qiurui
/
rv1126-uboot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib: avb: support crypto sha256/512 

Signed-off-by: Joseph Chen <chenjh@rock-chips.com>
Change-Id: Ifbcc1940d9b494fc488c0b9e95f88d7c98604f62
This commit is contained in:
Joseph Chen 2019-12-08 18:00:07 +08:00 committed by Jianhong Chen
parent 2e32f6669c
commit 5b0bc49177
6 changed files with 87 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/android_avb/avb_sha.h
View File

@ -39,8 +39,12 @@
extern "C" { extern "C" {
#endif #endif
#ifdef CONFIG_DM_CRYPTO
#include <crypto.h>
#endif
#include <android_avb/avb_crypto.h> #include <android_avb/avb_crypto.h>
#include <android_avb/avb_sysdeps.h> #include <android_avb/avb_sysdeps.h>
#include <dm/device.h>
/* Block size in bytes of a SHA-256 digest. */ /* Block size in bytes of a SHA-256 digest. */
#define AVB_SHA256_BLOCK_SIZE 64 #define AVB_SHA256_BLOCK_SIZE 64
@ -56,6 +60,10 @@ typedef struct {
size_t len; size_t len;
uint8_t block[2 * AVB_SHA256_BLOCK_SIZE]; uint8_t block[2 * AVB_SHA256_BLOCK_SIZE];
uint8_t buf[AVB_SHA256_DIGEST_SIZE]; /* Used for storing the final digest. */ uint8_t buf[AVB_SHA256_DIGEST_SIZE]; /* Used for storing the final digest. */
#ifdef CONFIG_DM_CRYPTO
struct udevice *crypto_dev;
sha_context crypto_ctx;
#endif
} AvbSHA256Ctx; } AvbSHA256Ctx;
/* Data structure used for SHA-512. */ /* Data structure used for SHA-512. */
@ -65,6 +73,10 @@ typedef struct {
size_t len; size_t len;
uint8_t block[2 * AVB_SHA512_BLOCK_SIZE]; uint8_t block[2 * AVB_SHA512_BLOCK_SIZE];
uint8_t buf[AVB_SHA512_DIGEST_SIZE]; /* Used for storing the final digest. */ uint8_t buf[AVB_SHA512_DIGEST_SIZE]; /* Used for storing the final digest. */
#ifdef CONFIG_DM_CRYPTO
struct udevice *crypto_dev;
sha_context crypto_ctx;
#endif
} AvbSHA512Ctx; } AvbSHA512Ctx;
/* Initializes the SHA-256 context. */ /* Initializes the SHA-256 context. */

27
lib/avb/libavb/avb_sha256.c
View File

@ -36,7 +36,33 @@
*/ */
#include <android_avb/avb_sha.h> #include <android_avb/avb_sha.h>
#include <android_avb/avb_util.h>
#ifdef CONFIG_DM_CRYPTO
void avb_sha256_init(AvbSHA256Ctx* ctx) {
ctx->crypto_ctx.algo = CRYPTO_SHA256;
ctx->crypto_ctx.length = ctx->tot_len;
memset(ctx->buf, 0, sizeof(ctx->buf));
ctx->crypto_dev = crypto_get_device(ctx->crypto_ctx.algo);
if (!ctx->crypto_dev)
avb_error("Can't get sha256 crypto device\n");
else
crypto_sha_init(ctx->crypto_dev, &ctx->crypto_ctx);
}
void avb_sha256_update(AvbSHA256Ctx* ctx, const uint8_t* data, size_t len) {
if (ctx->crypto_dev)
crypto_sha_update(ctx->crypto_dev, (u32 *)data, len);
}
uint8_t* avb_sha256_final(AvbSHA256Ctx* ctx) {
if (ctx->crypto_dev)
crypto_sha_final(ctx->crypto_dev, &ctx->crypto_ctx, ctx->buf);
return ctx->buf;
}
#else
#define SHFR(x, n) (x >> n) #define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
#define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n))) #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
@ -400,3 +426,4 @@ uint8_t* avb_sha256_final(AvbSHA256Ctx* ctx) {
return ctx->buf; return ctx->buf;
} }
#endif

