From a3a1b708ee192d02603f615d08bfa934ed9464ea Mon Sep 17 00:00:00 2001
From: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Date: Tue, 6 Aug 2019 07:11:00 +0200
Subject: pbl: add sha256 and piggy verification to PBL

Extract the necessary functions from sha256 into a PBL headder and add a
verification function to the PBL. The function will be called before the
individual architectures decompress functions is run.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
---
 crypto/Makefile          |  2 ++
 crypto/sha2.c            | 11 +++++++----
 include/crypto/pbl-sha.h | 13 +++++++++++++
 include/pbl.h            |  2 ++
 pbl/Kconfig              |  4 ++++
 pbl/decomp.c             | 39 +++++++++++++++++++++++++++++++++++++++
 6 files changed, 67 insertions(+), 4 deletions(-)
 create mode 100644 include/crypto/pbl-sha.h

diff --git a/crypto/Makefile b/crypto/Makefile
index 3402f57255..d6fb74aad9 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -8,6 +8,8 @@ obj-$(CONFIG_DIGEST_MD5_GENERIC)	+= md5.o
 obj-$(CONFIG_DIGEST_SHA1_GENERIC)	+= sha1.o
 obj-$(CONFIG_DIGEST_SHA224_GENERIC)	+= sha2.o
 obj-$(CONFIG_DIGEST_SHA256_GENERIC)	+= sha2.o
+pbl-$(CONFIG_PBL_VERIFY_PIGGY)		+= sha2.o
+pbl-$(CONFIG_PBL_VERIFY_PIGGY)		+= digest.o
 obj-$(CONFIG_DIGEST_SHA384_GENERIC)	+= sha4.o
 obj-$(CONFIG_DIGEST_SHA512_GENERIC)	+= sha4.o
 
diff --git a/crypto/sha2.c b/crypto/sha2.c
index c62ddb8d25..3947a09f41 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -27,6 +27,7 @@
 
 #include <crypto/sha.h>
 #include <crypto/internal.h>
+#include <crypto/pbl-sha.h>
 
 static inline u32 Ch(u32 x, u32 y, u32 z)
 {
@@ -232,7 +233,7 @@ static int sha224_init(struct digest *desc)
 	return 0;
 }
 
-static int sha256_init(struct digest *desc)
+int sha256_init(struct digest *desc)
 {
 	struct sha256_state *sctx = digest_ctx(desc);
 	sctx->state[0] = SHA256_H0;
@@ -248,7 +249,7 @@ static int sha256_init(struct digest *desc)
 	return 0;
 }
 
-static int sha256_update(struct digest *desc, const void *data,
+int sha256_update(struct digest *desc, const void *data,
 				unsigned long len)
 {
 	struct sha256_state *sctx = digest_ctx(desc);
@@ -280,7 +281,7 @@ static int sha256_update(struct digest *desc, const void *data,
 	return 0;
 }
 
-static int sha256_final(struct digest *desc, u8 *out)
+int sha256_final(struct digest *desc, u8 *out)
 {
 	struct sha256_state *sctx = digest_ctx(desc);
 	__be32 *dst = (__be32 *)out;
@@ -348,7 +349,7 @@ static int sha224_digest_register(void)
 }
 device_initcall(sha224_digest_register);
 
-static struct digest_algo m256 = {
+struct digest_algo m256 = {
 	.base = {
 		.name		=	"sha256",
 		.driver_name	=	"sha256-generic",
@@ -365,6 +366,7 @@ static struct digest_algo m256 = {
 	.ctx_length	= sizeof(struct sha256_state),
 };
 
+#ifndef __PBL__
 static int sha256_digest_register(void)
 {
 	if (!IS_ENABLED(CONFIG_SHA256))
@@ -373,3 +375,4 @@ static int sha256_digest_register(void)
 	return digest_algo_register(&m256);
 }
 coredevice_initcall(sha256_digest_register);
+#endif /* __PBL__ */
diff --git a/include/crypto/pbl-sha.h b/include/crypto/pbl-sha.h
new file mode 100644
index 0000000000..7d323ab479
--- /dev/null
+++ b/include/crypto/pbl-sha.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: GPL-2.0 */
+#ifndef __PBL_SHA_H_
+
+#define __PBL_SHA_H_
+
+#include <digest.h>
+#include <types.h>
+
+int sha256_init(struct digest *desc);
+int sha256_update(struct digest *desc, const void *data, unsigned long len);
+int sha256_final(struct digest *desc, u8 *out);
+
+#endif /* __PBL-SHA_H_ */
diff --git a/include/pbl.h b/include/pbl.h
index 787bd8293f..1917a7633f 100644
--- a/include/pbl.h
+++ b/include/pbl.h
@@ -11,6 +11,8 @@ extern unsigned long free_mem_ptr;
 extern unsigned long free_mem_end_ptr;
 
 void pbl_barebox_uncompress(void *dest, void *compressed_start, unsigned int len);
+int pbl_barebox_verify(void *compressed_start, unsigned int len, void *hash,
+		       unsigned int hash_len);
 
 #ifdef __PBL__
 #define IN_PBL	1
diff --git a/pbl/Kconfig b/pbl/Kconfig
index f2250dd73b..7e6077f96d 100644
--- a/pbl/Kconfig
+++ b/pbl/Kconfig
@@ -44,6 +44,10 @@ config PBL_RELOCATABLE
 	  This option only inflluences the PBL image. See RELOCATABLE to also make
 	  the real image relocatable.
 
+config PBL_VERIFY_PIGGY
+	depends on ARM
+	bool
+
 config IMAGE_COMPRESSION
 	bool
 	depends on HAVE_IMAGE_COMPRESSION
diff --git a/pbl/decomp.c b/pbl/decomp.c
index 72a162309a..ef713a6c74 100644
--- a/pbl/decomp.c
+++ b/pbl/decomp.c
@@ -6,6 +6,10 @@
  */
 
 #include <common.h>
+#include <crypto/sha.h>
+#include <crypto/pbl-sha.h>
+#include <digest.h>
+#include <asm/sections.h>
 #include <pbl.h>
 #include <debug_ll.h>
 
@@ -54,3 +58,38 @@ void pbl_barebox_uncompress(void *dest, void *compressed_start, unsigned int len
 			NULL, NULL,
 			dest, NULL, errorfn);
 }
+
+int pbl_barebox_verify(void *compressed_start, unsigned int len, void *hash,
+		       unsigned int hash_len)
+{
+	struct sha256_state sha_state = { 0 };
+	struct digest d = { .ctx = &sha_state };
+	char computed_hash[SHA256_DIGEST_SIZE];
+	int i;
+	char *char_hash = hash;
+
+	if (hash_len != SHA256_DIGEST_SIZE)
+		return -1;
+
+	sha256_init(&d);
+	sha256_update(&d, compressed_start, len);
+	sha256_final(&d, computed_hash);
+	if (IS_ENABLED(CONFIG_DEBUG_LL)) {
+		putc_ll('C');
+		putc_ll('H');
+		putc_ll('\n');
+		for (i = 0; i < SHA256_DIGEST_SIZE; i++) {
+			puthex_ll(computed_hash[i]);
+			putc_ll('\n');
+		}
+		putc_ll('I');
+		putc_ll('H');
+		putc_ll('\n');
+		for (i = 0; i < SHA256_DIGEST_SIZE; i++) {
+			puthex_ll(char_hash[i]);
+			putc_ll('\n');
+		}
+	}
+
+	return memcmp(hash, computed_hash, SHA256_DIGEST_SIZE);
+}
-- 
cgit v1.2.3