git fetch issue
Hi All! I have a problem with git-fetch. Here is the log: antony@puro:~/barebox$ git remote show pengutronix | grep Fetch URL Fetch URL: git://git.pengutronix.de/git/barebox.git antony@puro:~/barebox$ git fetch pengutronix remote: Counting objects: 1101, done. remote: Compressing objects: 100% (199/199), done. remote: Total 771 (delta 628), reused 672 (delta 555) Receiving objects: 100% (771/771), 131.67 KiB | 0 bytes/s, done. error: index-pack died of signal 7 fatal: index-pack failed antony@puro:~/barebox$ git --version git version 2.1.4 Any comments? -- Best regards, Antony Pavlov ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH 7/8] digest: add HMAC support for md5, sha1, sha224, sha256, sha384, sha512
On 08:17 Thu 12 Mar , Sascha Hauer wrote:
On Wed, Mar 11, 2015 at 05:53:08PM +0100, Jean-Christophe PLAGNIOL-VILLARD
wrote:
the hmac algo will be registered as hmac(%s) such as hmac(sha256)
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
+static int digest_hmac_alloc(struct digest *d)
+{
+ struct digest_hmac_ctx *dh = d-ctx;
+ struct digest_hmac *hmac = to_digest_hmac(d-algo);
+
+ dh-d = digest_alloc(hmac-name);
+ if (!dh-d)
+ return -EINVAL;
+
+ dh-ipad = xmalloc(sizeof(unsigned char) * hmac-pad_length);
+ dh-opad = xmalloc(sizeof(unsigned char) * hmac-pad_length);
sizeof(unsigned char) is 1. Dropped while applying.
habit to always use sizeof but yes no diff
Best Regards,
J.
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: git fetch issue
On 03/12/2015 09:05 AM, Antony Pavlov wrote: Hi All! I have a problem with git-fetch. Here is the log: antony@puro:~/barebox$ git remote show pengutronix | grep Fetch URL Fetch URL: git://git.pengutronix.de/git/barebox.git antony@puro:~/barebox$ git fetch pengutronix remote: Counting objects: 1101, done. remote: Compressing objects: 100% (199/199), done. remote: Total 771 (delta 628), reused 672 (delta 555) Receiving objects: 100% (771/771), 131.67 KiB | 0 bytes/s, done. error: index-pack died of signal 7 fatal: index-pack failed Signal 7 is a Bus Error, maybe your local git repo is damaged or you having a hardware problem. Make a copy of your git repo (using cp or tar) and try running git fsck on it. I've just cloned from git://git.pengutronix.de/git/barebox.git using git-2.1.4 without problems. Marc -- Pengutronix e.K. | Marc Kleine-Budde | Industrial Linux Solutions| Phone: +49-231-2826-924 | Vertretung West/Dortmund | Fax: +49-5121-206917- | Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de | signature.asc Description: OpenPGP digital signature ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: git fetch issue
Hi Antony, On Thu, Mar 12, 2015 at 12:05:41PM +0400, Antony Pavlov wrote: Hi All! I have a problem with git-fetch. Here is the log: antony@puro:~/barebox$ git remote show pengutronix | grep Fetch URL Fetch URL: git://git.pengutronix.de/git/barebox.git antony@puro:~/barebox$ git fetch pengutronix remote: Counting objects: 1101, done. remote: Compressing objects: 100% (199/199), done. remote: Total 771 (delta 628), reused 672 (delta 555) Receiving objects: 100% (771/771), 131.67 KiB | 0 bytes/s, done. error: index-pack died of signal 7 fatal: index-pack failed Just tried at home, it works. antony@puro:~/barebox$ git --version git version 2.1.4 I have git 2.1.0 though. Does this always happen when you try again? Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: git fetch issue
On 12:05 Thu 12 Mar , Antony Pavlov wrote: Hi All! I have a problem with git-fetch. Here is the log: antony@puro:~/barebox$ git remote show pengutronix | grep Fetch URL Fetch URL: git://git.pengutronix.de/git/barebox.git antony@puro:~/barebox$ git fetch pengutronix remote: Counting objects: 1101, done. remote: Compressing objects: 100% (199/199), done. remote: Total 771 (delta 628), reused 672 (delta 555) Receiving objects: 100% (771/771), 131.67 KiB | 0 bytes/s, done. error: index-pack died of signal 7 fatal: index-pack failed antony@puro:~/barebox$ git --version git version 2.1.4 Any comments? no issue here same version Best Regards, J. -- Best regards, Antony Pavlov ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH] ARM: phytec-som-am335x: Remove bootargs-ip from boot scripts
We do not pass the ip to kernel any more. So remove adding it to bootargs when booting from nand, mmc or spi nor. Signed-off-by: Teresa Gámez t.ga...@phytec.de --- arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/mmc | 2 -- arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/nand | 2 -- arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/spi | 2 -- 3 files changed, 6 deletions(-) diff --git a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/mmc b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/mmc index 670afc7..834669d 100644 --- a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/mmc +++ b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/mmc @@ -3,6 +3,4 @@ global.bootm.image=/boot/linuximage global.bootm.oftree=/boot/oftree -bootargs-ip - global.linux.bootargs.dyn.root=root=/dev/mmcblk0p2 rw rootwait diff --git a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/nand b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/nand index c6e49be..b9b1bc6 100644 --- a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/nand +++ b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/nand @@ -3,6 +3,4 @@ global.bootm.image=/dev/nand0.kernel.bb global.bootm.oftree=/dev/nand0.oftree.bb -bootargs-ip - global.linux.bootargs.dyn.root=root=ubi0:root ubi.mtd=root rw rootfstype=ubifs diff --git a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/spi b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/spi index 43a89fe..71c5834 100644 --- a/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/spi +++ b/arch/arm/boards/phytec-som-am335x/defaultenv-physom-am335x/boot/spi @@ -3,7 +3,5 @@ global.bootm.image=/dev/m25p0.kernel global.bootm.oftree=/dev/m25p0.oftree -bootargs-ip - # Use rootfs from NAND global.linux.bootargs.dyn.root=root=ubi0:root ubi.mtd=nand0.root rw rootfstype=ubifs -- 1.9.1 ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 1/1] gitignore: only ignore include/config.h
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com --- include/.gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/.gitignore b/include/.gitignore index 0e56cf2..18e58a7 100644 --- a/include/.gitignore +++ b/include/.gitignore @@ -1 +1 @@ -config.h +/config.h -- 2.1.4 ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 8/8] command: add hmac sum supportfor md5, sha1, sha224, sha256, sha384, sha512
pass the key via -h param
barebox@barebox sandbox:/ sha256sum -h test /dev/fd0
c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de /dev/fd0
0x ... 0x
use the same idea as openssl command
$ openssl dgst -sha256 -hmac test TODO
HMAC-SHA256(TODO)=
c297473e9bb221c5dc51d47ad75c76095f1bdc4ca9dff1d5931c2e22bf11a0de
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
commands/digest.c | 34 +-
crypto/digest.c | 10 --
include/digest.h | 3 +++
3 files changed, 40 insertions(+), 7 deletions(-)
diff --git a/commands/digest.c b/commands/digest.c
index 20fa13f..701e6a1 100644
--- a/commands/digest.c
+++ b/commands/digest.c
@@ -25,6 +25,7 @@
#include xfuncs.h
#include malloc.h
#include digest.h
+#include getopt.h
static int do_digest(char *algorithm, int argc, char *argv[])
{
@@ -32,11 +33,32 @@ static int do_digest(char *algorithm, int argc, char
*argv[])
int ret = 0;
int i;
unsigned char *hash;
+ unsigned char *key = NULL;
+ size_t keylen = 0;
+ int opt;
+
+ while((opt = getopt(argc, argv, h:)) 0) {
+ switch(opt) {
+ case 'h':
+ key = optarg;
+ keylen = strlen(key);
+ break;
+ }
+ }
- d = digest_alloc(algorithm);
+ argc -= optind;
+ argv += optind;
+
+ if (key) {
+ char *tmp = asprintf(hmac(%s), algorithm);
+ d = digest_alloc(tmp);
+ free(tmp);
+ } else {
+ d = digest_alloc(algorithm);
+ }
BUG_ON(!d);
- if (argc 2)
+ if (argc 1)
return COMMAND_ERROR_USAGE;
hash = calloc(digest_length(d), sizeof(unsigned char));
@@ -45,7 +67,6 @@ static int do_digest(char *algorithm, int argc, char *argv[])
return COMMAND_ERROR_USAGE;
}
- argv++;
while (*argv) {
char *filename = /dev/mem;
loff_t start = 0, size = ~0;
@@ -53,11 +74,14 @@ static int do_digest(char *algorithm, int argc, char
*argv[])
/* arguments are either file, file+area or area */
if (parse_area_spec(*argv, start, size)) {
filename = *argv;
- if (argv[1] !parse_area_spec(argv[1], start, size))
+ if (argv[0] !parse_area_spec(argv[0], start, size))
argv++;
}
- if (digest_file_window(d, filename, hash, start, size) 0) {
+ ret = digest_file_window(d, filename,
+key, keylen,
+hash, start, size);
+ if (ret 0) {
ret = 1;
} else {
for (i = 0; i digest_length(d); i++)
diff --git a/crypto/digest.c b/crypto/digest.c
index 65224bd..2f2039c 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -116,6 +116,7 @@ void digest_free(struct digest *d)
EXPORT_SYMBOL_GPL(digest_free);
int digest_file_window(struct digest *d, char *filename,
+ unsigned char *key, size_t keylen,
unsigned char *hash,
ulong start, ulong size)
{
@@ -124,6 +125,9 @@ int digest_file_window(struct digest *d, char *filename,
unsigned char *buf;
int flags = 0;
+ if (key)
+ digest_set_key(d, key, keylen);
+
digest_init(d);
fd = open(filename, O_RDONLY);
@@ -186,6 +190,7 @@ out:
EXPORT_SYMBOL_GPL(digest_file_window);
int digest_file(struct digest *d, char *filename,
+ unsigned char *key, size_t keylen,
unsigned char *hash)
{
struct stat st;
@@ -196,11 +201,12 @@ int digest_file(struct digest *d, char *filename,
if (ret 0)
return ret;
- return digest_file_window(d, filename, hash, 0, st.st_size);
+ return digest_file_window(d, filename, key, keylen, hash, 0,
st.st_size);
}
EXPORT_SYMBOL_GPL(digest_file);
int digest_file_by_name(char *algo, char *filename,
+ unsigned char *key, size_t keylen,
unsigned char *hash)
{
struct digest *d;
@@ -210,7 +216,7 @@ int digest_file_by_name(char *algo, char *filename,
if (!d)
return -EIO;
- ret = digest_file(d, filename, hash);
+ ret = digest_file(d, filename, key, keylen, hash);
