[PATCH 0/7] Digest and login/password Frameworks

[PATCH 0/7] Digest and login/password Frameworks

[Jean-Christophe PLAGNIOL-VILLARD]

Hi,

	this patch serie will introduce the support
	of 2 frameworks

	Digest Framework

	Which allow you to add easely digest algo
	with md5, sha1, sha256

	Login/Passwd Framework

	It will allow you to protect your barebox with a password
	and require it via login command or manange it via passwd
	This framework use the Digest framework to calculate the checksum
	to store the password

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 1/7] add digest framework

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 common/Makefile  |    1 +
 common/digest.c  |   77 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 include/digest.h |   49 ++++++++++++++++++++++++++++++++++
 lib/Kconfig      |    7 +++++
 4 files changed, 134 insertions(+), 0 deletions(-)
 create mode 100644 common/digest.c
 create mode 100644 include/digest.h

diff --git a/common/Makefile b/common/Makefile
index 4b8cce0..b087e3d 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -11,6 +11,7 @@ obj-y += clock.o
 obj-y += command.o
 obj-$(CONFIG_CONSOLE_FULL) += console.o
 obj-$(CONFIG_CONSOLE_SIMPLE) += console_simple.o
+obj-$(CONFIG_DIGEST) += digest.o
 obj-y += env.o
 obj-y += startup.o
 obj-y += misc.o
diff --git a/common/digest.c b/common/digest.c
new file mode 100644
index 0000000..10ad060
--- /dev/null
+++ b/common/digest.c
@@ -0,0 +1,77 @@
+/*
+ * (C) Copyright 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; version 2 of
+ * the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include <common.h>
+#include <digest.h>
+#include <malloc.h>
+#include <errno.h>
+#include <module.h>
+#include <linux/err.h>
+
+static LIST_HEAD(digests);
+
+static int dummy_init(struct digest *d)
+{
+	return 0;
+}
+
+int digest_register(struct digest *d)
+{
+	if (!d || !d->name || !d->update || !d->final || d->length < 1)
+		return -EINVAL;
+
+	if (!d->init)
+		d->init = dummy_init;
+
+	if (digest_get_by_name(d->name))
+		return -EEXIST;
+
+	list_add_tail(&d->list, &digests);
+
+	return 0;
+}
+EXPORT_SYMBOL(digest_register);
+
+void digest_unregister(struct digest *d)
+{
+	if (!d)
+		return;
+
+	list_del(&d->list);
+}
+EXPORT_SYMBOL(digest_unregister);
+
+struct digest* digest_get_by_name(char* name)
+{
+	struct digest* d;
+
+	if (!name)
+		return NULL;
+
+	list_for_each_entry(d, &digests, list) {
+		if(strcmp(d->name, name) == 0)
+			return d;
+	}
+
+	return NULL;
+}
+EXPORT_SYMBOL_GPL(digest_get_by_name);
diff --git a/include/digest.h b/include/digest.h
new file mode 100644
index 0000000..1dcfd9d
--- /dev/null
+++ b/include/digest.h
@@ -0,0 +1,49 @@
+/*
+ * (C) Copyright 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; version 2 of
+ * the License.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#ifndef __DIGEST_H__
+#define __DIGEST_H__
+
+#include <linux/list.h>
+
+struct digest
+{
+	char *name;
+
+	int (*init)(struct digest *d);
+	int (*update)(struct digest *d, const void *data, unsigned long len);
+	int (*final)(struct digest *d, unsigned char *md);
+
+	unsigned int length;
+
+	struct list_head list;
+};
+
+/*
+ * digest functions
+ */
+int digest_register(struct digest *d);
+void digest_unregister(struct digest *d);
+
+struct digest* digest_get_by_name(char* name);
+
+#endif /* __SH_ST_DEVICES_H__ */
diff --git a/lib/Kconfig b/lib/Kconfig
index 28c92cd..a571ba8 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -10,6 +10,13 @@ config CRC32
 config CRC16
 	bool
 
+menuconfig DIGEST
+	bool "Digest"
+
+if DIGEST
+
+endif
+
 config GENERIC_FIND_NEXT_BIT
 	def_bool n
 
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 2/7] add md5 support

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 lib/Kconfig  |    4 +
 lib/Makefile |    1 +
 lib/md5.c    |  317 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 322 insertions(+), 0 deletions(-)
 create mode 100644 lib/md5.c

diff --git a/lib/Kconfig b/lib/Kconfig
index a571ba8..e8776a7 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -15,6 +15,10 @@ menuconfig DIGEST
 
 if DIGEST
 
+config MD5
+	bool "MD5"
+	default y
+
 endif
 
 config GENERIC_FIND_NEXT_BIT
diff --git a/lib/Makefile b/lib/Makefile
index 8c5df08..6a1fb5d 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -34,3 +34,4 @@ obj-y			+= lzo/
 obj-y			+= show_progress.o
 obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
 obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
+obj-$(CONFIG_MD5)	+= md5.o
diff --git a/lib/md5.c b/lib/md5.c
new file mode 100644
index 0000000..6c4ca1d
--- /dev/null
+++ b/lib/md5.c
@@ -0,0 +1,317 @@
+/*
+ * This file was transplanted with slight modifications from Linux sources
+ * (fs/cifs/md5.c) into U-Boot by Bartlomiej Sieka <tur@semihalf.com>.
+ */
+
+/*
+ * This code implements the MD5 message-digest algorithm.
+ * The algorithm is due to Ron Rivest.  This code was
+ * written by Colin Plumb in 1993, no copyright is claimed.
+ * This code is in the public domain; do with it what you wish.
+ *
+ * Equivalent code is available from RSA Data Security, Inc.
+ * This code has been tested against that, and is equivalent,
+ * except that you don't need to include two pages of legalese
+ * with every copy.
+ *
+ * To compute the message digest of a chunk of bytes, declare an
+ * MD5Context structure, pass it to MD5Init, call MD5Update as
+ * needed on buffers full of bytes, and then call MD5Final, which
+ * will fill a supplied 16-byte array with the digest.
+ */
+
+/* This code slightly modified to fit into Samba by
+   abartlet@samba.org Jun 2001
+   and to fit the cifs vfs by
+   Steve French sfrench@us.ibm.com */
+
+#include <common.h>
+#include <digest.h>
+#include <init.h>
+
+struct MD5Context {
+	__u32 buf[4];
+	__u32 bits[2];
+	unsigned char in[64];
+};
+
+static void
+MD5Transform(__u32 buf[4], __u32 const in[16]);
+
+/*
+ * Note: this code is harmless on little-endian machines.
+ */
+static void
+byteReverse(unsigned char *buf, unsigned longs)
+{
+	__u32 t;
+	do {
+		t = (__u32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
+		    ((unsigned) buf[1] << 8 | buf[0]);
+		*(__u32 *) buf = t;
+		buf += 4;
+	} while (--longs);
+}
+
+/*
+ * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
+ * initialization constants.
+ */
+static void
+MD5Init(struct MD5Context *ctx)
+{
+	ctx->buf[0] = 0x67452301;
+	ctx->buf[1] = 0xefcdab89;
+	ctx->buf[2] = 0x98badcfe;
+	ctx->buf[3] = 0x10325476;
+
+	ctx->bits[0] = 0;
+	ctx->bits[1] = 0;
+}
+
+/*
+ * Update context to reflect the concatenation of another buffer full
+ * of bytes.
+ */
+static void
+MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
+{
+	register __u32 t;
+
+	/* Update bitcount */
+
+	t = ctx->bits[0];
+	if ((ctx->bits[0] = t + ((__u32) len << 3)) < t)
+		ctx->bits[1]++;	/* Carry from low to high */
+	ctx->bits[1] += len >> 29;
+
+	t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
+
+	/* Handle any leading odd-sized chunks */
+
+	if (t) {
+		unsigned char *p = (unsigned char *) ctx->in + t;
+
+		t = 64 - t;
+		if (len < t) {
+			memmove(p, buf, len);
+			return;
+		}
+		memmove(p, buf, t);
+		byteReverse(ctx->in, 16);
+		MD5Transform(ctx->buf, (__u32 *) ctx->in);
+		buf += t;
+		len -= t;
+	}
+	/* Process data in 64-byte chunks */
+
+	while (len >= 64) {
+		memmove(ctx->in, buf, 64);
+		byteReverse(ctx->in, 16);
+		MD5Transform(ctx->buf, (__u32 *) ctx->in);
+		buf += 64;
+		len -= 64;
+	}
+
+	/* Handle any remaining bytes of data. */
+
+	memmove(ctx->in, buf, len);
+}
+
+/*
+ * Final wrapup - pad to 64-byte boundary with the bit pattern
+ * 1 0* (64-bit count of bits processed, MSB-first)
+ */
+static void
+MD5Final(unsigned char digest[16], struct MD5Context *ctx)
+{
+	unsigned int count;
+	unsigned char *p;
+
+	/* Compute number of bytes mod 64 */
+	count = (ctx->bits[0] >> 3) & 0x3F;
+
+	/* Set the first char of padding to 0x80.  This is safe since there is
+	   always at least one byte free */
+	p = ctx->in + count;
+	*p++ = 0x80;
+
+	/* Bytes of padding needed to make 64 bytes */
+	count = 64 - 1 - count;
+
+	/* Pad out to 56 mod 64 */
+	if (count < 8) {
+		/* Two lots of padding:  Pad the first block to 64 bytes */
+		memset(p, 0, count);
+		byteReverse(ctx->in, 16);
+		MD5Transform(ctx->buf, (__u32 *) ctx->in);
+
+		/* Now fill the next block with 56 bytes */
+		memset(ctx->in, 0, 56);
+	} else {
+		/* Pad block to 56 bytes */
+		memset(p, 0, count - 8);
+	}
+	byteReverse(ctx->in, 14);
+
+	/* Append length in bits and transform */
+	((__u32 *) ctx->in)[14] = ctx->bits[0];
+	((__u32 *) ctx->in)[15] = ctx->bits[1];
+
+	MD5Transform(ctx->buf, (__u32 *) ctx->in);
+	byteReverse((unsigned char *) ctx->buf, 4);
+	memmove(digest, ctx->buf, 16);
+	memset(ctx, 0, sizeof(*ctx));	/* In case it's sensitive */
+}
+
+/* The four core functions - F1 is optimized somewhat */
+
+/* #define F1(x, y, z) (x & y | ~x & z) */
+#define F1(x, y, z) (z ^ (x & (y ^ z)))
+#define F2(x, y, z) F1(z, x, y)
+#define F3(x, y, z) (x ^ y ^ z)
+#define F4(x, y, z) (y ^ (x | ~z))
+
+/* This is the central step in the MD5 algorithm. */
+#define MD5STEP(f, w, x, y, z, data, s) \
+	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
+
+/*
+ * The core of the MD5 algorithm, this alters an existing MD5 hash to
+ * reflect the addition of 16 longwords of new data.  MD5Update blocks
+ * the data and converts bytes into longwords for this routine.
+ */
+static void
+MD5Transform(__u32 buf[4], __u32 const in[16])
+{
+	register __u32 a, b, c, d;
+
+	a = buf[0];
+	b = buf[1];
+	c = buf[2];
+	d = buf[3];
+
+	MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
+	MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
+	MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
+	MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
+	MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
+	MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
+	MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
+	MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
+	MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
+	MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
+	MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
+	MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
+	MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
+	MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
+	MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
+	MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
+
+	MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
+	MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
+	MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
+	MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
+	MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
+	MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
+	MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
+	MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
+	MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
+	MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
+	MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
+	MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
+	MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
+	MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
+	MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
+	MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
+
+	MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
+	MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
+	MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
+	MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
+	MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
+	MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
+	MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
+	MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
+	MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
+	MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
+	MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
+	MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
+	MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
+	MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
+	MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
+	MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
+
+	MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
+	MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
+	MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
+	MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
+	MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
+	MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
+	MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
+	MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
+	MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
+	MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
+	MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
+	MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
+	MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
+	MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
+	MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
+	MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
+
+	buf[0] += a;
+	buf[1] += b;
+	buf[2] += c;
+	buf[3] += d;
+}
+
+struct md5 {
+	struct MD5Context context;
+	struct digest d;
+};
+
+static int digest_md5_init(struct digest *d)
+{
+	struct md5 *m = container_of(d, struct md5, d);
+
+	MD5Init(&m->context);
+
+	return 0;
+}
+
+static int digest_md5_update(struct digest *d, const void *data,
+			     unsigned long len)
+{
+	struct md5 *m = container_of(d, struct md5, d);
+
+	MD5Update(&m->context, data, len);
+
+	return 0;
+}
+
+static int digest_md5_final(struct digest *d, unsigned char *md)
+{
+	struct md5 *m = container_of(d, struct md5, d);
+
+	MD5Final(md, &m->context);
+
+	return 0;
+}
+
+static struct md5 m = {
+	.d = {
+		.name = "md5",
+		.init = digest_md5_init,
+		.update = digest_md5_update,
+		.final = digest_md5_final,
+		.length = 16,
+	}
+};
+
+static int md5_digest_register(void)
+{
+	digest_register(&m.d);
+
+	return 0;
+}
+device_initcall(md5_digest_register);
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 3/7] add sha1 support

