2sha: Add SHA-224 and SHA-384 hash algorithms

This patch adds support for the SHA-224 and SHA-384 hash algorithms,
which are basically just variants of SHA-256 and SHA-512 (respectively)
with different initialization vectors and truncating a bit of the final
output. They are only added to serve vboot's role as all-purpose crypto
toolbox for callers (e.g. coreboot, where I need SHA-384 to support a
certain SoC boot descriptor right now) and not intended for actual use
as signature or firmware body hashes -- therefore, we only add the hash
algorithms themselves and don't create enum values for them in enum
vb2_crypto_algorithm or other structures.

Also clarify the difference between UNROLL_LOOPS and UNROLL_LOOPS_SHA512
in the Makefile, since it was totally not obvious to me.

BRANCH=None
BUG=None
TEST=make runtest and make runtest UNROLL_LOOPS=1

Cq-Depend: chromium:2191082
Signed-off-by: Julius Werner <jwerner@chromium.org>
Change-Id: Ic132d4dfe5967f03be4666b26c47d32c1235f4a9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2183551
Reviewed-by: Joel Kitching <kitching@chromium.org>

1 files changed, 4 insertions, 0 deletions

diff --git a/firmware/2lib/include/2crypto.h b/firmware/2lib/include/2crypto.h
index 0413a624..14e1f14d 100644
--- a/firmware/2lib/include/2crypto.h
+++ b/firmware/2lib/include/2crypto.h
@@ -71,6 +71,10 @@ enum vb2_hash_algorithm {
 	VB2_HASH_SHA256 = 2,
 	VB2_HASH_SHA512 = 3,
 
+	/* SHA-224/SHA-384 are variants of SHA-256/SHA-512, respectively. */
+	VB2_HASH_SHA224 = 4,
+	VB2_HASH_SHA384 = 5,
+
 	/* Last index. Don't add anything below. */
 	VB2_HASH_ALG_COUNT,
 };