xref: /openbmc/u-boot/common/hash.c (revision 68fbc0e6)
1 /*
2  * Copyright (c) 2012 The Chromium OS Authors.
3  *
4  * (C) Copyright 2011
5  * Joe Hershberger, National Instruments, joe.hershberger@ni.com
6  *
7  * (C) Copyright 2000
8  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License as
12  * published by the Free Software Foundation; either version 2 of
13  * the License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
23  * MA 02111-1307 USA
24  */
25 
26 #include <common.h>
27 #include <command.h>
28 #include <hw_sha.h>
29 #include <hash.h>
30 #include <sha1.h>
31 #include <sha256.h>
32 #include <asm/io.h>
33 
34 /*
35  * These are the hash algorithms we support. Chips which support accelerated
36  * crypto could perhaps add named version of these algorithms here. Note that
37  * algorithm names must be in lower case.
38  */
39 static struct hash_algo hash_algo[] = {
40 	/*
41 	 * CONFIG_SHA_HW_ACCEL is defined if hardware acceleration is
42 	 * available.
43 	 */
44 #ifdef CONFIG_SHA_HW_ACCEL
45 	{
46 		"sha1",
47 		SHA1_SUM_LEN,
48 		hw_sha1,
49 		CHUNKSZ_SHA1,
50 	}, {
51 		"sha256",
52 		SHA256_SUM_LEN,
53 		hw_sha256,
54 		CHUNKSZ_SHA256,
55 	},
56 #endif
57 	/*
58 	 * This is CONFIG_CMD_SHA1SUM instead of CONFIG_SHA1 since otherwise
59 	 * it bloats the code for boards which use SHA1 but not the 'hash'
60 	 * or 'sha1sum' commands.
61 	 */
62 #ifdef CONFIG_CMD_SHA1SUM
63 	{
64 		"sha1",
65 		SHA1_SUM_LEN,
66 		sha1_csum_wd,
67 		CHUNKSZ_SHA1,
68 	},
69 #define MULTI_HASH
70 #endif
71 #ifdef CONFIG_SHA256
72 	{
73 		"sha256",
74 		SHA256_SUM_LEN,
75 		sha256_csum_wd,
76 		CHUNKSZ_SHA256,
77 	},
78 #define MULTI_HASH
79 #endif
80 	{
81 		"crc32",
82 		4,
83 		crc32_wd_buf,
84 		CHUNKSZ_CRC32,
85 	},
86 };
87 
88 #if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_CMD_HASH)
89 #define MULTI_HASH
90 #endif
91 
92 /* Try to minimize code size for boards that don't want much hashing */
93 #ifdef MULTI_HASH
94 #define multi_hash()	1
95 #else
96 #define multi_hash()	0
97 #endif
98 
99 /**
100  * store_result: Store the resulting sum to an address or variable
101  *
102  * @algo:		Hash algorithm being used
103  * @sum:		Hash digest (algo->digest_size bytes)
104  * @dest:		Destination, interpreted as a hex address if it starts
105  *			with * (or allow_env_vars is 0) or otherwise as an
106  *			environment variable.
107  * @allow_env_vars:	non-zero to permit storing the result to an
108  *			variable environment
109  */
110 static void store_result(struct hash_algo *algo, const u8 *sum,
111 			 const char *dest, int allow_env_vars)
112 {
113 	unsigned int i;
114 	int env_var = 0;
115 
116 	/*
117 	 * If environment variables are allowed, then we assume that 'dest'
118 	 * is an environment variable, unless it starts with *, in which
119 	 * case we assume it is an address. If not allowed, it is always an
120 	 * address. This is to support the crc32 command.
121 	 */
122 	if (allow_env_vars) {
123 		if (*dest == '*')
124 			dest++;
125 		else
126 			env_var = 1;
127 	}
128 
129 	if (env_var) {
130 		char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
131 		char *str_ptr = str_output;
132 
133 		for (i = 0; i < algo->digest_size; i++) {
134 			sprintf(str_ptr, "%02x", sum[i]);
135 			str_ptr += 2;
136 		}
137 		str_ptr = '\0';
138 		setenv(dest, str_output);
139 	} else {
140 		ulong addr;
141 		void *buf;
142 
143 		addr = simple_strtoul(dest, NULL, 16);
144 		buf = map_sysmem(addr, algo->digest_size);
145 		memcpy(buf, sum, algo->digest_size);
146 		unmap_sysmem(buf);
147 	}
148 }
149 
150 /**
151  * parse_verify_sum: Parse a hash verification parameter
152  *
153  * @algo:		Hash algorithm being used
154  * @verify_str:		Argument to parse. If it starts with * then it is
155  *			interpreted as a hex address containing the hash.
156  *			If the length is exactly the right number of hex digits
157  *			for the digest size, then we assume it is a hex digest.
158  *			Otherwise we assume it is an environment variable, and
159  *			look up its value (it must contain a hex digest).
160  * @vsum:		Returns binary digest value (algo->digest_size bytes)
161  * @allow_env_vars:	non-zero to permit storing the result to an environment
162  *			variable. If 0 then verify_str is assumed to be an
163  *			address, and the * prefix is not expected.