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 lib/Kconfig  |    3 +
 lib/Makefile |    1 +
 lib/sha1.c   |  396 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 400 insertions(+), 0 deletions(-)
 create mode 100644 lib/sha1.c

diff --git a/lib/Kconfig b/lib/Kconfig
index e8776a7..650e86c 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -19,6 +19,9 @@ config MD5
 	bool "MD5"
 	default y
 
+config SHA1
+	bool "SHA1"
+
 endif
 
 config GENERIC_FIND_NEXT_BIT
diff --git a/lib/Makefile b/lib/Makefile
index 6a1fb5d..6f79d03 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -35,3 +35,4 @@ obj-y			+= show_progress.o
 obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
 obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
 obj-$(CONFIG_MD5)	+= md5.o
+obj-$(CONFIG_SHA1)	+= sha1.o
diff --git a/lib/sha1.c b/lib/sha1.c
new file mode 100644
index 0000000..00dcc78
--- /dev/null
+++ b/lib/sha1.c
@@ -0,0 +1,396 @@
+/*
+ *  Heiko Schocher, DENX Software Engineering, hs@denx.de.
+ *  based on:
+ *  FIPS-180-1 compliant SHA-1 implementation
+ *
+ *  Copyright (C) 2003-2006  Christophe Devine
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License, version 2.1 as published by the Free Software Foundation.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA  02110-1301  USA
+ */
+/*
+ *  The SHA-1 standard was published by NIST in 1993.
+ *
+ *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
+ */
+
+#include <common.h>
+#include <digest.h>
+#include <init.h>
+#include <linux/string.h>
+
+#define SHA1_SUM_POS	-0x20
+#define SHA1_SUM_LEN	20
+
+typedef struct
+{
+    unsigned long total[2];	/*!< number of bytes processed	*/
+    unsigned long state[5];	/*!< intermediate digest state	*/
+    unsigned char buffer[64];	/*!< data block being processed */
+}
+sha1_context;
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i) {				\
+	(n) = ( (unsigned long) (b)[(i)    ] << 24 )	\
+	    | ( (unsigned long) (b)[(i) + 1] << 16 )	\
+	    | ( (unsigned long) (b)[(i) + 2] <<  8 )	\
+	    | ( (unsigned long) (b)[(i) + 3]       );	\
+}
+#endif
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i) {				\
+	(b)[(i)    ] = (unsigned char) ( (n) >> 24 );	\
+	(b)[(i) + 1] = (unsigned char) ( (n) >> 16 );	\
+	(b)[(i) + 2] = (unsigned char) ( (n) >>  8 );	\
+	(b)[(i) + 3] = (unsigned char) ( (n)       );	\
+}
+#endif
+
+/*
+ * SHA-1 context setup
+ */
+static void sha1_starts (sha1_context * ctx)
+{
+	ctx->total[0] = 0;
+	ctx->total[1] = 0;
+
+	ctx->state[0] = 0x67452301;
+	ctx->state[1] = 0xEFCDAB89;
+	ctx->state[2] = 0x98BADCFE;
+	ctx->state[3] = 0x10325476;
+	ctx->state[4] = 0xC3D2E1F0;
+}
+
+static void sha1_process (sha1_context * ctx, unsigned char data[64])
+{
+	unsigned long temp, W[16], A, B, C, D, E;
+
+	GET_UINT32_BE (W[0], data, 0);
+	GET_UINT32_BE (W[1], data, 4);
+	GET_UINT32_BE (W[2], data, 8);
+	GET_UINT32_BE (W[3], data, 12);
+	GET_UINT32_BE (W[4], data, 16);
+	GET_UINT32_BE (W[5], data, 20);
+	GET_UINT32_BE (W[6], data, 24);
+	GET_UINT32_BE (W[7], data, 28);
+	GET_UINT32_BE (W[8], data, 32);
+	GET_UINT32_BE (W[9], data, 36);
+	GET_UINT32_BE (W[10], data, 40);
+	GET_UINT32_BE (W[11], data, 44);
+	GET_UINT32_BE (W[12], data, 48);
+	GET_UINT32_BE (W[13], data, 52);
+	GET_UINT32_BE (W[14], data, 56);
+	GET_UINT32_BE (W[15], data, 60);
+
+#define S(x,n)	((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
+
+#define R(t) (						\
+	temp = W[(t -  3) & 0x0F] ^ W[(t - 8) & 0x0F] ^	\
+	       W[(t - 14) & 0x0F] ^ W[ t      & 0x0F],	\
+	( W[t & 0x0F] = S(temp,1) )			\
+)
+
+#define P(a,b,c,d,e,x)	{				\
+	e += S(a,5) + F(b,c,d) + K + x; b = S(b,30);	\
+}
+
+	A = ctx->state[0];
+	B = ctx->state[1];
+	C = ctx->state[2];
+	D = ctx->state[3];
+	E = ctx->state[4];
+
+#define F(x,y,z) (z ^ (x & (y ^ z)))
+#define K 0x5A827999
+
+	P (A, B, C, D, E, W[0]);
+	P (E, A, B, C, D, W[1]);
+	P (D, E, A, B, C, W[2]);
+	P (C, D, E, A, B, W[3]);
+	P (B, C, D, E, A, W[4]);
+	P (A, B, C, D, E, W[5]);
+	P (E, A, B, C, D, W[6]);
+	P (D, E, A, B, C, W[7]);
+	P (C, D, E, A, B, W[8]);
+	P (B, C, D, E, A, W[9]);
+	P (A, B, C, D, E, W[10]);
+	P (E, A, B, C, D, W[11]);
+	P (D, E, A, B, C, W[12]);
+	P (C, D, E, A, B, W[13]);
+	P (B, C, D, E, A, W[14]);
+	P (A, B, C, D, E, W[15]);
+	P (E, A, B, C, D, R (16));
+	P (D, E, A, B, C, R (17));
+	P (C, D, E, A, B, R (18));
+	P (B, C, D, E, A, R (19));
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0x6ED9EBA1
+
+	P (A, B, C, D, E, R (20));
+	P (E, A, B, C, D, R (21));
+	P (D, E, A, B, C, R (22));
+	P (C, D, E, A, B, R (23));
+	P (B, C, D, E, A, R (24));
+	P (A, B, C, D, E, R (25));
+	P (E, A, B, C, D, R (26));
+	P (D, E, A, B, C, R (27));
+	P (C, D, E, A, B, R (28));
+	P (B, C, D, E, A, R (29));
+	P (A, B, C, D, E, R (30));
+	P (E, A, B, C, D, R (31));
+	P (D, E, A, B, C, R (32));
+	P (C, D, E, A, B, R (33));
+	P (B, C, D, E, A, R (34));
+	P (A, B, C, D, E, R (35));
+	P (E, A, B, C, D, R (36));
+	P (D, E, A, B, C, R (37));
+	P (C, D, E, A, B, R (38));
+	P (B, C, D, E, A, R (39));
+
+#undef K
+#undef F
+
+#define F(x,y,z) ((x & y) | (z & (x | y)))
+#define K 0x8F1BBCDC
+
+	P (A, B, C, D, E, R (40));
+	P (E, A, B, C, D, R (41));
