@@ -36,6 +36,132 @@
#include <u-boot/sha512.h>
#include <u-boot/md5.h>
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO)
+
+static int hash_init_sha1(struct hash_algo *algo, void **ctxp)
+{
+ int ret;
+ mbedtls_sha1_context *ctx = malloc(sizeof(mbedtls_sha1_context));
+
+ mbedtls_sha1_init(ctx);
+ ret = mbedtls_sha1_starts(ctx);
+ if (!ret) {
+ *ctxp = ctx;
+ } else {
+ mbedtls_sha1_free(ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+static int hash_update_sha1(struct hash_algo *algo, void *ctx, const void *buf,
+ unsigned int size, int is_last)
+{
+ return mbedtls_sha1_update((mbedtls_sha1_context *)ctx, buf, size);
+}
+
+static int
+hash_finish_sha1(struct hash_algo *algo, void *ctx, void *dest_buf, int size)
+{
+ int ret;
+
+ if (size < algo->digest_size)
+ return -1;
+
+ ret = mbedtls_sha1_finish((mbedtls_sha1_context *)ctx, dest_buf);
+ if (!ret) {
+ mbedtls_sha1_free((mbedtls_sha1_context *)ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+static int hash_init_sha256(struct hash_algo *algo, void **ctxp)
+{
+ int ret;
+ int is224 = algo->digest_size == SHA224_SUM_LEN ? 1 : 0;
+ mbedtls_sha256_context *ctx = malloc(sizeof(mbedtls_sha256_context));
+
+ mbedtls_sha256_init(ctx);
+ ret = mbedtls_sha256_starts(ctx, is224);
+ if (!ret) {
+ *ctxp = ctx;
+ } else {
+ mbedtls_sha256_free(ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+static int hash_update_sha256(struct hash_algo *algo, void *ctx, const void *buf,
+ uint size, int is_last)
+{
+ return mbedtls_sha256_update((mbedtls_sha256_context *)ctx, buf, size);
+}
+
+static int
+hash_finish_sha256(struct hash_algo *algo, void *ctx, void *dest_buf, int size)
+{
+ int ret;
+
+ if (size < algo->digest_size)
+ return -1;
+
+ ret = mbedtls_sha256_finish((mbedtls_sha256_context *)ctx, dest_buf);
+ if (!ret) {
+ mbedtls_sha256_free((mbedtls_sha256_context *)ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+static int hash_init_sha512(struct hash_algo *algo, void **ctxp)
+{
+ int ret;
+ int is384 = algo->digest_size == SHA384_SUM_LEN ? 1 : 0;
+ mbedtls_sha512_context *ctx = malloc(sizeof(mbedtls_sha512_context));
+
+ mbedtls_sha512_init(ctx);
+ ret = mbedtls_sha512_starts(ctx, is384);
+ if (!ret) {
+ *ctxp = ctx;
+ } else {
+ mbedtls_sha512_free(ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+static int hash_update_sha512(struct hash_algo *algo, void *ctx, const void *buf,
+ uint size, int is_last)
+{
+ return mbedtls_sha512_update((mbedtls_sha512_context *)ctx, buf, size);
+}
+
+static int
+hash_finish_sha512(struct hash_algo *algo, void *ctx, void *dest_buf, int size)
+{
+ int ret;
+
+ if (size < algo->digest_size)
+ return -1;
+
+ ret = mbedtls_sha512_finish((mbedtls_sha512_context *)ctx, dest_buf);
+ if (!ret) {
+ mbedtls_sha512_free((mbedtls_sha512_context *)ctx);
+ free(ctx);
+ }
+
+ return ret;
+}
+
+#else /* CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO) */
+
static int __maybe_unused hash_init_sha1(struct hash_algo *algo, void **ctxp)
{
sha1_context *ctx = malloc(sizeof(sha1_context));
@@ -144,6 +270,8 @@ static int __maybe_unused hash_finish_sha512(struct hash_algo *algo, void *ctx,
return 0;
}
+#endif /* CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO) */
+
static int hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp)
{
uint16_t *ctx = malloc(sizeof(uint16_t));
@@ -268,10 +396,16 @@ static struct hash_algo hash_algo[] = {
.hash_init = hw_sha_init,
.hash_update = hw_sha_update,
.hash_finish = hw_sha_finish,
+#else
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_CRYPTO)
+ .hash_init = hash_init_sha512,
+ .hash_update = hash_update_sha512,
+ .hash_finish = hash_finish_sha512,
#else
.hash_init = hash_init_sha384,
.hash_update = hash_update_sha384,
.hash_finish = hash_finish_sha384,
+#endif
#endif
},
#endif
Integrate common/hash.c on the hash shim layer so that hash APIs from mbedtls can be leveraged by boot/image and efi_loader. Signed-off-by: Raymond Mao <raymond.mao@linaro.org> --- Changes in v2 - Use the original head files instead of creating new ones. common/hash.c | 134 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+)