1 // SPDX-License-Identifier: GPL-2.0+ 2 /* 3 * Copyright (c) 2012 The Chromium OS Authors. 4 * 5 * (C) Copyright 2011 6 * Joe Hershberger, National Instruments, joe.hershberger@ni.com 7 * 8 * (C) Copyright 2000 9 * Wolfgang Denk, DENX Software Engineering, wd@denx.de. 10 */ 11 12 #ifndef USE_HOSTCC 13 #include <common.h> 14 #include <command.h> 15 #include <malloc.h> 16 #include <mapmem.h> 17 #include <hw_sha.h> 18 #include <asm/io.h> 19 #include <linux/errno.h> 20 #else 21 #include "mkimage.h" 22 #include <time.h> 23 #include <image.h> 24 #endif /* !USE_HOSTCC*/ 25 26 #include <hash.h> 27 #include <u-boot/crc.h> 28 #include <u-boot/sha1.h> 29 #include <u-boot/sha256.h> 30 #include <u-boot/sha512.h> 31 #include <u-boot/md5.h> 32 33 #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL) 34 static int hash_init_sha1(struct hash_algo *algo, void **ctxp) 35 { 36 sha1_context *ctx = malloc(sizeof(sha1_context)); 37 sha1_starts(ctx); 38 *ctxp = ctx; 39 return 0; 40 } 41 42 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf, 43 unsigned int size, int is_last) 44 { 45 sha1_update((sha1_context *)ctx, buf, size); 46 return 0; 47 } 48 49 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, 50 int size) 51 { 52 if (size < algo->digest_size) 53 return -1; 54 55 sha1_finish((sha1_context *)ctx, dest_buf); 56 free(ctx); 57 return 0; 58 } 59 #endif 60 61 #if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL) 62 static int hash_init_sha256(struct hash_algo *algo, void **ctxp) 63 { 64 sha256_context *ctx = malloc(sizeof(sha256_context)); 65 sha256_starts(ctx); 66 *ctxp = ctx; 67 return 0; 68 } 69 70 static int hash_update_sha256(struct hash_algo *algo, void *ctx, 71 const void *buf, unsigned int size, int is_last) 72 { 73 sha256_update((sha256_context *)ctx, buf, size); 74 return 0; 75 } 76 77 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void 78 *dest_buf, int size) 79 { 80 if (size < algo->digest_size) 81 return -1; 82 83 sha256_finish((sha256_context *)ctx, dest_buf); 84 free(ctx); 85 return 0; 86 } 87 #endif 88 89 #if defined(CONFIG_SHA384) && !defined(CONFIG_SHA_PROG_HW_ACCEL) 90 static int hash_init_sha384(struct hash_algo *algo, void **ctxp) 91 { 92 sha512_context *ctx = malloc(sizeof(sha512_context)); 93 sha384_starts(ctx); 94 *ctxp = ctx; 95 return 0; 96 } 97 98 static int hash_update_sha384(struct hash_algo *algo, void *ctx, 99 const void *buf, unsigned int size, int is_last) 100 { 101 sha384_update((sha512_context *)ctx, buf, size); 102 return 0; 103 } 104 105 static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void 106 *dest_buf, int size) 107 { 108 if (size < algo->digest_size) 109 return -1; 110 111 sha384_finish((sha512_context *)ctx, dest_buf); 112 free(ctx); 113 return 0; 114 } 115 #endif 116 117 #if defined(CONFIG_SHA512) && !defined(CONFIG_SHA_PROG_HW_ACCEL) 118 static int hash_init_sha512(struct hash_algo *algo, void **ctxp) 119 { 120 sha512_context *ctx = malloc(sizeof(sha512_context)); 121 sha512_starts(ctx); 122 *ctxp = ctx; 123 return 0; 124 } 125 126 static int hash_update_sha512(struct hash_algo *algo, void *ctx, 127 const void *buf, unsigned int size, int is_last) 128 { 129 sha512_update((sha512_context *)ctx, buf, size); 130 return 0; 131 } 132 133 static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void 134 *dest_buf, int size) 135 { 136 if (size < algo->digest_size) 137 return -1; 138 139 sha512_finish((sha512_context *)ctx, dest_buf); 140 free(ctx); 141 return 0; 142 } 143 #endif 144 145 146 static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp) 147 { 148 uint16_t *ctx = malloc(sizeof(uint16_t)); 149 *ctx = 0; 150 *ctxp = ctx; 151 return 0; 152 } 153 154 static int hash_update_crc16_ccitt(struct hash_algo *algo, void *ctx, 155 const void *buf, unsigned int size, 156 int is_last) 157 { 158 *((uint16_t *)ctx) = crc16_ccitt(*((uint16_t *)ctx), buf, size); 159 return 0; 160 } 161 162 