From f24a0af72af3734fa1dfe1d50c1e4f72a2edb402 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Fri, 30 Jul 2021 14:14:37 +0200 Subject: [PATCH] Use SHA-2 instead of SHA-1 The use of SHA-1 in RHEL9 is deprecated --- libselinux/include/selinux/label.h | 6 +- libselinux/include/selinux/restorecon.h | 4 +- libselinux/man/man3/selabel_digest.3 | 4 +- libselinux/man/man3/selabel_open.3 | 2 +- libselinux/man/man3/selinux_restorecon.3 | 16 +- .../man/man3/selinux_restorecon_xattr.3 | 2 +- libselinux/src/Makefile | 2 +- libselinux/src/label_file.c | 40 +-- libselinux/src/label_internal.h | 10 +- libselinux/src/label_support.c | 8 +- libselinux/src/selinux_restorecon.c | 24 +- libselinux/src/sha1.h | 85 ----- libselinux/src/sha256.c | 294 ++++++++++++++++++ libselinux/src/sha256.h | 89 ++++++ libselinux/utils/selabel_digest.c | 26 +- .../selabel_get_digests_all_partial_matches.c | 28 +- 16 files changed, 469 insertions(+), 171 deletions(-) delete mode 100644 libselinux/src/sha1.h create mode 100644 libselinux/src/sha256.c create mode 100644 libselinux/src/sha256.h diff --git a/libselinux/include/selinux/label.h b/libselinux/include/selinux/label.h index e8983606d93b..a35d84d63b0a 100644 --- a/libselinux/include/selinux/label.h +++ b/libselinux/include/selinux/label.h @@ -120,13 +120,13 @@ extern int selabel_lookup_best_match_raw(struct selabel_handle *rec, char **con, const char *key, const char **aliases, int type); /** - * selabel_digest - Retrieve the SHA1 digest and the list of specfiles used to + * selabel_digest - Retrieve the SHA256 digest and the list of specfiles used to * generate the digest. The SELABEL_OPT_DIGEST option must * be set in selabel_open() to initiate the digest generation. * @handle: specifies backend instance to query - * @digest: returns a pointer to the SHA1 digest. + * @digest: returns a pointer to the SHA256 digest. * @digest_len: returns length of digest in bytes. - * @specfiles: a list of specfiles used in the SHA1 digest generation. + * @specfiles: a list of specfiles used in the SHA256 digest generation. * The list is NULL terminated and will hold @num_specfiles entries. * @num_specfiles: number of specfiles in the list. * diff --git a/libselinux/include/selinux/restorecon.h b/libselinux/include/selinux/restorecon.h index 466de39aac72..ca8ce768587a 100644 --- a/libselinux/include/selinux/restorecon.h +++ b/libselinux/include/selinux/restorecon.h @@ -27,8 +27,8 @@ extern int selinux_restorecon(const char *pathname, * restorecon_flags options */ /* - * Force the checking of labels even if the stored SHA1 digest - * matches the specfiles SHA1 digest (requires CAP_SYS_ADMIN). + * Force the checking of labels even if the stored SHA256 digest + * matches the specfiles SHA256 digest (requires CAP_SYS_ADMIN). */ #define SELINUX_RESTORECON_IGNORE_DIGEST 0x00001 /* diff --git a/libselinux/man/man3/selabel_digest.3 b/libselinux/man/man3/selabel_digest.3 index 56a008f00df0..5f7c42533d0e 100644 --- a/libselinux/man/man3/selabel_digest.3 +++ b/libselinux/man/man3/selabel_digest.3 @@ -20,11 +20,11 @@ selabel_digest \- Return digest of specfiles and list of files used .BR selabel_digest () performs an operation on the handle .IR hnd , -returning the results of the SHA1 digest pointed to by +returning the results of the SHA256 digest pointed to by .IR digest , whose length will be .IR digest_len . -The list of specfiles used in the SHA1 digest calculation is returned in +The list of specfiles used in the SHA256 digest calculation is returned in .I specfiles with the number of entries in .IR num_specfiles . diff --git a/libselinux/man/man3/selabel_open.3 b/libselinux/man/man3/selabel_open.3 index 971ebc1acd41..2cf2eb8a1410 100644 --- a/libselinux/man/man3/selabel_open.3 +++ b/libselinux/man/man3/selabel_open.3 @@ -69,7 +69,7 @@ is used; a custom validation function can be provided via Note that an invalid context may not be treated as an error unless it is actually encountered during a lookup operation. .TP .B SELABEL_OPT_DIGEST -A non-null value for this option enables the generation of an SHA1 digest of +A non-null value for this option enables the generation of an SHA256 digest of the spec files loaded as described in .BR selabel_digest (3) . diff --git a/libselinux/man/man3/selinux_restorecon.3 b/libselinux/man/man3/selinux_restorecon.3 