diff options
author | Eric Biggers <ebiggers@google.com> | 2019-05-20 17:03:46 -0700 |
---|---|---|
committer | Eric Biggers <ebiggers@google.com> | 2019-05-20 17:03:46 -0700 |
commit | b0ebc3e09cbbd899a0a4c8fa462af7197c06296c (patch) | |
tree | 7d31541fea99ebf1e81ffc93c3eae4a226b8c58b | |
parent | 350eab5a6787e335208e46cfce291d170b525e53 (diff) | |
download | fsverity-utils-b0ebc3e09cbbd899a0a4c8fa462af7197c06296c.tar.gz |
Drop CRC-32 support for now
I'm dropping CRC-32 support from the kernel patchset until someone needs
it, so remove it from fsverity-utils for now too.
Signed-off-by: Eric Biggers <ebiggers@google.com>
-rw-r--r-- | cmd_setup.c | 8 | ||||
-rw-r--r-- | crc32c_table.h | 74 | ||||
-rw-r--r-- | hash_algs.c | 65 | ||||
-rw-r--r-- | hash_algs.h | 1 | ||||
-rw-r--r-- | scripts/gen_crc32c_table.c | 64 | ||||
-rw-r--r-- | sign.c | 1 |
6 files changed, 0 insertions, 213 deletions
diff --git a/cmd_setup.c b/cmd_setup.c index c598a71..29848f9 100644 --- a/cmd_setup.c +++ b/cmd_setup.c @@ -535,14 +535,6 @@ int fsverity_cmd_setup(const struct fsverity_command *cmd, goto out_err; } - if ((params.signing_key_file || params.signature_file) && - !params.hash_alg->cryptographic) { - error_msg("Signing a file using '%s' checksums does not make sense\n" - " because '%s' is not a cryptographically secure hash algorithm.", - params.hash_alg->name, params.hash_alg->name); - goto out_err; - } - if (!load_elisions_and_patches(&elide_opts, &patch_opts, ¶ms)) goto out_err; diff --git a/crc32c_table.h b/crc32c_table.h deleted file mode 100644 index 822c0a6..0000000 --- a/crc32c_table.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * crc32c_table.h - data table to accelerate CRC-32C computation - * - * This file was automatically generated by scripts/gen_crc32c_table.c - */ - -#include <stdint.h> - -static const uint32_t crc32c_table[] = { - 0x00000000, 0xf26b8303, 0xe13b70f7, 0x1350f3f4, - 0xc79a971f, 0x35f1141c, 0x26a1e7e8, 0xd4ca64eb, - 0x8ad958cf, 0x78b2dbcc, 0x6be22838, 0x9989ab3b, - 0x4d43cfd0, 0xbf284cd3, 0xac78bf27, 0x5e133c24, - 0x105ec76f, 0xe235446c, 0xf165b798, 0x030e349b, - 0xd7c45070, 0x25afd373, 0x36ff2087, 0xc494a384, - 0x9a879fa0, 0x68ec1ca3, 0x7bbcef57, 0x89d76c54, - 0x5d1d08bf, 0xaf768bbc, 0xbc267848, 0x4e4dfb4b, - 0x20bd8ede, 0xd2d60ddd, 0xc186fe29, 0x33ed7d2a, - 0xe72719c1, 0x154c9ac2, 0x061c6936, 0xf477ea35, - 0xaa64d611, 0x580f5512, 0x4b5fa6e6, 0xb93425e5, - 0x6dfe410e, 0x9f95c20d, 0x8cc531f9, 0x7eaeb2fa, - 0x30e349b1, 0xc288cab2, 0xd1d83946, 0x23b3ba45, - 0xf779deae, 0x05125dad, 0x1642ae59, 0xe4292d5a, - 0xba3a117e, 0x4851927d, 0x5b016189, 0xa96ae28a, - 0x7da08661, 0x8fcb0562, 0x9c9bf696, 0x6ef07595, - 0x417b1dbc, 0xb3109ebf, 0xa0406d4b, 0x522bee48, - 0x86e18aa3, 0x748a09a0, 0x67dafa54, 0x95b17957, - 0xcba24573, 0x39c9c670, 0x2a993584, 0xd8f2b687, - 0x0c38d26c, 0xfe53516f, 0xed03a29b, 0x1f682198, - 0x5125dad3, 0xa34e59d0, 0xb01eaa24, 0x42752927, - 0x96bf4dcc, 0x64d4cecf, 0x77843d3b, 0x85efbe38, - 0xdbfc821c, 0x2997011f, 0x3ac7f2eb, 0xc8ac71e8, - 0x1c661503, 0xee0d9600, 0xfd5d65f4, 0x0f36e6f7, - 0x61c69362, 0x93ad1061, 0x80fde395, 0x72966096, - 0xa65c047d, 0x5437877e, 0x4767748a, 0xb50cf789, - 0xeb1fcbad, 0x197448ae, 