xref: /openbmc/u-boot/common/hash.c (revision 951c8dda) 
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright (c) 2012 The Chromium OS Authors.
4  *
5  * (C) Copyright 2011
6  * Joe Hershberger, National Instruments, joe.hershberger@ni.com
7  *
8  * (C) Copyright 2000
9  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
10  */
11 
12 #ifndef USE_HOSTCC
13 #include <common.h>
14 #include <command.h>
15 #include <malloc.h>
16 #include <mapmem.h>
17 #include <hw_sha.h>
18 #include <asm/io.h>
19 #include <linux/errno.h>
20 #else
21 #include "mkimage.h"
22 #include <time.h>
23 #include <image.h>
24 #endif /* !USE_HOSTCC*/
25 
26 #include <hash.h>
27 #include <u-boot/crc.h>
28 #include <u-boot/sha1.h>
29 #include <u-boot/sha256.h>
30 #include <u-boot/sha512.h>
31 #include <u-boot/md5.h>
32 
33 #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
34 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
35 {
36 	sha1_context *ctx = malloc(sizeof(sha1_context));
37 	sha1_starts(ctx);
38 	*ctxp = ctx;
39 	return 0;
40 }
41 
42 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
43 			    unsigned int size, int is_last)
44 {
45 	sha1_update((sha1_context *)ctx, buf, size);
46 	return 0;
47 }
48 
49 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
50 			    int size)
51 {
52 	if (size < algo->digest_size)
53 		return -1;
54 
55 	sha1_finish((sha1_context *)ctx, dest_buf);
56 	free(ctx);
57 	return 0;
58 }
59 #endif
60 
61 #if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
62 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
63 {
64 	sha256_context *ctx = malloc(sizeof(sha256_context));
65 	sha256_starts(ctx);
66 	*ctxp = ctx;
67 	return 0;
68 }
69 
70 static int hash_update_sha256(struct hash_algo *algo, void *ctx,
71 			      const void *buf, unsigned int size, int is_last)
72 {
73 	sha256_update((sha256_context *)ctx, buf, size);
74 	return 0;
75 }
76 
77 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
78 			      *dest_buf, int size)
79 {
80 	if (size < algo->digest_size)
81 		return -1;
82 
83 	sha256_finish((sha256_context *)ctx, dest_buf);
84 	free(ctx);
85 	return 0;
86 }
87 #endif
88 
89 #if defined(CONFIG_SHA384)
90 static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
91 {
92 	sha512_context *ctx = malloc(sizeof(sha512_context));
93 	sha384_starts(ctx);
94 	*ctxp = ctx;
95 	return 0;
96 }
97 
98 static int hash_update_sha384(struct hash_algo *algo, void *ctx,
99 			      const void *buf, unsigned int size, int is_last)
100 {
101 	sha384_update((sha512_context *)ctx, buf, size);
102 	return 0;
103 }
104 
105 static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
106 			      *dest_buf, int size)
107 {
108 	if (size < algo->digest_size)
109 		return -1;
110 
111 	sha384_finish((sha512_context *)ctx, dest_buf);
112 	free(ctx);
113 	return 0;
114 }
115 #endif
116 
117 #if defined(CONFIG_SHA512)
118 static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
119 {
120 	sha512_context *ctx = malloc(sizeof(sha512_context));
121 	sha512_starts(ctx);
122 	*ctxp = ctx;
123 	return 0;
124 }
125 
126 static int hash_update_sha512(struct hash_algo *algo, void *ctx,
127 			      const void *buf, unsigned int size, int is_last)
128 {
129 	sha512_update((sha512_context *)ctx, buf, size);
130 	return 0;
131 }
132 
133 static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void
134 			      *dest_buf, int size)
135 {
136 	if (size < algo->digest_size)
137 		return -1;
138 
139 	sha512_finish((sha512_context *)ctx, dest_buf);
140 	free(ctx);
141 	return 0;
142 }
143 #endif
144 
145 
146 static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp)
147 {
148 	uint16_t *ctx = malloc(sizeof(uint16_t));
149 	*ctx = 0;
150 	*ctxp = ctx;
151 	return 0;
152 }
153 
154 static int hash_update_crc16_ccitt(struct hash_algo *algo, void *ctx,
155 				   const void *buf, unsigned int size,
156 				   int is_last)
157 {
158 	*((uint16_t *)ctx) = crc16_ccitt(*((uint16_t *)ctx), buf, size);
159 	return 0;
160 }
161 
162 static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx,
163 				   void *dest_buf, int size)
164 {
165 	if (size < algo->digest_size)
166 		return -1;
167 
168 	*((uint16_t *)dest_buf) = *((uint16_t *)ctx);
169 	free(ctx);
170 	return 0;
171 }
172 
173 static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
174 {
175 	uint32_t *ctx = malloc(sizeof(uint32_t));
176 	*ctx = 0;
177 	*ctxp = ctx;
178 	return 0;
179 }
180 
181 static int hash_update_crc32(struct hash_algo *algo, void *ctx,
182 			     const void *buf, unsigned int size, int is_last)
183 {
184 	*((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size);
185 	return 0;
186 }
187 
188 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
189 			     int size)
190 {
191 	if (size < algo->digest_size)
192 		return -1;
193 
194 	*((uint32_t *)dest_buf) = *((uint32_t *)ctx);
195 	free(ctx);
196 	return 0;
197 }
198 
199 /*
200  * These are the hash algorithms we support.  If we have hardware acceleration
201  * is enable we will use that, otherwise a software version of the algorithm.
