diff options
Diffstat (limited to 'src/cmd/internal')
-rw-r--r-- | src/cmd/internal/codesign/codesign.go | 16 | ||||
-rw-r--r-- | src/cmd/internal/goobj/objfile.go | 4 | ||||
-rw-r--r-- | src/cmd/internal/obj/objfile.go | 4 | ||||
-rw-r--r-- | src/cmd/internal/obj/sym.go | 4 |
4 files changed, 18 insertions, 10 deletions
diff --git a/src/cmd/internal/codesign/codesign.go b/src/cmd/internal/codesign/codesign.go index 0517a10640..1116393b5c 100644 --- a/src/cmd/internal/codesign/codesign.go +++ b/src/cmd/internal/codesign/codesign.go @@ -11,10 +11,11 @@ package codesign import ( - "crypto/sha256" "debug/macho" "encoding/binary" "io" + + "cmd/internal/notsha256" ) // Code signature layout. @@ -190,7 +191,7 @@ func Size(codeSize int64, id string) int64 { nhashes := (codeSize + pageSize - 1) / pageSize idOff := int64(codeDirectorySize) hashOff := idOff + int64(len(id)+1) - cdirSz := hashOff + nhashes*sha256.Size + cdirSz := hashOff + nhashes*notsha256.Size return int64(superBlobSize+blobSize) + cdirSz } @@ -226,7 +227,7 @@ func Sign(out []byte, data io.Reader, id string, codeSize, textOff, textSize int identOffset: uint32(idOff), nCodeSlots: uint32(nhashes), codeLimit: uint32(codeSize), - hashSize: sha256.Size, + hashSize: notsha256.Size, hashType: CS_HASHTYPE_SHA256, pageSize: uint8(pageSizeBits), execSegBase: uint64(textOff), @@ -245,8 +246,12 @@ func Sign(out []byte, data io.Reader, id string, codeSize, textOff, textSize int outp = puts(outp, []byte(id+"\000")) // emit hashes + // NOTE(rsc): These must be SHA256, but for cgo bootstrap reasons + // we cannot import crypto/sha256 when GOEXPERIMENT=boringcrypto + // and the host is linux/amd64. So we use NOT-SHA256 + // and then apply a NOT ourselves to get SHA256. Sigh. var buf [pageSize]byte - h := sha256.New() + h := notsha256.New() p := 0 for p < int(codeSize) { n, err := io.ReadFull(data, buf[:]) @@ -263,6 +268,9 @@ func Sign(out []byte, data io.Reader, id string, codeSize, textOff, textSize int h.Reset() h.Write(buf[:n]) b := h.Sum(nil) + for i := range b { + b[i] ^= 0xFF // convert notsha256 to sha256 + } outp = puts(outp, b[:]) } } diff --git a/src/cmd/internal/goobj/objfile.go b/src/cmd/internal/goobj/objfile.go index 3e36c461fa..e58be66e59 100644 --- a/src/cmd/internal/goobj/objfile.go +++ b/src/cmd/internal/goobj/objfile.go @@ -20,7 +20,7 @@ package goobj import ( "cmd/internal/bio" - "crypto/sha1" + "cmd/internal/notsha256" "encoding/binary" "errors" "fmt" @@ -367,7 +367,7 @@ const Hash64Size = 8 // Hash type HashType [HashSize]byte -const HashSize = sha1.Size +const HashSize = notsha256.Size // Relocation. // diff --git a/src/cmd/internal/obj/objfile.go b/src/cmd/internal/obj/objfile.go index 2f7ce061d4..2caff62702 100644 --- a/src/cmd/internal/obj/objfile.go +++ b/src/cmd/internal/obj/objfile.go @@ -10,9 +10,9 @@ import ( "bytes" "cmd/internal/bio" "cmd/internal/goobj" + "cmd/internal/notsha256" "cmd/internal/objabi" "cmd/internal/sys" - "crypto/sha1" "encoding/binary" "fmt" "io" @@ -460,7 +460,7 @@ func contentHash64(s *LSym) goobj.Hash64Type { // For now, we assume there is no circular dependencies among // hashed symbols. func (w *writer) contentHash(s *LSym) goobj.HashType { - h := sha1.New() + h := notsha256.New() var tmp [14]byte // Include the size of the symbol in the hash. diff --git a/src/cmd/internal/obj/sym.go b/src/cmd/internal/obj/sym.go index a8360527ef..95dd07d0fa 100644 --- a/src/cmd/internal/obj/sym.go +++ b/src/cmd/internal/obj/sym.go @@ -33,8 +33,8 @@ package obj import ( "cmd/internal/goobj" + "cmd/internal/notsha256" "cmd/internal/objabi" - "crypto/md5" "fmt" "internal/buildcfg" "log" @@ -175,7 +175,7 @@ func (ctxt *Link) Int64Sym(i int64) *LSym { // GCLocalsSym generates a content-addressable sym containing data. func (ctxt *Link) GCLocalsSym(data []byte) *LSym { - return ctxt.LookupInit(fmt.Sprintf("gclocals·%x", md5.Sum(data)), func(lsym *LSym) { + return ctxt.LookupInit(fmt.Sprintf("gclocals·%x", notsha256.Sum256(data)), func(lsym *LSym) { lsym.P = data lsym.Set(AttrContentAddressable, true) }) |