From: Raymond Mao Date: Thu, 3 Oct 2024 21:50:19 +0000 (-0700) Subject: mbedtls: add digest shim layer for MbedTLS X-Git-Url: http://git.dujemihanovic.xyz/?a=commitdiff_plain;h=bdc3f44a6bf4de61d99c818b3e8e71b07a9eea52;p=u-boot.git mbedtls: add digest shim layer for MbedTLS Implement digest shim layer on top of MbedTLS crypto library. Introduce _MBEDTLS kconfig for MbedTLS crypto implementations. Signed-off-by: Raymond Mao --- diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h index 36c3db15e2..2fca7f1be1 100644 --- a/include/u-boot/sha1.h +++ b/include/u-boot/sha1.h @@ -41,6 +41,10 @@ extern "C" { #define SHA1_DEF_CHUNK_SZ 0x10000 +#define K_IPAD_VAL 0x36 +#define K_OPAD_VAL 0x5C +#define K_PAD_LEN 64 + extern const uint8_t sha1_der_prefix[]; #if defined(CONFIG_MBEDTLS_LIB_CRYPTO) diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig index 8a7b3a30c0..262abb2cec 100644 --- a/lib/mbedtls/Kconfig +++ b/lib/mbedtls/Kconfig @@ -134,10 +134,100 @@ config MBEDTLS_LIB_CRYPTO_ALT config MBEDTLS_LIB_CRYPTO bool "MbedTLS crypto libraries" + select MD5_MBEDTLS if MD5 + select SHA1_MBEDTLS if SHA1 + select SHA256_MBEDTLS if SHA256 + select SHA512_MBEDTLS if SHA512 + select SHA384_MBEDTLS if SHA384 + select SPL_MD5_MBEDTLS if SPL_MD5 + select SPL_SHA1_MBEDTLS if SPL_SHA1 + select SPL_SHA256_MBEDTLS if SPL_SHA256 + select SPL_SHA512_MBEDTLS if SPL_SHA512 + select SPL_SHA384_MBEDTLS if SPL_SHA384 help Enable MbedTLS crypto libraries. Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT. +if MBEDTLS_LIB_CRYPTO + +config SHA1_MBEDTLS + bool "Enable SHA1 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA1 + help + This option enables support of hashing using SHA1 algorithm + with MbedTLS crypto library. + +config SHA256_MBEDTLS + bool "Enable SHA256 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA256 + help + This option enables support of hashing using SHA256 algorithm + with MbedTLS crypto library. + +config SHA512_MBEDTLS + bool "Enable SHA512 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA512 + default y if TI_SECURE_DEVICE && FIT_SIGNATURE + help + This option enables support of hashing using SHA512 algorithm + with MbedTLS crypto library. + +config SHA384_MBEDTLS + bool "Enable SHA384 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SHA384 + select SHA512_MBEDTLS + help + This option enables support of hashing using SHA384 algorithm + with MbedTLS crypto library. + +config MD5_MBEDTLS + bool "Enable MD5 support with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && MD5 + help + This option enables support of hashing using MD5 algorithm + with MbedTLS crypto library. + +if SPL + +config SPL_SHA1_MBEDTLS + bool "Enable SHA1 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1 + help + This option enables support of hashing using SHA1 algorithm + with MbedTLS crypto library. + +config SPL_SHA256_MBEDTLS + bool "Enable SHA256 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256 + help + This option enables support of hashing using SHA256 algorithm + with MbedTLS crypto library. + +config SPL_SHA512_MBEDTLS + bool "Enable SHA512 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512 + help + This option enables support of hashing using SHA512 algorithm + with MbedTLS crypto library. + +config SPL_SHA384_MBEDTLS + bool "Enable SHA384 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384 + select SPL_SHA512 + help + This option enables support of hashing using SHA384 algorithm + with MbedTLS crypto library. + +config SPL_MD5_MBEDTLS + bool "Enable MD5 support in SPL with MbedTLS crypto library" + depends on MBEDTLS_LIB_CRYPTO && SPL_MD5 + help + This option enables support of hashing using MD5 algorithm + with MbedTLS crypto library. + +endif # SPL + +endif # MBEDTLS_LIB_CRYPTO config MBEDTLS_LIB_X509 bool "MbedTLS certificate libraries" diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile index 0b6d6ca808..eeb28ec155 100644 --- a/lib/mbedtls/Makefile +++ b/lib/mbedtls/Makefile @@ -5,17 +5,23 @@ MBEDTLS_LIB_DIR = external/mbedtls/library +# shim layer for hash +obj-$(CONFIG_$(SPL_)MD5_MBEDTLS) += md5.o +obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o +obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o +obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o + # MbedTLS crypto library obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o mbedtls_lib_crypto-y := \ $(MBEDTLS_LIB_DIR)/platform_util.o \ $(MBEDTLS_LIB_DIR)/constant_time.o \ $(MBEDTLS_LIB_DIR)/md.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \ +mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5_MBEDTLS) += $(MBEDTLS_LIB_DIR)/md5.o +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += $(MBEDTLS_LIB_DIR)/sha1.o +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha256.o -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \ +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \ $(MBEDTLS_LIB_DIR)/sha512.o # MbedTLS X509 library diff --git a/lib/mbedtls/md5.c b/lib/mbedtls/md5.c new file mode 100644 index 0000000000..04388fce24 --- /dev/null +++ b/lib/mbedtls/md5.c @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao + */ +#include "compiler.h" + +#ifndef USE_HOSTCC +#include +#endif /* USE_HOSTCC */ +#include + +void MD5Init(MD5Context *ctx) +{ + mbedtls_md5_init(ctx); + mbedtls_md5_starts(ctx); +} + +void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len) +{ + mbedtls_md5_update(ctx, buf, len); +} + +void MD5Final(unsigned char digest[16], MD5Context *ctx) +{ + mbedtls_md5_finish(ctx, digest); + mbedtls_md5_free(ctx); +} + +void md5_wd(const unsigned char *input, unsigned int len, + unsigned char output[16], unsigned int chunk_sz) +{ + MD5Context context; + + MD5Init(&context); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + len; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + MD5Update(&context, curr, chunk); + curr += chunk; + schedule(); + } + } else { + MD5Update(&context, input, len); + } + + MD5Final(output, &context); +} diff --git a/lib/mbedtls/sha1.c b/lib/mbedtls/sha1.c new file mode 100644 index 0000000000..2aee503779 --- /dev/null +++ b/lib/mbedtls/sha1.c @@ -0,0 +1,99 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao + */ +#ifndef USE_HOSTCC +#include +#endif /* USE_HOSTCC */ +#include +#include + +const u8 sha1_der_prefix[SHA1_DER_LEN] = { + 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, + 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 +}; + +void sha1_starts(sha1_context *ctx) +{ + mbedtls_sha1_init(ctx); + mbedtls_sha1_starts(ctx); +} + +void sha1_update(sha1_context *ctx, const unsigned char *input, + unsigned int length) +{ + mbedtls_sha1_update(ctx, input, length); +} + +void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN]) +{ + mbedtls_sha1_finish(ctx, output); + mbedtls_sha1_free(ctx); +} + +void sha1_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha1_context ctx; + + sha1_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha1_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha1_update(&ctx, input, ilen); + } + + sha1_finish(&ctx, output); +} + +void sha1_hmac(const unsigned char *key, int keylen, + const unsigned char *input, unsigned int ilen, + unsigned char *output) +{ + int i; + sha1_context ctx; + unsigned char k_ipad[K_PAD_LEN]; + unsigned char k_opad[K_PAD_LEN]; + unsigned char tmpbuf[20]; + + if (keylen > K_PAD_LEN) + return; + + memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad)); + memset(k_opad, K_OPAD_VAL, sizeof(k_opad)); + + for (i = 0; i < keylen; i++) { + k_ipad[i] ^= key[i]; + k_opad[i] ^= key[i]; + } + + sha1_starts(&ctx); + sha1_update(&ctx, k_ipad, sizeof(k_ipad)); + sha1_update(&ctx, input, ilen); + sha1_finish(&ctx, tmpbuf); + + sha1_starts(&ctx); + sha1_update(&ctx, k_opad, sizeof(k_opad)); + sha1_update(&ctx, tmpbuf, sizeof(tmpbuf)); + sha1_finish(&ctx, output); + + memset(k_ipad, 0, sizeof(k_ipad)); + memset(k_opad, 0, sizeof(k_opad)); + memset(tmpbuf, 0, sizeof(tmpbuf)); + memset(&ctx, 0, sizeof(sha1_context)); +} diff --git a/lib/mbedtls/sha256.c b/lib/mbedtls/sha256.c new file mode 100644 index 0000000000..24aa58fa67 --- /dev/null +++ b/lib/mbedtls/sha256.c @@ -0,0 +1,62 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao + */ +#ifndef USE_HOSTCC +#include +#endif /* USE_HOSTCC */ +#include + +const u8 sha256_der_prefix[SHA256_DER_LEN] = { + 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, + 0x00, 0x04, 0x20 +}; + +void sha256_starts(sha256_context *ctx) +{ + mbedtls_sha256_init(ctx); + mbedtls_sha256_starts(ctx, 0); +} + +void +sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha256_update(ctx, input, length); +} + +void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN]) +{ + mbedtls_sha256_finish(ctx, digest); + mbedtls_sha256_free(ctx); +} + +void sha256_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha256_context ctx; + + sha256_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha256_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha256_update(&ctx, input, ilen); + } + + sha256_finish(&ctx, output); +} diff --git a/lib/mbedtls/sha512.c b/lib/mbedtls/sha512.c new file mode 100644 index 0000000000..5615248cb9 --- /dev/null +++ b/lib/mbedtls/sha512.c @@ -0,0 +1,93 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Hash shim layer on MbedTLS Crypto library + * + * Copyright (c) 2024 Linaro Limited + * Author: Raymond Mao + */ +#ifndef USE_HOSTCC +#include +#endif /* USE_HOSTCC */ +#include +#include + +const u8 sha384_der_prefix[SHA384_DER_LEN] = { + 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, + 0x00, 0x04, 0x30 +}; + +const u8 sha512_der_prefix[SHA512_DER_LEN] = { + 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, + 0x00, 0x04, 0x40 +}; + +void sha384_starts(sha512_context *ctx) +{ + mbedtls_sha512_init(ctx); + mbedtls_sha512_starts(ctx, 1); +} + +void +sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha512_update(ctx, input, length); +} + +void sha384_finish(sha512_context *ctx, uint8_t digest[SHA384_SUM_LEN]) +{ + mbedtls_sha512_finish(ctx, digest); + mbedtls_sha512_free(ctx); +} + +void sha384_csum_wd(const unsigned char *input, unsigned int length, + unsigned char *output, unsigned int chunk_sz) +{ + mbedtls_sha512(input, length, output, 1); +} + +void sha512_starts(sha512_context *ctx) +{ + mbedtls_sha512_init(ctx); + mbedtls_sha512_starts(ctx, 0); +} + +void +sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length) +{ + mbedtls_sha512_update(ctx, input, length); +} + +void sha512_finish(sha512_context *ctx, uint8_t digest[SHA512_SUM_LEN]) +{ + mbedtls_sha512_finish(ctx, digest); + mbedtls_sha512_free(ctx); +} + +void sha512_csum_wd(const unsigned char *input, unsigned int ilen, + unsigned char *output, unsigned int chunk_sz) +{ + sha512_context ctx; + + sha512_starts(&ctx); + + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) { + const unsigned char *curr = input; + const unsigned char *end = input + ilen; + int chunk; + + while (curr < end) { + chunk = end - curr; + if (chunk > chunk_sz) + chunk = chunk_sz; + sha512_update(&ctx, curr, chunk); + curr += chunk; + schedule(); + } + } else { + sha512_update(&ctx, input, ilen); + } + + sha512_finish(&ctx, output); +}