authfs: Add FFI to libcrypto
The FFI is currently used for accessing SHA256 related functions, as
well as SHA256_CTX struct. The whole header is included for bindgen
since we wouldn't want to inline the internal struct definition of
SHA256_CTX.
Bug: 171310075
Test: atest authfs_host_test_src_lib
Change-Id: I0bdec7956d4d0ee407122395fe2b48a437214f3f
diff --git a/authfs/Android.bp b/authfs/Android.bp
index 3edd800..fe038cd 100644
--- a/authfs/Android.bp
+++ b/authfs/Android.bp
@@ -6,12 +6,29 @@
],
edition: "2018",
rustlibs: [
+ "libauthfs_crypto_bindgen",
"liblibc",
+ "libthiserror",
],
host_supported: true,
+ shared_libs: ["libcrypto"],
clippy_lints: "android",
}
+// TODO(b/172687320): remove once there is a canonical bindgen.
+rust_bindgen {
+ name: "libauthfs_crypto_bindgen",
+ wrapper_src: "src/crypto.hpp",
+ crate_name: "authfs_crypto_bindgen",
+ source_stem: "bindings",
+ shared_libs: [
+ "libcrypto",
+ ],
+ bindgen_flags: ["--size_t-is-usize"],
+ cflags: ["-D BORINGSSL_NO_CXX"],
+ host_supported: true,
+}
+
rust_library {
name: "libauthfs",
defaults: ["authfs_defaults"],
diff --git a/authfs/src/crypto.hpp b/authfs/src/crypto.hpp
new file mode 100644
index 0000000..58b0bd3
--- /dev/null
+++ b/authfs/src/crypto.hpp
@@ -0,0 +1,22 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef AUTHFS_OPENSSL_WRAPPER_H
+#define AUTHFS_OPENSSL_WRAPPER_H
+
+#include <openssl/sha.h>
+
+#endif // AUTHFS_OPENSSL_WRAPPER_H
diff --git a/authfs/src/crypto.rs b/authfs/src/crypto.rs
new file mode 100644
index 0000000..a51acca
--- /dev/null
+++ b/authfs/src/crypto.rs
@@ -0,0 +1,98 @@
+/*
+ * Copyright (C) 2020 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#![allow(dead_code)]
+
+use std::mem::MaybeUninit;
+
+use thiserror::Error;
+
+#[derive(Error, Debug)]
+pub enum CryptoError {
+ #[error("Unexpected error returned from {0}")]
+ Unexpected(&'static str),
+}
+
+use authfs_crypto_bindgen::{SHA256_Final, SHA256_Init, SHA256_Update, SHA256_CTX};
+
+pub struct Sha256Hasher {
+ ctx: SHA256_CTX,
+}
+
+impl Sha256Hasher {
+ pub const HASH_SIZE: usize = 32;
+
+ pub fn new() -> Result<Sha256Hasher, CryptoError> {
+ // Safe assuming the crypto FFI should initialize the uninitialized `ctx`, which is
+ // currently a pure data struct.
+ unsafe {
+ let mut ctx = MaybeUninit::uninit();
+ if SHA256_Init(ctx.as_mut_ptr()) == 0 {
+ Err(CryptoError::Unexpected("SHA256_Init"))
+ } else {
+ Ok(Sha256Hasher { ctx: ctx.assume_init() })
+ }
+ }
+ }
+
+ pub fn update(&mut self, data: &[u8]) -> Result<&mut Self, CryptoError> {
+ // Safe assuming the crypto FFI will not touch beyond `ctx` as pure data.
+ let retval = unsafe {
+ SHA256_Update(&mut self.ctx, data.as_ptr() as *mut std::ffi::c_void, data.len())
+ };
+ if retval == 0 {
+ Err(CryptoError::Unexpected("SHA256_Update"))
+ } else {
+ Ok(self)
+ }
+ }
+
+ pub fn finalize(&mut self) -> Result<[u8; Self::HASH_SIZE], CryptoError> {
+ let mut md = [0u8; Self::HASH_SIZE];
+ // Safe assuming the crypto FFI will not touch beyond `ctx` as pure data.
+ let retval = unsafe { SHA256_Final(md.as_mut_ptr(), &mut self.ctx) };
+ if retval == 0 {
+ Err(CryptoError::Unexpected("SHA256_Final"))
+ } else {
+ Ok(md)
+ }
+ }
+}
+
+#[cfg(test)]
+mod tests {
+ use super::*;
+
+ fn to_hex_string(data: &[u8]) -> String {
+ data.iter().map(|&b| format!("{:02x}", b)).collect()
+ }
+
+ #[test]
+ fn verify_hash_values() -> Result<(), CryptoError> {
+ let hash = Sha256Hasher::new()?.update(&[0; 0])?.finalize()?;
+ let s: String = to_hex_string(&hash);
+ assert_eq!(s, "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855");
+
+ let hash = Sha256Hasher::new()?
+ .update(&[1u8; 1])?
+ .update(&[2u8; 1])?
+ .update(&[3u8; 1])?
+ .finalize()?;
+ let s: String = to_hex_string(&hash);
+ assert_eq!(s, "039058c6f2c0cb492c533b0a4d14ef77cc0f78abccced5287d84a1a2011cfb81");
+ Ok(())
+ }
+}
diff --git a/authfs/src/lib.rs b/authfs/src/lib.rs
index 6b136a4..c128f62 100644
--- a/authfs/src/lib.rs
+++ b/authfs/src/lib.rs
@@ -22,4 +22,5 @@
//!
//! The implementation is not finished.
+mod crypto;
mod reader;