xref: /openbmc/u-boot/common/hash.c (revision aa8e00fa) 
1 /*
2  * Copyright (c) 2012 The Chromium OS Authors.
3  *
4  * (C) Copyright 2011
5  * Joe Hershberger, National Instruments, joe.hershberger@ni.com
6  *
7  * (C) Copyright 2000
8  * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
9  *
10  * SPDX-License-Identifier:	GPL-2.0+
11  */
12 
13 #ifndef USE_HOSTCC
14 #include <common.h>
15 #include <command.h>
16 #include <malloc.h>
17 #include <hw_sha.h>
18 #include <asm/io.h>
19 #include <asm/errno.h>
20 #else
21 #include "mkimage.h"
22 #include <time.h>
23 #include <image.h>
24 #endif /* !USE_HOSTCC*/
25 
26 #include <hash.h>
27 #include <u-boot/crc.h>
28 #include <u-boot/sha1.h>
29 #include <u-boot/sha256.h>
30 #include <u-boot/md5.h>
31 
32 #ifdef CONFIG_SHA1
33 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
34 {
35 	sha1_context *ctx = malloc(sizeof(sha1_context));
36 	sha1_starts(ctx);
37 	*ctxp = ctx;
38 	return 0;
39 }
40 
41 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
42 			    unsigned int size, int is_last)
43 {
44 	sha1_update((sha1_context *)ctx, buf, size);
45 	return 0;
46 }
47 
48 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
49 			    int size)
50 {
51 	if (size < algo->digest_size)
52 		return -1;
53 
54 	sha1_finish((sha1_context *)ctx, dest_buf);
55 	free(ctx);
56 	return 0;
57 }
58 #endif
59 
60 #ifdef CONFIG_SHA256
61 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
62 {
63 	sha256_context *ctx = malloc(sizeof(sha256_context));
64 	sha256_starts(ctx);
65 	*ctxp = ctx;
66 	return 0;
67 }
68 
69 static int hash_update_sha256(struct hash_algo *algo, void *ctx,
70 			      const void *buf, unsigned int size, int is_last)
71 {
72 	sha256_update((sha256_context *)ctx, buf, size);
73 	return 0;
74 }
75 
76 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
77 			      *dest_buf, int size)
78 {
79 	if (size < algo->digest_size)
80 		return -1;
81 
82 	sha256_finish((sha256_context *)ctx, dest_buf);
83 	free(ctx);
84 	return 0;
85 }
86 #endif
87 
88 static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
89 {
90 	uint32_t *ctx = malloc(sizeof(uint32_t));
91 	*ctx = 0;
92 	*ctxp = ctx;
93 	return 0;
94 }
95 
96 static int hash_update_crc32(struct hash_algo *algo, void *ctx,
97 			     const void *buf, unsigned int size, int is_last)
98 {
99 	*((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size);
100 	return 0;
101 }
102 
103 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
104 			     int size)
105 {
106 	if (size < algo->digest_size)
107 		return -1;
108 
109 	*((uint32_t *)dest_buf) = *((uint32_t *)ctx);
110 	free(ctx);
111 	return 0;
112 }
113 
114 /*
115  * These are the hash algorithms we support. Chips which support accelerated
116  * crypto could perhaps add named version of these algorithms here. Note that
117  * algorithm names must be in lower case.
118  */
119 static struct hash_algo hash_algo[] = {
120 	/*
121 	 * CONFIG_SHA_HW_ACCEL is defined if hardware acceleration is
122 	 * available.