digest_free(d);
return ret;
}
diff --git a/include/digest.h b/include/digest.h
index a26848c..fd47a7e 100644
--- a/include/digest.h
+++ b/include/digest.h
@@ -54,11 +54,14 @@ struct digest *digest_alloc(char* name);
void digest_free(struct digest *d);
int digest_file_window(struct digest *d, char *filename,
+ unsigned char
Re: git fetch issue
On Thu, 12 Mar 2015 09:09:38 +0100 Marc Kleine-Budde m...@pengutronix.de wrote: On 03/12/2015 09:05 AM, Antony Pavlov wrote: Hi All! I have a problem with git-fetch. Here is the log: antony@puro:~/barebox$ git remote show pengutronix | grep Fetch URL Fetch URL: git://git.pengutronix.de/git/barebox.git antony@puro:~/barebox$ git fetch pengutronix remote: Counting objects: 1101, done. remote: Compressing objects: 100% (199/199), done. remote: Total 771 (delta 628), reused 672 (delta 555) Receiving objects: 100% (771/771), 131.67 KiB | 0 bytes/s, done. error: index-pack died of signal 7 fatal: index-pack failed Signal 7 is a Bus Error, maybe your local git repo is damaged or you having a hardware problem. Make a copy of your git repo (using cp or tar) and try running git fsck on it. I've just cloned from git://git.pengutronix.de/git/barebox.git using git-2.1.4 without problems. It looks like my local repo is damaged (git fsck exits with a bus error message). I suppose that the problem is likely due to my laptop yesterday emergency power off. I have just re-cloned barebox.git from pengutronix. This new copy has no bus error problem. I'm very sorry for a false alarm. -- Best regards, Antony Pavlov ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 1/2] digest: fix and add missing copyright
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com --- crypto/hmac.c | 6 ++ crypto/internal.h | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/crypto/hmac.c b/crypto/hmac.c index b04dff1..8d07a61 100644 --- a/crypto/hmac.c +++ b/crypto/hmac.c @@ -1,3 +1,9 @@ +/* + * (C) Copyright 2015 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com + * + * GPL v2 only + */ + #include common.h #include digest.h #include malloc.h diff --git a/crypto/internal.h b/crypto/internal.h index b6a8df0..cc409d8 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -1,5 +1,5 @@ /* - * (C) Copyright 215 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com + * (C) Copyright 2015 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com * * GPL v2 only */ -- 2.1.4 ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH] clk: clk-divider: fix _get_maxdiv for table based divider
The divider lacks the code for calculating the maximum divider for table
based dividers. Add it.
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
drivers/clk/clk-divider.c | 13 +
1 file changed, 13 insertions(+)
diff --git a/drivers/clk/clk-divider.c b/drivers/clk/clk-divider.c
index 646e5b0..791e10e 100644
--- a/drivers/clk/clk-divider.c
+++ b/drivers/clk/clk-divider.c
@@ -23,12 +23,25 @@
#define div_mask(d)((1 ((d)-width)) - 1)
+static unsigned int _get_table_maxdiv(const struct clk_div_table *table)
+{
+ unsigned int maxdiv = 0;
+ const struct clk_div_table *clkt;
+
+ for (clkt = table; clkt-div; clkt++)
+ if (clkt-div maxdiv)
+ maxdiv = clkt-div;
+ return maxdiv;
+}
+
static unsigned int _get_maxdiv(struct clk_divider *divider)
{
if (divider-flags CLK_DIVIDER_ONE_BASED)
return div_mask(divider);
if (divider-flags CLK_DIVIDER_POWER_OF_TWO)
return 1 div_mask(divider);
+ if (divider-table)
+ return _get_table_maxdiv(divider-table);
return div_mask(divider) + 1;
}
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 7/7] command: add generic digest command
That can be used for digest calculation and verify
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
commands/Kconfig| 12 +++-
commands/Makefile | 1 +
commands/digest.c | 195
commands/hashsum.c | 68 --
commands/internal.h | 3 +
common/password.c | 43 +---
crypto/digest.c | 92 +++--
include/digest.h| 13 +++-
8 files changed, 322 insertions(+), 105 deletions(-)
create mode 100644 commands/digest.c
create mode 100644 commands/internal.h
diff --git a/commands/Kconfig b/commands/Kconfig
index 7e3e8b7..847ff76 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -14,7 +14,7 @@ if COMMAND_SUPPORT
config COMPILE_HASH
tristate
- select DIGEST
+ select CMD_DIGEST
help
Turns on compilation of digest.c
@@ -842,6 +842,16 @@ config CMD_CMP
Returns successfully if the two files are the same, return with an
error if not
+config CMD_DIGEST
+ tristate
+ select DIGEST
+ prompt digest
+ help
+ Usage: digest -a algo [-k key | -K file] [-s sig | -S file]
FILE|AREA
+
+ Calculate a digest over a FILE or a memory area with the possibility
+ to checkit.
+
config CMD_DIRNAME
tristate
prompt dirname
diff --git a/commands/Makefile b/commands/Makefile
index e42662f..b902f58 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -1,4 +1,5 @@
obj-$(CONFIG_STDDEV) += stddev.o
+obj-$(CONFIG_CMD_DIGEST) += digest.o
obj-$(CONFIG_COMPILE_HASH) += hashsum.o
obj-$(CONFIG_COMPILE_MEMORY) += mem.o
obj-$(CONFIG_CMD_BOOTM)+= bootm.o
diff --git a/commands/digest.c b/commands/digest.c
new file mode 100644
index 000..e9b4e66
--- /dev/null
+++ b/commands/digest.c
@@ -0,0 +1,195 @@
+/*
+ * Copyright (c) 2015 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
+ *
+ * GPLv2 ONLY
+ */
+
+#include common.h
+#include command.h
+#include fs.h
+#include fcntl.h
+#include errno.h
+#include xfuncs.h
+#include malloc.h
+#include digest.h
+#include getopt.h
+#include libfile.h
+
+#include internal.h
+
+int __do_digest(struct digest *d, unsigned char *key, int keylen,
+ unsigned char *sig,
+ int argc, char *argv[])
+{
+ int ret = 0;
+ int i;
+ unsigned char *hash;
+
+ if (argc 1)
+ return COMMAND_ERROR_USAGE;
+
+ hash = calloc(digest_length(d), sizeof(unsigned char));
+ if (!hash) {
+ perror(calloc);
+ return COMMAND_ERROR_USAGE;
+ }
+
+ while (*argv) {
+ char *filename = /dev/mem;
+ loff_t start = 0, size = ~0;
+
+ /* arguments are either file, file+area or area */
+ if (parse_area_spec(*argv, start, size)) {
+ filename = *argv;
+ if (argv[1] !parse_area_spec(argv[1], start, size))
+ argv++;
+ }
+
+ ret = digest_file_window(d, filename,
+key, keylen,
+hash, sig, start, size);
+ if (ret 0) {
+ ret = 1;
+ } else {
+ if (!sig) {
+ for (i = 0; i digest_length(d); i++)
+ printf(%02x, hash[i]);
+
+ printf( %s\t0x%08llx ... 0x%08llx\n,
+ filename, start, start + size);
+ }
+ }
+
+ argv++;
+ }
+
+ free(hash);
+ digest_free(d);
+
+ return ret;
+}
+
+static void __prints_algo(void)
+{
+ puts(available algo:\n\n);
+ digest_algo_prints(\t);
+}
+
+static int do_digest(int argc, char *argv[])
+{
+ struct digest *d;
+ unsigned char *tmp_key = NULL;
+ unsigned char *tmp_sig = NULL;
+ char *sig = NULL;
+ char *sigfile = NULL;
+ size_t siglen = 0;
+ char *key = NULL;
+ char *keyfile = NULL;
+ size_t keylen = 0;
+ size_t digestlen = 0;
+ char *algo = NULL;
+ int opt, ret;
+
+ if (argc 2) {
+ __prints_algo();
+ return 0;
+ }
+
+ while((opt = getopt(argc, argv, a:k:K:s:S:)) 0) {
+ switch(opt) {
+ case 'k':
+ key = optarg;
+ keylen = strlen(key);
+ break;
+ case 'K':
+ keyfile = optarg;
+ break;
+ case 'a':
+ algo = optarg;
+ break;
+ case 's':
+ sig = optarg;
+ siglen = strlen(sig);
+
[PATCH 6/7] command: rename digest.c to hashsum.c
as I'll add a new generic command named digest
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
commands/Kconfig | 14 +++---
commands/Makefile| 2 +-
commands/{digest.c = hashsum.c} | 0
3 files changed, 8 insertions(+), 8 deletions(-)
rename commands/{digest.c = hashsum.c} (100%)
diff --git a/commands/Kconfig b/commands/Kconfig
index 286e9ce..7e3e8b7 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -12,7 +12,7 @@ config HAS_POWEROFF
if COMMAND_SUPPORT
-config COMPILE_DIGEST
+config COMPILE_HASH
tristate
select DIGEST
help
@@ -917,7 +917,7 @@ config CMD_LS
config CMD_MD5SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select MD5
prompt md5sum
help
@@ -982,7 +982,7 @@ config CMD_RMDIR
config CMD_SHA1SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select SHA1
prompt sha1sum
help
@@ -994,7 +994,7 @@ config CMD_SHA1SUM
config CMD_SHA224SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select SHA224
prompt sha224sum
help
@@ -1006,7 +1006,7 @@ config CMD_SHA224SUM
config CMD_SHA256SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select SHA256
prompt sha256sum
help
@@ -1018,7 +1018,7 @@ config CMD_SHA256SUM
config CMD_SHA384SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select SHA384
prompt sha384sum
help
@@ -1030,7 +1030,7 @@ config CMD_SHA384SUM
config CMD_SHA512SUM
tristate
- select COMPILE_DIGEST
+ select COMPILE_HASH
select SHA512
prompt sha512sum
help
diff --git a/commands/Makefile b/commands/Makefile
index 7344e01..e42662f 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -1,5 +1,5 @@
obj-$(CONFIG_STDDEV) += stddev.o
-obj-$(CONFIG_COMPILE_DIGEST) += digest.o
+obj-$(CONFIG_COMPILE_HASH) += hashsum.o
obj-$(CONFIG_COMPILE_MEMORY) += mem.o
obj-$(CONFIG_CMD_BOOTM)+= bootm.o
obj-$(CONFIG_CMD_UIMAGE) += uimage.o
diff --git a/commands/digest.c b/commands/hashsum.c
similarity index 100%
rename from commands/digest.c
rename to commands/hashsum.c
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 2/7] digest: hmac: fix set_key prototype
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
crypto/hmac.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 8d07a61..1462730 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -57,7 +57,8 @@ static void digest_hmac_free(struct digest *d)
digest_free(dh-d);
}
-static int digest_hmac_set_key(struct digest *d, unsigned char *key, unsigned
int len)
+static int digest_hmac_set_key(struct digest *d, const unsigned char *key,
+ unsigned int len)
{
struct digest_hmac_ctx *dh = d-ctx;
struct digest_hmac *hmac = to_digest_hmac(d-algo);
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[RFC] digest: Add enum
From: Sascha Hauer s.ha...@pengutronix.de
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
This is also needed as the first patch for the FIT support series. It seems
I can't count to 5.
