Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 7d192200b897a9d65912e270691e5a3c8a8ff1a7^! / .
commit7d192200b897a9d65912e270691e5a3c8a8ff1a7[log] [tgz]
authorAmin Hassani <ahassani@chromium.org>Tue Sep 29 15:58:37 2020 -0700
committerCommit Bot <commit-bot@chromium.org>Wed Sep 30 18:52:36 2020 +0000
treef9324fe348633417d3004c17be2faf5e350d309a
parentfbe526cb9cbcfab38cbea286eca6b8c2f19a75af [diff]
update_engine: Switch back crypto function calls to get0 version

Because of b/158580694 we had to switch the crypto calls to get1 version
and manually release them. Since that bug has been marked as fixed, we
can now switch it back to its original form.

BUG=b:163153182
TEST=FEATURES=test emerge update_engine

Change-Id: I8c2ff6619f592fc5e78a45efce14d42626d66034
Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/2438992
Tested-by: Amin Hassani <ahassani@chromium.org>
Auto-Submit: Amin Hassani <ahassani@chromium.org>
Reviewed-by: Jae Hoon Kim <kimjae@chromium.org>
Commit-Queue: Amin Hassani <ahassani@chromium.org>

diff --git a/payload_consumer/payload_verifier.cc b/payload_consumer/payload_verifier.cc
index 7fd2b8e..85902c8 100644
--- a/payload_consumer/payload_verifier.cc
+++ b/payload_consumer/payload_verifier.cc

@@ -175,10 +175,7 @@
     }
 
     if (key_type == EVP_PKEY_EC) {
-      // TODO(b/158580694): Switch back to get0 version and remove manual
-      // freeing of the object once the bug is resolved or gale has been moved
-      // to informational.
-      EC_KEY* ec_key = EVP_PKEY_get1_EC_KEY(public_key.get());
+      EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(public_key.get());
       TEST_AND_RETURN_FALSE(ec_key != nullptr);
       if (ECDSA_verify(0,
                        sha256_hash_data.data(),
@@ -186,10 +183,8 @@
                        sig_data.data(),
                        sig_data.size(),
                        ec_key) == 1) {
-        EC_KEY_free(ec_key);
         return true;
       }
-      EC_KEY_free(ec_key);
     }
 
     LOG(ERROR) << "Unsupported key type " << key_type;
@@ -204,21 +199,16 @@
     const brillo::Blob& sig_data,
     const EVP_PKEY* public_key,
     brillo::Blob* out_hash_data) const {
-  // TODO(b/158580694): Switch back to get0 version and remove manual freeing of
-  // the object once the bug is resolved or gale has been moved to
-  // informational.
-  //
   // The code below executes the equivalent of:
   //
   // openssl rsautl -verify -pubin -inkey <(echo pem_public_key)
   //   -in |sig_data| -out |out_hash_data|
-  RSA* rsa = EVP_PKEY_get1_RSA(const_cast<EVP_PKEY*>(public_key));
+  RSA* rsa = EVP_PKEY_get0_RSA(const_cast<EVP_PKEY*>(public_key));
 
   TEST_AND_RETURN_FALSE(rsa != nullptr);
   unsigned int keysize = RSA_size(rsa);
   if (sig_data.size() > 2 * keysize) {
     LOG(ERROR) << "Signature size is too big for public key size.";
-    RSA_free(rsa);
     return false;
   }
 
@@ -226,7 +216,6 @@
   brillo::Blob hash_data(keysize);
   int decrypt_size = RSA_public_decrypt(
       sig_data.size(), sig_data.data(), hash_data.data(), rsa, RSA_NO_PADDING);
-  RSA_free(rsa);
   TEST_AND_RETURN_FALSE(decrypt_size > 0 &&
                         decrypt_size <= static_cast<int>(hash_data.size()));
   hash_data.resize(decrypt_size);

diff --git a/payload_generator/payload_signer.cc b/payload_generator/payload_signer.cc
index 9a44f94..dd87ab7 100644
--- a/payload_generator/payload_signer.cc
+++ b/payload_generator/payload_signer.cc

@@ -309,10 +309,7 @@
   int key_type = EVP_PKEY_id(private_key.get());
   brillo::Blob signature;
   if (key_type == EVP_PKEY_RSA) {
-    // TODO(b/158580694): Switch back to get0 version and remove manual freeing
-    // of the object once the bug is resolved or gale has been moved to
-    // informational.
-    RSA* rsa = EVP_PKEY_get1_RSA(private_key.get());
+    RSA* rsa = EVP_PKEY_get0_RSA(private_key.get());
     TEST_AND_RETURN_FALSE(rsa != nullptr);
 
     brillo::Blob padded_hash = hash;
@@ -327,17 +324,12 @@
     if (signature_size < 0) {
       LOG(ERROR) << "Signing hash failed: "
                  << ERR_error_string(ERR_get_error(), nullptr);
-      RSA_free(rsa);
       return false;
     }
-    RSA_free(rsa);
     TEST_AND_RETURN_FALSE(static_cast<size_t>(signature_size) ==
                           signature.size());
   } else if (key_type == EVP_PKEY_EC) {
-    // TODO(b/158580694): Switch back to get0 version and remove manual freeing
-    // of the object once the bug is resolved or gale has been moved to
-    // informational.
-    EC_KEY* ec_key = EVP_PKEY_get1_EC_KEY(private_key.get());
+    EC_KEY* ec_key = EVP_PKEY_get0_EC_KEY(private_key.get());
     TEST_AND_RETURN_FALSE(ec_key != nullptr);
 
     signature.resize(ECDSA_size(ec_key));
@@ -350,10 +342,8 @@
                    ec_key) != 1) {
       LOG(ERROR) << "Signing hash failed: "
                  << ERR_error_string(ERR_get_error(), nullptr);
-      EC_KEY_free(ec_key);
       return false;
     }
-    EC_KEY_free(ec_key);
 
     // NIST P-256
     LOG(ERROR) << "signature max size " << signature.size() << " size "