git: 4399248d8776 - stable/13 - pkg(7): now that we do use libmd, use it completly

From: Baptiste Daroussin <bapt_at_FreeBSD.org>
Date: Fri, 19 May 2023 08:17:28 UTC 
The branch stable/13 has been updated by bapt:

URL: https://cgit.FreeBSD.org/src/commit/?id=4399248d87766aec3dd15c466f6bdfd68f926192

commit 4399248d87766aec3dd15c466f6bdfd68f926192
Author:     Baptiste Daroussin <bapt@FreeBSD.org>
AuthorDate: 2023-03-09 20:29:15 +0000
Commit:     Baptiste Daroussin <bapt@FreeBSD.org>
CommitDate: 2023-05-19 08:16:51 +0000

    pkg(7): now that we do use libmd, use it completly
    
    Use SHA256_Fd and SHA256_Data instead of home made equivalent.
    wrap those functions into hash.c to avoid header collition between
    openssl and libmd
    
    Suggested by:   kevans
    
    (cherry picked from commit e5dd5bfa55dc82686870330f547932486ba48db2)
---
 usr.sbin/pkg/hash.c | 77 +++++------------------------------------------------
 usr.sbin/pkg/hash.h |  4 +--
 usr.sbin/pkg/pkg.c  | 12 ++++++---
 3 files changed, 16 insertions(+), 77 deletions(-)

diff --git a/usr.sbin/pkg/hash.c b/usr.sbin/pkg/hash.c
index 47bcae6c5b6a..9696738fcafc 100644
--- a/usr.sbin/pkg/hash.c
+++ b/usr.sbin/pkg/hash.c
@@ -27,86 +27,21 @@
  * SUCH DAMAGE.
  */
 
-#include <err.h>
 #include <sha256.h>
-#include <stdio.h>
 #include <unistd.h>
 
 #include "hash.h"
 
-static void
-sha256_hash(unsigned char hash[SHA256_DIGEST_LENGTH],
-    char out[SHA256_DIGEST_LENGTH * 2 + 1])
+char *
+sha256_buf(char *buf, size_t len)
 {
-	int i;
 
-	for (i = 0; i < SHA256_DIGEST_LENGTH; i++)
-		sprintf(out + (i * 2), "%02x", hash[i]);
-
-	out[SHA256_DIGEST_LENGTH * 2] = '\0';
-}
-
-void
-sha256_buf(char *buf, size_t len, char out[SHA256_DIGEST_LENGTH * 2 + 1])
-{
-	unsigned char hash[SHA256_DIGEST_LENGTH];
-	SHA256_CTX sha256;
-
-	out[0] = '\0';
-
-	SHA256_Init(&sha256);
-	SHA256_Update(&sha256, buf, len);
-	SHA256_Final(hash, &sha256);
-	sha256_hash(hash, out);
+	return (SHA256_Data(buf, len, NULL));
 }
 
-int
-sha256_fd(int fd, char out[SHA256_DIGEST_LENGTH * 2 + 1])
+char *
+sha256_fd(int fd)
 {
-	int my_fd;
-	FILE *fp;
-	char buffer[BUFSIZ];
-	unsigned char hash[SHA256_DIGEST_LENGTH];
-	size_t r;
-	int ret;
-	SHA256_CTX sha256;
-
-	fp = NULL;
-	ret = 1;
-
-	out[0] = '\0';
-
-	/* Duplicate the fd so that fclose(3) does not close it. */
-	if ((my_fd = dup(fd)) == -1) {
-		warnx("dup");
-		goto cleanup;
-	}
-
-	if ((fp = fdopen(my_fd, "rb")) == NULL) {
-		warnx("fdopen");
-		goto cleanup;
-	}
-
-	SHA256_Init(&sha256);
-
-	while ((r = fread(buffer, 1, BUFSIZ, fp)) > 0)
-		SHA256_Update(&sha256, buffer, r);
-
-	if (ferror(fp) != 0) {
-		warnx("fread");
-		goto cleanup;
-	}
-
-	SHA256_Final(hash, &sha256);
-	sha256_hash(hash, out);
-	ret = 0;
-
-cleanup:
-	if (fp != NULL)
-		fclose(fp);
-	else if (my_fd != -1)
-		close(my_fd);
-	(void)lseek(fd, 0, SEEK_SET);
 
-	return (ret);
+	return (SHA256_Fd(fd, NULL));
 }
diff --git a/usr.sbin/pkg/hash.h b/usr.sbin/pkg/hash.h
index dcdc458b5e61..786d4371ef32 100644
--- a/usr.sbin/pkg/hash.h
+++ b/usr.sbin/pkg/hash.h
@@ -28,5 +28,5 @@
 
 #pragma once
 
-void sha256_buf(char *buf, size_t len, char out[]);
-int sha256_fd(int fd, char out[]);
+char *sha256_buf(char *buf, size_t len);
+char *sha256_fd(int fd);
diff --git a/usr.sbin/pkg/pkg.c b/usr.sbin/pkg/pkg.c
index 7c4749f8089e..c5d97d46c2d6 100644
--- a/usr.sbin/pkg/pkg.c
+++ b/usr.sbin/pkg/pkg.c
@@ -443,10 +443,11 @@ rsa_verify_cert(int fd, const char *sigfile, const unsigned char *key,
 {
 	EVP_MD_CTX *mdctx;
 	EVP_PKEY *pkey;
-	char sha256[(SHA256_DIGEST_LENGTH * 2) + 2];
+	char *sha256;
 	char errbuf[1024];
 	bool ret;
 
+	sha256 = NULL;
 	pkey = NULL;
 	mdctx = NULL;
 	ret = false;
@@ -458,7 +459,7 @@ rsa_verify_cert(int fd, const char *sigfile, const unsigned char *key,
 		warn("lseek");
 		goto cleanup;
 	}
-	if ((sha256_fd(fd, sha256)) == -1) {
+	if ((sha256 = sha256_fd(fd)) == NULL) {
 		warnx("Error creating SHA256 hash for package");
 		goto cleanup;
 	}
@@ -503,6 +504,7 @@ error:
 	printf("failed\n");
 
 cleanup:
+	free(sha256);
 	if (pkey)
 		EVP_PKEY_free(pkey);
 	if (mdctx)
@@ -665,8 +667,9 @@ verify_signature(int fd_pkg, int fd_sig)
 	int trusted_count, revoked_count;
 	const char *fingerprints;
 	char path[MAXPATHLEN];
-	char hash[SHA256_DIGEST_LENGTH * 2 + 1];
+	char *hash;
 
+	hash = NULL;
 	sc = NULL;
 	trusted = revoked = NULL;
 	ret = false;
@@ -703,7 +706,7 @@ verify_signature(int fd_pkg, int fd_sig)
 	sc->trusted = false;
 
 	/* Parse signature and pubkey out of the certificate */
-	sha256_buf(sc->cert, sc->certlen, hash);
+	hash = sha256_buf(sc->cert, sc->certlen);
 
 	/* Check if this hash is revoked */
 	if (revoked != NULL) {
@@ -742,6 +745,7 @@ verify_signature(int fd_pkg, int fd_sig)
 	ret = true;
 
 cleanup:
+	free(hash);
 	if (trusted)
 		free_fingerprint_list(trusted);
 	if (revoked)