1 /* Copyright (c) 2014, Google Inc.
2 *
3 * Permission to use, copy, modify, and/or distribute this software for any
4 * purpose with or without fee is hereby granted, provided that the above
5 * copyright notice and this permission notice appear in all copies.
6 *
7 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10 * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12 * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13 * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14
15 #include <openssl/base.h>
16
17 #include <memory>
18 #include <string>
19 #include <vector>
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <limits.h>
24 #include <stdio.h>
25 #include <sys/stat.h>
26 #include <sys/types.h>
27
28 #if !defined(OPENSSL_WINDOWS)
29 #include <string.h>
30 #include <unistd.h>
31 #if !defined(O_BINARY)
32 #define O_BINARY 0
33 #endif
34 #else
35 OPENSSL_MSVC_PRAGMA(warning(push, 3))
36 #include <windows.h>
37 OPENSSL_MSVC_PRAGMA(warning(pop))
38 #include <io.h>
39 #define PATH_MAX MAX_PATH
40 typedef int ssize_t;
41 #endif
42
43 #include <openssl/digest.h>
44
45 #include "internal.h"
46
47
48 struct close_delete {
operator ()close_delete49 void operator()(int *fd) {
50 BORINGSSL_CLOSE(*fd);
51 }
52 };
53
54 template<typename T, typename R, R (*func) (T*)>
55 struct func_delete {
operator ()func_delete56 void operator()(T* obj) {
57 func(obj);
58 }
59 };
60
61 // Source is an awkward expression of a union type in C++: Stdin | File filename.
62 struct Source {
63 enum Type {
64 STDIN,
65 };
66
SourceSource67 Source() : is_stdin_(false) {}
SourceSource68 explicit Source(Type) : is_stdin_(true) {}
SourceSource69 explicit Source(const std::string &name)
70 : is_stdin_(false), filename_(name) {}
71
is_stdinSource72 bool is_stdin() const { return is_stdin_; }
filenameSource73 const std::string &filename() const { return filename_; }
74
75 private:
76 bool is_stdin_;
77 std::string filename_;
78 };
79
80 static const char kStdinName[] = "standard input";
81
82 // OpenFile opens the regular file named |filename| and sets |*out_fd| to be a
83 // file descriptor to it. Returns true on sucess or prints an error to stderr
84 // and returns false on error.
OpenFile(int * out_fd,const std::string & filename)85 static bool OpenFile(int *out_fd, const std::string &filename) {
86 *out_fd = -1;
87
88 int fd = BORINGSSL_OPEN(filename.c_str(), O_RDONLY | O_BINARY);
89 if (fd < 0) {
90 fprintf(stderr, "Failed to open input file '%s': %s\n", filename.c_str(),
91 strerror(errno));
92 return false;
93 }
94 std::unique_ptr<int, close_delete> scoped_fd(&fd);
95
96 #if !defined(OPENSSL_WINDOWS)
97 struct stat st;
98 if (fstat(fd, &st)) {
99 fprintf(stderr, "Failed to stat input file '%s': %s\n", filename.c_str(),
100 strerror(errno));
101 return false;
102 }
103
104 if (!S_ISREG(st.st_mode)) {
105 fprintf(stderr, "%s: not a regular file\n", filename.c_str());
106 return false;
107 }
108 #endif
109
110 *out_fd = fd;
111 scoped_fd.release();
112 return true;
113 }
114
115 // SumFile hashes the contents of |source| with |md| and sets |*out_hex| to the
116 // hex-encoded result.
117 //
118 // It returns true on success or prints an error to stderr and returns false on
119 // error.
