OmahaHashCalculator: replace OpenSSL hashing with libsodium

wrl · tormath1 · commit de8cefa71e62 · 2022-12-07T13:59:25.000+01:00
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
@@ -15,7 +15,7 @@ jobs:
     - uses: actions/checkout@v2
     - name: install deps
       run: |
-        sudo apt update && sudo apt install -y libunwind-dev && sudo apt install -y libblkid-dev libext2fs-dev libmount-dev curl unzip libdbus-glib-1-dev protobuf-compiler libbz2-dev libgflags-dev libssl-dev libgoogle-glog-dev libcurl4-openssl-dev libxml2-dev libprotobuf-dev cmake wget libtool autoconf libgtest-dev libgmock-dev libbrotli-dev libdivsufsort-dev
+        sudo apt update && sudo apt install -y libunwind-dev && sudo apt install -y libblkid-dev libext2fs-dev libmount-dev curl unzip libdbus-glib-1-dev protobuf-compiler libbz2-dev libgflags-dev libssl-dev libgoogle-glog-dev libcurl4-openssl-dev libxml2-dev libprotobuf-dev cmake wget libtool autoconf libgtest-dev libgmock-dev libbrotli-dev libdivsufsort-dev libsodium-dev
     - name: prep rootdev
       run: |
         curl -sSL -o /tmp/seismograph.zip https://github.com/kinvolk/seismograph/archive/flatcar-master.zip
diff --git a/configure.ac b/configure.ac
@@ -81,6 +81,7 @@ PKG_CHECK_MODULES([DEPS],
                    libcrypto
                    libcurl
                    libglog
+                   libsodium
                    libssl
                    libxml-2.0
                    protobuf])
diff --git a/src/update_engine/main.cc b/src/update_engine/main.cc
@@ -5,6 +5,7 @@
 #include <gflags/gflags.h>
 #include <glib.h>
 #include <glog/logging.h>
+#include <sodium.h>
 
 #include "update_engine/certificate_checker.h"
 #include "update_engine/dbus_constants.h"
@@ -74,6 +75,8 @@ void SetupDbusService(UpdateEngineService* service) {
 }  // namespace chromeos_update_engine
 
 int main(int argc, char** argv) {
+  PLOG_IF(FATAL, sodium_init() < 0 ) << "the cryptographic lib couldn't be initialized; it is not safe to use";
+
   // Disable glog's default behavior of logging to files.
   FLAGS_logtostderr = true;
   GFLAGS_NAMESPACE::ParseCommandLineFlags(&argc, &argv, true);
diff --git a/src/update_engine/omaha_hash_calculator.cc b/src/update_engine/omaha_hash_calculator.cc
@@ -52,18 +52,20 @@ class ScopedBioHandle {
 };
 
 OmahaHashCalculator::OmahaHashCalculator() : valid_(false) {
-  valid_ = (SHA256_Init(&ctx_) == 1);
-  LOG_IF(ERROR, !valid_) << "SHA256_Init failed";
+  valid_ = !crypto_hash_sha256_init(&hash_state_);
+  LOG_IF(ERROR, !valid_) << "crypto_hash_sha256_init() failed";
 }
 
 // Update is called with all of the data that should be hashed in order.
 // Mostly just passes the data through to OpenSSL's SHA256_Update()
 bool OmahaHashCalculator::Update(const char* data, size_t length) {
   TEST_AND_RETURN_FALSE(valid_);
   TEST_AND_RETURN_FALSE(hash_.empty());
-  static_assert(sizeof(size_t) <= sizeof(unsigned long),
-                "length param may be truncated in SHA256_Update");
-  TEST_AND_RETURN_FALSE(SHA256_Update(&ctx_, data, length) == 1);
+  static_assert(sizeof(size_t) <= sizeof(unsigned long long),
+                "length param may be truncated in crypto_hash_sha256_update");
+
+  TEST_AND_RETURN_FALSE(crypto_hash_sha256_update(&hash_state_,
+    reinterpret_cast<const unsigned char *>(data), length) == 0);
   return true;
 }
 
@@ -170,13 +172,14 @@ bool OmahaHashCalculator::Base64Decode(const string& raw_in,
 bool OmahaHashCalculator::Finalize() {
   TEST_AND_RETURN_FALSE(hash_.empty());
   TEST_AND_RETURN_FALSE(raw_hash_.empty());
-  raw_hash_.resize(SHA256_DIGEST_LENGTH);
+  raw_hash_.resize(crypto_hash_sha256_BYTES);
+
   TEST_AND_RETURN_FALSE(
-      SHA256_Final(reinterpret_cast<unsigned char*>(&raw_hash_[0]),
-                   &ctx_) == 1);
+    crypto_hash_sha256_final(&hash_state_,
+      reinterpret_cast<unsigned char*>(raw_hash_.data())) == 0);
 
   // Convert raw_hash_ to base64 encoding and store it in hash_.
-  return Base64Encode(&raw_hash_[0], raw_hash_.size(), &hash_);
+  return Base64Encode(raw_hash_.data(), raw_hash_.size(), &hash_);
 }
 
 bool OmahaHashCalculator::RawHashOfBytes(const char* data,
@@ -221,16 +224,16 @@ string OmahaHashCalculator::OmahaHashOfString(const string& str) {
 }
 
 string OmahaHashCalculator::OmahaHashOfData(const vector<char>& data) {
-  return OmahaHashOfBytes(&data[0], data.size());
+  return OmahaHashOfBytes(data.data(), data.size());
 }
 
 string OmahaHashCalculator::GetContext() const {
-  return string(reinterpret_cast<const char*>(&ctx_), sizeof(ctx_));
+  return string(reinterpret_cast<const char*>(&hash_state_), sizeof(hash_state_));
 }
 
 bool OmahaHashCalculator::SetContext(const std::string& context) {
-  TEST_AND_RETURN_FALSE(context.size() == sizeof(ctx_));
-  memcpy(&ctx_, context.data(), sizeof(ctx_));
+  TEST_AND_RETURN_FALSE(context.size() == sizeof(hash_state_));
+  memcpy(&hash_state_, context.data(), sizeof(hash_state_));
   return true;
 }
 
diff --git a/src/update_engine/omaha_hash_calculator.h b/src/update_engine/omaha_hash_calculator.h
@@ -10,7 +10,7 @@
 #include <vector>
 
 #include <glog/logging.h>
-#include <openssl/sha.h>
+#include <sodium.h>
 
 #include "macros.h"
 
@@ -94,7 +94,7 @@ class OmahaHashCalculator {
   bool valid_;
 
   // The hash state used by OpenSSL
-  SHA256_CTX ctx_;
+  struct crypto_hash_sha256_state hash_state_;
   DISALLOW_COPY_AND_ASSIGN(OmahaHashCalculator);
 };
 