123 	 */
124 #ifdef CONFIG_SHA_HW_ACCEL
125 	{
126 		"sha1",
127 		SHA1_SUM_LEN,
128 		hw_sha1,
129 		CHUNKSZ_SHA1,
130 	}, {
131 		"sha256",
132 		SHA256_SUM_LEN,
133 		hw_sha256,
134 		CHUNKSZ_SHA256,
135 	},
136 #endif
137 #ifdef CONFIG_SHA1
138 	{
139 		"sha1",
140 		SHA1_SUM_LEN,
141 		sha1_csum_wd,
142 		CHUNKSZ_SHA1,
143 		hash_init_sha1,
144 		hash_update_sha1,
145 		hash_finish_sha1,
146 	},
147 #endif
148 #ifdef CONFIG_SHA256
149 	{
150 		"sha256",
151 		SHA256_SUM_LEN,
152 		sha256_csum_wd,
153 		CHUNKSZ_SHA256,
154 		hash_init_sha256,
155 		hash_update_sha256,
156 		hash_finish_sha256,
157 	},
158 #endif
159 	{
160 		"crc32",
161 		4,
162 		crc32_wd_buf,
163 		CHUNKSZ_CRC32,
164 		hash_init_crc32,
165 		hash_update_crc32,
166 		hash_finish_crc32,
167 	},
168 };
169 
170 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM)
171 #define MULTI_HASH
172 #endif
173 
174 #if defined(CONFIG_HASH_VERIFY) || defined(CONFIG_CMD_HASH)
175 #define MULTI_HASH
176 #endif
177 
178 /* Try to minimize code size for boards that don't want much hashing */
179 #ifdef MULTI_HASH
180 #define multi_hash()	1
181 #else
182 #define multi_hash()	0
183 #endif
184 
185 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
186 {
187 	int i;
188 
189 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
190 		if (!strcmp(algo_name, hash_algo[i].name)) {
191 			*algop = &hash_algo[i];
192 			return 0;
193 		}
194 	}
195 
196 	debug("Unknown hash algorithm '%s'\n", algo_name);
197 	return -EPROTONOSUPPORT;
198 }
199 
200 int hash_progressive_lookup_algo(const char *algo_name,
201 				 struct hash_algo **algop)
202 {
203 	int i;
204 
205 	for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
206 		if (!strcmp(algo_name, hash_algo[i].name)) {
207 			if (hash_algo[i].hash_init) {
208 				*algop = &hash_algo[i];
209 				return 0;
210 			}
211 		}
212 	}
213 
214 	debug("Unknown hash algorithm '%s'\n", algo_name);
215 	return -EPROTONOSUPPORT;
216 }
217 
218 #ifndef USE_HOSTCC
219 /**
220  * store_result: Store the resulting sum to an address or variable
221  *
222  * @algo:		Hash algorithm being used
223  * @sum:		Hash digest (algo->digest_size bytes)
224  * @dest:		Destination, interpreted as a hex address if it starts
225  *			with * (or allow_env_vars is 0) or otherwise as an
226  *			environment variable.
227  * @allow_env_vars:	non-zero to permit storing the result to an
228  *			variable environment
229  */
230 static void store_result(struct hash_algo *algo, const uint8_t *sum,
231 			 const char *dest, int allow_env_vars)
232 {
233 	unsigned int i;
234 	int env_var = 0;
235 
236 	/*
237 	 * If environment variables are allowed, then we assume that 'dest'
238 	 * is an environment variable, unless it starts with *, in which
239 	 * case we assume it is an address. If not allowed, it is always an
240 	 * address. This is to support the crc32 command.
241 	 */
242 	if (allow_env_vars) {
243 		if (*dest == '*')
244 			dest++;
245 		else
246 			env_var = 1;
247 	}
248 
249 	if (env_var) {
250 		char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
251 		char *str_ptr = str_output;
252 
253 		for (i = 0; i < algo->digest_size; i++) {
254 			sprintf(str_ptr, "%02x", sum[i]);
255 			str_ptr += 2;
256 		}
257 		*str_ptr = '\0';
258 		setenv(dest, str_output);
259 	} else {
260 		ulong addr;
261 		void *buf;
262 
263 		addr = simple_strtoul(dest, NULL, 16);
264 		buf = map_sysmem(addr, algo->digest_size);
265 		memcpy(buf, sum, algo->digest_size);
266 		unmap_sysmem(buf);
267 	}
268 }
269 
270 /**
271  * parse_verify_sum: Parse a hash verification parameter
272  *
273  * @algo:		Hash algorithm being used
274  * @verify_str:		Argument to parse. If it starts with * then it is
275  *			interpreted as a hex address containing the hash.
276  *			If the length is exactly the right number of hex digits
277  *			for the digest size, then we assume it is a hex digest.
278  *			Otherwise we assume it is an environment variable, and
279  *			look up its value (it must contain a hex digest).
280  * @vsum:		Returns binary digest value (algo->digest_size bytes)
281  * @allow_env_vars:	non-zero to permit storing the result to an environment
282  *			variable. If 0 then verify_str is assumed to be an
283  *			address, and the * prefix is not expected.
284  * @return 0 if ok, non-zero on error
285  */
286 static int parse_verify_sum(struct hash_algo *algo, char *verify_str,
287 			    uint8_t *vsum, int allow_env_vars)
288 {
289 	int env_var = 0;
290 
291 	/* See comment above in store_result() */
292 	if (allow_env_vars) {
293 		if (*verify_str == '*')
294 			verify_str++;
295 		else
296 			env_var = 1;
297 	}
298 
299 	if (!env_var) {
300 		ulong addr;
301 		void *buf;
302 
303 		addr = simple_strtoul(verify_str, NULL, 16);
304 		buf = map_sysmem(addr, algo->digest_size);
305 		memcpy(vsum, buf, algo->digest_size);
306 	} else {
307 		unsigned int i;
308 		char *vsum_str;
309 		int digits = algo->digest_size * 2;
310 
311 		/*
312 		 * As with the original code from sha1sum.c, we assume that a
313 		 * string which matches the digest size exactly is a hex
314 		 * string and not an environment variable.
