dany/u-boot-megous
1
0
Fork 0
mirror of https://xff.cz/git/u-boot/ synced 2025-10-31 18:35:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

tools: mxsimage: Fix build with OpenSSL 1.1.x

Browse Source 
The EVP_MD_CTX and EVP_CIPHER_CTX are made opaque since 1.1.x , so instead
of embedding them directly into struct sb_image_ctx and initializing them
using EVP_*_CTX_init(), we use pointers and allocate the crypto contexts
using EVP_*_CTX_new().

Signed-off-by: Marek Vasut <marex@denx.de>
Cc: Tom Rini <trini@konsulko.com>
This commit is contained in:
Marek Vasut
2016-12-19 15:27:50 +01:00
committed by Tom Rini
parent 5c51993499
commit 7bae13b757
1 changed files with 70 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

104
tools/mxsimage.c
View File

@@ -22,6 +22,36 @@
#include "pbl_crc32.h" #include "pbl_crc32.h"
#include <image.h> #include <image.h>
/*
* OpenSSL 1.1.0 and newer compatibility functions:
* https://wiki.openssl.org/index.php/1.1_API_Changes
*/
#if OPENSSL_VERSION_NUMBER < 0x10100000L
static void *OPENSSL_zalloc(size_t num)
{
void *ret = OPENSSL_malloc(num);
if (ret != NULL)
memset(ret, 0, num);
return ret;
}
EVP_MD_CTX *EVP_MD_CTX_new(void)
{
return OPENSSL_zalloc(sizeof(EVP_MD_CTX));
}
void EVP_MD_CTX_free(EVP_MD_CTX *ctx)
{
EVP_MD_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
{
return EVP_CIPHER_CTX_cleanup(ctx);
}
#endif
/* /*
* DCD block * DCD block
@@ -144,8 +174,8 @@ struct sb_image_ctx {
struct sb_dcd_ctx *dcd_head; struct sb_dcd_ctx *dcd_head;
struct sb_dcd_ctx *dcd_tail; struct sb_dcd_ctx *dcd_tail;
EVP_CIPHER_CTX cipher_ctx; EVP_CIPHER_CTX *cipher_ctx;
EVP_MD_CTX md_ctx; EVP_MD_CTX *md_ctx;
uint8_t digest[32]; uint8_t digest[32];
struct sb_key_dictionary_key sb_dict_key; struct sb_key_dictionary_key sb_dict_key;
@@ -173,24 +203,26 @@ struct sb_image_ctx {
*/ */
static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc) static int sb_aes_init(struct sb_image_ctx *ictx, uint8_t *iv, int enc)
{ {
EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; EVP_CIPHER_CTX *ctx;
int ret; int ret;
/* If there is no init vector, init vector is all zeroes. */ /* If there is no init vector, init vector is all zeroes. */
if (!iv) if (!iv)
iv = ictx->image_key; iv = ictx->image_key;
EVP_CIPHER_CTX_init(ctx); ctx = EVP_CIPHER_CTX_new();
ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc); ret = EVP_CipherInit(ctx, EVP_aes_128_cbc(), ictx->image_key, iv, enc);
if (ret == 1) if (ret == 1) {
EVP_CIPHER_CTX_set_padding(ctx, 0); EVP_CIPHER_CTX_set_padding(ctx, 0);
ictx->cipher_ctx = ctx;
}
return ret; return ret;
} }
static int sb_aes_crypt(struct sb_image_ctx *ictx, uint8_t *in_data, static int sb_aes_crypt(struct sb_image_ctx *ictx, uint8_t *in_data,
uint8_t *out_data, int in_len) uint8_t *out_data, int in_len)
{ {
EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; EVP_CIPHER_CTX *ctx = ictx->cipher_ctx;
int ret, outlen; int ret, outlen;
uint8_t *outbuf; uint8_t *outbuf;
@@ -215,13 +247,13 @@ err:
static int sb_aes_deinit(EVP_CIPHER_CTX *ctx) static int sb_aes_deinit(EVP_CIPHER_CTX *ctx)
{ {
return EVP_CIPHER_CTX_cleanup(ctx); return EVP_CIPHER_CTX_reset(ctx);
} }
static int sb_aes_reinit(struct sb_image_ctx *ictx, int enc) static int sb_aes_reinit(struct sb_image_ctx *ictx, int enc)
{ {
int ret; int ret;
EVP_CIPHER_CTX *ctx = &ictx->cipher_ctx; EVP_CIPHER_CTX *ctx = ictx->cipher_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload; struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *iv = sb_header->iv; uint8_t *iv = sb_header->iv;
@@ -276,7 +308,7 @@ static int sb_get_time(time_t time, struct tm *tm)
static void sb_encrypt_sb_header(struct sb_image_ctx *ictx) static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