202  * Note that algorithm names must be in lower case.
203  */
204 static struct hash_algo hash_algo[] = {
205 #ifdef CONFIG_SHA1
206 	{
207 		.name 		= "sha1",
208 		.digest_size	= SHA1_SUM_LEN,
209 		.chunk_size	= CHUNKSZ_SHA1,
210 #ifdef CONFIG_SHA_HW_ACCEL
211 		.hash_func_ws	= hw_sha1,
212 #else
213 		.hash_func_ws	= sha1_csum_wd,
214 #endif
215 #ifdef CONFIG_SHA_PROG_HW_ACCEL
216 		.hash_init	= hw_sha_init,
217 		.hash_update	= hw_sha_update,
218 		.hash_finish	= hw_sha_finish,
219 #else
220 		.hash_init	= hash_init_sha1,
221 		.hash_update	= hash_update_sha1,
222 		.hash_finish	= hash_finish_sha1,
223 #endif
224 	},
225 #endif
226 #ifdef CONFIG_SHA256
227 	{
228 		.name		= "sha256",
229 		.digest_size	= SHA256_SUM_LEN,
230 		.chunk_size	= CHUNKSZ_SHA256,
231 #ifdef CONFIG_SHA_HW_ACCEL
232 		.hash_func_ws	= hw_sha256,
233 #else
234 		.hash_func_ws	= sha256_csum_wd,
235 #endif
236 #ifdef CONFIG_SHA_PROG_HW_ACCEL
237 		.hash_init	= hw_sha_init,
238 		.hash_update	= hw_sha_update,
239 		.hash_finish	= hw_sha_finish,
240 #else
241 		.hash_init	= hash_init_sha256,
242 		.hash_update	= hash_update_sha256,
243 		.hash_finish	= hash_finish_sha256,
244 #endif
245 	},
246 #endif
247 #ifdef CONFIG_SHA384
248 	{
249 		.name		= "sha384",
250 		.digest_size	= SHA384_SUM_LEN,
251 		.chunk_size	= CHUNKSZ_SHA384,
252 		.hash_func_ws	= sha384_csum_wd,
253 		.hash_init	= hash_init_sha384,
254 		.hash_update	= hash_update_sha384,
255 		.hash_finish	= hash_finish_sha384,
256 	},
257 #endif
258 #ifdef CONFIG_SHA512
259 	{
260 		.name		= "sha512",
261 		.digest_size	= SHA512_SUM_LEN,
262 		.chunk_size	= CHUNKSZ_SHA512,
263 		.hash_func_ws	= sha512_csum_wd,
264 		.hash_init	= hash_init_sha512,
265 		.hash_update	= hash_update_sha512,
266 		.hash_finish	= hash_finish_sha512,
267 	},
268 #endif
269 	{
270 		.name		= "crc16-ccitt",
271 		.digest_size	= 2,
272 		.chunk_size	= CHUNKSZ,
273 		.hash_func_ws	= crc16_ccitt_wd_buf,
274 		.hash_init	= hash_init_crc16_ccitt,
275 		.hash_update	= hash_update_crc16_ccitt,
276 		.hash_finish	= hash_finish_crc16_ccitt,
277 	},
278 	{
279 		.name		= "crc32",
280 		.digest_size	= 4,
281 		.chunk_size	= CHUNKSZ_CRC32,
282 		.hash_func_ws	= crc32_wd_buf,
283 		.hash_init	= hash_init_crc32,
284 		.hash_update	= hash_update_crc32,
285 		.hash_finish	= hash_finish_crc32,
286 	},
287 };
288 
289 /* Try to minimize code size for boards that don't want much hashing */
290 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
291 	defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
292 	defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
293 #define multi_hash()	1
294 #else
295 #define multi_hash()	0
296 #endif
297 
298 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
299 {
300 	int i;
301 
302 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
303 		if (!strcmp(algo_name, hash_algo[i].name)) {
304 			*algop = &hash_algo[i];
305 			return 0;
306 		}
307 	}
308 
309 	debug("Unknown hash algorithm '%s'\n", algo_name);
310 	return -EPROTONOSUPPORT;
311 }
312 
313 int hash_progressive_lookup_algo(const char *algo_name,
314 				 struct hash_algo **algop)
315 {
316 	int i;
317 
318 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
319 		if (!strcmp(algo_name, hash_algo[i].name)) {
320 			if (hash_algo[i].hash_init) {
321 				*algop = &hash_algo[i];
322 				return 0;
323 			}
324 		}
325 	}
326 
327 	debug("Unknown hash algorithm '%s'\n", algo_name);
328 	return -EPROTONOSUPPORT;
