AU: Switch from SHA-1 to SHA-256 hash.
For hashing of images, expect a new "sha256" attribute in Omaha's updatecheck
response.
BUG=6580
TEST=unit tests, gmerged on device and updated with upgraded dev server
Change-Id: I122e21cd7edc74695cb81b2eee5ce70f152f5270
Review URL: http://codereview.chromium.org/3419018
diff --git a/omaha_hash_calculator.cc b/omaha_hash_calculator.cc
index fee72a9..88bfc6d 100644
--- a/omaha_hash_calculator.cc
+++ b/omaha_hash_calculator.cc
@@ -16,28 +16,28 @@
namespace chromeos_update_engine {
OmahaHashCalculator::OmahaHashCalculator() : valid_(false) {
- valid_ = (SHA1_Init(&ctx_) == 1);
- LOG_IF(ERROR, !valid_) << "SHA1_Init failed";
+ valid_ = (SHA256_Init(&ctx_) == 1);
+ LOG_IF(ERROR, !valid_) << "SHA256_Init failed";
}
// Update is called with all of the data that should be hashed in order.
-// Mostly just passes the data through to OpenSSL's SHA1_Update()
+// Mostly just passes the data through to OpenSSL's SHA256_Update()
bool OmahaHashCalculator::Update(const char* data, size_t length) {
TEST_AND_RETURN_FALSE(valid_);
TEST_AND_RETURN_FALSE(hash_.empty());
COMPILE_ASSERT(sizeof(size_t) <= sizeof(unsigned long),
- length_param_may_be_truncated_in_SHA1_Update);
- TEST_AND_RETURN_FALSE(SHA1_Update(&ctx_, data, length) == 1);
+ length_param_may_be_truncated_in_SHA256_Update);
+ TEST_AND_RETURN_FALSE(SHA256_Update(&ctx_, data, length) == 1);
return true;
}
// Call Finalize() when all data has been passed in. This mostly just
-// calls OpenSSL's SHA1_Final() and then base64 encodes the hash.
+// calls OpenSSL's SHA256_Final() and then base64 encodes the hash.
bool OmahaHashCalculator::Finalize() {
bool success = true;
TEST_AND_RETURN_FALSE(hash_.empty());
- unsigned char md[SHA_DIGEST_LENGTH];
- TEST_AND_RETURN_FALSE(SHA1_Final(md, &ctx_) == 1);
+ unsigned char md[SHA256_DIGEST_LENGTH];
+ TEST_AND_RETURN_FALSE(SHA256_Final(md, &ctx_) == 1);
// Convert md to base64 encoding and store it in hash_
BIO *b64 = BIO_new(BIO_f_base64());
@@ -67,12 +67,12 @@
vector<char>* out_hash) {
OmahaHashCalculator calc;
calc.Update(&data[0], data.size());
-
- out_hash->resize(out_hash->size() + SHA_DIGEST_LENGTH);
+
+ out_hash->resize(out_hash->size() + SHA256_DIGEST_LENGTH);
TEST_AND_RETURN_FALSE(
- SHA1_Final(reinterpret_cast<unsigned char*>(&(*(out_hash->end() -
- SHA_DIGEST_LENGTH))),
- &calc.ctx_) == 1);
+ SHA256_Final(reinterpret_cast<unsigned char*>(&(*(out_hash->end() -
+ SHA256_DIGEST_LENGTH))),
+ &calc.ctx_) == 1);
return true;
}
diff --git a/omaha_hash_calculator.h b/omaha_hash_calculator.h
index 5a666b6..208fd01 100644
--- a/omaha_hash_calculator.h
+++ b/omaha_hash_calculator.h
@@ -57,7 +57,7 @@
bool valid_;
// The hash state used by OpenSSL
- SHA_CTX ctx_;
+ SHA256_CTX ctx_;
DISALLOW_COPY_AND_ASSIGN(OmahaHashCalculator);
};
diff --git a/omaha_hash_calculator_unittest.cc b/omaha_hash_calculator_unittest.cc
index 0ee3b80..d228f12 100644
--- a/omaha_hash_calculator_unittest.cc
+++ b/omaha_hash_calculator_unittest.cc
@@ -18,8 +18,8 @@
calc.Update("hi", 2);
calc.Finalize();
// Generated by running this on a linux shell:
