From: "Pali Rohár" <pali@kernel.org>
To: Stefan Roese <sr@denx.de>, Michal Simek <michal.simek@amd.com>,
Simon Glass <sjg@chromium.org>
Cc: u-boot@lists.denx.de
Subject: [PATCH 3/4] cmd: mvebu/bubt: Add support for sha512 checksum validation for Armada 3700
Date: Tue, 26 Jul 2022 16:11:58 +0200 [thread overview]
Message-ID: <20220726141159.19774-4-pali@kernel.org> (raw)
In-Reply-To: <20220726141159.19774-1-pali@kernel.org>
Armada 3700 BootROM supports also images with sha512 checksums and
mox-imager tool [1] generates such bootable images. Without sha512 support
U-Boot bubt command just prints error message:
Error: Unsupported hash_algorithm_id = 64
Error: Image header verification failed
This patch adds support for sha512 checksum validation for Armada 3700
images. With it bubt prints:
Image checksum...OK!
[1] - https://gitlab.nic.cz/turris/mox-boot-builder.git
Signed-off-by: Pali Rohár <pali@kernel.org>
---
cmd/mvebu/Kconfig | 1 +
cmd/mvebu/bubt.c | 9 +++++++++
2 files changed, 10 insertions(+)
diff --git a/cmd/mvebu/Kconfig b/cmd/mvebu/Kconfig
index 39963db82c98..120397d6d4d0 100644
--- a/cmd/mvebu/Kconfig
+++ b/cmd/mvebu/Kconfig
@@ -4,6 +4,7 @@ depends on ARCH_MVEBU
config CMD_MVEBU_BUBT
bool "bubt"
select SHA256 if ARMADA_3700
+ select SHA512 if ARMADA_3700
help
bubt - Burn a u-boot image to flash
For details about bubt command please see the documentation
diff --git a/cmd/mvebu/bubt.c b/cmd/mvebu/bubt.c
index 2924b1539f32..276069a0efc2 100644
--- a/cmd/mvebu/bubt.c
+++ b/cmd/mvebu/bubt.c
@@ -26,6 +26,7 @@
#endif
#include <u-boot/sha1.h>
#include <u-boot/sha256.h>
+#include <u-boot/sha512.h>
#if defined(CONFIG_ARMADA_8K)
#define MAIN_HDR_MAGIC 0xB105B002
@@ -566,8 +567,10 @@ static int check_image_header(void)
int image_num;
u8 hash_160_output[SHA1_SUM_LEN];
u8 hash_256_output[SHA256_SUM_LEN];
+ u8 hash_512_output[SHA512_SUM_LEN];
sha1_context hash1_text;
sha256_context hash256_text;
+ sha512_context hash512_text;
u8 *hash_output;
u32 hash_algorithm_id;
u32 image_size_to_hash;
@@ -637,6 +640,12 @@ static int check_image_header(void)
sha256_finish(&hash256_text, hash_256_output);
hash_output = hash_256_output;
break;
+ case SHA512_SUM_LEN:
+ sha512_starts(&hash512_text);
+ sha512_update(&hash512_text, buff, image_size_to_hash);
+ sha512_finish(&hash512_text, hash_512_output);
+ hash_output = hash_512_output;
+ break;
default:
printf("Error: Unsupported hash_algorithm_id = %d\n",
hash_algorithm_id);
--
2.20.1
next prev parent reply other threads:[~2022-07-26 14:12 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-26 14:11 [PATCH 0/4] cmd: mvebu/bubt: Improvements for image verification Pali Rohár
2022-07-26 14:11 ` [PATCH 1/4] cmd: mvebu/bubt: Verify image type for all 32-bit Aramda SoCs and Armada 3700 Pali Rohár
2022-07-28 6:36 ` Stefan Roese
2022-07-26 14:11 ` [PATCH 2/4] cmd: mvebu/bubt: Correctly propagate failure during tftp transport Pali Rohár
2022-07-28 6:37 ` Stefan Roese
2022-07-26 14:11 ` Pali Rohár [this message]
2022-07-28 6:37 ` [PATCH 3/4] cmd: mvebu/bubt: Add support for sha512 checksum validation for Armada 3700 Stefan Roese
2022-07-26 14:11 ` [PATCH 4/4] cmd: mvebu/bubt: Fix cmd main return value on error Pali Rohár
2022-07-28 6:38 ` Stefan Roese
2022-07-29 12:02 ` [PATCH 0/4] cmd: mvebu/bubt: Improvements for image verification Stefan Roese
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220726141159.19774-4-pali@kernel.org \
--to=pali@kernel.org \
--cc=michal.simek@amd.com \
--cc=sjg@chromium.org \
--cc=sr@denx.de \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox