xref: /openbmc/u-boot/common/hash.c (revision 1bc678330e3cfea0062d347cafc2726daf49f221)
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright (c) 2012 The Chromium OS Authors.
4  *
5  * (C) Copyright 2011
6  * Joe Hershberger, National Instruments, joe.hershberger@ni.com
7  *
8  * (C) Copyright 2000
9  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
10  */
11 
12 #ifndef USE_HOSTCC
13 #include <common.h>
14 #include <command.h>
15 #include <malloc.h>
16 #include <mapmem.h>
17 #include <hw_sha.h>
18 #include <asm/io.h>
19 #include <linux/errno.h>
20 #else
21 #include "mkimage.h"
22 #include <time.h>
23 #include <image.h>
24 #endif /* !USE_HOSTCC*/
25 
26 #include <hash.h>
27 #include <u-boot/crc.h>
28 #include <u-boot/sha1.h>
29 #include <u-boot/sha256.h>
30 #include <u-boot/sha512.h>
31 #include <u-boot/md5.h>
32 
33 #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha1(struct hash_algo * algo,void ** ctxp)34 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
35 {
36 	sha1_context *ctx = malloc(sizeof(sha1_context));
37 	sha1_starts(ctx);
38 	*ctxp = ctx;
39 	return 0;
40 }
41 
hash_update_sha1(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)42 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
43 			    unsigned int size, int is_last)
44 {
45 	sha1_update((sha1_context *)ctx, buf, size);
46 	return 0;
47 }
48 
hash_finish_sha1(struct hash_algo * algo,void * ctx,void * dest_buf,int size)49 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
50 			    int size)
51 {
52 	if (size < algo->digest_size)
53 		return -1;
54 
55 	sha1_finish((sha1_context *)ctx, dest_buf);
56 	free(ctx);
57 	return 0;
58 }
59 #endif
60 
61 #if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha256(struct hash_algo * algo,void ** ctxp)62 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
63 {
64 	sha256_context *ctx = malloc(sizeof(sha256_context));
65 	sha256_starts(ctx);
66 	*ctxp = ctx;
67 	return 0;
68 }
69 
hash_update_sha256(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)70 static int hash_update_sha256(struct hash_algo *algo, void *ctx,
71 			      const void *buf, unsigned int size, int is_last)
72 {
73 	sha256_update((sha256_context *)ctx, buf, size);
74 	return 0;
75 }
76 
hash_finish_sha256(struct hash_algo * algo,void * ctx,void * dest_buf,int size)77 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
78 			      *dest_buf, int size)
79 {
80 	if (size < algo->digest_size)
81 		return -1;
82 
83 	sha256_finish((sha256_context *)ctx, dest_buf);
84 	free(ctx);
85 	return 0;
86 }
87 #endif
88 
89 #if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha384(struct hash_algo * algo,void ** ctxp)90 static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
91 {
92 	sha512_context *ctx = malloc(sizeof(sha512_context));
93 	sha384_starts(ctx);
94 	*ctxp = ctx;
95 	return 0;
96 }
97 
hash_update_sha384(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)98 static int hash_update_sha384(struct hash_algo *algo, void *ctx,
99 			      const void *buf, unsigned int size, int is_last)
100 {
101 	sha384_update((sha512_context *)ctx, buf, size);
102 	return 0;
103 }
104 
hash_finish_sha384(struct hash_algo * algo,void * ctx,void * dest_buf,int size)105 static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
106 			      *dest_buf, int size)
107 {
108 	if (size < algo->digest_size)
109 		return -1;
110 
111 	sha384_finish((sha512_context *)ctx, dest_buf);
112 	free(ctx);
113 	return 0;
114 }
115 #endif
116 
117 #if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha512(struct hash_algo * algo,void ** ctxp)118 static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
119 {
120 	sha512_context *ctx = malloc(sizeof(sha512_context));
121 	sha512_starts(ctx);
122 	*ctxp = ctx;
123 	return 0;
