Changeset 95612 in vbox for trunk

Timestamp:

Jul 13, 2022 12:51:28 AM (3 years ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

152252

Message:

IPRT/ldr: Changed RTLdrHashImage to return the hash rather than the digest string. bugref:8691

Location:

trunk

Files:

• include/iprt/ldr.h (modified) (2 diffs)
• src/VBox/Runtime/common/ldr/ldrEx.cpp (modified) (5 diffs)
• src/VBox/Runtime/common/ldr/ldrPE.cpp (modified) (2 diffs)
• src/VBox/Runtime/include/internal/ldr.h (modified) (1 diff)
• src/VBox/Runtime/testcase/tstRTLdrVerifyPeImage.cpp (modified) (2 diffs)

trunk/include/iprt/ldr.h

@@ -1105 +1105 @@
      *          SignedData bit is found a few levels down into this as per RFC. */
     RTLDRPROP_PKCS7_SIGNED_DATA,
+    /** Query the number of pages that needs hashing.
+     * This is for RTLDRPROP_SHA1_PAGE_HASHES and RTLDRPROP_SHA256_PAGE_HASHES
+     * buffer size calculations. */
+    RTLDRPROP_HASHABLE_PAGES,
+    /** Query the SHA-1 page hashes.
+     * Returns an array with entries made of a 32-bit file offset and a SHA-1
+     * digest.  Use RTLDRPROP_HASHABLE_PAGES to calculate the buffer size. */
+    RTLDRPROP_SHA1_PAGE_HASHES,
+    /** Query the SHA-256 page hashes.
+     * Returns an array with entries made of a 32-bit file offset and a SHA-256
+     * digest. Use RTLDRPROP_HASHABLE_PAGES to calculate the buffer size. */
+    RTLDRPROP_SHA256_PAGE_HASHES,
 
     /** Query whether code signature checks are enabled.  */
@@ -1281 +1293 @@
  * @param   hLdrMod         The module handle.
  * @param   enmDigest       Which kind of digest.
- * @param   pszDigest       Where to store the image digest.
- * @param   cbDigest        Size of the buffer @a pszDigest points at.
- */
-RTDECL(int) RTLdrHashImage(RTLDRMOD hLdrMod, RTDIGESTTYPE enmDigest, char *pszDigest, size_t cbDigest);
+ * @param   pabHash         Where to store the image hash.
+ * @param   cbHash          Size of the buffer @a pabHash points at.  The
+ *                          required and returned size can be derived from the
+ *                          digest type (@a enmDigest).
+ */
+RTDECL(int) RTLdrHashImage(RTLDRMOD hLdrMod, RTDIGESTTYPE enmDigest, uint8_t *pabHash, size_t cbHash);
 
 /**

trunk/src/VBox/Runtime/common/ldr/ldrEx.cpp

@@ -629 +629 @@
             break;
         case RTLDRPROP_PKCS7_SIGNED_DATA:
+        case RTLDRPROP_SHA1_PAGE_HASHES:
+        case RTLDRPROP_SHA256_PAGE_HASHES:
             *pcbRet = 0;
+            break;
+        case RTLDRPROP_HASHABLE_PAGES:
+            *pcbRet = sizeof(uint32_t);
+            AssertReturn(cbBuf >= sizeof(uint32_t), VERR_INVALID_PARAMETER);
             break;
         case RTLDRPROP_SIGNATURE_CHECKS_ENFORCED:
@@ -693 +699 @@
 