329 }
330 
331 #ifndef USE_HOSTCC
332 int hash_parse_string(const char *algo_name, const char *str, uint8_t *result)
333 {
334 	struct hash_algo *algo;
335 	int ret;
336 	int i;
337 
338 	ret = hash_lookup_algo(algo_name, &algo);
339 	if (ret)
340 		return ret;
341 
342 	for (i = 0; i < algo->digest_size; i++) {
343 		char chr[3];
344 
345 		strncpy(chr, &str[i * 2], 2);
346 		result[i] = simple_strtoul(chr, NULL, 16);
347 	}
348 
349 	return 0;
350 }
351 
352 int hash_block(const char *algo_name, const void *data, unsigned int len,
353 	       uint8_t *output, int *output_size)
354 {
355 	struct hash_algo *algo;
356 	int ret;
357 
358 	ret = hash_lookup_algo(algo_name, &algo);
359 	if (ret)
360 		return ret;
361 
362 	if (output_size && *output_size < algo->digest_size) {
363 		debug("Output buffer size %d too small (need %d bytes)",
364 		      *output_size, algo->digest_size);
365 		return -ENOSPC;
366 	}
367 	if (output_size)
368 		*output_size = algo->digest_size;
369 	algo->hash_func_ws(data, len, output, algo->chunk_size);
370 
371 	return 0;
372 }
373 
374 #if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
375 /**
376  * store_result: Store the resulting sum to an address or variable
377  *
378  * @algo:		Hash algorithm being used
379  * @sum:		Hash digest (algo->digest_size bytes)
380  * @dest:		Destination, interpreted as a hex address if it starts
381  *			with * (or allow_env_vars is 0) or otherwise as an
382  *			environment variable.
383  * @allow_env_vars:	non-zero to permit storing the result to an
384  *			variable environment
385  */
386 static void store_result(struct hash_algo *algo, const uint8_t *sum,
387 			 const char *dest, int allow_env_vars)
388 {
389 	unsigned int i;
390 	int env_var = 0;
391 
392 	/*
393 	 * If environment variables are allowed, then we assume that 'dest'
394 	 * is an environment variable, unless it starts with *, in which
395 	 * case we assume it is an address. If not allowed, it is always an
396 	 * address. This is to support the crc32 command.
397 	 */
398 	if (allow_env_vars) {
399 		if (*dest == '*')
400 			dest++;
401 		else
402 			env_var = 1;
403 	}
404 
405 	if (env_var) {
406 		char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
407 		char *str_ptr = str_output;
408 
409 		for (i = 0; i < algo->digest_size; i++) {
410 			sprintf(str_ptr, "%02x", sum[i]);
411 			str_ptr += 2;
412 		}
413 		*str_ptr = '\0';
414 		env_set(dest, str_output);
415 	} else {
416 		ulong addr;
417 		void *buf;
418 
419 		addr = simple_strtoul(dest, NULL, 16);
420 		buf = map_sysmem(addr, algo->digest_size);
421 		memcpy(buf, sum, algo->digest_size);
422 		unmap_sysmem(buf);
423 	}
424 }
425 
426 /**
427  * parse_verify_sum: Parse a hash verification parameter
428  *
429  * @algo:		Hash algorithm being used
430  * @verify_str:		Argument to parse. If it starts with * then it is
431  *			interpreted as a hex address containing the hash.
432  *			If the length is exactly the right number of hex digits
433  *			for the digest size, then we assume it is a hex digest.
434  *			Otherwise we assume it is an environment variable, and
435  *			look up its value (it must contain a hex digest).
436  * @vsum:		Returns binary digest value (algo->digest_size bytes)
437  * @allow_env_vars:	non-zero to permit storing the result to an environment
438  *			variable. If 0 then verify_str is assumed to be an
439  *			address, and the * prefix is not expected.