static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx, 163 void *dest_buf, int size) 164 { 165 if (size < algo->digest_size) 166 return -1; 167 168 *((uint16_t *)dest_buf) = *((uint16_t *)ctx); 169 free(ctx); 170 return 0; 171 } 172 173 static int hash_init_crc32(struct hash_algo *algo, void **ctxp) 174 { 175 uint32_t *ctx = malloc(sizeof(uint32_t)); 176 *ctx = 0; 177 *ctxp = ctx; 178 return 0; 179 } 180 181 static int hash_update_crc32(struct hash_algo *algo, void *ctx, 182 const void *buf, unsigned int size, int is_last) 183 { 184 *((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size); 185 return 0; 186 } 187 188 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf, 189 int size) 190 { 191 if (size < algo->digest_size) 192 return -1; 193 194 *((uint32_t *)dest_buf) = *((uint32_t *)ctx); 195 free(ctx); 196 return 0; 197 } 198 199 /* 200 * These are the hash algorithms we support. If we have hardware acceleration 201 * is enable we will use that, otherwise a software version of the algorithm. 202 * Note that algorithm names must be in lower case. 203 */ 204 static struct hash_algo hash_algo[] = { 205 #ifdef CONFIG_SHA1 206 { 207 .name = "sha1", 208 .digest_size = SHA1_SUM_LEN, 209 .chunk_size = CHUNKSZ_SHA1, 210 #ifdef CONFIG_SHA_HW_ACCEL 211 .hash_func_ws = hw_sha1, 212 #else 213 .hash_func_ws = sha1_csum_wd, 214 #endif 215 #ifdef CONFIG_SHA_PROG_HW_ACCEL 216 .hash_init = hw_sha_init, 217 .hash_update = hw_sha_update, 218 .hash_finish = hw_sha_finish, 219 #else 220 .hash_init = hash_init_sha1, 221 .hash_update = hash_update_sha1, 222 .hash_finish = hash_finish_sha1, 223 #endif 224 }, 225 #endif 226 #ifdef CONFIG_SHA256 227 { 228 .name = "sha256", 229 .digest_size = SHA256_SUM_LEN, 230 .chunk_size = CHUNKSZ_SHA256, 231 #ifdef CONFIG_SHA_HW_ACCEL 232 .hash_func_ws = hw_sha256, 233 #else 234 .hash_func_ws = sha256_csum_wd, 235 #endif 236 #ifdef CONFIG_SHA_PROG_HW_ACCEL 237 .hash_init = hw_sha_init, 238 .hash_update = hw_sha_update, 239 .hash_finish = hw_sha_finish, 240 #else 241 .hash_init = hash_init_sha256, 242 .hash_update = hash_update_sha256, 243 .hash_finish = hash_finish_sha256, 244 #endif 245 }, 246 #endif 247 #ifdef CONFIG_SHA384 248 { 249 .name = "sha384", 250 .digest_size = SHA384_SUM_LEN, 251 .chunk_size = CHUNKSZ_SHA384, 252 #ifdef CONFIG_SHA_HW_ACCEL 253 .hash_func_ws = hw_sha384, 254 #else 255 .hash_func_ws = sha384_csum_wd, 256 #endif 257 #ifdef CONFIG_SHA_PROG_HW_ACCEL 258 .hash_init = hw_sha_init, 259 .hash_update = hw_sha_update, 260 .hash_finish = hw_sha_finish, 261 #else 262 .hash_init = hash_init_sha384, 263 .hash_update = hash_update_sha384, 264 .hash_finish = hash_finish_sha384, 265 #endif 266 }, 267 #endif 268 #ifdef CONFIG_SHA512 269 { 270 .name = "sha512", 271 .digest_size = SHA512_SUM_LEN, 272 .chunk_size = CHUNKSZ_SHA512, 273 #ifdef CONFIG_SHA_HW_ACCEL 274 .hash_func_ws = hw_sha512, 275 #else 276 .hash_func_ws = sha512_csum_wd, 277 #endif 278 #ifdef CONFIG_SHA_PROG_HW_ACCEL 279 .hash_init = hw_sha_init, 280 .hash_update = hw_sha_update, 281 .hash_finish = hw_sha_finish, 282 #else 283 .hash_init = hash_init_sha512, 284 .hash_update = hash_update_sha512, 285 .hash_finish = hash_finish_sha512, 286 #endif 287 }, 288 #endif 289 { 290 .name = "crc16-ccitt", 291 .digest_size = 2, 292 .chunk_size = CHUNKSZ, 293 .hash_func_ws = crc16_ccitt_wd_buf, 294 .hash_init = hash_init_crc16_ccitt, 295 .hash_update = hash_update_crc16_ccitt, 296 .hash_finish = hash_finish_crc16_ccitt, 297 }, 298 { 299 .name = "crc32", 300 .digest_size = 4, 301 .chunk_size = CHUNKSZ_CRC32, 302 .hash_func_ws = crc32_wd_buf, 303 .hash_init = hash_init_crc32, 304 .hash_update = hash_update_crc32, 305 .hash_finish = hash_finish_crc32, 306 }, 307 }; 308 309 /* Try to minimize code size for boards that don't want much hashing */ 310 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \ 311 defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \ 312 