1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (c) 2019 Fuzhou Rockchip Electronics Co., Ltd 4 */ 5 6 #include <crypto.h> 7 8 static const u8 null_hash_sha1_value[] = { 9 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 10 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 11 0xaf, 0xd8, 0x07, 0x09 12 }; 13 14 static const u8 null_hash_md5_value[] = { 15 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, 16 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e 17 }; 18 19 static const u8 null_hash_sha256_value[] = { 20 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 21 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 22 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 23 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 24 }; 25 26 static const u8 null_hash_sha512_value[] = { 27 0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd, 28 0xf1, 0x54, 0x28, 0x50, 0xd6, 0x6d, 0x80, 0x07, 29 0xd6, 0x20, 0xe4, 0x05, 0x0b, 0x57, 0x15, 0xdc, 30 0x83, 0xf4, 0xa9, 0x21, 0xd3, 0x6c, 0xe9, 0xce, 31 0x47, 0xd0, 0xd1, 0x3c, 0x5d, 0x85, 0xf2, 0xb0, 32 0xff, 0x83, 0x18, 0xd2, 0x87, 0x7e, 0xec, 0x2f, 33 0x63, 0xb9, 0x31, 0xbd, 0x47, 0x41, 0x7a, 0x81, 34 0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e 35 }; 36 37 const static u8 null_hash_sm3_value[] = { 38 0x1a, 0xb2, 0x1d, 0x83, 0x55, 0xcf, 0xa1, 0x7f, 39 0x8e, 0x61, 0x19, 0x48, 0x31, 0xe8, 0x1a, 0x8f, 40 0x22, 0xbe, 0xc8, 0xc7, 0x28, 0xfe, 0xfb, 0x74, 41 0x7e, 0xd0, 0x35, 0xeb, 0x50, 0x82, 0xaa, 0x2b 42 }; 43 44 u32 crypto_algo_nbits(u32 algo) 45 { 46 switch (algo) { 47 case CRYPTO_MD5: 48 case CRYPTO_HMAC_MD5: 49 return 128; 50 case CRYPTO_SHA1: 51 case CRYPTO_HMAC_SHA1: 52 return 160; 53 case CRYPTO_SHA256: 54 case CRYPTO_HMAC_SHA256: 55 return 256; 56 case CRYPTO_SHA512: 57 case CRYPTO_HMAC_SHA512: 58 return 512; 59 case CRYPTO_SM3: 60 case CRYPTO_HMAC_SM3: 61 return 256; 62 case CRYPTO_RSA512: 63 return 512; 64 case CRYPTO_RSA1024: 65 return 1024; 66 case CRYPTO_RSA2048: 67 return 2048; 68 case CRYPTO_RSA3072: 69 return 3072; 70 case CRYPTO_RSA4096: 71 return 4096; 72 case CRYPTO_SM2: 73 return 256; 74 case CRYPTO_ECC_192R1: 75 return 192; 76 case CRYPTO_ECC_224R1: 77 return 224; 78 case CRYPTO_ECC_256R1: 79 return 256; 80 } 81 82 printf("Unknown crypto algorithm: 0x%x\n", algo); 83 84 return 0; 85 } 86 87 struct udevice *crypto_get_device(u32 capability) 88 { 89 const struct dm_crypto_ops *ops; 90 struct udevice *dev; 91 struct uclass *uc; 92 int ret; 93 u32 cap; 94 95 ret = uclass_get(UCLASS_CRYPTO, &uc); 96 if (ret) 97 return NULL; 98 99 for (uclass_first_device(UCLASS_CRYPTO, &dev); 100 dev; 101 uclass_next_device(&dev)) { 102 ops = device_get_ops(dev); 103 if (!ops || !ops->capability) 104 continue; 105 106 cap = ops->capability(dev); 107 if ((cap & capability) == capability) 108 return dev; 109 } 110 111 return NULL; 112 } 113 114 int crypto_sha_init(struct udevice *dev, sha_context *ctx) 115 { 116 const struct dm_crypto_ops *ops = device_get_ops(dev); 117 118 if (ctx && !ctx->length) 119 return 0; 120 121 if (!ops || !ops->sha_init) 122 return -ENOSYS; 123 124 return ops->sha_init(dev, ctx); 125 } 126 127 int crypto_sha_update(struct udevice *dev, u32 *input, u32 len) 128 { 129 const struct dm_crypto_ops *ops = device_get_ops(dev); 130 131 if (!len) 132 return 0; 133 134 if (!ops || !ops->sha_update) 135 return -ENOSYS; 136 137 return ops->sha_update(dev, input, len); 138 } 139 140 int crypto_sha_final(struct udevice *dev, sha_context *ctx, u8 *output) 141 { 142 const struct dm_crypto_ops *ops = device_get_ops(dev); 143 const u8 *null_hash = NULL; 144 u32 hash_size = 0; 145 146 if (ctx && !ctx->length && output) { 147 switch (ctx->algo) { 148 case CRYPTO_MD5: 149 null_hash = null_hash_md5_value; 150 hash_size = sizeof(null_hash_md5_value); 151 break; 152 case CRYPTO_SHA1: 153 null_hash = null_hash_sha1_value; 154 hash_size = sizeof(null_hash_sha1_value); 155 break; 156 case CRYPTO_SHA256: 157 null_hash = null_hash_sha256_value; 158 hash_size = sizeof(null_hash_sha256_value); 