[PATCH v5 04/29] spl: cypto: Bring back SPL_ versions of SHA

Alex G. mr.nuke.me at gmail.com
Tue Oct 5 20:19:42 CEST 2021 

On 9/25/21 8:43 PM, Simon Glass wrote:
> Unfortunately these were removed by mistake. This means that adding hash
> support to SPL brings in all software algorithms, with a substantial
> increase in code size.
> 
> The origin of the problem was renaming them to SPL_FIT_xxx and then these
> were removed altogether in a later commit.
> 
> Add them back. This aligns with CONFIG_MD5, for example, which has an SPL
> variant.
> 
> Signed-off-by: Simon Glass <sjg at chromium.org>
> Fixes: f5bc9c25f31 ("image: Rename SPL_SHAxxx_SUPPORT to SPL_FIT_SHAxxx")
> Fixes: eb5171ddec9 ("common: Remove unused CONFIG_FIT_SHAxxx selectors")

Reviewed-by: Alexandru Gagniuc <mr.nuke.me at gmail.com>

I don't think these ever worked as intended. I had issues disabling SHA1 
in SPL before either of the suspect patches were merged.

> ---
> For now this has no effect but the next patch updates hash.c to deal with
> this condition for both SPL and tools.
> 
> Changes in v5:
> - Add new patch to bring back SPL_ versions of SHA
> 
>   lib/Kconfig | 43 ++++++++++++++++++++++++++++++++++++++++++-
>   1 file changed, 42 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/Kconfig b/lib/Kconfig
> index 034af724b5d..7899e756f99 100644
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -373,7 +373,6 @@ config SHA256
>   	  The SHA256 algorithm produces a 256-bit (32-byte) hash value
>   	  (digest).
>   
> -
>   config SHA512
>   	bool "Enable SHA512 support"
>   	help
> @@ -399,6 +398,48 @@ config SHA_HW_ACCEL
>   	  hashing algorithms. This affects the 'hash' command and also the
>   	  hash_lookup_algo() function.
>   
> +if SPL
> +
> +config SPL_SHA1
> +	bool "Enable SHA1 support in SPL"
> +	default y if SHA1
> +	help
> +	  This option enables support of hashing using SHA1 algorithm.
> +	  The hash is calculated in software.
> +	  The SHA1 algorithm produces a 160-bit (20-byte) hash value
> +	  (digest).
> +
> +config SPL_SHA256
> +	bool "Enable SHA256 support in SPL"
> +	default y if SHA256
> +	help
> +	  This option enables support of hashing using SHA256 algorithm.
> +	  The hash is calculated in software.
> +	  The SHA256 algorithm produces a 256-bit (32-byte) hash value
> +	  (digest).
> +
> +config SPL_SHA512
> +	bool "Enable SHA512 support in SPL"
> +	default y if SHA512
> +	help
> +	  This option enables support of hashing using SHA512 algorithm.
> +	  The hash is calculated in software.
> +	  The SHA512 algorithm produces a 512-bit (64-byte) hash value
> +	  (digest).
> +
> +config SPL_SHA384
> +	bool "Enable SHA384 support in SPL"
> +	default y if SHA384
> +	select SPL_SHA512
> +	help
> +	  This option enables support of hashing using SHA384 algorithm.
> +	  The hash is calculated in software. This is also selects SHA512,
> +	  because these implementations share the bulk of the code..
> +	  The SHA384 algorithm produces a 384-bit (48-byte) hash value
> +	  (digest).
> +
> +endif
> +
>   if SHA_HW_ACCEL
>   
>   config SHA512_HW_ACCEL
>

More information about the U-Boot mailing list