diff options
author | Gaurav Shah <gauravsh@chromium.org> | 2011-04-04 11:47:51 -0700 |
---|---|---|
committer | Gaurav Shah <gauravsh@chromium.org> | 2011-04-04 11:47:51 -0700 |
commit | e7f5c905fc618d25378081444f93343541bf1883 (patch) | |
tree | 088ae8064f04af6b71a599c2bfa0abc27e1c6753 | |
parent | 8ae94c2d24d36d1469483c9923a4d7ecbc3910b0 (diff) | |
download | vboot-e7f5c905fc618d25378081444f93343541bf1883.tar.gz |
Make SHA256 and SHA512 handle >UINT32_MAX data correctly (now with fix for ARM compilation)
Change-Id: Iaa0c5675c07e9b54b2a389c53ed503e7a21ba731
BUG=chrome-os-partner:2912
TEST=
1) emerge-x86-generic vboot_reference
2) emerge-arm-generic vboot_reference
3) emerge-arm-generic vboot_reference-firmware
4) emerge-tegra2 vboot_reference-firmware
5) make && make runtests
Review URL: http://codereview.chromium.org/6760017
-rw-r--r-- | firmware/arch/arm/include/biosincludes.h | 4 | ||||
-rw-r--r-- | firmware/lib/cryptolib/include/sha.h | 4 | ||||
-rw-r--r-- | firmware/lib/cryptolib/sha2.c | 68 |
3 files changed, 54 insertions, 22 deletions
diff --git a/firmware/arch/arm/include/biosincludes.h b/firmware/arch/arm/include/biosincludes.h index b7feacb1..2c08deed 100644 --- a/firmware/arch/arm/include/biosincludes.h +++ b/firmware/arch/arm/include/biosincludes.h @@ -34,6 +34,10 @@ extern void debug(const char *format, ...); #define UINT64_RSHIFT(v, shiftby) (((uint64_t)(v)) >> (shiftby)) #define UINT64_MULT32(v, multby) (((uint64_t)(v)) * ((uint32_t)(multby))) +#ifndef UINT32_MAX +#define UINT32_MAX (UINT32_C(0xffffffffU)) +#endif + #ifndef UINT64_MAX #define UINT64_MAX (UINT64_C(0xffffffffffffffffULL)) #endif diff --git a/firmware/lib/cryptolib/include/sha.h b/firmware/lib/cryptolib/include/sha.h index 46e417d9..8beb296b 100644 --- a/firmware/lib/cryptolib/include/sha.h +++ b/firmware/lib/cryptolib/include/sha.h @@ -58,11 +58,11 @@ void SHA1_update(SHA1_CTX* ctx, const uint8_t* data, uint64_t len); uint8_t* SHA1_final(SHA1_CTX* ctx); void SHA256_init(SHA256_CTX* ctx); -void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len); +void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len); uint8_t* SHA256_final(SHA256_CTX* ctx); void SHA512_init(SHA512_CTX* ctx); -void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, uint64_t len); +void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, uint32_t len); uint8_t* SHA512_final(SHA512_CTX* ctx); /* Convenience function for SHA-1. Computes hash on [data] of length [len]. diff --git a/firmware/lib/cryptolib/sha2.c b/firmware/lib/cryptolib/sha2.c index aa269176..d8dce069 100644 --- a/firmware/lib/cryptolib/sha2.c +++ b/firmware/lib/cryptolib/sha2.c @@ -332,22 +332,22 @@ static void SHA256_transform(SHA256_CTX* ctx, const uint8_t* message, -void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint64_t len) { +void SHA256_update(SHA256_CTX* ctx, const uint8_t* data, uint32_t len) { unsigned int block_nb; unsigned int new_len, rem_len, tmp_len; const uint8_t *shifted_data; tmp_len = SHA256_BLOCK_SIZE - ctx->len; - rem_len = len < tmp_len ? (unsigned int)len : tmp_len; + rem_len = len < tmp_len ? len : tmp_len; Memcpy(&ctx->block[ctx->len], data, rem_len); if (ctx->len + len < SHA256_BLOCK_SIZE) { - ctx->len += (uint32_t)len; + ctx->len += len; return; } - new_len = (unsigned int)len - rem_len; + new_len = len - rem_len; block_nb = new_len / SHA256_BLOCK_SIZE; shifted_data = data + rem_len; @@ -424,8 +424,7 @@ void SHA512_init(SHA512_CTX *ctx) { static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, - unsigned int block_nb) -{ + unsigned int block_nb) { uint64_t w[80]; uint64_t wv[8]; uint64_t t1, t2; @@ -520,22 +519,22 @@ static void SHA512_transform(SHA512_CTX* ctx, const uint8_t* message, void SHA512_update(SHA512_CTX* ctx, const uint8_t* data, - uint64_t len) { + uint32_t len) { unsigned int block_nb; unsigned int new_len, rem_len, tmp_len; const uint8_t* shifted_data; tmp_len = SHA512_BLOCK_SIZE - ctx->len; - rem_len = len < tmp_len ? (unsigned int)len : tmp_len; + rem_len = len < tmp_len ? len : tmp_len; Memcpy(&ctx->block[ctx->len], data, rem_len); if (ctx->len + len < SHA512_BLOCK_SIZE) { - ctx->len += (uint32_t)len; + ctx->len += len; return; } - new_len = (unsigned int)len - rem_len; + new_len = len - rem_len; block_nb = new_len / SHA512_BLOCK_SIZE; shifted_data = data + rem_len; @@ -593,31 +592,60 @@ uint8_t* SHA512_final(SHA512_CTX* ctx) } - -/* Convenient functions. */ uint8_t* SHA256(const uint8_t* data, uint64_t len, uint8_t* digest) { - const uint8_t* p; + const uint8_t* input_ptr; + const uint8_t* result; + uint64_t remaining_len; int i; SHA256_CTX ctx; + SHA256_init(&ctx); - SHA256_update(&ctx, data, len); - p = SHA256_final(&ctx); + + input_ptr = data; + remaining_len = len; + + /* Process data in at most UINT32_MAX byte chunks at a time. */ + while (remaining_len) { + uint32_t block_size; + block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? + UINT32_MAX : remaining_len); + SHA256_update(&ctx, input_ptr, block_size); + remaining_len -= block_size; + input_ptr += block_size; + } + + result = SHA256_final(&ctx); for (i = 0; i < SHA256_DIGEST_SIZE; ++i) { - digest[i] = *p++; + digest[i] = *result++; } return digest; } uint8_t* SHA512(const uint8_t* data, uint64_t len, uint8_t* digest) { - const uint8_t* p; + const uint8_t* input_ptr; + const uint8_t* result; + uint64_t remaining_len; int i; SHA512_CTX ctx; SHA512_init(&ctx); - SHA512_update(&ctx, data, len); - p = SHA512_final(&ctx); + + input_ptr = data; + remaining_len = len; + + /* Process data in at most UINT32_MAX byte chunks at a time. */ + while (remaining_len) { + uint32_t block_size; + block_size = (uint32_t) ((remaining_len >= UINT32_MAX) ? + UINT32_MAX : remaining_len); + SHA512_update(&ctx, input_ptr, block_size); + remaining_len -= block_size; + input_ptr += block_size; + } + + result = SHA512_final(&ctx); for (i = 0; i < SHA512_DIGEST_SIZE; ++i) { - digest[i] = *p++; + digest[i] = *result++; } return digest; } |