+	P (D, E, A, B, C, R (42));
+	P (C, D, E, A, B, R (43));
+	P (B, C, D, E, A, R (44));
+	P (A, B, C, D, E, R (45));
+	P (E, A, B, C, D, R (46));
+	P (D, E, A, B, C, R (47));
+	P (C, D, E, A, B, R (48));
+	P (B, C, D, E, A, R (49));
+	P (A, B, C, D, E, R (50));
+	P (E, A, B, C, D, R (51));
+	P (D, E, A, B, C, R (52));
+	P (C, D, E, A, B, R (53));
+	P (B, C, D, E, A, R (54));
+	P (A, B, C, D, E, R (55));
+	P (E, A, B, C, D, R (56));
+	P (D, E, A, B, C, R (57));
+	P (C, D, E, A, B, R (58));
+	P (B, C, D, E, A, R (59));
+
+#undef K
+#undef F
+
+#define F(x,y,z) (x ^ y ^ z)
+#define K 0xCA62C1D6
+
+	P (A, B, C, D, E, R (60));
+	P (E, A, B, C, D, R (61));
+	P (D, E, A, B, C, R (62));
+	P (C, D, E, A, B, R (63));
+	P (B, C, D, E, A, R (64));
+	P (A, B, C, D, E, R (65));
+	P (E, A, B, C, D, R (66));
+	P (D, E, A, B, C, R (67));
+	P (C, D, E, A, B, R (68));
+	P (B, C, D, E, A, R (69));
+	P (A, B, C, D, E, R (70));
+	P (E, A, B, C, D, R (71));
+	P (D, E, A, B, C, R (72));
+	P (C, D, E, A, B, R (73));
+	P (B, C, D, E, A, R (74));
+	P (A, B, C, D, E, R (75));
+	P (E, A, B, C, D, R (76));
+	P (D, E, A, B, C, R (77));
+	P (C, D, E, A, B, R (78));
+	P (B, C, D, E, A, R (79));
+
+#undef K
+#undef F
+
+	ctx->state[0] += A;
+	ctx->state[1] += B;
+	ctx->state[2] += C;
+	ctx->state[3] += D;
+	ctx->state[4] += E;
+}
+
+/*
+ * SHA-1 process buffer
+ */
+static void sha1_update (sha1_context * ctx, unsigned char *input, int ilen)
+{
+	int fill;
+	unsigned long left;
+
+	if (ilen <= 0)
+		return;
+
+	left = ctx->total[0] & 0x3F;
+	fill = 64 - left;
+
+	ctx->total[0] += ilen;
+	ctx->total[0] &= 0xFFFFFFFF;
+
+	if (ctx->total[0] < (unsigned long) ilen)
+		ctx->total[1]++;
+
+	if (left && ilen >= fill) {
+		memcpy ((void *) (ctx->buffer + left), (void *) input, fill);
+		sha1_process (ctx, ctx->buffer);
+		input += fill;
+		ilen -= fill;
+		left = 0;
+	}
+
+	while (ilen >= 64) {
+		sha1_process (ctx, input);
+		input += 64;
+		ilen -= 64;
+	}
+
+	if (ilen > 0) {
+		memcpy ((void *) (ctx->buffer + left), (void *) input, ilen);
+	}
+}
+
+static const unsigned char sha1_padding[64] = {
+	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+/*
+ * SHA-1 final digest
+ */
+static void sha1_finish (sha1_context * ctx, unsigned char output[20])
+{
+	unsigned long last, padn;
+	unsigned long high, low;
+	unsigned char msglen[8];
+
+	high = (ctx->total[0] >> 29)
+		| (ctx->total[1] << 3);
+	low = (ctx->total[0] << 3);
+
+	PUT_UINT32_BE (high, msglen, 0);
+	PUT_UINT32_BE (low, msglen, 4);
+
+	last = ctx->total[0] & 0x3F;
+	padn = (last < 56) ? (56 - last) : (120 - last);
+
+	sha1_update (ctx, (unsigned char *) sha1_padding, padn);
+	sha1_update (ctx, msglen, 8);
+
+	PUT_UINT32_BE (ctx->state[0], output, 0);
+	PUT_UINT32_BE (ctx->state[1], output, 4);
+	PUT_UINT32_BE (ctx->state[2], output, 8);
+	PUT_UINT32_BE (ctx->state[3], output, 12);
+	PUT_UINT32_BE (ctx->state[4], output, 16);
+}
+
+/*
+ * Output = HMAC-SHA-1( input buffer, hmac key )
+ */
+void sha1_hmac (unsigned char *key, int keylen,
+		unsigned char *input, int ilen, unsigned char output[20])
+{
+	int i;
+	sha1_context ctx;
+	unsigned char k_ipad[64];
+	unsigned char k_opad[64];
+	unsigned char tmpbuf[20];
+
+	memset (k_ipad, 0x36, 64);
+	memset (k_opad, 0x5C, 64);
+
+	for (i = 0; i < keylen; i++) {
+		if (i >= 64)
+			break;
+
+		k_ipad[i] ^= key[i];
+		k_opad[i] ^= key[i];
+	}
+
+	sha1_starts (&ctx);
+	sha1_update (&ctx, k_ipad, 64);
+	sha1_update (&ctx, input, ilen);
+	sha1_finish (&ctx, tmpbuf);
+
+	sha1_starts (&ctx);
+	sha1_update (&ctx, k_opad, 64);
+	sha1_update (&ctx, tmpbuf, 20);
+	sha1_finish (&ctx, output);
+
+	memset (k_ipad, 0, 64);
+	memset (k_opad, 0, 64);
+	memset (tmpbuf, 0, 20);
+	memset (&ctx, 0, sizeof (sha1_context));
+}
+
+struct sha1 {
+	sha1_context context;
+	struct digest d;
+};
+
+static int digest_sha1_init(struct digest *d)
+{
+	struct sha1 *m = container_of(d, struct sha1, d);
+
+	sha1_starts(&m->context);
+
+	return 0;
+}
+
+static int digest_sha1_update(struct digest *d, const void *data,
+			     unsigned long len)
+{
+	struct sha1 *m = container_of(d, struct sha1, d);
+
+	sha1_update(&m->context, (unsigned char*)data, len);
+
+	return 0;
+}
+
+static int digest_sha1_final(struct digest *d, unsigned char *md)
+{
+	struct sha1 *m = container_of(d, struct sha1, d);
+
+	sha1_finish(&m->context, md);
+
+	return 0;
+}
+
+static struct sha1 m = {
+	.d = {
+		.name = "sha1",
+		.init = digest_sha1_init,
+		.update = digest_sha1_update,
+		.final = digest_sha1_final,
+		.length = SHA1_SUM_LEN,
+	}
+};
+
+static int sha1_digest_register(void)
+{
+	digest_register(&m.d);
+
+	return 0;
+}
+device_initcall(sha1_digest_register);
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 4/7] add sha256 support

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 lib/Kconfig  |    3 +
 lib/Makefile |    1 +
 lib/sha256.c |  319 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 323 insertions(+), 0 deletions(-)
 create mode 100644 lib/sha256.c

diff --git a/lib/Kconfig b/lib/Kconfig
index 650e86c..c9eb38f 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -22,6 +22,9 @@ config MD5
 config SHA1
 	bool "SHA1"
 
