[U-Boot] [PATCH 5/7] rsa: add sha256,rsa4096 algorithm
Simon Glass
sjg at chromium.org
Sun Jan 26 22:19:57 CET 2014
Hi Heiko,
On 24 January 2014 23:44, Heiko Schocher <hs at denx.de> wrote:
> Signed-off-by: Heiko Schocher <hs at denx.de>
> Cc: Simon Glass <sjg at chromium.org>
Missing commit message. Is there no way to integrate this with
common/hash.c? Perhaps the start/finish part of the hashing algorithm
should be added to hash.h struct hash_algo?
I have a patch from Hung-ying Tyan that mostly does this. It won't
apply directly, but here it is below in case it helps...
Regards,
Simon
From: Hung-ying Tyan <tyanh at chromium.org>
Date: Tue, 21 May 2013 18:24:37 +0800
Subject: [PATCH] gen: Add progressive hash API
Add hash_init(), hash_update() and hash_finish() to the hash_algo struct.
Add hash_lookup_algo() to look up the struct given an algorithm name.
Got properly encoded result. See
https://gerrit-int.chromium.org/#/c/38781 for the hashp command.
Used "mm" command to iteratively write and "md" command to dump
standard string (mentioned below) to memory location 0x40008000.
String:
"20656854 63697571 7262206b 206e776f
20786f66 706d756a 766f2073 74207265
6c206568 20797a61 00676f64 00000000"
("The quick brown fox jumps over the lazy dog")
Encoded String:
"d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592"
Signed-off-by: Hung-ying Tyan <tyanh at chromium.org>
Signed-off-by: Simon Glass <sjg at chromium.org>
---
common/hash.c | 115 +++++++++++++++++++++++++++++++++++++++++++++++++++------
include/hash.h | 49 ++++++++++++++++++++++++
2 files changed, 153 insertions(+), 11 deletions(-)
diff --git a/common/hash.c b/common/hash.c
index 10e887f..5d4fc4e 100644
--- a/common/hash.c
+++ b/common/hash.c
@@ -26,11 +26,94 @@
#include <common.h>
#include <command.h>
#include <hash.h>
+#include <malloc.h>
#include <sha1.h>
#include <sha256.h>
#include <asm/io.h>
#include <asm/errno.h>
+#ifdef CONFIG_CMD_SHA1SUM
+static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
+{
+ sha1_context *ctx = malloc(sizeof(sha1_context));
+ sha1_starts(ctx);
+ *ctxp = ctx;
+ return 0;
+}
+
+static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
+ unsigned int size, int is_last)
+{
+ sha1_update((sha1_context *) ctx, buf, size);
+ return 0;
+}
+
+static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
+ int size)
+{
+ if (size < algo->digest_size) {
+ return -1;
+ }
+ sha1_finish((sha1_context *) ctx, dest_buf);
+ free(ctx);
+ return 0;
+}
+#endif
+
+#ifdef CONFIG_SHA256
+static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
+{
+ sha256_context *ctx = malloc(sizeof(sha256_context));
+ sha256_starts(ctx);
+ *ctxp = ctx;
+ return 0;
+}
+
+static int hash_update_sha256(struct hash_algo *algo, void *ctx,
+ const void *buf, unsigned int size, int is_last)
+{
+ sha256_update((sha256_context *) ctx, buf, size);
+ return 0;
+}
+
+static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
*dest_buf,
+ int size)
+{
+ if (size < algo->digest_size) {
+ return -1;
+ }
+ sha256_finish((sha256_context *) ctx, dest_buf);
+ free(ctx);
+ return 0;
+}
+#endif
+
+static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
+{
+ uint32_t *ctx = malloc(sizeof(uint32_t));
+ *ctx = 0;
+ *ctxp = ctx;
+ return 0;
+}
+
+static int hash_update_crc32(struct hash_algo *algo, void *ctx,
+ const void *buf, unsigned int size, int is_last)
+{
+ *((uint32_t *) ctx) = crc32(*((uint32_t *) ctx), buf, size);
+ return 0;
+}
+
+static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
+ int size)
+{
+ if (size < algo->digest_size) {
+ return -1;
+ }
+ *((uint32_t *) dest_buf) = *((uint32_t *) ctx);
+ free(ctx);
+ return 0;
+}
+
/*
* These are the hash algorithms we support. Chips which support accelerated
* crypto could perhaps add named version of these algorithms here. Note that
@@ -65,6 +148,9 @@ static struct hash_algo hash_algo[] = {
SHA1_SUM_LEN,
sha1_csum_wd,
CHUNKSZ_SHA1,
+ hash_init_sha1,
+ hash_update_sha1,
+ hash_finish_sha1,
},
#define MULTI_HASH
#endif
@@ -74,6 +160,9 @@ static struct hash_algo hash_algo[] = {