- // $ echo -n hi | openssl sha1 -binary | openssl base64
- EXPECT_EQ("witfkXg0JglCjW9RssWvTAveakI=", calc.hash());
+ // $ echo -n hi | openssl dgst -sha256 -binary | openssl base64
+ EXPECT_EQ("j0NDRmSPa5bfid2pAcUXaxCm2Dlh3TwayItZstwyeqQ=", calc.hash());
}
TEST(OmahaHashCalculatorTest, MultiUpdateTest) {
@@ -28,8 +28,8 @@
calc.Update("i", 1);
calc.Finalize();
// Generated by running this on a linux shell:
- // $ echo -n hi | openssl sha1 -binary | openssl base64
- EXPECT_EQ("witfkXg0JglCjW9RssWvTAveakI=", calc.hash());
+ // $ echo -n hi | openssl dgst -sha256 -binary | openssl base64
+ EXPECT_EQ("j0NDRmSPa5bfid2pAcUXaxCm2Dlh3TwayItZstwyeqQ=", calc.hash());
}
TEST(OmahaHashCalculatorTest, BigTest) {
@@ -48,8 +48,8 @@
// $ while [ $C -lt 1000000 ]; do
// echo -n $C
// let C=C+1
- // done | openssl sha1 -binary | openssl base64
- EXPECT_EQ("qdNsMeRqzoEUu5/ABi+MGRli87s=", calc.hash());
+ // done | openssl dgst -sha256 -binary | openssl base64
+ EXPECT_EQ("NZf8k6SPBkYMvhaX8YgzuMgbkLP1XZ+neM8K5wcSsf8=", calc.hash());
}
TEST(OmahaHashCalculatorTest, AbortTest) {
diff --git a/omaha_request_action.cc b/omaha_request_action.cc
index c931065..cb9cd63 100644
--- a/omaha_request_action.cc
+++ b/omaha_request_action.cc
@@ -405,7 +405,7 @@
XmlGetProperty(updatecheck_node, "DisplayVersion");
output_object.codebase = XmlGetProperty(updatecheck_node, "codebase");
output_object.more_info_url = XmlGetProperty(updatecheck_node, "MoreInfo");
- output_object.hash = XmlGetProperty(updatecheck_node, "hash");
+ output_object.hash = XmlGetProperty(updatecheck_node, "sha256");
output_object.size = ParseInt(XmlGetProperty(updatecheck_node, "size"));
output_object.needs_admin =
XmlGetProperty(updatecheck_node, "needsadmin") == "true";
diff --git a/omaha_request_action_unittest.cc b/omaha_request_action_unittest.cc
index 7a56b41..8b15a86 100755
--- a/omaha_request_action_unittest.cc
+++ b/omaha_request_action_unittest.cc
@@ -70,8 +70,8 @@
"status=\"ok\"/><updatecheck DisplayVersion=\"" + display_version + "\" "
"MoreInfo=\"" + more_info_url + "\" Prompt=\"" + prompt + "\" "
"IsDelta=\"true\" "
- "codebase=\"" + codebase + "\" "
- "hash=\"" + hash + "\" needsadmin=\"" + needsadmin + "\" "
+ "codebase=\"" + codebase + "\" hash=\"not-applicable\" "
+ "sha256=\"" + hash + "\" needsadmin=\"" + needsadmin + "\" "
"size=\"" + size + "\" status=\"ok\"/></app></gupdate>";
}
@@ -339,8 +339,8 @@
"status=\"ok\"/><updatecheck "
"DisplayVersion=\"1.2.3.4\" "
"Prompt=\"false\" "
- "codebase=\"http://code/base\" "
- "hash=\"HASH1234=\" needsadmin=\"true\" "
+ "codebase=\"http://code/base\" hash=\"foo\" "
+ "sha256=\"HASH1234=\" needsadmin=\"true\" "
"size=\"123\" "
"status=\"ok\"/></app></gupdate>",
kActionCodeSuccess,
diff --git a/payload_signer.cc b/payload_signer.cc
index 2fa9616..5b0c267 100644
--- a/payload_signer.cc
+++ b/payload_signer.cc
@@ -30,7 +30,7 @@
TEST_AND_RETURN_FALSE(
utils::MakeTempFile("/tmp/hash.XXXXXX", &hash_path, NULL));
ScopedPathUnlinker hash_path_unlinker(hash_path);
-
+
vector<char> hash_data;
{
vector<char> payload;
@@ -42,7 +42,7 @@
