Commit graph

19 commits

Author SHA1 Message Date
Simon Glass
2c21256b27 hash: Use Kconfig to enable hashing in host tools and SPL
At present when building host tools, we force CONFIG_SHAxxx to be enabled
regardless of the board Kconfig setting. This is done in the image.h
header file.

For SPL we currently just assume the algorithm is desired if U-Boot proper
enables it.

Clean this up by adding new Kconfig options to enable hashing on the host,
relying on CONFIG_IS_ENABLED() to deal with the different builds.

Add new SPL Kconfigs for hardware-accelerated hashing, to maintain the
current settings.

This allows us to drop the image.h code and the I_WANT_MD5 hack.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
2021-10-08 15:53:26 -04:00
Reuben Dowle
d16b38f427 Add support for SHA384 and SHA512
The current recommendation for best security practice from the US government
is to use SHA384 for TOP SECRET [1].

This patch adds support for SHA384 and SHA512 in the hash command, and also
allows FIT images to be hashed with these algorithms, and signed with
sha384,rsaXXXX and sha512,rsaXXXX

The SHA implementation is adapted from the linux kernel implementation.

[1] Commercial National Security Algorithm Suite
http://www.iad.gov/iad/programs/iad-initiatives/cnsa-suite.cfm

Signed-off-by: Reuben Dowle <reuben.dowle@4rf.com>
2020-06-12 13:14:07 -04:00
Simon Glass
0914011310 command: Remove the cmd_tbl_t typedef
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.

Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.

This requires quite a few header-file additions.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 18:36:55 -04:00
Tom Rini
83d290c56f SPDX: Convert all of our single license tags to Linux Kernel style
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from.  So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry.  Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.

In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.

This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents.  There's also a few places where I found we did not have a tag
and have introduced one.

Signed-off-by: Tom Rini <trini@konsulko.com>
2018-05-07 09:34:12 -04:00
Daniel Thompson
221a949eb6 Kconfig: Finish migration of hashing commands
Currently these (board agnostic) commands cannot be selected using
menuconfig and friends. Fix this the obvious way.  As part of this,
don't muddle the meaning of CONFIG_HASH_VERIFY to mean both 'hash -v'
and "we have a hashing command" as this makes the Kconfig logic odd.

Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org>
[trini: Re-apply, add imply for a few cases, run moveconfig.py, also
        migrate CRC32_VERIFY]
Signed-off-by: Tom Rini <trini@konsulko.com>
2017-05-31 19:38:14 -04:00
Tom Rini
48ad68deb8 hash.c: Conditionally compile hash_command, static hash_show
The function hash_show is now only called by hash_command, so mark it as
static (and drop from hash.h).  We only call hash_command when any of
CONFIG_CMD_CRC32, CONFIG_CMD_SHA1SUM or CONFIG_CMD_HASH are set.  Since
hash.c is linked in unconditionally we must take extra care with
functions that bring in read-only strings as these will not be
discarded.

Signed-off-by: Tom Rini <trini@konsulko.com>
2016-01-13 21:05:08 -05:00
Stefan Roese
8f0b1e24e2 autoboot.c: Add feature to stop autobooting via SHA256 encrypted password
This patch adds the feature to only stop the autobooting, and therefor
boot into the U-Boot prompt, when the input string / password matches
a values that is encypted via a SHA256 hash and saved in the environment.

This feature is enabled by defined these config options:
     CONFIG_AUTOBOOT_KEYED
     CONFIG_AUTOBOOT_STOP_STR_SHA256

Signed-off-by: Stefan Roese <sr@denx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2015-06-08 17:32:40 -04:00
Ruchika Gupta
2dd9002719 Use hash.c in mkimage
Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2015-01-29 17:09:59 -07:00
Ruchika Gupta
46fe2c0444 hash: Add function to find hash_algo struct with progressive hash
The hash_algo structure has some implementations in which progressive hash
API's are not defined. These are basically the hardware based implementations
of SHA. An API is added to find the algo which has progressive hash API's
defined. This can then be integrated with RSA checksum library which uses
Progressive Hash API's.

