lib: wrap crypt API to hide errno usage
authorSteffen Jaeckel <jaeckel-floss@eyet-services.de>
Thu, 8 Jul 2021 13:57:34 +0000 (15:57 +0200)
committerTom Rini <trini@konsulko.com>
Fri, 23 Jul 2021 17:36:20 +0000 (13:36 -0400)
In order to prevent using the global errno, replace it with a static
version and create a wrapper function which returns the error value.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Heiko Schocher <hs@denx.de>
include/crypt.h
lib/crypt/alg-sha256.h
lib/crypt/alg-sha512.h
lib/crypt/crypt-port.h
lib/crypt/crypt-sha256.c
lib/crypt/crypt-sha512.c
lib/crypt/crypt.c
test/lib/test_crypt.c

index e0be2832ff232e924d42d6bc120ab0537f027f65..f18a1705d4dfa43e91f4171a8fd7f1ac653267bd 100644 (file)
@@ -9,5 +9,6 @@
  * @equal       Pointer to an int where the result is stored
  *                 '0' = unequal
  *                 '1' = equal
+ * @return 0 on success, error code of errno else
  */
-void crypt_compare(const char *should, const char *passphrase, int *equal);
+int crypt_compare(const char *should, const char *passphrase, int *equal);
index e4b29c9f317a686d4e78270207a85a99ee466dc2..62e7b9d5c094556b430ff39200aca1e177391d8b 100644 (file)
@@ -1,12 +1,6 @@
 /* SPDX-License-Identifier: GPL-2.0+ */
 /* Copyright (C) 2020 Steffen Jaeckel <jaeckel-floss@eyet-services.de> */
 
-#ifndef USE_HOSTCC
-#include "common.h"
-#else
-#include <string.h>
-#endif
-
 #include "u-boot/sha256.h"
 
 #define INCLUDE_sha256crypt 1
index 93b6109faeffab3ddf2685efc40065deb7dca29a..47e45730cc0bb80d5ffc598c162f698633a57637 100644 (file)
@@ -1,12 +1,6 @@
 /* SPDX-License-Identifier: GPL-2.0+ */
 /* Copyright (C) 2020 Steffen Jaeckel <jaeckel-floss@eyet-services.de> */
 
-#ifndef USE_HOSTCC
-#include "common.h"
-#else
-#include <string.h>
-#endif
-
 #include "u-boot/sha512.h"
 
 #define INCLUDE_sha512crypt 1
index 680ffe934999db68bea2859964750b02a45f98c4..6b9542d75bc20a14b413bf5f70b37622740e5651 100644 (file)
@@ -18,11 +18,13 @@ extern const unsigned char ascii64[65];
 
 #define b64t ((const char *)ascii64)
 
-void crypt_sha256crypt_rn(const char *phrase, size_t phr_size,
-                         const char *setting, size_t ARG_UNUSED(set_size),
-                         uint8_t *output, size_t out_size, void *scratch,
-                         size_t scr_size);
-void crypt_sha512crypt_rn(const char *phrase, size_t phr_size,
-                         const char *setting, size_t ARG_UNUSED(set_size),
-                         uint8_t *output, size_t out_size, void *scratch,
-                         size_t scr_size);
+int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size,
+                                const char *setting,
+                                size_t ARG_UNUSED(set_size), uint8_t *output,
+                                size_t out_size, void *scratch,
+                                size_t scr_size);
+int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size,
+                                const char *setting,
+                                size_t ARG_UNUSED(set_size), uint8_t *output,
+                                size_t out_size, void *scratch,
+                                size_t scr_size);
index 37127d41e14008f1a6341a5fbb28c9632720ec40..335c8880d816f3da25c1897e7a067cb818f77765 100644 (file)
@@ -1,10 +1,14 @@
+// SPDX-License-Identifier: CC0-1.0
+/* Based on libxcrypt v4.4.17-0-g6b110bc */
 /* One way encryption based on the SHA256-based Unix crypt implementation.
  *
  * Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
  * Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
  * Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
  * Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
- * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
+ * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2021
+ * for U-Boot, instead of using the global errno to use a static one
+ * inside this file.
  * To the extent possible under law, the named authors have waived all
  * copyright and related or neighboring rights to this work.
  *
@@ -20,7 +24,7 @@
 #include "crypt-port.h"
 #include "alg-sha256.h"
 