124 }
125 
hash_update_sha512(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)126 static int hash_update_sha512(struct hash_algo *algo, void *ctx,
127 			      const void *buf, unsigned int size, int is_last)
128 {
129 	sha512_update((sha512_context *)ctx, buf, size);
130 	return 0;
131 }
132 
hash_finish_sha512(struct hash_algo * algo,void * ctx,void * dest_buf,int size)133 static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void
134 			      *dest_buf, int size)
135 {
136 	if (size < algo->digest_size)
137 		return -1;
138 
139 	sha512_finish((sha512_context *)ctx, dest_buf);
140 	free(ctx);
141 	return 0;
142 }
143 #endif
144 
145 
hash_init_crc16_ccitt(struct hash_algo * algo,void ** ctxp)146 static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp)
147 {
148 	uint16_t *ctx = malloc(sizeof(uint16_t));
149 	*ctx = 0;
150 	*ctxp = ctx;
151 	return 0;
152 }
153 
hash_update_crc16_ccitt(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)154 static int hash_update_crc16_ccitt(struct hash_algo *algo, void *ctx,
155 				   const void *buf, unsigned int size,
156 				   int is_last)
157 {
158 	*((uint16_t *)ctx) = crc16_ccitt(*((uint16_t *)ctx), buf, size);
159 	return 0;
160 }
161 
hash_finish_crc16_ccitt(struct hash_algo * algo,void * ctx,void * dest_buf,int size)162 static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx,
163 				   void *dest_buf, int size)
164 {
165 	if (size < algo->digest_size)
166 		return -1;
167 
168 	*((uint16_t *)dest_buf) = *((uint16_t *)ctx);
169 	free(ctx);
170 	return 0;
171 }
172 
hash_init_crc32(struct hash_algo * algo,void ** ctxp)173 static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
174 {
175 	uint32_t *ctx = malloc(sizeof(uint32_t));
176 	*ctx = 0;
177 	*ctxp = ctx;
178 	return 0;
179 }
180 
hash_update_crc32(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)181 static int hash_update_crc32(struct hash_algo *algo, void *ctx,
182 			     const void *buf, unsigned int size, int is_last)
183 {
184 	*((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size);
185 	return 0;
186 }
187 
hash_finish_crc32(struct hash_algo * algo,void * ctx,void * dest_buf,int size)188 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
189 			     int size)
190 {
191 	if (size < algo->digest_size)
192 		return -1;
193 
194 	*((uint32_t *)dest_buf) = *((uint32_t *)ctx);
195 	free(ctx);
196 	return 0;
197 }
198 
199 /*
200  * These are the hash algorithms we support.  If we have hardware acceleration
201  * is enable we will use that, otherwise a software version of the algorithm.
202  * Note that algorithm names must be in lower case.
203  */
204 static struct hash_algo hash_algo[] = {
205 #ifdef CONFIG_SHA1
206 	{
207 		.name 		= "sha1",
208 		.digest_size	= SHA1_SUM_LEN,
209 		.chunk_size	= CHUNKSZ_SHA1,
210 #ifdef CONFIG_SHA_HW_ACCEL
211 		.hash_func_ws	= hw_sha1,
212 #else
213 		.hash_func_ws	= sha1_csum_wd,
214 #endif
215 #ifdef CONFIG_SHA_PROG_HW_ACCEL
216 		.hash_init	= hw_sha_init,
217 		.hash_update	= hw_sha_update,
218 		.hash_finish	= hw_sha_finish,
219 #else
220 		.hash_init	= hash_init_sha1,
221 		.hash_update	= hash_update_sha1,
222 		.hash_finish	= hash_finish_sha1,
223 #endif
224 	},
225 #endif
226 #ifdef CONFIG_SHA256
227 	{
228 		.name		= "sha256",
229 		.digest_size	= SHA256_SUM_LEN,
230 		.chunk_size	= CHUNKSZ_SHA256,
231 #ifdef CONFIG_SHA_HW_ACCEL
232 		.hash_func_ws	= hw_sha256,
233 #else
234 		.hash_func_ws	= sha256_csum_wd,
235 #endif
236 #ifdef CONFIG_SHA_PROG_HW_ACCEL
237 		.hash_init	= hw_sha_init,
238 		.hash_update	= hw_sha_update,
239 		.hash_finish	= hw_sha_finish,
240 #else
241 		.hash_init	= hash_init_sha256,
242 		.hash_update	= hash_update_sha256,
243 		.hash_finish	= hash_finish_sha256,
244 #endif
245 	},
246 #endif
