[U-Boot] [PATCH v2 12/23] Add hash command to perform hashing using various algorithms
Joe Hershberger
joe.hershberger at gmail.com
Sat Dec 1 20:39:44 CET 2012
Hi Simon,
On Thu, Nov 22, 2012 at 1:12 PM, Simon Glass <sjg at chromium.org> wrote:
> This new command supports hashing SHA1 and SHA256. It could be extended
> to others such as MD5 and the CRC algorithms. The syntax is modeled on
> those:
>
> hash <algorithm> <address> <length> [*<dest_addr> | <dest_envvar>]
>
> to calculate a hash, and:
>
> hash -v <algorithm> <address> <length> [*<verify_addr> | <verify_envvar>]
>
> to verify a hash.
>
> Use CONFIG_CMD_HASH to enable the command, CONFIG_SHA1 to enable SHA1 and
> CONFIG_SHA256 to enable SHA256.
>
> The existing sha1sum command remains.
>
> Signed-off-by: Simon Glass <sjg at chromium.org>
> ---
> Changes in v2:
> - Add new hash command to support generic hash API
>
> README | 18 +++++++++++++
> common/Makefile | 1 +
> common/cmd_hash.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++
> include/config_cmd_all.h | 1 +
> 4 files changed, 83 insertions(+), 0 deletions(-)
> create mode 100644 common/cmd_hash.c
>
> diff --git a/README b/README
> index 6378101..2a0098d 100644
> --- a/README
> +++ b/README
> @@ -822,6 +822,7 @@ The following options need to be configured:
> CONFIG_CMD_GETTIME * Get time since boot
> CONFIG_CMD_GO * the 'go' command (exec code)
> CONFIG_CMD_GREPENV * search environment
> + CONFIG_CMD_HASH * calculate hash / digest
> CONFIG_CMD_HWFLOW * RTS/CTS hw flow control
> CONFIG_CMD_I2C * I2C serial bus support
> CONFIG_CMD_IDE * IDE harddisk support
> @@ -2391,6 +2392,23 @@ CBFS (Coreboot Filesystem) support
> A better solution is to properly configure the firewall,
> but sometimes that is not allowed.
>
> +- Hashing support:
> + CONFIG_CMD_HASH
> +
> + This enables a generic 'hash' command which can produce
> + hashes / digests from a few algorithms (e.g. SHA1, SHA256).
> +
> + CONFIG_HASH_VERIFY
> +
> + Enable the hash verify command (hash -v). This adds to code
> + size a little.
> +
> + CONFIG_SHA1 - support SHA1 hashing
> + CONFIG_SHA256 - support SHA256 hashing
> +
> + Note: There is also a sha1sum command, which should perhaps
> + be deprecated in favour of 'hash sha1'.
> +
> - Show boot progress:
> CONFIG_SHOW_BOOT_PROGRESS
>
> diff --git a/common/Makefile b/common/Makefile
> index eb175c1..56ec4e4 100644
> --- a/common/Makefile
> +++ b/common/Makefile
> @@ -104,6 +104,7 @@ COBJS-$(CONFIG_CMD_FS_GENERIC) += cmd_fs.o
> COBJS-$(CONFIG_CMD_GETTIME) += cmd_gettime.o
> COBJS-$(CONFIG_CMD_GPIO) += cmd_gpio.o
> COBJS-$(CONFIG_CMD_I2C) += cmd_i2c.o
> +COBJS-$(CONFIG_CMD_HASH) += cmd_hash.o
> COBJS-$(CONFIG_CMD_IDE) += cmd_ide.o
> COBJS-$(CONFIG_CMD_IMMAP) += cmd_immap.o
> COBJS-$(CONFIG_CMD_INI) += cmd_ini.o
> diff --git a/common/cmd_hash.c b/common/cmd_hash.c
> new file mode 100644
> index 0000000..10ce03e
> --- /dev/null
> +++ b/common/cmd_hash.c
> @@ -0,0 +1,63 @@
> +/*
> + * Copyright (c) 2012 The Chromium OS Authors.
> + *
> + * (C) Copyright 2011
> + * Joe Hershberger, National Instruments, joe.hershberger at ni.com
> + *
> + * (C) Copyright 2000
> + * Wolfgang Denk, DENX Software Engineering, wd at denx.de.
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation; either version 2 of
> + * the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
> + * MA 02111-1307 USA
> + */
> +
> +#include <common.h>
> +#include <command.h>
> +#include <hash.h>
> +
> +static int do_hash(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
> +{
> +#ifdef CONFIG_HASH_VERIFY
> + int verify = 0;
> +
> + if (!strcmp(argv[1], "-v")) {
> + verify = 1;
> + argc--;
> + argv++;
> + }
> +#endif
> + /* Move forward to 'algorithm' parameter */
> + argc--;
> + argv++;
> + return hash_command(*argv, verify, cmdtp, flag, argc - 1, argv + 1);
> +}
> +
> +#ifdef CONFIG_HASH_VERIFY
> +U_BOOT_CMD(
> + hash, 6, 1, do_hash,
> + "compute hash message digest",
> + "algorithm address count [[*]sum_dest]\n"
> + " - compute message digest [save to env var / *address]\n"
> + "sha1sum -v algorithm address count [*]sum\n"
The command is now hash, not sha1sum.
> + " - verify sha1sum of memory area with env var / *address"
You probably shouldn't directly refer to sha1sum in the description
> +);
> +#else
> +U_BOOT_CMD(
> + hash, 5, 1, do_hash,
> + "compute message digest",
> + "algorithm address count [[*]sum_dest]\n"
> + " - compute message digest [save to env var / *address]"
> +);
> +#endif
> diff --git a/include/config_cmd_all.h b/include/config_cmd_all.h
> index 148d676..124d51f 100644
> --- a/include/config_cmd_all.h
> +++ b/include/config_cmd_all.h
> @@ -41,6 +41,7 @@
> #define CONFIG_CMD_FLASH /* flinfo, erase, protect */
> #define CONFIG_CMD_FPGA /* FPGA configuration Support */
> #define CONFIG_CMD_GETTIME /* Get time since boot */
> +#define CONFIG_CMD_HASH /* calculate hash / digest */
> #define CONFIG_CMD_HWFLOW /* RTS/CTS hw flow control */
> #define CONFIG_CMD_I2C /* I2C serial bus support */
> #define CONFIG_CMD_IDE /* IDE harddisk support */
Cheers,
-Joe
More information about the U-Boot
mailing list