hash_algs.c - Android社区 - https://www.androidos.net.cn/

// SPDX-License-Identifier: GPL-2.0+
/*
 * fs-verity hash algorithms
 *
 * Copyright (C) 2018 Google LLC
 *
 * Written by Eric Biggers.
 */

#include <openssl/evp.h>
#include <stdlib.h>
#include <string.h>

#include "fsverity_uapi.h"
#include "hash_algs.h"

static void free_hash_ctx(struct hash_ctx *ctx)
{
	free(ctx);
}

/* ========== libcrypto (OpenSSL) wrappers ========== */

struct openssl_hash_ctx {
	struct hash_ctx base;	/* must be first */
	EVP_MD_CTX *md_ctx;
	const EVP_MD *md;
};

static void openssl_digest_init(struct hash_ctx *_ctx)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

if (EVP_DigestInit_ex(ctx->md_ctx, ctx->md, NULL) != 1)
		fatal_error("EVP_DigestInit_ex() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_update(struct hash_ctx *_ctx,
				  const void *data, size_t size)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

if (EVP_DigestUpdate(ctx->md_ctx, data, size) != 1)
		fatal_error("EVP_DigestUpdate() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_final(struct hash_ctx *_ctx, u8 *digest)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

if (EVP_DigestFinal_ex(ctx->md_ctx, digest, NULL) != 1)
		fatal_error("EVP_DigestFinal_ex() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_ctx_free(struct hash_ctx *_ctx)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

/*
	 * OpenSSL 1.1.0 renamed EVP_MD_CTX_destroy() to EVP_MD_CTX_free() but
	 * kept the old name as a macro.  Use the old name for compatibility
	 * with older OpenSSL versions.
	 */
	EVP_MD_CTX_destroy(ctx->md_ctx);
	free(ctx);
}

static struct hash_ctx *
openssl_digest_ctx_create(const struct fsverity_hash_alg *alg, const EVP_MD *md)
{
	struct openssl_hash_ctx *ctx;

ctx = xzalloc(sizeof(*ctx));
	ctx->base.alg = alg;
	ctx->base.init = openssl_digest_init;
	ctx->base.update = openssl_digest_update;
	ctx->base.final = openssl_digest_final;
	ctx->base.free = openssl_digest_ctx_free;
	/*
	 * OpenSSL 1.1.0 renamed EVP_MD_CTX_create() to EVP_MD_CTX_new() but
	 * kept the old name as a macro.  Use the old name for compatibility
	 * with older OpenSSL versions.
	 */
	ctx->md_ctx = EVP_MD_CTX_create();
	if (!ctx->md_ctx)
		fatal_error("out of memory");

ctx->md = md;
	ASSERT(EVP_MD_size(md) == alg->digest_size);

return &ctx->base;
}

static struct hash_ctx *create_sha256_ctx(const struct fsverity_hash_alg *alg)
{
	return openssl_digest_ctx_create(alg, EVP_sha256());
}

static struct hash_ctx *create_sha512_ctx(const struct fsverity_hash_alg *alg)
{
	return openssl_digest_ctx_create(alg, EVP_sha512());
}

/* ========== CRC-32C ========== */

/*
 * There are faster ways to calculate CRC's, but for now we just use the
 * 256-entry table method as it's portable and not too complex.
 */

#include "crc32c_table.h"

struct crc32c_hash_ctx {
	struct hash_ctx base;	/* must be first */
	u32 remainder;
};

static void crc32c_init(struct hash_ctx *_ctx)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;

ctx->remainder = ~0;
}

static void crc32c_update(struct hash_ctx *_ctx, const void *data, size_t size)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;
	const u8 *p = data;
	u32 r = ctx->remainder;

while (size--)
		r = (r >> 8) ^ crc32c_table[(u8)r ^ *p++];

ctx->remainder = r;
}

static void crc32c_final(struct hash_ctx *_ctx, u8 *digest)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;
	__le32 remainder = cpu_to_le32(~ctx->remainder);

memcpy(digest, &remainder, sizeof(remainder));
}

static struct hash_ctx *create_crc32c_ctx(const struct fsverity_hash_alg *alg)
{
	struct crc32c_hash_ctx *ctx = xzalloc(sizeof(*ctx));

ctx->base.alg = alg;
	ctx->base.init = crc32c_init;
	ctx->base.update = crc32c_update;
	ctx->base.final = crc32c_final;
	ctx->base.free = free_hash_ctx;
	return &ctx->base;
}

