2
* GRUB -- GRand Unified Bootloader
3
* Copyright (C) 2009 Free Software Foundation, Inc.
5
* GRUB is free software: you can redistribute it and/or modify
6
* it under the terms of the GNU General Public License as published by
7
* the Free Software Foundation, either version 3 of the License, or
8
* (at your option) any later version.
10
* GRUB is distributed in the hope that it will be useful,
11
* but WITHOUT ANY WARRANTY; without even the implied warranty of
12
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
* GNU General Public License for more details.
15
* You should have received a copy of the GNU General Public License
16
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
20
#include <grub/extcmd.h>
21
#include <grub/file.h>
22
#include <grub/disk.h>
24
#include <grub/misc.h>
25
#include <grub/crypto.h>
26
#include <grub/normal.h>
27
#include <grub/i18n.h>
29
static const struct grub_arg_option options[] = {
30
{"hash", 'h', 0, N_("Specify hash to use."), N_("HASH"), ARG_TYPE_STRING},
31
{"check", 'c', 0, N_("Check hash list file."), N_("FILE"), ARG_TYPE_STRING},
32
{"prefix", 'p', 0, N_("Base directory for hash list."), N_("DIRECTORY"),
34
{"keep-going", 'k', 0, N_("Don't stop after first error."), 0, 0},
38
struct { const char *name; const char *hashname; } aliases[] =
40
{"sha256sum", "sha256"},
41
{"sha512sum", "sha512"},
48
if (c >= '0' && c <= '9')
50
if (c >= 'a' && c <= 'f')
52
if (c >= 'A' && c <= 'F')
58
hash_file (grub_file_t file, const gcry_md_spec_t *hash, void *result)
60
grub_uint8_t context[hash->contextsize];
61
grub_uint8_t readbuf[4096];
63
grub_memset (context, 0, sizeof (context));
68
r = grub_file_read (file, readbuf, sizeof (readbuf));
73
hash->write (context, readbuf, r);
75
hash->final (context);
76
grub_memcpy (result, hash->read (context), hash->mdlen);
82
check_list (const gcry_md_spec_t *hash, const char *hashfilename,
83
const char *prefix, int keep)
85
grub_file_t hashlist, file;
87
grub_uint8_t expected[hash->mdlen];
88
grub_uint8_t actual[hash->mdlen];
91
unsigned unread = 0, mismatch = 0;
93
hashlist = grub_file_open (hashfilename);
97
while (grub_free (buf), (buf = grub_file_getline (hashlist)))
100
for (i = 0; i < hash->mdlen; i++)
103
high = hextoval (*p++);
104
low = hextoval (*p++);
105
if (high < 0 || low < 0)
106
return grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid hash list");
107
expected[i] = (high << 4) | low;
109
if (*p++ != ' ' || *p++ != ' ')
110
return grub_error (GRUB_ERR_BAD_FILE_TYPE, "invalid hash list");
115
filename = grub_xasprintf ("%s/%s", prefix, p);
118
file = grub_file_open (filename);
119
grub_free (filename);
122
file = grub_file_open (p);
125
grub_file_close (hashlist);
129
err = hash_file (file, hash, actual);
130
grub_file_close (file);
133
grub_printf ("%s: READ ERROR\n", p);
136
grub_file_close (hashlist);
141
grub_errno = GRUB_ERR_NONE;
145
if (grub_crypto_memcmp (expected, actual, hash->mdlen) != 0)
147
grub_printf ("%s: HASH MISMATCH\n", p);
150
grub_file_close (hashlist);
152
return grub_error (GRUB_ERR_TEST_FAILURE,
153
"hash of '%s' mismatches", p);
158
grub_printf ("%s: OK\n", p);
160
if (mismatch || unread)
161
return grub_error (GRUB_ERR_TEST_FAILURE,
162
"%d files couldn't be read and hash "
163
"of %d files mismatches", unread, mismatch);
164
return GRUB_ERR_NONE;
168
grub_cmd_hashsum (struct grub_extcmd *cmd,
169
int argc, char **args)
171
struct grub_arg_list *state = cmd->state;
172
const char *hashname = NULL;
173
const char *prefix = NULL;
174
const gcry_md_spec_t *hash;
176
int keep = state[3].set;
179
for (i = 0; i < ARRAY_SIZE (aliases); i++)
180
if (grub_strcmp (cmd->cmd->name, aliases[i].name) == 0)
181
hashname = aliases[i].hashname;
183
hashname = state[0].arg;
186
return grub_error (GRUB_ERR_BAD_ARGUMENT, "no hash specified");
188
hash = grub_crypto_lookup_md_by_name (hashname);
190
return grub_error (GRUB_ERR_BAD_ARGUMENT, "unknown hash");
193
prefix = state[2].arg;
198
return grub_error (GRUB_ERR_BAD_ARGUMENT,
199
"--check is incompatible with file list");
200
return check_list (hash, state[1].arg, prefix, keep);
203
for (i = 0; i < (unsigned) argc; i++)
205
grub_uint8_t result[hash->mdlen];
209
file = grub_file_open (args[i]);
215
grub_errno = GRUB_ERR_NONE;
219
err = hash_file (file, hash, result);
220
grub_file_close (file);
226
grub_errno = GRUB_ERR_NONE;
230
for (j = 0; j < hash->mdlen; j++)
231
grub_printf ("%02x", result[j]);
232
grub_printf (" %s\n", args[i]);
236
return grub_error (GRUB_ERR_TEST_FAILURE, "%d files couldn't be read.",
238
return GRUB_ERR_NONE;
241
static grub_extcmd_t cmd, cmd_md5, cmd_sha256, cmd_sha512;
243
GRUB_MOD_INIT(hashsum)
245
cmd = grub_register_extcmd ("hashsum", grub_cmd_hashsum,
246
GRUB_COMMAND_FLAG_BOTH,
247
"hashsum -h HASH [-c FILE [-p PREFIX]] "
248
"[FILE1 [FILE2 ...]]",
249
"Compute or check hash checksum.",
251
cmd_md5 = grub_register_extcmd ("md5sum", grub_cmd_hashsum,
252
GRUB_COMMAND_FLAG_BOTH,
253
N_("[-c FILE [-p PREFIX]] "
254
"[FILE1 [FILE2 ...]]"),
255
N_("Compute or check hash checksum."),
257
cmd_sha256 = grub_register_extcmd ("sha256sum", grub_cmd_hashsum,
258
GRUB_COMMAND_FLAG_BOTH,
259
N_("[-c FILE [-p PREFIX]] "
260
"[FILE1 [FILE2 ...]]"),
261
"Compute or check hash checksum.",
263
cmd_sha512 = grub_register_extcmd ("sha512sum", grub_cmd_hashsum,
264
GRUB_COMMAND_FLAG_BOTH,
265
N_("[-c FILE [-p PREFIX]] "
266
"[FILE1 [FILE2 ...]]"),
267
N_("Compute or check hash checksum."),
271
GRUB_MOD_FINI(hashsum)
273
grub_unregister_extcmd (cmd);
274
grub_unregister_extcmd (cmd_md5);
275
grub_unregister_extcmd (cmd_sha256);
276
grub_unregister_extcmd (cmd_sha512);