1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (c) 2012 The Chromium OS Authors.
4 *
5 * (C) Copyright 2011
6 * Joe Hershberger, National Instruments, joe.hershberger@ni.com
7 *
8 * (C) Copyright 2000
9 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
10 */
11
12 #ifndef USE_HOSTCC
13 #include <common.h>
14 #include <command.h>
15 #include <env.h>
16 #include <log.h>
17 #include <malloc.h>
18 #include <mapmem.h>
19 #include <hw_sha.h>
20 #include <asm/cache.h>
21 #include <asm/global_data.h>
22 #include <asm/io.h>
23 #include <linux/errno.h>
24 #include <u-boot/crc.h>
25 #else
26 #include "mkimage.h"
27 #include <time.h>
28 #endif /* !USE_HOSTCC*/
29
30 #include <hash.h>
31 #include <image.h>
32 #include <u-boot/crc.h>
33 #include <u-boot/sha1.h>
34 #include <u-boot/sha256.h>
35 #include <u-boot/sha512.h>
36 #include <u-boot/md5.h>
37
38 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
39 DECLARE_GLOBAL_DATA_PTR;
40 #endif
41
42 static void reloc_update(void);
43
44 #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha1(struct hash_algo * algo,void ** ctxp)45 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
46 {
47 sha1_context *ctx = malloc(sizeof(sha1_context));
48 sha1_starts(ctx);
49 *ctxp = ctx;
50 return 0;
51 }
52
hash_update_sha1(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)53 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
54 unsigned int size, int is_last)
55 {
56 sha1_update((sha1_context *)ctx, buf, size);
57 return 0;
58 }
59
hash_finish_sha1(struct hash_algo * algo,void * ctx,void * dest_buf,int size)60 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
61 int size)
62 {
63 if (size < algo->digest_size)
64 return -1;
65
66 sha1_finish((sha1_context *)ctx, dest_buf);
67 free(ctx);
68 return 0;
69 }
70 #endif
71
72 #if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha256(struct hash_algo * algo,void ** ctxp)73 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
74 {
75 sha256_context *ctx = malloc(sizeof(sha256_context));
76 sha256_starts(ctx);
77 *ctxp = ctx;
78 return 0;
79 }
80
hash_update_sha256(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)81 static int hash_update_sha256(struct hash_algo *algo, void *ctx,
82 const void *buf, unsigned int size, int is_last)
83 {
84 sha256_update((sha256_context *)ctx, buf, size);
85 return 0;
86 }
87
hash_finish_sha256(struct hash_algo * algo,void * ctx,void * dest_buf,int size)88 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
89 *dest_buf, int size)
90 {
91 if (size < algo->digest_size)
92 return -1;
93
94 sha256_finish((sha256_context *)ctx, dest_buf);
95 free(ctx);
96 return 0;
97 }
98 #endif
99
100 #if defined(CONFIG_SHA384)
hash_init_sha384(struct hash_algo * algo,void ** ctxp)101 static int hash_init_sha384(struct hash_algo *algo, void **ctxp)
102 {
103 sha512_context *ctx = malloc(sizeof(sha512_context));
104 sha384_starts(ctx);
105 *ctxp = ctx;
106 return 0;
107 }
108
hash_update_sha384(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)109 static int hash_update_sha384(struct hash_algo *algo, void *ctx,
110 const void *buf, unsigned int size, int is_last)
111 {
112 sha384_update((sha512_context *)ctx, buf, size);
113 return 0;
114 }
115
hash_finish_sha384(struct hash_algo * algo,void * ctx,void * dest_buf,int size)116 static int hash_finish_sha384(struct hash_algo *algo, void *ctx, void
117 *dest_buf, int size)
118 {
119 if (size < algo->digest_size)
120 return -1;
121
122 sha384_finish((sha512_context *)ctx, dest_buf);
123 free(ctx);
124 return 0;
125 }
126 #endif
127
128 #if defined(CONFIG_SHA512)
hash_init_sha512(struct hash_algo * algo,void ** ctxp)129 static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