164  * @return 0 if ok, non-zero on error
165  */
166 static int parse_verify_sum(struct hash_algo *algo, char *verify_str, u8 *vsum,
167 			    int allow_env_vars)
168 {
169 	int env_var = 0;
170 
171 	/* See comment above in store_result() */
172 	if (allow_env_vars) {
173 		if (*verify_str == '*')
174 			verify_str++;
175 		else
176 			env_var = 1;
177 	}
178 
179 	if (env_var) {
180 		ulong addr;
181 		void *buf;
182 
183 		addr = simple_strtoul(verify_str, NULL, 16);
184 		buf = map_sysmem(addr, algo->digest_size);
185 		memcpy(vsum, buf, algo->digest_size);
186 	} else {
187 		unsigned int i;
188 		char *vsum_str;
189 		int digits = algo->digest_size * 2;
190 
191 		/*
192 		 * As with the original code from sha1sum.c, we assume that a
193 		 * string which matches the digest size exactly is a hex
194 		 * string and not an environment variable.
195 		 */
196 		if (strlen(verify_str) == digits)
197 			vsum_str = verify_str;
198 		else {
199 			vsum_str = getenv(verify_str);
200 			if (vsum_str == NULL || strlen(vsum_str) != digits) {
201 				printf("Expected %d hex digits in env var\n",
202 				       digits);
203 				return 1;
204 			}
205 		}
206 
207 		for (i = 0; i < algo->digest_size; i++) {
208 			char *nullp = vsum_str + (i + 1) * 2;
209 			char end = *nullp;
210 
211 			*nullp = '\0';
212 			vsum[i] = simple_strtoul(vsum_str + (i * 2), NULL, 16);
213 			*nullp = end;
214 		}
215 	}
216 	return 0;
217 }
218 
219 static struct hash_algo *find_hash_algo(const char *name)
220 {
221 	int i;
222 
223 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
224 		if (!strcmp(name, hash_algo[i].name))
225 			return &hash_algo[i];
226 	}
227 
228 	return NULL;
229 }
230 
231 static void show_hash(struct hash_algo *algo, ulong addr, ulong len,
232 		      u8 *output)
233 {
234 	int i;
235 
236 	printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
237 	for (i = 0; i < algo->digest_size; i++)
238 		printf("%02x", output[i]);
239 }
240 
241 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
242 		 int argc, char * const argv[])
243 {
244 	ulong addr, len;
245 
246 	if (argc < 2)
247 		return CMD_RET_USAGE;
248 
249 	addr = simple_strtoul(*argv++, NULL, 16);
250 	len = simple_strtoul(*argv++, NULL, 16);
251 
252 	if (multi_hash()) {
253 		struct hash_algo *algo;
254 		u8 output[HASH_MAX_DIGEST_SIZE];
255 		u8 vsum[HASH_MAX_DIGEST_SIZE];
256 		void *buf;
257 
258 		algo = find_hash_algo(algo_name);
259 		if (!algo) {
260 			printf("Unknown hash algorithm '%s'\n", algo_name);
261 			return CMD_RET_USAGE;
262 		}
263 		argc -= 2;
264 
265 		if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
266 			puts("HASH_MAX_DIGEST_SIZE exceeded\n");
267 			return 1;
268 		}
269 
270 		buf = map_sysmem(addr, len);
271 		algo->hash_func_ws(buf, len, output, algo->chunk_size);
272 		unmap_sysmem(buf);
273 
274 		/* Try to avoid code bloat when verify is not needed */
275 #ifdef CONFIG_HASH_VERIFY
276 		if (flags & HASH_FLAG_VERIFY) {
277 #else
278 		if (0) {
279 #endif
280 			if (!argc)
281 				return CMD_RET_USAGE;
282 			if (parse_verify_sum(algo, *argv, vsum,
283 					flags & HASH_FLAG_ENV)) {
284 				printf("ERROR: %s does not contain a valid "
285 					"%s sum\n", *argv, algo->name);
286 				return 1;
287 			}
288 			if (memcmp(output, vsum, algo->digest_size) != 0) {
289 				int i;
290 
291 				show_hash(algo, addr, len, output);
292 				printf(" != ");
293 				for (i = 0; i < algo->digest_size; i++)
294 					printf("%02x", vsum[i]);
295 				puts(" ** ERROR **\n");
296 				return 1;
297 			}
298 		} else {
299 			show_hash(algo, addr, len, output);
300 			printf("\n");
301 
302 			if (argc) {
303 				store_result(algo, output, *argv,
304 					flags & HASH_FLAG_ENV);
305 			}
306 		}
307 
308 	/* Horrible code size hack for boards that just want crc32 */
309 	} else {
310 		ulong crc;
311 		ulong *ptr;
312 
313 		crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
314 
315 		printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
316 				addr, addr + len - 1, crc);
317 
318 		if (argc > 3) {
319 			ptr = (ulong *)simple_strtoul(argv[3], NULL, 16);
320 			*ptr = crc;
321 		}
322 	}
323 
324 	return 0;
325 }
326