+config SHA256
+	bool "SHA256"
+
 endif
 
 config GENERIC_FIND_NEXT_BIT
diff --git a/lib/Makefile b/lib/Makefile
index 6f79d03..0c62917 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -36,3 +36,4 @@ obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
 obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
 obj-$(CONFIG_MD5)	+= md5.o
 obj-$(CONFIG_SHA1)	+= sha1.o
+obj-$(CONFIG_SHA256)	+= sha256.o
diff --git a/lib/sha256.c b/lib/sha256.c
new file mode 100644
index 0000000..78064da
--- /dev/null
+++ b/lib/sha256.c
@@ -0,0 +1,319 @@
+/*
+ * FIPS-180-2 compliant SHA-256 implementation
+ *
+ * Copyright (C) 2001-2003  Christophe Devine
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <common.h>
+#include <digest.h>
+#include <init.h>
+#include <linux/string.h>
+
+#define SHA256_SUM_LEN	32
+
+typedef struct {
+	uint32_t total[2];
+	uint32_t state[8];
+	uint8_t buffer[64];
+} sha256_context;
+
+/*
+ * 32-bit integer manipulation macros (big endian)
+ */
+#ifndef GET_UINT32_BE
+#define GET_UINT32_BE(n,b,i) {				\
+	(n) = ( (unsigned long) (b)[(i)    ] << 24 )	\
+	    | ( (unsigned long) (b)[(i) + 1] << 16 )	\
+	    | ( (unsigned long) (b)[(i) + 2] <<  8 )	\
+	    | ( (unsigned long) (b)[(i) + 3]       );	\
+}
+#endif
+#ifndef PUT_UINT32_BE
+#define PUT_UINT32_BE(n,b,i) {				\
+	(b)[(i)    ] = (unsigned char) ( (n) >> 24 );	\
+	(b)[(i) + 1] = (unsigned char) ( (n) >> 16 );	\
+	(b)[(i) + 2] = (unsigned char) ( (n) >>  8 );	\
+	(b)[(i) + 3] = (unsigned char) ( (n)       );	\
+}
+#endif
+
+static void sha256_starts(sha256_context * ctx)
+{
+	ctx->total[0] = 0;
+	ctx->total[1] = 0;
+
+	ctx->state[0] = 0x6A09E667;
+	ctx->state[1] = 0xBB67AE85;
+	ctx->state[2] = 0x3C6EF372;
+	ctx->state[3] = 0xA54FF53A;
+	ctx->state[4] = 0x510E527F;
+	ctx->state[5] = 0x9B05688C;
+	ctx->state[6] = 0x1F83D9AB;
+	ctx->state[7] = 0x5BE0CD19;
+}
+
+static void sha256_process(sha256_context * ctx, uint8_t data[64])
+{
+	uint32_t temp1, temp2;
+	uint32_t W[64];
+	uint32_t A, B, C, D, E, F, G, H;
+
+	GET_UINT32_BE(W[0], data, 0);
+	GET_UINT32_BE(W[1], data, 4);
+	GET_UINT32_BE(W[2], data, 8);
+	GET_UINT32_BE(W[3], data, 12);
+	GET_UINT32_BE(W[4], data, 16);
+	GET_UINT32_BE(W[5], data, 20);
+	GET_UINT32_BE(W[6], data, 24);
+	GET_UINT32_BE(W[7], data, 28);
+	GET_UINT32_BE(W[8], data, 32);
+	GET_UINT32_BE(W[9], data, 36);
+	GET_UINT32_BE(W[10], data, 40);
+	GET_UINT32_BE(W[11], data, 44);
+	GET_UINT32_BE(W[12], data, 48);
+	GET_UINT32_BE(W[13], data, 52);
+	GET_UINT32_BE(W[14], data, 56);
+	GET_UINT32_BE(W[15], data, 60);
+
+#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
+#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
+
+#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
+#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
+
+#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
+#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
+
+#define F0(x,y,z) ((x & y) | (z & (x | y)))
+#define F1(x,y,z) (z ^ (x & (y ^ z)))
+
+#define R(t)					\
+(						\
+	W[t] = S1(W[t - 2]) + W[t - 7] +	\
+		S0(W[t - 15]) + W[t - 16]	\
+)
+
+#define P(a,b,c,d,e,f,g,h,x,K) {		\
+	temp1 = h + S3(e) + F1(e,f,g) + K + x;	\
+	temp2 = S2(a) + F0(a,b,c);		\
+	d += temp1; h = temp1 + temp2;		\
+}
+
+	A = ctx->state[0];
+	B = ctx->state[1];
+	C = ctx->state[2];
+	D = ctx->state[3];
+	E = ctx->state[4];
+	F = ctx->state[5];
+	G = ctx->state[6];
+	H = ctx->state[7];
+
+	P(A, B, C, D, E, F, G, H, W[0], 0x428A2F98);
+	P(H, A, B, C, D, E, F, G, W[1], 0x71374491);
+	P(G, H, A, B, C, D, E, F, W[2], 0xB5C0FBCF);
+	P(F, G, H, A, B, C, D, E, W[3], 0xE9B5DBA5);
+	P(E, F, G, H, A, B, C, D, W[4], 0x3956C25B);
+	P(D, E, F, G, H, A, B, C, W[5], 0x59F111F1);
+	P(C, D, E, F, G, H, A, B, W[6], 0x923F82A4);
+	P(B, C, D, E, F, G, H, A, W[7], 0xAB1C5ED5);
+	P(A, B, C, D, E, F, G, H, W[8], 0xD807AA98);
+	P(H, A, B, C, D, E, F, G, W[9], 0x12835B01);
+	P(G, H, A, B, C, D, E, F, W[10], 0x243185BE);
+	P(F, G, H, A, B, C, D, E, W[11], 0x550C7DC3);
+	P(E, F, G, H, A, B, C, D, W[12], 0x72BE5D74);
+	P(D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE);
+	P(C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7);
+	P(B, C, D, E, F, G, H, A, W[15], 0xC19BF174);
+	P(A, B, C, D, E, F, G, H, R(16), 0xE49B69C1);
+	P(H, A, B, C, D, E, F, G, R(17), 0xEFBE4786);
+	P(G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6);
+	P(F, G, H, A, B, C, D, E, R(19), 0x240CA1CC);
+	P(E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F);
+	P(D, E, F, G, H, A, B, C, R(21), 0x4A7484AA);
+	P(C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC);
+	P(B, C, D, E, F, G, H, A, R(23), 0x76F988DA);
+	P(A, B, C, D, E, F, G, H, R(24), 0x983E5152);
+	P(H, A, B, C, D, E, F, G, R(25), 0xA831C66D);
+	P(G, H, A, B, C, D, E, F, R(26), 0xB00327C8);
+	P(F, G, H, A, B, C, D, E, R(27), 0xBF597FC7);
+	P(E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3);
+	P(D, E, F, G, H, A, B, C, R(29), 0xD5A79147);
+	P(C, D, E, F, G, H, A, B, R(30), 0x06CA6351);
+	P(B, C, D, E, F, G, H, A, R(31), 0x14292967);
+	P(A, B, C, D, E, F, G, H, R(32), 0x27B70A85);
+	P(H, A, B, C, D, E, F, G, R(33), 0x2E1B2138);
+	P(G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC);
+	P(F, G, H, A, B, C, D, E, R(35), 0x53380D13);
+	P(E, F, G, H, A, B, C, D, R(36), 0x650A7354);
+	P(D, E, F, G, H, A, B, C, R(37), 0x766A0ABB);
+	P(C, D, E, F, G, H, A, B, R(38), 0x81C2C92E);
+	P(B, C, D, E, F, G, H, A, R(39), 0x92722C85);
+	P(A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1);
+	P(H, A, B, C, D, E, F, G, R(41), 0xA81A664B);
+	P(G, H, A, B, C, D, E, F, R(42), 0xC24B8B70);
+	P(F, G, H, A, B, C, D, E, R(43), 0xC76C51A3);
+	P(E, F, G, H, A, B, C, D, R(44), 0xD192E819);
+	P(D, E, F, G, H, A, B, C, R(45), 0xD6990624);
+	P(C, D, E, F, G, H, A, B, R(46), 0xF40E3585);
+	P(B, C, D, E, F, G, H, A, R(47), 0x106AA070);
+	P(A, B, C, D, E, F, G, H, R(48), 0x19A4C116);
+	P(H, A, B, C, D, E, F, G, R(49), 0x1E376C08);
+	P(G, H, A, B, C, D, E, F, R(50), 0x2748774C);
+	P(F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5);
+	P(E, F, G, H, A, B, C, D, R(52), 0x391C0CB3);
+	P(D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A);
+	P(C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F);
+	P(B, C, D, E, F, G, H, A, R(55), 0x682E6FF3);
+	P(A, B, C, D, E, F, G, H, R(56), 0x748F82EE);
+	P(H, A, B, C, D, E, F, G, R(57), 0x78A5636F);
+	P(G, H, A, B, C, D, E, F, R(58), 0x84C87814);
+	P(F, G, H, A, B, C, D, E, R(59), 0x8CC70208);
+	P(E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA);
+	P(D, E, F, G, H, A, B, C, R(61), 0xA4506CEB);
+	P(C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7);
+	P(B, C, D, E, F, G, H, A, R(63), 0xC67178F2);
+
+	ctx->state[0] += A;
+	ctx->state[1] += B;
+	ctx->state[2] += C;
+	ctx->state[3] += D;
+	ctx->state[4] += E;
+	ctx->state[5] += F;
+	ctx->state[6] += G;
+	ctx->state[7] += H;
+}
+
+static void sha256_update(sha256_context * ctx, uint8_t * input, uint32_t length)
+{
+	uint32_t left, fill;
+
+	if (!length)
+		return;
+
+	left = ctx->total[0] & 0x3F;
+	fill = 64 - left;
+
+	ctx->total[0] += length;
+	ctx->total[0] &= 0xFFFFFFFF;
+
+	if (ctx->total[0] < length)
+		ctx->total[1]++;
+
+	if (left && length >= fill) {
+		memcpy((void *) (ctx->buffer + left), (void *) input, fill);
+		sha256_process(ctx, ctx->buffer);
+		length -= fill;
+		input += fill;
+		left = 0;
+	}
+
+	while (length >= 64) {
+		sha256_process(ctx, input);
+		length -= 64;
+		input += 64;
+	}
+
+	if (length)
+		memcpy((void *) (ctx->buffer + left), (void *) input, length);
+}
+
+static uint8_t sha256_padding[64] = {
+	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	   0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
+};
+
+static void sha256_finish(sha256_context * ctx, uint8_t digest[32])
+{
+	uint32_t last, padn;
+	uint32_t high, low;
+	uint8_t msglen[8];
+
+	high = ((ctx->total[0] >> 29)
+		| (ctx->total[1] << 3));
+	low = (ctx->total[0] << 3);
+
+	PUT_UINT32_BE(high, msglen, 0);
+	PUT_UINT32_BE(low, msglen, 4);
+
+	last = ctx->total[0] & 0x3F;
+	padn = (last < 56) ? (56 - last) : (120 - last);
+
+	sha256_update(ctx, sha256_padding, padn);
+	sha256_update(ctx, msglen, 8);
+
+	PUT_UINT32_BE(ctx->state[0], digest, 0);
+	PUT_UINT32_BE(ctx->state[1], digest, 4);
+	PUT_UINT32_BE(ctx->state[2], digest, 8);
+	PUT_UINT32_BE(ctx->state[3], digest, 12);
+	PUT_UINT32_BE(ctx->state[4], digest, 16);
+	PUT_UINT32_BE(ctx->state[5], digest, 20);
+	PUT_UINT32_BE(ctx->state[6], digest, 24);
+	PUT_UINT32_BE(ctx->state[7], digest, 28);
+}
+
+struct sha256 {
+	sha256_context context;
+	struct digest d;
+};
+
+static int digest_sha256_init(struct digest *d)
+{
+	struct sha256 *m = container_of(d, struct sha256, d);
+
+	sha256_starts(&m->context);
+
+	return 0;
+}
+
+static int digest_sha256_update(struct digest *d, const void *data,
+				unsigned long len)
+{
+	struct sha256 *m = container_of(d, struct sha256, d);
+
+	sha256_update(&m->context, (uint8_t *)data, len);
+
+	return 0;
+}
+
+static int digest_sha256_final(struct digest *d, unsigned char *md)
+{
+	struct sha256 *m = container_of(d, struct sha256, d);
+
+	sha256_finish(&m->context, md);
+
+	return 0;
+}
+
+static struct sha256 m = {
+	.d = {
+		.name = "sha256",
+		.init = digest_sha256_init,
+		.update = digest_sha256_update,
+		.final = digest_sha256_final,
+		.length = SHA256_SUM_LEN,
+	}
+};
+
+static int sha256_digest_register(void)
+{
+	digest_register(&m.d);
+
+	return 0;
+}
+device_initcall(sha256_digest_register);
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 5/7] add password framework

