From: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
To: u-boot@lists.denx.de
Cc: Steffen Jaeckel <jaeckel-floss@eyet-services.de>,
Simon Glass <sjg@chromium.org>
Subject: [PATCH v4 2/8] lib: wrap crypt API to hide errno usage
Date: Thu, 8 Jul 2021 01:09:40 +0200 [thread overview]
Message-ID: <20210707230946.2497660-3-jaeckel-floss@eyet-services.de> (raw)
In-Reply-To: <20210707230946.2497660-1-jaeckel-floss@eyet-services.de>
In order to prevent using the global errno, replace it with a static
version and create a wrapper function which returns the error value.
Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
(no changes since v1)
include/crypt.h | 3 ++-
lib/crypt/alg-sha256.h | 6 ------
lib/crypt/alg-sha512.h | 6 ------
lib/crypt/crypt-port.h | 18 ++++++++++--------
lib/crypt/crypt-sha256.c | 26 ++++++++++++++++++++++++--
lib/crypt/crypt-sha512.c | 26 ++++++++++++++++++++++++--
lib/crypt/crypt.c | 25 ++++++++++++++-----------
test/lib/test_crypt.c | 24 ++++++++++++++++++++++--
8 files changed, 96 insertions(+), 38 deletions(-)
diff --git a/include/crypt.h b/include/crypt.h
index e0be2832ff..f18a1705d4 100644
--- a/include/crypt.h
+++ b/include/crypt.h
@@ -9,5 +9,6 @@
* @equal Pointer to an int where the result is stored
* '0' = unequal
* '1' = equal
+ * @return 0 on success, error code of errno else
*/
-void crypt_compare(const char *should, const char *passphrase, int *equal);
+int crypt_compare(const char *should, const char *passphrase, int *equal);
diff --git a/lib/crypt/alg-sha256.h b/lib/crypt/alg-sha256.h
index e4b29c9f31..62e7b9d5c0 100644
--- a/lib/crypt/alg-sha256.h
+++ b/lib/crypt/alg-sha256.h
@@ -1,12 +1,6 @@
/* SPDX-License-Identifier: GPL-2.0+ */
/* Copyright (C) 2020 Steffen Jaeckel <jaeckel-floss@eyet-services.de> */
-#ifndef USE_HOSTCC
-#include "common.h"
-#else
-#include <string.h>
-#endif
-
#include "u-boot/sha256.h"
#define INCLUDE_sha256crypt 1
diff --git a/lib/crypt/alg-sha512.h b/lib/crypt/alg-sha512.h
index 93b6109fae..47e45730cc 100644
--- a/lib/crypt/alg-sha512.h
+++ b/lib/crypt/alg-sha512.h
@@ -1,12 +1,6 @@
/* SPDX-License-Identifier: GPL-2.0+ */
/* Copyright (C) 2020 Steffen Jaeckel <jaeckel-floss@eyet-services.de> */
-#ifndef USE_HOSTCC
-#include "common.h"
-#else
-#include <string.h>
-#endif
-
#include "u-boot/sha512.h"
#define INCLUDE_sha512crypt 1
diff --git a/lib/crypt/crypt-port.h b/lib/crypt/crypt-port.h
index 680ffe9349..6b9542d75b 100644
--- a/lib/crypt/crypt-port.h
+++ b/lib/crypt/crypt-port.h
@@ -18,11 +18,13 @@ extern const unsigned char ascii64[65];
#define b64t ((const char *)ascii64)
-void crypt_sha256crypt_rn(const char *phrase, size_t phr_size,
- const char *setting, size_t ARG_UNUSED(set_size),
- uint8_t *output, size_t out_size, void *scratch,
- size_t scr_size);
-void crypt_sha512crypt_rn(const char *phrase, size_t phr_size,
- const char *setting, size_t ARG_UNUSED(set_size),
- uint8_t *output, size_t out_size, void *scratch,
- size_t scr_size);
+int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size,
+ const char *setting,
+ size_t ARG_UNUSED(set_size), uint8_t *output,
+ size_t out_size, void *scratch,
+ size_t scr_size);
+int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size,
+ const char *setting,
+ size_t ARG_UNUSED(set_size), uint8_t *output,
+ size_t out_size, void *scratch,
+ size_t scr_size);
diff --git a/lib/crypt/crypt-sha256.c b/lib/crypt/crypt-sha256.c
index 37127d41e1..e1c1eff060 100644
--- a/lib/crypt/crypt-sha256.c
+++ b/lib/crypt/crypt-sha256.c
@@ -1,10 +1,13 @@
+// SPDX-License-Identifier: CC0-1.0
/* One way encryption based on the SHA256-based Unix crypt implementation.