247 #ifdef CONFIG_SHA384
248 	{
249 		.name		= "sha384",
250 		.digest_size	= SHA384_SUM_LEN,
251 		.chunk_size	= CHUNKSZ_SHA384,
252 #ifdef CONFIG_SHA_HW_ACCEL
253 		.hash_func_ws	= hw_sha384,
254 #else
255 		.hash_func_ws	= sha384_csum_wd,
256 #endif
257 #ifdef CONFIG_SHA_PROG_HW_ACCEL
258 		.hash_init	= hw_sha_init,
259 		.hash_update	= hw_sha_update,
260 		.hash_finish	= hw_sha_finish,
261 #else
262 		.hash_init	= hash_init_sha384,
263 		.hash_update	= hash_update_sha384,
264 		.hash_finish	= hash_finish_sha384,
265 #endif
266 	},
267 #endif
268 #ifdef CONFIG_SHA512
269 	{
270 		.name		= "sha512",
271 		.digest_size	= SHA512_SUM_LEN,
272 		.chunk_size	= CHUNKSZ_SHA512,
273 #ifdef CONFIG_SHA_HW_ACCEL
274 		.hash_func_ws	= hw_sha512,
275 #else
276 		.hash_func_ws	= sha512_csum_wd,
277 #endif
278 #ifdef CONFIG_SHA_PROG_HW_ACCEL
279 		.hash_init	= hw_sha_init,
280 		.hash_update	= hw_sha_update,
281 		.hash_finish	= hw_sha_finish,
282 #else
283 		.hash_init	= hash_init_sha512,
284 		.hash_update	= hash_update_sha512,
285 		.hash_finish	= hash_finish_sha512,
286 #endif
287 	},
288 #endif
289 	{
290 		.name		= "crc16-ccitt",
291 		.digest_size	= 2,
292 		.chunk_size	= CHUNKSZ,
293 		.hash_func_ws	= crc16_ccitt_wd_buf,
294 		.hash_init	= hash_init_crc16_ccitt,
295 		.hash_update	= hash_update_crc16_ccitt,
296 		.hash_finish	= hash_finish_crc16_ccitt,
297 	},
298 	{
299 		.name		= "crc32",
300 		.digest_size	= 4,
301 		.chunk_size	= CHUNKSZ_CRC32,
302 		.hash_func_ws	= crc32_wd_buf,
303 		.hash_init	= hash_init_crc32,
304 		.hash_update	= hash_update_crc32,
305 		.hash_finish	= hash_finish_crc32,
306 	},
307 };
308 
309 /* Try to minimize code size for boards that don't want much hashing */
310 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
311 	defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
312 	defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
313 #define multi_hash()	1
314 #else
315 #define multi_hash()	0
316 #endif
317 
hash_lookup_algo(const char * algo_name,struct hash_algo ** algop)318 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
319 {
320 	int i;
321 
322 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
323 		if (!strcmp(algo_name, hash_algo[i].name)) {
324 			*algop = &hash_algo[i];
325 			return 0;
326 		}
327 	}
328 
329 	debug("Unknown hash algorithm '%s'\n", algo_name);
330 	return -EPROTONOSUPPORT;
331 }
332 
hash_progressive_lookup_algo(const char * algo_name,struct hash_algo ** algop)333 int hash_progressive_lookup_algo(const char *algo_name,
334 				 struct hash_algo **algop)
335 {
336 	int i;
337 
338 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
339 		if (!strcmp(algo_name, hash_algo[i].name)) {
340 			if (hash_algo[i].hash_init) {
341 				*algop = &hash_algo[i];
342 				return 0;
343 			}
344 		}
345 	}
346 
347 	debug("Unknown hash algorithm '%s'\n", algo_name);
348 	return -EPROTONOSUPPORT;
349 }
350 
351 #ifndef USE_HOSTCC
hash_parse_string(const char * algo_name,const char * str,uint8_t * result)352 int hash_parse_string(const char *algo_name, const char *str, uint8_t *result)
353 {
354 	struct hash_algo *algo;
355 	int ret;
356 	int i;
357 
358 	ret = hash_lookup_algo(algo_name, &algo);
359 	if (ret)
360 		return ret;
361 
362 	for (i = 0; i < algo->digest_size; i++) {
363 		char chr[3];
364 
365 		strncpy(chr, &str[i * 2], 2);
366 		result[i] = simple_strtoul(chr, NULL, 16);
367 	}
368 
369 	return 0;
370 }
371 
hash_block(const char * algo_name,const void * data,unsigned int len,uint8_t * output,int * output_size)372 int hash_block(const char *algo_name, const void *data, unsigned int len,
373 	       uint8_t *output, int *output_size)
374 {
375 	struct hash_algo *algo;
376 	int ret;
377 
378 	ret = hash_lookup_algo(algo_name, &algo);
379 	if (ret)
