| Raymond Mao | f51f355 | 2024-10-03 14:50:19 -0700 | [diff] [blame] | 1 | // SPDX-License-Identifier: GPL-2.0+ |
| 2 | /* |
| 3 | * Hash shim layer on MbedTLS Crypto library |
| 4 | * |
| 5 | * Copyright (c) 2024 Linaro Limited |
| 6 | * Author: Raymond Mao <raymond.mao@linaro.org> |
| 7 | */ |
| 8 | #ifndef USE_HOSTCC |
| 9 | #include <cyclic.h> |
| 10 | #endif /* USE_HOSTCC */ |
| 11 | #include <string.h> |
| 12 | #include <u-boot/sha1.h> |
| 13 | |
| 14 | const u8 sha1_der_prefix[SHA1_DER_LEN] = { |
| 15 | 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, |
| 16 | 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 |
| 17 | }; |
| 18 | |
| 19 | void sha1_starts(sha1_context *ctx) |
| 20 | { |
| 21 | mbedtls_sha1_init(ctx); |
| 22 | mbedtls_sha1_starts(ctx); |
| 23 | } |
| 24 | |
| 25 | void sha1_update(sha1_context *ctx, const unsigned char *input, |
| 26 | unsigned int length) |
| 27 | { |
| 28 | mbedtls_sha1_update(ctx, input, length); |
| 29 | } |
| 30 | |
| 31 | void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN]) |
| 32 | { |
| 33 | mbedtls_sha1_finish(ctx, output); |
| 34 | mbedtls_sha1_free(ctx); |
| 35 | } |
| 36 | |
| 37 | void sha1_csum_wd(const unsigned char *input, unsigned int ilen, |
| 38 | unsigned char *output, unsigned int chunk_sz) |
| 39 | { |
| 40 | sha1_context ctx; |
| 41 | |
| 42 | sha1_starts(&ctx); |
| 43 | |
| 44 | if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { |
| 45 | const unsigned char *curr = input; |
| 46 | const unsigned char *end = input + ilen; |
| 47 | int chunk; |
| 48 | |
| 49 | while (curr < end) { |
| 50 | chunk = end - curr; |
| 51 | if (chunk > chunk_sz) |
| 52 | chunk = chunk_sz; |
| 53 | sha1_update(&ctx, curr, chunk); |
| 54 | curr += chunk; |
| 55 | schedule(); |
| 56 | } |
| 57 | } else { |
| 58 | sha1_update(&ctx, input, ilen); |
| 59 | } |
| 60 | |
| 61 | sha1_finish(&ctx, output); |
| 62 | } |
| 63 | |
| 64 | void sha1_hmac(const unsigned char *key, int keylen, |
| 65 | const unsigned char *input, unsigned int ilen, |
| 66 | unsigned char *output) |
| 67 | { |
| 68 | int i; |
| 69 | sha1_context ctx; |
| 70 | unsigned char k_ipad[K_PAD_LEN]; |
| 71 | unsigned char k_opad[K_PAD_LEN]; |
| 72 | unsigned char tmpbuf[20]; |
| 73 | |
| 74 | if (keylen > K_PAD_LEN) |
| 75 | return; |
| 76 | |
| 77 | memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad)); |
| 78 | memset(k_opad, K_OPAD_VAL, sizeof(k_opad)); |
| 79 | |
| 80 | for (i = 0; i < keylen; i++) { |
| 81 | k_ipad[i] ^= key[i]; |
| 82 | k_opad[i] ^= key[i]; |
| 83 | } |
| 84 | |
| 85 | sha1_starts(&ctx); |
| 86 | sha1_update(&ctx, k_ipad, sizeof(k_ipad)); |
| 87 | sha1_update(&ctx, input, ilen); |
| 88 | sha1_finish(&ctx, tmpbuf); |
| 89 | |
| 90 | sha1_starts(&ctx); |
| 91 | sha1_update(&ctx, k_opad, sizeof(k_opad)); |
| 92 | sha1_update(&ctx, tmpbuf, sizeof(tmpbuf)); |
| 93 | sha1_finish(&ctx, output); |
| 94 | |
| 95 | memset(k_ipad, 0, sizeof(k_ipad)); |
| 96 | memset(k_opad, 0, sizeof(k_opad)); |
| 97 | memset(tmpbuf, 0, sizeof(tmpbuf)); |
| 98 | memset(&ctx, 0, sizeof(sha1_context)); |
| 99 | } |