Chromium Code Reviews Chromium Code Reviews
Issue 6811030:
verity: remove the depth parameter from bht_create (Closed)
Base URL: http://git.chromium.org/git/dm-verity.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by the GPL v2 license that can | 2 // Use of this source code is governed by the GPL v2 license that can |
| 3 // be found in the LICENSE file. | 3 // be found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Driver program for creating verity hash images. | 5 // Driver program for creating verity hash images. |
| 6 #include <stdio.h> | 6 #include <stdio.h> |
| 7 | 7 |
| 8 #include "verity/file_hasher.h" | 8 #include "verity/file_hasher.h" |
| 9 #include "verity/logging.h" | 9 #include "verity/logging.h" |
| 10 #include "verity/simple_file/env.h" | 10 #include "verity/simple_file/env.h" |
| 11 #include "verity/simple_file/file.h" | 11 #include "verity/simple_file/file.h" |
| 12 #include "verity/utils.h" | 12 #include "verity/utils.h" |
| 13 | 13 |
| 14 namespace { | 14 namespace { |
| 15 void print_usage(const char *name) { | 15 void print_usage(const char *name) { |
| 16 fprintf(stderr, | 16 fprintf(stderr, |
| 17 "Usage:\n" | 17 "Usage:\n" |
| 18 " %s mode depth alg image image_blocks hash_image [root_hexdigest]\n\n" | 18 " %s mode depth alg image image_blocks hash_image [root_hexdigest]\n\n" |
| 19 "Options:\n" | 19 "Options:\n" |
| 20 "- mode: May be create or verify\n" | 20 "- mode: May be create or verify\n" |
| 21 " If create, the `hash_image' will be created.\n" | 21 " If create, the `hash_image' will be created.\n" |
| 22 " If verify, the `hash_image` will be used to verify `image'.\n" | 22 " If verify, the `hash_image` will be used to verify `image'.\n" |
| 23 "- depth:» Integer specifying the hash tree depth (excl root node)\n" | 23 "- depth:» Deprecated. Must be `0'.\n" |
|
Will Drewry
2011/04/07 22:45:17
Any reason not to just ignore it? "Deprecated. Wi
Mandeep Singh Baines
2011/04/08 14:28:40
Ideally I'll do everything in the right order so t
| |
| 24 "- alg: Cryptographic hash algorithm to use\n" | 24 "- alg: Cryptographic hash algorithm to use\n" |
| 25 " Valid values: sha512 sha384 sha256 sha224 sha1 sha\n" | 25 " Valid values: sha512 sha384 sha256 sha224 sha1 sha\n" |
| 26 " mdc2 ripemd160 md5 md4 md2\n" | 26 " mdc2 ripemd160 md5 md4 md2\n" |
| 27 " (Algorithm choice depends on your target kernel)\n" | 27 " (Algorithm choice depends on your target kernel)\n" |
| 28 "- image: Path to the image to be hashed or verified\n" | 28 "- image: Path to the image to be hashed or verified\n" |
| 29 "- image_blocks: number of 4096 byte blocks to hash/verify\n" | 29 "- image_blocks: number of 4096 byte blocks to hash/verify\n" |
| 30 " If 0, the file size will be used.\n" | 30 " If 0, the file size will be used.\n" |
| 31 "- hash_image: Path where a hash image file may be created or read\n" | 31 "- hash_image: Path where a hash image file may be created or read\n" |
| 32 "- root_hexdigest: Digest of the root node (in hex) for verifying\n" | 32 "- root_hexdigest: Digest of the root node (in hex) for verifying\n" |
| 33 "\n", name); | 33 "\n", name); |
| 34 } | 34 } |
| 35 | 35 |
| 36 typedef enum { VERITY_NONE = 0, VERITY_CREATE, VERITY_VERIFY } verity_mode_t; | 36 typedef enum { VERITY_NONE = 0, VERITY_CREATE, VERITY_VERIFY } verity_mode_t; |
| 37 static verity_mode_t parse_mode(const char *mode_s) { | 37 static verity_mode_t parse_mode(const char *mode_s) { |
| 38 if (!strcmp(mode_s, "create")) return VERITY_CREATE; | 38 if (!strcmp(mode_s, "create")) return VERITY_CREATE; |
| 39 if (!strcmp(mode_s, "verify")) return VERITY_VERIFY; | 39 if (!strcmp(mode_s, "verify")) return VERITY_VERIFY; |
| 40 fprintf(stderr, "Unknown mode specified: %s\n", mode_s); | 40 fprintf(stderr, "Unknown mode specified: %s\n", mode_s); |
| 41 return VERITY_NONE; | 41 return VERITY_NONE; |
| 42 } | 42 } |
| 43 | 43 |
| 44 static unsigned int parse_depth(const char *depth_s) { | 44 static unsigned int parse_depth(const char *depth_s) { |
| 45 return (unsigned int)strtoul(depth_s, NULL, 0); | 45 return (unsigned int)strtoul(depth_s, NULL, 0); |
| 46 } | 46 } |
| 47 | 47 |
| 48 static unsigned int parse_blocks(const char *block_s) { | 48 static unsigned int parse_blocks(const char *block_s) { |
| 49 return (unsigned int)strtoul(block_s, NULL, 0); | 49 return (unsigned int)strtoul(block_s, NULL, 0); |
| 50 } | 50 } |
| 51 } // namespace | 51 } // namespace |
| 52 | 52 |
| 53 static int verity_create(unsigned int depth, | 53 static int verity_create(const char *alg, |
| 54 const char *alg, | |
| 55 const char *image_path, | 54 const char *image_path, |
| 56 unsigned int image_blocks, | 55 unsigned int image_blocks, |
| 57 const char *hash_path); | 56 const char *hash_path); |
| 58 | 57 |
| 59 int main(int argc, char **argv) { | 58 int main(int argc, char **argv) { |
| 60 if (argc < 7) { | 59 if (argc < 7) { |
| 61 print_usage(argv[0]); | 60 print_usage(argv[0]); |
| 62 return 1; | 61 return 1; |
| 63 } | 62 } |
| 64 | 63 |
| 64 if (parse_depth(argv[2]) != 0) { | |
| 65 LOG(FATAL) << "depth must be 0"; | |
| 66 return -1; | |
| 67 } | |
| 68 | |
| 65 if (parse_mode(argv[1]) == VERITY_CREATE) { | 69 if (parse_mode(argv[1]) == VERITY_CREATE) { |
| 66 return verity_create(parse_depth(argv[2]), | 70 return verity_create(argv[3], // alg |
| 67 argv[3], // alg | |
| 68 argv[4], // image_path | 71 argv[4], // image_path |
| 69 parse_blocks(argv[5]), | 72 parse_blocks(argv[5]), |
| 70 argv[6]); // hash path | 73 argv[6]); // hash path |
| 71 } else { | 74 } else { |
| 72 LOG(FATAL) << "Verification not done yet"; | 75 LOG(FATAL) << "Verification not done yet"; |
| 73 } | 76 } |
| 74 return -1; | 77 return -1; |
| 75 } | 78 } |
| 76 | 79 |
| 77 static int verity_create(unsigned int depth, | 80 static int verity_create(const char *alg, |
| 78 const char *alg, | 81 const char *image_path, |
| 79 const char *image_path, | |
| 80 unsigned int image_blocks, | 82 unsigned int image_blocks, |
| 81 const char *hash_path) { | 83 const char *hash_path) { |
| 82 // Configure files | 84 // Configure files |
| 83 simple_file::Env env; | 85 simple_file::Env env; |
| 84 | 86 |
| 85 simple_file::File source; | 87 simple_file::File source; |
| 86 LOG_IF(FATAL, !source.Initialize(image_path, O_RDONLY, &env)) | 88 LOG_IF(FATAL, !source.Initialize(image_path, O_RDONLY, &env)) |
| 87 << "Failed to open the source file: " << image_path; | 89 << "Failed to open the source file: " << image_path; |
| 88 simple_file::File destination; | 90 simple_file::File destination; |
| 89 LOG_IF(FATAL, !destination.Initialize(hash_path, | 91 LOG_IF(FATAL, !destination.Initialize(hash_path, |
| 90 O_CREAT|O_RDWR|O_TRUNC, | 92 O_CREAT|O_RDWR|O_TRUNC, |
| 91 &env)) | 93 &env)) |
| 92 << "Failed to open destination file: " << hash_path; | 94 << "Failed to open destination file: " << hash_path; |
| 93 | 95 |
| 94 // Create the actual worker and create the hash image. | 96 // Create the actual worker and create the hash image. |
| 95 verity::FileHasher hasher; | 97 verity::FileHasher hasher; |
| 96 LOG_IF(FATAL, !hasher.Initialize(&source, | 98 LOG_IF(FATAL, !hasher.Initialize(&source, |
| 97 &destination, | 99 &destination, |
| 98 depth, | |
| 99 image_blocks, | 100 image_blocks, |
| 100 alg)) | 101 alg)) |
| 101 << "Failed to initialize hasher"; | 102 << "Failed to initialize hasher"; |
| 102 LOG_IF(FATAL, !hasher.Hash()); | 103 LOG_IF(FATAL, !hasher.Hash()); |
| 103 LOG_IF(FATAL, !hasher.Store()); | 104 LOG_IF(FATAL, !hasher.Store()); |
| 104 hasher.PrintTable(true); | 105 hasher.PrintTable(true); |
| 105 return 0; | 106 return 0; |
| 106 } | 107 } |
| OLD | NEW |