common/digest.c | 12
crypto/md5.c | 1 +
crypto/sha1.c| 1 +
crypto/sha2.c| 2 ++
include/digest.h | 24
5 files changed, 40 insertions(+)
diff --git a/common/digest.c b/common/digest.c
index ae414ba5d599..51be2ca4148b 100644
--- a/common/digest.c
+++ b/common/digest.c
@@ -75,6 +75,18 @@ struct digest* digest_get_by_name(char* name)
}
EXPORT_SYMBOL_GPL(digest_get_by_name);
+struct digest *digest_get(enum hash_algo algo)
+{
+ struct digest* d;
+
+ list_for_each_entry(d, digests, list)
+ if (d-algo == algo)
+ return d;
+ return NULL;
+
+}
+EXPORT_SYMBOL_GPL(digest_get);
+
int digest_file_window(struct digest *d, char *filename,
unsigned char *hash,
ulong start, ulong size)
diff --git a/crypto/md5.c b/crypto/md5.c
index 6c4ca1dd59b8..87728338708e 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -305,6 +305,7 @@ static struct md5 m = {
.update = digest_md5_update,
.final = digest_md5_final,
.length = 16,
+ .algo = HASH_ALGO_MD5,
}
};
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 58d14a8b3f39..29fcdbae59a7 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -326,6 +326,7 @@ static struct sha1 m = {
.update = digest_sha1_update,
.final = digest_sha1_final,
.length = SHA1_SUM_LEN,
+ .algo = HASH_ALGO_SHA1,
}
};
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 00a1af3419c6..72d43015687c 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -316,6 +316,7 @@ static struct sha2 m224 = {
.update = digest_sha2_update,
.final = digest_sha2_final,
.length = SHA224_SUM_LEN,
+ .algo = HASH_ALGO_SHA224,
}
};
#endif
@@ -337,6 +338,7 @@ static struct sha2 m256 = {
.update = digest_sha2_update,
.final = digest_sha2_final,
.length = SHA256_SUM_LEN,
+ .algo = HASH_ALGO_SHA256,
}
};
#endif
diff --git a/include/digest.h b/include/digest.h
index 8563c10128fe..62f6248d0768 100644
--- a/include/digest.h
+++ b/include/digest.h
@@ -21,6 +21,27 @@
#include linux/list.h
+enum hash_algo {
+ HASH_ALGO_MD4,
+ HASH_ALGO_MD5,
+ HASH_ALGO_SHA1,
+ HASH_ALGO_RIPE_MD_160,
+ HASH_ALGO_SHA256,
+ HASH_ALGO_SHA384,
+ HASH_ALGO_SHA512,
+ HASH_ALGO_SHA224,
+ HASH_ALGO_RIPE_MD_128,
+ HASH_ALGO_RIPE_MD_256,
+ HASH_ALGO_RIPE_MD_320,
+ HASH_ALGO_WP_256,
+ HASH_ALGO_WP_384,
+ HASH_ALGO_WP_512,
+ HASH_ALGO_TGR_128,
+ HASH_ALGO_TGR_160,
+ HASH_ALGO_TGR_192,
+ HASH_ALGO__LAST
+};
+
struct digest
{
char *name;
@@ -31,6 +52,8 @@ struct digest
unsigned int length;
+ enum hash_algo algo;
+
struct list_head list;
};
@@ -41,6 +64,7 @@ int digest_register(struct digest *d);
void digest_unregister(struct digest *d);
struct digest* digest_get_by_name(char* name);
+struct digest *digest_get(enum hash_algo);
int digest_file_window(struct digest *d, char *filename,
unsigned char *hash,
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 0/7] prepare for rsa support
Hi, The following patch series prepare for the adding of the rsa digest support This will allow to verify a rsa signature of a file Introduction of a new command digest to handle the digest and check include also some fix The next patch series will add RSA and keystore support The following changes since commit 01b0fd707ebede1303f7471adca41ebee06d2ac7: Merge branch 'for-next/state' into next (2015-03-12 08:29:17 +0100) are available in the git repository at: git://git.jcrosoft.org/barebox.git delivery/digest for you to fetch changes up to 1807649fab2109a962415e1ba5651d9d7c385e08: command: add generic digest command (2015-03-12 16:34:23 +0800) Jean-Christophe PLAGNIOL-VILLARD (7): digest: fix and add missing copyright digest: hmac: fix set_key prototype crypto: add pbkdf2 hmac key generator digest: add verify callback digest: allow algo to specify their length at runtime command: rename digest.c to hashsum.c command: add generic digest command commands/Kconfig| 26 +++- commands/Makefile | 3 +- commands/digest.c | 270 +++--- commands/hashsum.c | 187 commands/internal.h | 3 ++ common/password.c | 43 +- crypto/Kconfig | 5 +++ crypto/Makefile | 2 ++ crypto/digest.c | 113 crypto/hmac.c | 10 +- crypto/internal.h | 4 ++- crypto/md5.c| 1 + crypto/pbkdf2.c | 79 crypto/sha1.c | 1 + crypto/sha2.c | 2 ++ crypto/sha4.c | 2 ++ include/crypto/pbkdf2.h | 23 ++ include/digest.h| 22 -- 18 files changed, 583 insertions(+), 213 deletions(-) create mode 100644 commands/hashsum.c create mode 100644 commands/internal.h create mode 100644 crypto/pbkdf2.c create mode 100644 include/crypto/pbkdf2.h Best Regards, J. ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 3/7] crypto: add pbkdf2 hmac key generator
this will allow to generate a KEY + IV based on a password and salt for AES
encryption/decryption as example
or simply the key for hmac or rsa from text password
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
crypto/Kconfig | 5
crypto/Makefile | 2 ++
crypto/pbkdf2.c | 79 +
include/crypto/pbkdf2.h | 23 ++
4 files changed, 109 insertions(+)
create mode 100644 crypto/pbkdf2.c
create mode 100644 include/crypto/pbkdf2.h
diff --git a/crypto/Kconfig b/crypto/Kconfig
index e72b91e..b721e30 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -34,3 +34,8 @@ config DIGEST_HMAC
bool HMAC
endif
+
+config CRYPTO_PBKDF2
+ select DIGEST
+ select SHA1
+ bool
diff --git a/crypto/Makefile b/crypto/Makefile
index ff5c289..0bb67d5 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -9,3 +9,5 @@ obj-$(CONFIG_SHA224)+= sha2.o
obj-$(CONFIG_SHA256) += sha2.o
obj-$(CONFIG_SHA384) += sha4.o
obj-$(CONFIG_SHA512) += sha4.o
+
+obj-$(CONFIG_CRYPTO_PBKDF2)+= pbkdf2.o
diff --git a/crypto/pbkdf2.c b/crypto/pbkdf2.c
new file mode 100644
index 000..7b94de9
--- /dev/null
+++ b/crypto/pbkdf2.c
@@ -0,0 +1,79 @@
+/*
+ * (C) Copyright 2015 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
+ *
+ * Under GPLv2 Only
+ */
+
+#include common.h
+#include malloc.h
+#include errno.h
+#include crypto/pbkdf2.h
+
+int pkcs5_pbkdf2_hmac(struct digest* d,
+ const unsigned char *pwd, size_t pwd_len,
+ const unsigned char *salt, size_t salt_len,
+ uint32_t iteration,
+ uint32_t key_len, unsigned char *key)
+{
+ int i, j, k;
+ unsigned char cnt[4];
+ uint32_t pass_len;
+ unsigned char *tmpdgt;
+ uint32_t d_len;
+
+ if (!d)
+ return -EINVAL;
+
+ tmpdgt = malloc(digest_length(d));
+ if (!tmpdgt)
+ return -ENOMEM;
+
+ d_len = digest_length(d);
+ i = 1;
+
+ while (key_len) {
+ pass_len = min(key_len, d_len);
+ cnt[0] = (i 24) 0xff;
+ cnt[1] = (i 16) 0xff;
+ cnt[2] = (i 8) 0xff;
+ cnt[3] = i 0xff;
+ digest_hmac_init(d, pwd, pwd_len);
+ digest_hmac_update(d, salt, salt_len);
+ digest_hmac_update(d, cnt, 4);
+ digest_hmac_final(d, tmpdgt);
+
+ memcpy(key, tmpdgt, pass_len);
+
+ for (j = 1; j iteration; j++) {
+ digest_hmac_init(d, pwd, pwd_len);
+ digest_hmac_update(d, tmpdgt, d_len);
+ digest_hmac_final(d, tmpdgt);
+
+ for(k = 0; k pass_len; k++)
+ key[k] ^= tmpdgt[k];
+ }
+
+ key_len -= pass_len;
+ key += pass_len;
+ i++;
+ }
+
+ free(tmpdgt);
+
+ return 0;
+}
+
+int pkcs5_pbkdf2_hmac_sha1(const unsigned char *pwd, size_t pwd_len,