-#include <errno.h>
+#include <linux/errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -69,6 +73,25 @@ static_assert (sizeof (struct sha256_buffer) <= ALG_SPECIFIC_SIZE,
                "ALG_SPECIFIC_SIZE is too small for SHA256");
 
 
+/* Use this instead of including errno.h */
+static int errno;
+
+void crypt_sha256crypt_rn(const char *phrase, size_t phr_size,
+                         const char *setting, size_t ARG_UNUSED(set_size),
+                         uint8_t *output, size_t out_size, void *scratch,
+                         size_t scr_size);
+
+int crypt_sha256crypt_rn_wrapped(const char *phrase, size_t phr_size,
+                                const char *setting, size_t set_size,
+                                u8 *output, size_t out_size, void *scratch,
+                                size_t scr_size)
+{
+       errno = 0;
+       crypt_sha256crypt_rn(phrase, phr_size, setting, set_size, output,
+                            out_size, scratch, scr_size);
+       return -errno;
+}
+
 /* Feed CTX with LEN bytes of a virtual byte sequence consisting of
    BLOCK repeated over and over indefinitely.  */
 static void
index 3616019445ff4fde98da9c5fd0cf21077cd008db..8c8e6dd3dea34befd87811d9090c2cf1f42fab95 100644 (file)
@@ -1,10 +1,14 @@
+// SPDX-License-Identifier: CC0-1.0
+/* Based on libxcrypt v4.4.17-0-g6b110bc */
 /* One way encryption based on the SHA512-based Unix crypt implementation.
  *
  * Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
  * Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
  * Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
  * Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
- * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
+ * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2021
+ * for U-Boot, instead of using the global errno to use a static one
+ * inside this file.
  * To the extent possible under law, the named authors have waived all
  * copyright and related or neighboring rights to this work.
  *
@@ -20,7 +24,7 @@
 #include "crypt-port.h"
 #include "alg-sha512.h"
 
-#include <errno.h>
+#include <linux/errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 
@@ -69,6 +73,25 @@ static_assert (sizeof (struct sha512_buffer) <= ALG_SPECIFIC_SIZE,
                "ALG_SPECIFIC_SIZE is too small for SHA512");
 
 
+/* Use this instead of including errno.h */
+static int errno;
+
+void crypt_sha512crypt_rn(const char *phrase, size_t phr_size,
+                         const char *setting, size_t ARG_UNUSED(set_size),
+                         uint8_t *output, size_t out_size, void *scratch,
+                         size_t scr_size);
+
+int crypt_sha512crypt_rn_wrapped(const char *phrase, size_t phr_size,
+                                const char *setting, size_t set_size,
+                                u8 *output, size_t out_size, void *scratch,
+                                size_t scr_size)
+{
+       errno = 0;
+       crypt_sha512crypt_rn(phrase, phr_size, setting, set_size, output,
+                            out_size, scratch, scr_size);
+       return -errno;
+}
+
 /* Subroutine of _xcrypt_crypt_sha512crypt_rn: Feed CTX with LEN bytes of a
    virtual byte sequence consisting of BLOCK repeated over and over
    indefinitely.  */
index 4ec6079768b49115dc58daff961341eb8bf4e466..247c34b2a9c3b8890e0a174885e2fcd6614d8f04 100644 (file)
@@ -5,8 +5,8 @@
 #include <crypt.h>
 #include "crypt-port.h"
 
-typedef void (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *,
-                        size_t, void *, size_t);
+typedef int (*crypt_fn)(const char *, size_t, const char *, size_t, uint8_t *,
+                       size_t, void *, size_t);
 
 const unsigned char ascii64[65] =
        "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
@@ -29,19 +29,20 @@ static void equals_constant_time(const void *a_, const void *b_, size_t len,
        *equal = ret ^ 1;
 }
 