SumFile(std::string * out_hex,const EVP_MD * md,const Source & source)120 static bool SumFile(std::string *out_hex, const EVP_MD *md,
121 const Source &source) {
122 std::unique_ptr<int, close_delete> scoped_fd;
123 int fd;
124
125 if (source.is_stdin()) {
126 fd = 0;
127 } else {
128 if (!OpenFile(&fd, source.filename())) {
129 return false;
130 }
131 scoped_fd.reset(&fd);
132 }
133
134 static const size_t kBufSize = 8192;
135 std::unique_ptr<uint8_t[]> buf(new uint8_t[kBufSize]);
136
137 bssl::ScopedEVP_MD_CTX ctx;
138 if (!EVP_DigestInit_ex(ctx.get(), md, NULL)) {
139 fprintf(stderr, "Failed to initialize EVP_MD_CTX.\n");
140 return false;
141 }
142
143 for (;;) {
144 ssize_t n;
145
146 do {
147 n = BORINGSSL_READ(fd, buf.get(), kBufSize);
148 } while (n == -1 && errno == EINTR);
149
150 if (n == 0) {
151 break;
152 } else if (n < 0) {
153 fprintf(stderr, "Failed to read from %s: %s\n",
154 source.is_stdin() ? kStdinName : source.filename().c_str(),
155 strerror(errno));
156 return false;
157 }
158
159 if (!EVP_DigestUpdate(ctx.get(), buf.get(), n)) {
160 fprintf(stderr, "Failed to update hash.\n");
161 return false;
162 }
163 }
164
165 uint8_t digest[EVP_MAX_MD_SIZE];
166 unsigned digest_len;
167 if (!EVP_DigestFinal_ex(ctx.get(), digest, &digest_len)) {
168 fprintf(stderr, "Failed to finish hash.\n");
169 return false;
170 }
171
172 char hex_digest[EVP_MAX_MD_SIZE * 2];
173 static const char kHextable[] = "0123456789abcdef";
174 for (unsigned i = 0; i < digest_len; i++) {
175 const uint8_t b = digest[i];
176 hex_digest[i * 2] = kHextable[b >> 4];
177 hex_digest[i * 2 + 1] = kHextable[b & 0xf];
178 }
179 *out_hex = std::string(hex_digest, digest_len * 2);
180
181 return true;
182 }
183
184 // PrintFileSum hashes |source| with |md| and prints a line to stdout in the
185 // format of the coreutils *sum utilities. It returns true on success or prints
186 // an error to stderr and returns false on error.
PrintFileSum(const EVP_MD * md,const Source & source)187 static bool PrintFileSum(const EVP_MD *md, const Source &source) {
188 std::string hex_digest;
189 if (!SumFile(&hex_digest, md, source)) {
190 return false;
191 }
192
193 // TODO: When given "--binary" or "-b", we should print " *" instead of " "
194 // between the digest and the filename.
195 //
196 // MSYS and Cygwin md5sum default to binary mode by default, whereas other
197 // platforms' tools default to text mode by default. We default to text mode
198 // by default and consider text mode equivalent to binary mode (i.e. we
199 // always use Unix semantics, even on Windows), which means that our default
200 // output will differ from the MSYS and Cygwin tools' default output.
201 printf("%s %s\n", hex_digest.c_str(),
202 source.is_stdin() ? "-" : source.filename().c_str());
203 return true;
204 }
205
206 // CheckModeArguments contains arguments for the check mode. See the
207 // sha256sum(1) man page for details.
208 struct CheckModeArguments {
209 bool quiet = false;
210 bool status = false;
211 bool warn = false;
212 bool strict = false;
213 };
214
215 // Check reads lines from |source| where each line is in the format of the
216 // coreutils *sum utilities. It attempts to verify each hash by reading the
217 // file named in the line.
218 //
219 // It returns true if all files were verified and, if |args.strict|, no input
220 // lines had formatting errors. Otherwise it prints errors to stderr and
221 // returns false.
Check(const CheckModeArguments & args,const EVP_MD * md,const Source & source)222 static bool Check(const CheckModeArguments &args, const EVP_MD *md,
223 const Source &source) {
224 std::unique_ptr<FILE, func_delete<FILE, int, fclose>> scoped_file;
225 FILE *file;
226
227 if (source.is_stdin()) {
228 file = stdin;
229 } else {
230 int fd;
231 if (!OpenFile(&fd, source.filename())) {
232 return false;
233 }
234
235 file = BORINGSSL_FDOPEN(fd, "rb");
236 if (!file) {
237 perror("fdopen");
238 BORINGSSL_CLOSE(fd);
239 return false;
240 }
241
242 scoped_file = std::unique_ptr<FILE, func_delete<FILE, int, fclose>>(file);
243 }
244
245 const size_t hex_size = EVP_MD_size(md) * 2;
246 char line[EVP_MAX_MD_SIZE * 2 + 2 /* spaces */ + PATH_MAX + 1 /* newline */ +
247 1 /* NUL */];
248 unsigned bad_lines = 0;
249 unsigned parsed_lines = 0;
250 unsigned error_lines = 0;
251 unsigned bad_hash_lines = 0;
252 unsigned line_no = 0;
253 bool ok = true;
254 bool draining_overlong_line = false;
255
256 for (;;) {
257 line_no++;
258
259 if (fgets(line, sizeof(line), file) == nullptr) {
260 if (feof(file)) {
261 break;
262 }
263 fprintf(stderr, "Error reading from input.\n");
264 return false;
265 }
266
267 size_t len = strlen(line);
268
269 if (draining_overlong_line) {
270 if (line[len - 1] == '\n') {
271 draining_overlong_line = false;
272 }
273 continue;
274 }
275
276 const bool overlong = line[len - 1] != '\n' && !feof(file);
277
278 if (len < hex_size + 2 /* spaces */ + 1 /* filename */ ||
279 line[hex_size] != ' ' ||
280 line[hex_size + 1] != ' ' ||
281 overlong) {
282 bad_lines++;
283 if (args.warn) {
284 fprintf(stderr, "%s: %u: improperly formatted line\n",
285 source.is_stdin() ? kStdinName : source.filename().c_str(), line_no);
286 }
287 if (args.strict) {
288 ok = false;
289 }
290 if (overlong) {
291 draining_overlong_line = true;
292 }
293 continue;
294 }
295
296 if (line[len - 1] == '\n') {
297 line[len - 1] = 0;
298 len--;
299 }
300
301 parsed_lines++;
302
303 // coreutils does not attempt to restrict relative or absolute paths in the
304 // input so nor does this code.
305 std::string calculated_hex_digest;
306 const std::string target_filename(&line[hex_size + 2]);
307 Source target_source;
308 if (target_filename == "-") {
309 // coreutils reads from stdin if the filename is "-".
310 target_source = Source(Source::STDIN);
311 } else {
312 target_source = Source(target_filename);
313 }
314
315 if (!SumFile(&calculated_hex_digest, md, target_source)) {
316 error_lines++;
317 ok = false;
318 continue;
319 }
320
321 if (calculated_hex_digest != std::string(line, hex_size)) {
322 bad_hash_lines++;
323 if (!args.status) {
324 printf("%s: FAILED\n", target_filename.c_str());
325 }
326 ok = false;
327 continue;
328 }
329
330 if (!args.quiet) {
331 printf("%s: OK\n", target_filename.c_str());
332 }
333 }
334
335 if (!args.status) {
336 if (bad_lines > 0 && parsed_lines > 0) {
337 fprintf(stderr, "WARNING: %u line%s improperly formatted\n", bad_lines,
338 bad_lines == 1 ? " is" : "s are");
339 }
340 if (error_lines > 0) {
341 fprintf(stderr, "WARNING: %u computed checksum(s) did NOT match\n",
342 error_lines);
343 }
344 }
345
346 if (parsed_lines == 0) {
347 fprintf(stderr, "%s: no properly formatted checksum lines found.\n",
348 source.is_stdin() ? kStdinName : source.filename().c_str());
349 ok = false;
350 }
351
352 return ok;
353 }
354
355 // DigestSum acts like the coreutils *sum utilites, with the given hash
356 // function.
