[U-Boot] sha256_crypt for uboot

Richard Retanubun richardretanubun at ruggedcom.com
Mon Jul 9 15:50:05 CEST 2012


On 05/07/12 05:59 AM, Albert ARIBAUD wrote:
Hi Albert,

Thanks for responding, I realize most people are probably away on summer holiday.
>
> Can't speak for Wolfgang of course, but my main question would be why
> would U-Boot need to identify users when its payload OS can do this
> with much more ease and flexibility?
 > IOW, what use case are you considering?

The primary concern here is the power of u-boot CLI. Once here, someone can manually load
and boot the payload OS in a different mode that can bypass any user identification.

Thus, we aim to add the ability uboot to identify users, much like the payload OS does
before granting access to its CLI (if the user interrupts the boot process).

So far I got sha256_crypt() and sha512_crypt() working (sha512 is a bit slow due
to non-arch optimized string lib functions, but its working okay).

If there is interest in sha512, I can send it as a separate patch.

One question to the mailing list though, the sha256_context struct that exist in u-boot

typedef struct {
	uint32_t total[2];
	uint32_t state[8];
	uint8_t buffer[64];
} sha256_context;

Is a little different from the one in libc (i.e. it adds buflen and has a 128 char buffer)

struct sha256_ctx {
	uint32_t H[8];
	uint32_t total[2];
	uint32_t buflen;
	char buffer[128]; /* NB: always correctly aligned for uint32_t.  */
};

I can't seem to find mainlined boards that uses sha256.h (I am sure there are private ones)

Is it okay if I update the sha256.[ch] API to track the implementation from libc?

-- Richard Retanubun --


More information about the U-Boot mailing list