+ const unsigned char *salt, size_t salt_len,
+ uint32_t iter,
+ uint32_t key_len, unsigned char *key)
+{
+ int ret;
+ struct digest* d = digest_alloc(sha1);
+
+ ret = pkcs5_pbkdf2_hmac(d, pwd, pwd_len, salt, salt_len, iter,
+key_len, key);
+
+ digest_free(d);
+ return ret;
+}
diff --git a/include/crypto/pbkdf2.h b/include/crypto/pbkdf2.h
new file mode 100644
index 000..fa66675
--- /dev/null
+++ b/include/crypto/pbkdf2.h
@@ -0,0 +1,23 @@
+/*
+ * (C) Copyright 2015 Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
+ *
+ * Under GPLv2 Only
+ */
+
+#ifndef __PBKDF2_H__
+#define __PBKDF2_H__
+
+#include digest.h
+
+int pkcs5_pbkdf2_hmac_sha1(const unsigned char *pwd, size_t pwd_len,
+ const unsigned char *salt, size_t salt_len,
+ uint32_t iteration,
+ uint32_t key_len, unsigned char *buf);
+
+int pkcs5_pbkdf2_hmac(struct digest* d,
+ const unsigned char *pwd, size_t pwd_len,
+ const unsigned char *salt, size_t salt_len,
+ uint32_t iteration,
+ uint32_t key_len, unsigned char *key);
+
+#endif /* __PBKDF2_H__ */
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[RFC 2/4] Add rsa support
From: Sascha Hauer s.ha...@pengutronix.de
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
crypto/Kconfig | 3 +
crypto/Makefile | 1 +
crypto/rsa.c| 411
include/asm-generic/errno.h | 5 +
include/rsa.h | 54 ++
5 files changed, 474 insertions(+)
create mode 100644 crypto/rsa.c
create mode 100644 include/rsa.h
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 4bd8dcf359f8..fa9ba491b79b 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -25,3 +25,6 @@ config SHA256
bool SHA256
endif
+
+config RSA
+ bool
diff --git a/crypto/Makefile b/crypto/Makefile
index 7c5b035b73de..44be124aa368 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -5,3 +5,4 @@ obj-$(CONFIG_MD5) += md5.o
obj-$(CONFIG_SHA1) += sha1.o
obj-$(CONFIG_SHA224) += sha2.o
obj-$(CONFIG_SHA256) += sha2.o
+obj-$(CONFIG_RSA) += rsa.o
diff --git a/crypto/rsa.c b/crypto/rsa.c
new file mode 100644
index ..6a0c7b8a15cc
--- /dev/null
+++ b/crypto/rsa.c
@@ -0,0 +1,411 @@
+/*
+ * Copyright (c) 2013, Google Inc.
+ *
+ * SPDX-License-Identifier:GPL-2.0+
+ */
+
+#include common.h
+#include malloc.h
+#include of.h
+#include digest.h
+#include asm/types.h
+#include asm/byteorder.h
+#include errno.h
+#include rsa.h
+#include asm/types.h
+#include asm/unaligned.h
+
+#define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby)))
+
+#define get_unaligned_be32(a) fdt32_to_cpu(*(uint32_t *)a)
+#define put_unaligned_be32(a, b) (*(uint32_t *)(b) = cpu_to_fdt32(a))
+
+/* Default public exponent for backward compatibility */
+#define RSA_DEFAULT_PUBEXP 65537
+
+/* This is the minimum/maximum key size we support, in bits */
+#define RSA_MIN_KEY_BITS 1024
+#define RSA_MAX_KEY_BITS 4096
+
+/**
+ * subtract_modulus() - subtract modulus from the given value
+ *
+ * @key: Key containing modulus to subtract
+ * @num: Number to subtract modulus from, as little endian word array
+ */
+static void subtract_modulus(const struct rsa_public_key *key, uint32_t num[])
+{
+ int64_t acc = 0;
+ uint i;
+
+ for (i = 0; i key-len; i++) {
+ acc += (uint64_t)num[i] - key-modulus[i];
+ num[i] = (uint32_t)acc;
+ acc = 32;
+ }
+}
+
+/**
+ * greater_equal_modulus() - check if a value is = modulus
+ *
+ * @key: Key containing modulus to check
+ * @num: Number to check against modulus, as little endian word array
+ * @return 0 if num modulus, 1 if num = modulus
+ */
+static int greater_equal_modulus(const struct rsa_public_key *key,
+uint32_t num[])
+{
+ int i;
+
+ for (i = (int)key-len - 1; i = 0; i--) {
+ if (num[i] key-modulus[i])
+ return 0;
+ if (num[i] key-modulus[i])
+ return 1;
+ }
+
+ return 1; /* equal */
+}
+
+/**
+ * montgomery_mul_add_step() - Perform montgomery multiply-add step
+ *
+ * Operation: montgomery result[] += a * b[] / n0inv % modulus
+ *
+ * @key: RSA key
+ * @result:Place to put result, as little endian word array
+ * @a: Multiplier
+ * @b: Multiplicand, as little endian word array
+ */
+static void montgomery_mul_add_step(const struct rsa_public_key *key,
+ uint32_t result[], const uint32_t a, const uint32_t b[])
+{
+ uint64_t acc_a, acc_b;
+ uint32_t d0;
+ uint i;
+
+ acc_a = (uint64_t)a * b[0] + result[0];
+ d0 = (uint32_t)acc_a * key-n0inv;
+ acc_b = (uint64_t)d0 * key-modulus[0] + (uint32_t)acc_a;
+ for (i = 1; i key-len; i++) {
+ acc_a = (acc_a 32) + (uint64_t)a * b[i] + result[i];
+ acc_b = (acc_b 32) + (uint64_t)d0 * key-modulus[i] +
+ (uint32_t)acc_a;
+ result[i - 1] = (uint32_t)acc_b;
+ }
+
+ acc_a = (acc_a 32) + (acc_b 32);
+
+ result[i - 1] = (uint32_t)acc_a;
+
+ if (acc_a 32)
+ subtract_modulus(key, result);
+}
+
+/**
+ * montgomery_mul() - Perform montgomery mutitply
+ *
+ * Operation: montgomery result[] = a[] * b[] / n0inv % modulus
+ *
+ * @key: RSA key
+ * @result:Place to put result, as little endian word array
+ * @a: Multiplier, as little endian word array
+ * @b: Multiplicand, as little endian word array
+ */
+static void montgomery_mul(const struct rsa_public_key *key,
+ uint32_t result[], uint32_t a[], const uint32_t b[])
+{
+ uint i;
+
+ for (i = 0; i key-len; ++i)
+ result[i] = 0;
+ for (i = 0; i key-len; ++i)
+ montgomery_mul_add_step(key, result, a[i], b);
+}
+
+/**
+ * num_pub_exponent_bits() - Number of bits in the public exponent
+ *
+ * @key: RSA key
+ * @num_bits: Storage for the number of public exponent bits
+ */
+static int
[RFC 1/4] digest: Make filename arguments const
From: Sascha Hauer s.ha...@pengutronix.de
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
common/digest.c | 8
include/digest.h | 8
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/common/digest.c b/common/digest.c
index 51be2ca4148b..7187b0f23d81 100644
--- a/common/digest.c
+++ b/common/digest.c
@@ -59,7 +59,7 @@ void digest_unregister(struct digest *d)
}
EXPORT_SYMBOL(digest_unregister);
-struct digest* digest_get_by_name(char* name)
+struct digest* digest_get_by_name(const char *name)
{
struct digest* d;
@@ -87,7 +87,7 @@ struct digest *digest_get(enum hash_algo algo)
}
EXPORT_SYMBOL_GPL(digest_get);
-int digest_file_window(struct digest *d, char *filename,
+int digest_file_window(struct digest *d, const char *filename,
unsigned char *hash,
ulong start, ulong size)
{
@@ -157,7 +157,7 @@ out:
}
EXPORT_SYMBOL_GPL(digest_file_window);
-int digest_file(struct digest *d, char *filename,
+int digest_file(struct digest *d, const char *filename,
unsigned char *hash)
{
struct stat st;
@@ -172,7 +172,7 @@ int digest_file(struct digest *d, char *filename,
}
EXPORT_SYMBOL_GPL(digest_file);
-int digest_file_by_name(char *algo, char *filename,
+int digest_file_by_name(char *algo, const char *filename,
unsigned char *hash)
{
struct digest *d;
diff --git a/include/digest.h b/include/digest.h
index 62f6248d0768..4727c72efc55 100644
--- a/include/digest.h
+++ b/include/digest.h
@@ -63,15 +63,15 @@ struct digest
int digest_register(struct digest *d);
void digest_unregister(struct digest *d);
-struct digest* digest_get_by_name(char* name);
+struct digest* digest_get_by_name(const char *name);
struct digest *digest_get(enum hash_algo);
-int digest_file_window(struct digest *d, char *filename,
+int digest_file_window(struct digest *d, const char *filename,
unsigned char *hash,
ulong start, ulong size);
-int digest_file(struct digest *d, char *filename,
+int digest_file(struct digest *d, const char *filename,
unsigned char *hash);
-int digest_file_by_name(char *algo, char *filename,
+int digest_file_by_name(char *algo, const char *filename,
unsigned char *hash);
#endif /* __SH_ST_DEVICES_H__ */
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[RFC 4/4] FIT: add test config and data [do not merge]
Signed-off-by: Jan Luebbe j...@pengutronix.de
---
arch/sandbox/configs/sandbox_defconfig | 33 +
key.dtb| Bin 0 - 1023 bytes
key.dts| 27 +++
sign-configs.itb | Bin 0 - 2453 bytes
4 files changed, 48 insertions(+), 12 deletions(-)
create mode 100644 key.dtb
create mode 100644 key.dts
create mode 100644 sign-configs.itb
diff --git a/arch/sandbox/configs/sandbox_defconfig
b/arch/sandbox/configs/sandbox_defconfig
index 7ce256950192..ec9d729127cb 100644
--- a/arch/sandbox/configs/sandbox_defconfig
+++ b/arch/sandbox/configs/sandbox_defconfig
@@ -5,25 +5,34 @@ CONFIG_PARTITION=y
CONFIG_DEFAULT_ENVIRONMENT_GENERIC_NEW=y
CONFIG_DEFAULT_ENVIRONMENT_PATH=arch/sandbox/board/env
CONFIG_DEBUG_INFO=y
-CONFIG_CMD_EDIT=y
-CONFIG_CMD_SLEEP=y
-CONFIG_CMD_SAVEENV=y
+CONFIG_CMD_MEMINFO=y
+CONFIG_CMD_BOOTM_SHOW_TYPE=y
+CONFIG_CMD_BOOTM_VERBOSE=y
+CONFIG_CMD_BOOTM_INITRD=y
+CONFIG_CMD_BOOTM_OFTREE=y
+CONFIG_CMD_BOOTM_OFTREE_UIMAGE=y
+CONFIG_CMD_BOOTM_FITIMAGE=y
+CONFIG_CMD_GO=y
+CONFIG_CMD_RESET=y
+CONFIG_CMD_PARTITION=y
CONFIG_CMD_EXPORT=y
CONFIG_CMD_PRINTENV=y
-CONFIG_CMD_READLINE=y
+CONFIG_CMD_SAVEENV=y
+CONFIG_CMD_SLEEP=y
+CONFIG_CMD_DHCP=y
+CONFIG_CMD_PING=y
CONFIG_CMD_TFTP=y
-CONFIG_CMD_MEMINFO=y
+CONFIG_CMD_EDIT=y
+CONFIG_CMD_READLINE=y
+CONFIG_CMD_TIMEOUT=y
CONFIG_CMD_CRC=y
CONFIG_CMD_FLASH=y
-# CONFIG_CMD_BOOTM is not set
-CONFIG_CMD_RESET=y
-CONFIG_CMD_GO=y
-CONFIG_CMD_TIMEOUT=y
-CONFIG_CMD_PARTITION=y
+CONFIG_CMD_OF_NODE=y
+CONFIG_CMD_OF_PROPERTY=y
+CONFIG_CMD_OFTREE=y
CONFIG_NET=y
-CONFIG_CMD_DHCP=y
-CONFIG_CMD_PING=y
CONFIG_DRIVER_NET_TAP=y
# CONFIG_SPI is not set
CONFIG_FS_CRAMFS=y
CONFIG_FS_TFTP=y
+CONFIG_DIGEST=y
diff --git a/key.dtb b/key.dtb
new file mode 100644
index
..9a3294e9f0b2ad30362127b9cc4e0d7e67d2f7b6
GIT binary patch
literal 1023
zcmcb`|m9S1M`0d1_lctodcvbfLIWS1%Ma?CIiJyAWRgJ5z1o*(kxImNDRj32eOg*
z(nx$xAX~@HGejXIwYUVx1_6*hkiAApiAAYN`4u{8nI*a2zkch%=Em(lG377kZPdW
z*{PMfDXC3Hb^fo5Ze}KBpT`z6(@Qm;n6)20%HmQ=PU1Z(bo{!?H7Tdz#ejmnRlI
z*Li3@Va_e-M)%VlOm~iQ_kP?u?UU4(@X|fcChNYldzd?OrF@m3aRtk)SzFdUW!+!?
zl-;3HSLVh+sd5o02*7=SzIKV|d40?ad2ceWi~DtZ5tFYN8q6C^MSWBIrCh{QFH
z~t|qZHnHpg+vMT7Kz|8F1LSjOBJ)ZR)RsYs!Zyd9r{$t+BeG)#$+t@m%cJJJx
z_}*LU{(1{}GymD2jc0s$;likCTroiYs={yo;k|v3oi1ovXaZ#%rNLiDE`)6^N~
z)q|Nb?-ai;T)=uN?}Os3d3Hbc+@sAs$6zFbLsfMM1hp~$t$yUop)(32ZjbLECOzJ
zyk9$KTknPl+iL5pC88Hp0~fF!l4webd1B%d{h)k7#oH58YEyH$%r}=S*E%vvzvEIl
zo8#*V=*n`#cf5uq5*JI8RS8~vQaDY?4xN5_TL2G1AY%EeH*s%{MF%mn50ge
zlzndS;9cpeYajPaS{D-Wn~_7Q(#OzzTZ_bkXA8tl{pP9v}P}Vb2z!x;GZbD5V!
zD@U%UeYa@ZFr^U+@lFZhHaekJf_~z@YXFWbX=zPuc_U-ReDiPMtd|MvvXZ@qT
z@}vPP-_{1vJ0i(%TI?IwiiUrhx;li-_^MM-#?dBi{rqy}D%eiM)?zCY@t1nqDk*
zL~5!3yui7K?nAYfdfd#fKv%0N?OgV}-1oRRc=f6%1gd@U-0uO?ON{IS^({d4uL
z%%Na{KTBh#NyOq7$2mDQ#mmur6{$yST{K}C#RS}xj3^b70S-cD@iRXDlI6{EdVC|
zyb^}o{FKxjhUEO*g2a-{q?}ZS#GLee24KS0Dbg)2ECnh`0rPBN^?q!!R*wEg8V#?
nW{|Qx1KrHLvecsDR0y{;S2roMq?iGeY4Q?tQ*|?db}|3}pHW%$
literal 0
HcmV?d1
diff --git a/key.dts b/key.dts
new file mode 100644
index ..c6f1e7cd4699
--- /dev/null
+++ b/key.dts
@@ -0,0 +1,27 @@
+/dts-v1/;
+
+/ {
+ #address-cells = 0x1;
+ #size-cells = 0x1;
+ interrupt-parent = 0x1;
+ model = FIT Test;
+ compatible = barebox,fit-test;
+
+ signature {
+ key-dev {
+ algo = sha1,rsa2048;
+ rsa,r-squared = 0xb453b3a8 0x143c04b9 0x69b7661a
0x9be9c8a2 0xe72ce137 0x909cda1b 0x8147cb88 0x2dcc50b 0x8df1b596 0xf21af457
0x75bce693 0x2dee3ee1 0x6d99a91f 0x7a113378 0x49a9ab4 0xaee505bf 0x77e50740
0x792d1cd8 0x9123ed03 0x72b26308 0x2f9f18f4 0xdc31dc37 0x26ece84d 0x2f22f170
0x566b146 0x7c5b01ec 0x224042a6 0x4feadc4 0x18d60883 0xdcc87f3c 0x72ee0654
0x5a108d72 0x16dfe950 0xc3437604 0xdb867d65 0xfac106bd 0xaaeefa5 0xc9dfe30d
0x938e184c 0xc7860689 0x958bb9b4 0x21ef4b1a 0xdfaf381f 0x364f9bf3 0x3398f4e8
0x44012626 0x1d3841ba 0xb4cbd849 0x6c23af70 0xd10c0486 0x117a6bb6 0xc3be7815
0xf91e0295 0x98cf2753 0x269dc73 0xef71a005 0xca6ef021 0x9a9e3ef8 0xbe6d4538
0x6924d341 0xccd2c7fe 0x6110649f 0x63a96b2d 0x43ba2ba7;
+ rsa,modulus = 0xd988efad 0x9cb68db0 0x583d7b3b
0xd57415d0 0x2551a005 0xc2188262 0x5ce4344c 0x5be077a0 0x78edc894 0x7d656d0a
0x37b37723 0x7d41011b 0xee0a24cd 0x6c4b4b1c 0x389668e8 0xdb214ef3 0x1254f688
0x3c0b9b32 0xf99c0919 0xab79f888 0xd0ab30e7 0xa3d96bf9 0x585e91bd 0x6c41c7dd
0x9e021ac8 0xc91de730 0xe0ee75aa 0xd6f1bc92 0xae5458fb 0x1082279 0x4c3137b6
0x8418a0e6 0xa017354e 0x9fecd2ac 0xbd0f7b6e 0xc927d7a3 0x2b2f6d03 0xa45b2359
0xaa2ba48b 0x196b31d4 0x8cfca7ed 0xf81ed874 0xe3ea10e3 0x13d9ebd5 0xcd48f1e0
0x89eb04ed 0xedfbca24 0x583be64d 0x84e2bf05 0xfc27a9c9 0x30050eb5 0x8015dc14
0x63ec843f 0x81ad1557 0xf295b76b 0x6fed55e 0x6ffb2a5a 0xb359ec52 0xa5d5a4ab
0xc86ef1cc 0x92ce0772 0x97731ac4 0x1aa54f9e 0x519dc2df;
+
Re: [PATCH] ARM: phytec-som-am335x: Remove bootargs-ip from boot scripts
On Thu, Mar 12, 2015 at 09:50:40AM +0100, Teresa Gámez wrote: We do not pass the ip to kernel any more. So remove adding it to bootargs when booting from nand, mmc or spi nor. Signed-off-by: Teresa Gámez t.ga...@phytec.de Applied, thanks Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH 4/7] digest: add verify callback
On Thu, Mar 12, 2015 at 03:22:23PM +0100, Jean-Christophe PLAGNIOL-VILLARD
wrote:
this will allow to compare a md with the original one
When calling this do not call final
For RSA_SIGN verification final does not exist only verify
as final will be for signing
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
crypto/digest.c | 23 ++-
crypto/hmac.c | 1 +
crypto/internal.h | 2 ++
crypto/md5.c | 1 +
crypto/sha1.c | 1 +
crypto/sha2.c | 2 ++
crypto/sha4.c | 2 ++
include/digest.h | 6 ++
8 files changed, 37 insertions(+), 1 deletion(-)
diff --git a/crypto/digest.c b/crypto/digest.c
index c06089d..98c3607 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -26,6 +26,8 @@
#include module.h
#include linux/err.h
+#include internal.h
+
static LIST_HEAD(digests);
static struct digest_algo *digest_algo_get_by_name(const char *name);
@@ -37,9 +39,28 @@ static int dummy_init(struct digest *d)
static void dummy_free(struct digest *d) {}
+int digest_generic_verity(struct digest *d, const unsigned char *md)
s/verity/verify/
+{
+ int ret;
+ int len = digest_length(d);
+ unsigned char *tmp;
+
+ tmp = xmalloc(sizeof(len));
sizeof(len) is not what you want.
