == MAGIC_HAVEN)
-		EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
+		SHA1_Init(&ctx->sha1);
 	else if (image_magic == MAGIC_DAUNTLESS)
-		EVP_DigestInit_ex(ctx, EVP_sha256(), NULL);
+		SHA256_Init(&ctx->sha256);
 }
 
 /* Forward to correct SHA implementation based on image type */
-static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len)
+static void sha_update(union sha_ctx *ctx, const void *data, size_t len)
 {
-	EVP_DigestUpdate(ctx, data, len);
+	if (image_magic == MAGIC_HAVEN)
+		SHA1_Update(&ctx->sha1, data, len);
+	else if (image_magic == MAGIC_DAUNTLESS)
+		SHA256_Update(&ctx->sha256, data, len);
 }
 
 /* Forward to correct SHA implementation based on image type */
-static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest,
+static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest,
 					size_t size)
 {
 	/* Big enough for either hash algo */
 	uint8_t full_digest[SHA256_DIGEST_LENGTH];
-	EVP_DigestFinal(ctx, full_digest, NULL);
+
+	if (image_magic == MAGIC_HAVEN)
+		SHA1_Final(full_digest, &ctx->sha1);
+	else if (image_magic == MAGIC_DAUNTLESS)
+		SHA256_Final(full_digest, &ctx->sha256);
 
 	/* Don't try to copy out more than the smallest (SHA1) digest */
 	memcpy(block_digest, full_digest, MIN(size, SHA_DIGEST_LENGTH));
-- 
cgit v1.2.1