:: commit 6316c6a8570b5b6bc69b8fec0fa36ce432c0b7a4

Mintsuki <mintsuki@protonmail.com> — 2026-04-13 00:34

Revert "crypto: streaming blake2b for validation"

This introduced a TOCTOU vulnerability in our checksum verification and file use.

This reverts commit db799dee0327ab0d26840345a2271da4b7813cc7.

diff --git a/common/crypt/blake2b.c b/common/crypt/blake2b.c
index 40a40ede..b62183f3 100644
--- a/common/crypt/blake2b.c
+++ b/common/crypt/blake2b.c
@@ -5,7 +5,6 @@
 #include <stdint.h>
 #include <stddef.h>
 #include <crypt/blake2b.h>
-#include <fs/file.h>
 #include <lib/libc.h>
 
 #define BLAKE2B_BLOCK_BYTES 128
@@ -219,25 +218,3 @@ void blake2b(void *out, const void *in, size_t in_len) {
     blake2b_update(&state, in, in_len);
     blake2b_final(&state, out);
 }
-
-bool blake2b_verify_file(struct file_handle *fd, const uint8_t expected[BLAKE2B_OUT_BYTES]) {
-    uint8_t out_buf[BLAKE2B_OUT_BYTES];
-
-    if (fd->is_memfile) {
-        blake2b(out_buf, fd->fd, fd->size);
-        return memcmp(out_buf, expected, BLAKE2B_OUT_BYTES) == 0;
-    }
-    
-    struct blake2b_state state;
-    blake2b_init(&state);
-    char chunk_buf[4096];
-    
-    for (uint64_t r = fd->size, off = 0, sz; r > 0; off += sz, r -= sz) {
-        fd->read(fd, chunk_buf, off, sz = r < 4096 ? r : 4096);
-        blake2b_update(&state, chunk_buf, sz);
-    }
-    
-    blake2b_final(&state, out_buf);
-
-    return memcmp(out_buf, expected, BLAKE2B_OUT_BYTES) == 0;
-}
diff --git a/common/crypt/blake2b.h b/common/crypt/blake2b.h
index 7967d57f..313a7c63 100644
--- a/common/crypt/blake2b.h
+++ b/common/crypt/blake2b.h
@@ -7,7 +7,4 @@
 
 void blake2b(void *out, const void *in, size_t in_len);
 
-struct file_handle;
-bool blake2b_verify_file(struct file_handle *fd, const uint8_t expected[BLAKE2B_OUT_BYTES]);
-
 #endif
diff --git a/common/lib/uri.c b/common/lib/uri.c
index d04e3917..7f868791 100644
--- a/common/lib/uri.c
+++ b/common/lib/uri.c
@@ -257,13 +257,20 @@ struct file_handle *uri_open(char *uri) {
     }
 
     if (hash != NULL && ret != NULL) {
+        uint8_t out_buf[BLAKE2B_OUT_BYTES];
+#if defined (UEFI) && defined (__x86_64__)
+        void *file_buf = freadall_mode(ret, MEMMAP_BOOTLOADER_RECLAIMABLE, true);
+#else
+        void *file_buf = freadall(ret, MEMMAP_BOOTLOADER_RECLAIMABLE);
+#endif
+        blake2b(out_buf, file_buf, ret->size);
         uint8_t hash_buf[BLAKE2B_OUT_BYTES];
 
         for (size_t i = 0; i < sizeof(hash_buf); i++) {
             hash_buf[i] = digit_to_int(hash[i * 2]) << 4 | digit_to_int(hash[i * 2 + 1]);
         }
 
-        if (!blake2b_verify_file(ret, hash_buf)) {
+        if (memcmp(hash_buf, out_buf, sizeof(out_buf)) != 0) {
             if (hash_mismatch_panic) {
                 panic(true, "Blake2b hash for URI `%#` does not match!", uri);
             } else {

tab: 2 4 8 wrap: off on