diff mbox

[U-Boot,v2,12/23] Add hash command to perform hashing using various algorithms

Message ID 1353611587-18186-13-git-send-email-sjg@chromium.org
State Superseded, archived
Headers show

Commit Message

Simon Glass Nov. 22, 2012, 7:12 p.m. UTC 
This new command supports hashing SHA1 and SHA256. It could be extended
to others such as MD5 and the CRC algorithms. The syntax is modeled on
those:

   hash <algorithm> <address> <length> [*<dest_addr> | <dest_envvar>]

to calculate a hash, and:

   hash -v <algorithm> <address> <length> [*<verify_addr> | <verify_envvar>]

to verify a hash.

Use CONFIG_CMD_HASH to enable the command, CONFIG_SHA1 to enable SHA1 and
CONFIG_SHA256 to enable SHA256.

The existing sha1sum command remains.

Signed-off-by: Simon Glass <sjg@chromium.org>
---
Changes in v2:
- Add new hash command to support generic hash API

 README                   |   18 +++++++++++++
 common/Makefile          |    1 +
 common/cmd_hash.c        |   63 ++++++++++++++++++++++++++++++++++++++++++++++
 include/config_cmd_all.h |    1 +
 4 files changed, 83 insertions(+), 0 deletions(-)
 create mode 100644 common/cmd_hash.c

Comments

Joe Hershberger Dec. 1, 2012, 7:39 p.m. UTC | #1 
Hi Simon,

On Thu, Nov 22, 2012 at 1:12 PM, Simon Glass <sjg@chromium.org> wrote:
> This new command supports hashing SHA1 and SHA256. It could be extended
> to others such as MD5 and the CRC algorithms. The syntax is modeled on
> those:
>
>    hash <algorithm> <address> <length> [*<dest_addr> | <dest_envvar>]
>
> to calculate a hash, and:
>
>    hash -v <algorithm> <address> <length> [*<verify_addr> | <verify_envvar>]
>
> to verify a hash.
>
> Use CONFIG_CMD_HASH to enable the command, CONFIG_SHA1 to enable SHA1 and
> CONFIG_SHA256 to enable SHA256.
>
> The existing sha1sum command remains.
>
> Signed-off-by: Simon Glass <sjg@chromium.org>
> ---
> Changes in v2:
> - Add new hash command to support generic hash API
>
>  README                   |   18 +++++++++++++
>  common/Makefile          |    1 +
>  common/cmd_hash.c        |   63 ++++++++++++++++++++++++++++++++++++++++++++++
>  include/config_cmd_all.h |    1 +
>  4 files changed, 83 insertions(+), 0 deletions(-)
>  create mode 100644 common/cmd_hash.c
>
> diff --git a/README b/README
> index 6378101..2a0098d 100644
> --- a/README
> +++ b/README
> @@ -822,6 +822,7 @@ The following options need to be configured:
>                 CONFIG_CMD_GETTIME      * Get time since boot
>                 CONFIG_CMD_GO           * the 'go' command (exec code)
>                 CONFIG_CMD_GREPENV      * search environment
> +               CONFIG_CMD_HASH         * calculate hash / digest
>                 CONFIG_CMD_HWFLOW       * RTS/CTS hw flow control
>                 CONFIG_CMD_I2C          * I2C serial bus support
>                 CONFIG_CMD_IDE          * IDE harddisk support
> @@ -2391,6 +2392,23 @@ CBFS (Coreboot Filesystem) support
>                 A better solution is to properly configure the firewall,
>                 but sometimes that is not allowed.
>
> +- Hashing support:
> +               CONFIG_CMD_HASH
> +
> +               This enables a generic 'hash' command which can produce
> +               hashes / digests from a few algorithms (e.g. SHA1, SHA256).
> +
> +               CONFIG_HASH_VERIFY
> +
> +               Enable the hash verify command (hash -v). This adds to code
> +               size a little.
> +
> +               CONFIG_SHA1 - support SHA1 hashing
> +               CONFIG_SHA256 - support SHA256 hashing
> +
> +               Note: There is also a sha1sum command, which should perhaps
> +               be deprecated in favour of 'hash sha1'.
> +
>  - Show boot progress:
>                 CONFIG_SHOW_BOOT_PROGRESS
>
> diff --git a/common/Makefile b/common/Makefile
> index eb175c1..56ec4e4 100644
> --- a/common/Makefile
> +++ b/common/Makefile
> @@ -104,6 +104,7 @@ COBJS-$(CONFIG_CMD_FS_GENERIC) += cmd_fs.o
>  COBJS-$(CONFIG_CMD_GETTIME) += cmd_gettime.o
>  COBJS-$(CONFIG_CMD_GPIO) += cmd_gpio.o
>  COBJS-$(CONFIG_CMD_I2C) += cmd_i2c.o
> +COBJS-$(CONFIG_CMD_HASH) += cmd_hash.o
>  COBJS-$(CONFIG_CMD_IDE) += cmd_ide.o
>  COBJS-$(CONFIG_CMD_IMMAP) += cmd_immap.o
>  COBJS-$(CONFIG_CMD_INI) += cmd_ini.o
> diff --git a/common/cmd_hash.c b/common/cmd_hash.c
> new file mode 100644
> index 0000000..10ce03e
> --- /dev/null
> +++ b/common/cmd_hash.c
> @@ -0,0 +1,63 @@
> +/*
> + * Copyright (c) 2012 The Chromium OS Authors.
> + *
> + * (C) Copyright 2011
> + * Joe Hershberger, National Instruments, joe.hershberger@ni.com
> + *
> + * (C) Copyright 2000
> + * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
> + *
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation; either version 2 of
> + * the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + * You should have received a copy of the GNU General Public License
> + * along with this program; if not, write to the Free Software
> + * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
> + * MA 02111-1307 USA
> + */
> +
> +#include <common.h>
> +#include <command.h>
> +#include <hash.h>
> +
> +static int do_hash(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
> +{
> +#ifdef CONFIG_HASH_VERIFY
> +       int verify = 0;
> +
> +       if (!strcmp(argv[1], "-v")) {
> +               verify = 1;
> +               argc--;
> +               argv++;
> +       }
> +#endif
> +       /* Move forward to 'algorithm' parameter */
> +       argc--;
> +       argv++;
> +       return hash_command(*argv, verify, cmdtp, flag, argc - 1, argv + 1);
> +}
> +
> +#ifdef CONFIG_HASH_VERIFY
> +U_BOOT_CMD(
> +       hash,   6,      1,      do_hash,
> +       "compute hash message digest",
> +       "algorithm address count [[*]sum_dest]\n"
> +               "    - compute message digest [save to env var / *address]\n"
> +       "sha1sum -v algorithm address count [*]sum\n"