380 		return ret;
381 
382 	if (output_size && *output_size < algo->digest_size) {
383 		debug("Output buffer size %d too small (need %d bytes)",
384 		      *output_size, algo->digest_size);
385 		return -ENOSPC;
386 	}
387 	if (output_size)
388 		*output_size = algo->digest_size;
389 	algo->hash_func_ws(data, len, output, algo->chunk_size);
390 
391 	return 0;
392 }
393 
394 #if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
395 /**
396  * store_result: Store the resulting sum to an address or variable
397  *
398  * @algo:		Hash algorithm being used
399  * @sum:		Hash digest (algo->digest_size bytes)
400  * @dest:		Destination, interpreted as a hex address if it starts
401  *			with * (or allow_env_vars is 0) or otherwise as an
402  *			environment variable.
403  * @allow_env_vars:	non-zero to permit storing the result to an
404  *			variable environment
405  */
store_result(struct hash_algo * algo,const uint8_t * sum,const char * dest,int allow_env_vars)406 static void store_result(struct hash_algo *algo, const uint8_t *sum,
407 			 const char *dest, int allow_env_vars)
408 {
409 	unsigned int i;
410 	int env_var = 0;
411 
412 	/*
413 	 * If environment variables are allowed, then we assume that 'dest'
414 	 * is an environment variable, unless it starts with *, in which
415 	 * case we assume it is an address. If not allowed, it is always an
416 	 * address. This is to support the crc32 command.
417 	 */
418 	if (allow_env_vars) {
419 		if (*dest == '*')
420 			dest++;
421 		else
422 			env_var = 1;
423 	}
424 
425 	if (env_var) {
426 		char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
427 		char *str_ptr = str_output;
428 
429 		for (i = 0; i < algo->digest_size; i++) {
430 			sprintf(str_ptr, "%02x", sum[i]);
431 			str_ptr += 2;
432 		}
433 		*str_ptr = '\0';
434 		env_set(dest, str_output);
435 	} else {
436 		ulong addr;
437 		void *buf;
438 
439 		addr = simple_strtoul(dest, NULL, 16);
440 		buf = map_sysmem(addr, algo->digest_size);
441 		memcpy(buf, sum, algo->digest_size);
442 		unmap_sysmem(buf);
443 	}
444 }
445 
446 /**
447  * parse_verify_sum: Parse a hash verification parameter
448  *
449  * @algo:		Hash algorithm being used
450  * @verify_str:		Argument to parse. If it starts with * then it is
451  *			interpreted as a hex address containing the hash.
452  *			If the length is exactly the right number of hex digits
453  *			for the digest size, then we assume it is a hex digest.
454  *			Otherwise we assume it is an environment variable, and
455  *			look up its value (it must contain a hex digest).
456  * @vsum:		Returns binary digest value (algo->digest_size bytes)
457  * @allow_env_vars:	non-zero to permit storing the result to an environment
458  *			variable. If 0 then verify_str is assumed to be an
459  *			address, and the * prefix is not expected.
460  * @return 0 if ok, non-zero on error
461  */
parse_verify_sum(struct hash_algo * algo,char * verify_str,uint8_t * vsum,int allow_env_vars)462 static int parse_verify_sum(struct hash_algo *algo, char *verify_str,
463 			    uint8_t *vsum, int allow_env_vars)
464 {
465 	int env_var = 0;
466 
467 	/* See comment above in store_result() */
468 	if (allow_env_vars) {
469 		if (*verify_str == '*')
470 			verify_str++;
471 		else
472 			env_var = 1;
473 	}
474 
475 	if (!env_var) {
476 		ulong addr;
477 		void *buf;
478 
479 		addr = simple_strtoul(verify_str, NULL, 16);
480 		buf = map_sysmem(addr, algo->digest_size);
481 		memcpy(vsum, buf, algo->digest_size);
482 	} else {
483 		char *vsum_str;
484 		int digits = algo->digest_size * 2;
485 
486 		/*
487 		 * As with the original code from sha1sum.c, we assume that a
488 		 * string which matches the digest size exactly is a hex
489 		 * string and not an environment variable.