struct sb_boot_image_header *sb_header = &ictx->payload; struct sb_boot_image_header *sb_header = &ictx->payload;
uint8_t *sb_header_ptr = (uint8_t *)sb_header; uint8_t *sb_header_ptr = (uint8_t *)sb_header;
@@ -287,7 +319,7 @@ static void sb_encrypt_sb_header(struct sb_image_ctx *ictx)
static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx) static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
struct sb_section_ctx *sctx = ictx->sect_head; struct sb_section_ctx *sctx = ictx->sect_head;
struct sb_sections_header *shdr; struct sb_sections_header *shdr;
uint8_t *sb_sections_header_ptr; uint8_t *sb_sections_header_ptr;
@@ -307,7 +339,7 @@ static void sb_encrypt_sb_sections_header(struct sb_image_ctx *ictx)
static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx) static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
sb_aes_crypt(ictx, ictx->image_key, ictx->sb_dict_key.key, sb_aes_crypt(ictx, ictx->image_key, ictx->sb_dict_key.key,
sizeof(ictx->sb_dict_key.key)); sizeof(ictx->sb_dict_key.key));
@@ -316,7 +348,7 @@ static void sb_encrypt_key_dictionary_key(struct sb_image_ctx *ictx)
static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx) static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key)); EVP_DigestUpdate(md_ctx, &ictx->sb_dict_key, sizeof(ictx->sb_dict_key));
sb_aes_crypt(ictx, ictx->sb_dict_key.key, ictx->image_key, sb_aes_crypt(ictx, ictx->sb_dict_key.key, ictx->image_key,
@@ -326,7 +358,7 @@ static void sb_decrypt_key_dictionary_key(struct sb_image_ctx *ictx)
static void sb_encrypt_tag(struct sb_image_ctx *ictx, static void sb_encrypt_tag(struct sb_image_ctx *ictx,
struct sb_cmd_ctx *cctx) struct sb_cmd_ctx *cctx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
struct sb_command *cmd = &cctx->payload; struct sb_command *cmd = &cctx->payload;
sb_aes_crypt(ictx, (uint8_t *)cmd, sb_aes_crypt(ictx, (uint8_t *)cmd,
@@ -337,8 +369,8 @@ static void sb_encrypt_tag(struct sb_image_ctx *ictx,
static int sb_encrypt_image(struct sb_image_ctx *ictx) static int sb_encrypt_image(struct sb_image_ctx *ictx)
{ {
/* Start image-wide crypto. */ /* Start image-wide crypto. */
EVP_MD_CTX_init(&ictx->md_ctx); ictx->md_ctx = EVP_MD_CTX_new();
EVP_DigestInit(&ictx->md_ctx, EVP_sha1()); EVP_DigestInit(ictx->md_ctx, EVP_sha1());
/* /*
* SB image header. * SB image header.
@@ -379,7 +411,7 @@ static int sb_encrypt_image(struct sb_image_ctx *ictx)
} else if (ccmd->header.tag == ROM_LOAD_CMD) { } else if (ccmd->header.tag == ROM_LOAD_CMD) {
sb_aes_crypt(ictx, cctx->data, cctx->data, sb_aes_crypt(ictx, cctx->data, cctx->data,
cctx->length); cctx->length);
EVP_DigestUpdate(&ictx->md_ctx, cctx->data, EVP_DigestUpdate(ictx->md_ctx, cctx->data,
cctx->length); cctx->length);
} }
@@ -394,11 +426,12 @@ static int sb_encrypt_image(struct sb_image_ctx *ictx)
*/ */
sb_aes_reinit(ictx, 1); sb_aes_reinit(ictx, 1);
EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL); EVP_DigestFinal(ictx->md_ctx, ictx->digest, NULL);
EVP_MD_CTX_free(ictx->md_ctx);
sb_aes_crypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest)); sb_aes_crypt(ictx, ictx->digest, ictx->digest, sizeof(ictx->digest));
/* Stop the encryption session. */ /* Stop the encryption session. */
sb_aes_deinit(&ictx->cipher_ctx); sb_aes_deinit(ictx->cipher_ctx);
return 0; return 0;
} }
@@ -1322,7 +1355,7 @@ static int sb_postfill_image_header(struct sb_image_ctx *ictx)
struct sb_boot_image_header *hdr = &ictx->payload; struct sb_boot_image_header *hdr = &ictx->payload;
struct sb_section_ctx *sctx = ictx->sect_head; struct sb_section_ctx *sctx = ictx->sect_head;
uint32_t kd_size, sections_blocks; uint32_t kd_size, sections_blocks;
EVP_MD_CTX md_ctx; EVP_MD_CTX *md_ctx;
/* The main SB header size in blocks. */ /* The main SB header size in blocks. */