The command is now hash, not sha1sum.

> +               "    - verify sha1sum of memory area with env var / *address"

You probably shouldn't directly refer to sha1sum in the description

> +);
> +#else
> +U_BOOT_CMD(
> +       hash,   5,      1,      do_hash,
> +       "compute message digest",
> +       "algorithm address count [[*]sum_dest]\n"
> +               "    - compute message digest [save to env var / *address]"
> +);
> +#endif
> diff --git a/include/config_cmd_all.h b/include/config_cmd_all.h
> index 148d676..124d51f 100644
> --- a/include/config_cmd_all.h
> +++ b/include/config_cmd_all.h
> @@ -41,6 +41,7 @@
>  #define CONFIG_CMD_FLASH       /* flinfo, erase, protect       */
>  #define CONFIG_CMD_FPGA                /* FPGA configuration Support   */
>  #define CONFIG_CMD_GETTIME     /* Get time since boot         */
> +#define CONFIG_CMD_HASH                /* calculate hash / digest      */
>  #define CONFIG_CMD_HWFLOW      /* RTS/CTS hw flow control      */
>  #define CONFIG_CMD_I2C         /* I2C serial bus support       */
>  #define CONFIG_CMD_IDE         /* IDE harddisk support         */

Cheers,
-Joe
diff mbox

Patch

diff --git a/README b/README
index 6378101..2a0098d 100644
--- a/README
+++ b/README
@@ -822,6 +822,7 @@  The following options need to be configured:
 		CONFIG_CMD_GETTIME	* Get time since boot
 		CONFIG_CMD_GO		* the 'go' command (exec code)
 		CONFIG_CMD_GREPENV	* search environment
+		CONFIG_CMD_HASH		* calculate hash / digest
 		CONFIG_CMD_HWFLOW	* RTS/CTS hw flow control
 		CONFIG_CMD_I2C		* I2C serial bus support
 		CONFIG_CMD_IDE		* IDE harddisk support
@@ -2391,6 +2392,23 @@  CBFS (Coreboot Filesystem) support
 		A better solution is to properly configure the firewall,
 		but sometimes that is not allowed.
 
