Re: [PATCHv2] commands/digest: add verify support
On Tue, Apr 23, 2013 at 11:24:45AM +0200, Hubert Feurstein wrote: > Signed-off-by: Hubert Feurstein > --- > Changes: > v2: > - updated according to comments from Sascha > - add support for verify against hash-file > > commands/digest.c | 141 > ++ > 1 file changed, 131 insertions(+), 10 deletions(-) > > diff --git a/commands/digest.c b/commands/digest.c > index c9bb132..a4611d7 100644 > --- a/commands/digest.c > +++ b/commands/digest.c > @@ -25,24 +25,122 @@ > #include > #include > #include > +#include > +#include > + > +static inline unsigned char parse_hexchar(char c) > +{ > + if (!isxdigit(c)) > + return 0; > + > + return isdigit(c) ? (c - '0') : ((islower(c) ? toupper(c) : c) - 'A' + > 0xA); > +} > + > +static inline unsigned char parse_hexbyte(const char *p) > +{ > + return (parse_hexchar(*p) << 4) | parse_hexchar(*(p + 1)); > +} > + > +static unsigned char *parse_hash(int hash_len, const char *hexstr) > +{ > + int i; > + unsigned char *p; > + > + p = calloc(hash_len, sizeof(unsigned char)); > + if (!p) { > + perror("calloc"); > + return NULL; > + } > + > + for (i = 0; i < hash_len; i++) > + p[i] = parse_hexbyte(&hexstr[i * 2]); > + > + return p; > +} > > static int do_digest(char *algorithm, int argc, char *argv[]) > { > struct digest *d; > int ret = 0; > int i; > - unsigned char *hash; > + unsigned char *hash = NULL; > + int opt; > + unsigned char *verify_hash = NULL; > + int verify = 0; > + int min_argc = 2; > + void *buf; > + ssize_t bufsz; > > d = digest_get_by_name(algorithm); > BUG_ON(!d); > > - if (argc < 2) > - return COMMAND_ERROR_USAGE; > + while ((opt = getopt(argc, argv, "v:V:")) > 0) { > + switch (opt) { > + case 'v': > + if (verify) { > + ret = COMMAND_ERROR_USAGE; > + goto out; > + } > + > + verify = 1; > + min_argc += 2; > + > + if (d->length != (strlen(optarg) / 2)) { > + printf("invalid hash length (%d chars > required)\n", > + d->length * 2); > + ret = COMMAND_ERROR_USAGE; > + goto out; > + } > + > + verify_hash = parse_hash(d->length, optarg); > + if (!verify_hash) { > + ret = -ENOMEM; > + goto out; > + } > + > + break; > + case 'V': > + if (verify) { > + ret = COMMAND_ERROR_USAGE; > + goto out; > + } > + > + verify = 1; > + min_argc += 2; > + > + buf = read_file(optarg, &bufsz); > + if (!buf) { > + ret = -ENOMEM; > + goto out; > + } > + > + if (bufsz < d->length) { > + free(buf); > + ret = COMMAND_ERROR_USAGE; > + goto out; > + } > + > + verify_hash = parse_hash(d->length, buf); > + free(buf); > + break; > + default: > + ret = COMMAND_ERROR_USAGE; > + goto out; > + } > + } Please use something around the following lines to avoid some code duplication. case 'v': verify++; free(hash); hash = xstrdup(optarg); break; case 'V': verify++; free(hash); hash = read_file(optarg, &bufsiz); break; default: ret = COMMAND_ERROR_USAGE; goto out; } if (verify > 1) return COMMAND_ERROR_USAGE; if (verify) { min_argc += 2; verify_hash = parse_hash(d, buf); if (!verify_hash) return -ESOMETHING; } Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCHv2] commands/digest: add verify support
Signed-off-by: Hubert Feurstein --- Changes: v2: - updated according to comments from Sascha - add support for verify against hash-file commands/digest.c | 141 ++ 1 file changed, 131 insertions(+), 10 deletions(-) diff --git a/commands/digest.c b/commands/digest.c index c9bb132..a4611d7 100644 --- a/commands/digest.c +++ b/commands/digest.c @@ -25,24 +25,122 @@ #include #include #include +#include +#include + +static inline unsigned char parse_hexchar(char c) +{ + if (!isxdigit(c)) + return 0; + + return isdigit(c) ? (c - '0') : ((islower(c) ? toupper(c) : c) - 'A' + 0xA); +} + +static inline unsigned char parse_hexbyte(const char *p) +{ + return (parse_hexchar(*p) << 4) | parse_hexchar(*(p + 1)); +} + +static unsigned char *parse_hash(int hash_len, const char *hexstr) +{ + int i; + unsigned char *p; + + p = calloc(hash_len, sizeof(unsigned char)); + if (!p) { + perror("calloc"); + return NULL; + } + + for (i = 0; i < hash_len; i++) + p[i] = parse_hexbyte(&hexstr[i * 2]); + + return p; +} static int do_digest(char *algorithm, int argc, char *argv[]) { struct digest *d; int ret = 0; int i; - unsigned char *hash; + unsigned char *hash = NULL; + int opt; + unsigned char *verify_hash = NULL; + int verify = 0; + int min_argc = 2; + void *buf; + ssize_t bufsz; d = digest_get_by_name(algorithm); BUG_ON(!d); - if (argc < 2) - return COMMAND_ERROR_USAGE; + while ((opt = getopt(argc, argv, "v:V:")) > 0) { + switch (opt) { + case 'v': + if (verify) { + ret = COMMAND_ERROR_USAGE; + goto out; + } + + verify = 1; + min_argc += 2; + + if (d->length != (strlen(optarg) / 2)) { + printf("invalid hash length (%d chars required)\n", + d->length * 2); + ret = COMMAND_ERROR_USAGE; + goto out; + } + + verify_hash = parse_hash(d->length, optarg); + if (!verify_hash) { + ret = -ENOMEM; + goto out; + } + + break; + case 'V': + if (verify) { + ret = COMMAND_ERROR_USAGE; + goto out; + } + + verify = 1; + min_argc += 2; + + buf = read_file(optarg, &bufsz); + if (!buf) { + ret = -ENOMEM; + goto out; + } + + if (bufsz < d->length) { + free(buf); + ret = COMMAND_ERROR_USAGE; + goto out; + } + + verify_hash = parse_hash(d->length, buf); + free(buf); + break; + default: + ret = COMMAND_ERROR_USAGE; + goto out; + } + } + + if (argc < min_argc) { + ret = COMMAND_ERROR_USAGE; + goto out; + } + + argv += min_argc - 2; hash = calloc(d->length, sizeof(unsigned char)); if (!hash) { perror("calloc"); - return COMMAND_ERROR_USAGE; + ret = -ENOMEM; + goto out; } argv++; @@ -60,17 +158,32 @@ static int do_digest(char *algorithm, int argc, char *argv[]) if (digest_file_window(d, filename, hash, start, size) < 0) { ret = 1; } else { - for (i = 0; i < d->length; i++) + for (i = 0; i < d->length; i++) { printf("%02x", hash[i]); + if (verify > 0 && hash[i] != verify_hash[i]) + verify = -1; + } - printf(" %s\t0x%08llx ... 0x%08llx\n", + printf(" %s\t0x%08llx ... 0x%08llx", filename, start, start + size); + + if (verify < 0) { + printf(" ** ERROR **"); + ret = 1; + } + + printf("\n"); + + if (verify) +