index ad637406a30d..c4576fe79ff6 100644 --- a/libselinux/man/man3/selinux_restorecon.3 +++ b/libselinux/man/man3/selinux_restorecon.3 @@ -28,7 +28,7 @@ If this is a directory and the .B SELINUX_RESTORECON_RECURSE has been set (for descending through directories), then .BR selinux_restorecon () -will write an SHA1 digest of specfile entries calculated by +will write an SHA256 digest of specfile entries calculated by .BR selabel_get_digests_all_partial_matches (3) to an extended attribute of .IR security.sehash @@ -47,7 +47,7 @@ will take place. .br The .IR restorecon_flags -that can be used to manage the usage of the SHA1 digest are: +that can be used to manage the usage of the SHA256 digest are: .RS .B SELINUX_RESTORECON_SKIP_DIGEST .br @@ -65,8 +65,8 @@ Do not check or update any extended attribute entries. .sp .B SELINUX_RESTORECON_IGNORE_DIGEST -force the checking of labels even if the stored SHA1 digest matches the -specfile entries SHA1 digest. The specfile entries digest will be written to the +force the checking of labels even if the stored SHA256 digest matches the +specfile entries SHA256 digest. The specfile entries digest will be written to the .IR security.sehash extended attribute once relabeling has been completed successfully provided the .B SELINUX_RESTORECON_NOCHANGE @@ -84,7 +84,7 @@ default specfile context. .sp .B SELINUX_RESTORECON_RECURSE change file and directory labels recursively (descend directories) -and if successful write an SHA1 digest of the specfile entries to an +and if successful write an SHA256 digest of the specfile entries to an extended attribute as described in the .B NOTES section. @@ -158,7 +158,7 @@ to treat conflicting specifications, such as where two hardlinks for the same inode have different contexts, as errors. .RE .sp -The behavior regarding the checking and updating of the SHA1 digest described +The behavior regarding the checking and updating of the SHA256 digest described above is the default behavior. It is possible to change this by first calling .BR selabel_open (3) and not enabling the @@ -200,7 +200,7 @@ To improve performance when relabeling file systems recursively (e.g. the .B SELINUX_RESTORECON_RECURSE flag is set) .BR selinux_restorecon () -will write a calculated SHA1 digest of the specfile entries returned by +will write a calculated SHA256 digest of the specfile entries returned by .BR selabel_get_digests_all_partial_matches (3) to an extended attribute named .IR security.sehash @@ -222,7 +222,7 @@ Should any of the specfile entries have changed, then when .BR selinux_restorecon () is run again with the .B SELINUX_RESTORECON_RECURSE -flag set, new SHA1 digests will be calculated and all files automatically +flag set, new SHA256 digests will be calculated and all files automatically relabeled depending on the settings of the .B SELINUX_RESTORECON_SET_SPECFILE_CTX flag (provided diff --git a/libselinux/man/man3/selinux_restorecon_xattr.3 b/libselinux/man/man3/selinux_restorecon_xattr.3 index c56326814b94..098c840fc59b 100644 --- a/libselinux/man/man3/selinux_restorecon_xattr.3 +++ b/libselinux/man/man3/selinux_restorecon_xattr.3 @@ -119,7 +119,7 @@ By default .BR selinux_restorecon_xattr (3) will use the default set of specfiles described in .BR files_contexts (5) -to calculate the SHA1 digests to be used for comparison. +to calculate the SHA256 digests to be used for comparison. To change this default behavior .BR selabel_open (3) must be called specifying the required diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile index 52c40f018f51..674a5ed3a6f8 100644 --- a/libselinux/src/Makefile +++ b/libselinux/src/Makefile @@ -120,7 +120,7 @@ DISABLE_FLAGS+= -DNO_MEDIA_BACKEND -DNO_DB_BACKEND -DNO_X_BACKEND \ -DBUILD_HOST SRCS= callbacks.c freecon.c label.c label_file.c \ label_backends_android.c regex.c label_support.c \ - matchpathcon.c setrans_client.c sha1.c booleans.c + matchpathcon.c setrans_client.c sha256.c booleans.c else LABEL_BACKEND_ANDROID=y endif diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c index 2e28d0474d73..c1306c9979e7 100644 --- a/libselinux/src/label_file.c +++ b/libselinux/src/label_file.c @@ -1005,7 +1005,7 @@ static struct spec *lookup_common(struct selabel_handle *rec, /* * Returns true if the digest of all partial matched contexts is the same as - * the