nwztools: cleanup crypto, switch MD5 to Crypto++

We already use Crypto++ for DES anyway, and using OpenSSL is not great because of its incompatible licence. Change-Id: I78771b84c1708795a0c0c30afa5bdfe4885dea4e
author: Amaury Pouly <amaury.pouly@gmail.com> 2017-01-04 16:55:53 +0100
committer: Amaury Pouly <amaury.pouly@gmail.com> 2017-01-04 17:05:15 +0100
commit: dbeb6db1b55a50dedf17e7d78ddb6fe9eebc2a63 (patch)
tree: 29118847ebd2328095bb9f31fe7208c0a4bb6052 /utils
parent: 92ecbd5fb8a7c8e939b1b4dde82cc6c9ba9d41af (diff)
9 files changed, 108 insertions, 53 deletions
diff --git a/utils/nwztools/upgtools/Makefile b/utils/nwztools/upgtools/Makefile
index 1030b1b849..57525c1770 100644
--- a/utils/nwztools/upgtools/Makefile
+++ b/utils/nwztools/upgtools/Makefile
@@ -3,9 +3,9 @@ CC=gcc
 CXX=g++
 LD=g++
 PROFILE=
-CFLAGS=-g $(PROFILE) -std=c99 -W -Wall $(DEFINES) `pkg-config --cflags openssl` `pkg-config --cflags libcrypto++`
-CXXFLAGS=-g $(PROFILE) -W -Wall $(DEFINES) `pkg-config --cflags openssl` `pkg-config --cflags libcrypto++`
-LDFLAGS=$(PROFILE) `pkg-config --libs openssl` `pkg-config --libs libcrypto++` -lcrypt -lpthread
+CFLAGS=-g $(PROFILE) -std=c99 -W -Wall $(DEFINES) `pkg-config --cflags libcrypto++`
+CXXFLAGS=-g $(PROFILE) -W -Wall $(DEFINES) `pkg-config --cflags libcrypto++`
+LDFLAGS=$(PROFILE) `pkg-config --libs libcrypto++` -lpthread
 BINS=upgtool
 
 all: $(BINS)
@@ -16,7 +16,7 @@ all: $(BINS)
 %.o: %.cpp
 	$(CXX) $(CXXFLAGS) -c -o $@ $<
 
-upgtool: upgtool.o upg.o misc.o fwp.o mg.o keysig_search.o
+upgtool: upgtool.o upg.o misc.o fwp.o mg.o keysig_search.o md5.o
 	$(LD) -o $@ $^ $(LDFLAGS)
 
 clean:
diff --git a/utils/nwztools/upgtools/fwp.c b/utils/nwztools/upgtools/fwp.c
index 34c55f6e5a..7d8f8002a8 100644
--- a/utils/nwztools/upgtools/fwp.c
+++ b/utils/nwztools/upgtools/fwp.c
@@ -18,21 +18,20 @@
  * KIND, either express or implied.
  *
  ****************************************************************************/
-#include <stdio.h>
+#include <string.h>
 #include <stdlib.h>
 #include "fwp.h"
 #include "misc.h"
 #include "mg.h"
-#include <string.h>
 
-int fwp_read(void *in, int size, void *out, uint8_t *key)
+void fwp_read(void *in, int size, void *out, uint8_t *key)
 {
-    return mg_decrypt_fw(in, size, out, key);
+    mg_decrypt_fw(in, size, out, key);
 }
 
-int fwp_write(void *in, int size, void *out, uint8_t *key)
+void fwp_write(void *in, int size, void *out, uint8_t *key)
 {
-    return mg_encrypt_fw(in, size, out, key);
+    mg_encrypt_fw(in, size, out, key);
 }
 
 static uint8_t g_key[NWZ_KEY_SIZE];
@@ -42,7 +41,7 @@ void fwp_setkey(char key[NWZ_KEY_SIZE])
     memcpy(g_key, key, NWZ_KEY_SIZE);
 }
 
-int fwp_crypt(void *buf, int size, int mode)
+void fwp_crypt(void *buf, int size, int mode)
 {
     while(size >= NWZ_KEY_SIZE)
     {
@@ -54,6 +53,5 @@ int fwp_crypt(void *buf, int size, int mode)
         size -= NWZ_KEY_SIZE;
     }
     if(size != 0)
-        abort();
-    return 0;
+        abort(); /* size is not a multiple of 8 */
 }
diff --git a/utils/nwztools/upgtools/fwp.h b/utils/nwztools/upgtools/fwp.h
index 0d928fbec1..32fe260090 100644
--- a/utils/nwztools/upgtools/fwp.h
+++ b/utils/nwztools/upgtools/fwp.h
@@ -33,11 +33,13 @@ extern "C" {
 #define NWZ_SIG_SIZE    8
 #define NWZ_EXPKEY_SIZE (NWZ_KEY_SIZE * NWZ_KEY_SIZE)
 #define NWZ_DES_BLOCK   8
+#define NWZ_MD5_SIZE    16
 
