From: Luca Boccassi Date: Thu, 7 Oct 2021 16:15:32 +0000 (+0100) Subject: boot/sha256: sd-ify and move to src/fundamental X-Git-Tag: v250-rc1~544^2~5 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6eb736727a484741095510380f16b4e5fb6b964a;p=thirdparty%2Fsystemd.git boot/sha256: sd-ify and move to src/fundamental --- diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index fef8572c6a0..81b750d5d35 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -12,7 +12,6 @@ efi_headers = files(''' missing_efi.h pe.h random-seed.h - sha256.h shim.h splash.h util.h @@ -34,7 +33,6 @@ systemd_boot_sources = ''' devicetree.c drivers.c random-seed.c - sha256.c shim.c '''.split() diff --git a/src/boot/efi/sha256.h b/src/boot/efi/sha256.h deleted file mode 100644 index 464be59c251..00000000000 --- a/src/boot/efi/sha256.h +++ /dev/null @@ -1,28 +0,0 @@ -/* SPDX-License-Identifier: LGPL-2.1-or-later */ -#pragma once - -#include -#include - -struct sha256_ctx { - UINT32 H[8]; - - union { - UINT64 total64; -#define TOTAL64_low (1 - (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__)) -#define TOTAL64_high (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) - UINT32 total[2]; - }; - - UINT32 buflen; - - union { - UINT8 buffer[128]; /* NB: always correctly aligned for UINT32. */ - UINT32 buffer32[32]; - UINT64 buffer64[16]; - }; -}; - -void sha256_init_ctx(struct sha256_ctx *ctx); -void *sha256_finish_ctx(struct sha256_ctx *ctx, VOID *resbuf); -void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx); diff --git a/src/fundamental/meson.build b/src/fundamental/meson.build index 3c43081cf61..3aa9fab8cbf 100644 --- a/src/fundamental/meson.build +++ b/src/fundamental/meson.build @@ -6,10 +6,12 @@ fundamental_headers = files( 'efi-loader-features.h', 'macro-fundamental.h', 'string-util-fundamental.h', + 'sha256.h', 'type.h') sources = ''' string-util-fundamental.c + sha256.c '''.split() # for sd-boot diff --git a/src/boot/efi/sha256.c b/src/fundamental/sha256.c similarity index 79% rename from src/boot/efi/sha256.c rename to src/fundamental/sha256.c index d2e267eeffa..0577a24920b 100644 --- a/src/boot/efi/sha256.c +++ b/src/fundamental/sha256.c @@ -1,6 +1,6 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ -/* Stolen from glibc and converted to UEFI style. In glibc it comes with the following copyright blurb: */ +/* Stolen from glibc and converted to our style. In glibc it comes with the following copyright blurb: */ /* Functions to compute SHA256 message digest of files or memory blocks. according to the definition of SHA256 in FIPS 180-2. @@ -23,6 +23,10 @@ /* Written by Ulrich Drepper , 2007. */ +#ifndef SD_BOOT +#include +#endif + #include "macro-fundamental.h" #include "sha256.h" @@ -45,12 +49,12 @@ /* This array contains the bytes used to pad the buffer to the next 64-byte boundary. (FIPS 180-2:5.1.1) */ -static const UINT8 fillbuf[64] = { +static const uint8_t fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; /* Constants for SHA256 from FIPS 180-2:4.2.2. */ -static const UINT32 K[64] = { +static const uint32_t K[64] = { 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, @@ -69,7 +73,7 @@ static const UINT32 K[64] = { 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 }; -static void sha256_process_block(const void *, UINTN, struct sha256_ctx *); +static void sha256_process_block(const void *, size_t, struct sha256_ctx *); /* Initialize