xref: /openbmc/u-boot/common/hash.c (revision 983c72f4)
1 /*
2  * Copyright (c) 2012 The Chromium OS Authors.
3  *
4  * (C) Copyright 2011
5  * Joe Hershberger, National Instruments, joe.hershberger@ni.com
6  *
7  * (C) Copyright 2000
8  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
9  *
10  * This program is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU General Public License as
12  * published by the Free Software Foundation; either version 2 of
13  * the License, or (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
23  * MA 02111-1307 USA
24  */
25 
26 #include <common.h>
27 #include <command.h>
28 #include <hw_sha.h>
29 #include <hash.h>
30 #include <sha1.h>
31 #include <sha256.h>
32 #include <asm/io.h>
33 #include <asm/errno.h>
34 
35 /*
36  * These are the hash algorithms we support. Chips which support accelerated
37  * crypto could perhaps add named version of these algorithms here. Note that
38  * algorithm names must be in lower case.
39  */
40 static struct hash_algo hash_algo[] = {
41 	/*
42 	 * CONFIG_SHA_HW_ACCEL is defined if hardware acceleration is
43 	 * available.
44 	 */
45 #ifdef CONFIG_SHA_HW_ACCEL
46 	{
47 		"sha1",
48 		SHA1_SUM_LEN,
49 		hw_sha1,
50 		CHUNKSZ_SHA1,
51 	}, {
52 		"sha256",
53 		SHA256_SUM_LEN,
54 		hw_sha256,
55 		CHUNKSZ_SHA256,
56 	},
57 #endif
58 	/*
59 	 * This is CONFIG_CMD_SHA1SUM instead of CONFIG_SHA1 since otherwise
60 	 * it bloats the code for boards which use SHA1 but not the 'hash'
61 	 * or 'sha1sum' commands.
62 	 */
63 #ifdef CONFIG_CMD_SHA1SUM
64 	{
65 		"sha1",
66 		SHA1_SUM_LEN,
67 		sha1_csum_wd,
68 		CHUNKSZ_SHA1,
69 	},
70 #define MULTI_HASH
71 #endif
72 #ifdef CONFIG_SHA256
73 	{
74 		"sha256",
75 		SHA256_SUM_LEN,
76 		sha256_csum_wd,
77 		CHUNKSZ_SHA256,
78 	},
79 #define MULTI_HASH
80 #endif
81 	{
82 		"crc32",
83 		4,
84 		crc32_wd_buf,
85 		CHUNKSZ_CRC32,
86 	},
87 };
88 
89 #if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_CMD_HASH)
90 #define MULTI_HASH
91 #endif
92 
93 /* Try to minimize code size for boards that don't want much hashing */
94 #ifdef MULTI_HASH
95 #define multi_hash()	1
96 #else
97 #define multi_hash()	0
98 #endif
99 
100 /**
101  * store_result: Store the resulting sum to an address or variable
102  *
103  * @algo:		Hash algorithm being used
104  * @sum:		Hash digest (algo->digest_size bytes)
105  * @dest:		Destination, interpreted as a hex address if it starts
106  *			with * (or allow_env_vars is 0) or otherwise as an
107  *			environment variable.
108  * @allow_env_vars:	non-zero to permit storing the result to an
109  *			variable environment
110  */
111 static void store_result(struct hash_algo *algo, const u8 *sum,
112 			 const char *dest, int allow_env_vars)
113 {
114 	unsigned int i;
115 	int env_var = 0;
116 
117 	/*
118 	 * If environment variables are allowed, then we assume that 'dest'
119 	 * is an environment variable, unless it starts with *, in which
120 	 * case we assume it is an address. If not allowed, it is always an
121 	 * address. This is to support the crc32 command.
122 	 */
123 	if (allow_env_vars) {
124 		if (*dest == '*')
125 			dest++;
126 		else
127 			env_var = 1;
128 	}
129 
130 	if (env_var) {
131 		char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
132 		char *str_ptr = str_output;
133 
134 		for (i = 0; i < algo->digest_size; i++) {
135 			sprintf(str_ptr, "%02x", sum[i]);
136 			str_ptr += 2;
137 		}
138 		str_ptr = '\0';
139 		setenv(dest, str_output);
140 	} else {
141 		ulong addr;
142 		void *buf;
143 
144 		addr = simple_strtoul(dest, NULL, 16);
145 		buf = map_sysmem(addr, algo->digest_size);
146 		memcpy(buf, sum, algo->digest_size);
147 		unmap_sysmem(buf);
148 	}
149 }
150 
151 /**
152  * parse_verify_sum: Parse a hash verification parameter
153  *
154  * @algo:		Hash algorithm being used
155  * @verify_str:		Argument to parse. If it starts with * then it is
156  *			interpreted as a hex address containing the hash.
157  *			If the length is exactly the right number of hex digits
158  *			for the digest size, then we assume it is a hex digest.
159  *			Otherwise we assume it is an environment variable, and
160  *			look up its value (it must contain a hex digest).
161  * @vsum:		Returns binary digest value (algo->digest_size bytes)
162  * @allow_env_vars:	non-zero to permit storing the result to an environment
163  *			variable. If 0 then verify_str is assumed to be an
164  *			address, and the * prefix is not expected.