/* ========== Hash algorithm definitions ========== */

const struct fsverity_hash_alg fsverity_hash_algs[] = {
	[FS_VERITY_ALG_SHA256] = {
		.name = "sha256",
		.digest_size = 32,
		.cryptographic = true,
		.create_ctx = create_sha256_ctx,
	},
	[FS_VERITY_ALG_SHA512] = {
		.name = "sha512",
		.digest_size = 64,
		.cryptographic = true,
		.create_ctx = create_sha512_ctx,
	},
	[FS_VERITY_ALG_CRC32C] = {
		.name = "crc32c",
		.digest_size = 4,
		.create_ctx = create_crc32c_ctx,
	},
};

const struct fsverity_hash_alg *find_hash_alg_by_name(const char *name)
{
	int i;

for (i = 0; i < ARRAY_SIZE(fsverity_hash_algs); i++) {
		if (fsverity_hash_algs[i].name &&
		    !strcmp(name, fsverity_hash_algs[i].name))
			return &fsverity_hash_algs[i];
	}
	error_msg("unknown hash algorithm: '%s'", name);
	fputs("Available hash algorithms: ", stderr);
	show_all_hash_algs(stderr);
	putc('\n', stderr);
	return NULL;
}

const struct fsverity_hash_alg *find_hash_alg_by_num(unsigned int num)
{
	if (num < ARRAY_SIZE(fsverity_hash_algs) &&
	    fsverity_hash_algs[num].name)
		return &fsverity_hash_algs[num];

return NULL;
}

void show_all_hash_algs(FILE *fp)
{
	int i;
	const char *sep = "";

for (i = 0; i < ARRAY_SIZE(fsverity_hash_algs); i++) {
		if (fsverity_hash_algs[i].name) {
			fprintf(fp, "%s%s", sep, fsverity_hash_algs[i].name);
			sep = ", ";
		}
	}
}

C++程序 | 219行 | 5.08 KB

// SPDX-License-Identifier: GPL-2.0+
/*
 * fs-verity hash algorithms
 *
 * Copyright (C) 2018 Google LLC
 *
 * Written by Eric Biggers.
 */

#include <openssl/evp.h>
#include <stdlib.h>
#include <string.h>

#include "fsverity_uapi.h"
#include "hash_algs.h"

static void free_hash_ctx(struct hash_ctx *ctx)
{
	free(ctx);
}

/* ========== libcrypto (OpenSSL) wrappers ========== */

struct openssl_hash_ctx {
	struct hash_ctx base;	/* must be first */
	EVP_MD_CTX *md_ctx;
	const EVP_MD *md;
};

static void openssl_digest_init(struct hash_ctx *_ctx)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

	if (EVP_DigestInit_ex(ctx->md_ctx, ctx->md, NULL) != 1)
		fatal_error("EVP_DigestInit_ex() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_update(struct hash_ctx *_ctx,
				  const void *data, size_t size)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

	if (EVP_DigestUpdate(ctx->md_ctx, data, size) != 1)
		fatal_error("EVP_DigestUpdate() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_final(struct hash_ctx *_ctx, u8 *digest)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

	if (EVP_DigestFinal_ex(ctx->md_ctx, digest, NULL) != 1)
		fatal_error("EVP_DigestFinal_ex() failed for algorithm '%s'",
			    ctx->base.alg->name);
}

static void openssl_digest_ctx_free(struct hash_ctx *_ctx)
{
	struct openssl_hash_ctx *ctx = (void *)_ctx;

	/*
	 * OpenSSL 1.1.0 renamed EVP_MD_CTX_destroy() to EVP_MD_CTX_free() but
	 * kept the old name as a macro.  Use the old name for compatibility
	 * with older OpenSSL versions.
	 */
	EVP_MD_CTX_destroy(ctx->md_ctx);
	free(ctx);
}

static struct hash_ctx *
openssl_digest_ctx_create(const struct fsverity_hash_alg *alg, const EVP_MD *md)
{
	struct openssl_hash_ctx *ctx;