one saved by setxattr, otherwise returns false. The length of the SHA1 + * the one saved by setxattr, otherwise returns false. The length of the SHA256 * digest will always be returned. The caller must free any returned digests. */ static bool get_digests_all_partial_matches(struct selabel_handle *rec, @@ -1014,39 +1014,39 @@ static bool get_digests_all_partial_matches(struct selabel_handle *rec, uint8_t **xattr_digest, size_t *digest_len) { - uint8_t read_digest[SHA1_HASH_SIZE]; + uint8_t read_digest[SHA256_HASH_SIZE]; ssize_t read_size = getxattr(pathname, RESTORECON_PARTIAL_MATCH_DIGEST, - read_digest, SHA1_HASH_SIZE + read_digest, SHA256_HASH_SIZE #ifdef __APPLE__ , 0, 0 #endif /* __APPLE __ */ ); - uint8_t hash_digest[SHA1_HASH_SIZE]; + uint8_t hash_digest[SHA256_HASH_SIZE]; bool status = selabel_hash_all_partial_matches(rec, pathname, hash_digest); *xattr_digest = NULL; *calculated_digest = NULL; - *digest_len = SHA1_HASH_SIZE; + *digest_len = SHA256_HASH_SIZE; - if (read_size == SHA1_HASH_SIZE) { - *xattr_digest = calloc(1, SHA1_HASH_SIZE + 1); + if (read_size == SHA256_HASH_SIZE) { + *xattr_digest = calloc(1, SHA256_HASH_SIZE + 1); if (!*xattr_digest) goto oom; - memcpy(*xattr_digest, read_digest, SHA1_HASH_SIZE); + memcpy(*xattr_digest, read_digest, SHA256_HASH_SIZE); } if (status) { - *calculated_digest = calloc(1, SHA1_HASH_SIZE + 1); + *calculated_digest = calloc(1, SHA256_HASH_SIZE + 1); if (!*calculated_digest) goto oom; - memcpy(*calculated_digest, hash_digest, SHA1_HASH_SIZE); + memcpy(*calculated_digest, hash_digest, SHA256_HASH_SIZE); } - if (status && read_size == SHA1_HASH_SIZE && - memcmp(read_digest, hash_digest, SHA1_HASH_SIZE) == 0) + if (status && read_size == SHA256_HASH_SIZE && + memcmp(read_digest, hash_digest, SHA256_HASH_SIZE) == 0) return true; return false; @@ -1066,22 +1066,22 @@ static bool hash_all_partial_matches(struct selabel_handle *rec, const char *key return false; } - Sha1Context context; - Sha1Initialise(&context); + Sha256Context context; + Sha256Initialise(&context); size_t i; for (i = 0; i < total_matches; i++) { char* regex_str = matches[i]->regex_str; mode_t mode = matches[i]->mode; char* ctx_raw = matches[i]->lr.ctx_raw; - Sha1Update(&context, regex_str, strlen(regex_str) + 1); - Sha1Update(&context, &mode, sizeof(mode_t)); - Sha1Update(&context, ctx_raw, strlen(ctx_raw) + 1); + Sha256Update(&context, regex_str, strlen(regex_str) + 1); + Sha256Update(&context, &mode, sizeof(mode_t)); + Sha256Update(&context, ctx_raw, strlen(ctx_raw) + 1); } - SHA1_HASH sha1_hash; - Sha1Finalise(&context, &sha1_hash); - memcpy(digest, sha1_hash.bytes, SHA1_HASH_SIZE); + SHA256_HASH sha256_hash; + Sha256Finalise(&context, &sha256_hash); + memcpy(digest, sha256_hash.bytes, SHA256_HASH_SIZE); free(matches); return true; diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h index 782c6aa8cc0c..304e8d96490a 100644 --- a/libselinux/src/label_internal.h +++ b/libselinux/src/label_internal.h @@ -13,7 +13,7 @@ #include #include #include -#include "sha1.h" +#include "sha256.h" #if defined(ANDROID) || defined(__APPLE__) // Android and Mac do not have fgets_unlocked() @@ -47,15 +47,15 @@ int selabel_service_init(struct selabel_handle *rec, */ /* - * Calculate an SHA1 hash of all the files used to build the specs. + * Calculate an SHA256 hash of all the files used to build the specs. * The hash value is held in rec->digest if SELABEL_OPT_DIGEST set. To * calculate the hash the hashbuf will hold a concatenation of all the files * used. This is released once the value has been calculated. */ -#define DIGEST_SPECFILE_SIZE SHA1_HASH_SIZE +#define DIGEST_SPECFILE_SIZE SHA256_HASH_SIZE #define DIGEST_FILES_MAX 8 struct selabel_digest { - unsigned char *digest; /* SHA1 digest of specfiles */ + unsigned char *digest; /* SHA256 digest of specfiles */ unsigned char *hashbuf; /* buffer to hold specfiles */ size_t hashbuf_size; /* buffer size */ size_t specfile_cnt; /* how many specfiles processed */ @@ -110,7 +110,7 @@ struct selabel_handle { */ char *spec_file; - /* ptr to SHA1 hash information if SELABEL_OPT_DIGEST set */ + /* ptr to SHA256 hash information if SELABEL_OPT_DIGEST set */ struct selabel_digest *digest; }; diff --git a/libselinux/src/label_support.c b/libselinux/src/label_support.c index 94ed6e4273cb..f53d73b609ab 100644 --- a/libselinux/src/label_support.c +++ b/libselinux/src/label_support.c @@ -115,15 +115,15 @@ int read_spec_entries(char *line_buf, const char **errbuf, int num_args, ...) /* Once all the specfiles are in the hash_buf, generate the hash. */ void digest_gen_hash(struct selabel_digest *digest) { - Sha1Context context; + Sha256Context context; /* If SELABEL_OPT_DIGEST not set then just return */ if (!digest) return; - Sha1Initialise(&context); - Sha1Update(&context, digest->hashbuf, digest->hashbuf_size); - Sha1Finalise(&context, (SHA1_HASH *)digest->digest); + Sha256Initialise(&context); + Sha256Update(&context, digest->hashbuf, digest->hashbuf_size); + Sha256Finalise(&context, (SHA256_HASH *)digest->digest); free(digest->hashbuf); digest->hashbuf = NULL; return; diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c index 04d956504952..100c77108a27 100644 --- a/libselinux/src/selinux_restorecon.c +++ b/libselinux/src/selinux_restorecon.c @@ -37,7 +37,7 @@ #include "callbacks.h" #include "selinux_internal.h" #include "label_file.h" -#include "sha1.h" +#include "sha256.h" #define STAR_COUNT 1024 @@ -293,7 +293,7 @@ static int exclude_non_seclabel_mounts(void) static int add_xattr_entry(const char *directory, bool delete_nonmatch, bool delete_all) { - char *sha1_buf = NULL; + char *sha256_buf = NULL; size_t i, digest_len = 0; int rc, digest_result; bool match; @@ -316,15 +316,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, } /* Convert entry to a hex encoded string. */ - sha1_buf = malloc(digest_len * 2 + 1); - if (!sha1_buf) { + sha256_buf = malloc(digest_len * 2 + 1); + if (!sha256_buf) { free(xattr_digest); free(calculated_digest); goto oom; } for (i = 0; i < digest_len; i++) - sprintf((&sha1_buf[i * 2]), "%02x", xattr_digest[i]); + sprintf((&sha256_buf[i * 2]), "%02x", xattr_digest[i]); digest_result = match ? MATCH : NOMATCH; @@ -344,7 +344,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, /* Now add entries to link list. */ new_entry = malloc(sizeof(struct dir_xattr)); if (!new_entry) { - free(sha1_buf); + free(sha256_buf); goto oom; } new_entry->next = NULL; @@ -352,15 +352,15 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, new_entry->directory = strdup(directory); if (!new_entry->directory) { free(new_entry); - free(sha1_buf); + free(sha256_buf); goto oom; } - new_entry->digest = strdup(sha1_buf); + new_entry->digest = strdup(sha256_buf); if (!new_entry->digest) { free(new_entry->directory); free(new_entry); - free(sha1_buf); + free(sha256_buf); goto oom; } @@ -374,7 +374,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch, dir_xattr_last = new_entry; } - free(sha1_buf); + free(sha256_buf); return 0; oom: @@ -741,7 +741,7 @@ err: struct dir_hash_node { char *path; - uint8_t digest[SHA1_HASH_SIZE]; + uint8_t digest[SHA256_HASH_SIZE]; struct dir_hash_node *next; }; /* @@ -1091,7 +1091,7 @@ int selinux_restorecon(const char *pathname_orig, if (setxattr(current->path, RESTORECON_PARTIAL_MATCH_DIGEST, current->digest, - SHA1_HASH_SIZE, 0) < 0) { + SHA256_HASH_SIZE, 0) < 0) { selinux_log(SELINUX_ERROR, "setxattr failed: %s: %m\n", current->path); diff --git a/libselinux/src/sha1.h b/libselinux/src/sha1.h deleted file mode 100644 index f83a6e7ed7ba..000000000000 --- a/libselinux/src/sha1.h +++ /dev/null @@ -1,85 +0,0 @@ -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// LibSha1 -// -// Implementation of SHA1 hash function. -// Original author: Steve Reid -// Contributions by: James H. Brown , Saul Kravitz , -// and Ralph Giles -// Modified by WaterJuice retaining Public Domain license. -// -// This is free and unencumbered software released into the public domain - June 2013 waterjuice.org -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - -#ifndef _sha1_h_ -#define _sha1_h_ - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// IMPORTS -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - -#include -#include - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// TYPES -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - -// Sha1Context - This must be initialised using Sha1Initialised. Do not modify the contents of this structure directly. -typedef struct -{ - uint32_t State[5]; - uint32_t Count[2]; - uint8_t Buffer[64]; -} Sha1Context; - -#define SHA1_HASH_SIZE ( 160 / 8 ) - -typedef struct -{ - uint8_t bytes [SHA1_HASH_SIZE]; -} SHA1_HASH; - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// PUBLIC FUNCTIONS -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// Sha1Initialise -// -// Initialises an SHA1 Context. Use this to initialise/reset a context. -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -void - Sha1Initialise - ( - Sha1Context* Context - ); - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// Sha1Update -// -// Adds data to the SHA1 context. This will process the data and update the internal state of the context. Keep on -// calling this function until all the data has been added. Then call Sha1Finalise to calculate the hash. -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -void - Sha1Update - ( - Sha1Context* Context, - const void* Buffer, - uint32_t BufferSize - ); - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -// Sha1Finalise -// -// Performs the final calculation of the hash and returns the digest (20 byte buffer containing 160bit hash). After -// calling this, Sha1Initialised must be used to reuse the context. -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -void - Sha1Finalise - ( - Sha1Context* Context, - SHA1_HASH* Digest - ); - -/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -#endif //_sha1_h_ diff --git a/libselinux/src/sha256.c b/libselinux/src/sha256.c new file mode 100644 index 000000000000..fe2aeef07f53 --- /dev/null +++ b/libselinux/src/sha256.c @@ -0,0 +1,294 @@ +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// WjCryptLib_Sha256 +// +// Implementation of SHA256 hash function. +// Original author: Tom St Denis, tomstdenis@gmail.com, http://libtom.org +// Modified by WaterJuice retaining Public Domain license. +// +// This is free and unencumbered software released into the public domain - June 2013 waterjuice.org +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// IMPORTS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#include "sha256.h" +#include + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// MACROS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#define ror(value, bits) (((value) >> (bits)) | ((value) << (32 - (bits)))) + +#define MIN(x, y) ( ((x)<(y))?(x):(y) ) + +#define STORE32H(x, y) \ + { (y)[0] = (uint8_t)(((x)>>24)&255); (y)[1] = (uint8_t)(((x)>>16)&255); \ + (y)[2] = (uint8_t)(((x)>>8)&255); (y)[3] = (uint8_t)((x)&255); } + +#define LOAD32H(x, y) \ + { x = ((uint32_t)((y)[0] & 255)<<24) | \ + ((uint32_t)((y)[1] & 255)<<16) | \ + ((uint32_t)((y)[2] & 255)<<8) | \ + ((uint32_t)((y)[3] & 255)); } + +#define STORE64H(x, y) \ + { (y)[0] = (uint8_t)(((x)>>56)&255); (y)[1] = (uint8_t)(((x)>>48)&255); \ + (y)[2] = (uint8_t)(((x)>>40)&255); (y)[3] = (uint8_t)(((x)>>32)&255); \ + (y)[4] = (uint8_t)(((x)>>24)&255); (y)[5] = (uint8_t)(((x)>>16)&255); \ + (y)[6] = (uint8_t)(((x)>>8)&255); (y)[7] = (uint8_t)((x)&255); } + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// CONSTANTS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +// The K array +static const uint32_t K[64] = { + 0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL, + 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL, + 0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, + 0xc19bf174UL, 0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL, + 0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL, 0x983e5152UL, + 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL, 0xc6e00bf3UL, 0xd5a79147UL, + 0x06ca6351UL, 0x14292967UL, 0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, + 0x53380d13UL, 0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL, + 0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL, 0xd192e819UL, + 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL, 0x19a4c116UL, 0x1e376c08UL, + 0x2748774cUL, 0x34b0bcb5UL, 0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, + 0x682e6ff3UL, 0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL, + 0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL +}; + +#define BLOCK_SIZE 64 + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// INTERNAL FUNCTIONS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +// Various logical functions +#define Ch( x, y, z ) (z ^ (x & (y ^ z))) +#define Maj( x, y, z ) (((x | y) & z) | (x & y)) +#define S( x, n ) ror((x),(n)) +#define R( x, n ) (((x)&0xFFFFFFFFUL)>>(n)) +#define