1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Copyright (c) 2012 The Chromium OS Authors.
4 *
5 * (C) Copyright 2011
6 * Joe Hershberger, National Instruments, joe.hershberger@ni.com
7 *
8 * (C) Copyright 2000
9 * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
10 */
11
12 #ifndef USE_HOSTCC
13 #include <common.h>
14 #include <command.h>
15 #include <env.h>
16 #include <malloc.h>
17 #include <mapmem.h>
18 #include <hw_sha.h>
19 #include <asm/io.h>
20 #include <linux/errno.h>
21 #include <u-boot/crc.h>
22 #else
23 #include "mkimage.h"
24 #include <time.h>
25 #include <image.h>
26 #endif /* !USE_HOSTCC*/
27
28 #include <hash.h>
29 #include <u-boot/crc.h>
30 #include <u-boot/sha1.h>
31 #include <u-boot/sha256.h>
32 #include <u-boot/md5.h>
33
34 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
35 DECLARE_GLOBAL_DATA_PTR;
36 #endif
37
38 static void reloc_update(void);
39
40 #if defined(CONFIG_SHA1) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha1(struct hash_algo * algo,void ** ctxp)41 static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
42 {
43 sha1_context *ctx = malloc(sizeof(sha1_context));
44 sha1_starts(ctx);
45 *ctxp = ctx;
46 return 0;
47 }
48
hash_update_sha1(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)49 static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
50 unsigned int size, int is_last)
51 {
52 sha1_update((sha1_context *)ctx, buf, size);
53 return 0;
54 }
55
hash_finish_sha1(struct hash_algo * algo,void * ctx,void * dest_buf,int size)56 static int hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf,
57 int size)
58 {
59 if (size < algo->digest_size)
60 return -1;
61
62 sha1_finish((sha1_context *)ctx, dest_buf);
63 free(ctx);
64 return 0;
65 }
66 #endif
67
68 #if defined(CONFIG_SHA256) && !defined(CONFIG_SHA_PROG_HW_ACCEL)
hash_init_sha256(struct hash_algo * algo,void ** ctxp)69 static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
70 {
71 sha256_context *ctx = malloc(sizeof(sha256_context));
72 sha256_starts(ctx);
73 *ctxp = ctx;
74 return 0;
75 }
76
hash_update_sha256(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)77 static int hash_update_sha256(struct hash_algo *algo, void *ctx,
78 const void *buf, unsigned int size, int is_last)
79 {
80 sha256_update((sha256_context *)ctx, buf, size);
81 return 0;
82 }
83
hash_finish_sha256(struct hash_algo * algo,void * ctx,void * dest_buf,int size)84 static int hash_finish_sha256(struct hash_algo *algo, void *ctx, void
85 *dest_buf, int size)
86 {
87 if (size < algo->digest_size)
88 return -1;
89
90 sha256_finish((sha256_context *)ctx, dest_buf);
91 free(ctx);
92 return 0;
93 }
94 #endif
95
hash_init_crc16_ccitt(struct hash_algo * algo,void ** ctxp)96 static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp)
97 {
98 uint16_t *ctx = malloc(sizeof(uint16_t));
99 *ctx = 0;
100 *ctxp = ctx;
101 return 0;
102 }
103
hash_update_crc16_ccitt(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)104 static int hash_update_crc16_ccitt(struct hash_algo *algo, void *ctx,
105 const void *buf, unsigned int size,
106 int is_last)
107 {
108 *((uint16_t *)ctx) = crc16_ccitt(*((uint16_t *)ctx), buf, size);
109 return 0;
110 }
111
hash_finish_crc16_ccitt(struct hash_algo * algo,void * ctx,void * dest_buf,int size)112 static int hash_finish_crc16_ccitt(struct hash_algo *algo, void *ctx,
113 void *dest_buf, int size)
114 {
115 if (size < algo->digest_size)
116 return -1;
117
118 *((uint16_t *)dest_buf) = *((uint16_t *)ctx);
119 free(ctx);
120 return 0;
121 }
122
hash_init_crc32(struct hash_algo * algo,void ** ctxp)123 static int hash_init_crc32(struct hash_algo *algo, void **ctxp)
124 {
125 uint32_t *ctx = malloc(sizeof(uint32_t));
126 *ctx = 0;
127 *ctxp = ctx;
128 return 0;
129 }
130
hash_update_crc32(struct hash_algo * algo,void * ctx,const void * buf,unsigned int size,int is_last)131 static int hash_update_crc32(struct hash_algo *algo, void *ctx,
132 const void *buf, unsigned int size, int is_last)
133 {
134 *((uint32_t *)ctx) = crc32(*((uint32_t *)ctx), buf, size);
135 return 0;
136 }
137
hash_finish_crc32(struct hash_algo * algo,void * ctx,void * dest_buf,int size)138 static int hash_finish_crc32(struct hash_algo *algo, void *ctx, void *dest_buf,
139 int size)
140 {
141 if (size < algo->digest_size)
142 return -1;
143
144 *((uint32_t *)dest_buf) = *((uint32_t *)ctx);
145 free(ctx);
146 return 0;
147 }
148
149 /*
150 * These are the hash algorithms we support. If we have hardware acceleration
151 * is enable we will use that, otherwise a software version of the algorithm.
152 * Note that algorithm names must be in lower case.
153 */
154 static struct hash_algo hash_algo[] = {
155 #ifdef CONFIG_SHA1
156 {
157 .name = "sha1",
158 .digest_size = SHA1_SUM_LEN,
159 .chunk_size = CHUNKSZ_SHA1,
160 #ifdef CONFIG_SHA_HW_ACCEL
161 .hash_func_ws = hw_sha1,
162 #else
163 .hash_func_ws = sha1_csum_wd,
164 #endif
165 #ifdef CONFIG_SHA_PROG_HW_ACCEL
166 .hash_init = hw_sha_init,
167 .hash_update = hw_sha_update,
168 .hash_finish = hw_sha_finish,
169 #else
170 .hash_init = hash_init_sha1,
171 .hash_update = hash_update_sha1,
172 .hash_finish = hash_finish_sha1,
173 #endif
174 },
175 #endif
176 #ifdef CONFIG_SHA256
177 {
178 .name = "sha256",
179 .digest_size = SHA256_SUM_LEN,
180 .chunk_size = CHUNKSZ_SHA256,
181 #ifdef CONFIG_SHA_HW_ACCEL
182 .hash_func_ws = hw_sha256,
183 #else
184 .hash_func_ws = sha256_csum_wd,
185 #endif
186 #ifdef CONFIG_SHA_PROG_HW_ACCEL
187 .hash_init = hw_sha_init,
188 .hash_update = hw_sha_update,
189 .hash_finish = hw_sha_finish,
190 #else
191 .hash_init = hash_init_sha256,
192 .hash_update = hash_update_sha256,
193 .hash_finish = hash_finish_sha256,
194 #endif
195 },
196 #endif
197 {
198 .name = "crc16-ccitt",
199 .digest_size = 2,
200 .chunk_size = CHUNKSZ,
201 .hash_func_ws = crc16_ccitt_wd_buf,
202 .hash_init = hash_init_crc16_ccitt,
203 .hash_update = hash_update_crc16_ccitt,
204 .hash_finish = hash_finish_crc16_ccitt,
205 },
206 {
207 .name = "crc32",
208 .digest_size = 4,
209 .chunk_size = CHUNKSZ_CRC32,
210 .hash_func_ws = crc32_wd_buf,
211 .hash_init = hash_init_crc32,
212 .hash_update = hash_update_crc32,
213 .hash_finish = hash_finish_crc32,
214 },
215 };
216
217 /* Try to minimize code size for boards that don't want much hashing */
218 #if defined(CONFIG_SHA256) || defined(CONFIG_CMD_SHA1SUM) || \
219 defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_CMD_HASH)
220 #define multi_hash() 1
221 #else
222 #define multi_hash() 0
223 #endif
224
reloc_update(void)225 static void reloc_update(void)
226 {
227 #if !defined(USE_HOSTCC) && defined(CONFIG_NEEDS_MANUAL_RELOC)
228 int i;
229 static bool done;
230
231 if (!done) {
232 done = true;
233 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
234 hash_algo[i].name += gd->reloc_off;
235 hash_algo[i].hash_func_ws += gd->reloc_off;
236 hash_algo[i].hash_init += gd->reloc_off;
237 hash_algo[i].hash_update += gd->reloc_off;
238 hash_algo[i].hash_finish += gd->reloc_off;
239 }
240 }
241 #endif
242 }
243
hash_lookup_algo(const char * algo_name,struct hash_algo ** algop)244 int hash_lookup_algo(const char *algo_name, struct hash_algo **algop)
245 {
246 int i;
247
248 reloc_update();
249
250 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
251 if (!strcmp(algo_name, hash_algo[i].name)) {
252 *algop = &hash_algo[i];
253 return 0;
254 }
255 }
256
257 debug("Unknown hash algorithm '%s'\n", algo_name);
258 return -EPROTONOSUPPORT;
259 }
260
hash_progressive_lookup_algo(const char * algo_name,struct hash_algo ** algop)261 int hash_progressive_lookup_algo(const char *algo_name,
262 struct hash_algo **algop)
263 {
264 int i;
265
266 reloc_update();
267
268 for (i = 0; i < ARRAY_SIZE(hash_algo); i++) {
269 if (!strcmp(algo_name, hash_algo[i].name)) {
270 if (hash_algo[i].hash_init) {
271 *algop = &hash_algo[i];
272 return 0;
273 }
274 }
275 }
276
277 debug("Unknown hash algorithm '%s'\n", algo_name);
278 return -EPROTONOSUPPORT;
279 }
280
281 #ifndef USE_HOSTCC
hash_parse_string(const char * algo_name,const char * str,uint8_t * result)282 int hash_parse_string(const char *algo_name, const char *str, uint8_t *result)
283 {
284 struct hash_algo *algo;
285 int ret;
286 int i;
287
288 ret = hash_lookup_algo(algo_name, &algo);
289 if (ret)
290 return ret;
291
292 for (i = 0; i < algo->digest_size; i++) {
293 char chr[3];
294
295 strncpy(chr, &str[i * 2], 2);
296 result[i] = simple_strtoul(chr, NULL, 16);
297 }
298
299 return 0;
300 }
301
hash_block(const char * algo_name,const void * data,unsigned int len,uint8_t * output,int * output_size)302 int hash_block(const char *algo_name, const void *data, unsigned int len,
303 uint8_t *output, int *output_size)
304 {
305 struct hash_algo *algo;
306 int ret;
307
308 ret = hash_lookup_algo(algo_name, &algo);
309 if (ret)
310 return ret;
311
312 if (output_size && *output_size < algo->digest_size) {
313 debug("Output buffer size %d too small (need %d bytes)",
314 *output_size, algo->digest_size);
315 return -ENOSPC;
316 }
317 if (output_size)
318 *output_size = algo->digest_size;
319 algo->hash_func_ws(data, len, output, algo->chunk_size);
320
321 return 0;
322 }
323
324 #if defined(CONFIG_CMD_HASH) || defined(CONFIG_CMD_SHA1SUM) || defined(CONFIG_CMD_CRC32)
325 /**
326 * store_result: Store the resulting sum to an address or variable
327 *
328 * @algo: Hash algorithm being used
329 * @sum: Hash digest (algo->digest_size bytes)
330 * @dest: Destination, interpreted as a hex address if it starts
331 * with * (or allow_env_vars is 0) or otherwise as an
332 * environment variable.
333 * @allow_env_vars: non-zero to permit storing the result to an
334 * variable environment
335 */
store_result(struct hash_algo * algo,const uint8_t * sum,const char * dest,int allow_env_vars)336 static void store_result(struct hash_algo *algo, const uint8_t *sum,
337 const char *dest, int allow_env_vars)
338 {
339 unsigned int i;
340 int env_var = 0;
341
342 /*
343 * If environment variables are allowed, then we assume that 'dest'
344 * is an environment variable, unless it starts with *, in which
345 * case we assume it is an address. If not allowed, it is always an
346 * address. This is to support the crc32 command.
347 */
348 if (allow_env_vars) {
349 if (*dest == '*')
350 dest++;
351 else
352 env_var = 1;
353 }
354
355 if (env_var) {
356 char str_output[HASH_MAX_DIGEST_SIZE * 2 + 1];
357 char *str_ptr = str_output;
358
359 for (i = 0; i < algo->digest_size; i++) {
360 sprintf(str_ptr, "%02x", sum[i]);
361 str_ptr += 2;
362 }
363 *str_ptr = '\0';
364 env_set(dest, str_output);
365 } else {
366 ulong addr;
367 void *buf;
368
369 addr = simple_strtoul(dest, NULL, 16);
370 buf = map_sysmem(addr, algo->digest_size);
371 memcpy(buf, sum, algo->digest_size);
372 unmap_sysmem(buf);
373 }
374 }
375
376 /**
377 * parse_verify_sum: Parse a hash verification parameter
378 *
379 * @algo: Hash algorithm being used
380 * @verify_str: Argument to parse. If it starts with * then it is
381 * interpreted as a hex address containing the hash.
382 * If the length is exactly the right number of hex digits
383 * for the digest size, then we assume it is a hex digest.
384 * Otherwise we assume it is an environment variable, and
385 * look up its value (it must contain a hex digest).
386 * @vsum: Returns binary digest value (algo->digest_size bytes)
387 * @allow_env_vars: non-zero to permit storing the result to an environment
388 * variable. If 0 then verify_str is assumed to be an
389 * address, and the * prefix is not expected.
390 * @return 0 if ok, non-zero on error
391 */
parse_verify_sum(struct hash_algo * algo,char * verify_str,uint8_t * vsum,int allow_env_vars)392 static int parse_verify_sum(struct hash_algo *algo, char *verify_str,
393 uint8_t *vsum, int allow_env_vars)
394 {
395 int env_var = 0;
396
397 /* See comment above in store_result() */
398 if (allow_env_vars) {
399 if (*verify_str == '*')
400 verify_str++;
401 else
402 env_var = 1;
403 }
404
405 if (!env_var) {
406 ulong addr;
407 void *buf;
408
409 addr = simple_strtoul(verify_str, NULL, 16);
410 buf = map_sysmem(addr, algo->digest_size);
411 memcpy(vsum, buf, algo->digest_size);
412 } else {
413 char *vsum_str;
414 int digits = algo->digest_size * 2;
415
416 /*
417 * As with the original code from sha1sum.c, we assume that a
418 * string which matches the digest size exactly is a hex
419 * string and not an environment variable.