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 common/Kconfig     |   28 +++++
 common/Makefile    |    1 +
 common/password.c  |  286 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 include/password.h |   41 ++++++++
 4 files changed, 356 insertions(+), 0 deletions(-)
 create mode 100644 common/password.c
 create mode 100644 include/password.h

diff --git a/common/Kconfig b/common/Kconfig
index 6556c62..ad70cde 100644
--- a/common/Kconfig
+++ b/common/Kconfig
@@ -264,6 +264,34 @@ config MENU
 	   a menu framework that allow us to create list menu to simplify
 	   barebox and make it more user-frendly
 
+config PASSWORD
+	bool
+	prompt "Password Framework"
+	select DIGEST
+	help
+	  allow you to have password protection framework
+
+if PASSWORD
+
+choice
+	prompt "passwd checksum"
+
+config PASSWD_SUM_MD5
+	bool "MD5"
+	select MD5
+
+config PASSWD_SUM_SHA1
+	bool "SHA1"
+	select SHA1
+
+config PASSWD_SUM_SHA256
+	bool "SHA256"
+	select SHA256
+
+endchoice
+
+endif
+
 config DYNAMIC_CRC_TABLE
 	bool
 	depends on CRC32
diff --git a/common/Makefile b/common/Makefile
index b087e3d..6e1c4c2 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -17,6 +17,7 @@ obj-y += startup.o
 obj-y += misc.o
 obj-y += memsize.o
 obj-$(CONFIG_MENU) += menu.o
+obj-$(CONFIG_PASSWORD) += password.o
 obj-$(CONFIG_MODULES) += module.o
 extra-$(CONFIG_MODULES) += module.lds
 
diff --git a/common/password.c b/common/password.c
new file mode 100644
index 0000000..cf36970
--- /dev/null
+++ b/common/password.c
@@ -0,0 +1,286 @@
+/*
+ * Copyright (c) 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <common.h>
+#include <password.h>
+#include <errno.h>
+#include <readkey.h>
+#include <fs.h>
+#include <fcntl.h>
+#include <digest.h>
+#include <malloc.h>
+#include <xfuncs.h>
+
+#if defined(CONFIG_PASSWD_SUM_MD5)
+#define PASSWD_SUM "md5"
+#elif defined(CONFIG_PASSWD_SUM_SHA1)
+#define PASSWD_SUM "sha1"
+#elif defined(CONFIG_PASSWD_SUM_SHA256)
+#define PASSWD_SUM "sha256"
+#endif
+
+int password(unsigned char *passwd, size_t length, int flags)
+{
+	unsigned char *buf = passwd;
+	int pos = 0;
+	unsigned char ch;
+
+	if (!passwd)
+		return -EINVAL;
+
+	do {
+		ch = getc();
+
+		switch (ch) {
+		case '\r':
+		case '\n':
+			*buf = '\0';
+			puts("\r\n");
+			return pos;
+		case '\0':
+		case '\t':
+			continue;
+		case CTL_CH('c'):
+			passwd[0] = '\0';
+			puts("\r\n");
+			return 0;
+		case CTL_CH('h'):
+		case KEY_DEL7:
+		case KEY_DEL:
+			if (flags & STAR && pos > 0)
+				puts("\b \b");
+			*buf = '\0';
+			buf--;
+			pos--;
+			continue;
+		default:
+			if (pos < length - 1) {
+				if (flags & STAR)
+					putchar('*');
+				else if (flags & CLEAR)
+					putchar(ch);
+
+				*buf = ch;
+				buf++;
+				pos++;
+			} else {
+				if (flags & STAR)
+					putchar('\a');
+			}
+		}
+	} while(1);
+}
+
+int is_passwd_enable(void)
+{
+	int fd;
+
+	fd = open(PASSWD_FILE, O_RDONLY);
+
+	if (fd < 0)
+		return 0;
+
+	close(fd);
+
+	return 1;
+}
+
+int passwd_disable(void)
+{
+	return unlink(PASSWD_FILE);
+}
+
+static unsigned char to_digit(unsigned char c)
+{
+	if (c >= '0' && c <= '9')
+		c -= '0';
+	else
+		c -= 'a' - 10;
+
+	return c;
+}
+
+static unsigned char to_hexa(unsigned char c)
+{
+	if (c < 10)
+		c += '0';
+	else
+		c += 'a' - 10;
+
+	return c;
+}
+
+int read_passwd(unsigned char *sum, size_t length)
+{
+	int fd;
+	int ret = 0;
+	unsigned char c;
+
+	if (!sum && length < 1)
+		return -EINVAL;
+
+	fd = open(PASSWD_FILE, O_RDONLY);
+
+	if (fd < 0)
+		return fd;
+
+	do {
+		ret = read(fd, &c, sizeof(char));
+
+		if (ret < 0)
+			goto exit;
+
+		*sum = to_digit(c) << 4;
+
+		ret = read(fd, &c, sizeof(char));
+
+		if (ret < 0)
+			goto exit;
+
+		*sum |= to_digit(c);
+		sum++;
+		length--;
+	} while(length > 0);
+
+exit:
+
+	ret = 0;
+
+	close(fd);
+
+	return ret;
+}
+
+int write_passwd(unsigned char *sum, size_t length)
+{
+	int fd;
+	unsigned char c;
+	int ret = 0;
+
+	if (!sum && length < 1)
+		return -EINVAL;
+
+	fd = open(PASSWD_DIR, O_RDONLY);
+
+	if (fd < 0)
+		mkdir(PASSWD_DIR, 644);
+
+	close(fd);
+
+	fd = open(PASSWD_FILE, O_WRONLY | O_CREAT, 600);
+
+	if (fd < 0)
+		return fd;
+
+	do {
+		c = to_hexa(*sum >> 4 & 0xf);
+
+		ret = write(fd, &c, sizeof(unsigned char));
+
+		if (ret < 0)
+			goto exit;
+
+		c = to_hexa(*sum & 0xf);
+
+		ret = write(fd, &c, sizeof(unsigned char));
+
+		if (ret < 0)
+			goto exit;
+
+		sum++;
+		length--;
+	} while(length > 0);
+
+	ret = 0;
+
+exit:
+	close(fd);
+
+	return ret;
+}
+
+int check_passwd(unsigned char* passwd, size_t length)
+{
+	struct digest *d;
+	unsigned char *passwd1_sum;
+	unsigned char *passwd2_sum;
+	int ret = 0;
+
+	d = digest_get_by_name(PASSWD_SUM);
+
+	passwd1_sum = calloc(d->length, sizeof(unsigned char));
+
+	if (!passwd1_sum)
+		return -ENOMEM;
+
+	passwd2_sum = calloc(d->length, sizeof(unsigned char));
+
+	if (!passwd2_sum) {
+		ret = -ENOMEM;
+		goto err1;
+	}
+
+	d->init(d);
+
+	d->update(d, passwd, length);
+
+	d->final(d, passwd1_sum);
+
+	ret = read_passwd(passwd2_sum, d->length);
+
+	if (ret < 0)
+		goto err2;
+
+	if (strncmp(passwd1_sum, passwd2_sum, d->length) == 0)
+		ret = 1;
+
+err2:
+	free(passwd2_sum);
+err1:
+	free(passwd1_sum);
+
+	return ret;
+}
+
+int set_passwd(unsigned char* passwd, size_t length)
+{
+	struct digest *d;
+	unsigned char *passwd_sum;
+	int ret;
+
+	d = digest_get_by_name(PASSWD_SUM);
+
+	passwd_sum = calloc(d->length, sizeof(unsigned char));
+
+	if (!passwd_sum)
+		return -ENOMEM;
+
+	d->init(d);
+
+	d->update(d, passwd, length);
+
+	d->final(d, passwd_sum);
+
+	ret = write_passwd(passwd_sum, d->length);
+
+	free(passwd_sum);
+
+	return ret;
+}
diff --git a/include/password.h b/include/password.h
new file mode 100644
index 0000000..32301eb
--- /dev/null
+++ b/include/password.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef __PASSWORD_H__
+#define __PASSWORD_H__
+
+#define PASSWD_FILE		"/env/etc/passwd"
+#define PASSWD_DIR		"/env/etc/"
+
+#define HIDE	(0 << 0)
+#define STAR	(1 << 1)
+#define CLEAR	(1 << 2)
+
+int password(unsigned char *passwd, size_t length, int flags);
+
+int read_passwd(unsigned char *sum, size_t length);
+int write_passwd(unsigned char *sum, size_t length);
+
+int is_passwd_enable(void);
+int passwd_disable(void);
+int check_passwd(unsigned char* passwd, size_t length);
+int set_passwd(unsigned char* passwd, size_t length);
+
+#endif /* __PASSWORD_H__ */
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 6/7] add passwd command