	ctx = xzalloc(sizeof(*ctx));
	ctx->base.alg = alg;
	ctx->base.init = openssl_digest_init;
	ctx->base.update = openssl_digest_update;
	ctx->base.final = openssl_digest_final;
	ctx->base.free = openssl_digest_ctx_free;
	/*
	 * OpenSSL 1.1.0 renamed EVP_MD_CTX_create() to EVP_MD_CTX_new() but
	 * kept the old name as a macro.  Use the old name for compatibility
	 * with older OpenSSL versions.
	 */
	ctx->md_ctx = EVP_MD_CTX_create();
	if (!ctx->md_ctx)
		fatal_error("out of memory");

	ctx->md = md;
	ASSERT(EVP_MD_size(md) == alg->digest_size);

	return &ctx->base;
}

static struct hash_ctx *create_sha256_ctx(const struct fsverity_hash_alg *alg)
{
	return openssl_digest_ctx_create(alg, EVP_sha256());
}

static struct hash_ctx *create_sha512_ctx(const struct fsverity_hash_alg *alg)
{
	return openssl_digest_ctx_create(alg, EVP_sha512());
}

/* ========== CRC-32C ========== */

/*
 * There are faster ways to calculate CRC's, but for now we just use the
 * 256-entry table method as it's portable and not too complex.
 */

#include "crc32c_table.h"

struct crc32c_hash_ctx {
	struct hash_ctx base;	/* must be first */
	u32 remainder;
};

static void crc32c_init(struct hash_ctx *_ctx)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;

	ctx->remainder = ~0;
}

static void crc32c_update(struct hash_ctx *_ctx, const void *data, size_t size)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;
	const u8 *p = data;
	u32 r = ctx->remainder;

	while (size--)
		r = (r >> 8) ^ crc32c_table[(u8)r ^ *p++];

	ctx->remainder = r;
}

static void crc32c_final(struct hash_ctx *_ctx, u8 *digest)
{
	struct crc32c_hash_ctx *ctx = (void *)_ctx;
	__le32 remainder = cpu_to_le32(~ctx->remainder);

	memcpy(digest, &remainder, sizeof(remainder));
}

static struct hash_ctx *create_crc32c_ctx(const struct fsverity_hash_alg *alg)
{
	struct crc32c_hash_ctx *ctx = xzalloc(sizeof(*ctx));

	ctx->base.alg = alg;
	ctx->base.init = crc32c_init;
	ctx->base.update = crc32c_update;
	ctx->base.final = crc32c_final;
	ctx->base.free = free_hash_ctx;
	return &ctx->base;
}

/* ========== Hash algorithm definitions ========== */

const struct fsverity_hash_alg fsverity_hash_algs[] = {
	[FS_VERITY_ALG_SHA256] = {
		.name = "sha256",
		.digest_size = 32,
		.cryptographic = true,
		.create_ctx = create_sha256_ctx,
	},
	[FS_VERITY_ALG_SHA512] = {
		.name = "sha512",
		.digest_size = 64,
		.cryptographic = true,
		.create_ctx = create_sha512_ctx,
	},
	[FS_VERITY_ALG_CRC32C] = {
		.name = "crc32c",
		.digest_size = 4,
		.create_ctx = create_crc32c_ctx,
	},
};

const struct fsverity_hash_alg *find_hash_alg_by_name(const char *name)
{
	int i;

	for (i = 0; i < ARRAY_SIZE(fsverity_hash_algs); i++) {
		if (fsverity_hash_algs[i].name &&
		    !strcmp(name, fsverity_hash_algs[i].name))
			return &fsverity_hash_algs[i];
	}
	error_msg("unknown hash algorithm: '%s'", name);
	fputs("Available hash algorithms: ", stderr);
	show_all_hash_algs(stderr);
	putc('\n', stderr);
	return NULL;
}

const struct fsverity_hash_alg *find_hash_alg_by_num(unsigned int num)
{
	if (num < ARRAY_SIZE(fsverity_hash_algs) &&
	    fsverity_hash_algs[num].name)
		return &fsverity_hash_algs[num];

	return NULL;
}

void show_all_hash_algs(FILE *fp)
{
	int i;
	const char *sep = "";

	for (i = 0; i < ARRAY_SIZE(fsverity_hash_algs); i++) {
		if (fsverity_hash_algs[i].name) {
			fprintf(fp, "%s%s", sep, fsverity_hash_algs[i].name);
			sep = ", ";
		}
	}
}

登录后可以享受更多权益