440  * @return 0 if ok, non-zero on error
441  */
442 static int parse_verify_sum(struct hash_algo *algo, char *verify_str,
443 			    uint8_t *vsum, int allow_env_vars)
444 {
445 	int env_var = 0;
446 
447 	/* See comment above in store_result() */
448 	if (allow_env_vars) {
449 		if (*verify_str == '*')
450 			verify_str++;
451 		else
452 			env_var = 1;
453 	}
454 
455 	if (!env_var) {
456 		ulong addr;
457 		void *buf;
458 
459 		addr = simple_strtoul(verify_str, NULL, 16);
460 		buf = map_sysmem(addr, algo->digest_size);
461 		memcpy(vsum, buf, algo->digest_size);
462 	} else {
463 		char *vsum_str;
464 		int digits = algo->digest_size * 2;
465 
466 		/*
467 		 * As with the original code from sha1sum.c, we assume that a
468 		 * string which matches the digest size exactly is a hex
469 		 * string and not an environment variable.
470 		 */
471 		if (strlen(verify_str) == digits)
472 			vsum_str = verify_str;
473 		else {
474 			vsum_str = env_get(verify_str);
475 			if (vsum_str == NULL || strlen(vsum_str) != digits) {
476 				printf("Expected %d hex digits in env var\n",
477 				       digits);
478 				return 1;
479 			}
480 		}
481 
482 		hash_parse_string(algo->name, vsum_str, vsum);
483 	}
484 	return 0;
485 }
486 
487 static void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output)
488 {
489 	int i;
490 
491 	printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
492 	for (i = 0; i < algo->digest_size; i++)
493 		printf("%02x", output[i]);
494 }
495 
496 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
497 		 int argc, char * const argv[])
498 {
499 	ulong addr, len;
500 
501 	if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3)))
502 		return CMD_RET_USAGE;
503 
504 	addr = simple_strtoul(*argv++, NULL, 16);
505 	len = simple_strtoul(*argv++, NULL, 16);
506 
507 	if (multi_hash()) {
508 		struct hash_algo *algo;
509 		u8 *output;
510 		uint8_t vsum[HASH_MAX_DIGEST_SIZE];
511 		void *buf;
512 
513 		if (hash_lookup_algo(algo_name, &algo)) {
514 			printf("Unknown hash algorithm '%s'\n", algo_name);
515 			return CMD_RET_USAGE;
516 		}
517 		argc -= 2;
518 
519 		if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
520 			puts("HASH_MAX_DIGEST_SIZE exceeded\n");
521 			return 1;
522 		}
523 
524 		output = memalign(ARCH_DMA_MINALIGN,
525 				  sizeof(uint32_t) * HASH_MAX_DIGEST_SIZE);
526 
527 		buf = map_sysmem(addr, len);
528 		algo->hash_func_ws(buf, len, output, algo->chunk_size);
529 		unmap_sysmem(buf);
530 
531 		/* Try to avoid code bloat when verify is not needed */
532 #if defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_SHA1SUM_VERIFY) || \
533 	defined(CONFIG_HASH_VERIFY)
534 		if (flags & HASH_FLAG_VERIFY) {
535 #else
536 		if (0) {
537 #endif
538 			if (parse_verify_sum(algo, *argv, vsum,
539 					flags & HASH_FLAG_ENV)) {
540 				printf("ERROR: %s does not contain a valid "
541 					"%s sum\n", *argv, algo->name);
542 				return 1;
543 			}
544 			if (memcmp(output, vsum, algo->digest_size) != 0) {
545 				int i;
546 
547 				hash_show(algo, addr, len, output);
548 				printf(" != ");
549 				for (i = 0; i < algo->digest_size; i++)
550 					printf("%02x", vsum[i]);
551 				puts(" ** ERROR **\n");
552 				return 1;
553 			}
554 		} else {
555 			hash_show(algo, addr, len, output);
556 			printf("\n");
557 
558 			if (argc) {
559 				store_result(algo, output, *argv,
560 					flags & HASH_FLAG_ENV);
561 			}
562 		unmap_sysmem(output);
563 
564 		}
565 
566 	/* Horrible code size hack for boards that just want crc32 */
567 	} else {
568 		ulong crc;
569 		ulong *ptr;
570 
571 		crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
572 
573 		printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
574 				addr, addr + len - 1, crc);
575 
576 		if (argc >= 3) {
577 			ptr = (ulong *)simple_strtoul(argv[0], NULL, 16);
578 			*ptr = crc;
579 		}
580 	}
581 
582 	return 0;
583 }
584 #endif /* CONFIG_CMD_HASH || CONFIG_CMD_SHA1SUM || CONFIG_CMD_CRC32) */
585 #endif /* !USE_HOSTCC */
586