*
* Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
* Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
* Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
* Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
- * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
+ * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2021
+ * for U-Boot, instead of using the global errno to use a static one
+ * inside this file.
* To the extent possible under law, the named authors have waived all
* copyright and related or neighboring rights to this work.
*
@@ -20,7 +23,7 @@
#include "crypt-port.h"
#include "alg-sha256.h"
-#include <errno.h>
+#include <linux/errno.h>
#include <stdio.h>
#include <stdlib.h>
@@ -69,6 +72,25 @@ static_assert (sizeof (struct sha256_buffer) <= ALG_SPECIFIC_SIZE,
"ALG_SPECIFIC_SIZE is too small for SHA256");
+/* Use this instead of including errno.h */
+static int errno;
+
+void crypt_sha256crypt_rn(const char *phrase, size_t phr_size,
+ const char *setting, size_t ARG_UNUSED(set_size),
+ uint8_t *output, size_t out_size, void *scratch,
+ size_t scr_size);
+
+int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size,
+ const char *setting, size_t set_size,
+ u8 *output, size_t out_size, void *scratch,
+ size_t scr_size)
+{
+ errno = 0;
+ crypt_sha256crypt_rn(phrase, phr_size, setting, set_size, output,
+ out_size, scratch, scr_size);
+ return -errno;
+}
+
/* Feed CTX with LEN bytes of a virtual byte sequence consisting of
BLOCK repeated over and over indefinitely. */
static void
diff --git a/lib/crypt/crypt-sha512.c b/lib/crypt/crypt-sha512.c
index 3616019445..6f5be3b460 100644
--- a/lib/crypt/crypt-sha512.c
+++ b/lib/crypt/crypt-sha512.c
@@ -1,10 +1,13 @@
+// SPDX-License-Identifier: CC0-1.0
/* One way encryption based on the SHA512-based Unix crypt implementation.
*
* Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
* Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
* Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
* Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
- * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
+ * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2021
+ * for U-Boot, instead of using the global errno to use a static one
+ * inside this file.
* To the extent possible under law, the named authors have waived all
* copyright and related or neighboring rights to this work.
*
@@ -20,7 +23,7 @@
#include "crypt-port.h"
#include "alg-sha512.h"
-#include <errno.h>
+#include <linux/errno.h>
#include <stdio.h>
#include <stdlib.h>
@@ -69,6 +72,25 @@ static_assert (sizeof (struct sha512_buffer) <= ALG_SPECIFIC_SIZE,
"ALG_SPECIFIC_SIZE is too small for SHA512");
+/* Use this instead of including errno.h */
+static int errno;
+
+void crypt_sha512crypt_rn(const char *phrase, size_t phr_size,
+ const char *setting, size_t ARG_UNUSED(set_size),
+ uint8_t *output, size_t out_size, void *scratch,
+ size_t scr_size);
+
+int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size,
+ const char *setting, size_t set_size,
+ u8 *output, size_t out_size, void *scratch,
+ size_t scr_size)
+{
+ errno = 0;
+ crypt_sha512crypt_rn(phrase, phr_size, setting, set_size, output,
+ out_size, scratch, scr_size);
+ return -errno;
+}
+
/* Subroutine of _xcrypt_crypt_sha512crypt_rn: Feed CTX with LEN bytes of a
virtual byte sequence consisting of BLOCK repeated over and over
indefinitely. */
diff --git a/lib/crypt/crypt.c b/lib/crypt/crypt.c
index 4ec6079768..247c34b2a9 100644
--- a/lib/crypt/crypt.c
+++ b/lib/crypt/crypt.c
@@ -5,8 +5,8 @@
#include <crypt.h>
#include "crypt-port.h"
-typedef void (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *,
- size_t, void *, size_t);
+typedef int (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *,
+ size_t, void *, size_t);
const unsigned char ascii64[65] =
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
@@ -29,19 +29,20 @@ static void equals_constant_time(const void *a_, const void *b_, size_t len,
*equal = ret ^ 1;
}
-void crypt_compare(const char *should, const char *passphrase, int *equal)
