On Tue, 2 Jul 2024 at 21:26, Raymond Mao <raymond....@linaro.org> wrote: > > We don't need an API specially for non-watchdog since sha1_csum_wd > supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG. > Set 0x10000 as default chunk size for SHA1. > > Signed-off-by: Raymond Mao <raymond....@linaro.org> > --- > Changes in v4 > - Initial patch. > > board/gdsys/a38x/hre.c | 2 +- > include/u-boot/sha1.h | 12 ++---------- > lib/sha1.c | 13 ------------- > lib/tpm-v1.c | 2 +- > 4 files changed, 4 insertions(+), 25 deletions(-) > > diff --git a/board/gdsys/a38x/hre.c b/board/gdsys/a38x/hre.c > index f303793b63b..06856ea36d3 100644 > --- a/board/gdsys/a38x/hre.c > +++ b/board/gdsys/a38x/hre.c > @@ -166,7 +166,7 @@ static int find_key(struct udevice *tpm, const uint8_t > auth[20], > return -1; > if (err) > continue; > - sha1_csum(buf, buf_len, digest); > + sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ); > if (!memcmp(digest, pubkey_digest, 20)) { > *handle = key_handles[i]; > return 0; > diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h > index ab88134fb98..36c3db15e22 100644 > --- a/include/u-boot/sha1.h > +++ b/include/u-boot/sha1.h > @@ -39,6 +39,8 @@ extern "C" { > #define SHA1_SUM_LEN 20 > #define SHA1_DER_LEN 15 > > +#define SHA1_DEF_CHUNK_SZ 0x10000 > + > extern const uint8_t sha1_der_prefix[]; > > #if defined(CONFIG_MBEDTLS_LIB_CRYPTO) > @@ -81,16 +83,6 @@ void sha1_update(sha1_context *ctx, const unsigned char > *input, > */ > void sha1_finish( sha1_context *ctx, unsigned char output[20] ); > > -/** > - * \brief Output = SHA-1( input buffer ) > - * > - * \param input buffer holding the data > - * \param ilen length of the input data > - * \param output SHA-1 checksum result > - */ > -void sha1_csum(const unsigned char *input, unsigned int ilen, > - unsigned char *output); > - > /** > * \brief Output = SHA-1( input buffer ), with watchdog triggering > * > diff --git a/lib/sha1.c b/lib/sha1.c > index 7ef536f4b5d..81412283b49 100644 > --- a/lib/sha1.c > +++ b/lib/sha1.c > @@ -304,19 +304,6 @@ void sha1_finish (sha1_context * ctx, unsigned char > output[20]) > PUT_UINT32_BE (ctx->state[4], output, 16); > } > > -/* > - * Output = SHA-1( input buffer ) > - */ > -void sha1_csum(const unsigned char *input, unsigned int ilen, > - unsigned char *output) > -{ > - sha1_context ctx; > - > - sha1_starts (&ctx); > - sha1_update (&ctx, input, ilen); > - sha1_finish (&ctx, output); > -} > - > /* > * Output = SHA-1( input buffer ). Trigger the watchdog every 'chunk_sz' > * bytes of input processed. > diff --git a/lib/tpm-v1.c b/lib/tpm-v1.c > index e66023da5e6..a6727c575fd 100644 > --- a/lib/tpm-v1.c > +++ b/lib/tpm-v1.c > @@ -871,7 +871,7 @@ u32 tpm1_find_key_sha1(struct udevice *dev, const u8 > auth[20], > return -1; > if (err) > continue; > - sha1_csum(buf, buf_len, digest); > + sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ); > if (!memcmp(digest, pubkey_digest, 20)) { > *handle = key_handles[i]; > return 0; > -- > 2.25.1 >
Reviewed-by: Ilias Apalodimas <ilias.apalodi...@linaro.org>