+
+ ret = digest_final(d, tmp);
+ if (ret)
+ goto end;
+
+ ret = memcmp(md, tmp, len);
ret = ret ? -EINVAL : 0;
To consistently return an error code.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- |
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: [RFC 2/4] Add rsa support
On 15:39 Thu 12 Mar , Jan Luebbe wrote:
From: Sascha Hauer s.ha...@pengutronix.de
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
crypto/Kconfig | 3 +
crypto/Makefile | 1 +
crypto/rsa.c| 411
include/asm-generic/errno.h | 5 +
include/rsa.h | 54 ++
5 files changed, 474 insertions(+)
create mode 100644 crypto/rsa.c
create mode 100644 include/rsa.h
as state in my previous e-mail I will a keystore support
but this dt format to handle no please
we need to use the standard format as in the kernel or openssl
DER and x509
specially x509 as if we want to be able to add key at runtime we need to sign
them we the trusted RO keys
For the implementation of RSA I use the polarssl one and plan to add
the kernel one
and this implementation is limited to 4096 the polarssl one is not
Best Regards,
J.
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 4bd8dcf359f8..fa9ba491b79b 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -25,3 +25,6 @@ config SHA256
bool SHA256
endif
+
+config RSA
+ bool
diff --git a/crypto/Makefile b/crypto/Makefile
index 7c5b035b73de..44be124aa368 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -5,3 +5,4 @@ obj-$(CONFIG_MD5) += md5.o
obj-$(CONFIG_SHA1) += sha1.o
obj-$(CONFIG_SHA224) += sha2.o
obj-$(CONFIG_SHA256) += sha2.o
+obj-$(CONFIG_RSA)+= rsa.o
diff --git a/crypto/rsa.c b/crypto/rsa.c
new file mode 100644
index ..6a0c7b8a15cc
--- /dev/null
+++ b/crypto/rsa.c
@@ -0,0 +1,411 @@
+/*
+ * Copyright (c) 2013, Google Inc.
+ *
+ * SPDX-License-Identifier: GPL-2.0+
+ */
+
+#include common.h
+#include malloc.h
+#include of.h
+#include digest.h
+#include asm/types.h
+#include asm/byteorder.h
+#include errno.h
+#include rsa.h
+#include asm/types.h
+#include asm/unaligned.h
+
+#define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby)))
+
+#define get_unaligned_be32(a) fdt32_to_cpu(*(uint32_t *)a)
+#define put_unaligned_be32(a, b) (*(uint32_t *)(b) = cpu_to_fdt32(a))
+
+/* Default public exponent for backward compatibility */
+#define RSA_DEFAULT_PUBEXP 65537
+
+/* This is the minimum/maximum key size we support, in bits */
+#define RSA_MIN_KEY_BITS 1024
+#define RSA_MAX_KEY_BITS 4096
+
+/**
+ * subtract_modulus() - subtract modulus from the given value
+ *
+ * @key: Key containing modulus to subtract
+ * @num: Number to subtract modulus from, as little endian word array
+ */
+static void subtract_modulus(const struct rsa_public_key *key, uint32_t
num[])
+{
+ int64_t acc = 0;
+ uint i;
+
+ for (i = 0; i key-len; i++) {
+ acc += (uint64_t)num[i] - key-modulus[i];
+ num[i] = (uint32_t)acc;
+ acc = 32;
+ }
+}
+
+/**
+ * greater_equal_modulus() - check if a value is = modulus
+ *
+ * @key: Key containing modulus to check
+ * @num: Number to check against modulus, as little endian word array
+ * @return 0 if num modulus, 1 if num = modulus
+ */
+static int greater_equal_modulus(const struct rsa_public_key *key,
+ uint32_t num[])
+{
+ int i;
+
+ for (i = (int)key-len - 1; i = 0; i--) {
+ if (num[i] key-modulus[i])
+ return 0;
+ if (num[i] key-modulus[i])
+ return 1;
+ }
+
+ return 1; /* equal */
+}
+
+/**
+ * montgomery_mul_add_step() - Perform montgomery multiply-add step
+ *
+ * Operation: montgomery result[] += a * b[] / n0inv % modulus
+ *
+ * @key: RSA key
+ * @result: Place to put result, as little endian word array
+ * @a: Multiplier
+ * @b: Multiplicand, as little endian word array
+ */
+static void montgomery_mul_add_step(const struct rsa_public_key *key,
+ uint32_t result[], const uint32_t a, const uint32_t b[])
+{
+ uint64_t acc_a, acc_b;
+ uint32_t d0;
+ uint i;
+
+ acc_a = (uint64_t)a * b[0] + result[0];
+ d0 = (uint32_t)acc_a * key-n0inv;
+ acc_b = (uint64_t)d0 * key-modulus[0] + (uint32_t)acc_a;
+ for (i = 1; i key-len; i++) {
+ acc_a = (acc_a 32) + (uint64_t)a * b[i] + result[i];
+ acc_b = (acc_b 32) + (uint64_t)d0 * key-modulus[i] +
+ (uint32_t)acc_a;
+ result[i - 1] = (uint32_t)acc_b;
+ }
+
+ acc_a = (acc_a 32) + (acc_b 32);
+
+ result[i - 1] = (uint32_t)acc_a;
+
+ if (acc_a 32)
+ subtract_modulus(key, result);
+}
+
+/**
+ * montgomery_mul() - Perform montgomery mutitply
+ *
+ * Operation: montgomery result[] = a[] * b[] / n0inv % modulus
+ *
+ * @key: RSA key
+ * @result: Place to put result, as little endian word array
+ * @a: Multiplier, as little endian word array
+
Re: [RFC] digest: Add enum
On 15:51 Thu 12 Mar , Jan Luebbe wrote:
From: Sascha Hauer s.ha...@pengutronix.de
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
This is also needed as the first patch for the FIT support series. It seems
I can't count to 5.
common/digest.c | 12
crypto/md5.c | 1 +
crypto/sha1.c| 1 +
crypto/sha2.c| 2 ++
include/digest.h | 24
do as in the kernel use the string as we may want to add hw IP
Best Regadrs,
J.
5 files changed, 40 insertions(+)
diff --git a/common/digest.c b/common/digest.c
index ae414ba5d599..51be2ca4148b 100644
--- a/common/digest.c
+++ b/common/digest.c
@@ -75,6 +75,18 @@ struct digest* digest_get_by_name(char* name)
}
EXPORT_SYMBOL_GPL(digest_get_by_name);
+struct digest *digest_get(enum hash_algo algo)
+{
+ struct digest* d;
+
+ list_for_each_entry(d, digests, list)
+ if (d-algo == algo)
+ return d;
+ return NULL;
+
+}
+EXPORT_SYMBOL_GPL(digest_get);
+
int digest_file_window(struct digest *d, char *filename,
unsigned char *hash,
ulong start, ulong size)
diff --git a/crypto/md5.c b/crypto/md5.c
index 6c4ca1dd59b8..87728338708e 100644
--- a/crypto/md5.c
+++ b/crypto/md5.c
@@ -305,6 +305,7 @@ static struct md5 m = {
.update = digest_md5_update,
.final = digest_md5_final,
.length = 16,
+ .algo = HASH_ALGO_MD5,
}
};
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 58d14a8b3f39..29fcdbae59a7 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -326,6 +326,7 @@ static struct sha1 m = {
.update = digest_sha1_update,
.final = digest_sha1_final,
.length = SHA1_SUM_LEN,
+ .algo = HASH_ALGO_SHA1,
}
};
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 00a1af3419c6..72d43015687c 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -316,6 +316,7 @@ static struct sha2 m224 = {
.update = digest_sha2_update,
.final = digest_sha2_final,
.length = SHA224_SUM_LEN,
+ .algo = HASH_ALGO_SHA224,
}
};
#endif
@@ -337,6 +338,7 @@ static struct sha2 m256 = {
.update = digest_sha2_update,
.final = digest_sha2_final,
.length = SHA256_SUM_LEN,
+ .algo = HASH_ALGO_SHA256,
}
};
#endif
diff --git a/include/digest.h b/include/digest.h
index 8563c10128fe..62f6248d0768 100644
--- a/include/digest.h
+++ b/include/digest.h
@@ -21,6 +21,27 @@
#include linux/list.h
+enum hash_algo {
+ HASH_ALGO_MD4,
+ HASH_ALGO_MD5,
+ HASH_ALGO_SHA1,
+ HASH_ALGO_RIPE_MD_160,
+ HASH_ALGO_SHA256,
+ HASH_ALGO_SHA384,
+ HASH_ALGO_SHA512,
+ HASH_ALGO_SHA224,
+ HASH_ALGO_RIPE_MD_128,
+ HASH_ALGO_RIPE_MD_256,
+ HASH_ALGO_RIPE_MD_320,
+ HASH_ALGO_WP_256,
+ HASH_ALGO_WP_384,
+ HASH_ALGO_WP_512,
+ HASH_ALGO_TGR_128,
+ HASH_ALGO_TGR_160,
+ HASH_ALGO_TGR_192,
+ HASH_ALGO__LAST
+};
+
struct digest
{
char *name;
@@ -31,6 +52,8 @@ struct digest
unsigned int length;
+ enum hash_algo algo;
+
struct list_head list;
};
@@ -41,6 +64,7 @@ int digest_register(struct digest *d);
void digest_unregister(struct digest *d);
struct digest* digest_get_by_name(char* name);
+struct digest *digest_get(enum hash_algo);
int digest_file_window(struct digest *d, char *filename,
unsigned char *hash,
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH 4/7] digest: add verify callback
On Do, 2015-03-12 at 15:22 +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: +int digest_generic_verity(struct digest *d, const unsigned char *md) ^^ shouldn't this be verify for consistency? + int (*verify)(struct digest *d, const unsigned char *in); ^^ this is called md in the other prototypes -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: [RFC 3/4] FIT: add FIT image support
On 15:39 Thu 12 Mar , Jan Luebbe wrote:
The FIT image format was defined for U-Boot and has been adopted by the
depthcharge project as well. It is intended to be a replacement for the
uimage format and has been extended to support signing of kernel,
initramfs and devicetree images. This patch adds support for booting FIT
images to barebox.
