1 #include <openssl/bn.h>
2 #include <openssl/evp.h>
3 #include <sparse/sparse.h>
19 struct sparse_hash_ctx {
20 unsigned char *hashes;
21 const unsigned char *salt;
25 const unsigned char *zero_block_hash;
29 #define div_round_up(x,y) (((x) + (y) - 1)/(y))
31 #define round_up(x,y) (div_round_up(x,y)*(y))
33 #define FATAL(x...) { \
38 size_t verity_tree_blocks(uint64_t data_size, size_t block_size, size_t hash_size,
41 size_t level_blocks = div_round_up(data_size, block_size);
42 int hashes_per_block = div_round_up(block_size, hash_size);
45 level_blocks = div_round_up(level_blocks, hashes_per_block);
51 int hash_block(const EVP_MD *md,
52 const unsigned char *block, size_t len,
53 const unsigned char *salt, size_t salt_len,
54 unsigned char *out, size_t *out_size)
60 mdctx = EVP_MD_CTX_create();
62 ret &= EVP_DigestInit_ex(mdctx, md, NULL);
63 ret &= EVP_DigestUpdate(mdctx, salt, salt_len);
64 ret &= EVP_DigestUpdate(mdctx, block, len);
65 ret &= EVP_DigestFinal_ex(mdctx, out, &s);
66 EVP_MD_CTX_destroy(mdctx);
74 int hash_blocks(const EVP_MD *md,
75 const unsigned char *in, size_t in_size,
76 unsigned char *out, size_t *out_size,
77 const unsigned char *salt, size_t salt_size,
82 for (size_t i = 0; i < in_size; i += block_size) {
83 hash_block(md, in + i, block_size, salt, salt_size, out, &s);
91 int hash_chunk(void *priv, const void *data, int len)
93 struct sparse_hash_ctx *ctx = (struct sparse_hash_ctx *)priv;
94 assert(len % ctx->block_size == 0);
97 hash_blocks(ctx->md, (const unsigned char *)data, len,
99 ctx->salt, ctx->salt_size, ctx->block_size);
102 for (size_t i = 0; i < (size_t)len; i += ctx->block_size) {
103 memcpy(ctx->hashes, ctx->zero_block_hash, ctx->hash_size);
104 ctx->hashes += ctx->hash_size;
112 printf("usage: build_verity_tree [ <options> ] -s <size> | <data> <verity>\n"
114 " -a,--salt-str=<string> set salt to <string>\n"
115 " -A,--salt-hex=<hex digits> set salt to <hex digits>\n"
116 " -h show this help\n"
117 " -s,--verity-size=<data size> print the size of the verity tree\n"
118 " -v, enable verbose logging\n"
119 " -S treat <data image> as a sparse file\n"
123 int main(int argc, char **argv)
126 char *verity_filename;
127 unsigned char *salt = NULL;
128 size_t salt_size = 0;
130 size_t block_size = 4096;
131 uint64_t calculate_size = 0;
132 bool verbose = false;
135 const static struct option long_options[] = {
136 {"salt-str", required_argument, 0, 'a'},
137 {"salt-hex", required_argument, 0, 'A'},
138 {"help", no_argument, 0, 'h'},
139 {"sparse", no_argument, 0, 'S'},
140 {"verity-size", required_argument, 0, 's'},
141 {"verbose", no_argument, 0, 'v'},
144 int c = getopt_long(argc, argv, "a:A:hSs:v", long_options, NULL);
151 salt_size = strlen(optarg);
152 salt = new unsigned char[salt_size]();
154 FATAL("failed to allocate memory for salt\n");
156 memcpy(salt, optarg, salt_size);
160 if(!BN_hex2bn(&bn, optarg)) {
161 FATAL("failed to convert salt from hex\n");
163 salt_size = BN_num_bytes(bn);
164 salt = new unsigned char[salt_size]();
166 FATAL("failed to allocate memory for salt\n");
168 if((size_t)BN_bn2bin(bn, salt) != salt_size) {
169 FATAL("failed to convert salt to bytes\n");
182 unsigned long long int inSize = strtoull(optarg, &endptr, 0);
183 if (optarg[0] == '\0' || *endptr != '\0' ||
184 (errno == ERANGE && inSize == ULLONG_MAX)) {
185 FATAL("invalid value of verity-size\n");
187 if (inSize > UINT64_MAX) {
188 FATAL("invalid value of verity-size\n");
190 calculate_size = (uint64_t)inSize;
207 const EVP_MD *md = EVP_sha256();
209 FATAL("failed to get digest\n");
