| Message ID | 20241003215112.3103601-7-raymond.mao@linaro.org |
|---|---|
| State | Accepted |
| Commit | bdc3f44a6bf4de61d99c818b3e8e71b07a9eea52 |
| Delegated to: | Tom Rini |
| Headers | show |
| Series | Integrate MbedTLS v3.6 LTS with U-Boot | expand |
On Fri, 4 Oct 2024 at 00:54, Raymond Mao <raymond.mao@linaro.org> wrote: > > Implement digest shim layer on top of MbedTLS crypto library. > Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations. > > Signed-off-by: Raymond Mao <raymond.mao@linaro.org> > --- > Changes in v2 > - Split the shim layer into separated files and use the original head > files instead of creating new ones. > Changes in v3 > - Refactored sha1_hmac and removed non-watchdog md5 function. > Changes in v4 > - Refactored hash _wd functions. > - Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations. > Changes in v5 > - Correct kconfig dependence. > - Refactored MbedTLS makefile. > Changes in v6 > - None. > Changes in v7 > - None. > Changes in v8 > - None > > include/u-boot/sha1.h | 4 ++ > lib/mbedtls/Kconfig | 90 +++++++++++++++++++++++++++++++++++++++ > lib/mbedtls/Makefile | 14 ++++-- > lib/mbedtls/md5.c | 57 +++++++++++++++++++++++++ > lib/mbedtls/sha1.c | 99 +++++++++++++++++++++++++++++++++++++++++++ > lib/mbedtls/sha256.c | 62 +++++++++++++++++++++++++++ > lib/mbedtls/sha512.c | 93 ++++++++++++++++++++++++++++++++++++++++ > 7 files changed, 415 insertions(+), 4 deletions(-) > create mode 100644 lib/mbedtls/md5.c > create mode 100644 lib/mbedtls/sha1.c > create mode 100644 lib/mbedtls/sha256.c > create mode 100644 lib/mbedtls/sha512.c > > diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h > index 36c3db15e22..2fca7f1be16 100644 > --- a/include/u-boot/sha1.h > +++ b/include/u-boot/sha1.h > @@ -41,6 +41,10 @@ extern "C" { > > #define SHA1_DEF_CHUNK_SZ 0x10000 > > +#define K_IPAD_VAL 0x36 > +#define K_OPAD_VAL 0x5C > +#define K_PAD_LEN 64 > + > extern const uint8_t sha1_der_prefix[]; > > #if defined(CONFIG_MBEDTLS_LIB_CRYPTO) > diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig > index 8a7b3a30c04..262abb2cec7 100644 > --- a/lib/mbedtls/Kconfig > +++ b/lib/mbedtls/Kconfig > @@ -134,10 +134,100 @@ config MBEDTLS_LIB_CRYPTO_ALT > > config MBEDTLS_LIB_CRYPTO > bool "MbedTLS crypto libraries" > + select MD5_MBEDTLS if MD5 > + select SHA1_MBEDTLS if SHA1 > + select SHA256_MBEDTLS if SHA256 > + select SHA512_MBEDTLS if SHA512 > + select SHA384_MBEDTLS if SHA384 > + select SPL_MD5_MBEDTLS if SPL_MD5 > + select SPL_SHA1_MBEDTLS if SPL_SHA1 > + select SPL_SHA256_MBEDTLS if SPL_SHA256 > + select SPL_SHA512_MBEDTLS if SPL_SHA512 > + select SPL_SHA384_MBEDTLS if SPL_SHA384 > help > Enable MbedTLS crypto libraries. > Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT. > > +if MBEDTLS_LIB_CRYPTO > + > +config SHA1_MBEDTLS > + bool "Enable SHA1 support with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SHA1 > + help > + This option enables support of hashing using SHA1 algorithm > + with MbedTLS crypto library. > + > +config SHA256_MBEDTLS > + bool "Enable SHA256 support with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SHA256 > + help > + This option enables support of hashing using SHA256 algorithm > + with MbedTLS crypto library. > + > +config SHA512_MBEDTLS > + bool "Enable SHA512 support with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SHA512 > + default y if TI_SECURE_DEVICE && FIT_SIGNATURE > + help > + This option enables support of hashing using SHA512 algorithm > + with MbedTLS crypto library. > + > +config SHA384_MBEDTLS > + bool "Enable SHA384 support with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SHA384 > + select SHA512_MBEDTLS > + help > + This option enables support of hashing using SHA384 algorithm > + with MbedTLS crypto library. > + > +config MD5_MBEDTLS > + bool "Enable MD5 