diff options
author | Mary Ruthven <mruthven@chromium.org> | 2023-04-10 18:11:14 +0000 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-04-10 18:59:43 +0000 |
commit | a45d66e4eb1502afc3b6ffedd2dd18cd9e94007b (patch) | |
tree | 1012c43b2f76d38b1d51f3d9b185bdca8f008486 /extra/usb_updater/gsctool.c | |
parent | c0d219f6a26a3c379f90201dff4dac8f93c13467 (diff) | |
download | chrome-ec-a45d66e4eb1502afc3b6ffedd2dd18cd9e94007b.tar.gz |
Revert "gsctool: Use OpenSSL EVP API for compat"
This reverts commit c0d219f6a26a3c379f90201dff4dac8f93c13467.
Reason for revert: We aren't ready to land this yet.
Original change's description:
> gsctool: Use OpenSSL EVP API for compat
>
> The primitive `SHA_*` functions are marked deprecated in OpenSSL v3,
> which causes the build to fail (warnings treated as errors, as is good
> and proper). Using the EVP APIs should work both with OSSL v1 and v3,
> enabling us to upgrade to 3.
>
> BUG=b:275420721
> TEST=builds and tests pass
>
> Change-Id: I709309f9aadd2ec238d69ba40b4947619b0463c7
> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4405312
> Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
> Tested-by: Chris Palmer <palmer@chromium.org>
> Commit-Queue: Chris Palmer <palmer@chromium.org>
Bug: b:275420721
Change-Id: Ic702ee6cea62e1e854d2fcebc46e7bd59f41fb63
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4411763
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Tested-by: Mary Ruthven <mruthven@chromium.org>
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'extra/usb_updater/gsctool.c')
-rw-r--r-- | extra/usb_updater/gsctool.c | 56 |
1 files changed, 32 insertions, 24 deletions
diff --git a/extra/usb_updater/gsctool.c b/extra/usb_updater/gsctool.c index 51920d9c0e..bfe02915fb 100644 --- a/extra/usb_updater/gsctool.c +++ b/extra/usb_updater/gsctool.c @@ -11,7 +11,6 @@ #include <fcntl.h> #include <getopt.h> #include <libusb.h> -#include <openssl/evp.h> #include <openssl/sha.h> #include <stdarg.h> #include <stdbool.h> @@ -313,9 +312,15 @@ struct option_container { const char *help_text; }; -static void sha_init(EVP_MD_CTX *ctx); -static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len); -static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest, +/* SHA context used with our local sha_* abstraction functions */ +union sha_ctx { + SHA_CTX sha1; + SHA256_CTX sha256; +}; + +static void sha_init(union sha_ctx *ctx); +static void sha_update(union sha_ctx *ctx, const void *data, size_t len); +static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest, size_t size); /* @@ -1014,7 +1019,7 @@ static void transfer_section(struct transfer_descriptor *td, printf("sending 0x%zx bytes to %#x\n", data_len, section_addr); while (data_len) { size_t payload_size; - EVP_MD_CTX* ctx; + union sha_ctx ctx; int max_retries; struct update_pdu updu; @@ -1026,14 +1031,12 @@ static void transfer_section(struct transfer_descriptor *td, updu.cmd.block_base = htobe32(section_addr); /* Calculate the digest. */ - ctx = EVP_MD_CTX_new(); - sha_init(ctx); - sha_update(ctx, &updu.cmd.block_base, + sha_init(&ctx); + sha_update(&ctx, &updu.cmd.block_base, sizeof(updu.cmd.block_base)); - sha_update(ctx, data_ptr, payload_size); - sha_final_into_block_digest(ctx, &updu.cmd.block_digest, + sha_update(&ctx, data_ptr, payload_size); + sha_final_into_block_digest(&ctx, &updu.cmd.block_digest, sizeof(updu.cmd.block_digest)); - EVP_MD_CTX_free(ctx); if (td->ep_type == usb_xfer) { for (max_retries = 10; max_retries; max_retries--) @@ -1535,7 +1538,7 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand, struct update_frame_header *ufh; uint16_t *frame_ptr; size_t usb_msg_size; - EVP_MD_CTX* ctx; + union sha_ctx ctx; usb_msg_size = sizeof(struct update_frame_header) + sizeof(subcommand) + body_size; @@ -1556,14 +1559,12 @@ static int ext_cmd_over_usb(struct usb_endpoint *uep, uint16_t subcommand, memcpy(frame_ptr + 1, cmd_body, body_size); /* Calculate the digest. */ - ctx = EVP_MD_CTX_new(); - sha_init(ctx); - sha_update(ctx, &ufh->cmd.block_base, + sha_init(&ctx); + sha_update(&ctx, &ufh->cmd.block_base, usb_msg_size - offsetof(struct update_frame_header, cmd.block_base)); - sha_final_into_block_digest(ctx, &ufh->cmd.block_digest, + sha_final_into_block_digest(&ctx, &ufh->cmd.block_digest, sizeof(ufh->cmd.block_digest)); - EVP_MD_CTX_free(ctx); do_xfer(uep, ufh, usb_msg_size, resp, resp_size ? *resp_size : 0, 1, resp_size); @@ -2006,27 +2007,34 @@ static void generate_reset_request(struct transfer_descriptor *td) } /* Forward to correct SHA implementation based on image type */ -static void sha_init(EVP_MD_CTX *ctx) +static void sha_init(union sha_ctx *ctx) { if (image_magic == MAGIC_HAVEN) - EVP_DigestInit_ex(ctx, EVP_sha1(), NULL); + SHA1_Init(&ctx->sha1); else if (image_magic == MAGIC_DAUNTLESS) - EVP_DigestInit_ex(ctx, EVP_sha256(), NULL); + SHA256_Init(&ctx->sha256); } /* Forward to correct SHA implementation based on image type */ -static void sha_update(EVP_MD_CTX *ctx, const void *data, size_t len) +static void sha_update(union sha_ctx *ctx, const void *data, size_t len) { - EVP_DigestUpdate(ctx, data, len); + if (image_magic == MAGIC_HAVEN) + SHA1_Update(&ctx->sha1, data, len); + else if (image_magic == MAGIC_DAUNTLESS) + SHA256_Update(&ctx->sha256, data, len); } /* Forward to correct SHA implementation based on image type */ -static void sha_final_into_block_digest(EVP_MD_CTX *ctx, void *block_digest, +static void sha_final_into_block_digest(union sha_ctx *ctx, void *block_digest, size_t size) { /* Big enough for either hash algo */ uint8_t full_digest[SHA256_DIGEST_LENGTH]; - EVP_DigestFinal(ctx, full_digest, NULL); + + if (image_magic == MAGIC_HAVEN) + SHA1_Final(full_digest, &ctx->sha1); + else if (image_magic == MAGIC_DAUNTLESS) + SHA256_Final(full_digest, &ctx->sha256); /* Don't try to copy out more than the smallest (SHA1) digest */ memcpy(block_digest, full_digest, MIN(size, SHA_DIGEST_LENGTH)); |