SHA1 is meant as a boolean option which is true when sha1 support is available.
This works because the providers (DIGEST_SHA1_GENERIC and DIGEST_SHA1_ARM) have
a 'select SHA1'. However, consumers like the sha1sum command do a 'select SHA1'
to enable SHA1 support. This of course does not work; selecting SHA1 will not
select any of the SHA1 providers.
This is broken for all digest consumers. We have to explicitly select a digest
provider, that is DIGEST_*_GENERIC to enable the corresponding digest.
This means now we will always have the generic digest in the binary, even
when an optimized one is enabled. There is no sane way in Kconfig to
"select provider for feature xy", so let's live with the overhead in the binary.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
linux arm sha256 current
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 207786 Mar 24 13:23 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux arm v4 asm implementation for sha256
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 205007 Mar 24 16:47 build/versatilpb/arch/arm/pbl/zbarebox.bin
we win 2779 bytes and speed cf code
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
from Linux 3.9
linux generic implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 210829 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux arm v4 asm implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 207786 Mar 24 13:23 build/versatilpb/arch/arm/pbl/zbarebox.bin
we win 3043 bytes and speed cf code
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
current implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 211095 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
linux generic implementation
$ ls -al build/versatilpb/arch/arm/pbl/zbarebox.bin
-rw-r--r-- 1 root root 210829 Mar 24 13:21 build/versatilpb/arch/arm/pbl/zbarebox.bin
on a compressed lzo barebox we will 266 bytes
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
As we will use the best sha algo at runtime
Add a new init level crypto_initcall to ensure that all the sha present
before hmac
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This will allow to have hw driver or asm optimised driver.
Use a priority level to determine which one to use at runtime.
The generic one will be 0.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
such as RSA as we load a DER key we will detect the key size
at runtime and so the algo length.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
such as for hmac(xxx) you must provide a key
This will allow to enforce the correct parameter at digest command
<digest>sum is not impacted
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
That can be used for digest calculation and verify
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
this will allow to generate a KEY + IV based on a password and salt for AES
encryption/decryption as example
or simply the key for hmac or rsa from text password
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Combination of @init and @update and @final. This function
effectively behaves as the entire chain of operations, @init,
@update and @final issued in sequence. This is added for hardware
which cannot do even the @finup, but can only do the whole
transformation in one run.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
this will allow to compare a md with the original one
When calling this do not call final
For RSA_SIGN verification final does not exist only verify
as final will be for signing
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
expect the key to be set before calling
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
When declaring pointer data or a function that returns a pointer type, the
preferred use of '*' is adjacent to the data name or function name and not
adjacent to the type name.
Fix the remaining occurences in crypto/
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
pass the key via -h param
barebox@barebox sandbox:/ sha256sum -h test /dev/fd0
c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de /dev/fd0 0x00000000 ... 0xffffffffffffffff
use the same idea as openssl command
$ openssl dgst -sha256 -hmac "test" TODO
HMAC-SHA256(TODO)= c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
the hmac algo will be registered as hmac(%s) such as hmac(sha256)
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Now you need to call digest_alloc and when you finish to use it digest_free.
We need this for upcomming aes encryption support and secure boot
as we will need multiple instance of the same digest.
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This will allow to move from a one at a time digest to a multi-instance
with too much impact on the code using it
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
with not the rest of the implementation
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
The FSF address has changed; The FSF site says that
address is
Free Software Foundation
51 Franklin Street, Fifth Floor
Boston, MA 02110-1301
USA
(see http://www.fsf.org/about/contact/)
Instead of updating it each time the address changes,
just drop it completely treewide.
Signed-off-by: Antony Pavlov <antonynpavlov@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This patch adds the crc32 command to be build
as host and optionally as target tool.
Signed-off-by: Michael Grzeschik <m.grzeschik@pengutronix.de>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This patch provides a global cleanup barebox Kconfig files. This includes
replacing spaces to tabs, formatting in accordance format, removing
extraneous lines and spaces. No functional changes.
Signed-off-by: Alexander Shiyan <shc_work@mail.ru>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
The FSF address has changed in the past. Instead of updating it
each time the address changes, just drop it completely treewide.
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
This function in used by the MCI over SPI driver.
Signed-off-by: Franck Jullien <franck.jullien@gmail.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
the sha224sum is nearly the same as sha256sum except for the init of the
context and the hash length
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Sergey Koshechkin
Sascha Hauer
Marc Kleine-Budde
Jean-Christophe PLAGNIOL-VILLARD
Lucas Stach
Antony Pavlov
Michael Grzeschik
Alexander Shiyan
Krzysztof Halasa
Franck Jullien