This new command supports hashing SHA1 and SHA256. It could be extended to others such as MD5 and the CRC algorithms. The syntax is modeled on those:
hash <algorithm> <address> <length> [*<dest_addr> | <dest_envvar>] to calculate a hash, and: hash -v <algorithm> <address> <length> [*<verify_addr> | <verify_envvar>] to verify a hash. Use CONFIG_CMD_HASH to enable the command, CONFIG_SHA1 to enable SHA1 and CONFIG_SHA256 to enable SHA256. The existing sha1sum command remains. Signed-off-by: Simon Glass <s...@chromium.org> --- Changes in v3: - Correct hash command help to say 'hash' instead of 'sha1sum' Changes in v2: - Add new hash command to support generic hash API README | 18 +++++++++++++ common/Makefile | 1 + common/cmd_hash.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++ include/config_cmd_all.h | 1 + 4 files changed, 83 insertions(+), 0 deletions(-) create mode 100644 common/cmd_hash.c diff --git a/README b/README index 027fa46..40158bb 100644 --- a/README +++ b/README @@ -822,6 +822,7 @@ The following options need to be configured: CONFIG_CMD_GETTIME * Get time since boot CONFIG_CMD_GO * the 'go' command (exec code) CONFIG_CMD_GREPENV * search environment + CONFIG_CMD_HASH * calculate hash / digest CONFIG_CMD_HWFLOW * RTS/CTS hw flow control CONFIG_CMD_I2C * I2C serial bus support CONFIG_CMD_IDE * IDE harddisk support @@ -2391,6 +2392,23 @@ CBFS (Coreboot Filesystem) support A better solution is to properly configure the firewall, but sometimes that is not allowed. +- Hashing support: + CONFIG_CMD_HASH + + This enables a generic 'hash' command which can produce + hashes / digests from a few algorithms (e.g. SHA1, SHA256). + + CONFIG_HASH_VERIFY + + Enable the hash verify command (hash -v). This adds to code + size a little. + + CONFIG_SHA1 - support SHA1 hashing + CONFIG_SHA256 - support SHA256 hashing + + Note: There is also a sha1sum command, which should perhaps + be deprecated in favour of 'hash sha1'. + - Show boot progress: CONFIG_SHOW_BOOT_PROGRESS diff --git a/common/Makefile b/common/Makefile index c451c3d..2c28e93 100644 --- a/common/Makefile +++ b/common/Makefile @@ -104,6 +104,7 @@ COBJS-$(CONFIG_CMD_FS_GENERIC) += cmd_fs.o COBJS-$(CONFIG_CMD_GETTIME) += cmd_gettime.o COBJS-$(CONFIG_CMD_GPIO) += cmd_gpio.o COBJS-$(CONFIG_CMD_I2C) += cmd_i2c.o +COBJS-$(CONFIG_CMD_HASH) += cmd_hash.o COBJS-$(CONFIG_CMD_IDE) += cmd_ide.o COBJS-$(CONFIG_CMD_IMMAP) += cmd_immap.o COBJS-$(CONFIG_CMD_INI) += cmd_ini.o diff --git a/common/cmd_hash.c b/common/cmd_hash.c new file mode 100644 index 0000000..689c608 --- /dev/null +++ b/common/cmd_hash.c @@ -0,0 +1,63 @@ +/* + * Copyright (c) 2012 The Chromium OS Authors. + * + * (C) Copyright 2011 + * Joe Hershberger, National Instruments, joe.hershber...@ni.com + * + * (C) Copyright 2000 + * Wolfgang Denk, DENX Software Engineering, w...@denx.de. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, + * MA 02111-1307 USA + */ + +#include <common.h> +#include <command.h> +#include <hash.h> + +static int do_hash(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) +{ +#ifdef CONFIG_HASH_VERIFY + int verify = 0; + + if (!strcmp(argv[1], "-v")) { + verify = 1; + argc--; + argv++; + } +#endif + /* Move forward to 'algorithm' parameter */ + argc--; + argv++; + return hash_command(*argv, verify, cmdtp, flag, argc - 1, argv + 1); +} + +#ifdef CONFIG_HASH_VERIFY +U_BOOT_CMD( + hash, 6, 1, do_hash, + "compute hash message digest", + "algorithm address count [[*]sum_dest]\n" + " - compute message digest [save to env var / *address]\n" + "hash -v algorithm address count [*]sum\n" + " - verify hash of memory area with env var / *address" +); +#else +U_BOOT_CMD( + hash, 5, 1, do_hash, + "compute message digest", + "algorithm address count [[*]sum_dest]\n" + " - compute message digest [save to env var / *address]" +); +#endif diff --git a/include/config_cmd_all.h b/include/config_cmd_all.h index 148d676..124d51f 100644 --- a/include/config_cmd_all.h +++ b/include/config_cmd_all.h @@ -41,6 +41,7 @@ #define CONFIG_CMD_FLASH /* flinfo, erase, protect */ #define CONFIG_CMD_FPGA /* FPGA configuration Support */ #define CONFIG_CMD_GETTIME /* Get time since boot */ +#define CONFIG_CMD_HASH /* calculate hash / digest */ #define CONFIG_CMD_HWFLOW /* RTS/CTS hw flow control */ #define CONFIG_CMD_I2C /* I2C serial bus support */ #define CONFIG_CMD_IDE /* IDE harddisk support */ -- 1.7.7.3 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot