1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2016 Lennart Poettering
8 #include <linux/if_alg.h>
10 #include <sys/socket.h>
12 #include "alloc-util.h"
14 #include "hexdecoct.h"
18 #include "string-util.h"
21 /* On current kernels the maximum digest (according to "grep digestsize /proc/crypto | sort -u") is actually 32, but
22 * let's add some extra room, the few wasted bytes don't really matter... */
23 #define LONGEST_DIGEST 128
28 uint8_t digest[LONGEST_DIGEST+1];
33 int khash_supported(void) {
36 struct sockaddr_alg alg;
38 .alg.salg_family = AF_ALG,
39 .alg.salg_type = "hash",
40 .alg.salg_name = "sha256", /* a very common algorithm */
43 static int cached = -1;
46 _cleanup_close_ int fd1 = -1, fd2 = -1;
47 uint8_t buf[LONGEST_DIGEST+1];
49 fd1 = socket(AF_ALG, SOCK_SEQPACKET|SOCK_CLOEXEC, 0);
51 /* The kernel returns EAFNOSUPPORT if AF_ALG is not supported at all */
52 if (IN_SET(errno, EAFNOSUPPORT, EOPNOTSUPP))
53 return (cached = false);
58 if (bind(fd1, &sa.sa, sizeof(sa)) < 0) {
59 /* The kernel returns ENOENT if the selected algorithm is not supported at all. We use a check
60 * for SHA256 as a proxy for whether the whole API is supported at all. After all it's one of
61 * the most common hash functions, and if it isn't supported, that's ample indication that
62 * something is really off. */
64 if (IN_SET(errno, ENOENT, EOPNOTSUPP))
65 return (cached = false);
70 fd2 = accept4(fd1, NULL, 0, SOCK_CLOEXEC);
72 if (errno == EOPNOTSUPP)
73 return (cached = false);
78 if (recv(fd2, buf, sizeof(buf), 0) < 0) {
79 /* On some kernels we get ENOKEY for non-keyed hash functions (such as sha256), let's refuse
80 * using the API in those cases, since the kernel is
81 * broken. https://github.com/systemd/systemd/issues/8278 */
83 if (IN_SET(errno, ENOKEY, EOPNOTSUPP))
84 return (cached = false);
93 int khash_new_with_key(khash **ret, const char *algorithm, const void *key, size_t key_size) {
96 struct sockaddr_alg alg;
98 .alg.salg_family = AF_ALG,
99 .alg.salg_type = "hash",
102 _cleanup_(khash_unrefp) khash *h = NULL;
103 _cleanup_close_ int fd = -1;
108 assert(key || key_size == 0);
110 /* Filter out an empty algorithm early, as we do not support an algorithm by that name. */
111 if (isempty(algorithm))
114 /* Overly long hash algorithm names we definitely do not support */
115 if (strlen(algorithm) >= sizeof(sa.alg.salg_name))
118 supported = khash_supported();
124 fd = socket(AF_ALG, SOCK_SEQPACKET|SOCK_CLOEXEC, 0);
128 strcpy((char*) sa.alg.salg_name, algorithm);
129 if (bind(fd, &sa.sa, sizeof(sa)) < 0) {
136 if (setsockopt(fd, SOL_ALG, ALG_SET_KEY, key, key_size) < 0)
144 h->fd = accept4(fd, NULL, 0, SOCK_CLOEXEC);
148 h->algorithm = strdup(algorithm);
152 /* Temporary fix for rc kernel bug: https://bugzilla.redhat.com/show_bug.cgi?id=1395896 */
153 (void) send(h->fd, NULL, 0, 0);
155 /* Figure out the digest size */
156 n = recv(h->fd, h->digest, sizeof(h->digest), 0);
159 if (n >= LONGEST_DIGEST) /* longer than what we expected? If so, we don't support this */
162 h->digest_size = (size_t) n;
163 h->digest_valid = true;
165 /* Temporary fix for rc kernel bug: https://bugzilla.redhat.com/show_bug.cgi?id=1395896 */
166 (void) send(h->fd, NULL, 0, 0);
174 int khash_new(khash **ret, const char *algorithm) {
175 return khash_new_with_key(ret, algorithm, NULL, 0);
178 khash* khash_unref(khash *h) {
187 int khash_dup(khash *h, khash **ret) {
188 _cleanup_(khash_unrefp) khash *copy = NULL;
193 copy = newdup(khash, h, 1);
198 copy->algorithm = strdup(h->algorithm);
199 if (!copy->algorithm)
202 copy->fd = accept4(h->fd, NULL, 0, SOCK_CLOEXEC);
206 *ret = TAKE_PTR(copy);
211 const char *khash_get_algorithm(khash *h) {
217 size_t khash_get_size(khash *h) {
220 return h->digest_size;
223 int khash_reset(khash *h) {
228 n = send(h->fd, NULL, 0, 0);
232 h->digest_valid = false;
237 int khash_put(khash *h, const void *buffer, size_t size) {
241 assert(buffer || size == 0);
246 n = send(h->fd, buffer, size, MSG_MORE);
250 h->digest_valid = false;
255 int khash_put_iovec(khash *h, const struct iovec *iovec, size_t n) {
257 mh.msg_iov = (struct iovec*) iovec,
263 assert(iovec || n == 0);
268 k = sendmsg(h->fd, &mh, MSG_MORE);
272 h->digest_valid = false;
277 static int retrieve_digest(khash *h) {
285 n = recv(h->fd, h->digest, h->digest_size, 0);
288 if ((size_t) n != h->digest_size) /* digest size changed? */
291 h->digest_valid = true;
296 int khash_digest_data(khash *h, const void **ret) {
302 r = retrieve_digest(h);
310 int khash_digest_string(khash *h, char **ret) {
317 r = retrieve_digest(h);
321 p = hexmem(h->digest, h->digest_size);