defined(CONFIG_SHA384) || defined(CONFIG_SHA512) 313 #define multi_hash() 1 314 #else 315 #define multi_hash() 0 316 #endif 317 318 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop) 319 { 320 int i; 321 322 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) { 323 if (!strcmp(algo_name, hash_algo[i].name)) { 324 *algop = &hash_algo[i]; 325 return 0; 326 } 327 } 328 329 debug("Unknown hash algorithm '%s'\n", algo_name); 330 return -EPROTONOSUPPORT; 331 } 332 333 int hash_progressive_lookup_algo(const char *algo_name, 334 struct hash_algo **algop) 335 { 336 int i; 337 338 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) { 339 if (!strcmp(algo_name, hash_algo[i].name)) { 340 if (hash_algo[i].hash_init) { 341 *algop = &hash_algo[i]; 342 return 0; 343 } 344 } 345 } 346 347 debug("Unknown hash algorithm '%s'\n", algo_name); 348 return -EPROTONOSUPPORT; 349 } 350 351 #ifndef USE_HOSTCC 352 int hash_parse_string(const char *algo_name, const char *str, uint8_t *result) 353 { 354 struct hash_algo *algo; 355 int ret; 356 int i; 357 358 ret = hash_lookup_algo(algo_name, &algo); 359 if (ret) 360 return ret; 361 362 for (i = 0; i < algo->digest_size; i++) { 363 char chr[3]; 364 365 strncpy(chr, &str[i * 2], 2); 366 result[i] = simple_strtoul(chr, NULL, 16); 367 } 368 369 return 0; 370 } 371 372 int hash_block(const char *algo_name, const void *data, unsigned int len, 373 uint8_t *output, int *output_size) 374 { 375 struct hash_algo *algo; 376 int ret; 377 378 ret = hash_lookup_algo(algo_name, &algo); 379 if (ret) 380 return ret; 381 382 if (output_size && *output_size < algo->digest_size) { 383 debug("Output buffer size %d too small (need %d bytes)", 384 *output_size, algo->digest_size); 385 return -ENOSPC; 386 } 387 if (output_size) 388 *output_size = algo->digest_size; 389 algo->hash_func_ws(data, len, output, algo->chunk_size); 390 391 return 0; 392 } 393 394 #if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32) 395 /** 396 * store_result: Store the resulting sum to an address or variable 397 * 398 * @algo: Hash algorithm being used 399 * @sum: Hash digest (algo->digest_size bytes) 400 * @dest: Destination, interpreted as a hex address if it starts 401 * with * (or allow_env_vars is 0) or otherwise as an 402 * environment variable. 403 * @allow_env_vars: non-zero to permit storing the result to an 404 * variable environment 405 */ 406 static void store_result(struct hash_algo *algo, const uint8_t *sum, 407 const char *dest, int allow_env_vars) 408 { 409 unsigned int i; 410 int env_var = 0; 411 412 /* 413 * If environment variables are allowed, then we assume that 'dest' 414 * is an environment variable, unless it starts with *, in which 415 * case we assume it is an address. If not allowed, it is always an 416 * address. This is to support the crc32 command. 417 */ 418 if (allow_env_vars) { 419 if (*dest == '*') 420 dest++; 421 else 422 env_var = 1; 423 } 424 425 if (env_var) { 426 char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1]; 427 char *str_ptr = str_output; 428 429 for (i = 0; i < algo->digest_size; i++) { 430 sprintf(str_ptr, "%02x", sum[i]); 431 str_ptr += 2; 432 } 433 *str_ptr = '\0'; 434 env_set(dest, str_output); 435 } else { 436 ulong addr; 437 void *buf; 438 439 addr = simple_strtoul(dest, NULL, 16); 440 buf = map_sysmem(addr, algo->digest_size); 441 memcpy(buf, sum, algo->digest_size); 442 unmap_sysmem(buf); 443 } 444 } 445 446 /** 447 * parse_verify_sum: Parse a hash verification parameter 448 * 449 * @algo: Hash algorithm being used 450 * @verify_str: Argument to parse. If it starts with * then it is 451 * interpreted as a hex address containing the hash. 452 * If the length is exactly the right number of hex digits 453 * for the digest size, then we assume it is a hex digest. 454 * Otherwise we assume it is an environment variable, and 455 * look up its value (it must contain a hex digest). 