-int fwp_read(void *in, int size, void *out, uint8_t *key);
-int fwp_write(void *in, int size, void *out, uint8_t *key);
+/* size must be a multiple of 8 */
+void fwp_read(void *in, int size, void *out, uint8_t *key);
+void fwp_write(void *in, int size, void *out, uint8_t *key);
 void fwp_setkey(char key[8]);
-int fwp_crypt(void *buf, int size, int mode);
+void fwp_crypt(void *buf, int size, int mode);
 
 #ifdef __cplusplus
 }
diff --git a/utils/nwztools/upgtools/md5.cpp b/utils/nwztools/upgtools/md5.cpp
new file mode 100644
index 0000000000..3b0c2358e4
--- /dev/null
+++ b/utils/nwztools/upgtools/md5.cpp
@@ -0,0 +1,31 @@
+/***************************************************************************
+ *             __________               __   ___.
+ *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
+ *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
+ *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
+ *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
+ *                     \/            \/     \/    \/            \/
+ * $Id$
+ *
+ * Copyright (C) 2012 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#include "md5.h"
+/* MD5 is considered insecure by crypto++ */
+#define CRYPTOPP_ENABLE_NAMESPACE_WEAK  1
+#include <crypto++/md5.h>
+
+using namespace CryptoPP::Weak;
+
+void MD5_CalculateDigest(void *digest, const void *input, size_t length)
+{
+    MD5().CalculateDigest((byte *)digest, (const byte *)input, length);
+}
diff --git a/utils/nwztools/upgtools/md5.h b/utils/nwztools/upgtools/md5.h
new file mode 100644
index 0000000000..1e4b57ab0e
--- /dev/null
+++ b/utils/nwztools/upgtools/md5.h
@@ -0,0 +1,37 @@
+/***************************************************************************
+ *             __________               __   ___.
+ *   Open      \______   \ ____   ____ |  | _\_ |__   _______  ___
+ *   Source     |       _//  _ \_/ ___\|  |/ /| __ \ /  _ \  \/  /
+ *   Jukebox    |    |   (  <_> )  \___|    < | \_\ (  <_> > <  <
+ *   Firmware   |____|_  /\____/ \___  >__|_ \|___  /\____/__/\_ \
+ *                     \/            \/     \/    \/            \/
+ * $Id$
+ *
+ * Copyright (C) 2016 Amaury Pouly
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ****************************************************************************/
+#ifndef __md5_h__
+#define __md5_h__
+
+#include <stddef.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Compute the MD5 digest of a buffer */
+void MD5_CalculateDigest(void *digest, const void *input, size_t length);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __md5_h__ */
diff --git a/utils/nwztools/upgtools/mg.cpp b/utils/nwztools/upgtools/mg.cpp
index f02b67375a..79039702db 100644
--- a/utils/nwztools/upgtools/mg.cpp
+++ b/utils/nwztools/upgtools/mg.cpp
@@ -28,43 +28,41 @@
 using namespace CryptoPP;
 namespace
 {
-    inline int dec_des_ecb(void *in, int size, void *out, uint8_t *key)
+    inline void dec_des_ecb(void *in, int size, void *out, uint8_t *key)
     {
         ECB_Mode< DES >::Decryption dec;
         if(size % 8)
-            return 42;
+            abort(); /* size must be a multiple of 8 */
         dec.SetKey(key, 8);
         dec.ProcessData((byte*)out, (byte*)in, size);
-        return 0;
     }
 
-    inline int enc_des_ecb(void *in, int size, void *out, uint8_t *key)
+    inline void enc_des_ecb(void *in, int size, void *out, uint8_t *key)
     {
         ECB_Mode< DES >::Encryption enc;
         if(size % 8)
-            return 42;
+            abort(); /* size must be a multiple of 8 */
         enc.SetKey(key, 8);
         enc.ProcessData((byte*)out, (byte*)in, size);
-        return 0;
     }
 }
 
-int mg_decrypt_fw(void *in, int size, void *out, uint8_t *key)
+void mg_decrypt_fw(void *in, int size, void *out, uint8_t *key)
 {
-    return dec_des_ecb(in, size, out, key);
+    dec_des_ecb(in, size, out, key);
 }
 
-int mg_encrypt_fw(void *in, int size, void *out, uint8_t *key)
+void mg_encrypt_fw(void *in, int size, void *out, uint8_t *key)
 {
-    return enc_des_ecb(in, size, out, key);
+    enc_des_ecb(in, size, out, key);
 }
 
-int mg_decrypt_pass(void *in, int size, void *out, uint8_t *key)
+void mg_decrypt_pass(void *in, int size, void *out, uint8_t *key)
 {
-    return dec_des_ecb(in, size, out, key);
+    dec_des_ecb(in, size, out, key);
 }
 
