[PATCH v4 1/8] lib: add crypt subsystem

Heiko Schocher hs at denx.de
Thu Jul 8 05:56:31 CEST 2021 

Hello Steffen,

On 08.07.21 01:09, Steffen Jaeckel wrote:
> Add the basic functionality required to support the standard crypt
> format.
> The files crypt-sha256.c and crypt-sha512.c originate from libxcrypt and
> their formatting is therefor retained.
> The integration is done via a crypt_compare() function in crypt.c.
> 
> ```
> libxcrypt $ git describe --long --always --all
> tags/v4.4.17-0-g6b110bc
> ```
> 
> Signed-off-by: Steffen Jaeckel <jaeckel-floss at eyet-services.de>
> Reviewed-by: Simon Glass <sjg at chromium.org>
> ---
> 
> Changes in v4:
> Fix depends for unit-tests
> 
> Changes in v3:
> Add unit-tests for autoboot
> Introduce `bootstopusesha256` to allow fallback to plain SHA256-based
> hashing
> Add AUTOBOOT_FLUSH_STDIN option
> Drop the changes to bcm963158_ram_defconfig
> 
> Changes in v2:
> Update Kconfig way of enabling, setting hashes etc.
> 
> Changes in v1:
> Added unit-tests of crypt_compare()
> Wrapped crypt functions to encapsulate errno

Reviewed-by: Heiko Schocher <hs at denx.de>

Nitpicks below...

>  include/crypt.h          |  13 ++
>  lib/Kconfig              |   1 +
>  lib/Makefile             |   1 +
>  lib/crypt/Kconfig        |  28 ++++
>  lib/crypt/Makefile       |  10 ++
>  lib/crypt/alg-sha256.h   |  17 ++
>  lib/crypt/alg-sha512.h   |  17 ++
>  lib/crypt/crypt-port.h   |  28 ++++
>  lib/crypt/crypt-sha256.c | 313 +++++++++++++++++++++++++++++++++++++
>  lib/crypt/crypt-sha512.c | 328 +++++++++++++++++++++++++++++++++++++++
>  lib/crypt/crypt.c        |  73 +++++++++
>  test/Kconfig             |  10 ++
>  test/lib/Makefile        |   1 +
>  test/lib/test_crypt.c    |  44 ++++++
>  14 files changed, 884 insertions(+)
>  create mode 100644 include/crypt.h
>  create mode 100644 lib/crypt/Kconfig
>  create mode 100644 lib/crypt/Makefile
>  create mode 100644 lib/crypt/alg-sha256.h
>  create mode 100644 lib/crypt/alg-sha512.h
>  create mode 100644 lib/crypt/crypt-port.h
>  create mode 100644 lib/crypt/crypt-sha256.c
>  create mode 100644 lib/crypt/crypt-sha512.c
>  create mode 100644 lib/crypt/crypt.c
>  create mode 100644 test/lib/test_crypt.c

[...]

> diff --git a/lib/crypt/Makefile b/lib/crypt/Makefile
> new file mode 100644
> index 0000000000..290231064c
> --- /dev/null
> +++ b/lib/crypt/Makefile
> @@ -0,0 +1,10 @@
> +# SPDX-License-Identifier: GPL-2.0+
> +#
> +# Copyright (c) 2013, Google Inc.
> +#
> +# (C) Copyright 2000-2007
> +# Wolfgang Denk, DENX Software Engineering, wd at denx.de.

Hmm... this is a new file ... I think you should add
only your Copyright and drop the others... ?

> +obj-$(CONFIG_CRYPT_PW) += crypt.o
> +obj-$(CONFIG_CRYPT_PW_SHA256) += crypt-sha256.o
> +obj-$(CONFIG_CRYPT_PW_SHA512) += crypt-sha512.o

[...]

> diff --git a/lib/crypt/crypt-sha256.c b/lib/crypt/crypt-sha256.c
> new file mode 100644
> index 0000000000..37127d41e1
> --- /dev/null
> +++ b/lib/crypt/crypt-sha256.c
> @@ -0,0 +1,313 @@
> +/* One way encryption based on the SHA256-based Unix crypt implementation.
> + *
> + * Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
> + * Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
> + * Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
> + * Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
> + * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
> + * To the extent possible under law, the named authors have waived all
> + * copyright and related or neighboring rights to this work.
> + *
> + * See https://creativecommons.org/publicdomain/zero/1.0/ for further
> + * details.
> + *
> + * This file is a modified except from [2], lines 648 up to 909.
> + *
> + * [1]  https://www.akkadia.org/drepper/sha-crypt.html
> + * [2]  https://www.akkadia.org/drepper/SHA-crypt.txt
> + */

I miss here the SPDX license identifier... also some hint, from which
exact version this code is from ...


> diff --git a/lib/crypt/crypt-sha512.c b/lib/crypt/crypt-sha512.c
> new file mode 100644
> index 0000000000..3616019445
> --- /dev/null
> +++ b/lib/crypt/crypt-sha512.c
> @@ -0,0 +1,328 @@
> +/* One way encryption based on the SHA512-based Unix crypt implementation.
> + *
> + * Written by Ulrich Drepper <drepper at redhat.com> in 2007 [1].
> + * Modified by Zack Weinberg <zackw at panix.com> in 2017, 2018.
> + * Composed by Björn Esser <besser82 at fedoraproject.org> in 2018.
> + * Modified by Björn Esser <besser82 at fedoraproject.org> in 2020.
> + * Modified by Steffen Jaeckel <jaeckel-floss at eyet-services.de> in 2020.
> + * To the extent possible under law, the named authors have waived all
> + * copyright and related or neighboring rights to this work.
> + *
> + * See https://creativecommons.org/publicdomain/zero/1.0/ for further
> + * details.
> + *
> + * This file is a modified except from [2], lines 1403 up to 1676.
> + *
> + * [1]  https://www.akkadia.org/drepper/sha-crypt.html
> + * [2]  https://www.akkadia.org/drepper/SHA-crypt.txt
> + */

same here


Thanks!

bye,
Heiko
-- 
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-52   Fax: +49-8142-66989-80   Email: hs at denx.de

More information about the U-Boot mailing list