456 * @vsum: Returns binary digest value (algo->digest_size bytes) 457 * @allow_env_vars: non-zero to permit storing the result to an environment 458 * variable. If 0 then verify_str is assumed to be an 459 * address, and the * prefix is not expected. 460 * @return 0 if ok, non-zero on error 461 */ 462 static int parse_verify_sum(struct hash_algo *algo, char *verify_str, 463 uint8_t *vsum, int allow_env_vars) 464 { 465 int env_var = 0; 466 467 /* See comment above in store_result() */ 468 if (allow_env_vars) { 469 if (*verify_str == '*') 470 verify_str++; 471 else 472 env_var = 1; 473 } 474 475 if (!env_var) { 476 ulong addr; 477 void *buf; 478 479 addr = simple_strtoul(verify_str, NULL, 16); 480 buf = map_sysmem(addr, algo->digest_size); 481 memcpy(vsum, buf, algo->digest_size); 482 } else { 483 char *vsum_str; 484 int digits = algo->digest_size * 2; 485 486 /* 487 * As with the original code from sha1sum.c, we assume that a 488 * string which matches the digest size exactly is a hex 489 * string and not an environment variable. 490 */ 491 if (strlen(verify_str) == digits) 492 vsum_str = verify_str; 493 else { 494 vsum_str = env_get(verify_str); 495 if (vsum_str == NULL || strlen(vsum_str) != digits) { 496 printf("Expected %d hex digits in env var\n", 497 digits); 498 return 1; 499 } 500 } 501 502 hash_parse_string(algo->name, vsum_str, vsum); 503 } 504 return 0; 505 } 506 507 static void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output) 508 { 509 int i; 510 511 printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1); 512 for (i = 0; i < algo->digest_size; i++) 513 printf("%02x", output[i]); 514 } 515 516 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag, 517 int argc, char * const argv[]) 518 { 519 ulong addr, len; 520 521 if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3))) 522 return CMD_RET_USAGE; 523 524 addr = simple_strtoul(*argv++, NULL, 16); 525 len = simple_strtoul(*argv++, NULL, 16); 526 527 if (multi_hash()) { 528 struct hash_algo *algo; 529 u8 *output; 530 uint8_t vsum[HASH_MAX_DIGEST_SIZE]; 531 void *buf; 532 533 if (hash_lookup_algo(algo_name, &algo)) { 534 printf("Unknown hash algorithm '%s'\n", algo_name); 535 return CMD_RET_USAGE; 536 } 537 argc -= 2; 538 539 if (algo->digest_size > HASH_MAX_DIGEST_SIZE) { 540 puts("HASH_MAX_DIGEST_SIZE exceeded\n"); 541 return 1; 542 } 543 544 output = memalign(ARCH_DMA_MINALIGN, 545 sizeof(uint32_t) * HASH_MAX_DIGEST_SIZE); 546 547 buf = map_sysmem(addr, len); 548 algo->hash_func_ws(buf, len, output, algo->chunk_size); 549 unmap_sysmem(buf); 550 551 /* Try to avoid code bloat when verify is not needed */ 552 #if defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_SHA1SUM_VERIFY) || \ 553 defined(CONFIG_HASH_VERIFY) 554 if (flags & HASH_FLAG_VERIFY) { 555 #else 556 if (0) { 557 #endif 558 if (parse_verify_sum(algo, *argv, vsum, 559 flags & HASH_FLAG_ENV)) { 560 printf("ERROR: %s does not contain a valid " 561 "%s sum\n", *argv, algo->name); 562 return 1; 563 } 564 if (memcmp(output, vsum, algo->digest_size) != 0) { 565 int i; 566 567 hash_show(algo, addr, len, output); 568 printf(" != "); 569 for (i = 0; i < algo->digest_size; i++) 570 printf("%02x", vsum[i]); 571 puts(" ** ERROR **\n"); 572 return 1; 573 } 574 } else { 575 hash_show(algo, addr, len, output); 576 printf("\n"); 577 578 if (argc) { 579 store_result(algo, output, *argv, 580 flags & HASH_FLAG_ENV); 581 } 582 unmap_sysmem(output); 583 584 } 585 586 /* Horrible code size hack for boards that just want crc32 */ 587 } else { 588 ulong crc; 589 ulong *ptr; 590 591 crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32); 592 593 printf("CRC32 for %08lx ... %08lx ==> %08lx\n", 594 addr, addr + len - 1, crc); 595 596 if (argc >= 3) { 597 ptr = (ulong *)simple_strtoul(argv[0], NULL, 16); 598 *ptr = crc; 599 } 600 } 601 602 return 0; 603 } 604 #endif /* CONFIG_CMD_HASH || CONFIG_CMD_SHA1SUM || CONFIG_CMD_CRC32) */ 605 #endif /* !USE_HOSTCC */ 606