support with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && MD5 > + help > + This option enables support of hashing using MD5 algorithm > + with MbedTLS crypto library. > + > +if SPL > + > +config SPL_SHA1_MBEDTLS > + bool "Enable SHA1 support in SPL with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1 > + help > + This option enables support of hashing using SHA1 algorithm > + with MbedTLS crypto library. > + > +config SPL_SHA256_MBEDTLS > + bool "Enable SHA256 support in SPL with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256 > + help > + This option enables support of hashing using SHA256 algorithm > + with MbedTLS crypto library. > + > +config SPL_SHA512_MBEDTLS > + bool "Enable SHA512 support in SPL with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512 > + help > + This option enables support of hashing using SHA512 algorithm > + with MbedTLS crypto library. > + > +config SPL_SHA384_MBEDTLS > + bool "Enable SHA384 support in SPL with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384 > + select SPL_SHA512 > + help > + This option enables support of hashing using SHA384 algorithm > + with MbedTLS crypto library. > + > +config SPL_MD5_MBEDTLS > + bool "Enable MD5 support in SPL with MbedTLS crypto library" > + depends on MBEDTLS_LIB_CRYPTO && SPL_MD5 > + help > + This option enables support of hashing using MD5 algorithm > + with MbedTLS crypto library. > + > +endif # SPL > + > +endif # MBEDTLS_LIB_CRYPTO > > config MBEDTLS_LIB_X509 > bool "MbedTLS certificate libraries" > diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile > index 0b6d6ca808f..eeb28ec1557 100644 > --- a/lib/mbedtls/Makefile > +++ b/lib/mbedtls/Makefile > @@ -5,17 +5,23 @@ > > MBEDTLS_LIB_DIR = external/mbedtls/library > > +# shim layer for hash > +obj-$(CONFIG_$(SPL_)MD5_MBEDTLS) += md5.o > +obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o > +obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o > +obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o > + > # MbedTLS crypto library > obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o > mbedtls_lib_crypto-y := \ > $(MBEDTLS_LIB_DIR)/platform_util.o \ > $(MBEDTLS_LIB_DIR)/constant_time.o \ > $(MBEDTLS_LIB_DIR)/md.o > -mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o > -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o > -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \ > +mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5_MBEDTLS) += $(MBEDTLS_LIB_DIR)/md5.o > +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += $(MBEDTLS_LIB_DIR)/sha1.o > +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \ > $(MBEDTLS_LIB_DIR)/sha256.o > -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \ > +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \ > $(MBEDTLS_LIB_DIR)/sha512.o > > # MbedTLS X509 library > diff --git a/lib/mbedtls/md5.c b/lib/mbedtls/md5.c > new file mode 100644 > index 00000000000..04388fce249 > --- /dev/null > +++ b/lib/mbedtls/md5.c > @@ -0,0 +1,57 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Hash shim layer on MbedTLS Crypto library > + * > + * Copyright (c) 2024 Linaro Limited > + * Author: Raymond Mao <raymond.mao@linaro.org> > + */ > +#include "compiler.h" > + > +#ifndef USE_HOSTCC > +#include <watchdog.h> > +#endif /* USE_HOSTCC */ > +#include <u-boot/md5.h> > + > +void MD5Init(MD5Context *ctx) > +{ > + mbedtls_md5_init(ctx); > + mbedtls_md5_starts(ctx); > +} > + > +void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len) > +{ > + mbedtls_md5_update(ctx, buf, len); > +} > + > +void MD5Final(unsigned char digest[16], MD5Context *ctx) > +{ > + mbedtls_md5_finish(ctx, digest); > + mbedtls_md5_free(ctx); > +} > + > +void md5_wd(const unsigned char *input, unsigned int len, > + unsigned char output[16], unsigned int chunk_sz) > +{ > + MD5Context context; > + > + MD5Init(&context); > + > + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { > + const unsigned char *curr = input; > + const unsigned char *end = input + len; > + int chunk; > + > + while (curr < end) { > + chunk = end - curr; > + if (chunk > chunk_sz) > + chunk = chunk_sz; > + MD5Update(&context, curr, chunk); > + curr += chunk; > + schedule(); > + } > + } else { > + MD5Update(&context, input, len); > + } > + > + MD5Final(output, &context); > +} > diff --git a/lib/mbedtls/sha1.c b/lib/mbedtls/sha1.c > new file mode 100644 > index 00000000000..2aee5037795 > --- /dev/null > +++ b/lib/mbedtls/sha1.c > @@ -0,0 +1,99 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Hash shim layer on MbedTLS Crypto library > + * > + * Copyright (c) 2024 Linaro Limited > + * Author: Raymond Mao <raymond.mao@linaro.org> > + */ > +#ifndef USE_HOSTCC > +#include <cyclic.h> > +#endif /* USE_HOSTCC */ > +#include <string.h> > +#include <u-boot/sha1.h> > + > +const u8 sha1_der_prefix[SHA1_DER_LEN] = { > + 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, > + 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 > +}; > + > +void sha1_starts(sha1_context *ctx) > +{ > + mbedtls_sha1_init(ctx); > + mbedtls_sha1_starts(ctx); > +} > + > +void sha1_update(sha1_context *ctx, const unsigned char *input, > + unsigned int length) > +{ > + mbedtls_sha1_update(ctx, input, length); > +} > + > +void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN]) > +{ > + mbedtls_sha1_finish(ctx, output); > + mbedtls_sha1_free(ctx); > +} > + > +void sha1_csum_wd(const unsigned char *input, unsigned int ilen, > + unsigned char *output, unsigned int chunk_sz) > +{ > + sha1_context ctx; > + > + sha1_starts(&ctx); > + > + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { > + const unsigned char *curr = input; > + const unsigned char *end = input + ilen; > + int chunk; > + > + while (curr < end) { > + chunk = end - curr; > + if (chunk > chunk_sz) > + chunk = chunk_sz; > + sha1_update(&ctx, curr, chunk); > + curr += chunk; > + schedule(); > + } > + } else { > + sha1_update(&ctx, input, ilen); > + } > + > + sha1_finish(&ctx, output); > +} > + > +void sha1_hmac(const unsigned char *key, int keylen, > + const unsigned char *input, unsigned int ilen, > + unsigned char *output) > +{ > + int i; > + sha1_context ctx; > + unsigned char k_ipad[K_PAD_LEN]; > + unsigned char k_opad[K_PAD_LEN]; > + unsigned char tmpbuf[20]; > + > + if (keylen > K_PAD_LEN) > + return; > + > + memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad)); > + memset(k_opad, K_OPAD_VAL, sizeof(k_opad)); > + > + for (i = 0; i < keylen; i++) { > + k_ipad[i] ^= key[i]; > + k_opad[i] ^= key[i]; > + } > + > + sha1_starts(&ctx); > + sha1_update(&ctx, k_ipad, sizeof(k_ipad)); > + sha1_update(&ctx, input, ilen); > + sha1_finish(&ctx, tmpbuf); > + > + sha1_starts(&ctx); > + sha1_update(&ctx, k_opad, sizeof(k_opad)); > + sha1_update(&ctx, tmpbuf, sizeof(tmpbuf)); > + sha1_finish(&ctx, output); > + > + memset(k_ipad, 0, sizeof(k_ipad)); > + memset(k_opad, 0, sizeof(k_opad)); > + memset(tmpbuf, 0, sizeof(tmpbuf)); > + memset(&ctx, 0, sizeof(sha1_context)); > +} > diff --git a/lib/mbedtls/sha256.c b/lib/mbedtls/sha256.c > new file mode 100644 > index 00000000000..24aa58fa674 > --- /dev/null > +++ b/lib/mbedtls/sha256.c > @@ -0,0 +1,62 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Hash shim layer on MbedTLS Crypto library > + * > + * Copyright (c) 2024 Linaro Limited > + * Author: Raymond Mao <raymond.mao@linaro.org> > + */ > +#ifndef USE_HOSTCC > +#include <cyclic.h> > +#endif /* USE_HOSTCC */ > +#include <u-boot/sha256.h> > + > +const u8 sha256_der_prefix[SHA256_DER_LEN] = { > + 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, > + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, > + 0x00, 0x04, 