420 */
421 if (strlen(verify_str) == digits)
422 vsum_str = verify_str;
423 else {
424 vsum_str = env_get(verify_str);
425 if (vsum_str == NULL || strlen(vsum_str) != digits) {
426 printf("Expected %d hex digits in env var\n",
427 digits);
428 return 1;
429 }
430 }
431
432 hash_parse_string(algo->name, vsum_str, vsum);
433 }
434 return 0;
435 }
436
hash_show(struct hash_algo * algo,ulong addr,ulong len,uint8_t * output)437 static void hash_show(struct hash_algo *algo, ulong addr, ulong len, uint8_t *output)
438 {
439 int i;
440
441 printf("%s for %08lx ... %08lx ==> ", algo->name, addr, addr + len - 1);
442 for (i = 0; i < algo->digest_size; i++)
443 printf("%02x", output[i]);
444 }
445
hash_command(const char * algo_name,int flags,cmd_tbl_t * cmdtp,int flag,int argc,char * const argv[])446 int hash_command(const char *algo_name, int flags, cmd_tbl_t *cmdtp, int flag,
447 int argc, char * const argv[])
448 {
449 ulong addr, len;
450
451 if ((argc < 2) || ((flags & HASH_FLAG_VERIFY) && (argc < 3)))
452 return CMD_RET_USAGE;
453
454 addr = simple_strtoul(*argv++, NULL, 16);
455 len = simple_strtoul(*argv++, NULL, 16);
456
457 if (multi_hash()) {
458 struct hash_algo *algo;
459 u8 *output;
460 uint8_t vsum[HASH_MAX_DIGEST_SIZE];
461 void *buf;
462
463 if (hash_lookup_algo(algo_name, &algo)) {
464 printf("Unknown hash algorithm '%s'\n", algo_name);
465 return CMD_RET_USAGE;
466 }
467 argc -= 2;
468
469 if (algo->digest_size > HASH_MAX_DIGEST_SIZE) {
470 puts("HASH_MAX_DIGEST_SIZE exceeded\n");
471 return 1;
472 }
473
474 output = memalign(ARCH_DMA_MINALIGN,
475 sizeof(uint32_t) * HASH_MAX_DIGEST_SIZE);
476
477 buf = map_sysmem(addr, len);
478 algo->hash_func_ws(buf, len, output, algo->chunk_size);
479 unmap_sysmem(buf);
480
481 /* Try to avoid code bloat when verify is not needed */
482 #if defined(CONFIG_CRC32_VERIFY) || defined(CONFIG_SHA1SUM_VERIFY) || \
483 defined(CONFIG_HASH_VERIFY)
484 if (flags & HASH_FLAG_VERIFY) {
485 #else
486 if (0) {
487 #endif
488 if (parse_verify_sum(algo, *argv, vsum,
489 flags & HASH_FLAG_ENV)) {
490 printf("ERROR: %s does not contain a valid "
491 "%s sum\n", *argv, algo->name);
492 return 1;
493 }
494 if (memcmp(output, vsum, algo->digest_size) != 0) {
495 int i;
496
497 hash_show(algo, addr, len, output);
498 printf(" != ");
499 for (i = 0; i < algo->digest_size; i++)
500 printf("%02x", vsum[i]);
501 puts(" ** ERROR **\n");
502 return 1;
503 }
504 } else {
505 hash_show(algo, addr, len, output);
506 printf("\n");
507
508 if (argc) {
509 store_result(algo, output, *argv,
510 flags & HASH_FLAG_ENV);
511 }
512 unmap_sysmem(output);
513
514 }
515
516 /* Horrible code size hack for boards that just want crc32 */
517 } else {
518 ulong crc;
519 ulong *ptr;
520
521 crc = crc32_wd(0, (const uchar *)addr, len, CHUNKSZ_CRC32);
522
523 printf("CRC32 for %08lx ... %08lx ==> %08lx\n",
524 addr, addr + len - 1, crc);
525
526 if (argc >= 3) {
527 ptr = (ulong *)simple_strtoul(argv[0], NULL, 16);
528 *ptr = crc;
529 }
530 }
531
532 return 0;
533 }
534 #endif /* CONFIG_CMD_HASH || CONFIG_CMD_SHA1SUM || CONFIG_CMD_CRC32) */
535 #endif /* !USE_HOSTCC */
536