To verify signed images, the RSA public key data must be available in
the internal device tree. Currently only signature verification on
configurations (which contains hashes of all referenced images) are
implemented, as this is the most useful use case and reduces the
complexity of the implementation.
The host tool (mkimage) to sign images has not yet been imported from U-Boot.
Signed-off-by: Jan Luebbe j...@pengutronix.de
please do not send a new version except for fix
I'm going to re-integrate it with the keystore co
and sha1,rsa2048 is considered weak in term of security
and worse md4/md5
for barebox I would only use
at least sha256 with rs2048 or sha512 with rsa4096
and as soon as SHA-2 is ready we should take a look to switch to it instead of
SHA-1(this is all the curreent shaxxx of today)
cf FIPS specs
---
arch/arm/lib/bootm.c | 74 +++
commands/Kconfig | 8 +
common/Kconfig | 7 +
common/Makefile | 1 +
common/image-fit.c | 585
+++
include/image-fit.h | 42
6 files changed, 717 insertions(+)
create mode 100644 common/image-fit.c
create mode 100644 include/image-fit.h
diff --git a/arch/arm/lib/bootm.c b/arch/arm/lib/bootm.c
index 8327c3f5603a..6d30c594bdc2 100644
--- a/arch/arm/lib/bootm.c
+++ b/arch/arm/lib/bootm.c
@@ -552,6 +552,78 @@ BAREBOX_MAGICVAR(aimage_noverwrite_bootargs, Disable
overwrite of the bootargs
BAREBOX_MAGICVAR(aimage_noverwrite_tags, Disable overwrite of the tags addr
with the one present in aimage);
#endif
+#include image-fit.h
+
+static int do_bootm_arm_fit(struct image_data *data)
+{
+ struct fit_handle *handle;
+ int ret;
+ unsigned long mem_free;
+ unsigned long mem_start, mem_size;
+
+ handle = fit_open(data-os_file, data-os_num, data-verbose);
+ if (!handle)
+ return -EINVAL;
+
+ ret = sdram_start_and_size(mem_start, mem_size);
+ if (ret)
+ return ret;
+
+ /* no support for custom load address */
+ data-os_address = mem_start + PAGE_ALIGN(handle-kernel_size * 4);
+ data-os_res = request_sdram_region(fit-kernel, data-os_address,
handle-kernel_size);
+ if (!data-os_res) {
+ pr_err(Cannot request region 0x%08lx - 0x%08lx\n,
+ data-os_address, handle-kernel_size);
+ ret = -ENOMEM;
+ goto err_out;
+ }
+ memcpy((void *)data-os_res-start, handle-kernel,
handle-kernel_size);
+
+ /*
+ * Put oftree/initrd close behind compressed kernel image to avoid
+ * placing it outside of the kernels lowmem.
+ */
+ if (handle-initrd_size) {
+ data-initrd_address = PAGE_ALIGN(data-os_res-end + SZ_1M);
+ data-initrd_res = request_sdram_region(fit-initrd,
data-initrd_address, handle-initrd_size);
+ if (!data-initrd_res) {
+ ret = -ENOMEM;
+ goto err_out;
+ }
+ memcpy((void *)data-initrd_res-start, handle-initrd,
handle-initrd_size);
+ }
+
+ data-of_root_node = of_unflatten_dtb(handle-oftree);
+ if (!data-of_root_node) {
+ pr_err(unable to unflatten devicetree\n);
+ ret = -EINVAL;
+ goto err_out;
+ }
+
+ /*
+ * Put devicetree right after initrd if present or after the kernel
+ * if not.
+ */
+ if (data-initrd_res)
+ mem_free = PAGE_ALIGN(data-initrd_res-end);
+ else
+ mem_free = PAGE_ALIGN(data-os_res-end + SZ_1M);
+
+ return __do_bootm_linux(data, mem_free, 0);
+
+err_out:
+ if (handle)
+ fit_close(handle);
+ return ret;
+}
+
+static struct image_handler arm_fit_handler = {
+.name = FIT image,
+.bootm = do_bootm_arm_fit,
+.filetype = filetype_oftree,
+};
+
static struct binfmt_hook binfmt_aimage_hook = {
.type = filetype_aimage,
.exec = bootm,
@@ -577,6 +649,8 @@ static int armlinux_register_image_handler(void)
register_image_handler(aimage_handler);
binfmt_register(binfmt_aimage_hook);
}
+ if (IS_BUILTIN(CONFIG_CMD_BOOTM_FITIMAGE))
+ register_image_handler(arm_fit_handler);
binfmt_register(binfmt_arm_zimage_hook);
binfmt_register(binfmt_barebox_hook);
diff --git a/commands/Kconfig b/commands/Kconfig
index e4f68e7bda31..8d8fd46c15ec 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -402,6 +402,14 @@ config CMD_BOOTM_AIMAGE
Re: [PATCH 4/7] digest: add verify callback
On Mar 13, 2015, at 1:41 AM, Sascha Hauer s.ha...@pengutronix.de wrote:
On Thu, Mar 12, 2015 at 03:22:23PM +0100, Jean-Christophe PLAGNIOL-VILLARD
wrote:
this will allow to compare a md with the original one
When calling this do not call final
For RSA_SIGN verification final does not exist only verify
as final will be for signing
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
crypto/digest.c | 23 ++-
crypto/hmac.c | 1 +
crypto/internal.h | 2 ++
crypto/md5.c | 1 +
crypto/sha1.c | 1 +
crypto/sha2.c | 2 ++
crypto/sha4.c | 2 ++
include/digest.h | 6 ++
8 files changed, 37 insertions(+), 1 deletion(-)
diff --git a/crypto/digest.c b/crypto/digest.c
index c06089d..98c3607 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -26,6 +26,8 @@
#include module.h
#include linux/err.h
+#include internal.h
+
static LIST_HEAD(digests);
static struct digest_algo *digest_algo_get_by_name(const char *name);
@@ -37,9 +39,28 @@ static int dummy_init(struct digest *d)
static void dummy_free(struct digest *d) {}
+int digest_generic_verity(struct digest *d, const unsigned char *md)
s/verity/verify/
I already fix this wired that the pull is different from my local version
+{
+int ret;
+int len = digest_length(d);
+unsigned char *tmp;
+
+tmp = xmalloc(sizeof(len));
sizeof(len) is not what you want.
ditto
+
+ret = digest_final(d, tmp);
+if (ret)
+goto end;
+
+ret = memcmp(md, tmp, len);
ret = ret ? -EINVAL : 0;
To consistently return an error code.
yeap
Best Regards,
J.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- |
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH 7/8] digest: add HMAC support for md5, sha1, sha224, sha256, sha384, sha512
On Wed, Mar 11, 2015 at 05:53:08PM +0100, Jean-Christophe PLAGNIOL-VILLARD
wrote:
the hmac algo will be registered as hmac(%s) such as hmac(sha256)
Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com
---
+static int digest_hmac_alloc(struct digest *d)
+{
+ struct digest_hmac_ctx *dh = d-ctx;
+ struct digest_hmac *hmac = to_digest_hmac(d-algo);
+
+ dh-d = digest_alloc(hmac-name);
+ if (!dh-d)
+ return -EINVAL;
+
+ dh-ipad = xmalloc(sizeof(unsigned char) * hmac-pad_length);
+ dh-opad = xmalloc(sizeof(unsigned char) * hmac-pad_length);
sizeof(unsigned char) is 1. Dropped while applying.
Sascha
--
Pengutronix e.K. | |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0|
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- |
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 1/2] crypto: digest: Make string arguments const
Most string arguments for keys and filenames can be const. Change
that.