Sigma0( x ) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) +#define Sigma1( x ) (S(x, 6) ^ S(x, 11) ^ S(x, 25)) +#define Gamma0( x ) (S(x, 7) ^ S(x, 18) ^ R(x, 3)) +#define Gamma1( x ) (S(x, 17) ^ S(x, 19) ^ R(x, 10)) + +#define Sha256Round( a, b, c, d, e, f, g, h, i ) \ + t0 = h + Sigma1(e) + Ch(e, f, g) + K[i] + W[i]; \ + t1 = Sigma0(a) + Maj(a, b, c); \ + d += t0; \ + h = t0 + t1; + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// TransformFunction +// +// Compress 512-bits +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +static +void + TransformFunction + ( + Sha256Context* Context, + uint8_t const* Buffer + ) +{ + uint32_t S[8]; + uint32_t W[64]; + uint32_t t0; + uint32_t t1; + uint32_t t; + int i; + + // Copy state into S + for( i=0; i<8; i++ ) + { + S[i] = Context->state[i]; + } + + // Copy the state into 512-bits into W[0..15] + for( i=0; i<16; i++ ) + { + LOAD32H( W[i], Buffer + (4*i) ); + } + + // Fill W[16..63] + for( i=16; i<64; i++ ) + { + W[i] = Gamma1( W[i-2]) + W[i-7] + Gamma0( W[i-15] ) + W[i-16]; + } + + // Compress + for( i=0; i<64; i++ ) + { + Sha256Round( S[0], S[1], S[2], S[3], S[4], S[5], S[6], S[7], i ); + t = S[7]; + S[7] = S[6]; + S[6] = S[5]; + S[5] = S[4]; + S[4] = S[3]; + S[3] = S[2]; + S[2] = S[1]; + S[1] = S[0]; + S[0] = t; + } + + // Feedback + for( i=0; i<8; i++ ) + { + Context->state[i] = Context->state[i] + S[i]; + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// PUBLIC FUNCTIONS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Initialise +// +// Initialises a SHA256 Context. Use this to initialise/reset a context. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Initialise + ( + Sha256Context* Context // [out] + ) +{ + Context->curlen = 0; + Context->length = 0; + Context->state[0] = 0x6A09E667UL; + Context->state[1] = 0xBB67AE85UL; + Context->state[2] = 0x3C6EF372UL; + Context->state[3] = 0xA54FF53AUL; + Context->state[4] = 0x510E527FUL; + Context->state[5] = 0x9B05688CUL; + Context->state[6] = 0x1F83D9ABUL; + Context->state[7] = 0x5BE0CD19UL; +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Update +// +// Adds data to the SHA256 context. This will process the data and update the internal state of the context. Keep on +// calling this function until all the data has been added. Then call Sha256Finalise to calculate the hash. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Update + ( + Sha256Context* Context, // [in out] + void const* Buffer, // [in] + uint32_t BufferSize // [in] + ) +{ + uint32_t n; + + if( Context->curlen > sizeof(Context->buf) ) + { + return; + } + + while( BufferSize > 0 ) + { + if( Context->curlen == 0 && BufferSize >= BLOCK_SIZE ) + { + TransformFunction( Context, (uint8_t*)Buffer ); + Context->length += BLOCK_SIZE * 8; + Buffer = (uint8_t*)Buffer + BLOCK_SIZE; + BufferSize -= BLOCK_SIZE; + } + else + { + n = MIN( BufferSize, (BLOCK_SIZE - Context->curlen) ); + memcpy( Context->buf + Context->curlen, Buffer, (size_t)n ); + Context->curlen += n; + Buffer = (uint8_t*)Buffer + n; + BufferSize -= n; + if( Context->curlen == BLOCK_SIZE ) + { + TransformFunction( Context, Context->buf ); + Context->length += 8*BLOCK_SIZE; + Context->curlen = 0; + } + } + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Finalise +// +// Performs the final calculation of the hash and returns the digest (32 byte buffer containing 256bit hash). After +// calling this, Sha256Initialised must be used to reuse the context. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Finalise + ( + Sha256Context* Context, // [in out] + SHA256_HASH* Digest // [out] + ) +{ + int i; + + if( Context->curlen >= sizeof(Context->buf) ) + { + return; + } + + // Increase the length of the message + Context->length += Context->curlen * 8; + + // Append the '1' bit + Context->buf[Context->curlen++] = (uint8_t)0x80; + + // if the length is currently above 56 bytes we append zeros + // then compress. Then we can fall back to padding zeros and length + // encoding like normal. + if( Context->curlen > 56 ) + { + while( Context->curlen < 64 ) + { + Context->buf[Context->curlen++] = (uint8_t)0; + } + TransformFunction(Context, Context->buf); + Context->curlen = 0; + } + + // Pad up to 56 bytes of zeroes + while( Context->curlen < 56 ) + { + Context->buf[Context->curlen++] = (uint8_t)0; + } + + // Store length + STORE64H( Context->length, Context->buf+56 ); + TransformFunction( Context, Context->buf ); + + // Copy output + for( i=0; i<8; i++ ) + { + STORE32H( Context->state[i], Digest->bytes+(4*i) ); + } +} + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Calculate +// +// Combines Sha256Initialise, Sha256Update, and Sha256Finalise into one function. Calculates the SHA256 hash of the +// buffer. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Calculate + ( + void const* Buffer, // [in] + uint32_t BufferSize, // [in] + SHA256_HASH* Digest // [in] + ) +{ + Sha256Context context; + + Sha256Initialise( &context ); + Sha256Update( &context, Buffer, BufferSize ); + Sha256Finalise( &context, Digest ); +} diff --git a/libselinux/src/sha256.h b/libselinux/src/sha256.h new file mode 100644 index 000000000000..406ed869cd82 --- /dev/null +++ b/libselinux/src/sha256.h @@ -0,0 +1,89 @@ +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// WjCryptLib_Sha256 +// +// Implementation of SHA256 hash function. +// Original author: Tom St Denis, tomstdenis@gmail.com, http://libtom.org +// Modified by WaterJuice retaining Public Domain license. +// +// This is free and unencumbered software released into the public domain - June 2013 waterjuice.org +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#pragma once + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// IMPORTS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +#include +#include + +typedef struct +{ + uint64_t length; + uint32_t state[8]; + uint32_t curlen; + uint8_t buf[64]; +} Sha256Context; + +#define SHA256_HASH_SIZE ( 256 / 8 ) + +typedef struct +{ + uint8_t bytes [SHA256_HASH_SIZE]; +} SHA256_HASH; + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// PUBLIC FUNCTIONS +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Initialise +// +// Initialises a SHA256 Context. Use this to initialise/reset a context. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Initialise + ( + Sha256Context* Context // [out] + ); + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Update +// +// Adds data to the SHA256 context. This will process the data and update the internal state of the context. Keep on +// calling this function until all the data has been added. Then call Sha256Finalise to calculate the hash. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Update + ( + Sha256Context* Context, // [in out] + void const* Buffer, // [in] + uint32_t BufferSize // [in] + ); + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Finalise +// +// Performs the final calculation of the hash and returns the digest (32 byte buffer containing 256bit hash). After +// calling this, Sha256Initialised must be used to reuse the context. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Finalise + ( + Sha256Context* Context, // [in out] + SHA256_HASH* Digest // [out] + ); + +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +// Sha256Calculate +// +// Combines Sha256Initialise, Sha256Update, and Sha256Finalise into one function. Calculates the SHA256 hash of the +// buffer. +//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +void + Sha256Calculate + ( + void const* Buffer, // [in] + uint32_t BufferSize, // [in] + SHA256_HASH* Digest // [in] + ); diff --git a/libselinux/utils/selabel_digest.c b/libselinux/utils/selabel_digest.c index 49408a0ba8d8..67befadd23c5 100644 --- a/libselinux/utils/selabel_digest.c +++ b/libselinux/utils/selabel_digest.c @@ -15,8 +15,8 @@ static __attribute__ ((__noreturn__)) void usage(const char *progname) "Where:\n\t" "-b The backend - \"file\", \"media\", \"x\", \"db\" or " "\"prop\"\n\t" - "-v Run \"cat | openssl dgst -sha1 -hex\"\n\t" - " on the list of specfiles to compare the SHA1 digests.\n\t" + "-v Run \"cat | openssl dgst -sha256 -hex\"\n\t" + " on the list of specfiles to compare the SHA256 digests.\n\t" "-B Use base specfiles only (valid for \"-b file\" only).\n\t" "-i Do not request a digest.