159 break; 160 case CRYPTO_SHA512: 161 null_hash = null_hash_sha512_value; 162 hash_size = sizeof(null_hash_sha512_value); 163 break; 164 case CRYPTO_SM3: 165 null_hash = null_hash_sm3_value; 166 hash_size = sizeof(null_hash_sm3_value); 167 break; 168 default: 169 return -EINVAL; 170 } 171 172 memcpy(output, null_hash, hash_size); 173 174 return 0; 175 } 176 177 if (!ops || !ops->sha_final) 178 return -ENOSYS; 179 180 return ops->sha_final(dev, ctx, output); 181 } 182 183 int crypto_hmac_init(struct udevice *dev, sha_context *ctx, 184 u8 *key, u32 key_len) 185 { 186 const struct dm_crypto_ops *ops = device_get_ops(dev); 187 188 if (ctx && !ctx->length) 189 return -EINVAL; 190 191 if (!ops || !ops->hmac_init) 192 return -ENOSYS; 193 194 return ops->hmac_init(dev, ctx, key, key_len); 195 } 196 197 int crypto_hmac_update(struct udevice *dev, u32 *input, u32 len) 198 { 199 const struct dm_crypto_ops *ops = device_get_ops(dev); 200 201 if (!len) 202 return 0; 203 204 if (!ops || !ops->hmac_update) 205 return -ENOSYS; 206 207 return ops->hmac_update(dev, input, len); 208 } 209 210 int crypto_hmac_final(struct udevice *dev, sha_context *ctx, u8 *output) 211 { 212 const struct dm_crypto_ops *ops = device_get_ops(dev); 213 214 if (!ops || !ops->hmac_final) 215 return -ENOSYS; 216 217 return ops->hmac_final(dev, ctx, output); 218 } 219 220 int crypto_sha_csum(struct udevice *dev, sha_context *ctx, 221 char *input, u32 input_len, u8 *output) 222 { 223 int ret; 224 225 ret = crypto_sha_init(dev, ctx); 226 if (ret) 227 return ret; 228 229 ret = crypto_sha_update(dev, (u32 *)input, input_len); 230 if (ret) 231 return ret; 232 233 ret = crypto_sha_final(dev, ctx, output); 234 235 return ret; 236 } 237 238 int crypto_sha_regions_csum(struct udevice *dev, sha_context *ctx, 239 const struct image_region region[], 240 int region_count, u8 *output) 241 { 242 int i, ret; 243 244 ctx->length = 0; 245 for (i = 0; i < region_count; i++) 246 ctx->length += region[i].size; 247 248 ret = crypto_sha_init(dev, ctx); 249 if (ret) 250 return ret; 251 252 for (i = 0; i < region_count; i++) { 253 ret = crypto_sha_update(dev, (void *)region[i].data, 254 region[i].size); 255 if (ret) 256 return ret; 257 } 258 259 return crypto_sha_final(dev, ctx, output); 260 } 261 262 int crypto_rsa_verify(struct udevice *dev, rsa_key *ctx, u8 *sign, u8 *output) 263 { 264 const struct dm_crypto_ops *ops = device_get_ops(dev); 265 266 if (!ops || !ops->rsa_verify) 267 return -ENOSYS; 268 269 if (!ctx || !ctx->n || !ctx->e || !sign || !output) 270 return -EINVAL; 271 272 return ops->rsa_verify(dev, ctx, sign, output); 273 } 274 275 int crypto_ec_verify(struct udevice *dev, ec_key *ctx, u8 *hash, u32 hash_len, u8 *sign) 276 { 277 const struct dm_crypto_ops *ops = device_get_ops(dev); 278 279 if (!ops || !ops->ec_verify) 280 return -ENOSYS; 281 282 if (!ctx || !ctx->x || !ctx->y || !ctx->y || !hash || hash_len == 0 || !sign) 283 return -EINVAL; 284 285 return ops->ec_verify(dev, ctx, hash, hash_len, sign); 286 } 287 288 int crypto_cipher(struct udevice *dev, cipher_context *ctx, 289 const u8 *in, u8 *out, u32 len, bool enc) 290 { 291 const struct dm_crypto_ops *ops = device_get_ops(dev); 292 293 if (!ops || !ops->cipher_crypt) 294 return -ENOSYS; 295 296 return ops->cipher_crypt(dev, ctx, in, out, len, enc); 297 } 298 299 int crypto_mac(struct udevice *dev, cipher_context *ctx, 300 const u8 *in, u32 len, u8 *tag) 301 { 302 const struct dm_crypto_ops *ops = device_get_ops(dev); 303 304 if (!ops || !ops->cipher_mac) 305 return -ENOSYS; 306 307 return ops->cipher_mac(dev, ctx, in, len, tag); 308 } 309 310 int crypto_ae(struct udevice *dev, cipher_context *ctx, 311 const u8 *in, u32 len, const u8 *aad, u32 aad_len, 312 u8 *out, u8 *tag) 313 { 314 const struct dm_crypto_ops *ops = device_get_ops(dev); 315 316 if (!ops || !ops->cipher_ae) 317 return -ENOSYS; 318 319 return ops->cipher_ae(dev, ctx, in, len, aad, aad_len, out, tag); 320 } 321 322 UCLASS_DRIVER(crypto) = { 323 .id = UCLASS_CRYPTO, 324 .name = "crypto", 325 }; 326