Signed-off-by: Ruchika Gupta <ruchika.gupta@freescale.com>
CC: Simon Glass <sjg@chromium.org>
Acked-by: Simon Glass <sjg@chromium.org>
2015-01-29 17:09:59 -07:00
Simon Glass
04819a4ff1 hash: Use uint8_t in preference to u8
This type is more readily available on the host compiler, so use it instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
2014-06-19 11:18:55 -04:00
Simon Glass
31890ae299 hash: Export the function to show a hash
This function is useful for displaying a hash value, so export it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2014-06-11 16:25:46 -04:00
Michael van der Westhuizen
1de7bb4f27 Prevent a buffer overflow in mkimage when signing with SHA256
Due to the FIT_MAX_HASH_LEN constant not having been updated
to support SHA256 signatures one will always see a buffer
overflow in fit_image_process_hash when signing images that
use this larger hash.  This is exposed by vboot_test.sh.

Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Acked-by: Simon Glass <sjg@chromium.org>
[trini: Rework a bit so move the exportable parts of hash.h outside of
 !USE_HOSTCC and only need that as a new include to image.h]
Signed-off-by: Tom Rini <trini@ti.com>
2014-06-05 17:01:23 -04:00
Hung-ying Tyan
bf007ebb6f gen: Add progressive hash API
Add hash_init(), hash_update() and hash_finish() to the
hash_algo struct. Add hash_lookup_algo() to look up the
struct given an algorithm name.

Signed-off-by: Hung-ying Tyan <tyanh@chromium.org>
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Heiko Schocher <hs@denx.de>
Acked-by: Simon Glass <sjg@chromium.org>
2014-03-21 16:39:36 -04:00
Wolfgang Denk
1a4596601f Add GPL-2.0+ SPDX-License-Identifier to source files
Signed-off-by: Wolfgang Denk <wd@denx.de>
[trini: Fixup common/cmd_io.c]
Signed-off-by: Tom Rini <trini@ti.com>
2013-07-24 09:44:38 -04:00
Simon Glass
6f907b422e hash: Add a way to calculate a hash for any algortihm
Rather than needing to call one of many hashing algorithms in U-Boot,
provide a function hash_block() which handles this, and can support all
available hash algorithms.

Once we have md5 supported within hashing, we can use this function in
the FIT image code.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-05-14 15:37:24 -04:00
Simon Glass
218da0f35f hash: Use lower case for hash algorithm names
Rather than use strcasecmp() in the hash algorithm search, require the
caller to do this first. Most of U-Boot can use lower case anyway, and
the hash command can convert to lower case before calling hash_command().
This saves needing strcasecmp() for boards that use hashing but not
the hash command.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-02-28 19:49:13 -08:00
Simon Glass
d20a40de9d Roll crc32 into hash infrastructure
Add the CRC32 algorithm to the list of available hashes, and make
the crc32 command use hash_command(). Add a new crc32_wd_buf() to
make this possible, which puts its result in a buffer rather than
returning it as a 32-bit value.

Note: For some boards the hash command is not enabled, neither
are sha1, sha256 or the verify option. In this case the full
hash implementation adds about 500 bytes of overhead. So as a
special case, we use #ifdef to select very simple bahaviour in
that case. The justification for this is that it is currently
a very common case (virtually all boards enable crc32 but only
some enable more advanced features).

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-02-28 19:09:23 -08:00
Simon Glass
d5b76673a5 hash: Add a flag to support saving hashes in the environment
Some hashing commands permit saving the hash in an environment variable,
and verifying a hash from there. But the crc32 command does not support
this. In order to permit crc32 to use the generic hashing infrastructure,
add a flag to select which behaviour to use.

Signed-off-by: Simon Glass <sjg@chromium.org>
2013-02-28 19:09:23 -08:00
Simon Glass
460408ef9a Add generic hash API
We have a SHA1 command and want to add a SHA256 command also. Instead of
duplicating the code, create a generic hash API which can process
commands for different algorithms.

Signed-off-by: Simon Glass <sjg@chromium.org>
2012-12-11 13:17:34 -07:00