29
lib/avb/libavb/avb_sha512.c
View File

@ -36,7 +36,35 @@
*/ */
#include <android_avb/avb_sha.h> #include <android_avb/avb_sha.h>
#include <android_avb/avb_util.h>
/* Crypto-v1 is not support sha512 */
#ifdef CONFIG_ROCKCHIP_CRYPTO_V2
void avb_sha512_init(AvbSHA512Ctx* ctx) {
ctx->crypto_ctx.algo = CRYPTO_SHA512;
ctx->crypto_ctx.length = ctx->tot_len;
memset(ctx->buf, 0, sizeof(ctx->buf));
ctx->crypto_dev = crypto_get_device(ctx->crypto_ctx.algo);
if (!ctx->crypto_dev)
avb_error("Can't get sha512 crypto device\n");
else
crypto_sha_init(ctx->crypto_dev, &ctx->crypto_ctx);
}
void avb_sha512_update(AvbSHA512Ctx* ctx, const uint8_t* data, size_t len) {
if (ctx->crypto_dev)
crypto_sha_update(ctx->crypto_dev, (u32 *)data, len);
}
uint8_t* avb_sha512_final(AvbSHA512Ctx* ctx) {
if (ctx->crypto_dev)
crypto_sha_final(ctx->crypto_dev, &ctx->crypto_ctx, ctx->buf);
return ctx->buf;
}
#else
#define SHFR(x, n) (x >> n) #define SHFR(x, n) (x >> n)
#define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n))) #define ROTR(x, n) ((x >> n) | (x << ((sizeof(x) << 3) - n)))
#define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n))) #define ROTL(x, n) ((x << n) | (x >> ((sizeof(x) << 3) - n)))
@ -386,3 +414,4 @@ uint8_t* avb_sha512_final(AvbSHA512Ctx* ctx) {
return ctx->buf; return ctx->buf;
} }
#endif

12
lib/avb/libavb/avb_slot_verify.c
View File

@ -401,12 +401,14 @@ static AvbSlotVerifyResult load_and_verify_hash_partition(
image_size_to_hash = image_size; image_size_to_hash = image_size;
} }
if (avb_strcmp((const char*)hash_desc.hash_algorithm, "sha256") == 0) { if (avb_strcmp((const char*)hash_desc.hash_algorithm, "sha256") == 0) {
sha256_ctx.tot_len = hash_desc.salt_len + image_size_to_hash;
avb_sha256_init(&sha256_ctx); avb_sha256_init(&sha256_ctx);
avb_sha256_update(&sha256_ctx, desc_salt, hash_desc.salt_len); avb_sha256_update(&sha256_ctx, desc_salt, hash_desc.salt_len);
avb_sha256_update(&sha256_ctx, image_buf, image_size_to_hash); avb_sha256_update(&sha256_ctx, image_buf, image_size_to_hash);
digest = avb_sha256_final(&sha256_ctx); digest = avb_sha256_final(&sha256_ctx);
digest_len = AVB_SHA256_DIGEST_SIZE; digest_len = AVB_SHA256_DIGEST_SIZE;
} else if (avb_strcmp((const char*)hash_desc.hash_algorithm, "sha512") == 0) { } else if (avb_strcmp((const char*)hash_desc.hash_algorithm, "sha512") == 0) {
sha512_ctx.tot_len = hash_desc.salt_len + image_size_to_hash;
avb_sha512_init(&sha512_ctx); avb_sha512_init(&sha512_ctx);
avb_sha512_update(&sha512_ctx, desc_salt, hash_desc.salt_len); avb_sha512_update(&sha512_ctx, desc_salt, hash_desc.salt_len);
avb_sha512_update(&sha512_ctx, image_buf, image_size_to_hash); avb_sha512_update(&sha512_ctx, image_buf, image_size_to_hash);
@ -1716,6 +1718,11 @@ void avb_slot_verify_data_calculate_vbmeta_digest(AvbSlotVerifyData* data,
switch (digest_type) { switch (digest_type) {
case AVB_DIGEST_TYPE_SHA256: { case AVB_DIGEST_TYPE_SHA256: {
AvbSHA256Ctx ctx; AvbSHA256Ctx ctx;
ctx.tot_len = 0;
for (n = 0; n < data->num_vbmeta_images; n++)
ctx.tot_len += data->vbmeta_images[n].vbmeta_size;
avb_sha256_init(&ctx); avb_sha256_init(&ctx);
for (n = 0; n < data->num_vbmeta_images; n++) { for (n = 0; n < data->num_vbmeta_images; n++) {
avb_sha256_update(&ctx, avb_sha256_update(&ctx,
@ -1728,6 +1735,11 @@ void avb_slot_verify_data_calculate_vbmeta_digest(AvbSlotVerifyData* data,
case AVB_DIGEST_TYPE_SHA512: { case AVB_DIGEST_TYPE_SHA512: {
AvbSHA512Ctx ctx; AvbSHA512Ctx ctx;
ctx.tot_len = 0;
for (n = 0; n < data->num_vbmeta_images; n++)
ctx.tot_len += data->vbmeta_images[n].vbmeta_size;
avb_sha512_init(&ctx); avb_sha512_init(&ctx);
for (n = 0; n < data->num_vbmeta_images; n++) { for (n = 0; n < data->num_vbmeta_images; n++) {
avb_sha512_update(&ctx, avb_sha512_update(&ctx,