130 {
131 sha512_context *ctx = malloc(sizeof(sha512_context));
132 sha512_starts(ctx);
133 *ctxp = ctx;
134 return 0;
135 }
136
hash_update_sha512(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)137 static int hash_update_sha512(struct hash_algo *algo, void *ctx,
138 const void *buf, unsigned int size, int is_last)
139 {
140 sha512_update((sha512_context *)ctx, buf, size);
141 return 0;
142 }
143
hash_finish_sha512(struct hash_algo * algo,void * ctx,void * dest_buf,int size)144 static int hash_finish_sha512(struct hash_algo *algo, void *ctx, void
145 *dest_buf, int size)
146 {
147 if (size < algo->digest_size)
148 return -1;
149
150 sha512_finish((sha512_context *)ctx, dest_buf);
151 free(ctx);
152 return 0;
153 }
154 #endif
155
156
hash_init_crc16_ccitt(struct hash_algo * algo,void ** ctxp)157 static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp)
158 {
159 uint16_t *ctx = malloc(sizeof(uint16_t));
160 *ctx = 0;
161 *ctxp = ctx;
162 return 0;
163 }
164
hash_update_crc16_ccitt(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)165 static int hash_update_crc16_ccitt(struct hash_algo *algo, void *ctx,
166 const void *buf, unsigned int size,
167 int is_last)
168 {
169 *((uint16_t *)ctx) = crc16_ccitt(*((uint16_t *)ctx), buf, size);
170 return 0;
171 }
172
hash_finish_crc16_ccitt(struct hash_algo * algo,void * ctx,void * dest_buf,int size)173 static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx,
174 void *dest_buf, int size)
175 {
176 if (size < algo->digest_size)
177 return -1;
178
179 *((uint16_t *)dest_buf) = *((uint16_t *)ctx);
180 free(ctx);
181 return 0;
182 }
183
hash_init_crc32(struct hash_algo * algo,void ** ctxp)184 static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
185 {
186 uint32_t *ctx = malloc(sizeof(uint32_t));
187 *ctx = 0;
188 *ctxp = ctx;
189 return 0;
190 }
191
hash_update_crc32(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)192 static int hash_update_crc32(struct hash_algo *algo, void *ctx,
193 const void *buf, unsigned int size, int is_last)
194 {
195 *((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size);
196 return 0;
197 }
198
hash_finish_crc32(struct hash_algo * algo,void * ctx,void * dest_buf,int size)199 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
200 int size)
201 {
202 if (size < algo->digest_size)
203 return -1;
204
205 *((uint32_t *)dest_buf) = *((uint32_t *)ctx);
206 free(ctx);
207 return 0;
208 }
209
210 /*
211 * These are the hash algorithms we support. If we have hardware acceleration
212 * is enable we will use that, otherwise a software version of the algorithm.
213 * Note that algorithm names must be in lower case.
214 */
215 static struct hash_algo hash_algo[] = {
216 #ifdef CONFIG_SHA1
217 {
218 .name = "sha1",
219 .digest_size = SHA1_SUM_LEN,
220 .chunk_size = CHUNKSZ_SHA1,
221 #ifdef CONFIG_SHA_HW_ACCEL
222 .hash_func_ws = hw_sha1,
223 #else
224 .hash_func_ws = sha1_csum_wd,
225 #endif
226 #ifdef CONFIG_SHA_PROG_HW_ACCEL
227 .hash_init = hw_sha_init,
228 .hash_update = hw_sha_update,
229 .hash_finish = hw_sha_finish,
230 #else
231 .hash_init = hash_init_sha1,
232 .hash_update = hash_update_sha1,
233 .hash_finish = hash_finish_sha1,
234 #endif
235 },
236 #endif
237 #ifdef CONFIG_SHA256
238 {
239 .name = "sha256",
240 .digest_size = SHA256_SUM_LEN,
241 .chunk_size = CHUNKSZ_SHA256,
242 #ifdef CONFIG_SHA_HW_ACCEL
243 .hash_func_ws = hw_sha256,
244 #else
245 .hash_func_ws = sha256_csum_wd,
246 #endif
247 #ifdef CONFIG_SHA_PROG_HW_ACCEL
248 .hash_init = hw_sha_init,
249 .hash_update = hw_sha_update,
250 .hash_finish = hw_sha_finish,
251 #else
252 .hash_init = hash_init_sha256,
253 .hash_update = hash_update_sha256,
