1 #include <openssl/bn.h>
2 #include <openssl/evp.h>
3 #include <sparse/sparse.h>
19 #include <android-base/file.h>
21 struct sparse_hash_ctx {
22 unsigned char *hashes;
23 const unsigned char *salt;
27 const unsigned char *zero_block_hash;
31 #define div_round_up(x,y) (((x) + (y) - 1)/(y))
33 #define round_up(x,y) (div_round_up(x,y)*(y))
35 #define FATAL(x...) { \
40 size_t verity_tree_blocks(uint64_t data_size, size_t block_size, size_t hash_size,
43 size_t level_blocks = div_round_up(data_size, block_size);
44 int hashes_per_block = div_round_up(block_size, hash_size);
47 level_blocks = div_round_up(level_blocks, hashes_per_block);
53 int hash_block(const EVP_MD *md,
54 const unsigned char *block, size_t len,
55 const unsigned char *salt, size_t salt_len,
56 unsigned char *out, size_t *out_size)
62 mdctx = EVP_MD_CTX_create();
64 ret &= EVP_DigestInit_ex(mdctx, md, NULL);
65 ret &= EVP_DigestUpdate(mdctx, salt, salt_len);
66 ret &= EVP_DigestUpdate(mdctx, block, len);
67 ret &= EVP_DigestFinal_ex(mdctx, out, &s);
68 EVP_MD_CTX_destroy(mdctx);
76 int hash_blocks(const EVP_MD *md,
77 const unsigned char *in, size_t in_size,
78 unsigned char *out, size_t *out_size,
79 const unsigned char *salt, size_t salt_size,
84 for (size_t i = 0; i < in_size; i += block_size) {
85 hash_block(md, in + i, block_size, salt, salt_size, out, &s);
93 int hash_chunk(void *priv, const void *data, int len)
95 struct sparse_hash_ctx *ctx = (struct sparse_hash_ctx *)priv;
96 assert(len % ctx->block_size == 0);
99 hash_blocks(ctx->md, (const unsigned char *)data, len,
101 ctx->salt, ctx->salt_size, ctx->block_size);
104 for (size_t i = 0; i < (size_t)len; i += ctx->block_size) {
105 memcpy(ctx->hashes, ctx->zero_block_hash, ctx->hash_size);
106 ctx->hashes += ctx->hash_size;
114 printf("usage: build_verity_tree [ <options> ] -s <size> | <data> <verity>\n"
116 " -a,--salt-str=<string> set salt to <string>\n"
117 " -A,--salt-hex=<hex digits> set salt to <hex digits>\n"
118 " -h show this help\n"
119 " -s,--verity-size=<data size> print the size of the verity tree\n"
120 " -v, enable verbose logging\n"
121 " -S treat <data image> as a sparse file\n"
125 int main(int argc, char **argv)
128 char *verity_filename;
129 unsigned char *salt = NULL;
130 size_t salt_size = 0;
132 size_t block_size = 4096;
133 uint64_t calculate_size = 0;
134 bool verbose = false;
137 const static struct option long_options[] = {
138 {"salt-str", required_argument, 0, 'a'},
139 {"salt-hex", required_argument, 0, 'A'},
140 {"help", no_argument, 0, 'h'},
141 {"sparse", no_argument, 0, 'S'},
142 {"verity-size", required_argument, 0, 's'},
143 {"verbose", no_argument, 0, 'v'},
146 int c = getopt_long(argc, argv, "a:A:hSs:v", long_options, NULL);
153 salt_size = strlen(optarg);
154 salt = new unsigned char[salt_size]();
156 FATAL("failed to allocate memory for salt\n");
158 memcpy(salt, optarg, salt_size);
162 if(!BN_hex2bn(&bn, optarg)) {
163 FATAL("failed to convert salt from hex\n");
165 salt_size = BN_num_bytes(bn);
166 salt = new unsigned char[salt_size]();
168 FATAL("failed to allocate memory for salt\n");
170 if((size_t)BN_bn2bin(bn, salt) != salt_size) {
171 FATAL("failed to convert salt to bytes\n");
184 unsigned long long int inSize = strtoull(optarg, &endptr, 0);
185 if (optarg[0] == '\0' || *endptr != '\0' ||
186 (errno == ERANGE && inSize == ULLONG_MAX)) {
187 FATAL("invalid value of verity-size\n");
189 if (inSize > UINT64_MAX) {
190 FATAL("invalid value of verity-size\n");
192 calculate_size = (uint64_t)inSize;
209 const EVP_MD *md = EVP_sha256();
211 FATAL("failed to get digest\n");