SHA256_SUM_LEN,
sha256_csum_wd,
CHUNKSZ_SHA256,
+ hash_init_sha256,
+ hash_update_sha256,
+ hash_finish_sha256,
},
#define MULTI_HASH
#endif
@@ -82,6 +171,9 @@ static struct hash_algo hash_algo[] = {
4,
crc32_wd_buf,
CHUNKSZ_CRC32,
+ hash_init_crc32,
+ hash_update_crc32,
+ hash_finish_crc32,
},
};
@@ -216,16 +308,19 @@ static int parse_verify_sum(struct hash_algo
*algo, char *verify_str, u8 *vsum,
return 0;
}
-static struct hash_algo *find_hash_algo(const char *name)
+int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
{
int i;
for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
- if (!strcmp(name, hash_algo[i].name))
- return &hash_algo[i];
+ if (!strcmp(algo_name, hash_algo[i].name)) {
+ *algop = &hash_algo[i];
+ return 0;
+ }
}
- return NULL;
+ debug("Unknown hash algorithm '%s'\n", algo_name);
+ return -EPROTONOSUPPORT;
}
static void show_hash(struct hash_algo *algo, ulong addr, ulong len,
@@ -242,12 +337,11 @@ int hash_block(const char *algo_name, const void
*data, int len,
uint8_t *output, int *output_size)
{
struct hash_algo *algo;
+ int ret;
- algo = find_hash_algo(algo_name);
- if (!algo) {
- debug("Unknown hash algorithm '%s'\n", algo_name);
- return -EPROTONOSUPPORT;
- }
+ ret = hash_lookup_algo(algo_name, &algo);
+ if (ret)
+ return ret;
if (output_size && *output_size < algo->digest_size) {
debug("Output buffer size %d too small (need %d bytes)",
*output_size, algo->digest_size);
@@ -276,8 +370,7 @@ int hash_command(const char *algo_name, int flags,
cmd_tbl_t *cmdtp, int flag,
u8 vsum[HASH_MAX_DIGEST_SIZE];
void *buf;
- algo = find_hash_algo(algo_name);
- if (!algo) {
+ if (hash_lookup_algo(algo_name, &algo)) {
printf("Unknown hash algorithm '%s'\n", algo_name);
return CMD_RET_USAGE;
}
diff --git a/include/hash.h b/include/hash.h
index a837551..0c54e88 100644
--- a/include/hash.h
+++ b/include/hash.h
@@ -43,6 +43,42 @@ struct hash_algo {
void (*hash_func_ws)(const unsigned char *input, unsigned int ilen,
unsigned char *output, unsigned int chunk_sz);
int chunk_size; /* Watchdog chunk size */
+ /*
+ * hash_init: Create the context for progressive hashing
+ *
+ * @algo: Pointer to the hash_algo struct
+ * @ctxp: Pointer to the pointer of the context for hashing
+ * @return 0 if ok, -1 on error
+ */
+ int (*hash_init)(struct hash_algo *algo, void **ctxp);
+ /*
+ * hash_update: Perform hashing on the given buffer
+ *
+ * The context is freed by this function if an error occurs.
+ *
+ * @algo: Pointer to the hash_algo struct
+ * @ctx: Pointer to the context for hashing
+ * @buf: Pointer to the buffer being hashed
+ * @size: Size of the buffer being hashed
+ * @is_last: 1 if this is the last update; 0 otherwise
+ * @return 0 if ok, -1 on error
+ */
+ int (*hash_update)(struct hash_algo *algo, void *ctx, const void *buf,
+ unsigned int size, int is_last);
+ /*
+ * hash_finish: Write the hash result to the given buffer
+ *
+ * The context is freed by this function.
+ *
+ * @algo: Pointer to the hash_algo struct
+ * @ctx: Pointer to the context for hashing
+ * @dest_buf: Pointer to the buffer for the result
+ * @size: Size of the buffer for the result
+ * @return 0 if ok, -ENOSPC if size of the result buffer is too small
+ * or -1 on other errors
+ */
+ int (*hash_finish)(struct hash_algo *algo, void *ctx, void *dest_buf,
+ int size);
};
/*
@@ -86,4 +122,17 @@ int hash_command(const char *algo_name, int flags,
cmd_tbl_t *cmdtp, int flag,
int hash_block(const char *algo_name, const void *data, int len,
uint8_t *output, int *output_size);
+/**
+ * hash_lookup_algo() - Look up the hash_algo struct for an algorithm
+ *
+ * The function returns the pointer to the struct or -EPROTONOSUPPORT if the
+ * algorithm is not available.
+ *
+ * @algo_name: Hash algorithm to look up
+ * @algop: Pointer to the hash_algo struct if found
+ *
+ * @return 0 if ok, -EPROTONOSUPPORT for an unknown algorithm.
+ */
+int hash_lookup_algo(const char *algo_name, struct hash_algo **algop);
+
#endif
--
1.8.5.3
More information about the U-Boot
mailing list