lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 23 Sep 2022 16:33:32 +0530
From:   Bhaskar Chowdhury <unixbhaskar@...il.com>
To:     masahiroy@...nel.org, unixbhaskar@...il.com,
        danielmentz@...gle.com, linux-kernel@...r.kernel.org
Subject: [PATCH] kernel:gen_kheaders:Replace md5sum to sha256sum

Thought to apply a better encryption mechanism.

Replace all occurance of md5sum to sha256sum .

Signed-off-by: Bhaskar Chowdhury <unixbhaskar@...il.com>
---
 kernel/gen_kheaders.sh | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh
index 0c78e64f747d..1abf2d83039c 100755
--- a/kernel/gen_kheaders.sh
+++ b/kernel/gen_kheaders.sh
@@ -3,6 +3,7 @@

 # This script generates an archive consisting of kernel headers
 # for CONFIG_IKHEADERS.
+# Replace md5sum to sha256sum
 set -e
 sfile="$(readlink -f "$0")"
 outdir="$(pwd)"
@@ -37,22 +38,22 @@ all_dirs="$all_dirs $dir_list"
 # When Kconfig regenerates include/generated/autoconf.h, its timestamp is
 # updated, but the contents might be still the same. When any CONFIG option is
 # changed, Kconfig touches the corresponding timestamp file include/config/*.
-# Hence, the md5sum detects the configuration change anyway. We do not need to
+# Hence, the sha256sum detects the configuration change anyway. We do not need to
 # check include/generated/autoconf.h explicitly.
 #
-# Ignore them for md5 calculation to avoid pointless regeneration.
-headers_md5="$(find $all_dirs -name "*.h"			|
+# Ignore them for sha256 calculation to avoid pointless regeneration.
+headers_sha256="$(find $all_dirs -name "*.h"			|
 		grep -v "include/generated/compile.h"	|
 		grep -v "include/generated/autoconf.h"	|
-		xargs ls -l | md5sum | cut -d ' ' -f1)"
+		xargs ls -l | sha256sum| cut -d ' ' -f1)"

 # Any changes to this script will also cause a rebuild of the archive.
-this_file_md5="$(ls -l $sfile | md5sum | cut -d ' ' -f1)"
-if [ -f $tarfile ]; then tarfile_md5="$(md5sum $tarfile | cut -d ' ' -f1)"; fi
-if [ -f kernel/kheaders.md5 ] &&
-	[ "$(head -n 1 kernel/kheaders.md5)" = "$headers_md5" ] &&
-	[ "$(head -n 2 kernel/kheaders.md5 | tail -n 1)" = "$this_file_md5" ] &&
-	[ "$(tail -n 1 kernel/kheaders.md5)" = "$tarfile_md5" ]; then
+this_file_sha256="$(ls -l $sfile | sha256sum| cut -d ' ' -f1)"
+if [ -f $tarfile ]; then tarfile_sha256="$(sha256sum $tarfile | cut -d ' ' -f1)"; fi
+if [ -f kernel/kheaders.sha256 ] &&
+	[ "$(head -n 1 kernel/kheaders.sha256)" = "$headers_sha256" ] &&
+	[ "$(head -n 2 kernel/kheaders.sha256 | tail -n 1)" = "$this_file_sha256" ] &&
+	[ "$(tail -n 1 kernel/kheaders.sha256)" = "$tarfile_sha256" ]; then
 		exit
 fi

@@ -88,8 +89,8 @@ find $cpio_dir -printf "./%P\n" | LC_ALL=C sort | \
     --owner=0 --group=0 --numeric-owner --no-recursion \
     -I $XZ -cf $tarfile -C $cpio_dir/ -T - > /dev/null

-echo $headers_md5 > kernel/kheaders.md5
-echo "$this_file_md5" >> kernel/kheaders.md5
-echo "$(md5sum $tarfile | cut -d ' ' -f1)" >> kernel/kheaders.md5
+echo $headers_sha256 > kernel/kheaders.sha256
+echo "$this_file_sha256" >> kernel/kheaders.sha256
+echo "$(sha256sum $tarfile | cut -d ' ' -f1)" >> kernel/kheaders.sha256

 rm -rf $cpio_dir
--
2.35.1

Powered by blists - more mailing lists