cryptolib: rename SHA* function to avoid openssl collision
When linking tools that need OpenSSL functions on the target, the
resolution of SHA* functions was being redirected to the firmware
cryptolib instead of the OpenSSL implementations, which was causing
OpenSSL calls to crash. This renames the internal implementations
to avoid the collision.
BUG=None
TEST=make runtests passes, mount-encrypted runs on target again.
Change-Id: Ica4fb04faf203ae3b4118c540f18d40239753810
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/23305
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
diff --git a/firmware/lib/cryptolib/include/sha.h b/firmware/lib/cryptolib/include/sha.h
index a816471..3ff2b5b 100644
--- a/firmware/lib/cryptolib/include/sha.h
+++ b/firmware/lib/cryptolib/include/sha.h
@@ -69,19 +69,19 @@
* and stores it into [digest]. [digest] should be pre-allocated to
* SHA1_DIGEST_SIZE bytes.
*/
-uint8_t* SHA1(const uint8_t* data, uint64_t len, uint8_t* digest);
+uint8_t* internal_SHA1(const uint8_t* data, uint64_t len, uint8_t* digest);
/* Convenience function for SHA-256. Computes hash on [data] of length [len].
* and stores it into [digest]. [digest] should be pre-allocated to
* SHA256_DIGEST_SIZE bytes.
*/
-uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest);
+uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest);
/* Convenience function for SHA-512. Computes hash on [data] of length [len].
* and stores it into [digest]. [digest] should be pre-allocated to
* SHA512_DIGEST_SIZE bytes.
*/
-uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
+uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest);
/*---- Utility functions/wrappers for message digests. */
diff --git a/firmware/lib/cryptolib/sha1.c b/firmware/lib/cryptolib/sha1.c
index 897742c..fa7e665 100644
--- a/firmware/lib/cryptolib/sha1.c
+++ b/firmware/lib/cryptolib/sha1.c
@@ -273,7 +273,7 @@
ctx->count = 0;
}
-uint8_t* SHA1(const uint8_t *data, uint64_t len, uint8_t *digest) {
+uint8_t* internal_SHA1(const uint8_t *data, uint64_t len, uint8_t *digest) {
const uint8_t *p;
int i;
SHA1_CTX ctx;
diff --git a/firmware/lib/cryptolib/sha256.c b/firmware/lib/cryptolib/sha256.c
index fdd570f..9b01380 100644
--- a/firmware/lib/cryptolib/sha256.c
+++ b/firmware/lib/cryptolib/sha256.c
@@ -310,7 +310,7 @@
return ctx->buf;
}
-uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) {
+uint8_t* internal_SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) {
const uint8_t* input_ptr;
const uint8_t* result;
uint64_t remaining_len;
diff --git a/firmware/lib/cryptolib/sha512.c b/firmware/lib/cryptolib/sha512.c
index 851cca8..25dcd38 100644
--- a/firmware/lib/cryptolib/sha512.c
+++ b/firmware/lib/cryptolib/sha512.c
@@ -336,7 +336,7 @@
}
-uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) {
+uint8_t* internal_SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) {
const uint8_t* input_ptr;
const uint8_t* result;
uint64_t remaining_len;
diff --git a/firmware/lib/cryptolib/sha_utility.c b/firmware/lib/cryptolib/sha_utility.c
index c676040..bd7e140 100644
--- a/firmware/lib/cryptolib/sha_utility.c
+++ b/firmware/lib/cryptolib/sha_utility.c
@@ -91,24 +91,24 @@
0,
0,
0, /* RSA 4096 */
- SHA256,
+ internal_SHA256,
0,
0, /* RSA 8192 */
0,
0,
#else
- SHA1, /* RSA 1024 */
- SHA256,
- SHA512,
- SHA1, /* RSA 2048 */
- SHA256,
- SHA512,
- SHA1, /* RSA 4096 */
- SHA256,
- SHA512,
- SHA1, /* RSA 8192 */
- SHA256,
- SHA512,
+ internal_SHA1, /* RSA 1024 */
+ internal_SHA256,
+ internal_SHA512,
+ internal_SHA1, /* RSA 2048 */
+ internal_SHA256,
+ internal_SHA512,
+ internal_SHA1, /* RSA 4096 */
+ internal_SHA256,
+ internal_SHA512,
+ internal_SHA1, /* RSA 8192 */
+ internal_SHA256,
+ internal_SHA512,
#endif
};
/* Call the appropriate hash function. */
diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c
index 9f4da36..a5bfc53 100644
--- a/tests/sha_benchmark.c
+++ b/tests/sha_benchmark.c
@@ -21,9 +21,9 @@
} HashFxTable;
HashFxTable hash_functions[NUM_HASH_ALGORITHMS] = {
- {SHA1, "sha1"},
- {SHA256, "sha256"},
- {SHA512, "sha512"}
+ {internal_SHA1, "sha1"},
+ {internal_SHA256, "sha256"},
+ {internal_SHA512, "sha512"}
};
int main(int argc, char* argv[]) {
diff --git a/tests/sha_tests.c b/tests/sha_tests.c
index 65cbb46..6cc7e0f 100644
--- a/tests/sha_tests.c
+++ b/tests/sha_tests.c
@@ -21,7 +21,7 @@
test_inputs[2] = (uint8_t *) long_msg;
for (i = 0; i < 3; i++) {
- SHA1(test_inputs[i], strlen((char *)test_inputs[i]),
+ internal_SHA1(test_inputs[i], strlen((char *)test_inputs[i]),
sha1_digest);
if (!memcmp(sha1_digest, sha1_results[i], SHA1_DIGEST_SIZE)) {
fprintf(stderr, "Test vector %d PASSED for SHA-1\n", i+1);
@@ -43,7 +43,7 @@
test_inputs[2] = (uint8_t *) long_msg;
for (i = 0; i < 3; i++) {
- SHA256(test_inputs[i], strlen((char *)test_inputs[i]),
+ internal_SHA256(test_inputs[i], strlen((char *)test_inputs[i]),
sha256_digest);
if (!memcmp(sha256_digest, sha256_results[i], SHA256_DIGEST_SIZE)) {
fprintf(stderr, "Test vector %d PASSED for SHA-256\n", i+1);
@@ -65,7 +65,7 @@
test_inputs[2] = (uint8_t *) long_msg;
for (i = 0; i < 3; i++) {
- SHA512(test_inputs[i], strlen((char *)test_inputs[i]),
+ internal_SHA512(test_inputs[i], strlen((char *)test_inputs[i]),
sha512_digest);
if (!memcmp(sha512_digest, sha512_results[i], SHA512_DIGEST_SIZE)) {
fprintf(stderr, "Test vector %d PASSED for SHA-512\n", i+1);
