git: e5dd5bfa55dc - main - pkg(7): now that we do use libmd, use it completly
Date: Thu, 09 Mar 2023 20:31:37 UTC
The branch main has been updated by bapt:
URL: https://cgit.FreeBSD.org/src/commit/?id=e5dd5bfa55dc82686870330f547932486ba48db2
commit e5dd5bfa55dc82686870330f547932486ba48db2
Author: Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2023-03-09 20:29:15 +0000
Commit: Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2023-03-09 20:31:30 +0000
pkg(7): now that we do use libmd, use it completly
Use SHA256_Fd and SHA256_Data instead of home made equivalent.
wrap those functions into hash.c to avoid header collition between
openssl and libmd
Suggested by: kevans
---
usr.sbin/pkg/hash.c | 77 +++++------------------------------------------------
usr.sbin/pkg/hash.h | 4 +--
usr.sbin/pkg/pkg.c | 12 ++++++---
3 files changed, 16 insertions(+), 77 deletions(-)
diff --git a/usr.sbin/pkg/hash.c b/usr.sbin/pkg/hash.c
index 47bcae6c5b6a..9696738fcafc 100644
--- a/usr.sbin/pkg/hash.c
+++ b/usr.sbin/pkg/hash.c
@@ -27,86 +27,21 @@
* SUCH DAMAGE.
*/
-#include <err.h>
#include <sha256.h>
-#include <stdio.h>
#include <unistd.h>
#include "hash.h"
-static void
-sha256_hash(unsigned char hash[SHA256_DIGEST_LENGTH],
- char out[SHA256_DIGEST_LENGTH * 2 + 1])
+char *
+sha256_buf(char *buf, size_t len)
{
- int i;
- for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
- sprintf(out + (i * 2), "%02x", hash[i]);
-
- out[SHA256_DIGEST_LENGTH * 2] = '\0';
-}
-
-void
-sha256_buf(char *buf, size_t len, char out[SHA256_DIGEST_LENGTH * 2 + 1])
-{
- unsigned char hash[SHA256_DIGEST_LENGTH];
- SHA256_CTX sha256;
-
- out[0] = '\0';
-
- SHA256_Init(&sha256);
- SHA256_Update(&sha256, buf, len);
- SHA256_Final(hash, &sha256);
- sha256_hash(hash, out);
+ return (SHA256_Data(buf, len, NULL));
}
-int
-sha256_fd(int fd, char out[SHA256_DIGEST_LENGTH * 2 + 1])
+char *
+sha256_fd(int fd)
{
- int my_fd;
- FILE *fp;
- char buffer[BUFSIZ];
- unsigned char hash[SHA256_DIGEST_LENGTH];
- size_t r;
- int ret;
- SHA256_CTX sha256;
-
- fp = NULL;
- ret = 1;
-
- out[0] = '\0';
-
- /* Duplicate the fd so that fclose(3) does not close it. */
- if ((my_fd = dup(fd)) == -1) {
- warnx("dup");
- goto cleanup;
- }
-
- if ((fp = fdopen(my_fd, "rb")) == NULL) {
- warnx("fdopen");
- goto cleanup;
- }
-
- SHA256_Init(&sha256);
-
- while ((r = fread(buffer, 1, BUFSIZ, fp)) > 0)
- SHA256_Update(&sha256, buffer, r);
-
- if (ferror(fp) != 0) {
- warnx("fread");
- goto cleanup;
- }
-
- SHA256_Final(hash, &sha256);
- sha256_hash(hash, out);
- ret = 0;
-
-cleanup:
- if (fp != NULL)
- fclose(fp);
- else if (my_fd != -1)
- close(my_fd);
- (void)lseek(fd, 0, SEEK_SET);
- return (ret);
+ return (SHA256_Fd(fd, NULL));
}
diff --git a/usr.sbin/pkg/hash.h b/usr.sbin/pkg/hash.h
index dcdc458b5e61..786d4371ef32 100644
--- a/usr.sbin/pkg/hash.h
+++ b/usr.sbin/pkg/hash.h
@@ -28,5 +28,5 @@
#pragma once
-void sha256_buf(char *buf, size_t len, char out[]);
-int sha256_fd(int fd, char out[]);
+char *sha256_buf(char *buf, size_t len);
+char *sha256_fd(int fd);
diff --git a/usr.sbin/pkg/pkg.c b/usr.sbin/pkg/pkg.c
index 89870f2af683..3c89e6a171b0 100644
--- a/usr.sbin/pkg/pkg.c
+++ b/usr.sbin/pkg/pkg.c
@@ -445,10 +445,11 @@ rsa_verify_cert(int fd, const char *sigfile, const unsigned char *key,
{
EVP_MD_CTX *mdctx;
EVP_PKEY *pkey;
- char sha256[(SHA256_DIGEST_LENGTH * 2) + 2];
+ char *sha256;
char errbuf[1024];
bool ret;
+ sha256 = NULL;
pkey = NULL;
mdctx = NULL;
ret = false;
@@ -460,7 +461,7 @@ rsa_verify_cert(int fd, const char *sigfile, const unsigned char *key,
warn("lseek");
goto cleanup;
}
- if ((sha256_fd(fd, sha256)) == -1) {
+ if ((sha256 = sha256_fd(fd)) == NULL) {
warnx("Error creating SHA256 hash for package");
goto cleanup;
}
@@ -505,6 +506,7 @@ error:
printf("failed\n");
cleanup:
+ free(sha256);
if (pkey)
EVP_PKEY_free(pkey);
if (mdctx)
@@ -667,8 +669,9 @@ verify_signature(int fd_pkg, int fd_sig)
int trusted_count, revoked_count;
const char *fingerprints;
char path[MAXPATHLEN];
- char hash[SHA256_DIGEST_LENGTH * 2 + 1];
+ char *hash;
+ hash = NULL;
sc = NULL;
trusted = revoked = NULL;
ret = false;
@@ -705,7 +708,7 @@ verify_signature(int fd_pkg, int fd_sig)
sc->trusted = false;
/* Parse signature and pubkey out of the certificate */
- sha256_buf(sc->cert, sc->certlen, hash);
+ hash = sha256_buf(sc->cert, sc->certlen);
/* Check if this hash is revoked */
if (revoked != NULL) {
@@ -744,6 +747,7 @@ verify_signature(int fd_pkg, int fd_sig)
ret = true;
cleanup:
+ free(hash);
if (trusted)
free_fingerprint_list(trusted);
if (revoked)