+- Hashing support:
+		CONFIG_CMD_HASH
+
+		This enables a generic 'hash' command which can produce
+		hashes / digests from a few algorithms (e.g. SHA1, SHA256).
+
+		CONFIG_HASH_VERIFY
+
+		Enable the hash verify command (hash -v). This adds to code
+		size a little.
+
+		CONFIG_SHA1 - support SHA1 hashing
+		CONFIG_SHA256 - support SHA256 hashing
+
+		Note: There is also a sha1sum command, which should perhaps
+		be deprecated in favour of 'hash sha1'.
+
 - Show boot progress:
 		CONFIG_SHOW_BOOT_PROGRESS
 
diff --git a/common/Makefile b/common/Makefile
index eb175c1..56ec4e4 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -104,6 +104,7 @@  COBJS-$(CONFIG_CMD_FS_GENERIC) += cmd_fs.o
 COBJS-$(CONFIG_CMD_GETTIME) += cmd_gettime.o
 COBJS-$(CONFIG_CMD_GPIO) += cmd_gpio.o
 COBJS-$(CONFIG_CMD_I2C) += cmd_i2c.o
+COBJS-$(CONFIG_CMD_HASH) += cmd_hash.o
 COBJS-$(CONFIG_CMD_IDE) += cmd_ide.o
 COBJS-$(CONFIG_CMD_IMMAP) += cmd_immap.o
 COBJS-$(CONFIG_CMD_INI) += cmd_ini.o
diff --git a/common/cmd_hash.c b/common/cmd_hash.c
new file mode 100644
index 0000000..10ce03e
--- /dev/null
+++ b/common/cmd_hash.c
@@ -0,0 +1,63 @@ 
+/*
+ * Copyright (c) 2012 The Chromium OS Authors.
+ *
+ * (C) Copyright 2011
+ * Joe Hershberger, National Instruments, joe.hershberger@ni.com
+ *
+ * (C) Copyright 2000
+ * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include <common.h>
+#include <command.h>
+#include <hash.h>
+
+static int do_hash(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+#ifdef CONFIG_HASH_VERIFY
+	int verify = 0;
+
+	if (!strcmp(argv[1], "-v")) {
+		verify = 1;
+		argc--;
+		argv++;
+	}
+#endif
+	/* Move forward to 'algorithm' parameter */
+	argc--;
+	argv++;
+	return hash_command(*argv, verify, cmdtp, flag, argc - 1, argv + 1);
+}
+
+#ifdef CONFIG_HASH_VERIFY
+U_BOOT_CMD(
+	hash,	6,	1,	do_hash,
+	"compute hash message digest",
+	"algorithm address count [[*]sum_dest]\n"
+		"    - compute message digest [save to env var / *address]\n"
+	"sha1sum -v algorithm address count [*]sum\n"
+		"    - verify sha1sum of memory area with env var / *address"
+);
+#else
+U_BOOT_CMD(
+	hash,	5,	1,	do_hash,
+	"compute message digest",
+	"algorithm address count [[*]sum_dest]\n"
+		"    - compute message digest [save to env var / *address]"
+);
+#endif
diff --git a/include/config_cmd_all.h b/include/config_cmd_all.h
index 148d676..124d51f 100644
--- a/include/config_cmd_all.h
+++ b/include/config_cmd_all.h
@@ -41,6 +41,7 @@ 
 #define CONFIG_CMD_FLASH	/* flinfo, erase, protect	*/
 #define CONFIG_CMD_FPGA		/* FPGA configuration Support	*/
 #define CONFIG_CMD_GETTIME	/* Get time since boot         */
+#define CONFIG_CMD_HASH		/* calculate hash / digest	*/
 #define CONFIG_CMD_HWFLOW	/* RTS/CTS hw flow control	*/
 #define CONFIG_CMD_I2C		/* I2C serial bus support	*/
 #define CONFIG_CMD_IDE		/* IDE harddisk support		*/