0x20 > +}; > + > +void sha256_starts(sha256_context *ctx) > +{ > + mbedtls_sha256_init(ctx); > + mbedtls_sha256_starts(ctx, 0); > +} > + > +void > +sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length) > +{ > + mbedtls_sha256_update(ctx, input, length); > +} > + > +void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN]) > +{ > + mbedtls_sha256_finish(ctx, digest); > + mbedtls_sha256_free(ctx); > +} > + > +void sha256_csum_wd(const unsigned char *input, unsigned int ilen, > + unsigned char *output, unsigned int chunk_sz) > +{ > + sha256_context ctx; > + > + sha256_starts(&ctx); > + > + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { > + const unsigned char *curr = input; > + const unsigned char *end = input + ilen; > + int chunk; > + > + while (curr < end) { > + chunk = end - curr; > + if (chunk > chunk_sz) > + chunk = chunk_sz; > + sha256_update(&ctx, curr, chunk); > + curr += chunk; > + schedule(); > + } > + } else { > + sha256_update(&ctx, input, ilen); > + } > + > + sha256_finish(&ctx, output); > +} > diff --git a/lib/mbedtls/sha512.c b/lib/mbedtls/sha512.c > new file mode 100644 > index 00000000000..5615248cb91 > --- /dev/null > +++ b/lib/mbedtls/sha512.c > @@ -0,0 +1,93 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Hash shim layer on MbedTLS Crypto library > + * > + * Copyright (c) 2024 Linaro Limited > + * Author: Raymond Mao <raymond.mao@linaro.org> > + */ > +#ifndef USE_HOSTCC > +#include <cyclic.h> > +#endif /* USE_HOSTCC */ > +#include <compiler.h> > +#include <u-boot/sha512.h> > + > +const u8 sha384_der_prefix[SHA384_DER_LEN] = { > + 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, > + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, > + 0x00, 0x04, 0x30 > +}; > + > +const u8 sha512_der_prefix[SHA512_DER_LEN] = { > + 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, > + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, > + 0x00, 0x04, 0x40 > +}; > + > +void sha384_starts(sha512_context *ctx) > +{ > + mbedtls_sha512_init(ctx); > + mbedtls_sha512_starts(ctx, 1); > +} > + > +void > +sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length) > +{ > + mbedtls_sha512_update(ctx, input, length); > +} > + > +void sha384_finish(sha512_context *ctx, uint8_t digest[SHA384_SUM_LEN]) > +{ > + mbedtls_sha512_finish(ctx, digest); > + mbedtls_sha512_free(ctx); > +} > + > +void sha384_csum_wd(const unsigned char *input, unsigned int length, > + unsigned char *output, unsigned int chunk_sz) > +{ > + mbedtls_sha512(input, length, output, 1); > +} > + > +void sha512_starts(sha512_context *ctx) > +{ > + mbedtls_sha512_init(ctx); > + mbedtls_sha512_starts(ctx, 0); > +} > + > +void > +sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length) > +{ > + mbedtls_sha512_update(ctx, input, length); > +} > + > +void sha512_finish(sha512_context *ctx, uint8_t digest[SHA512_SUM_LEN]) > +{ > + mbedtls_sha512_finish(ctx, digest); > + mbedtls_sha512_free(ctx); > +} > + > +void sha512_csum_wd(const unsigned char *input, unsigned int ilen, > + unsigned char *output, unsigned int chunk_sz) > +{ > + sha512_context ctx; > + > + sha512_starts(&ctx); > + > + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { > + const unsigned char *curr = input; > + const unsigned char *end = input + ilen; > + int chunk; > + > + while (curr < end) { > + chunk = end - curr; > + if (chunk > chunk_sz) > + chunk = chunk_sz; > + sha512_update(&ctx, curr, chunk); > + curr += chunk; > + schedule(); > + } > + } else { > + sha512_update(&ctx, input, ilen); > + } > + > + sha512_finish(&ctx, output); > +} > -- > 2.25.1 > Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h index 36c3db15e22..2fca7f1be16 100644 --- a/include/u-boot/sha1.h +++ b/include/u-boot/sha1.h @@ -41,6 +41,10 @@ extern "C" { #define SHA1_DEF_CHUNK_SZ 0x10000 +#define K_IPAD_VAL 0x36 +#define K_OPAD_VAL 0x5C +#define K_PAD_LEN 64 + extern const uint8_t sha1_der_prefix[]; #if defined(CONFIG_MBEDTLS_LIB_CRYPTO) diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig index 8a7b3a30c04..262abb2cec7 100644 --- a/lib/mbedtls/Kconfig +++ b/lib/mbedtls/Kconfig @@ -134,10 +134,100 @@ config MBEDTLS_LIB_CRYPTO_ALT config MBEDTLS_LIB_CRYPTO bool "MbedTLS crypto libraries" + select MD5_MBEDTLS if MD5 + select SHA1_MBEDTLS if SHA1 + select SHA256_MBEDTLS if SHA256 + select SHA512_MBEDTLS if SHA512 + select SHA384_MBEDTLS if SHA384 + select SPL_MD5_MBEDTLS if SPL_MD5 + select SPL_SHA1_MBEDTLS if SPL_SHA1 + select SPL_SHA256_MBEDTLS if SPL_SHA256 + select SPL_SHA512_MBEDTLS if SPL_SHA512 + select SPL_SHA384_MBEDTLS if SPL_SHA384 help Enable MbedTLS crypto libraries. Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT. +if MBEDTLS_LIB_CRYPTO + +config SHA1_MBEDTLS + bool "Enable SHA1 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA1 + help + This option enables support of hashing using SHA1 algorithm + with MbedTLS crypto library. + +config SHA256_MBEDTLS + bool "Enable SHA256 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA256 + help + This option enables support of hashing using SHA256 algorithm + with MbedTLS crypto library. + +config SHA512_MBEDTLS + bool "Enable SHA512 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA512 + default y if TI_SECURE_DEVICE && FIT_SIGNATURE + help + This option enables support of hashing using SHA512 algorithm + with MbedTLS crypto library. + +config SHA384_MBEDTLS + bool "Enable SHA384 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA384 + select SHA512_MBEDTLS + help + This option enables support of hashing using SHA384 algorithm + with MbedTLS crypto library. + +config MD5_MBEDTLS + bool "Enable MD5 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && MD5 + help + This option enables support of hashing using MD5 algorithm + with MbedTLS crypto library. + +if SPL + +config SPL_SHA1_MBEDTLS + bool "Enable SHA1 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1 + help + This option enables support of hashing using SHA1 algorithm + with MbedTLS crypto library. + +config SPL_SHA256_MBEDTLS + bool "Enable SHA256 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256 + help + This option enables support of hashing using SHA256 algorithm + with MbedTLS crypto library. + +config SPL_SHA512_MBEDTLS + bool "Enable SHA512 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512 + help + This option enables support of hashing using SHA512 algorithm + with MbedTLS crypto library. + +config SPL_SHA384_MBEDTLS + bool "Enable SHA384 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384 + select SPL_SHA512 + help + This option enables support of hashing using SHA384 algorithm + with MbedTLS crypto library. + +config SPL_MD5_MBEDTLS + bool "Enable MD5 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_MD5 + help + This option enables support of hashing using MD5 algorithm + with MbedTLS crypto library. + +endif # SPL + +endif # MBEDTLS_LIB_CRYPTO config MBEDTLS_LIB_X509 bool "MbedTLS certificate libraries" diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile index 0b6d6ca808f..eeb28ec1557 100644 --- a/lib/mbedtls/Makefile +++ b/lib/mbedtls/Makefile @@ -5,17 +5,23 @@ MBEDTLS_LIB_DIR = external/mbedtls/library +# shim layer for hash +obj-$(CONFIG_$(SPL_)MD5_MBEDTLS) += md5.o +obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o +obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o +obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o + # MbedTLS crypto library obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o mbedtls_lib_crypto-y := \ $(MBEDTLS_LIB_DIR)/platform_util.o \ $(MBEDTLS_LIB_DIR)/constant_time.o \ $(MBEDTLS_LIB_DIR)/md.