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 commands/Kconfig  |   23 ++++++++++++
 commands/Makefile |    1 +
 commands/passwd.c |   98 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 122 insertions(+), 0 deletions(-)
 create mode 100644 commands/passwd.c

diff --git a/commands/Kconfig b/commands/Kconfig
index 57c9b75..0c9a6ef 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -60,6 +60,29 @@ config CMD_MENU_MANAGEMENT
 	depends on CMD_MENU
 	prompt "menu scripts management"
 
+config CMD_PASSWD
+	tristate
+	select PASSWORD
+	prompt "passwd"
+
+if CMD_PASSWD
+
+choice
+	prompt "passwd mode"
+
+config PASSWD_MODE_HIDE
+	bool "Hide"
+
+config PASSWD_MODE_STAR
+	bool "Star"
+
+config PASSWD_MODE_CLEAR
+	bool "Clear"
+
+endchoice
+
+endif
+
 endmenu
 
 menu "file commands                 "
diff --git a/commands/Makefile b/commands/Makefile
index 154a778..3012e65 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -51,3 +51,4 @@ obj-$(CONFIG_CMD_UNLZO)		+= unlzo.o
 obj-$(CONFIG_CMD_I2C)		+= i2c.o
 obj-$(CONFIG_CMD_UBI)		+= ubi.o
 obj-$(CONFIG_CMD_MENU)		+= menu.o
+obj-$(CONFIG_CMD_PASSWD)	+= passwd.o
diff --git a/commands/passwd.c b/commands/passwd.c
new file mode 100644
index 0000000..9435091
--- /dev/null
+++ b/commands/passwd.c
@@ -0,0 +1,98 @@
+/*
+ * Copyright (c) 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <common.h>
+#include <command.h>
+#include <password.h>
+#include <errno.h>
+
+#define PASSWD_MAX_LENGTH	(128 + 1)
+
+#if defined(CONFIG_PASSWD_MODE_STAR)
+#define PASSWD_MODE STAR
+#elif defined(CONFIG_PASSWD_MODE_CLEAR)
+#define PASSWD_MODE CLEAR
+#else
+#define PASSWD_MODE HIDE
+#endif
+
+static int do_passwd(struct command *cmdtp, int argc, char *argv[])
+{
+	unsigned char passwd2[PASSWD_MAX_LENGTH];
+	unsigned char passwd1[PASSWD_MAX_LENGTH];
+	int passwd1_len;
+	int passwd2_len;
+	int ret = 1;
+
+	puts("Enter new password: ");
+	passwd1_len = password(passwd1, PASSWD_MAX_LENGTH, PASSWD_MODE);
+
+	if (passwd1_len < 0)
+		return 1;
+
+	puts("Retype new password: ");
+	passwd2_len = password(passwd2, PASSWD_MAX_LENGTH, PASSWD_MODE);
+
+	if (passwd2_len < 0)
+		return 1;
+
+	if (passwd2_len != passwd1_len) {
+		goto err;
+	} else {
+		if (passwd1_len == 0) {
+			ret = 0;
+			goto disable;
+		}
+
+		if (strncmp(passwd1, passwd2, passwd1_len) != 0)
+			goto err;
+	}
+
+	ret = set_passwd(passwd1, passwd1_len);
+
+	if (ret < 0) {
+		puts("Sorry, passwords write failed\n");
+		ret = 1;
+		goto disable;
+	}
+
+	return 0;
+err:
+	puts("Sorry, passwords do not match\n");
+	puts("passwd: password unchanged\n");
+	return 1;
+
+disable:
+	passwd_disable();
+	puts("passwd: password disabled\n");
+	return ret;
+}
+
+static const __maybe_unused char cmd_passwd_help[] =
+"Usage: passwd\n"
+"passwd allow you to specify a password\n"
+"to disable it put an empty password\n"
+;
+
+BAREBOX_CMD_START(passwd)
+	.cmd		= do_passwd,
+	.usage		= "passwd",
+	BAREBOX_CMD_HELP(cmd_passwd_help)
+BAREBOX_CMD_END
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[PATCH 7/7] add login support

[Jean-Christophe PLAGNIOL-VILLARD]

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
---
 commands/Kconfig  |    9 ++++++-
 commands/Makefile |    1 +
 commands/login.c  |   63 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 2 deletions(-)
 create mode 100644 commands/login.c

diff --git a/commands/Kconfig b/commands/Kconfig
index 0c9a6ef..2649eeb 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -60,12 +60,17 @@ config CMD_MENU_MANAGEMENT
 	depends on CMD_MENU
 	prompt "menu scripts management"
 
-config CMD_PASSWD
+config CMD_LOGIN
 	tristate
 	select PASSWORD
+	prompt "login"
+
+config CMD_PASSWD
+	tristate
+	select CMD_LOGIN
 	prompt "passwd"
 
-if CMD_PASSWD
+if CMD_LOGIN || CMD_PASSWD
 
 choice
 	prompt "passwd mode"
diff --git a/commands/Makefile b/commands/Makefile
index 3012e65..ca30b5f 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -52,3 +52,4 @@ obj-$(CONFIG_CMD_I2C)		+= i2c.o
 obj-$(CONFIG_CMD_UBI)		+= ubi.o
 obj-$(CONFIG_CMD_MENU)		+= menu.o
 obj-$(CONFIG_CMD_PASSWD)	+= passwd.o
+obj-$(CONFIG_CMD_LOGIN)		+= login.o
diff --git a/commands/login.c b/commands/login.c
new file mode 100644
index 0000000..7d99b73
--- /dev/null
+++ b/commands/login.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2008-2010 Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
+ *
+ * See file CREDITS for list of people who contributed to this
+ * project.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <common.h>
+#include <command.h>
+#include <password.h>
+
+#define PASSWD_MAX_LENGTH	(128 + 1)
+
+#if defined(CONFIG_PASSWD_MODE_STAR)
+#define LOGIN_MODE STAR
+#elif defined(CONFIG_PASSWD_MODE_CLEAR)
+#define LOGIN_MODE CLEAR
+#else
+#define LOGIN_MODE HIDE
+#endif
+
+static int do_login(struct command *cmdtp, int argc, char *argv[])
+{
+	unsigned char passwd[PASSWD_MAX_LENGTH];
+	int passwd_len;
+
+	if (!is_passwd_enable()) {
+		puts("login: password not set\n");
+		return 0;
+	}
+
+	do {
+		puts("Password: ");
+		passwd_len = password(passwd, PASSWD_MAX_LENGTH, LOGIN_MODE);
+
+		if (check_passwd(passwd, passwd_len))
+			return 0;
+	} while(1);
+
+	return 0;
+}
+
+static const __maybe_unused char cmd_login_help[] =
+"";
+
+BAREBOX_CMD_START(login)
+	.cmd		= do_login,
+	.usage		= "login",
+	BAREBOX_CMD_HELP(cmd_login_help)
+BAREBOX_CMD_END
-- 
1.7.1


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 0/7] Digest and login/password Frameworks

[Jean-Christophe PLAGNIOL-VILLARD]

On 15:55 Thu 09 Sep     , Jean-Christophe PLAGNIOL-VILLARD wrote:
> Hi,
> 
> 	this patch serie will introduce the support
> 	of 2 frameworks
> 
> 	Digest Framework
> 
> 	Which allow you to add easely digest algo
> 	with md5, sha1, sha256
> 
> 	Login/Passwd Framework
> 
> 	It will allow you to protect your barebox with a password
> 	and require it via login command or manange it via passwd
> 	This framework use the Digest framework to calculate the checksum
> 	to store the password
The following changes since commit 0d35c3c8a0c2a1f1ff06eac20a12af0186753bc4:

  menu: simplify usage for clients (2010-08-30 21:06:02 +0200)

are available in the git repository at:
  git://git.jcrosoft.org/barebox.git login_passwd

Jean-Christophe PLAGNIOL-VILLARD (7):
      add digest framework
      add md5 support
      add sha1 support
      add sha256 support
      add password framework
      add passwd command
      add login support

 commands/Kconfig   |   28 ++++
 commands/Makefile  |    2 +
 commands/login.c   |   63 +++++++++
 commands/passwd.c  |   98 +++++++++++++
 common/Kconfig     |   28 ++++
 common/Makefile    |    2 +
 common/digest.c    |   77 ++++++++++
 common/password.c  |  286 +++++++++++++++++++++++++++++++++++++
 include/digest.h   |   49 +++++++
 include/password.h |   41 ++++++
 lib/Kconfig        |   17 +++
 lib/Makefile       |    3 +
 lib/md5.c          |  317 +++++++++++++++++++++++++++++++++++++++++
 lib/sha1.c         |  396 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 lib/sha256.c       |  319 ++++++++++++++++++++++++++++++++++++++++++
 15 files changed, 1726 insertions(+), 0 deletions(-)
 create mode 100644 commands/login.c
 create mode 100644 commands/passwd.c
 create mode 100644 common/digest.c
 create mode 100644 common/password.c
 create mode 100644 include/digest.h
 create mode 100644 include/password.h
 create mode 100644 lib/md5.c
 create mode 100644 lib/sha1.c
 create mode 100644 lib/sha256.c

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 2/7] add md5 support

[Sascha Hauer]

On Thu, Sep 09, 2010 at 03:59:48PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> ---
>  lib/Kconfig  |    4 +
>  lib/Makefile |    1 +
>  lib/md5.c    |  317 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 322 insertions(+), 0 deletions(-)
>  create mode 100644 lib/md5.c
> 
> diff --git a/lib/Kconfig b/lib/Kconfig
> index a571ba8..e8776a7 100644
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -15,6 +15,10 @@ menuconfig DIGEST
>  
>  if DIGEST
>  
> +config MD5
> +	bool "MD5"
> +	default y

Please no default y here.