254 .hash_finish = hash_finish_sha256,
255 #endif
256 },
257 #endif
258 #ifdef CONFIG_SHA384
259 {
260 .name = "sha384",
261 .digest_size = SHA384_SUM_LEN,
262 .chunk_size = CHUNKSZ_SHA384,
263 .hash_func_ws = sha384_csum_wd,
264 .hash_init = hash_init_sha384,
265 .hash_update = hash_update_sha384,
266 .hash_finish = hash_finish_sha384,
267 },
268 #endif
269 #ifdef CONFIG_SHA512
270 {
271 .name = "sha512",
272 .digest_size = SHA512_SUM_LEN,
273 .chunk_size = CHUNKSZ_SHA512,
274 .hash_func_ws = sha512_csum_wd,
275 .hash_init = hash_init_sha512,
276 .hash_update = hash_update_sha512,
277 .hash_finish = hash_finish_sha512,
278 },
279 #endif
280 {
281 .name = "crc16-ccitt",
282 .digest_size = 2,
283 .chunk_size = CHUNKSZ,
284 .hash_func_ws = crc16_ccitt_wd_buf,
285 .hash_init = hash_init_crc16_ccitt,
286 .hash_update = hash_update_crc16_ccitt,
287 .hash_finish = hash_finish_crc16_ccitt,
288 },
289 {
290 .name = "crc32",
291 .digest_size = 4,
292 .chunk_size = CHUNKSZ_CRC32,
293 .hash_func_ws = crc32_wd_buf,
294 .hash_init = hash_init_crc32,
295 .hash_update = hash_update_crc32,
296 .hash_finish = hash_finish_crc32,
297 },
298 };
299
300 /* Try to minimize code size for boards that don't want much hashing */
301 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
302 defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH) || \
303 defined(CONFIG_SHA384) || defined(CONFIG_SHA512)
304 #define multi_hash() 1
305 #else
306 #define multi_hash() 0
307 #endif
308
reloc_update(void)309 static void reloc_update(void)
310 {
311 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
312 int i;
313 static bool done;
314
315 if (!done) {
316 done = true;
317 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
318 hash_algo[i].name += gd->reloc_off;
319 hash_algo[i].hash_func_ws += gd->reloc_off;
320 hash_algo[i].hash_init += gd->reloc_off;
321 hash_algo[i].hash_update += gd->reloc_off;
322 hash_algo[i].hash_finish += gd->reloc_off;
323 }
324 }
325 #endif
326 }
327
hash_lookup_algo(const char * algo_name,struct hash_algo ** algop)328 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
329 {
330 int i;
331
332 reloc_update();
333
334 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
335 if (!strcmp(algo_name, hash_algo[i].name)) {
336 *algop = &hash_algo[i];
337 return 0;
338 }
339 }
340
341 debug("Unknown hash algorithm '%s'\n", algo_name);
342 return -EPROTONOSUPPORT;
343 }
344
hash_progressive_lookup_algo(const char * algo_name,struct hash_algo ** algop)345 int hash_progressive_lookup_algo(const char *algo_name,
346 struct hash_algo **algop)
347 {
348 int i;
349
350 reloc_update();
351
352 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
353 if (!strcmp(algo_name, hash_algo[i].name)) {
354 if (hash_algo[i].hash_init) {
355 *algop = &hash_algo[i];
356 return 0;
357 }
358 }
359 }
360
361 debug("Unknown hash algorithm '%s'\n", algo_name);
362 return -EPROTONOSUPPORT;
363 }
364
365 #ifndef USE_HOSTCC
hash_parse_string(const char * algo_name,const char * str,uint8_t * result)366 int hash_parse_string(const char *algo_name, const char *str, uint8_t *result)
367 {
368 struct hash_algo *algo;
369 int ret;
370 int i;
371
372 ret = hash_lookup_algo(algo_name, &algo);
373 if (ret)
374 return ret;
375
376 for (i = 0; i < algo->digest_size; i++) {
377 char chr[3];
378
379 strncpy(chr, &str[i * 2], 2);
380 result[i] = simple_strtoul(chr, NULL, 16);
381 }
382
383 return 0;
384 }
385
hash_block(const char * algo_name,const void * data,unsigned int len,uint8_t * output,int * output_size)386 int hash_block(const char *algo_name, const void *data, unsigned int len,
387 uint8_t *output, int *output_size)
388 {