315 		 */
316 		if (strlen(verify_str) == digits)
317 			vsum_str = verify_str;
318 		else {
319 			vsum_str = getenv(verify_str);
320 			if (vsum_str == NULL || strlen(vsum_str) != digits) {
321 				printf("Expected %d hex digits in env var\n",
322 				       digits);
323 				return 1;
324 			}
325 		}
326 
327 		for (i = 0; i < algo->digest_size; i++) {
328 			char *nullp = vsum_str + (i + 1) * 2;
329 			char end = *nullp;
330 
331 			*nullp = '\0';
332 			vsum[i] = simple_strtoul(vsum_str + (i * 2), NULL, 16);
333 			*nullp = end;
334 		}
335 	}
336 	return 0;
337 }
338 
339 void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output)
340 {
341 	int i;
342 
343 	printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
344 	for (i = 0; i < algo->digest_size; i++)
345 		printf("%02x", output[i]);
346 }
347 
348 int hash_block(const char *algo_name, const void *data, unsigned int len,
349 	       uint8_t *output, int *output_size)
350 {
351 	struct hash_algo *algo;
352 	int ret;
353 
354 	ret = hash_lookup_algo(algo_name, &algo);
355 	if (ret)
356 		return ret;
357 
358 	if (output_size && *output_size < algo->digest_size) {
359 		debug("Output buffer size %d too small (need %d bytes)",
360 		      *output_size, algo->digest_size);
361 		return -ENOSPC;
362 	}
363 	if (output_size)
364 		*output_size = algo->digest_size;
365 	algo->hash_func_ws(data, len, output, algo->chunk_size);
366 
367 	return 0;
368 }
369 
370 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
371 		 int argc, char * const argv[])
372 {
373 	ulong addr, len;
374 
375 	if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3)))
376 		return CMD_RET_USAGE;
377 
378 	addr = simple_strtoul(*argv++, NULL, 16);
379 	len = simple_strtoul(*argv++, NULL, 16);
380 
381 	if (multi_hash()) {
382 		struct hash_algo *algo;
383 		uint8_t output[HASH_MAX_DIGEST_SIZE];
384 		uint8_t vsum[HASH_MAX_DIGEST_SIZE];
385 		void *buf;
386 
387 		if (hash_lookup_algo(algo_name, &algo)) {
388 			printf("Unknown hash algorithm '%s'\n", algo_name);
389 			return CMD_RET_USAGE;
390 		}
391 		argc -= 2;
392 
393 		if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
394 			puts("HASH_MAX_DIGEST_SIZE exceeded\n");
395 			return 1;
396 		}
397 
398 		buf = map_sysmem(addr, len);
399 		algo->hash_func_ws(buf, len, output, algo->chunk_size);
400 		unmap_sysmem(buf);
401 
402 		/* Try to avoid code bloat when verify is not needed */
403 #ifdef CONFIG_HASH_VERIFY
404 		if (flags & HASH_FLAG_VERIFY) {
405 #else
406 		if (0) {
407 #endif
408 			if (parse_verify_sum(algo, *argv, vsum,
409 					flags & HASH_FLAG_ENV)) {
410 				printf("ERROR: %s does not contain a valid "
411 					"%s sum\n", *argv, algo->name);
412 				return 1;
413 			}
414 			if (memcmp(output, vsum, algo->digest_size) != 0) {
415 				int i;
416 
417 				hash_show(algo, addr, len, output);
418 				printf(" != ");
419 				for (i = 0; i < algo->digest_size; i++)
420 					printf("%02x", vsum[i]);
421 				puts(" ** ERROR **\n");
422 				return 1;
423 			}
424 		} else {
425 			hash_show(algo, addr, len, output);
426 			printf("\n");
427 
428 			if (argc) {
429 				store_result(algo, output, *argv,
430 					flags & HASH_FLAG_ENV);
431 			}
432 		}
433 
434 	/* Horrible code size hack for boards that just want crc32 */
435 	} else {
436 		ulong crc;
437 		ulong *ptr;
438 
439 		crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
440 
441 		printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
442 				addr, addr + len - 1, crc);
443 
444 		if (argc >= 3) {
445 			ptr = (ulong *)simple_strtoul(argv[0], NULL, 16);
446 			*ptr = crc;
447 		}
448 	}
449 
450 	return 0;
451 }
452 #endif
453