Sascha

> +
>  endif
>  
>  config GENERIC_FIND_NEXT_BIT
> diff --git a/lib/Makefile b/lib/Makefile
> index 8c5df08..6a1fb5d 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -34,3 +34,4 @@ obj-y			+= lzo/
>  obj-y			+= show_progress.o
>  obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
>  obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
> +obj-$(CONFIG_MD5)	+= md5.o
> diff --git a/lib/md5.c b/lib/md5.c
> new file mode 100644
> index 0000000..6c4ca1d
> --- /dev/null
> +++ b/lib/md5.c
> @@ -0,0 +1,317 @@
> +/*
> + * This file was transplanted with slight modifications from Linux sources
> + * (fs/cifs/md5.c) into U-Boot by Bartlomiej Sieka <tur@semihalf.com>.
> + */
> +
> +/*
> + * This code implements the MD5 message-digest algorithm.
> + * The algorithm is due to Ron Rivest.  This code was
> + * written by Colin Plumb in 1993, no copyright is claimed.
> + * This code is in the public domain; do with it what you wish.
> + *
> + * Equivalent code is available from RSA Data Security, Inc.
> + * This code has been tested against that, and is equivalent,
> + * except that you don't need to include two pages of legalese
> + * with every copy.
> + *
> + * To compute the message digest of a chunk of bytes, declare an
> + * MD5Context structure, pass it to MD5Init, call MD5Update as
> + * needed on buffers full of bytes, and then call MD5Final, which
> + * will fill a supplied 16-byte array with the digest.
> + */
> +
> +/* This code slightly modified to fit into Samba by
> +   abartlet@samba.org Jun 2001
> +   and to fit the cifs vfs by
> +   Steve French sfrench@us.ibm.com */
> +
> +#include <common.h>
> +#include <digest.h>
> +#include <init.h>
> +
> +struct MD5Context {
> +	__u32 buf[4];
> +	__u32 bits[2];
> +	unsigned char in[64];
> +};
> +
> +static void
> +MD5Transform(__u32 buf[4], __u32 const in[16]);
> +
> +/*
> + * Note: this code is harmless on little-endian machines.
> + */
> +static void
> +byteReverse(unsigned char *buf, unsigned longs)
> +{
> +	__u32 t;
> +	do {
> +		t = (__u32) ((unsigned) buf[3] << 8 | buf[2]) << 16 |
> +		    ((unsigned) buf[1] << 8 | buf[0]);
> +		*(__u32 *) buf = t;
> +		buf += 4;
> +	} while (--longs);
> +}
> +
> +/*
> + * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
> + * initialization constants.
> + */
> +static void
> +MD5Init(struct MD5Context *ctx)
> +{
> +	ctx->buf[0] = 0x67452301;
> +	ctx->buf[1] = 0xefcdab89;
> +	ctx->buf[2] = 0x98badcfe;
> +	ctx->buf[3] = 0x10325476;
> +
> +	ctx->bits[0] = 0;
> +	ctx->bits[1] = 0;
> +}
> +
> +/*
> + * Update context to reflect the concatenation of another buffer full
> + * of bytes.
> + */
> +static void
> +MD5Update(struct MD5Context *ctx, unsigned char const *buf, unsigned len)
> +{
> +	register __u32 t;
> +
> +	/* Update bitcount */
> +
> +	t = ctx->bits[0];
> +	if ((ctx->bits[0] = t + ((__u32) len << 3)) < t)
> +		ctx->bits[1]++;	/* Carry from low to high */
> +	ctx->bits[1] += len >> 29;
> +
> +	t = (t >> 3) & 0x3f;	/* Bytes already in shsInfo->data */
> +
> +	/* Handle any leading odd-sized chunks */
> +
> +	if (t) {
> +		unsigned char *p = (unsigned char *) ctx->in + t;
> +
> +		t = 64 - t;
> +		if (len < t) {
> +			memmove(p, buf, len);
> +			return;
> +		}
> +		memmove(p, buf, t);
> +		byteReverse(ctx->in, 16);
> +		MD5Transform(ctx->buf, (__u32 *) ctx->in);
> +		buf += t;
> +		len -= t;
> +	}
> +	/* Process data in 64-byte chunks */
> +
> +	while (len >= 64) {
> +		memmove(ctx->in, buf, 64);
> +		byteReverse(ctx->in, 16);
> +		MD5Transform(ctx->buf, (__u32 *) ctx->in);
> +		buf += 64;
> +		len -= 64;
> +	}
> +
> +	/* Handle any remaining bytes of data. */
> +
> +	memmove(ctx->in, buf, len);
> +}
> +
> +/*
> + * Final wrapup - pad to 64-byte boundary with the bit pattern
> + * 1 0* (64-bit count of bits processed, MSB-first)
> + */
> +static void
> +MD5Final(unsigned char digest[16], struct MD5Context *ctx)
> +{
> +	unsigned int count;
> +	unsigned char *p;
> +
> +	/* Compute number of bytes mod 64 */
> +	count = (ctx->bits[0] >> 3) & 0x3F;
> +
> +	/* Set the first char of padding to 0x80.  This is safe since there is
> +	   always at least one byte free */
> +	p = ctx->in + count;
> +	*p++ = 0x80;
> +
> +	/* Bytes of padding needed to make 64 bytes */
> +	count = 64 - 1 - count;
> +
> +	/* Pad out to 56 mod 64 */
> +	if (count < 8) {
> +		/* Two lots of padding:  Pad the first block to 64 bytes */
> +		memset(p, 0, count);
> +		byteReverse(ctx->in, 16);
> +		MD5Transform(ctx->buf, (__u32 *) ctx->in);
> +
> +		/* Now fill the next block with 56 bytes */
> +		memset(ctx->in, 0, 56);
> +	} else {
> +		/* Pad block to 56 bytes */
> +		memset(p, 0, count - 8);
> +	}
> +	byteReverse(ctx->in, 14);
> +
> +	/* Append length in bits and transform */
> +	((__u32 *) ctx->in)[14] = ctx->bits[0];
> +	((__u32 *) ctx->in)[15] = ctx->bits[1];
> +
> +	MD5Transform(ctx->buf, (__u32 *) ctx->in);
> +	byteReverse((unsigned char *) ctx->buf, 4);
> +	memmove(digest, ctx->buf, 16);
> +	memset(ctx, 0, sizeof(*ctx));	/* In case it's sensitive */
> +}
> +
> +/* The four core functions - F1 is optimized somewhat */
> +
> +/* #define F1(x, y, z) (x & y | ~x & z) */
> +#define F1(x, y, z) (z ^ (x & (y ^ z)))
> +#define F2(x, y, z) F1(z, x, y)
> +#define F3(x, y, z) (x ^ y ^ z)
> +#define F4(x, y, z) (y ^ (x | ~z))
> +
> +/* This is the central step in the MD5 algorithm. */
> +#define MD5STEP(f, w, x, y, z, data, s) \
> +	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
> +
> +/*
> + * The core of the MD5 algorithm, this alters an existing MD5 hash to
> + * reflect the addition of 16 longwords of new data.  MD5Update blocks
> + * the data and converts bytes into longwords for this routine.
> + */
> +static void
> +MD5Transform(__u32 buf[4], __u32 const in[16])
> +{
> +	register __u32 a, b, c, d;
> +
> +	a = buf[0];
> +	b = buf[1];
> +	c = buf[2];
> +	d = buf[3];
> +
> +	MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7);
> +	MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12);
> +	MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17);
> +	MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22);
> +	MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7);
> +	MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12);
> +	MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17);
> +	MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22);
> +	MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7);
> +	MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12);
> +	MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
> +	MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
> +	MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7);
> +	MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
> +	MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
> +	MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
> +
> +	MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5);
> +	MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9);
> +	MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
> +	MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20);
> +	MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5);
> +	MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9);
> +	MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
> +	MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20);
> +	MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5);
> +	MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9);
> +	MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14);
> +	MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20);
> +	MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5);
> +	MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9);
> +	MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14);
> +	MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
> +
> +	MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4);
> +	MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11);
> +	MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
> +	MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
> +	MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4);
> +	MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11);
> +	MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16);
> +	MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
> +	MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4);
> +	MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11);
> +	MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16);
> +	MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23);
> +	MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4);
> +	MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
> +	MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
> +	MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23);
> +
> +	MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6);
> +	MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10);
> +	MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
> +	MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21);
> +	MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6);
> +	MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10);
> +	MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
> +	MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21);
> +	MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6);
> +	MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
> +	MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15);
> +	MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
> +	MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6);
> +	MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
> +	MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15);
> +	MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21);
> +
> +	buf[0] += a;
> +	buf[1] += b;
> +	buf[2] += c;
> +	buf[3] += d;
> +}
> +
> +struct md5 {
> +	struct MD5Context context;
> +	struct digest d;
> +};
> +
> +static int digest_md5_init(struct digest *d)
> +{
> +	struct md5 *m = container_of(d, struct md5, d);
> +
> +	MD5Init(&m->context);
> +
> +	return 0;
> +}
> +
> +static int digest_md5_update(struct digest *d, const void *data,
> +			     unsigned long len)
> +{
> +	struct md5 *m = container_of(d, struct md5, d);
> +
> +	MD5Update(&m->context, data, len);
> +
> +	return 0;
> +}
> +
> +static int digest_md5_final(struct digest *d, unsigned char *md)
> +{
> +	struct md5 *m = container_of(d, struct md5, d);
> +
> +	MD5Final(md, &m->context);
> +
> +	return 0;
> +}
> +
> +static struct md5 m = {
> +	.d = {
> +		.name = "md5",
> +		.init = digest_md5_init,
> +		.update = digest_md5_update,
> +		.final = digest_md5_final,
> +		.length = 16,
> +	}
> +};
> +
> +static int md5_digest_register(void)
> +{
> +	digest_register(&m.d);
> +
> +	return 0;
> +}
> +device_initcall(md5_digest_register);
> -- 
> 1.7.1
> 
> 
> _______________________________________________
> barebox mailing list
> barebox@lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/barebox
> 