389 struct hash_algo *algo;
390 int ret;
391
392 ret = hash_lookup_algo(algo_name, &algo);
393 if (ret)
394 return ret;
395
396 if (output_size && *output_size < algo->digest_size) {
397 debug("Output buffer size %d too small (need %d bytes)",
398 *output_size, algo->digest_size);
399 return -ENOSPC;
400 }
401 if (output_size)
402 *output_size = algo->digest_size;
403 algo->hash_func_ws(data, len, output, algo->chunk_size);
404
405 return 0;
406 }
407
408 #if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
409 /**
410 * store_result: Store the resulting sum to an address or variable
411 *
412 * @algo: Hash algorithm being used
413 * @sum: Hash digest (algo->digest_size bytes)
414 * @dest: Destination, interpreted as a hex address if it starts
415 * with * (or allow_env_vars is 0) or otherwise as an
416 * environment variable.
417 * @allow_env_vars: non-zero to permit storing the result to an
418 * variable environment
419 */
store_result(struct hash_algo * algo,const uint8_t * sum,const char * dest,int allow_env_vars)420 static void store_result(struct hash_algo *algo, const uint8_t *sum,
421 const char *dest, int allow_env_vars)
422 {
423 unsigned int i;
424 int env_var = 0;
425
426 /*
427 * If environment variables are allowed, then we assume that 'dest'
428 * is an environment variable, unless it starts with *, in which
429 * case we assume it is an address. If not allowed, it is always an
430 * address. This is to support the crc32 command.
431 */
432 if (allow_env_vars) {
433 if (*dest == '*')
434 dest++;
435 else
436 env_var = 1;
437 }
438
439 if (env_var) {
440 char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
441 char *str_ptr = str_output;
442
443 for (i = 0; i < algo->digest_size; i++) {
444 sprintf(str_ptr, "%02x", sum[i]);
445 str_ptr += 2;
446 }
447 *str_ptr = '\0';
448 env_set(dest, str_output);
449 } else {
450 ulong addr;
451 void *buf;
452
453 addr = simple_strtoul(dest, NULL, 16);
454 buf = map_sysmem(addr, algo->digest_size);
455 memcpy(buf, sum, algo->digest_size);
456 unmap_sysmem(buf);
457 }
458 }
459
460 /**
461 * parse_verify_sum: Parse a hash verification parameter
462 *
463 * @algo: Hash algorithm being used
464 * @verify_str: Argument to parse. If it starts with * then it is
465 * interpreted as a hex address containing the hash.
466 * If the length is exactly the right number of hex digits
467 * for the digest size, then we assume it is a hex digest.
468 * Otherwise we assume it is an environment variable, and
469 * look up its value (it must contain a hex digest).
470 * @vsum: Returns binary digest value (algo->digest_size bytes)
471 * @allow_env_vars: non-zero to permit storing the result to an environment
472 * variable. If 0 then verify_str is assumed to be an
473 * address, and the * prefix is not expected.
474 * @return 0 if ok, non-zero on error
475 */
parse_verify_sum(struct hash_algo * algo,char * verify_str,uint8_t * vsum,int allow_env_vars)476 static int parse_verify_sum(struct hash_algo *algo, char *verify_str,
477 uint8_t *vsum, int allow_env_vars)
478 {
479 int env_var = 0;
480
481 /* See comment above in store_result() */
482 if (allow_env_vars) {
483 if (*verify_str == '*')
484 verify_str++;
485 else
486 env_var = 1;
487 }
488
489 if (!env_var) {
490 ulong addr;
491 void *buf;
492
493 addr = simple_strtoul(verify_str, NULL, 16);
494 buf = map_sysmem(addr, algo->digest_size);
495 memcpy(vsum, buf, algo->digest_size);
496 } else {
497 char *vsum_str;
498 int digits = algo->digest_size * 2;
499
500 /*
501 * As with the original code from sha1sum.c, we assume that a
502 * string which matches the digest size exactly is a hex
503 * string and not an environment variable.