TEST_AND_RETURN_FALSE(utils::WriteFile(hash_path.c_str(),
&hash_data[0],
hash_data.size()));
-
+
// This runs on the server, so it's okay to cop out and call openssl
// executable rather than properly use the library
vector<string> cmd;
@@ -52,20 +52,20 @@
cmd[cmd.size() - 5] = private_key_path;
cmd[cmd.size() - 3] = hash_path;
cmd[cmd.size() - 1] = sig_path;
-
+
int return_code = 0;
TEST_AND_RETURN_FALSE(Subprocess::SynchronousExec(cmd, &return_code));
TEST_AND_RETURN_FALSE(return_code == 0);
-
+
vector<char> signature;
TEST_AND_RETURN_FALSE(utils::ReadFile(sig_path, &signature));
-
+
// Pack it into a protobuf
Signatures out_message;
Signatures_Signature* sig_message = out_message.add_signatures();
sig_message->set_version(kSignatureMessageVersion);
sig_message->set_data(signature.data(), signature.size());
-
+
// Serialize protobuf
string serialized;
TEST_AND_RETURN_FALSE(out_message.AppendToString(&serialized));
@@ -79,7 +79,7 @@
const string& private_key_path,
uint64_t* out_length) {
DCHECK(out_length);
-
+
string x_path;
TEST_AND_RETURN_FALSE(
utils::MakeTempFile("/tmp/signed_data.XXXXXX", &x_path, NULL));
diff --git a/payload_signer_unittest.cc b/payload_signer_unittest.cc
index 2ee58f5..ff31f02 100644
--- a/payload_signer_unittest.cc
+++ b/payload_signer_unittest.cc
@@ -26,22 +26,22 @@
// Some data and its corresponding signature:
const string kDataToSign = "This is some data to sign.";
const char kExpectedSignature[] = {
- 0x00, 0x8d, 0x20, 0x22, 0x87, 0xd3, 0xd0, 0xeb,
- 0x85, 0x80, 0xde, 0x76, 0xa4, 0x5a, 0xac, 0xdc,
- 0xa8, 0xe0, 0x6e, 0x10, 0x98, 0xc3, 0xa4, 0x55,
- 0x48, 0xbf, 0x15, 0x98, 0x32, 0xda, 0xbe, 0x21,
- 0x3d, 0xa8, 0x1a, 0xb6, 0xf9, 0x93, 0x03, 0x70,
- 0x44, 0x1b, 0xec, 0x39, 0xe3, 0xd4, 0xfd, 0x6b,
- 0xff, 0x84, 0xee, 0x60, 0xbe, 0xed, 0x9e, 0x5b,
- 0xac, 0xd5, 0xd6, 0x1a, 0xf9, 0x4e, 0xdb, 0x6d,
- 0x11, 0x9e, 0x01, 0xb1, 0xcb, 0x55, 0x05, 0x52,
- 0x8c, 0xad, 0xb6, 0x8e, 0x9f, 0xf7, 0xc2, 0x1a,
- 0x26, 0xb3, 0x96, 0xd2, 0x4a, 0xfd, 0x7c, 0x96,
- 0x53, 0x38, 0x3a, 0xcf, 0xab, 0x95, 0x83, 0xbd,
- 0x8e, 0xe1, 0xbd, 0x07, 0x12, 0xa2, 0x80, 0x18,
- 0xca, 0x64, 0x91, 0xee, 0x9d, 0x9d, 0xe3, 0x69,
- 0xc0, 0xab, 0x1b, 0x75, 0x9f, 0xf0, 0x64, 0x74,
- 0x01, 0xb3, 0x49, 0xea, 0x87, 0x63, 0x04, 0x29
+ 0xa4, 0xbc, 0x8f, 0xeb, 0x81, 0x05, 0xaa, 0x56,
+ 0x1b, 0x56, 0xe5, 0xcb, 0x9b, 0x1a, 0x00, 0xd7,
+ 0x1d, 0x87, 0x8e, 0xda, 0x5e, 0x90, 0x09, 0xb8,
+ 0x15, 0xf4, 0x25, 0x97, 0x2f, 0x3c, 0xa1, 0xf3,
+ 0x02, 0x75, 0xcd, 0x67, 0x4b, 0x0c, 0x1f, 0xf5,
+ 0x6e, 0xf1, 0x58, 0xd7, 0x0d, 0x8c, 0x18, 0x91,
+ 0x52, 0x30, 0x98, 0x64, 0x58, 0xc0, 0xe2, 0xb5,
+ 0x77, 0x3b, 0x96, 0x8f, 0x05, 0xc4, 0x7f, 0x7a,
+ 0x9a, 0x44, 0x0f, 0xc7, 0x1b, 0x90, 0x83, 0xf8,
+ 0x69, 0x05, 0xa8, 0x02, 0x57, 0xcd, 0x2e, 0x5b,
+ 0x96, 0xc7, 0x77, 0xa6, 0x1f, 0x97, 0x97, 0x05,
+ 0xb3, 0x30, 0x1c, 0x27, 0xd7, 0x2d, 0x31, 0x60,
+ 0x84, 0x7e, 0x99, 0x00, 0xe6, 0xe1, 0x39, 0xa6,
+ 0xf3, 0x3a, 0x72, 0xba, 0xc4, 0xfe, 0x68, 0xa9,
+ 0x08, 0xfa, 0xbc, 0xa8, 0x44, 0x66, 0xa0, 0x60,
+ 0xde, 0xc9, 0xb2, 0xba, 0xbc, 0x80, 0xb5, 0x55
};
string data_path;