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 3/7] add sha1 support

[Sascha Hauer]

On Thu, Sep 09, 2010 at 03:59:49PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> ---
>  lib/Kconfig  |    3 +
>  lib/Makefile |    1 +
>  lib/sha1.c   |  396 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  3 files changed, 400 insertions(+), 0 deletions(-)
>  create mode 100644 lib/sha1.c
> 
> diff --git a/lib/Kconfig b/lib/Kconfig
> index e8776a7..650e86c 100644
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -19,6 +19,9 @@ config MD5
>  	bool "MD5"
>  	default y
>  
> +config SHA1
> +	bool "SHA1"
> +
>  endif
>  
>  config GENERIC_FIND_NEXT_BIT
> diff --git a/lib/Makefile b/lib/Makefile
> index 6a1fb5d..6f79d03 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -35,3 +35,4 @@ obj-y			+= show_progress.o
>  obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
>  obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
>  obj-$(CONFIG_MD5)	+= md5.o
> +obj-$(CONFIG_SHA1)	+= sha1.o
> diff --git a/lib/sha1.c b/lib/sha1.c
> new file mode 100644
> index 0000000..00dcc78
> --- /dev/null
> +++ b/lib/sha1.c
> @@ -0,0 +1,396 @@
> +/*
> + *  Heiko Schocher, DENX Software Engineering, hs@denx.de.
> + *  based on:
> + *  FIPS-180-1 compliant SHA-1 implementation
> + *
> + *  Copyright (C) 2003-2006  Christophe Devine
> + *
> + *  This library is free software; you can redistribute it and/or
> + *  modify it under the terms of the GNU Lesser General Public
> + *  License, version 2.1 as published by the Free Software Foundation.
> + *
> + *  This library is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> + *  Lesser General Public License for more details.
> + *
> + *  You should have received a copy of the GNU Lesser General Public
> + *  License along with this library; if not, write to the Free Software
> + *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
> + *  MA  02110-1301  USA
> + */
> +/*
> + *  The SHA-1 standard was published by NIST in 1993.
> + *
> + *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
> + */
> +
> +#include <common.h>
> +#include <digest.h>
> +#include <init.h>
> +#include <linux/string.h>
> +
> +#define SHA1_SUM_POS	-0x20
> +#define SHA1_SUM_LEN	20
> +
> +typedef struct
> +{
> +    unsigned long total[2];	/*!< number of bytes processed	*/
> +    unsigned long state[5];	/*!< intermediate digest state	*/
> +    unsigned char buffer[64];	/*!< data block being processed */
> +}
> +sha1_context;
> +
> +/*
> + * 32-bit integer manipulation macros (big endian)
> + */
> +#ifndef GET_UINT32_BE
> +#define GET_UINT32_BE(n,b,i) {				\
> +	(n) = ( (unsigned long) (b)[(i)    ] << 24 )	\
> +	    | ( (unsigned long) (b)[(i) + 1] << 16 )	\
> +	    | ( (unsigned long) (b)[(i) + 2] <<  8 )	\
> +	    | ( (unsigned long) (b)[(i) + 3]       );	\
> +}
> +#endif
> +#ifndef PUT_UINT32_BE
> +#define PUT_UINT32_BE(n,b,i) {				\
> +	(b)[(i)    ] = (unsigned char) ( (n) >> 24 );	\
> +	(b)[(i) + 1] = (unsigned char) ( (n) >> 16 );	\
> +	(b)[(i) + 2] = (unsigned char) ( (n) >>  8 );	\
> +	(b)[(i) + 3] = (unsigned char) ( (n)       );	\
> +}
> +#endif

Isn't cpu_to_be32 a better weapon here?

The corresponding kernel code looks cleaner to me. Have you considered
using it?

Sascha

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 3/7] add sha1 support

[Jean-Christophe PLAGNIOL-VILLARD]

On 17:53 Thu 16 Sep     , Sascha Hauer wrote:
> On Thu, Sep 09, 2010 at 03:59:49PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> > ---
> >  lib/Kconfig  |    3 +
> >  lib/Makefile |    1 +
> >  lib/sha1.c   |  396 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 400 insertions(+), 0 deletions(-)
> >  create mode 100644 lib/sha1.c
> > 
> > diff --git a/lib/Kconfig b/lib/Kconfig
> > index e8776a7..650e86c 100644
> > --- a/lib/Kconfig
> > +++ b/lib/Kconfig
> > @@ -19,6 +19,9 @@ config MD5
> >  	bool "MD5"
> >  	default y
> >  
> > +config SHA1
> > +	bool "SHA1"
> > +
> >  endif
> >  
> >  config GENERIC_FIND_NEXT_BIT
> > diff --git a/lib/Makefile b/lib/Makefile
> > index 6a1fb5d..6f79d03 100644
> > --- a/lib/Makefile
> > +++ b/lib/Makefile
> > @@ -35,3 +35,4 @@ obj-y			+= show_progress.o
> >  obj-$(CONFIG_LZO_DECOMPRESS)		+= decompress_unlzo.o
> >  obj-$(CONFIG_PROCESS_ESCAPE_SEQUENCE)	+= process_escape_sequence.o
> >  obj-$(CONFIG_MD5)	+= md5.o
> > +obj-$(CONFIG_SHA1)	+= sha1.o
> > diff --git a/lib/sha1.c b/lib/sha1.c
> > new file mode 100644
> > index 0000000..00dcc78
> > --- /dev/null
> > +++ b/lib/sha1.c
> > @@ -0,0 +1,396 @@
> > +/*
> > + *  Heiko Schocher, DENX Software Engineering, hs@denx.de.
> > + *  based on:
> > + *  FIPS-180-1 compliant SHA-1 implementation
> > + *
> > + *  Copyright (C) 2003-2006  Christophe Devine
> > + *
> > + *  This library is free software; you can redistribute it and/or
> > + *  modify it under the terms of the GNU Lesser General Public
> > + *  License, version 2.1 as published by the Free Software Foundation.
> > + *
> > + *  This library is distributed in the hope that it will be useful,
> > + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> > + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> > + *  Lesser General Public License for more details.
> > + *
> > + *  You should have received a copy of the GNU Lesser General Public
> > + *  License along with this library; if not, write to the Free Software
> > + *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
> > + *  MA  02110-1301  USA
> > + */
> > +/*
> > + *  The SHA-1 standard was published by NIST in 1993.
> > + *
> > + *  http://www.itl.nist.gov/fipspubs/fip180-1.htm
> > + */
> > +
> > +#include <common.h>
> > +#include <digest.h>
> > +#include <init.h>
> > +#include <linux/string.h>
> > +
> > +#define SHA1_SUM_POS	-0x20
> > +#define SHA1_SUM_LEN	20
> > +
> > +typedef struct
> > +{
> > +    unsigned long total[2];	/*!< number of bytes processed	*/
> > +    unsigned long state[5];	/*!< intermediate digest state	*/
> > +    unsigned char buffer[64];	/*!< data block being processed */
> > +}
> > +sha1_context;
> > +
> > +/*
> > + * 32-bit integer manipulation macros (big endian)
> > + */
> > +#ifndef GET_UINT32_BE
> > +#define GET_UINT32_BE(n,b,i) {				\
> > +	(n) = ( (unsigned long) (b)[(i)    ] << 24 )	\
> > +	    | ( (unsigned long) (b)[(i) + 1] << 16 )	\
> > +	    | ( (unsigned long) (b)[(i) + 2] <<  8 )	\
> > +	    | ( (unsigned long) (b)[(i) + 3]       );	\
> > +}
> > +#endif
> > +#ifndef PUT_UINT32_BE
> > +#define PUT_UINT32_BE(n,b,i) {				\
> > +	(b)[(i)    ] = (unsigned char) ( (n) >> 24 );	\
> > +	(b)[(i) + 1] = (unsigned char) ( (n) >> 16 );	\
> > +	(b)[(i) + 2] = (unsigned char) ( (n) >>  8 );	\
> > +	(b)[(i) + 3] = (unsigned char) ( (n)       );	\
> > +}
> > +#endif
> 
> Isn't cpu_to_be32 a better weapon here?
> 
> The corresponding kernel code looks cleaner to me. Have you considered
> using it?
no I did not take a look on it as I choose to keep the original code but I can
put new patch to do it as a second step to keep the history of modification
IIRC it's the same for sha256

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [PATCH 2/7] add md5 support

[Jean-Christophe PLAGNIOL-VILLARD]

On 17:43 Thu 16 Sep     , Sascha Hauer wrote:
> On Thu, Sep 09, 2010 at 03:59:48PM +0200, Jean-Christophe PLAGNIOL-VILLARD wrote:
> > Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
> > ---
> >  lib/Kconfig  |    4 +
> >  lib/Makefile |    1 +
> >  lib/md5.c    |  317 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 322 insertions(+), 0 deletions(-)
> >  create mode 100644 lib/md5.c
> > 
> > diff --git a/lib/Kconfig b/lib/Kconfig
> > index a571ba8..e8776a7 100644
> > --- a/lib/Kconfig
> > +++ b/lib/Kconfig
> > @@ -15,6 +15,10 @@ menuconfig DIGEST
> >  
> >  if DIGEST
> >  
> > +config MD5
> > +	bool "MD5"
> > +	default y
> 
> Please no default y here.
fix in the next pull request

Best Regards,
J.

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox