diff options
| author | Tom Rini <[email protected]> | 2025-12-04 09:39:11 -0600 |
|---|---|---|
| committer | Tom Rini <[email protected]> | 2025-12-04 09:39:11 -0600 |
| commit | 33750d8d88d519a6ec90da689776d8afccccf2c4 (patch) | |
| tree | f7cd1fdbdd7c88eec85a1d1fbb566c8689c85d33 /common | |
| parent | 8eed8a355843897258c3f22727b32abe95464b08 (diff) | |
| parent | b30557b3b46c5162cb88a57907c517ed95557239 (diff) | |
Merge patch series "Add support for SM3 secure hash"
Heiko Schocher <[email protected]> says:
Add SM3 secure hash, as specified by OSCCA GM/T 0004-2012 SM3 and described
at https://datatracker.ietf.org/doc/html/draft-sca-cfrg-sm3-02
TPMv2 defines hash algo sm3_256, which is currently
not supported and prevented TPMv2 chip with newer
firmware to work with U-Boot. Seen this on a ST33TPHF2XI2C
u-boot=> tpm2 init
u-boot=> tpm2 autostart
tpm2_get_pcr_info: too many pcrs: 5
Error: -90
u-boot=>
Implement sm3 hash, so we can fix this problem.
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'common')
| -rw-r--r-- | common/hash.c | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/common/hash.c b/common/hash.c index 0c45992d5c7..71c4bef5826 100644 --- a/common/hash.c +++ b/common/hash.c @@ -34,6 +34,7 @@ #include <u-boot/sha256.h> #include <u-boot/sha512.h> #include <u-boot/md5.h> +#include <u-boot/sm3.h> static int __maybe_unused hash_init_sha1(struct hash_algo *algo, void **ctxp) { @@ -143,6 +144,34 @@ static int __maybe_unused hash_finish_sha512(struct hash_algo *algo, void *ctx, return 0; } +static int __maybe_unused hash_init_sm3(struct hash_algo *algo, void **ctxp) +{ + struct sm3_context *ctx = malloc(sizeof(struct sm3_context)); + + sm3_init(ctx); + *ctxp = ctx; + return 0; +} + +static int __maybe_unused hash_update_sm3(struct hash_algo *algo, void *ctx, + const void *buf, uint size, + int is_last) +{ + sm3_update((struct sm3_context *)ctx, buf, size); + return 0; +} + +static int __maybe_unused hash_finish_sm3(struct hash_algo *algo, void *ctx, + void *dest_buf, int size) +{ + if (size < algo->digest_size) + return -1; + + sm3_final((struct sm3_context *)ctx, dest_buf); + free(ctx); + return 0; +} + static int __maybe_unused hash_init_crc16_ccitt(struct hash_algo *algo, void **ctxp) { @@ -298,6 +327,17 @@ static struct hash_algo hash_algo[] = { #endif }, #endif +#if CONFIG_IS_ENABLED(SM3) + { + .name = "sm3_256", + .digest_size = SM3_DIGEST_SIZE, + .chunk_size = SM3_BLOCK_SIZE, + .hash_func_ws = sm3_csum_wd, + .hash_init = hash_init_sm3, + .hash_update = hash_update_sm3, + .hash_finish = hash_finish_sm3, + }, +#endif #if CONFIG_IS_ENABLED(CRC16) { .name = "crc16-ccitt", @@ -334,7 +374,7 @@ static struct hash_algo hash_algo[] = { #if CONFIG_IS_ENABLED(SHA256) || IS_ENABLED(CONFIG_CMD_SHA1SUM) || \ CONFIG_IS_ENABLED(CRC32_VERIFY) || IS_ENABLED(CONFIG_CMD_HASH) || \ CONFIG_IS_ENABLED(SHA384) || CONFIG_IS_ENABLED(SHA512) || \ - IS_ENABLED(CONFIG_CMD_MD5SUM) + IS_ENABLED(CONFIG_CMD_MD5SUM) || CONFIG_IS_ENABLED(SM3) #define multi_hash() 1 #else #define multi_hash() 0 |