165  * @return 0 if ok, non-zero on error
166  */
167 static int parse_verify_sum(struct hash_algo *algo, char *verify_str, u8 *vsum,
168 			    int allow_env_vars)
169 {
170 	int env_var = 0;
171 
172 	/* See comment above in store_result() */
173 	if (allow_env_vars) {
174 		if (*verify_str == '*')
175 			verify_str++;
176 		else
177 			env_var = 1;
178 	}
179 
180 	if (env_var) {
181 		ulong addr;
182 		void *buf;
183 
184 		addr = simple_strtoul(verify_str, NULL, 16);
185 		buf = map_sysmem(addr, algo->digest_size);
186 		memcpy(vsum, buf, algo->digest_size);
187 	} else {
188 		unsigned int i;
189 		char *vsum_str;
190 		int digits = algo->digest_size * 2;
191 
192 		/*
193 		 * As with the original code from sha1sum.c, we assume that a
194 		 * string which matches the digest size exactly is a hex
195 		 * string and not an environment variable.
196 		 */
197 		if (strlen(verify_str) == digits)
198 			vsum_str = verify_str;
199 		else {
200 			vsum_str = getenv(verify_str);
201 			if (vsum_str == NULL || strlen(vsum_str) != digits) {
202 				printf("Expected %d hex digits in env var\n",
203 				       digits);
204 				return 1;
205 			}
206 		}
207 
208 		for (i = 0; i < algo->digest_size; i++) {
209 			char *nullp = vsum_str + (i + 1) * 2;
210 			char end = *nullp;
211 
212 			*nullp = '\0';
213 			vsum[i] = simple_strtoul(vsum_str + (i * 2), NULL, 16);
214 			*nullp = end;
215 		}
216 	}
217 	return 0;
218 }
219 
220 static struct hash_algo *find_hash_algo(const char *name)
221 {
222 	int i;
223 
224 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
225 		if (!strcmp(name, hash_algo[i].name))
226 			return &hash_algo[i];
227 	}
228 
229 	return NULL;
230 }
231 
232 static void show_hash(struct hash_algo *algo, ulong addr, ulong len,
233 		      u8 *output)
234 {
235 	int i;
236 
237 	printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
238 	for (i = 0; i < algo->digest_size; i++)
239 		printf("%02x", output[i]);
240 }
241 
242 int hash_block(const char *algo_name, const void *data, unsigned int len,
243 	       uint8_t *output, int *output_size)
244 {
245 	struct hash_algo *algo;
246 
247 	algo = find_hash_algo(algo_name);
248 	if (!algo) {
249 		debug("Unknown hash algorithm '%s'\n", algo_name);
250 		return -EPROTONOSUPPORT;
251 	}
252 	if (output_size && *output_size < algo->digest_size) {
253 		debug("Output buffer size %d too small (need %d bytes)",
254 		      *output_size, algo->digest_size);
255 		return -ENOSPC;
256 	}
257 	if (output_size)
258 		*output_size = algo->digest_size;
259 	algo->hash_func_ws(data, len, output, algo->chunk_size);
260 
261 	return 0;
262 }
263 
264 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
265 		 int argc, char * const argv[])
266 {
267 	ulong addr, len;
268 
269 	if (argc < 2)
270 		return CMD_RET_USAGE;
271 
272 	addr = simple_strtoul(*argv++, NULL, 16);
273 	len = simple_strtoul(*argv++, NULL, 16);
274 
275 	if (multi_hash()) {
276 		struct hash_algo *algo;
277 		u8 output[HASH_MAX_DIGEST_SIZE];
278 		u8 vsum[HASH_MAX_DIGEST_SIZE];
279 		void *buf;
280 
281 		algo = find_hash_algo(algo_name);
282 		if (!algo) {
283 			printf("Unknown hash algorithm '%s'\n", algo_name);
284 			return CMD_RET_USAGE;
285 		}
286 		argc -= 2;
287 
288 		if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
289 			puts("HASH_MAX_DIGEST_SIZE exceeded\n");
290 			return 1;
291 		}
292 
293 		buf = map_sysmem(addr, len);
294 		algo->hash_func_ws(buf, len, output, algo->chunk_size);
295 		unmap_sysmem(buf);
296 
297 		/* Try to avoid code bloat when verify is not needed */
298 #ifdef CONFIG_HASH_VERIFY
299 		if (flags & HASH_FLAG_VERIFY) {
300 #else
301 		if (0) {
302 #endif
303 			if (!argc)
304 				return CMD_RET_USAGE;
305 			if (parse_verify_sum(algo, *argv, vsum,
306 					flags & HASH_FLAG_ENV)) {
307 				printf("ERROR: %s does not contain a valid "
308 					"%s sum\n", *argv, algo->name);
309 				return 1;
310 			}
311 			if (memcmp(output, vsum, algo->digest_size) != 0) {
312 				int i;
313 
314 				show_hash(algo, addr, len, output);
315 				printf(" != ");
316 				for (i = 0; i < algo->digest_size; i++)
317 					printf("%02x", vsum[i]);
318 				puts(" ** ERROR **\n");
319 				return 1;
320 			}
321 		} else {
322 			show_hash(algo, addr, len, output);
323 			printf("\n");
324 
325 			if (argc) {
326 				store_result(algo, output, *argv,
327 					flags & HASH_FLAG_ENV);
328 			}
329 		}
330 
331 	/* Horrible code size hack for boards that just want crc32 */
332 	} else {
333 		ulong crc;
334 		ulong *ptr;
335 
336 		crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
337 
338 		printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
339 				addr, addr + len - 1, crc);
340 
341 		if (argc > 3) {
342 			ptr = (ulong *)simple_strtoul(argv[3], NULL, 16);
343 			*ptr = crc;
344 		}
345 	}
346 
347 	return 0;
348 }
349