-int mg_encrypt_pass(void *in, int size, void *out, uint8_t *key)
+void mg_encrypt_pass(void *in, int size, void *out, uint8_t *key)
 {
-    return enc_des_ecb(in, size, out, key);
+    enc_des_ecb(in, size, out, key);
 }
diff --git a/utils/nwztools/upgtools/mg.h b/utils/nwztools/upgtools/mg.h
index a0c1f2ef65..ef8dcd5ecb 100644
--- a/utils/nwztools/upgtools/mg.h
+++ b/utils/nwztools/upgtools/mg.h
@@ -26,12 +26,13 @@
 #ifdef __cplusplus
 extern "C" {
 #endif
-int mg_decrypt_fw(void *in, int size, void *out, uint8_t *key);
-int mg_encrypt_fw(void *in, int size, void *out, uint8_t *key);
-int mg_decrypt_pass(void *in, int size, void *out, uint8_t *key);
-int mg_encrypt_pass(void *in, int size, void *out, uint8_t *key);
+/* size must be a multiple of 8 */
+void mg_decrypt_fw(void *in, int size, void *out, uint8_t *key);
+void mg_encrypt_fw(void *in, int size, void *out, uint8_t *key);
+void mg_decrypt_pass(void *in, int size, void *out, uint8_t *key);
+void mg_encrypt_pass(void *in, int size, void *out, uint8_t *key);
 #ifdef __cplusplus
 }
 #endif
 
-#endif /* __mg_h__ */
-\ No newline at end of file
+#endif /* __mg_h__ */
diff --git a/utils/nwztools/upgtools/upg.c b/utils/nwztools/upgtools/upg.c
index 44d3eca789..8a6a9f0754 100644
--- a/utils/nwztools/upgtools/upg.c
+++ b/utils/nwztools/upgtools/upg.c
@@ -22,7 +22,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
-#include <openssl/md5.h>
+#include "md5.h"
 
 struct nwz_model_t g_model_list[] =
 {
@@ -97,19 +97,14 @@ struct upg_file_t *upg_read_memory(void *buf, size_t size, char key[NWZ_KEY_SIZE
     struct upg_md5_t *md5 = buf;
     cprintf(BLUE, "Preliminary\n");
     cprintf(GREEN, "  MD5: ");
-    for(int i = 0; i < MD5_DIGEST_LENGTH; i++)
+    for(int i = 0; i < NWZ_MD5_SIZE; i++)
         cprintf(YELLOW, "%02x", md5->md5[i]);
     cprintf(OFF, " ");
 
     /* check MD5 */
-    uint8_t actual_md5[MD5_DIGEST_LENGTH];
-    {
-        MD5_CTX c;
-        MD5_Init(&c);
-        MD5_Update(&c, md5 + 1, size - sizeof(struct upg_header_t));
-        MD5_Final(actual_md5, &c);
-    }
-    if(memcmp(actual_md5, md5->md5, MD5_DIGEST_LENGTH) != 0)
+    uint8_t actual_md5[NWZ_MD5_SIZE];
+    MD5_CalculateDigest(actual_md5, (md5 + 1), size - sizeof(struct upg_header_t));
+    if(memcmp(actual_md5, md5->md5, NWZ_MD5_SIZE) != 0)
     {
         cprintf(RED, "Mismatch\n");
         err_printf(GREY, "MD5 Mismatch\n");
@@ -223,12 +218,7 @@ void *upg_write_memory(struct upg_file_t *file, char key[NWZ_KEY_SIZE],
     /* encrypt everything and hash everything */
     fwp_write(hdr, tot_size - sizeof(*md5), hdr, (void *)key);
     /* write final MD5 */
-    {
-        MD5_CTX c;
-        MD5_Init(&c);
-        MD5_Update(&c, (void *)hdr, tot_size - sizeof(*md5));
-        MD5_Final(md5->md5, &c);
-    }
+    MD5_CalculateDigest(md5->md5, (void *)hdr, tot_size - sizeof(*md5));
     *out_size = tot_size;
     return buf;
 }
diff --git a/utils/nwztools/upgtools/upgtool.c b/utils/nwztools/upgtools/upgtool.c
index 0de46a4260..a1dce84870 100644
--- a/utils/nwztools/upgtools/upgtool.c
+++ b/utils/nwztools/upgtools/upgtool.c
@@ -29,7 +29,6 @@
 #include "misc.h"
 #include "elf.h"
 #include <sys/stat.h>
-#include <openssl/md5.h>
 #include "crypt.h"
 #include "fwp.h"
 #include "keysig_search.h"
@@ -482,4 +481,3 @@ int main(int argc, char **argv)
 
     return ret;
 }
-
author	Amaury Pouly <amaury.pouly@gmail.com>	2017-01-04 16:55:53 +0100
committer	Amaury Pouly <amaury.pouly@gmail.com>	2017-01-04 17:05:15 +0100
commit	dbeb6db1b55a50dedf17e7d78ddb6fe9eebc2a63 (patch)
tree	29118847ebd2328095bb9f31fe7208c0a4bb6052 /utils
parent	92ecbd5fb8a7c8e939b1b4dde82cc6c9ba9d41af (diff)