212 size_t hash_size = EVP_MD_size(md);
213 assert(hash_size * 2 < block_size);
215 if (!salt || !salt_size) {
216 salt_size = hash_size;
217 salt = new unsigned char[salt_size];
219 FATAL("failed to allocate memory for salt\n");
222 int random_fd = open("/dev/urandom", O_RDONLY);
224 FATAL("failed to open /dev/urandom\n");
227 ssize_t ret = read(random_fd, salt, salt_size);
228 if (ret != (ssize_t)salt_size) {
229 FATAL("failed to read %zu bytes from /dev/urandom: %zd %d\n", salt_size, ret, errno);
234 if (calculate_size) {
239 size_t verity_blocks = 0;
243 level_blocks = verity_tree_blocks(calculate_size, block_size, hash_size, levels);
245 verity_blocks += level_blocks;
246 } while (level_blocks > 1);
248 printf("%" PRIu64 "\n", (uint64_t)verity_blocks * block_size);
257 data_filename = argv[0];
258 verity_filename = argv[1];
260 int fd = open(data_filename, O_RDONLY);
262 FATAL("failed to open %s\n", data_filename);
265 struct sparse_file *file;
267 file = sparse_file_import(fd, false, false);
269 file = sparse_file_import_auto(fd, false, verbose);
273 FATAL("failed to read file %s\n", data_filename);
276 int64_t len = sparse_file_len(file, false, false);
277 if (len % block_size != 0) {
278 FATAL("file size %" PRIu64 " is not a multiple of %zu bytes\n",
283 size_t verity_blocks = 0;
287 level_blocks = verity_tree_blocks(len, block_size, hash_size, levels);
289 verity_blocks += level_blocks;
290 } while (level_blocks > 1);
292 unsigned char *verity_tree = new unsigned char[verity_blocks * block_size]();
293 unsigned char **verity_tree_levels = new unsigned char *[levels + 1]();
294 size_t *verity_tree_level_blocks = new size_t[levels]();
295 if (verity_tree == NULL || verity_tree_levels == NULL || verity_tree_level_blocks == NULL) {
296 FATAL("failed to allocate memory for verity tree\n");
299 unsigned char *ptr = verity_tree;
300 for (int i = levels - 1; i >= 0; i--) {
301 verity_tree_levels[i] = ptr;
302 verity_tree_level_blocks[i] = verity_tree_blocks(len, block_size, hash_size, i);
303 ptr += verity_tree_level_blocks[i] * block_size;
305 assert(ptr == verity_tree + verity_blocks * block_size);
306 assert(verity_tree_level_blocks[levels - 1] == 1);
308 unsigned char zero_block_hash[hash_size];
309 unsigned char zero_block[block_size];
310 memset(zero_block, 0, block_size);
311 hash_block(md, zero_block, block_size, salt, salt_size, zero_block_hash, NULL);
313 unsigned char root_hash[hash_size];
314 verity_tree_levels[levels] = root_hash;
316 struct sparse_hash_ctx ctx;
317 ctx.hashes = verity_tree_levels[0];
319 ctx.salt_size = salt_size;
320 ctx.hash_size = hash_size;
321 ctx.block_size = block_size;
322 ctx.zero_block_hash = zero_block_hash;
325 sparse_file_callback(file, false, false, hash_chunk, &ctx);
327 sparse_file_destroy(file);
330 for (int i = 0; i < levels; i++) {
333 verity_tree_levels[i], verity_tree_level_blocks[i] * block_size,
334 verity_tree_levels[i + 1], &out_size,
335 salt, salt_size, block_size);
336 if (i < levels - 1) {
337 assert(div_round_up(out_size, block_size) == verity_tree_level_blocks[i + 1]);
339 assert(out_size == hash_size);
343 for (size_t i = 0; i < hash_size; i++) {
344 printf("%02x", root_hash[i]);
347 for (size_t i = 0; i < salt_size; i++) {
348 printf("%02x", salt[i]);
352 fd = open(verity_filename, O_WRONLY|O_CREAT, 0666);
354 FATAL("failed to open output file '%s'\n", verity_filename);
356 write(fd, verity_tree, verity_blocks * block_size);
359 delete[] verity_tree_levels;
360 delete[] verity_tree_level_blocks;
361 delete[] verity_tree;