Hello community, here is the log from the commit of package pesign for openSUSE:Factory checked in at 2013-04-02 12:37:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pesign (Old) and /work/SRC/openSUSE:Factory/.pesign.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pesign", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/pesign/pesign.changes 2013-03-01 10:53:48.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.pesign.new/pesign.changes 2013-04-02 12:37:18.000000000 +0200 @@ -1,0 +2,6 @@ +Tue Mar 26 06:21:15 UTC 2013 - [email protected] + +- Add pesign-bnc808594-align-signatures.patch to align signatures + (bnc#808594, bnc#811325) + +------------------------------------------------------------------- New: ---- pesign-bnc808594-align-signatures.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pesign.spec ++++++ --- /var/tmp/diff_new_pack.NRSNbX/_old 2013-04-02 12:37:19.000000000 +0200 +++ /var/tmp/diff_new_pack.NRSNbX/_new 2013-04-02 12:37:19.000000000 +0200 @@ -45,6 +45,8 @@ Patch11: pesign-no-set-image-size.patch # PATCH-FIX-UPSTREAM pesign-bnc805166-fix-signature-list.patch bnc#805166 [email protected] -- Fix the broken signature list when inserting a new signature into a signed EFI binary. Patch12: pesign-bnc805166-fix-signature-list.patch +# PATCH-FIX-UPSTREAM pesign-bnc808594-align-signatures.patch bnc#808594,bnc#811325 [email protected] -- Align the signatures to 8-bytes +Patch13: pesign-bnc808594-align-signatures.patch BuildRequires: mozilla-nss-devel BuildRequires: pkg-config BuildRequires: popt-devel @@ -80,6 +82,7 @@ %patch10 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 %build make OPTFLAGS="$RPM_OPT_FLAGS" ++++++ pesign-bnc808594-align-signatures.patch ++++++ >From 21cec8feac92a8cda788eaf3f9e9aee9d1b92672 Mon Sep 17 00:00:00 2001 From: Peter Jones <[email protected]> Date: Mon, 25 Mar 2013 11:34:45 -0400 Subject: [PATCH 1/8] If the last hunk of the file isn't 16-byte aligned, pad before digesting. When we (or MS) create a data directory section, we pad it to 16-bytes. This means that when you add that and then hash, you'll have that 0-extension before the data directory (in this case, the cert list) in the checksum. If we do -h without embedding the signature in the binary, we still need to take that into account. Signed-off-by: Peter Jones <[email protected]> --- src/cms_common.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/src/cms_common.c b/src/cms_common.c index 9ab2021..306d53e 100644 --- a/src/cms_common.c +++ b/src/cms_common.c @@ -795,6 +795,12 @@ err: return -1; } +#if 1 +#define dprintf(fmt, ...) +#else +#define dprintf(fmt, args...) printf(fmt, ## args) +#endif + int generate_digest(cms_context *cms, Pe *pe) { @@ -860,6 +866,8 @@ generate_digest(cms_context *cms, Pe *pe) cms->log(cms, LOG_ERR, "Pe header is invalid"); goto error; } + dprintf("beginning of hash\n"); + dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); generate_digest_step(cms, hash_base, hash_size); /* 5. Skip over the image checksum @@ -882,6 +890,7 @@ generate_digest(cms_context *cms, Pe *pe) goto error; } generate_digest_step(cms, hash_base, hash_size); + dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); /* 8. Skip over the crt dir * 9. Hash everything up to the end of the image header. */ @@ -895,6 +904,7 @@ generate_digest(cms_context *cms, Pe *pe) goto error; } generate_digest_step(cms, hash_base, hash_size); + dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); /* 10. Set SUM_OF_BYTES_HASHED to the size of the header. */ hashed_bytes = pe32opthdr ? pe32opthdr->header_size @@ -926,6 +936,7 @@ generate_digest(cms_context *cms, Pe *pe) } generate_digest_step(cms, hash_base, hash_size); + dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); hashed_bytes += hash_size; } @@ -938,8 +949,19 @@ generate_digest(cms_context *cms, Pe *pe) cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); goto error_shdrs; } - generate_digest_step(cms, hash_base, hash_size); + if (hash_size % 16 != 0) { + size_t tmp_size = hash_size + (16 - (hash_size % 16)); + uint8_t tmp_array[tmp_size]; + memset(tmp_array, '\0', tmp_size); + memcpy(tmp_array, hash_base, hash_size); + generate_digest_step(cms, tmp_array, tmp_size); + dprintf("digesting %lx + %lx\n", (unsigned long)tmp_array, tmp_size); + } else { + generate_digest_step(cms, hash_base, hash_size); + dprintf("digesting %lx + %lx\n", hash_base - map, hash_size); + } } + dprintf("end of hash\n"); rc = generate_digest_finish(cms); if (rc < 0) -- 1.7.10.4 >From d07c91cffaeaaa1b0f0a0dbc684e073d976ee9f3 Mon Sep 17 00:00:00 2001 From: Peter Jones <[email protected]> Date: Mon, 25 Mar 2013 12:53:05 -0400 Subject: [PATCH 2/8] Pad signatures everywhere /except/ -h. If you run -h, you may be using that hash in a db/dbx variable, in which case the padding isn't appropriate. Everywhere else, it's for implanting at some stage. Signed-off-by: Peter Jones <[email protected]> --- src/cms_common.c | 4 ++-- src/cms_common.h | 2 +- src/daemon.c | 6 +++--- src/pesign.c | 15 ++++++++------- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/src/cms_common.c b/src/cms_common.c index 306d53e..f2ee684 100644 --- a/src/cms_common.c +++ b/src/cms_common.c @@ -802,7 +802,7 @@ err: #endif int -generate_digest(cms_context *cms, Pe *pe) +generate_digest(cms_context *cms, Pe *pe, int padded) { void *hash_base; size_t hash_size; @@ -949,7 +949,7 @@ generate_digest(cms_context *cms, Pe *pe) cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); goto error_shdrs; } - if (hash_size % 16 != 0) { + if (hash_size % 16 != 0 && padded) { size_t tmp_size = hash_size + (16 - (hash_size % 16)); uint8_t tmp_array[tmp_size]; memset(tmp_array, '\0', tmp_size); diff --git a/src/cms_common.h b/src/cms_common.h index a3848cd..d819aab 100644 --- a/src/cms_common.h +++ b/src/cms_common.h @@ -105,7 +105,7 @@ extern int generate_spc_link(cms_context *cms, SpcLink *slp, extern int generate_spc_string(cms_context *cms, SECItem *ssp, char *str, int len); -extern int generate_digest(cms_context *cms, Pe *pe); +extern int generate_digest(cms_context *cms, Pe *pe, int padded); extern int generate_signature(cms_context *ctx); extern int unlock_nss_token(cms_context *ctx); extern int find_certificate(cms_context *ctx); diff --git a/src/daemon.c b/src/daemon.c index 92ae856..69821ba 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -433,7 +433,7 @@ malformed: if (rc < 0) goto finish; - rc = generate_digest(ctx->cms, outpe); + rc = generate_digest(ctx->cms, outpe, 1); if (rc < 0) { err_attached: pe_end(outpe); @@ -448,7 +448,7 @@ err_attached: if (sigspace < 0) goto err_attached; allocate_signature_space(outpe, sigspace); - rc = generate_digest(ctx->cms, outpe); + rc = generate_digest(ctx->cms, outpe, 1); if (rc < 0) goto err_attached; rc = generate_signature(ctx->cms); @@ -463,7 +463,7 @@ err_attached: ctx->cms->log(ctx->cms, ctx->priority|LOG_ERR, "pesignd: could not truncate output file: %m"); } - rc = generate_digest(ctx->cms, inpe); + rc = generate_digest(ctx->cms, inpe, 1); if (rc < 0) { err_detached: if (ftruncate(outfd, 0) != 0) { diff --git a/src/pesign.c b/src/pesign.c index fcb2dca..81515d2 100644 --- a/src/pesign.c +++ b/src/pesign.c @@ -473,7 +473,8 @@ main(int argc, char *argv[]) "force overwriting of output file", NULL }, {"sign", 's', POPT_ARG_VAL, &ctxp->sign, 1, "create a new signature", NULL }, - {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, "hash binary", NULL }, + {"hash", 'h', POPT_ARG_VAL, &ctxp->hash, 1, + "hash binary", NULL }, {"digest_type", 'd', POPT_ARG_STRING|POPT_ARGFLAG_SHOW_DEFAULT, &digest_name, 0, "digest type to use for pe hash" }, {"import-signed-certificate", 'm', @@ -669,7 +670,7 @@ main(int argc, char *argv[]) open_input(ctxp); open_output(ctxp); close_input(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->outpe); + generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); sigspace = calculate_signature_space(ctxp->cms_ctx, ctxp->outpe); allocate_signature_space(ctxp->outpe, sigspace); @@ -683,7 +684,7 @@ main(int argc, char *argv[]) case EXPORT_SATTRS: open_input(ctxp); open_sattr_output(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->inpe); + generate_digest(ctxp->cms_ctx, ctxp->inpe, 1); generate_sattr_blob(ctxp); close_sattr_output(ctxp); close_input(ctxp); @@ -779,7 +780,7 @@ main(int argc, char *argv[]) break; case GENERATE_DIGEST|PRINT_DIGEST: open_input(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->inpe); + generate_digest(ctxp->cms_ctx, ctxp->inpe, 0); print_digest(ctxp); break; /* generate a signature and save it in a separate file */ @@ -793,7 +794,7 @@ main(int argc, char *argv[]) } open_input(ctxp); open_sig_output(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->inpe); + generate_digest(ctxp->cms_ctx, ctxp->inpe, 1); generate_signature(ctxp->cms_ctx); export_signature(ctxp->cms_ctx, ctxp->outsigfd, ctxp->ascii); break; @@ -814,11 +815,11 @@ main(int argc, char *argv[]) open_input(ctxp); open_output(ctxp); close_input(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->outpe); + generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); sigspace = calculate_signature_space(ctxp->cms_ctx, ctxp->outpe); allocate_signature_space(ctxp->outpe, sigspace); - generate_digest(ctxp->cms_ctx, ctxp->outpe); + generate_digest(ctxp->cms_ctx, ctxp->outpe, 1); generate_signature(ctxp->cms_ctx); insert_signature(ctxp->cms_ctx, ctxp->signum); finalize_signatures(ctxp->cms_ctx->signatures, -- 1.7.10.4 >From 29a593849964bb89c29bb40dd6a1f4bb5a90e675 Mon Sep 17 00:00:00 2001 From: Peter Jones <[email protected]> Date: Thu, 21 Mar 2013 11:02:43 -0400 Subject: [PATCH 3/8] Deal with PE-COFF 8.2+ alignment restrictions for the certificate list. PE-COFF 8.2 and newer finally specify the certificate list as a proper array, but they kindly made a new rule that each entry has to be 8-byte aligned. So align them now :/ Signed-off-by: Peter Jones <[email protected]> --- src/wincert.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/src/wincert.c b/src/wincert.c index 4197a87..3686918 100644 --- a/src/wincert.c +++ b/src/wincert.c @@ -42,6 +42,11 @@ generate_cert_list(SECItem **signatures, int num_signatures, *cert_list_size = cl_size; for (int i = 0; i < num_signatures; i++) { + /* pe-coff 8.2 adds some text that says each cert list + * entry is 8-byte aligned, so that means we need to align + * them here. */ + if ((intptr_t)data % 8 != 0) + data = (uint8_t *)((intptr_t)data + (8 - ((intptr_t)data % 8))); struct cert_list_entry *cle = (struct cert_list_entry *)data; cle->wc.length = signatures[i]->len + sizeof (win_certificate); @@ -170,6 +175,11 @@ done: iter->n += sizeof (*tmpcert) + length; + /* each cert list entry must be aligned to an 8-byte + * boundary */ + if (iter->n % 8 != 0) + iter->n += 8 - (iter->n % 8); + return 1; } } @@ -208,8 +218,13 @@ size_t get_reserved_sig_space(cms_context *cms, Pe *pe) { size_t ret = 0; - for (int i = 0; i < cms->num_signatures; i++) + for (int i = 0; i < cms->num_signatures; i++) { ret += cms->signatures[i]->len + sizeof (win_certificate); + /* each certificate list entry must be 8-byte aligned, + * so we need to account for that in our space calculation */ + if (ret % 8 != 0) + ret += 8 - (ret % 8); + } return ret; } @@ -238,6 +253,11 @@ err: size_t res = get_reserved_sig_space(cms, pe); + /* pe-coff 8.2 adds some text that says each cert list entry is + * 8-byte aligned, so that means we need alignment space here. */ + if (res % 8 != 0) + res += 8 - (res % 8); + ssize_t ret = res + sig.len + sizeof(win_certificate) - available_cert_space(pe); -- 1.7.10.4 >From 731aa2ac9012a39fd4ccee813c77a9e75235606c Mon Sep 17 00:00:00 2001 From: Peter Jones <[email protected]> Date: Fri, 22 Mar 2013 09:56:23 -0400 Subject: [PATCH 4/8] More certificate list alignment fixups (based on work by Gary Lin) There was still some chance the first entry wasn't aligned right, and