DigestSum(const EVP_MD * md,const std::vector<std::string> & args)357 static bool DigestSum(const EVP_MD *md,
358 const std::vector<std::string> &args) {
359 bool check_mode = false;
360 CheckModeArguments check_args;
361 bool check_mode_args_given = false;
362 std::vector<Source> sources;
363
364 auto it = args.begin();
365 while (it != args.end()) {
366 const std::string &arg = *it;
367 if (!arg.empty() && arg[0] != '-') {
368 break;
369 }
370
371 it++;
372
373 if (arg == "--") {
374 break;
375 }
376
377 if (arg == "-") {
378 // "-" ends the argument list and indicates that stdin should be used.
379 sources.push_back(Source(Source::STDIN));
380 break;
381 }
382
383 if (arg.size() >= 2 && arg[0] == '-' && arg[1] != '-') {
384 for (size_t i = 1; i < arg.size(); i++) {
385 switch (arg[i]) {
386 case 'b':
387 case 't':
388 // Binary/text mode – irrelevent, even on Windows.
389 break;
390 case 'c':
391 check_mode = true;
392 break;
393 case 'w':
394 check_mode_args_given = true;
395 check_args.warn = true;
396 break;
397 default:
398 fprintf(stderr, "Unknown option '%c'.\n", arg[i]);
399 return false;
400 }
401 }
402 } else if (arg == "--binary" || arg == "--text") {
403 // Binary/text mode – irrelevent, even on Windows.
404 } else if (arg == "--check") {
405 check_mode = true;
406 } else if (arg == "--quiet") {
407 check_mode_args_given = true;
408 check_args.quiet = true;
409 } else if (arg == "--status") {
410 check_mode_args_given = true;
411 check_args.status = true;
412 } else if (arg == "--warn") {
413 check_mode_args_given = true;
414 check_args.warn = true;
415 } else if (arg == "--strict") {
416 check_mode_args_given = true;
417 check_args.strict = true;
418 } else {
419 fprintf(stderr, "Unknown option '%s'.\n", arg.c_str());
420 return false;
421 }
422 }
423
424 if (check_mode_args_given && !check_mode) {
425 fprintf(
426 stderr,
427 "Check mode arguments are only meaningful when verifying checksums.\n");
428 return false;
429 }
430
431 for (; it != args.end(); it++) {
432 sources.push_back(Source(*it));
433 }
434
435 if (sources.empty()) {
436 sources.push_back(Source(Source::STDIN));
437 }
438
439 bool ok = true;
440
441 if (check_mode) {
442 for (auto &source : sources) {
443 ok &= Check(check_args, md, source);
444 }
445 } else {
446 for (auto &source : sources) {
447 ok &= PrintFileSum(md, source);
448 }
449 }
450
451 return ok;
452 }
453
MD5Sum(const std::vector<std::string> & args)454 bool MD5Sum(const std::vector<std::string> &args) {
455 return DigestSum(EVP_md5(), args);
456 }
457
SHA1Sum(const std::vector<std::string> & args)458 bool SHA1Sum(const std::vector<std::string> &args) {
459 return DigestSum(EVP_sha1(), args);
460 }
461
SHA224Sum(const std::vector<std::string> & args)462 bool SHA224Sum(const std::vector<std::string> &args) {
463 return DigestSum(EVP_sha224(), args);
464 }
465
SHA256Sum(const std::vector<std::string> & args)466 bool SHA256Sum(const std::vector<std::string> &args) {
467 return DigestSum(EVP_sha256(), args);
468 }
469
SHA384Sum(const std::vector<std::string> & args)470 bool SHA384Sum(const std::vector<std::string> &args) {
471 return DigestSum(EVP_sha384(), args);
472 }
473
SHA512Sum(const std::vector<std::string> & args)474 bool SHA512Sum(const std::vector<std::string> &args) {
475 return DigestSum(EVP_sha512(), args);
476 }
477