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \ +mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5_MBEDTLS) += $(MBEDTLS_LIB_DIR)/md5.o +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += $(MBEDTLS_LIB_DIR)/sha1.o +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha256.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \ +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha512.o # MbedTLS X509 library diff --git a/lib/mbedtls/md5.c b/lib/mbedtls/md5.c new file mode 100644 index 00000000000..04388fce249 --- /dev/null +++ b/lib/mbedtls/md5.c @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao <raymond.mao@linaro.org> + */ +#include "compiler.h" + +#ifndef USE_HOSTCC +#include <watchdog.h> +#endif /* USE_HOSTCC */ +#include <u-boot/md5.h> + +void MD5Init(MD5Context *ctx) +{ + mbedtls_md5_init(ctx); + mbedtls_md5_starts(ctx); +} + +void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len) +{ + mbedtls_md5_update(ctx, buf, len); +} + +void MD5Final(unsigned char digest[16], MD5Context *ctx) +{ + mbedtls_md5_finish(ctx, digest); + mbedtls_md5_free(ctx); +} + +void md5_wd(const unsigned char *input, unsigned int len, + unsigned char output[16], unsigned int chunk_sz) +{ + MD5Context context; + + MD5Init(&context); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + len; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + MD5Update(&context, curr, chunk); + curr += chunk; + schedule(); + } + } else { + MD5Update(&context, input, len); + } + + MD5Final(output, &context); +} diff --git a/lib/mbedtls/sha1.c b/lib/mbedtls/sha1.c new file mode 100644 index 00000000000..2aee5037795 --- /dev/null +++ b/lib/mbedtls/sha1.c @@ -0,0 +1,99 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao <raymond.mao@linaro.org> + */ +#ifndef USE_HOSTCC +#include <cyclic.h> +#endif /* USE_HOSTCC */ +#include <string.h> +#include <u-boot/sha1.h> + +const u8 sha1_der_prefix[SHA1_DER_LEN] = { + 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, + 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 +}; + +void sha1_starts(sha1_context *ctx) +{ + mbedtls_sha1_init(ctx); + mbedtls_sha1_starts(ctx); +} + +void sha1_update(sha1_context *ctx, const unsigned char *input, + unsigned int length) +{ + mbedtls_sha1_update(ctx, input, length); +} + +void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN]) +{ + mbedtls_sha1_finish(ctx, output); + mbedtls_sha1_free(ctx); +} + +void sha1_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha1_context ctx; + + sha1_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha1_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha1_update(&ctx, input, ilen); + } + + sha1_finish(&ctx, output); +} + +void sha1_hmac(const unsigned char *key, int keylen, + const unsigned char *input, unsigned int ilen, + unsigned char *output) +{ + int i; + sha1_context ctx; + unsigned char k_ipad[K_PAD_LEN]; + unsigned char k_opad[K_PAD_LEN]; + unsigned char tmpbuf[20]; + + if (keylen > K_PAD_LEN) + return; + + memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad)); + memset(k_opad, K_OPAD_VAL, sizeof(k_opad)); + + for (i = 0; i < keylen; i++) { + k_ipad[i] ^= key[i]; + k_opad[i] ^= key[i]; + } + + sha1_starts(&ctx); + sha1_update(&ctx, k_ipad, sizeof(k_ipad)); + sha1_update(&ctx, input, ilen); + sha1_finish(&ctx, tmpbuf); + + sha1_starts(&ctx); + sha1_update(&ctx, k_opad, sizeof(k_opad)); + sha1_update(&ctx, tmpbuf, sizeof(tmpbuf)); + sha1_finish(&ctx, output); + + memset(k_ipad, 0, sizeof(k_ipad)); + memset(k_opad, 0, sizeof(k_opad)); + memset(tmpbuf, 0, sizeof(tmpbuf)); + memset(&ctx, 0, sizeof(sha1_context)); +} diff --git a/lib/mbedtls/sha256.c b/lib/mbedtls/sha256.c new file mode 100644 index 00000000000..24aa58fa674 --- /dev/null +++ b/lib/mbedtls/sha256.c @@ -0,0 +1,62 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao <raymond.mao@linaro.org> + */ +#ifndef