214 size_t hash_size = EVP_MD_size(md);
215 assert(hash_size * 2 < block_size);
217 if (!salt || !salt_size) {
218 salt_size = hash_size;
219 salt = new unsigned char[salt_size];
221 FATAL("failed to allocate memory for salt\n");
224 int random_fd = open("/dev/urandom", O_RDONLY);
226 FATAL("failed to open /dev/urandom\n");
229 ssize_t ret = read(random_fd, salt, salt_size);
230 if (ret != (ssize_t)salt_size) {
231 FATAL("failed to read %zu bytes from /dev/urandom: %zd %d\n", salt_size, ret, errno);
236 if (calculate_size) {
241 size_t verity_blocks = 0;
245 level_blocks = verity_tree_blocks(calculate_size, block_size, hash_size, levels);
247 verity_blocks += level_blocks;
248 } while (level_blocks > 1);
250 printf("%" PRIu64 "\n", (uint64_t)verity_blocks * block_size);
259 data_filename = argv[0];
260 verity_filename = argv[1];
262 int fd = open(data_filename, O_RDONLY);
264 FATAL("failed to open %s\n", data_filename);
267 struct sparse_file *file;
269 file = sparse_file_import(fd, false, false);
271 file = sparse_file_import_auto(fd, false, verbose);
275 FATAL("failed to read file %s\n", data_filename);
278 int64_t len = sparse_file_len(file, false, false);
279 if (len % block_size != 0) {
280 FATAL("file size %" PRIu64 " is not a multiple of %zu bytes\n",
285 size_t verity_blocks = 0;
289 level_blocks = verity_tree_blocks(len, block_size, hash_size, levels);
291 verity_blocks += level_blocks;
292 } while (level_blocks > 1);
294 unsigned char *verity_tree = new unsigned char[verity_blocks * block_size]();
295 unsigned char **verity_tree_levels = new unsigned char *[levels + 1]();
296 size_t *verity_tree_level_blocks = new size_t[levels]();
297 if (verity_tree == NULL || verity_tree_levels == NULL || verity_tree_level_blocks == NULL) {
298 FATAL("failed to allocate memory for verity tree\n");
301 unsigned char *ptr = verity_tree;
302 for (int i = levels - 1; i >= 0; i--) {
303 verity_tree_levels[i] = ptr;
304 verity_tree_level_blocks[i] = verity_tree_blocks(len, block_size, hash_size, i);
305 ptr += verity_tree_level_blocks[i] * block_size;
307 assert(ptr == verity_tree + verity_blocks * block_size);
308 assert(verity_tree_level_blocks[levels - 1] == 1);
310 unsigned char zero_block_hash[hash_size];
311 unsigned char zero_block[block_size];
312 memset(zero_block, 0, block_size);
313 hash_block(md, zero_block, block_size, salt, salt_size, zero_block_hash, NULL);
315 unsigned char root_hash[hash_size];
316 verity_tree_levels[levels] = root_hash;
318 struct sparse_hash_ctx ctx;
319 ctx.hashes = verity_tree_levels[0];
321 ctx.salt_size = salt_size;
322 ctx.hash_size = hash_size;
323 ctx.block_size = block_size;
324 ctx.zero_block_hash = zero_block_hash;
327 sparse_file_callback(file, false, false, hash_chunk, &ctx);
329 sparse_file_destroy(file);
332 for (int i = 0; i < levels; i++) {
335 verity_tree_levels[i], verity_tree_level_blocks[i] * block_size,
336 verity_tree_levels[i + 1], &out_size,
337 salt, salt_size, block_size);
338 if (i < levels - 1) {
339 assert(div_round_up(out_size, block_size) == verity_tree_level_blocks[i + 1]);
341 assert(out_size == hash_size);
345 for (size_t i = 0; i < hash_size; i++) {
346 printf("%02x", root_hash[i]);
349 for (size_t i = 0; i < salt_size; i++) {
350 printf("%02x", salt[i]);
354 fd = open(verity_filename, O_WRONLY|O_CREAT, 0666);
356 FATAL("failed to open output file '%s'\n", verity_filename);
358 if (!android::base::WriteFully(fd, verity_tree, verity_blocks * block_size)) {
359 FATAL("failed to write '%s'\n", verity_filename);
363 delete[] verity_tree_levels;
364 delete[] verity_tree_level_blocks;
365 delete[] verity_tree;