authfs: Migrate to the openssl crate from custom bindings
Now that there is a standard binding to boringssl, switch over to using
it.
Bug: 233582804
Test: atest AuthFsHostTest
Test: atest authfs_device_test_src_lib
Change-Id: I4ae4353e21801bd4f9b43c4284d941820d540d80
diff --git a/authfs/src/fsverity/common.rs b/authfs/src/fsverity/common.rs
index eba379d..cb268ef 100644
--- a/authfs/src/fsverity/common.rs
+++ b/authfs/src/fsverity/common.rs
@@ -20,7 +20,13 @@
use super::sys::{FS_VERITY_HASH_ALG_SHA256, FS_VERITY_LOG_BLOCKSIZE, FS_VERITY_VERSION};
use crate::common::{divide_roundup, CHUNK_SIZE};
-use crate::crypto::{CryptoError, Sha256Hash, Sha256Hasher};
+use openssl::sha::Sha256;
+
+/// Output size of SHA-256 in bytes.
+pub const SHA256_HASH_SIZE: usize = 32;
+
+/// A SHA-256 hash.
+pub type Sha256Hash = [u8; SHA256_HASH_SIZE];
#[derive(Error, Debug)]
pub enum FsverityError {
@@ -32,8 +38,6 @@
CannotVerify,
#[error("I/O error")]
Io(#[from] io::Error),
- #[error("Crypto")]
- UnexpectedCryptoError(#[from] CryptoError),
#[error("Invalid state")]
InvalidState,
}
@@ -47,7 +51,7 @@
/// Return the Merkle tree height for our tree configuration, or None if the size is 0.
pub fn merkle_tree_height(data_size: u64) -> Option<u64> {
- let hashes_per_node = CHUNK_SIZE / Sha256Hasher::HASH_SIZE as u64;
+ let hashes_per_node = CHUNK_SIZE / SHA256_HASH_SIZE as u64;
let hash_pages = divide_roundup(data_size, hashes_per_node * CHUNK_SIZE);
log128_ceil(hash_pages)
}
@@ -56,7 +60,7 @@
pub fn merkle_tree_size(mut data_size: u64) -> u64 {
let mut total = 0;
while data_size > CHUNK_SIZE {
- let hash_size = divide_roundup(data_size, CHUNK_SIZE) * Sha256Hasher::HASH_SIZE as u64;
+ let hash_size = divide_roundup(data_size, CHUNK_SIZE) * SHA256_HASH_SIZE as u64;
let hash_storage_size = divide_roundup(hash_size, CHUNK_SIZE) * CHUNK_SIZE;
total += hash_storage_size;
data_size = hash_storage_size;
@@ -64,28 +68,25 @@
total
}
-pub fn build_fsverity_digest(
- root_hash: &Sha256Hash,
- file_size: u64,
-) -> Result<Sha256Hash, CryptoError> {
+pub fn build_fsverity_digest(root_hash: &Sha256Hash, file_size: u64) -> Sha256Hash {
// Little-endian byte representation of fsverity_descriptor from linux/fsverity.h
// Not FFI-ed as it seems easier to deal with the raw bytes manually.
- Sha256Hasher::new()?
- .update(&FS_VERITY_VERSION.to_le_bytes())? // version
- .update(&FS_VERITY_HASH_ALG_SHA256.to_le_bytes())? // hash_algorithm
- .update(&FS_VERITY_LOG_BLOCKSIZE.to_le_bytes())? // log_blocksize
- .update(&0u8.to_le_bytes())? // salt_size
- .update(&0u32.to_le_bytes())? // sig_size
- .update(&file_size.to_le_bytes())? // data_size
- .update(root_hash)? // root_hash, first 32 bytes
- .update(&[0u8; 32])? // root_hash, last 32 bytes, always 0 because we are using sha256.
- .update(&[0u8; 32])? // salt
- .update(&[0u8; 32])? // reserved
- .update(&[0u8; 32])? // reserved
- .update(&[0u8; 32])? // reserved
- .update(&[0u8; 32])? // reserved
- .update(&[0u8; 16])? // reserved
- .finalize()
+ let mut hash = Sha256::new();
+ hash.update(&FS_VERITY_VERSION.to_le_bytes()); // version
+ hash.update(&FS_VERITY_HASH_ALG_SHA256.to_le_bytes()); // hash_algorithm
+ hash.update(&FS_VERITY_LOG_BLOCKSIZE.to_le_bytes()); // log_blocksize
+ hash.update(&0u8.to_le_bytes()); // salt_size
+ hash.update(&0u32.to_le_bytes()); // sig_size
+ hash.update(&file_size.to_le_bytes()); // data_size
+ hash.update(root_hash); // root_hash, first 32 bytes
+ hash.update(&[0u8; 32]); // root_hash, last 32 bytes, always 0 because we are using sha256.
+ hash.update(&[0u8; 32]); // salt
+ hash.update(&[0u8; 32]); // reserved
+ hash.update(&[0u8; 32]); // reserved
+ hash.update(&[0u8; 32]); // reserved
+ hash.update(&[0u8; 32]); // reserved
+ hash.update(&[0u8; 16]); // reserved
+ hash.finish()
}
#[cfg(test)]