504 */
505 if (strlen(verify_str) == digits)
506 vsum_str = verify_str;
507 else {
508 vsum_str = env_get(verify_str);
509 if (vsum_str == NULL || strlen(vsum_str) != digits) {
510 printf("Expected %d hex digits in env var\n",
511 digits);
512 return 1;
513 }
514 }
515
516 hash_parse_string(algo->name, vsum_str, vsum);
517 }
518 return 0;
519 }
520
hash_show(struct hash_algo * algo,ulong addr,ulong len,uint8_t * output)521 static void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output)
522 {
523 int i;
524
525 printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
526 for (i = 0; i < algo->digest_size; i++)
527 printf("%02x", output[i]);
528 }
529
hash_command(const char * algo_name,int flags,struct cmd_tbl * cmdtp,int flag,int argc,char * const argv[])530 int hash_command(const char *algo_name, int flags, struct cmd_tbl *cmdtp,
531 int flag, int argc, char *const argv[])
532 {
533 ulong addr, len;
534
535 if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3)))
536 return CMD_RET_USAGE;
537
538 addr = simple_strtoul(*argv++, NULL, 16);
539 len = simple_strtoul(*argv++, NULL, 16);
540
541 if (multi_hash()) {
542 struct hash_algo *algo;
543 u8 *output;
544 uint8_t vsum[HASH_MAX_DIGEST_SIZE];
545 void *buf;
546
547 if (hash_lookup_algo(algo_name, &algo)) {
548 printf("Unknown hash algorithm '%s'\n", algo_name);
549 return CMD_RET_USAGE;
550 }
551 argc -= 2;
552
553 if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
554 puts("HASH_MAX_DIGEST_SIZE exceeded\n");
555 return 1;
556 }
557
558 output = memalign(ARCH_DMA_MINALIGN,
559 sizeof(uint32_t) * HASH_MAX_DIGEST_SIZE);
560
561 buf = map_sysmem(addr, len);
562 algo->hash_func_ws(buf, len, output, algo->chunk_size);
563 unmap_sysmem(buf);
564
565 /* Try to avoid code bloat when verify is not needed */
566 #if defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_SHA1SUM_VERIFY) || \
567 defined(CONFIG_HASH_VERIFY)
568 if (flags & HASH_FLAG_VERIFY) {
569 #else
570 if (0) {
571 #endif
572 if (parse_verify_sum(algo, *argv, vsum,
573 flags & HASH_FLAG_ENV)) {
574 printf("ERROR: %s does not contain a valid "
575 "%s sum\n", *argv, algo->name);
576 return 1;
577 }
578 if (memcmp(output, vsum, algo->digest_size) != 0) {
579 int i;
580
581 hash_show(algo, addr, len, output);
582 printf(" != ");
583 for (i = 0; i < algo->digest_size; i++)
584 printf("%02x", vsum[i]);
585 puts(" ** ERROR **\n");
586 return 1;
587 }
588 } else {
589 hash_show(algo, addr, len, output);
590 printf("\n");
591
592 if (argc) {
593 store_result(algo, output, *argv,
594 flags & HASH_FLAG_ENV);
595 }
596 unmap_sysmem(output);
597
598 }
599
600 /* Horrible code size hack for boards that just want crc32 */
601 } else {
602 ulong crc;
603 ulong *ptr;
604
605 crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
606
607 printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
608 addr, addr + len - 1, crc);
609
610 if (argc >= 3) {
611 ptr = (ulong *)simple_strtoul(argv[0], NULL, 16);
612 *ptr = crc;
613 }
614 }
615
616 return 0;
617 }
618 #endif /* CONFIG_CMD_HASH || CONFIG_CMD_SHA1SUM || CONFIG_CMD_CRC32) */
619 #endif /* !USE_HOSTCC */
620