Re: [PATCH v4 06/29] sha1: Remove sha1 non-watchdog API

3 Jul 2024

On Tue, 2 Jul 2024 at 21:26, Raymond Mao raymond.mao@linaro.org wrote:
...
We don't need an API specially for non-watchdog since sha1_csum_wd
supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
Set 0x10000 as default chunk size for SHA1.
Signed-off-by: Raymond Mao raymond.mao@linaro.org
Changes in v4

Initial patch.

board/gdsys/a38x/hre.c |  2 +-
 include/u-boot/sha1.h  | 12 ++----------
 lib/sha1.c             | 13 -------------
 lib/tpm-v1.c           |  2 +-
 4 files changed, 4 insertions(+), 25 deletions(-)

diff --git a/board/gdsys/a38x/hre.c b/board/gdsys/a38x/hre.c
index f303793b63b..06856ea36d3 100644
--- a/board/gdsys/a38x/hre.c
+++ b/board/gdsys/a38x/hre.c
@@ -166,7 +166,7 @@ static int find_key(struct udevice *tpm, const uint8_t auth[20],
                        return -1;
                if (err)
                        continue;

          sha1_csum(buf, buf_len, digest);




          sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ);
          if (!memcmp(digest, pubkey_digest, 20)) {
                  *handle = key_handles[i];
                  return 0;



diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
index ab88134fb98..36c3db15e22 100644
--- a/include/u-boot/sha1.h
+++ b/include/u-boot/sha1.h
@@ -39,6 +39,8 @@ extern "C" {
 #define SHA1_SUM_LEN   20
 #define SHA1_DER_LEN   15
+#define SHA1_DEF_CHUNK_SZ 0x10000



extern const uint8_t sha1_der_prefix[];
#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
@@ -81,16 +83,6 @@ void sha1_update(sha1_context *ctx, const unsigned char *input,
  */
 void sha1_finish( sha1_context *ctx, unsigned char output[20] );
-/**


\brief         Output = SHA-1( input buffer )







\param input    buffer holding the  data



\param ilen    length of the input data



\param output   SHA-1 checksum result


*/

-void sha1_csum(const unsigned char *input, unsigned int ilen,

          unsigned char *output);




/**

\brief         Output = SHA-1( input buffer ), with watchdog triggering


diff --git a/lib/sha1.c b/lib/sha1.c
index 7ef536f4b5d..81412283b49 100644
--- a/lib/sha1.c
+++ b/lib/sha1.c
@@ -304,19 +304,6 @@ void sha1_finish (sha1_context * ctx, unsigned char output[20])
        PUT_UINT32_BE (ctx->state[4], output, 16);
 }
-/*


Output = SHA-1( input buffer )


*/

-void sha1_csum(const unsigned char *input, unsigned int ilen,

         unsigned char *output)



-{

  sha1_context ctx;



  sha1_starts (&ctx);


  sha1_update (&ctx, input, ilen);


  sha1_finish (&ctx, output);



-}



/*

Output = SHA-1( input buffer ). Trigger the watchdog every 'chunk_sz'
bytes of input processed.

diff --git a/lib/tpm-v1.c b/lib/tpm-v1.c
index e66023da5e6..a6727c575fd 100644
--- a/lib/tpm-v1.c
+++ b/lib/tpm-v1.c
@@ -871,7 +871,7 @@ u32 tpm1_find_key_sha1(struct udevice *dev, const u8 auth[20],
                        return -1;
                if (err)
                        continue;

          sha1_csum(buf, buf_len, digest);




          sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ);
          if (!memcmp(digest, pubkey_digest, 20)) {
                  *handle = key_handles[i];
                  return 0;



--
2.25.1
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org

    