pcrlock: Pad pe hash to a multiple of 8 bytes

author Daan De Meyer <daan.j.demeyer@gmail.com>

Sun, 3 Nov 2024 20:45:29 +0000 (21:45 +0100)

committer Luca Boccassi <luca.boccassi@gmail.com>

Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)
author Daan De Meyer <daan.j.demeyer@gmail.com>
Sun, 3 Nov 2024 20:45:29 +0000 (21:45 +0100)
committer Luca Boccassi <luca.boccassi@gmail.com>
Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)
diff --git a/src/pcrlock/pehash.c b/src/pcrlock/pehash.c

index 7e9dade1f710167b49ae19533aa0ec588fb4b323..39ed61cc2e64f31a71e32e6ac2a55c0bc2fac5fa 100644 (file)
--- a/src/pcrlock/pehash.c
+++ b/src/pcrlock/pehash.c
@@ -135,6 +135,10 @@ int pe_hash(int fd,
                  r = hash_file(fd, mdctx, p, st.st_size - p - certificate_table->Size);
                  if (r < 0)
                          return r;
+
+                /* If the file size is not a multiple of 8 bytes, pad the hash with zero bytes. */
+                if (st.st_size % 8 != 0 && EVP_DigestUpdate(mdctx, (const uint8_t[8]) {}, 8 - (st.st_size % 8)) != 1)
+                        return log_debug_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE), "Unable to hash data.");
          }
  
          int hsz = EVP_MD_CTX_size(mdctx);
author	Daan De Meyer <daan.j.demeyer@gmail.com>
	Sun, 3 Nov 2024 20:45:29 +0000 (21:45 +0100)
committer	Luca Boccassi <luca.boccassi@gmail.com>
	Wed, 13 Nov 2024 19:48:10 +0000 (19:48 +0000)