5
lib/avb/libavb/avb_vbmeta_image.c
View File

@ -178,6 +178,9 @@ AvbVBMetaVerifyResult avb_vbmeta_image_verify(
case AVB_ALGORITHM_TYPE_SHA256_RSA2048: case AVB_ALGORITHM_TYPE_SHA256_RSA2048:
case AVB_ALGORITHM_TYPE_SHA256_RSA4096: case AVB_ALGORITHM_TYPE_SHA256_RSA4096:
case AVB_ALGORITHM_TYPE_SHA256_RSA8192: case AVB_ALGORITHM_TYPE_SHA256_RSA8192:
sha256_ctx.tot_len = sizeof(AvbVBMetaImageHeader) +
h.auxiliary_data_block_size;
avb_sha256_init(&sha256_ctx); avb_sha256_init(&sha256_ctx);
avb_sha256_update( avb_sha256_update(
&sha256_ctx, header_block, sizeof(AvbVBMetaImageHeader)); &sha256_ctx, header_block, sizeof(AvbVBMetaImageHeader));
@ -189,6 +192,8 @@ AvbVBMetaVerifyResult avb_vbmeta_image_verify(
case AVB_ALGORITHM_TYPE_SHA512_RSA2048: case AVB_ALGORITHM_TYPE_SHA512_RSA2048:
case AVB_ALGORITHM_TYPE_SHA512_RSA4096: case AVB_ALGORITHM_TYPE_SHA512_RSA4096:
case AVB_ALGORITHM_TYPE_SHA512_RSA8192: case AVB_ALGORITHM_TYPE_SHA512_RSA8192:
sha512_ctx.tot_len = sizeof(AvbVBMetaImageHeader) +
h.auxiliary_data_block_size;
avb_sha512_init(&sha512_ctx); avb_sha512_init(&sha512_ctx);
avb_sha512_update( avb_sha512_update(
&sha512_ctx, header_block, sizeof(AvbVBMetaImageHeader)); &sha512_ctx, header_block, sizeof(AvbVBMetaImageHeader));

2
lib/avb/libavb_atx/avb_atx_validate.c
View File

@ -45,6 +45,8 @@ static void sha256(const uint8_t* data,
uint32_t length, uint32_t length,
uint8_t hash[AVB_SHA256_DIGEST_SIZE]) { uint8_t hash[AVB_SHA256_DIGEST_SIZE]) {
AvbSHA256Ctx context; AvbSHA256Ctx context;
context.tot_len = length;
avb_sha256_init(&context); avb_sha256_init(&context);
avb_sha256_update(&context, data, length); avb_sha256_update(&context, data, length);
uint8_t* tmp = avb_sha256_final(&context); uint8_t* tmp = avb_sha256_final(&context);