| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are two different cases that are handled in digest_file_window:
a) the file to digest is memmappable (e.g. /dev/mem)
b) it isn't (e.g. files in /)
In both cases a file is digested in hunks of (up to) 4096 bytes. After
each hunk in b) the buffer that is fed to digest_update() is then
overwritten using read() to get the next hunk to digest. In case a)
however it was forgotten to step forward in the buffer and instead the
same data was handed to digest_update() again and again.
So to fix that increase buffer by the number of bytes already digested
for case a) which is characterized by flags == 0.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
|
| |
|
|
|
|
|
|
| |
Digests have dependencies and are needed for state which initializes
at device_initcall level. To make sure the digests are available
for state register them earlier, at coredevice_initcall level.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
| |
To be able to change secrets add a function to forget secrets.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In barebox we have an option for dynamic formation of the CRC32
table (DYNAMIC_CRC_TABLE), but the source code declares a static
array which is simply filled with data, the resulting code becomes
even more than without DYNAMIC_CRC_TABLE option, due to the BSS usage.
CONFIG_DYNAMIC_CRC_TABLE=n
text data bss dec hex filename
1884 0 0 1884 75c crc32.o
CONFIG_DYNAMIC_CRC_TABLE=y
text data bss dec hex filename
1066 4 1024 2094 82e crc32.o
This patch provides dynamic buffer allocation for the CRC table,
which saves about 1 Kbyte, as it should be.
CONFIG_DYNAMIC_CRC_TABLE=y
text data bss dec hex filename
1062 0 4 1066 42a crc32.o
Signed-off-by: Alexander Shiyan <shc_work@mail.ru>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
CRC32 digest can be used to check CRC32 hashes in FIT images etc.
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| | |
Signed-off-by: Du Huanpeng <u74147@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Our asprintf and vasprintf have different prototypes than the glibc
functions. This causes trouble when we want to share barebox code
with userspace code. Change the prototypes for (v)asprintf to match
the glibc prototypes. Since the current (v)asprintf are convenient
to use change the existing functions to b(v)asprintf.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
| |
We have a crc.h, so move our crc function prototypes there to further
cleanup common.h.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds the ability to control barebox over serial lines. The regular
console is designed for human input and is unsuitable for controlling
barebox from scripts since characters can be lost on both ends, the data
stream contains escape sequences and the prompt cannot be easily matched
upon.
This approach is based on the RATP protocol. RATP packages start with a
binary 0x01 which does not occur in normal console data. Whenever a
0x01 character is detected in the console barebox goes into RATP mode.
The RATP packets contain a simple structure with a command/respone
type and data for that type. Currently defined types are:
BB_RATP_TYPE_COMMAND (host->barebox):
Execute a command in the shell
BB_RATP_TYPE_COMMAND_RETURN (barebox->host)
Sends return value of the command back to the host, also means
barebox is ready for the next command
BB_RATP_TYPE_CONSOLEMSG (barebox->host)
Console message from barebox
Planned but not yet implemented are:
BB_RATP_TYPE_PING (host->barebox)
BB_RATP_TYPE_PONG (barebox->host)
For testing purposes
BB_RATP_TYPE_GETENV (host->barebox)
BB_RATP_TYPE_GETENV_RETURN (barebox->host)
Get values of environment variables
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Tested-by: Andrey Smirnov <andrew.smirnov@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Taken from U-Boot and adopted to barebox with little changes.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
|
| |/
|
|
|
|
|
|
|
|
|
| |
In barebox the function digest_alloc() allocates a digest based on a string.
When a subsystem already uses an integer value to identify a digest it makes no
sense to create a string and pass it to digest_alloc(), where it is parsed
again. This patch adds the possibility to get a digest by an enum.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a simple keystore to barebox. The keystore implements a simple
key-value store to hold arbitrary values.
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| | |
| |
| |
| |
| | |
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |/
|
|
|
|
|
| |
'crc32_no_comp', 'file_crc'
Signed-off-by: Sergey Koshechkin <serge.koshechkin@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SHA1 is meant as a boolean option which is true when sha1 support is available.