hdr->image_blocks = hdr->header_blocks; hdr->image_blocks = hdr->header_blocks;
@@ -1359,13 +1392,14 @@ static int sb_postfill_image_header(struct sb_image_ctx *ictx)
hdr->key_dictionary_block + kd_size / SB_BLOCK_SIZE; hdr->key_dictionary_block + kd_size / SB_BLOCK_SIZE;
/* Compute header digest. */ /* Compute header digest. */
EVP_MD_CTX_init(&md_ctx); md_ctx = EVP_MD_CTX_new();
EVP_DigestInit(&md_ctx, EVP_sha1()); EVP_DigestInit(md_ctx, EVP_sha1());
EVP_DigestUpdate(&md_ctx, hdr->signature1, EVP_DigestUpdate(md_ctx, hdr->signature1,
sizeof(struct sb_boot_image_header) - sizeof(struct sb_boot_image_header) -
sizeof(hdr->digest)); sizeof(hdr->digest));
EVP_DigestFinal(&md_ctx, hdr->digest, NULL); EVP_DigestFinal(md_ctx, hdr->digest, NULL);
EVP_MD_CTX_free(md_ctx);
return 0; return 0;
} }
@@ -1621,12 +1655,12 @@ static int sb_verify_image_header(struct sb_image_ctx *ictx,
struct tm tm; struct tm tm;
int sz, ret = 0; int sz, ret = 0;
unsigned char digest[20]; unsigned char digest[20];
EVP_MD_CTX md_ctx; EVP_MD_CTX *md_ctx;
unsigned long size; unsigned long size;
/* Start image-wide crypto. */ /* Start image-wide crypto. */
EVP_MD_CTX_init(&ictx->md_ctx); ictx->md_ctx = EVP_MD_CTX_new();
EVP_DigestInit(&ictx->md_ctx, EVP_sha1()); EVP_DigestInit(ictx->md_ctx, EVP_sha1());
soprintf(ictx, "---------- Verifying SB Image Header ----------\n"); soprintf(ictx, "---------- Verifying SB Image Header ----------\n");
@@ -1637,12 +1671,13 @@ static int sb_verify_image_header(struct sb_image_ctx *ictx,
} }
/* Compute header digest. */ /* Compute header digest. */
EVP_MD_CTX_init(&md_ctx); md_ctx = EVP_MD_CTX_new();
EVP_DigestInit(&md_ctx, EVP_sha1()); EVP_DigestInit(md_ctx, EVP_sha1());
EVP_DigestUpdate(&md_ctx, hdr->signature1, EVP_DigestUpdate(md_ctx, hdr->signature1,
sizeof(struct sb_boot_image_header) - sizeof(struct sb_boot_image_header) -
sizeof(hdr->digest)); sizeof(hdr->digest));
EVP_DigestFinal(&md_ctx, digest, NULL); EVP_DigestFinal(md_ctx, digest, NULL);
EVP_MD_CTX_free(md_ctx);
sb_aes_init(ictx, NULL, 1); sb_aes_init(ictx, NULL, 1);
sb_encrypt_sb_header(ictx); sb_encrypt_sb_header(ictx);
@@ -1761,7 +1796,7 @@ static int sb_verify_image_header(struct sb_image_ctx *ictx,
static void sb_decrypt_tag(struct sb_image_ctx *ictx, static void sb_decrypt_tag(struct sb_image_ctx *ictx,
struct sb_cmd_ctx *cctx) struct sb_cmd_ctx *cctx)
{ {
EVP_MD_CTX *md_ctx = &ictx->md_ctx; EVP_MD_CTX *md_ctx = ictx->md_ctx;
struct sb_command *cmd = &cctx->payload; struct sb_command *cmd = &cctx->payload;
sb_aes_crypt(ictx, (uint8_t *)&cctx->c_payload, sb_aes_crypt(ictx, (uint8_t *)&cctx->c_payload,
@@ -1818,7 +1853,7 @@ static int sb_verify_command(struct sb_image_ctx *ictx,
*tsize += size; *tsize += size;
EVP_DigestUpdate(&ictx->md_ctx, cctx->data, asize); EVP_DigestUpdate(ictx->md_ctx, cctx->data, asize);
sb_aes_crypt(ictx, cctx->data, cctx->data, asize); sb_aes_crypt(ictx, cctx->data, cctx->data, asize);
if (ccmd->load.crc32 != pbl_crc32(0, if (ccmd->load.crc32 != pbl_crc32(0,
@@ -2007,7 +2042,8 @@ static int sb_verify_image_end(struct sb_image_ctx *ictx,
} }
/* Check the image digest. */ /* Check the image digest. */
EVP_DigestFinal(&ictx->md_ctx, ictx->digest, NULL); EVP_DigestFinal(ictx->md_ctx, ictx->digest, NULL);
EVP_MD_CTX_free(ictx->md_ctx);
/* Decrypt the image digest from the input image. */ /* Decrypt the image digest from the input image. */
sb_aes_reinit(ictx, 0); sb_aes_reinit(ictx, 0);
@@ -2083,7 +2119,7 @@ err_verify:
soprintf(ictx, "Verification %s\n", ret ? "FAILED" : "PASSED"); soprintf(ictx, "Verification %s\n", ret ? "FAILED" : "PASSED");
/* Stop the encryption session. */ /* Stop the encryption session. */
sb_aes_deinit(&ictx->cipher_ctx); sb_aes_deinit(ictx->cipher_ctx);
fclose(fp); fclose(fp);
return ret; return ret;