\n\t" "-f Optional file containing the specs (defaults to\n\t" @@ -62,12 +62,12 @@ int main(int argc, char **argv) int backend = 0, rc, opt, validate = 0; char *baseonly = NULL, *file = NULL, *digest = (char *)1; char **specfiles = NULL; - unsigned char *sha1_digest = NULL; + unsigned char *sha256_digest = NULL; size_t i, num_specfiles; char cmd_buf[4096]; char *cmd_ptr; - char *sha1_buf; + char *sha256_buf; struct selabel_handle *hnd; struct selinux_opt selabel_option[] = { @@ -137,7 +137,7 @@ int main(int argc, char **argv) return -1; } - rc = selabel_digest(hnd, &sha1_digest, &digest_len, &specfiles, + rc = selabel_digest(hnd, &sha256_digest, &digest_len, &specfiles, &num_specfiles); if (rc) { @@ -152,19 +152,19 @@ int main(int argc, char **argv) goto err; } - sha1_buf = malloc(digest_len * 2 + 1); - if (!sha1_buf) { + sha256_buf = malloc(digest_len * 2 + 1); + if (!sha256_buf) { fprintf(stderr, "Could not malloc buffer ERROR: %s\n", strerror(errno)); rc = -1; goto err; } - printf("SHA1 digest: "); + printf("SHA256 digest: "); for (i = 0; i < digest_len; i++) - sprintf(&(sha1_buf[i * 2]), "%02x", sha1_digest[i]); + sprintf(&(sha256_buf[i * 2]), "%02x", sha256_digest[i]); - printf("%s\n", sha1_buf); + printf("%s\n", sha256_buf); printf("calculated using the following specfile(s):\n"); if (specfiles) { @@ -177,13 +177,13 @@ int main(int argc, char **argv) cmd_ptr += strlen(specfiles[i]) + 1; printf("%s\n", specfiles[i]); } - sprintf(cmd_ptr, "| /usr/bin/openssl dgst -sha1 -hex"); + sprintf(cmd_ptr, "| /usr/bin/openssl dgst -sha256 -hex"); if (validate) - rc = run_check_digest(cmd_buf, sha1_buf); + rc = run_check_digest(cmd_buf, sha256_buf); } - free(sha1_buf); + free(sha256_buf); err: selabel_close(hnd); return rc; diff --git a/libselinux/utils/selabel_get_digests_all_partial_matches.c b/libselinux/utils/selabel_get_digests_all_partial_matches.c index e28833d2ce97..900f018c0091 100644 --- a/libselinux/utils/selabel_get_digests_all_partial_matches.c +++ b/libselinux/utils/selabel_get_digests_all_partial_matches.c @@ -18,8 +18,8 @@ static __attribute__ ((__noreturn__)) void usage(const char *progname) "-v Validate file_contxts entries against loaded policy.\n\t" "-r Recursively descend directories.\n\t" "-f Optional file_contexts file (defaults to current policy).\n\t" - "path Path to check current SHA1 digest against file_contexts entries.\n\n" - "This will check the directory selinux.sehash SHA1 digest for " + "path Path to check current SHA256 digest against file_contexts entries.\n\n" + "This will check the directory selinux.sehash SHA256 digest for " " against\na newly generated digest based on the " "file_context entries for that node\n(using the regx, mode " "and path entries).\n", progname); @@ -37,7 +37,7 @@ int main(int argc, char **argv) char *paths[2] = { NULL, NULL }; uint8_t *xattr_digest = NULL; uint8_t *calculated_digest = NULL; - char *sha1_buf = NULL; + char *sha256_buf = NULL; struct selabel_handle *hnd; struct selinux_opt selabel_option[] = { @@ -105,27 +105,27 @@ int main(int argc, char **argv) &xattr_digest, &digest_len); - sha1_buf = calloc(1, digest_len * 2 + 1); - if (!sha1_buf) { + sha256_buf = calloc(1, digest_len * 2 + 1); + if (!sha256_buf) { fprintf(stderr, "Could not calloc buffer ERROR: %s\n", strerror(errno)); return -1; } if (status) { /* They match */ - printf("xattr and file_contexts SHA1 digests match for: %s\n", + printf("xattr and file_contexts SHA256 digests match for: %s\n", ftsent->fts_path); if (calculated_digest) { for (i = 0; i < digest_len; i++) - sprintf((&sha1_buf[i * 2]), + sprintf((&sha256_buf[i * 2]), "%02x", calculated_digest[i]); - printf("SHA1 digest: %s\n", sha1_buf); + printf("SHA256 digest: %s\n", sha256_buf); } } else { if (!calculated_digest) { - printf("No SHA1 digest available for: %s\n", + printf("No SHA256 digest available for: %s\n", ftsent->fts_path); printf("as file_context entry is \"<>\"\n"); goto cleanup; @@ -135,25 +135,25 @@ int main(int argc, char **argv) ftsent->fts_path); for (i = 0; i < digest_len; i++) - sprintf((&sha1_buf[i * 2]), "%02x", + sprintf((&sha256_buf[i * 2]), "%02x", calculated_digest[i]); - printf("generated SHA1 digest: %s\n", sha1_buf); + printf("generated SHA256 digest: %s\n", sha256_buf); if (!xattr_digest) { printf("however there is no selinux.sehash xattr entry.\n"); } else { printf("however it does NOT match the current entry of:\n"); for (i = 0; i < digest_len; i++) - sprintf((&sha1_buf[i * 2]), + sprintf((&sha256_buf[i * 2]), "%02x", xattr_digest[i]); - printf("%s\n", sha1_buf); + printf("%s\n", sha256_buf); } } cleanup: free(xattr_digest); free(calculated_digest); - free(sha1_buf); + free(sha256_buf); break; } default: -- 2.32.0