USE_HOSTCC +#include <cyclic.h> +#endif /* USE_HOSTCC */ +#include <u-boot/sha256.h> + +const u8 sha256_der_prefix[SHA256_DER_LEN] = { + 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, + 0x00, 0x04, 0x20 +}; + +void sha256_starts(sha256_context *ctx) +{ + mbedtls_sha256_init(ctx); + mbedtls_sha256_starts(ctx, 0); +} + +void +sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha256_update(ctx, input, length); +} + +void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN]) +{ + mbedtls_sha256_finish(ctx, digest); + mbedtls_sha256_free(ctx); +} + +void sha256_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha256_context ctx; + + sha256_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha256_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha256_update(&ctx, input, ilen); + } + + sha256_finish(&ctx, output); +} diff --git a/lib/mbedtls/sha512.c b/lib/mbedtls/sha512.c new file mode 100644 index 00000000000..5615248cb91 --- /dev/null +++ b/lib/mbedtls/sha512.c @@ -0,0 +1,93 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao <raymond.mao@linaro.org> + */ +#ifndef USE_HOSTCC +#include <cyclic.h> +#endif /* USE_HOSTCC */ +#include <compiler.h> +#include <u-boot/sha512.h> + +const u8 sha384_der_prefix[SHA384_DER_LEN] = { + 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, + 0x00, 0x04, 0x30 +}; + +const u8 sha512_der_prefix[SHA512_DER_LEN] = { + 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, + 0x00, 0x04, 0x40 +}; + +void sha384_starts(sha512_context *ctx) +{ + mbedtls_sha512_init(ctx); + mbedtls_sha512_starts(ctx, 1); +} + +void +sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha512_update(ctx, input, length); +} + +void sha384_finish(sha512_context *ctx, uint8_t digest[SHA384_SUM_LEN]) +{ + mbedtls_sha512_finish(ctx, digest); + mbedtls_sha512_free(ctx); +} + +void sha384_csum_wd(const unsigned char *input, unsigned int length, + unsigned char *output, unsigned int chunk_sz) +{ + mbedtls_sha512(input, length, output, 1); +} + +void sha512_starts(sha512_context *ctx) +{ + mbedtls_sha512_init(ctx); + mbedtls_sha512_starts(ctx, 0); +} + +void +sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha512_update(ctx, input, length); +} + +void sha512_finish(sha512_context *ctx, uint8_t digest[SHA512_SUM_LEN]) +{ + mbedtls_sha512_finish(ctx, digest); + mbedtls_sha512_free(ctx); +} + +void sha512_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha512_context ctx; + + sha512_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha512_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha512_update(&ctx, input, ilen); + } + + sha512_finish(&ctx, output); +}
Implement digest shim layer on top of MbedTLS crypto library. Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations. Signed-off-by: Raymond Mao <raymond.mao@linaro.org> --- Changes in v2 - Split the shim layer into separated files and use the original head files instead of creating new ones. Changes in v3 - Refactored sha1_hmac and removed non-watchdog md5 function. Changes in v4 - Refactored hash _wd functions. - Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations. Changes in v5 - Correct kconfig dependence. - Refactored MbedTLS makefile. Changes in v6 - None. Changes in v7 - None. Changes in v8 - None include/u-boot/sha1.h | 4 ++ lib/mbedtls/Kconfig | 90 +++++++++++++++++++++++++++++++++++++++ lib/mbedtls/Makefile | 14 ++++-- lib/mbedtls/md5.c | 57 +++++++++++++++++++++++++ lib/mbedtls/sha1.c | 99 +++++++++++++++++++++++++++++++++++++++++++ lib/mbedtls/sha256.c | 62 +++++++++++++++++++++++++++ lib/mbedtls/sha512.c | 93 ++++++++++++++++++++++++++++++++++++++++ 7 files changed, 415 insertions(+), 4 deletions(-) create mode 100644 lib/mbedtls/md5.c create mode 100644 lib/mbedtls/sha1.c create mode 100644 lib/mbedtls/sha256.c create mode 100644 lib/mbedtls/sha512.c