-void crypt_compare(const char *should, const char *passphrase, int *equal)
+int crypt_compare(const char *should, const char *passphrase, int *equal)
 {
        u8 output[CRYPT_OUTPUT_SIZE], scratch[ALG_SPECIFIC_SIZE];
        size_t n;
+       int err;
        struct {
                const char *prefix;
                crypt_fn crypt;
        } crypt_algos[] = {
 #if defined(CONFIG_CRYPT_PW_SHA256)
-               { "$5$", crypt_sha256crypt_rn },
+               { "$5$", crypt_sha256crypt_rn_wrapped },
 #endif
 #if defined(CONFIG_CRYPT_PW_SHA512)
-               { "$6$", crypt_sha512crypt_rn },
+               { "$6$", crypt_sha512crypt_rn_wrapped },
 #endif
                { NULL, NULL }
        };
@@ -56,18 +57,20 @@ void crypt_compare(const char *should, const char *passphrase, int *equal)
        }
 
        if (n >= ARRAY_SIZE(crypt_algos))
-               return;
-
-       crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0, output,
-                            sizeof(output), scratch, sizeof(scratch));
+               return -EINVAL;
 
+       err = crypt_algos[n].crypt(passphrase, strlen(passphrase), should, 0,
+                                  output, sizeof(output), scratch,
+                                  sizeof(scratch));
        /* early return on error, nothing really happened inside the crypt() function */
-       if (errno == ERANGE || errno == EINVAL)
-               return;
+       if (err)
+               return err;
 
        equals_constant_time(should, output, strlen((const char *)output),
                             equal);
 
        memset(scratch, 0, sizeof(scratch));
        memset(output, 0, sizeof(output));
+
+       return 0;
 }
index 277e4efed162d1cf2ab523c112c709dda6dae828..fb21edf9748467f3e58cbfc3a151779294a820b2 100644 (file)
 static int lib_crypt(struct unit_test_state *uts)
 {
        int equals = 0;
+       int err;
+
+       err = crypt_compare("", "password", &equals);
+       ut_assertf(err != 0, "crypt_compare successful but should not\n");
+       ut_assertf(equals != 1,
+                  "crypt_compare password hash matched but should not\n");
 
        if (IS_ENABLED(CONFIG_CRYPT_PW_SHA256)) {
-               crypt_compare(
+               err = crypt_compare("$5$", "password", &equals);
+               ut_assertf(err == 0, "crypt-sha256 not successful\n");
+               ut_assertf(
+                       equals != 1,
+                       "crypt-sha256 password hash matched but should not\n");
+
+               err = crypt_compare(
                        "$5$rounds=640000$TM4lL4zXDG7F4aRX$JM7a9wmvodnA0WasjTztj6mxg.KVuk6doQ/eBhdcapB",
                        "password", &equals);
+               ut_assertf(err == 0, "crypt-sha256 failed: %d\n", err);
                ut_assertf(equals == 1,
                           "crypt-sha256 password hash didn't match\n");
        }
        equals = 0;
        if (IS_ENABLED(CONFIG_CRYPT_PW_SHA512)) {
-               crypt_compare(
+               err = crypt_compare("$6$", "password", &equals);
+               ut_assertf(err == 0, "crypt-sha512 not successful\n");
+               ut_assertf(
+                       equals != 1,
+                       "crypt-sha512 password hash matched but should not\n");
+
+               err = crypt_compare(
                        "$6$rounds=640000$fCTP1F0N5JLq2eND$z5EzK5KZJA9JnOaj5d1Gg/2v6VqFOQJ3bVekWuCPauabutBt/8qzV1exJnytUyhbq3H0bSBXtodwNbtGEi/Tm/",
                        "password", &equals);
+               ut_assertf(err == 0, "crypt-sha512 failed: %d\n", err);
                ut_assertf(equals == 1,
                           "crypt-sha512 password hash didn't match\n");
        }