structure containing state of computation. (FIPS 180-2:5.3.2) */ @@ -96,8 +100,8 @@ void sha256_init_ctx(struct sha256_ctx *ctx) { aligned for a 32 bits value. */ void *sha256_finish_ctx(struct sha256_ctx *ctx, void *resbuf) { /* Take yet unprocessed bytes into account. */ - UINT32 bytes = ctx->buflen; - UINTN pad; + uint32_t bytes = ctx->buflen; + size_t pad; assert(ctx); assert(resbuf); @@ -106,7 +110,7 @@ void *sha256_finish_ctx(struct sha256_ctx *ctx, void *resbuf) { ctx->total64 += bytes; pad = bytes >= 56 ? 64 + 56 - bytes : 56 - bytes; - CopyMem(&ctx->buffer[bytes], fillbuf, pad); + memcpy(&ctx->buffer[bytes], fillbuf, pad); /* Put the 64-bit file length in *bits* at the end of the buffer. */ ctx->buffer32[(bytes + pad + 4) / 4] = SWAP(ctx->total[TOTAL64_low] << 3); @@ -117,13 +121,13 @@ void *sha256_finish_ctx(struct sha256_ctx *ctx, void *resbuf) { sha256_process_block(ctx->buffer, bytes + pad + 8, ctx); /* Put result from CTX in first 32 bytes following RESBUF. */ - for (UINTN i = 0; i < 8; ++i) - ((UINT32 *) resbuf)[i] = SWAP(ctx->H[i]); + for (size_t i = 0; i < 8; ++i) + ((uint32_t *) resbuf)[i] = SWAP(ctx->H[i]); return resbuf; } -void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) { +void sha256_process_bytes(const void *buffer, size_t len, struct sha256_ctx *ctx) { assert(buffer); assert(ctx); @@ -131,10 +135,10 @@ void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) both inputs first. */ if (ctx->buflen != 0) { - UINTN left_over = ctx->buflen; - UINTN add = 128 - left_over > len ? len : 128 - left_over; + size_t left_over = ctx->buflen; + size_t add = 128 - left_over > len ? len : 128 - left_over; - CopyMem(&ctx->buffer[left_over], buffer, add); + memcpy(&ctx->buffer[left_over], buffer, add); ctx->buflen += add; if (ctx->buflen > 64) { @@ -142,7 +146,7 @@ void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) ctx->buflen &= 63; /* The regions in the following copy operation cannot overlap. */ - CopyMem(ctx->buffer, &ctx->buffer[(left_over + add) & ~63], + memcpy(ctx->buffer, &ctx->buffer[(left_over + add) & ~63], ctx->buflen); } @@ -159,13 +163,13 @@ void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) /* To check alignment gcc has an appropriate operator. Other compilers don't. */ # if __GNUC__ >= 2 -# define UNALIGNED_P(p) (((UINTN) p) % __alignof__(UINT32) != 0) +# define UNALIGNED_P(p) (((size_t) p) % __alignof__(uint32_t) != 0) # else -# define UNALIGNED_P(p) (((UINTN) p) % sizeof(UINT32) != 0) +# define UNALIGNED_P(p) (((size_t) p) % sizeof(uint32_t) != 0) # endif if (UNALIGNED_P(buffer)) while (len > 64) { - CopyMem(ctx->buffer, buffer, 64); + memcpy(ctx->buffer, buffer, 64); sha256_process_block(ctx->buffer, 64, ctx); buffer = (const char *) buffer + 64; len -= 64; @@ -181,14 +185,14 @@ void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) /* Move remaining bytes into internal buffer. */ if (len > 0) { - UINTN left_over = ctx->buflen; + size_t left_over = ctx->buflen; - CopyMem(&ctx->buffer[left_over], buffer, len); + memcpy(&ctx->buffer[left_over], buffer, len); left_over += len; if (left_over >= 64) { sha256_process_block(ctx->buffer, 64, ctx); left_over -= 64; - CopyMem(ctx->buffer, &ctx->buffer[64], left_over); + memcpy(ctx->buffer, &ctx->buffer[64], left_over); } ctx->buflen = left_over; } @@ -197,21 +201,21 @@ void sha256_process_bytes(const void *buffer, UINTN len, struct sha256_ctx *ctx) /* Process LEN bytes of BUFFER, accumulating context into CTX. It is assumed that LEN % 64 == 0. */ -static void sha256_process_block(const void *buffer, UINTN len, struct sha256_ctx *ctx) { - const UINT32 *words = buffer; - UINTN nwords = len / sizeof(UINT32); +static void sha256_process_block(const void *buffer, size_t len, struct sha256_ctx *ctx) { + const uint32_t *words = buffer; + size_t nwords = len / sizeof(uint32_t); assert(buffer); assert(ctx); - UINT32 a = ctx->H[0]; - UINT32 b = ctx->H[1]; - UINT32 c = ctx->H[2]; - UINT32 d = ctx->H[3]; - UINT32 e = ctx->H[4]; - UINT32 f = ctx->H[5]; - UINT32 g = ctx->H[6]; - UINT32 h = ctx->H[7]; + uint32_t a = ctx->H[0]; + uint32_t b = ctx->H[1]; + uint32_t c = ctx->H[2]; + uint32_t d = ctx->H[3]; + uint32_t e = ctx->H[4]; + uint32_t f = ctx->H[5]; + uint32_t g = ctx->H[6]; + uint32_t h = ctx->H[7]; /* First increment the byte count. FIPS 180-2 specifies the possible length of the file up to 2^64 bits. Here we only compute the @@ -221,15 +225,15 @@ static void sha256_process_block(const void *buffer, UINTN len, struct sha256_ct /* Process all bytes in the buffer with 64 bytes in each round of the loop. */ while (nwords > 0) { - UINT32 W[64]; - UINT32 a_save = a; - UINT32 b_save = b; - UINT32 c_save = c; - UINT32 d_save = d; - UINT32 e_save = e; - UINT32 f_save = f; - UINT32 g_save = g; - UINT32 h_save = h; + uint32_t W[64]; + uint32_t a_save = a; + uint32_t b_save = b; + uint32_t c_save = c; + uint32_t d_save = d; + uint32_t e_save = e; + uint32_t f_save = f; + uint32_t g_save = g; + uint32_t h_save = h; /* Operators defined in FIPS 180-2:4.1.2. */ #define Ch(x, y, z) ((x & y) ^ (~x & z)) @@ -244,17 +248,17 @@ static void sha256_process_block(const void *buffer, UINTN len, struct sha256_ct #define CYCLIC(w, s) ((w >> s) | (w << (32 - s))) /* Compute the message schedule according to FIPS 180-2:6.2.2 step 2. */ - for (UINTN t = 0; t < 16; ++t) { + for (size_t t = 0; t < 16; ++t) { W[t] = SWAP (*words); ++words; } - for (UINTN t = 16; t < 64; ++t) + for (size_t t = 16; t < 64; ++t) W[t] = R1 (W[t - 2]) + W[t - 7] + R0 (W[t - 15]) + W[t - 16]; /* The actual computation according to FIPS 180-2:6.2.2 step 3. */ - for (UINTN t = 0; t < 64; ++t) { - UINT32 T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; - UINT32 T2 = S0 (a) + Maj (a, b, c); + for (size_t t = 0; t < 64; ++t) { + uint32_t T1 = h + S1 (e) + Ch (e, f, g) + K[t] + W[t]; + uint32_t T2 = S0 (a) + Maj (a, b, c); h = g; g = f; f = e; diff --git a/src/fundamental/sha256.h b/src/fundamental/sha256.h new file mode 100644 index 00000000000..9fc090b4e07 --- /dev/null +++ b/src/fundamental/sha256.h @@ -0,0 +1,32 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#ifdef SD_BOOT +#include +#include +#endif + +#include "type.h" + +struct sha256_ctx { + uint32_t H[8]; + + union { + uint64_t total64; +#define TOTAL64_low (1 - (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__)) +#define TOTAL64_high (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) + uint32_t total[2]; + }; + + uint32_t buflen; + + union { + uint8_t buffer[128]; /* NB: always correctly aligned for UINT32. */ + uint32_t buffer32[32]; + uint64_t buffer64[16]; + }; +}; + +void sha256_init_ctx(struct sha256_ctx *ctx); +void *sha256_finish_ctx(struct sha256_ctx *ctx, void *resbuf); +void sha256_process_bytes(const void *buffer, size_t len, struct sha256_ctx *ctx);