0x0a24bb5a, 0xf84f3859, - 0x2c855cb2, 0xdeeedfb1, 0xcdbe2c45, 0x3fd5af46, - 0x7198540d, 0x83f3d70e, 0x90a324fa, 0x62c8a7f9, - 0xb602c312, 0x44694011, 0x5739b3e5, 0xa55230e6, - 0xfb410cc2, 0x092a8fc1, 0x1a7a7c35, 0xe811ff36, - 0x3cdb9bdd, 0xceb018de, 0xdde0eb2a, 0x2f8b6829, - 0x82f63b78, 0x709db87b, 0x63cd4b8f, 0x91a6c88c, - 0x456cac67, 0xb7072f64, 0xa457dc90, 0x563c5f93, - 0x082f63b7, 0xfa44e0b4, 0xe9141340, 0x1b7f9043, - 0xcfb5f4a8, 0x3dde77ab, 0x2e8e845f, 0xdce5075c, - 0x92a8fc17, 0x60c37f14, 0x73938ce0, 0x81f80fe3, - 0x55326b08, 0xa759e80b, 0xb4091bff, 0x466298fc, - 0x1871a4d8, 0xea1a27db, 0xf94ad42f, 0x0b21572c, - 0xdfeb33c7, 0x2d80b0c4, 0x3ed04330, 0xccbbc033, - 0xa24bb5a6, 0x502036a5, 0x4370c551, 0xb11b4652, - 0x65d122b9, 0x97baa1ba, 0x84ea524e, 0x7681d14d, - 0x2892ed69, 0xdaf96e6a, 0xc9a99d9e, 0x3bc21e9d, - 0xef087a76, 0x1d63f975, 0x0e330a81, 0xfc588982, - 0xb21572c9, 0x407ef1ca, 0x532e023e, 0xa145813d, - 0x758fe5d6, 0x87e466d5, 0x94b49521, 0x66df1622, - 0x38cc2a06, 0xcaa7a905, 0xd9f75af1, 0x2b9cd9f2, - 0xff56bd19, 0x0d3d3e1a, 0x1e6dcdee, 0xec064eed, - 0xc38d26c4, 0x31e6a5c7, 0x22b65633, 0xd0ddd530, - 0x0417b1db, 0xf67c32d8, 0xe52cc12c, 0x1747422f, - 0x49547e0b, 0xbb3ffd08, 0xa86f0efc, 0x5a048dff, - 0x8ecee914, 0x7ca56a17, 0x6ff599e3, 0x9d9e1ae0, - 0xd3d3e1ab, 0x21b862a8, 0x32e8915c, 0xc083125f, - 0x144976b4, 0xe622f5b7, 0xf5720643, 0x07198540, - 0x590ab964, 0xab613a67, 0xb831c993, 0x4a5a4a90, - 0x9e902e7b, 0x6cfbad78, 0x7fab5e8c, 0x8dc0dd8f, - 0xe330a81a, 0x115b2b19, 0x020bd8ed, 0xf0605bee, - 0x24aa3f05, 0xd6c1bc06, 0xc5914ff2, 0x37faccf1, - 0x69e9f0d5, 0x9b8273d6, 0x88d28022, 0x7ab90321, - 0xae7367ca, 0x5c18e4c9, 0x4f48173d, 0xbd23943e, - 0xf36e6f75, 0x0105ec76, 0x12551f82, 0xe03e9c81, - 0x34f4f86a, 0xc69f7b69, 0xd5cf889d, 0x27a40b9e, - 0x79b737ba, 0x8bdcb4b9, 0x988c474d, 0x6ae7c44e, - 0xbe2da0a5, 0x4c4623a6, 0x5f16d052, 0xad7d5351, -}; diff --git a/hash_algs.c b/hash_algs.c index 1e46924..e3dfc00 100644 --- a/hash_algs.c +++ b/hash_algs.c @@ -14,11 +14,6 @@ #include "fsverity_uapi.h" #include "hash_algs.h" -static void free_hash_ctx(struct hash_ctx *ctx) -{ - free(ctx); -} - /* ========== libcrypto (OpenSSL) wrappers ========== */ struct openssl_hash_ctx { @@ -104,79 +99,19 @@ static struct hash_ctx *create_sha512_ctx(const struct fsverity_hash_alg *alg) return openssl_digest_ctx_create(alg, EVP_sha512()); } -/* ========== CRC-32C ========== */ - -/* - * There are faster ways to calculate CRC's, but for now we just use the - * 256-entry table method as it's portable and not too complex. - */ - -#include "crc32c_table.h" - -struct crc32c_hash_ctx { - struct hash_ctx base; /* must be first */ - u32 remainder; -}; - -static void crc32c_init(struct hash_ctx *_ctx) -{ - struct crc32c_hash_ctx *ctx = (void *)_ctx; - - ctx->remainder = ~0; -} - -static void crc32c_update(struct hash_ctx *_ctx, const void *data, size_t size) -{ - struct crc32c_hash_ctx *ctx = (void *)_ctx; - const u8 *p = data; - u32 r = ctx->remainder; - - while (size--) - r = (r >> 8) ^ crc32c_table[(u8)r ^ *p++]; - - ctx->remainder = r; -} - -static void crc32c_final(struct hash_ctx *_ctx, u8 *digest) -{ - struct crc32c_hash_ctx *ctx = (void *)_ctx; - __le32 remainder = cpu_to_le32(~ctx->remainder); - - memcpy(digest, &remainder, sizeof(remainder)); -} - -static struct hash_ctx *create_crc32c_ctx(const struct fsverity_hash_alg *alg) -{ - struct crc32c_hash_ctx *ctx = xzalloc(sizeof(*ctx)); - - ctx->base.alg = alg; - ctx->base.init = crc32c_init; - ctx->base.update = crc32c_update; - ctx->base.final = crc32c_final; - ctx->base.free = free_hash_ctx; - return &ctx->base; -} - /* ========== Hash algorithm definitions ========== */ const struct fsverity_hash_alg fsverity_hash_algs[] = { [FS_VERITY_ALG_SHA256] = { .name = "sha256", .digest_size = 32, - .cryptographic = true, .create_ctx = create_sha256_ctx, }, [FS_VERITY_ALG_SHA512] = { .name = "sha512", .digest_size = 64, - .cryptographic = true, .create_ctx = create_sha512_ctx, }, - [FS_VERITY_ALG_CRC32C] = { - .name = "crc32c", - .digest_size = 4, - .create_ctx = create_crc32c_ctx, - }, }; const struct fsverity_hash_alg *find_hash_alg_by_name(const char *name) diff --git a/hash_algs.h b/hash_algs.h index 3cb0a98..7a4662f 100644 --- a/hash_algs.h +++ b/hash_algs.h @@ -9,7 +9,6 @@ struct fsverity_hash_alg { const char *name; unsigned int digest_size; - bool cryptographic; struct hash_ctx *(*create_ctx)(const struct fsverity_hash_alg *alg); }; diff --git a/scripts/gen_crc32c_table.c b/scripts/gen_crc32c_table.c deleted file mode 100644 index 656a349..0000000 --- a/scripts/gen_crc32c_table.c +++ /dev/null @@ -1,64 +0,0 @@ -// SPDX-License-Identifier: GPL-2.0+ -/* - * Generate a table for CRC-32C calculation. - * - * Copyright (C) 2018 Google LLC - * - * Written by Eric Biggers. - */ - -#include <stdint.h> -#include <stdio.h> - -/* - * This is the CRC-32C (Castagnoli) polynomial: x^32+x^28+x^27+x^26+x^25+x^23+ - * x^22+x^20+x^19+x^18+x^14+x^13+x^11+x^10+x^9+x^8+x^6+x^0, with the polynomial - * coefficients mapped to bits using the "little endian" convention. - */ -#define CRC32C_POLY_LE 0x82F63B78 - -static uint32_t crc32c_update_bit(uint32_t remainder, uint8_t bit) -{ - return (remainder >> 1) ^ - (((remainder ^ bit) & 1) ? CRC32C_POLY_LE : 0); -} - -static uint32_t crc32c_update_byte(uint32_t remainder, uint8_t byte) -{ - int bit; - - for (bit = 0; bit < 8; bit++, byte >>= 1) - remainder = crc32c_update_bit(remainder, byte & 1); - return remainder; -} - -static uint32_t crc32c_table[256]; - -int main(void) -{ - int i, j; - - for (i = 0; i < 256; i++) - crc32c_table[i] = crc32c_update_byte(0, i); - - printf("/*\n"); - printf(" * crc32c_table.h - data table to accelerate CRC-32C computation\n"); - printf(" *\n"); - printf(" * This file was automatically generated by scripts/gen_crc32c_table.c\n"); - printf(" */\n"); - printf("\n"); - printf("#include <stdint.h>\n"); - printf("\n"); - printf("static const uint32_t crc32c_table[] = {\n"); - for (i = 0; i < 64; i++) { - printf("\t"); - for (j = 0; j < 4; j++) { - printf("0x%08x,", crc32c_table[i * 4 + j]); - if (j != 3) - printf(" "); - } - printf("\n"); - } - printf("};\n"); - return 0; -} @@ -395,7 +395,6 @@ static bool sign_data(const void *data_to_sign, size_t data_size, goto out; OpenSSL_add_all_digests(); - ASSERT(hash_alg->cryptographic); md = EVP_get_digestbyname(hash_alg->name); if (!md) { fprintf(stderr, |