 
-RTDECL(int) RTLdrHashImage(RTLDRMOD hLdrMod, RTDIGESTTYPE enmDigest, char *pszDigest, size_t cbDigest)
+RTDECL(int) RTLdrHashImage(RTLDRMOD hLdrMod, RTDIGESTTYPE enmDigest, uint8_t *pabHash, size_t cbHash)
 {
     AssertMsgReturn(rtldrIsValid(hLdrMod), ("hLdrMod=%p\n", hLdrMod), VERR_INVALID_HANDLE);
@@ -704 +710 @@
     switch (enmDigest)
     {
-        case RTDIGESTTYPE_MD5:      AssertReturn(cbDigest >= RTMD5_DIGEST_LEN    + 1, VERR_BUFFER_OVERFLOW); break;
-        case RTDIGESTTYPE_SHA1:     AssertReturn(cbDigest >= RTSHA1_DIGEST_LEN   + 1, VERR_BUFFER_OVERFLOW); break;
-        case RTDIGESTTYPE_SHA256:   AssertReturn(cbDigest >= RTSHA256_DIGEST_LEN + 1, VERR_BUFFER_OVERFLOW); break;
-        case RTDIGESTTYPE_SHA512:   AssertReturn(cbDigest >= RTSHA512_DIGEST_LEN + 1, VERR_BUFFER_OVERFLOW); break;
+        case RTDIGESTTYPE_MD5:      AssertReturn(cbHash >= RTMD5_HASH_SIZE,    VERR_BUFFER_OVERFLOW); break;
+        case RTDIGESTTYPE_SHA1:     AssertReturn(cbHash >= RTSHA1_HASH_SIZE,   VERR_BUFFER_OVERFLOW); break;
+        case RTDIGESTTYPE_SHA256:   AssertReturn(cbHash >= RTSHA256_HASH_SIZE, VERR_BUFFER_OVERFLOW); break;
+        case RTDIGESTTYPE_SHA512:   AssertReturn(cbHash >= RTSHA512_HASH_SIZE, VERR_BUFFER_OVERFLOW); break;
         default:
             if (enmDigest > RTDIGESTTYPE_INVALID && enmDigest < RTDIGESTTYPE_END)
@@ -713 +719 @@
             AssertFailedReturn(VERR_INVALID_PARAMETER);
     }
-    AssertPtrReturn(pszDigest, VERR_INVALID_POINTER);
+    AssertPtrReturn(pabHash, VERR_INVALID_POINTER);
 
     /*
@@ -720 +726 @@
     if (!pMod->pOps->pfnHashImage)
         return VERR_NOT_SUPPORTED;
-    return pMod->pOps->pfnHashImage(pMod, enmDigest, pszDigest, cbDigest);
+    return pMod->pOps->pfnHashImage(pMod, enmDigest, pabHash, cbHash);
 }
 RT_EXPORT_SYMBOL(RTLdrHashImage);

trunk/src/VBox/Runtime/common/ldr/ldrPE.cpp

@@ -3160 +3160 @@
  * @interface_method_impl{RTLDROPS,pfnHashImage}
  */
-static DECLCALLBACK(int) rtldrPE_HashImage(PRTLDRMODINTERNAL pMod, RTDIGESTTYPE enmDigest, char *pszDigest, size_t cbDigest)
+static DECLCALLBACK(int) rtldrPE_HashImage(PRTLDRMODINTERNAL pMod, RTDIGESTTYPE enmDigest, uint8_t *pabHash, size_t cbHash)
 {
     PRTLDRMODPE pModPe = (PRTLDRMODPE)pMod;
@@ -3186 +3186 @@
     {
         /*
-         * Format the digest into as human readable hash string.
+         * Copy out the result.
          */
+        RT_NOREF(cbHash); /* verified by caller */
         switch (enmDigest)
         {
-            case RTDIGESTTYPE_SHA512:  rc = RTSha512ToString(HashRes.abSha512, pszDigest, cbDigest); break;
-            case RTDIGESTTYPE_SHA256:  rc = RTSha256ToString(HashRes.abSha256, pszDigest, cbDigest); break;
-            case RTDIGESTTYPE_SHA1:    rc = RTSha1ToString(HashRes.abSha1, pszDigest, cbDigest); break;
-            case RTDIGESTTYPE_MD5:     rc = RTMd5ToString(HashRes.abMd5, pszDigest, cbDigest); break;
+            case RTDIGESTTYPE_SHA512:  memcpy(pabHash, HashRes.abSha512, sizeof(HashRes.abSha512)); break;
+            case RTDIGESTTYPE_SHA256:  memcpy(pabHash, HashRes.abSha256, sizeof(HashRes.abSha256)); break;
+            case RTDIGESTTYPE_SHA1:    memcpy(pabHash, HashRes.abSha1,   sizeof(HashRes.abSha1)); break;
+            case RTDIGESTTYPE_MD5:     memcpy(pabHash, HashRes.abMd5,    sizeof(HashRes.abMd5)); break;
             default:                   AssertFailedReturn(VERR_INTERNAL_ERROR_3);
         }

trunk/src/VBox/Runtime/include/internal/ldr.h

@@ -518 +518 @@
      * @param   pMod            The module handle.
      * @param   enmDigest       Which kind of digest.
-     * @param   pszDigest       Where to store the image digest.
-     * @param   cbDigest        Size of the buffer @a pszDigest points at.
-     */
-    DECLCALLBACKMEMBER(int, pfnHashImage,(PRTLDRMODINTERNAL pMod, RTDIGESTTYPE enmDigest, char *pszDigest, size_t cbDigest));
+     * @param   pabHash         Where to store the image hash.
+     * @param   cbHash          Size of the buffer @a pabHash points at.  This has
+     *                          been validated to be at least the required size.
+     */
+    DECLCALLBACKMEMBER(int, pfnHashImage,(PRTLDRMODINTERNAL pMod, RTDIGESTTYPE enmDigest, uint8_t *pabHash, size_t cbHash));
 
         /**

trunk/src/VBox/Runtime/testcase/tstRTLdrVerifyPeImage.cpp

@@ -38 +38 @@
 #include <iprt/test.h>
 
+#include <iprt/md5.h>
+#include <iprt/sha.h>
+
 
 /*********************************************************************************************************************************
@@ -73 +76 @@
         if (RT_SUCCESS(rc))
         {
-            char szDigest[512];
+            uint8_t abHash[128];
+            char    szDigest[512];
 
-            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_MD5, szDigest, sizeof(szDigest)), VINF_SUCCESS);
+            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_MD5, abHash, sizeof(abHash)), VINF_SUCCESS);
             if (RT_SUCCESS(rc))
+            {
+                RTMd5ToString(abHash, szDigest, sizeof(szDigest));
                 RTTestPrintf(hTest, RTTESTLVL_ALWAYS, "md5=%s\n", szDigest);
-            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA1, szDigest, sizeof(szDigest)), VINF_SUCCESS);
+            }
+            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA1, abHash, sizeof(abHash)), VINF_SUCCESS);
             if (RT_SUCCESS(rc))
+            {
+                RTSha1ToString(abHash, szDigest, sizeof(szDigest));
                 RTTestPrintf(hTest, RTTESTLVL_ALWAYS, "sha1=%s\n", szDigest);
-            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA256, szDigest, sizeof(szDigest)), VINF_SUCCESS);
+            }
+            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA256, abHash, sizeof(abHash)), VINF_SUCCESS);
             if (RT_SUCCESS(rc))
+            {
+                RTSha256ToString(abHash, szDigest, sizeof(szDigest));
                 RTTestPrintf(hTest, RTTESTLVL_ALWAYS, "sha256=%s\n", szDigest);
-            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA512, szDigest, sizeof(szDigest)), VINF_SUCCESS);
+            }
+            RTTESTI_CHECK_RC(rc = RTLdrHashImage(hLdrMod, RTDIGESTTYPE_SHA512, abHash, sizeof(abHash)), VINF_SUCCESS);
             if (RT_SUCCESS(rc))
+            {
+                RTSha512ToString(abHash, szDigest, sizeof(szDigest));
                 RTTestPrintf(hTest, RTTESTLVL_ALWAYS, "sha512=%s\n", szDigest);
+            }
 
             if (rc != VERR_NOT_SUPPORTED)