This works because the providers (DIGEST_SHA1_GENERIC and DIGEST_SHA1_ARM) have
a 'select SHA1'. However, consumers like the sha1sum command do a 'select SHA1'
to enable SHA1 support. This of course does not work; selecting SHA1 will not
select any of the SHA1 providers.
This is broken for all digest consumers. We have to explicitly select a digest
provider, that is DIGEST_*_GENERIC to enable the corresponding digest.
This means now we will always have the generic digest in the binary, even
when an optimized one is enabled. There is no sane way in Kconfig to
"select provider for feature xy", so let's live with the overhead in the binary.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
| |
The buffer is not modified by crc16, so make the argument const.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
linux arm sha256 current
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 207786 Mar 24 13:23 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux arm v4 asm implementation for sha256
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 205007 Mar 24 16:47 build/versatilpb/arch/arm/pbl/zbarebox.bin
we win 2779 bytes and speed cf code
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from Linux 3.9
linux generic implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 210829 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux arm v4 asm implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 207786 Mar 24 13:23 build/versatilpb/arch/arm/pbl/zbarebox.bin
we win 3043 bytes and speed cf code
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
current implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 211095 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux generic implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 210829 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
on a compressed lzo barebox we will 266 bytes
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
| |
As we will use the best sha algo at runtime
Add a new init level crypto_initcall to ensure that all the sha present
before hmac
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
| |
This will allow to have hw driver or asm optimised driver.
Use a priority level to determine which one to use at runtime.
The generic one will be 0.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
| |
such as RSA as we load a DER key we will detect the key size
at runtime and so the algo length.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
such as for hmac(xxx) you must provide a key
This will allow to enforce the correct parameter at digest command
<digest>sum is not impacted
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
That can be used for digest calculation and verify
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
| |
this will allow to generate a KEY + IV based on a password and salt for AES
encryption/decryption as example
or simply the key for hmac or rsa from text password
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
Combination of @init and @update and @final. This function
effectively behaves as the entire chain of operations, @init,
@update and @final issued in sequence. This is added for hardware
which cannot do even the @finup, but can only do the whole
transformation in one run.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
this will allow to compare a md with the original one
When calling this do not call final
For RSA_SIGN verification final does not exist only verify
as final will be for signing
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
| |
params
expect the key to be set before calling
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
| |
When declaring pointer data or a function that returns a pointer type, the
preferred use of '*' is adjacent to the data name or function name and not
adjacent to the type name.
Fix the remaining occurences in crypto/
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
Most string arguments for keys and filenames can be const. Change
that.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pass the key via -h param
barebox@barebox sandbox:/ sha256sum -h test /dev/fd0
c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de /dev/fd0 0x00000000 ... 0xffffffffffffffff
use the same idea as openssl command
$ openssl dgst -sha256 -hmac "test" TODO
HMAC-SHA256(TODO)= c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
the hmac algo will be registered as hmac(%s) such as hmac(sha256)
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
| |
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
| |
Now you need to call digest_alloc and when you finish to use it digest_free.
We need this for upcomming aes encryption support and secure boot
as we will need multiple instance of the same digest.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
| |
This will allow to move from a one at a time digest to a multi-instance
with too much impact on the code using it
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
with not the rest of the implementation
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
length is unsigned an thus can never be <0.
Signed-off-by: Lucas Stach <dev@lynxeye.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The FSF address has changed; The FSF site says that
address is
Free Software Foundation
51 Franklin Street, Fifth Floor
Boston, MA 02110-1301
USA
(see http://www.fsf.org/about/contact/)
Instead of updating it each time the address changes,
just drop it completely treewide.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
| |
This patch adds the crc32 command to be build
as host and optionally as target tool.
Signed-off-by: Michael Grzeschik <m.grzeschik@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
|
|
| |
This patch provides a global cleanup barebox Kconfig files. This includes
replacing spaces to tabs, formatting in accordance format, removing
extraneous lines and spaces. No functional changes.
Signed-off-by: Alexander Shiyan <shc_work@mail.ru>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
The FSF address has changed in the past. Instead of updating it
each time the address changes, just drop it completely treewide.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
| |
|
|
|
|
|
| |
This fixes a panic in sha224sum.
Signed-off-by: Krzysztof Hałasa <khc@pm.waw.pl>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
|
