diff options
| author | Tom Rini <[email protected]> | 2025-12-04 09:39:11 -0600 |
|---|---|---|
| committer | Tom Rini <[email protected]> | 2025-12-04 09:39:11 -0600 |
| commit | 33750d8d88d519a6ec90da689776d8afccccf2c4 (patch) | |
| tree | f7cd1fdbdd7c88eec85a1d1fbb566c8689c85d33 /include | |
| parent | 8eed8a355843897258c3f22727b32abe95464b08 (diff) | |
| parent | b30557b3b46c5162cb88a57907c517ed95557239 (diff) | |
Merge patch series "Add support for SM3 secure hash"
Heiko Schocher <[email protected]> says:
Add SM3 secure hash, as specified by OSCCA GM/T 0004-2012 SM3 and described
at https://datatracker.ietf.org/doc/html/draft-sca-cfrg-sm3-02
TPMv2 defines hash algo sm3_256, which is currently
not supported and prevented TPMv2 chip with newer
firmware to work with U-Boot. Seen this on a ST33TPHF2XI2C
u-boot=> tpm2 init
u-boot=> tpm2 autostart
tpm2_get_pcr_info: too many pcrs: 5
Error: -90
u-boot=>
Implement sm3 hash, so we can fix this problem.
Link: https://lore.kernel.org/r/[email protected]
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/bitops.h | 11 | ||||
| -rw-r--r-- | include/tpm-v2.h | 12 | ||||
| -rw-r--r-- | include/u-boot/sm3.h | 35 |
3 files changed, 58 insertions, 0 deletions
diff --git a/include/linux/bitops.h b/include/linux/bitops.h index f826d7f3b34..29e0da48de8 100644 --- a/include/linux/bitops.h +++ b/include/linux/bitops.h @@ -148,6 +148,17 @@ static inline unsigned long hweight_long(unsigned long w) return sizeof(w) == 4 ? generic_hweight32(w) : generic_hweight64(w); } +/** + * rol32 - rotate a 32-bit value left + * @word: value to rotate + * @shift: bits to roll + */ + +static inline __u32 rol32(__u32 word, unsigned int shift) +{ + return (word << (shift & 31)) | (word >> ((-shift) & 31)); +} + #include <asm/bitops.h> /* linux/include/asm-generic/bitops/non-atomic.h */ diff --git a/include/tpm-v2.h b/include/tpm-v2.h index f3eb2ef5643..a776d24d71f 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -345,6 +345,18 @@ static const struct digest_info hash_algo_list[] = { false, #endif }, + { + "sm3_256", + TPM2_ALG_SM3_256, + TCG2_BOOT_HASH_ALG_SM3_256, + TPM2_SM3_256_DIGEST_SIZE, +#if IS_ENABLED(CONFIG_SM3) + true, +#else + false, +#endif + }, + }; /* NV index attributes */ diff --git a/include/u-boot/sm3.h b/include/u-boot/sm3.h new file mode 100644 index 00000000000..b4ead96c776 --- /dev/null +++ b/include/u-boot/sm3.h @@ -0,0 +1,35 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +#ifndef _SM3_H +#define _SM3_H + +#define SM3_DIGEST_SIZE 32 /* 256 bits */ +#define SM3_BLOCK_SIZE 64 /* 512 bits */ +#define SM3_PAD_UNIT 56 /* 448 bits */ + +#define SM3_T1 0x79CC4519 +#define SM3_T2 0x7A879D8A + +#define SM3_IVA 0x7380166f +#define SM3_IVB 0x4914b2b9 +#define SM3_IVC 0x172442d7 +#define SM3_IVD 0xda8a0600 +#define SM3_IVE 0xa96f30bc +#define SM3_IVF 0x163138aa +#define SM3_IVG 0xe38dee4d +#define SM3_IVH 0xb0fb0e4e + +struct sm3_context { + uint32_t state[SM3_DIGEST_SIZE / 4]; + uint64_t count; /* Message length in bits */ + uint8_t buffer[SM3_BLOCK_SIZE]; + int buflen; +}; + +void sm3_init(struct sm3_context *sctx); +void sm3_update(struct sm3_context *sctx, const uint8_t *input, size_t ilen); +void sm3_final(struct sm3_context *sctx, uint8_t output[SM3_DIGEST_SIZE]); +void sm3_hash(const uint8_t *input, size_t ilen, uint8_t output[SM3_DIGEST_SIZE]); + +void sm3_csum_wd(const unsigned char *input, uint32_t len, + unsigned char *output, unsigned int chunk_sz); +#endif |