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
crypto/digest.c | 18 +-
include/digest.h | 19 ++-
2 files changed, 19 insertions(+), 18 deletions(-)
diff --git a/crypto/digest.c b/crypto/digest.c
index 2f2039c..922d9d0 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -28,7 +28,7 @@
static LIST_HEAD(digests);
-static struct digest_algo* digest_algo_get_by_name(char* name);
+static struct digest_algo* digest_algo_get_by_name(const char *name);
static int dummy_init(struct digest *d)
{
@@ -69,7 +69,7 @@ void digest_algo_unregister(struct digest_algo *d)
}
EXPORT_SYMBOL(digest_algo_unregister);
-static struct digest_algo *digest_algo_get_by_name(char* name)
+static struct digest_algo *digest_algo_get_by_name(const char *name)
{
struct digest_algo* d;
@@ -84,7 +84,7 @@ static struct digest_algo *digest_algo_get_by_name(char* name)
return NULL;
}
-struct digest *digest_alloc(char* name)
+struct digest *digest_alloc(const char *name)
{
struct digest* d;
struct digest_algo* algo;
@@ -115,8 +115,8 @@ void digest_free(struct digest *d)
}
EXPORT_SYMBOL_GPL(digest_free);
-int digest_file_window(struct digest *d, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file_window(struct digest *d, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash,
ulong start, ulong size)
{
@@ -189,8 +189,8 @@ out:
}
EXPORT_SYMBOL_GPL(digest_file_window);
-int digest_file(struct digest *d, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file(struct digest *d, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash)
{
struct stat st;
@@ -205,8 +205,8 @@ int digest_file(struct digest *d, char *filename,
}
EXPORT_SYMBOL_GPL(digest_file);
-int digest_file_by_name(char *algo, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file_by_name(const char *algo, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash)
{
struct digest *d;
diff --git a/include/digest.h b/include/digest.h
index fd47a7e..b890a7a 100644
--- a/include/digest.h
+++ b/include/digest.h
@@ -31,7 +31,7 @@ struct digest_algo {
int (*init)(struct digest *d);
int (*update)(struct digest *d, const void *data, unsigned long len);
int (*final)(struct digest *d, unsigned char *md);
- int (*set_key)(struct digest *d, unsigned char *key, unsigned int len);
+ int (*set_key)(struct digest *d, const unsigned char *key, unsigned int
len);
unsigned int length;
unsigned int ctx_length;
@@ -50,18 +50,18 @@ struct digest {
int digest_algo_register(struct digest_algo *d);
void digest_algo_unregister(struct digest_algo *d);
-struct digest *digest_alloc(char* name);
+struct digest *digest_alloc(const char *name);
void digest_free(struct digest *d);
-int digest_file_window(struct digest *d, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file_window(struct digest *d, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash,
ulong start, ulong size);
-int digest_file(struct digest *d, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file(struct digest *d, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash);
-int digest_file_by_name(char *algo, char *filename,
- unsigned char *key, size_t keylen,
+int digest_file_by_name(const char *algo, const char *filename,
+ const unsigned char *key, size_t keylen,
unsigned char *hash);
static inline int digest_init(struct digest *d)
@@ -85,7 +85,8 @@ static inline int digest_length(struct digest *d)
return d-algo-length;
}
-static inline int digest_set_key(struct digest *d, unsigned char *key,
unsigned int len)
+static inline int digest_set_key(struct digest *d, const unsigned char *key,
+ unsigned int len)
{
if (!d-algo-set_key)
return -ENOTSUPP;
--
2.1.4
___
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox
[PATCH 2/2] crypto: digest: Fix coding style
When declaring pointer data or a function that returns a pointer type, the
preferred use of '*' is adjacent to the data name or function name and not
adjacent to the type name.
Fix the remaining occurences in crypto/
Signed-off-by: Sascha Hauer s.ha...@pengutronix.de
---
crypto/digest.c | 8
crypto/hmac.c | 2 +-
crypto/sha1.c | 8
crypto/sha2.c | 8
crypto/sha4.c | 8
5 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/crypto/digest.c b/crypto/digest.c
index 922d9d0..c06089d 100644
--- a/crypto/digest.c
+++ b/crypto/digest.c
@@ -28,7 +28,7 @@
static LIST_HEAD(digests);
-static struct digest_algo* digest_algo_get_by_name(const char *name);
+static struct digest_algo *digest_algo_get_by_name(const char *name);
static int dummy_init(struct digest *d)
{
@@ -71,7 +71,7 @@ EXPORT_SYMBOL(digest_algo_unregister);
static struct digest_algo *digest_algo_get_by_name(const char *name)
{
- struct digest_algo* d;
+ struct digest_algo *d;
if (!name)
return NULL;
@@ -86,8 +86,8 @@ static struct digest_algo *digest_algo_get_by_name(const char
*name)
struct digest *digest_alloc(const char *name)
{
- struct digest* d;
- struct digest_algo* algo;
+ struct digest *d;
+ struct digest_algo *algo;
algo = digest_algo_get_by_name(name);
if (!algo)
diff --git a/crypto/hmac.c b/crypto/hmac.c
index a996f1e..b04dff1 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -20,7 +20,7 @@ struct digest_hmac_ctx {
unsigned int keylen;
};
-static inline struct digest_hmac * to_digest_hmac(struct digest_algo *algo)
+static inline struct digest_hmac *to_digest_hmac(struct digest_algo *algo)
{
return container_of(algo, struct digest_hmac, algo);
}
diff --git a/crypto/sha1.c b/crypto/sha1.c
index 766e4ea..a244b5d 100644
--- a/crypto/sha1.c
+++ b/crypto/sha1.c
@@ -48,7 +48,7 @@ sha1_context;
/*
* SHA-1 context setup
*/
-static void sha1_starts (sha1_context * ctx)
+static void sha1_starts (sha1_context *ctx)
{
ctx-total[0] = 0;
ctx-total[1] = 0;
@@ -60,7 +60,7 @@ static void sha1_starts (sha1_context * ctx)
ctx-state[4] = 0xC3D2E1F0;
}
-static void sha1_process (sha1_context * ctx, uint8_t data[64])
+static void sha1_process (sha1_context *ctx, uint8_t data[64])
{
uint32_t temp, W[16], A, B, C, D, E;
@@ -217,7 +217,7 @@ static void sha1_process (sha1_context * ctx, uint8_t
data[64])
/*
* SHA-1 process buffer
*/
-static void sha1_update (sha1_context * ctx, uint8_t *input, uint32_t ilen)
+static void sha1_update (sha1_context *ctx, uint8_t *input, uint32_t ilen)
{
uint32_t fill, left;
@@ -262,7 +262,7 @@ static uint8_t sha1_padding[64] = {
/*
* SHA-1 final digest
*/
-static void sha1_finish (sha1_context * ctx, uint8_t output[20])
+static void sha1_finish (sha1_context *ctx, uint8_t output[20])
{
uint32_t last, padn;
uint32_t high, low;
diff --git a/crypto/sha2.c b/crypto/sha2.c
index 8558030..cb89c82 100644
--- a/crypto/sha2.c
+++ b/crypto/sha2.c
@@ -39,7 +39,7 @@ typedef struct {
#define GET_UINT32_BE(n,b,i) (n) = be32_to_cpu(((uint32_t*)(b))[i / 4])
#define PUT_UINT32_BE(n,b,i) ((uint32_t*)(b))[i / 4] = cpu_to_be32(n)
-static void sha2_starts(sha2_context * ctx, int is224)
+static void sha2_starts(sha2_context *ctx, int is224)
{
ctx-total[0] = 0;
ctx-total[1] = 0;
@@ -74,7 +74,7 @@ static void sha2_starts(sha2_context * ctx, int is224)
ctx-is224 = is224;
}
-static void sha2_process(sha2_context * ctx, const uint8_t data[64])
+static void sha2_process(sha2_context *ctx, const uint8_t data[64])
{
uint32_t temp1, temp2;
uint32_t W[64];
@@ -205,7 +205,7 @@ static void sha2_process(sha2_context * ctx, const uint8_t
data[64])
ctx-state[7] += H;
}
-static void sha2_update(sha2_context * ctx, const uint8_t * input, size_t
length)
+static void sha2_update(sha2_context *ctx, const uint8_t *input, size_t length)
{
size_t fill;
uint32_t left;
@@ -247,7 +247,7 @@ static const uint8_t sha2_padding[64] = {
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
-static void sha2_finish(sha2_context * ctx, uint8_t digest[32])
+static void sha2_finish(sha2_context *ctx, uint8_t digest[32])
{
uint32_t last, padn;
uint32_t high, low;
diff --git a/crypto/sha4.c b/crypto/sha4.c
index 8a56081..1c768e7 100644
--- a/crypto/sha4.c
+++ b/crypto/sha4.c
@@ -97,7 +97,7 @@ static const uint64_t K[80] = {
/*
* SHA-512 context setup
*/
-static void sha4_starts(sha4_context * ctx, int is384)
+static void sha4_starts(sha4_context *ctx, int is384)
{
ctx-total[0] = 0;
ctx-total[1] = 0;
@@ -127,7 +127,7 @@ static void sha4_starts(sha4_context * ctx, int is384)
ctx-is384 = is384;
}
-static void sha4_process(sha4_context * ctx, unsigned char data[128])
+static void sha4_process(sha4_context
Re: [PATCH 1/1] gitignore: only ignore include/config.h
On Wed, Mar 11, 2015 at 06:28:21PM +0100, Jean-Christophe PLAGNIOL-VILLARD wrote: Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD plagn...@jcrosoft.com --- include/.gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/.gitignore b/include/.gitignore Applied, thanks Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
Re: [PATCH v5] state: add framework for persistent state handling
On Tue, Mar 10, 2015 at 03:54:26PM +0100, Marc Kleine-Budde wrote: From: Sascha Hauer s.ha...@pengutronix.de This patch adds a framework to describe, access, store and restore a set of variables. A state variable set can be fully described in a devicetree node. This node could be part of the regular devicetree blob or it could be an extra devicetree solely for the state. The state variable set contains variables of different types and a place to store the variable set. For more information see: Documentation/devicetree/bindings/barebox/barebox,state.rst Signed-off-by: Sascha Hauer s.ha...@pengutronix.de Signed-off-by: Jan Luebbe j...@pengutronix.de Signed-off-by: Marc Kleine-Budde m...@pengutronix.de --- Applied, thanks Sascha -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0| Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917- | ___ barebox mailing list barebox@lists.infradead.org http://lists.infradead.org/mailman/listinfo/barebox
