[U-Boot] [PATCH 1/4] Implement verify option for sha1sum command

Fri Aug 17 23:00:45 CEST 2012

Loosely based on CONFIG_CRC32_VERIFY.

The sum to verify against can be in memory, in a variable, or the last
parameter to the function directly.

Signed-off-by: Joe Hershberger <joe.hershberger at ni.com>
---
 common/cmd_sha1sum.c | 105 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 105 insertions(+)

diff --git a/common/cmd_sha1sum.c b/common/cmd_sha1sum.c
index 2713a14..fbb99ea 100644
--- a/common/cmd_sha1sum.c
+++ b/common/cmd_sha1sum.c
@@ -1,4 +1,7 @@
 /*
+ * (C) Copyright 2011
+ * Joe Hershberger, National Instruments, joe.hershberger at ni.com
+ *
  * (C) Copyright 2000
  * Wolfgang Denk, DENX Software Engineering, wd at denx.de.
  *
@@ -25,6 +28,96 @@
 #include <command.h>
 #include <sha1.h>
 
+#ifdef CONFIG_SHA1SUM_VERIFY
+static int parse_verify_sum(char *verify_str, u8 *vsum)
+{
+	if (*verify_str == '*') {
+		u8 *ptr;
+
+		ptr = (u8 *)simple_strtoul(verify_str + 1, NULL, 16);
+		memcpy(vsum, ptr, 20);
+	} else {
+		unsigned int i;
+		char *vsum_str;
+
+		if (strlen(verify_str) == 40)
+			vsum_str = verify_str;
+		else {
+			vsum_str = getenv(verify_str);
+			if (vsum_str == NULL || strlen(vsum_str) != 40)
+				return 1;
+		}
+
+		for (i = 0; i < 20; i++) {
+			char *nullp = vsum_str + (i + 1) * 2;
+			char end = *nullp;
+
+			*nullp = '\0';
+			*(u8 *)(vsum + i) =
+				simple_strtoul(vsum_str + (i * 2), NULL, 16);
+			*nullp = end;
+		}
+	}
+	return 0;
+}
+
+int do_sha1sum(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+	ulong addr, len;
+	unsigned int i;
+	u8 output[20];
+	u8 vsum[20];
+	int verify = 0;
+	int ac;
+	char * const *av;
+
+	if (argc < 3)
+		return CMD_RET_USAGE;
+
+	av = argv + 1;
+	ac = argc - 1;
+	if (strcmp(*av, "-v") == 0) {
+		verify = 1;
+		av++;
+		ac--;
+		if (ac < 3)
+			return CMD_RET_USAGE;
+	}
+
+	addr = simple_strtoul(*av++, NULL, 16);
+	len = simple_strtoul(*av++, NULL, 16);
+
+	sha1_csum_wd((unsigned char *) addr, len, output, CHUNKSZ_SHA1);
+
+	if (!verify) {
+		printf("SHA1 for %08lx ... %08lx ==> ", addr, addr + len - 1);
+		for (i = 0; i < 20; i++)
+			printf("%02x", output[i]);
+		printf("\n");
+	} else {
+		char *verify_str = *av++;
+
+		if (parse_verify_sum(verify_str, vsum)) {
+			printf("ERROR: %s does not contain a valid SHA1 sum\n",
+				verify_str);
+			return 1;
+		}
+		if (memcmp(output, vsum, 20) != 0) {
+			printf("SHA1 for %08lx ... %08lx ==> ", addr,
+				addr + len - 1);
+			for (i = 0; i < 20; i++)
+				printf("%02x", output[i]);
+			printf(" != ");
+			for (i = 0; i < 20; i++)
+				printf("%02x", vsum[i]);
+			printf(" ** ERROR **\n");
+			return 1;
+		}
+	}
+
+	return 0;
+}
+#else
 static int do_sha1sum(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 {
 	unsigned long addr, len;
@@ -45,9 +138,21 @@ static int do_sha1sum(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 
 	return 0;
 }
+#endif
 
+#ifdef CONFIG_SHA1SUM_VERIFY
+U_BOOT_CMD(
+	sha1sum,	5,	1,	do_sha1sum,
+	"compute SHA1 message digest",
+	"address count\n"
+		"    - compute SHA1 message digest\n"
+	"sha1sum -v address count [*]sum\n"
+		"    - verify sha1sum of memory area"
+);
+#else
 U_BOOT_CMD(
 	sha1sum,	3,	1,	do_sha1sum,
 	"compute SHA1 message digest",
 	"address count"
 );
+#endif
-- 
1.7.11.5