+int crypt_compare(const char *should, const char *passphrase, int *equal)
{
u8 output[CRYPT_OUTPUT_SIZE], scratch[ALG_SPECIFIC_SIZE];
size_t n;
+ int err;
struct {
const char *prefix;
crypt_fn crypt;
} crypt_algos[] = {
#if defined(CONFIG_CRYPT_PW_SHA256)
- { "$5$", crypt_sha256crypt_rn },
+ { "$5$", crypt_sha256crypt_rn_wrapped },
#endif
#if defined(CONFIG_CRYPT_PW_SHA512)
- { "$6$", crypt_sha512crypt_rn },
+ { "$6$", crypt_sha512crypt_rn_wrapped },
#endif
{ NULL, NULL }
};
@@ -56,18 +57,20 @@ void crypt_compare(const char *should, const char *passphrase, int *equal)
}
if (n >= ARRAY_SIZE(crypt_algos))
- return;
-
- crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0, output,
- sizeof(output), scratch, sizeof(scratch));
+ return -EINVAL;
+ err = crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0,
+ output, sizeof(output), scratch,
+ sizeof(scratch));
/* early return on error, nothing really happened inside the crypt() function */
- if (errno == ERANGE || errno == EINVAL)
- return;
+ if (err)
+ return err;
equals_constant_time(should, output, strlen((const char *)output),
equal);
memset(scratch, 0, sizeof(scratch));
memset(output, 0, sizeof(output));
+
+ return 0;
}
diff --git a/test/lib/test_crypt.c b/test/lib/test_crypt.c
index 277e4efed1..fb21edf974 100644
--- a/test/lib/test_crypt.c
+++ b/test/lib/test_crypt.c
@@ -21,19 +21,39 @@
static int lib_crypt(struct unit_test_state *uts)
{
int equals = 0;
+ int err;
+
+ err = crypt_compare("", "password", &equals);
+ ut_assertf(err != 0, "crypt_compare successful but should not\n");
+ ut_assertf(equals != 1,
+ "crypt_compare password hash matched but should not\n");
if (IS_ENABLED(CONFIG_CRYPT_PW_SHA256)) {
- crypt_compare(
+ err = crypt_compare("$5$", "password", &equals);
+ ut_assertf(err == 0, "crypt-sha256 not successful\n");
+ ut_assertf(
+ equals != 1,
+ "crypt-sha256 password hash matched but should not\n");
+
+ err = crypt_compare(
"$5$rounds=640000$TM4lL4zXDG7F4aRX$JM7a9wmvodnA0WasjTztj6mxg.KVuk6doQ/eBhdcapB",
"password", &equals);
+ ut_assertf(err == 0, "crypt-sha256 failed: %d\n", err);
ut_assertf(equals == 1,
"crypt-sha256 password hash didn't match\n");
}
equals = 0;
if (IS_ENABLED(CONFIG_CRYPT_PW_SHA512)) {
- crypt_compare(
+ err = crypt_compare("$6$", "password", &equals);
+ ut_assertf(err == 0, "crypt-sha512 not successful\n");
+ ut_assertf(
+ equals != 1,
+ "crypt-sha512 password hash matched but should not\n");
+
+ err = crypt_compare(
"$6$rounds=640000$fCTP1F0N5JLq2eND$z5EzK5KZJA9JnOaj5d1Gg/2v6VqFOQJ3bVekWuCPauabutBt/8qzV1exJnytUyhbq3H0bSBXtodwNbtGEi/Tm/",
"password", &equals);
+ ut_assertf(err == 0, "crypt-sha512 failed: %d\n", err);
ut_assertf(equals == 1,
"crypt-sha512 password hash didn't match\n");
}
--
2.32.0
next prev parent reply other threads:[~2021-07-07 23:10 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-07 23:09 [PATCH v4 0/8] common: Introduce crypt-style password support Steffen Jaeckel
2021-07-07 23:09 ` [PATCH v4 1/8] lib: add crypt subsystem Steffen Jaeckel
2021-07-08 3:56 ` Heiko Schocher
2021-07-08 11:43 ` Steffen Jaeckel
2021-07-08 11:50 ` Heiko Schocher
2021-07-07 23:09 ` Steffen Jaeckel [this message]
2021-07-08 3:58 ` [PATCH v4 2/8] lib: wrap crypt API to hide errno usage Heiko Schocher
2021-07-07 23:09 ` [PATCH v4 3/8] common: integrate crypt-based passwords Steffen Jaeckel
2021-07-08 4:00 ` Heiko Schocher
2021-07-07 23:09 ` [PATCH v4 4/8] common: Rename macro appropriately Steffen Jaeckel
2021-07-08 4:04 ` Heiko Schocher
2021-07-07 23:09 ` [PATCH v4 5/8] common: allow disabling of timeout for password entry Steffen Jaeckel
2021-07-07 23:09 ` [PATCH v4 6/8] common: add AUTOBOOT_FLUSH_STDIN option Steffen Jaeckel
2021-07-07 23:09 ` [PATCH v4 7/8] common: add support to fallback to plain SHA256 Steffen Jaeckel
2021-07-07 23:09 ` [PATCH v4 8/8] test: add first autoboot unit tests Steffen Jaeckel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210707230946.2497660-3-jaeckel-floss@eyet-services.de \
--to=jaeckel-floss@eyet-services.de \
--cc=sjg@chromium.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.