doing it ad-hoc every time wasn't that great. So fix that. This is really all Gary's work, I've just reformatted it a little bit. Signed-off-by: Peter Jones <[email protected]> --- libdpe/common.h | 2 ++ libdpe/pe_allocspace.c | 4 ++-- src/wincert.c | 24 ++++++++++-------------- 3 files changed, 14 insertions(+), 16 deletions(-) diff --git a/libdpe/common.h b/libdpe/common.h index 5d379e8..be42738 100644 --- a/libdpe/common.h +++ b/libdpe/common.h @@ -31,6 +31,8 @@ #define is_64_bit(pe) ((pe)->flags & IMAGE_FILE_32BIT_MACHINE) +#define ALIGNMENT_PADDING(address, align) ((align - (address % align)) % align) + #define xfree(x) ({if (x) { free(x); x = NULL; }}) #define xmunmap(addr, size) ({if (addr) { munmap(addr,size); addr = NULL; }}) diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c index 0ae1f5d..716373c 100644 --- a/libdpe/pe_allocspace.c +++ b/libdpe/pe_allocspace.c @@ -86,7 +86,7 @@ pe_extend_file(Pe *pe, size_t size, uint32_t *new_space, int align) void *new = NULL; if (align) - align = (pe->maximum_size + size) % align; + align = ALIGNMENT_PADDING(pe->maximum_size, align); int extra = size + align; int rc = ftruncate(pe->fildes, pe->maximum_size + extra); @@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) /* XXX PJFIX TODO: this should try to find space in the already * mapped regions. */ - rc = pe_extend_file(pe, size, offset, 0); + rc = pe_extend_file(pe, size, offset, 8); if (rc < 0) return -1; return 0; diff --git a/src/wincert.c b/src/wincert.c index 3686918..cc612b6 100644 --- a/src/wincert.c +++ b/src/wincert.c @@ -19,6 +19,8 @@ #include "pesign.h" +#define ALIGNMENT_PADDING(address, align) ((align - (address % align)) % align) + struct cert_list_entry { win_certificate wc; uint8_t data[]; @@ -32,6 +34,7 @@ generate_cert_list(SECItem **signatures, int num_signatures, for (int i = 0; i < num_signatures; i++) { cl_size += sizeof (win_certificate); cl_size += signatures[i]->len; + cl_size += ALIGNMENT_PADDING(cl_size, 8); } uint8_t *data = malloc(cl_size); @@ -45,16 +48,16 @@ generate_cert_list(SECItem **signatures, int num_signatures, /* pe-coff 8.2 adds some text that says each cert list * entry is 8-byte aligned, so that means we need to align * them here. */ - if ((intptr_t)data % 8 != 0) - data = (uint8_t *)((intptr_t)data + (8 - ((intptr_t)data % 8))); struct cert_list_entry *cle = (struct cert_list_entry *)data; cle->wc.length = signatures[i]->len + + ALIGNMENT_PADDING(signatures[i]->len, 8) + sizeof (win_certificate); cle->wc.revision = WIN_CERT_REVISION_2_0; cle->wc.cert_type = WIN_CERT_TYPE_PKCS_SIGNED_DATA; memcpy(&cle->data[0], signatures[i]->data, signatures[i]->len); data += sizeof (win_certificate) + signatures[i]->len; + data += ALIGNMENT_PADDING(signatures[i]->len, 8); } return 0; @@ -175,11 +178,6 @@ done: iter->n += sizeof (*tmpcert) + length; - /* each cert list entry must be aligned to an 8-byte - * boundary */ - if (iter->n % 8 != 0) - iter->n += 8 - (iter->n % 8); - return 1; } } @@ -222,8 +220,7 @@ get_reserved_sig_space(cms_context *cms, Pe *pe) ret += cms->signatures[i]->len + sizeof (win_certificate); /* each certificate list entry must be 8-byte aligned, * so we need to account for that in our space calculation */ - if (ret % 8 != 0) - ret += 8 - (ret % 8); + ret += ALIGNMENT_PADDING(ret, 8); } return ret; } @@ -253,14 +250,13 @@ err: size_t res = get_reserved_sig_space(cms, pe); - /* pe-coff 8.2 adds some text that says each cert list entry is - * 8-byte aligned, so that means we need alignment space here. */ - if (res % 8 != 0) - res += 8 - (res % 8); - ssize_t ret = res + sig.len + sizeof(win_certificate) - available_cert_space(pe); + /* pe-coff 8.2 adds some text that says each cert list entry is + * 8-byte aligned, so that means we need alignment space here. */ + ret += ALIGNMENT_PADDING(ret, 8); + //free(sig.data); return ret; -- 1.7.10.4 >From 12595de05a873712a76e6118f00f324fd257d0f6 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <[email