490 		 */
491 		if (strlen(verify_str) == digits)
492 			vsum_str = verify_str;
493 		else {
494 			vsum_str = env_get(verify_str);
495 			if (vsum_str == NULL || strlen(vsum_str) != digits) {
496 				printf("Expected %d hex digits in env var\n",
497 				       digits);
498 				return 1;
499 			}
500 		}
501 
502 		hash_parse_string(algo->name, vsum_str, vsum);
503 	}
504 	return 0;
505 }
506 
hash_show(struct hash_algo * algo,ulong addr,ulong len,uint8_t * output)507 static void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output)
508 {
509 	int i;
510 
511 	printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
512 	for (i = 0; i < algo->digest_size; i++)
513 		printf("%02x", output[i]);
514 }
515 
hash_command(const char * algo_name,int flags,cmd_tbl_t * cmdtp,int flag,int argc,char * const argv[])516 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
517 		 int argc, char * const argv[])
518 {
519 	ulong addr, len;
520 
521 	if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3)))
522 		return CMD_RET_USAGE;
523 
524 	addr = simple_strtoul(*argv++, NULL, 16);
525 	len = simple_strtoul(*argv++, NULL, 16);
526 
527 	if (multi_hash()) {
528 		struct hash_algo *algo;
529 		u8 *output;
530 		uint8_t vsum[HASH_MAX_DIGEST_SIZE];
531 		void *buf;
532 
533 		if (hash_lookup_algo(algo_name, &algo)) {
534 			printf("Unknown hash algorithm '%s'\n", algo_name);
535 			return CMD_RET_USAGE;
536 		}
537 		argc -= 2;
538 
539 		if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
540 			puts("HASH_MAX_DIGEST_SIZE exceeded\n");
541 			return 1;
542 		}
543 
544 		output = memalign(ARCH_DMA_MINALIGN,
545 				  sizeof(uint32_t) * HASH_MAX_DIGEST_SIZE);
546 
547 		buf = map_sysmem(addr, len);
548 		algo->hash_func_ws(buf, len, output, algo->chunk_size);
549 		unmap_sysmem(buf);
550 
551 		/* Try to avoid code bloat when verify is not needed */
552 #if defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_SHA1SUM_VERIFY) || \
553 	defined(CONFIG_HASH_VERIFY)
554 		if (flags & HASH_FLAG_VERIFY) {
555 #else
556 		if (0) {
557 #endif
558 			if (parse_verify_sum(algo, *argv, vsum,
559 					flags & HASH_FLAG_ENV)) {
560 				printf("ERROR: %s does not contain a valid "
561 					"%s sum\n", *argv, algo->name);
562 				return 1;
563 			}
564 			if (memcmp(output, vsum, algo->digest_size) != 0) {
565 				int i;
566 
567 				hash_show(algo, addr, len, output);
568 				printf(" != ");
569 				for (i = 0; i < algo->digest_size; i++)
570 					printf("%02x", vsum[i]);
571 				puts(" ** ERROR **\n");
572 				return 1;
573 			}
574 		} else {
575 			hash_show(algo, addr, len, output);
576 			printf("\n");
577 
578 			if (argc) {
579 				store_result(algo, output, *argv,
580 					flags & HASH_FLAG_ENV);
581 			}
582 		unmap_sysmem(output);
583 
584 		}
585 
586 	/* Horrible code size hack for boards that just want crc32 */
587 	} else {
588 		ulong crc;
589 		ulong *ptr;
590 
591 		crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
592 
593 		printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
594 				addr, addr + len - 1, crc);
595 
596 		if (argc >= 3) {
597 			ptr = (ulong *)simple_strtoul(argv[0], NULL, 16);
598 			*ptr = crc;
599 		}
600 	}
601 
602 	return 0;
603 }
604 #endif /* CONFIG_CMD_HASH || CONFIG_CMD_SHA1SUM || CONFIG_CMD_CRC32) */
605 #endif /* !USE_HOSTCC */
606