vfs/cbe_trust_anchor: use hash of passphrase

Instead of using the user passphrase directly, use its SHA256 hash calculated using libcrypto. The passphrase hash is still stored in the key file to be used as base for the very primitive way of generating the private key. Ref #4032
2024-12-21 06:33:31 +00:00 · 2021-04-09 11:38:50 +02:00 · 2021-04-09 11:38:50 +02:00 · 75a55b62a3
commit 75a55b62a3
parent 989b7f39e1
2 changed files with 20 additions and 20 deletions
--- a/repos/gems/lib/mk/spec/x86_64/vfs_cbe_trust_anchor.mk
+++ b/repos/gems/lib/mk/spec/x86_64/vfs_cbe_trust_anchor.mk
@ -1,5 +1,11 @@
+OPENSSL_DIR = $(call select_from_ports,openssl)
+
 SRC_CC = vfs.cc

+INC_DIR += $(OPENSSL_DIR)/include
+
+LIBS += libcrypto
+
 vpath % $(REP_DIR)/src/lib/vfs/cbe_trust_anchor

 SHARED_LIB := yes
--- a/repos/gems/src/lib/vfs/cbe_trust_anchor/vfs.cc
+++ b/repos/gems/src/lib/vfs/cbe_trust_anchor/vfs.cc
@ -18,6 +18,9 @@
 #include <util/arg_string.h>
 #include <util/xml_generator.h>

+/* OpenSSL includes */
+#include <openssl/sha.h>
+
 /* CBE includes */
 #include <cbe/vfs/io_job.h>

@ -216,10 +219,10 @@ class Trust_anchor
 					break;
 				}

-				if (_key_io_job_buffer.size == _passphrase_buffer.size &&
+				if (_key_io_job_buffer.size == _passphrase_hash_buffer.size &&
 					Genode::memcmp(_key_io_job_buffer.base,
-					               _passphrase_buffer.base,
-					               _passphrase_buffer.size) == 0) {
+					               _passphrase_hash_buffer.base,
+					               _passphrase_hash_buffer.size) == 0) {

 					Genode::memset(_private_key.value, 0xa5,
 					               sizeof (_private_key.value));
@ -482,7 +485,7 @@ class Trust_anchor

 		struct Key_io_job_buffer : Util::Io_job::Buffer
 		{
-			char buffer[64] { };
+			char buffer[SHA256_DIGEST_LENGTH] { };

 			Key_io_job_buffer()
 			{
@ -492,7 +495,7 @@ class Trust_anchor
 		};

 		Key_io_job_buffer _key_io_job_buffer { };
-		Key_io_job_buffer _passphrase_buffer { };
+		Key_io_job_buffer _passphrase_hash_buffer { };

 		bool _check_key_file(Path const &path)
 		{
@ -848,15 +851,10 @@ class Trust_anchor
 			if (_state != State::UNINITIALIZED) {
 				return false;
 			}
+			SHA256((unsigned char const *)src, len,
+			       (unsigned char *)_key_io_job_buffer.base);

-			if (len > _key_io_job_buffer.size) {
-				len = _key_io_job_buffer.size;
-			}
-
-			_key_io_job_buffer.size = len;
-
-			Genode::memcpy(_key_io_job_buffer.buffer, src,
-			               _key_io_job_buffer.size);
+			_key_io_job_buffer.size = SHA256_DIGEST_LENGTH;

 			_job       = Job::INIT;
 			_job_state = Job_state::PENDING;
@ -893,14 +891,10 @@ class Trust_anchor
 				return true;
 			}

-			if (len > sizeof(_passphrase_buffer.buffer)) {
-				len = sizeof(_passphrase_buffer.buffer);
-			}
+			SHA256((unsigned char const *)src, len,
+			       (unsigned char *)_passphrase_hash_buffer.base);

-			_passphrase_buffer.size = len;
-
-			Genode::memcpy(_passphrase_buffer.buffer, src,
-			               _passphrase_buffer.size);
+			_passphrase_hash_buffer.size = SHA256_DIGEST_LENGTH;

 			_job       = Job::UNLOCK;
 			_job_state = Job_state::PENDING;