protected]> Date: Tue, 26 Mar 2013 11:28:57 +0800 Subject: [PATCH 5/8] Pad the file to be 16-byte aligned, instead of 8-byte --- libdpe/pe_allocspace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c index 716373c..8b09153 100644 --- a/libdpe/pe_allocspace.c +++ b/libdpe/pe_allocspace.c @@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) /* XXX PJFIX TODO: this should try to find space in the already * mapped regions. */ - rc = pe_extend_file(pe, size, offset, 8); + rc = pe_extend_file(pe, size, offset, 16); if (rc < 0) return -1; return 0; -- 1.7.10.4 >From deb5811f7e718d8d0d9c41ad18d2302876334e7a Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <[email protected]> Date: Tue, 26 Mar 2013 11:34:33 +0800 Subject: [PATCH 6/8] Add an option, -padding, for -h to pad signatures We are using "-h" to check the integrity of the file after inserting a raw signature. Add this option to make the digests consistent. --- src/pesign.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/pesign.c b/src/pesign.c index 81515d2..57fe96e 100644 --- a/src/pesign.c +++ b/src/pesign.c @@ -440,6 +440,7 @@ main(int argc, char *argv[]) int remove = 0; int daemon = 0; int fork = 1; + int padding = 0; char *digest_name = "sha256"; char *tokenname = "NSS Certificate DB"; @@ -518,6 +519,8 @@ main(int argc, char *argv[]) "run as a daemon process", NULL }, {"nofork", 'N', POPT_ARG_VAL, &fork, 0, "don't fork when daemonizing", NULL }, + {"padding", 'P', POPT_ARG_VAL|POPT_ARGFLAG_DOC_HIDDEN, + &padding, 1, "pad data section", NULL }, POPT_AUTOALIAS POPT_AUTOHELP POPT_TABLEEND @@ -780,7 +783,7 @@ main(int argc, char *argv[]) break; case GENERATE_DIGEST|PRINT_DIGEST: open_input(ctxp); - generate_digest(ctxp->cms_ctx, ctxp->inpe, 0); + generate_digest(ctxp->cms_ctx, ctxp->inpe, padding); print_digest(ctxp); break; /* generate a signature and save it in a separate file */ -- 1.7.10.4 >From 63221e01d0a857ce844b4b17798b5da1ea6a6be1 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <[email protected]> Date: Tue, 26 Mar 2013 18:30:58 +0800 Subject: [PATCH 7/8] Clear the space for the certificate list Make sure the aligned bytes are '\0' Signed-off-by: Gary Ching-Pang Lin <[email protected]> --- src/wincert.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wincert.c b/src/wincert.c index cc612b6..75fdceb 100644 --- a/src/wincert.c +++ b/src/wincert.c @@ -37,7 +37,7 @@ generate_cert_list(SECItem **signatures, int num_signatures, cl_size += ALIGNMENT_PADDING(cl_size, 8); } - uint8_t *data = malloc(cl_size); + uint8_t *data = calloc(1, cl_size); if (!data) return -1; -- 1.7.10.4 >From 18080ba4acb235fd3b2e679f0308992255e6ca52 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <[email protected]> Date: Wed, 27 Mar 2013 10:49:38 +0800 Subject: [PATCH 8/8] The file should be 8-byte aligned, actually... --- libdpe/pe_allocspace.c | 2 +- src/cms_common.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libdpe/pe_allocspace.c b/libdpe/pe_allocspace.c index 8b09153..716373c 100644 --- a/libdpe/pe_allocspace.c +++ b/libdpe/pe_allocspace.c @@ -119,7 +119,7 @@ pe_allocspace(Pe *pe, size_t size, uint32_t *offset) /* XXX PJFIX TODO: this should try to find space in the already * mapped regions. */ - rc = pe_extend_file(pe, size, offset, 16); + rc = pe_extend_file(pe, size, offset, 8); if (rc < 0) return -1; return 0; diff --git a/src/cms_common.c b/src/cms_common.c index f2ee684..2c998d9 100644 --- a/src/cms_common.c +++ b/src/cms_common.c @@ -949,8 +949,8 @@ generate_digest(cms_context *cms, Pe *pe, int padded) cms->log(cms, LOG_ERR, "Pe has invalid trailing data"); goto error_shdrs; } - if (hash_size % 16 != 0 && padded) { - size_t tmp_size = hash_size + (16 - (hash_size % 16)); + if (hash_size % 8 != 0 && padded) { + size_t tmp_size = hash_size + (8 - (hash_size % 8)); uint8_t tmp_array[tmp_size]; memset(tmp_array, '\0', tmp_size); memcpy(tmp_array, hash_base, hash_size); -- 1.7.10.4 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
