authfs: Migrate from ring to the openssl crate
Only sha256 was used which makes the migration from ring nice and
simple.
Bug: 233582804
Test: atest AuthFsHostTest
Change-Id: I6e1ed23dbf19bad919e2b6592ed3a64d728dff71
diff --git a/authfs/src/fsverity/metadata/Android.bp b/authfs/src/fsverity/metadata/Android.bp
index af3729f..c988884 100644
--- a/authfs/src/fsverity/metadata/Android.bp
+++ b/authfs/src/fsverity/metadata/Android.bp
@@ -18,7 +18,7 @@
],
rustlibs: [
"libauthfs_fsverity_metadata_bindgen",
- "libring",
+ "libopenssl",
],
edition: "2018",
apex_available: ["com.android.virt"],
diff --git a/authfs/src/fsverity/metadata/metadata.rs b/authfs/src/fsverity/metadata/metadata.rs
index 8bc0617..54d0145 100644
--- a/authfs/src/fsverity/metadata/metadata.rs
+++ b/authfs/src/fsverity/metadata/metadata.rs
@@ -20,7 +20,7 @@
FSVERITY_SIGNATURE_TYPE_NONE, FSVERITY_SIGNATURE_TYPE_PKCS7, FSVERITY_SIGNATURE_TYPE_RAW,
};
-use ring::digest::{Context, SHA256};
+use openssl::sha::sha256;
use std::cmp::min;
use std::ffi::OsString;
use std::fs::File;
@@ -96,14 +96,11 @@
// Digest needs to be calculated with the raw value (without changing the endianness).
let digest = match header.descriptor.hash_algorithm {
- FSVERITY_HASH_ALG_SHA256 => {
- let mut context = Context::new(&SHA256);
- context.update(
- &back_buffer
- [DESCRIPTOR_OFFSET..DESCRIPTOR_OFFSET + size_of::<fsverity_descriptor>()],
- );
- Ok(context.finish().as_ref().to_owned())
- }
+ FSVERITY_HASH_ALG_SHA256 => Ok(sha256(
+ &back_buffer
+ [DESCRIPTOR_OFFSET..DESCRIPTOR_OFFSET + size_of::<fsverity_descriptor>()],
+ )
+ .to_vec()),
alg => Err(io::Error::new(
io::ErrorKind::Other,
format!("Unsupported hash algorithm {}, continue (likely failing soon)", alg),