xref: /aosp_15_r20/external/vboot_reference/firmware/2lib/2hwcrypto.c (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1*8617a60dSAndroid Build Coastguard Worker /* Copyright 2023 The ChromiumOS Authors
2*8617a60dSAndroid Build Coastguard Worker  * Use of this source code is governed by a BSD-style license that can be
3*8617a60dSAndroid Build Coastguard Worker  * found in the LICENSE file.
4*8617a60dSAndroid Build Coastguard Worker  *
5*8617a60dSAndroid Build Coastguard Worker  * SHA256 implementation using the hardware crypto accelerator.
6*8617a60dSAndroid Build Coastguard Worker  */
7*8617a60dSAndroid Build Coastguard Worker 
8*8617a60dSAndroid Build Coastguard Worker #include "2common.h"
9*8617a60dSAndroid Build Coastguard Worker #include "2sha.h"
10*8617a60dSAndroid Build Coastguard Worker #include "2sha_private.h"
11*8617a60dSAndroid Build Coastguard Worker #include "2api.h"
12*8617a60dSAndroid Build Coastguard Worker 
13*8617a60dSAndroid Build Coastguard Worker struct vb2_sha256_context vb2_sha_ctx;
14*8617a60dSAndroid Build Coastguard Worker 
vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg,uint32_t data_size)15*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2ex_hwcrypto_digest_init(enum vb2_hash_algorithm hash_alg,
16*8617a60dSAndroid Build Coastguard Worker 				       uint32_t data_size)
17*8617a60dSAndroid Build Coastguard Worker {
18*8617a60dSAndroid Build Coastguard Worker 	int i;
19*8617a60dSAndroid Build Coastguard Worker 
20*8617a60dSAndroid Build Coastguard Worker 	if (hash_alg != VB2_HASH_SHA256)
21*8617a60dSAndroid Build Coastguard Worker 		return VB2_ERROR_EX_HWCRYPTO_UNSUPPORTED;
22*8617a60dSAndroid Build Coastguard Worker 
23*8617a60dSAndroid Build Coastguard Worker 	for (i = 0; i < ARRAY_SIZE(vb2_hash_seq); i++) {
24*8617a60dSAndroid Build Coastguard Worker 		VB2_ASSERT(vb2_hash_seq[i] < ARRAY_SIZE(vb2_sha_ctx.h));
25*8617a60dSAndroid Build Coastguard Worker 		vb2_sha_ctx.h[vb2_hash_seq[i]] = vb2_sha256_h0[i];
26*8617a60dSAndroid Build Coastguard Worker 	}
27*8617a60dSAndroid Build Coastguard Worker 
28*8617a60dSAndroid Build Coastguard Worker 	vb2_sha_ctx.size = 0;
29*8617a60dSAndroid Build Coastguard Worker 	vb2_sha_ctx.total_size = 0;
30*8617a60dSAndroid Build Coastguard Worker 	memset(vb2_sha_ctx.block, 0, sizeof(vb2_sha_ctx.block));
31*8617a60dSAndroid Build Coastguard Worker 
32*8617a60dSAndroid Build Coastguard Worker 	return VB2_SUCCESS;
33*8617a60dSAndroid Build Coastguard Worker }
34*8617a60dSAndroid Build Coastguard Worker 
vb2ex_hwcrypto_digest_extend(const uint8_t * buf,uint32_t size)35*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2ex_hwcrypto_digest_extend(const uint8_t *buf, uint32_t size)
36*8617a60dSAndroid Build Coastguard Worker {
37*8617a60dSAndroid Build Coastguard Worker 	unsigned int remaining_blocks;
38*8617a60dSAndroid Build Coastguard Worker 	unsigned int new_size, rem_size, tmp_size;
39*8617a60dSAndroid Build Coastguard Worker 	const uint8_t *shifted_data;
40*8617a60dSAndroid Build Coastguard Worker 
41*8617a60dSAndroid Build Coastguard Worker 	tmp_size = VB2_SHA256_BLOCK_SIZE - vb2_sha_ctx.size;
42*8617a60dSAndroid Build Coastguard Worker 	rem_size = size < tmp_size ? size : tmp_size;
43*8617a60dSAndroid Build Coastguard Worker 
44*8617a60dSAndroid Build Coastguard Worker 	memcpy(&vb2_sha_ctx.block[vb2_sha_ctx.size], buf, rem_size);
45*8617a60dSAndroid Build Coastguard Worker 
46*8617a60dSAndroid Build Coastguard Worker 	if (vb2_sha_ctx.size + size < VB2_SHA256_BLOCK_SIZE) {
47*8617a60dSAndroid Build Coastguard Worker 		vb2_sha_ctx.size += size;
48*8617a60dSAndroid Build Coastguard Worker 		return VB2_SUCCESS;
49*8617a60dSAndroid Build Coastguard Worker 	}
50*8617a60dSAndroid Build Coastguard Worker 
51*8617a60dSAndroid Build Coastguard Worker 	new_size = size - rem_size;
52*8617a60dSAndroid Build Coastguard Worker 	remaining_blocks = new_size / VB2_SHA256_BLOCK_SIZE;
53*8617a60dSAndroid Build Coastguard Worker 
54*8617a60dSAndroid Build Coastguard Worker 	shifted_data = buf + rem_size;
55*8617a60dSAndroid Build Coastguard Worker 
56*8617a60dSAndroid Build Coastguard Worker 	vb2_sha256_transform_hwcrypto(vb2_sha_ctx.block, 1);
57*8617a60dSAndroid Build Coastguard Worker 	if (remaining_blocks)
58*8617a60dSAndroid Build Coastguard Worker 		vb2_sha256_transform_hwcrypto(shifted_data, remaining_blocks);
59*8617a60dSAndroid Build Coastguard Worker 
60*8617a60dSAndroid Build Coastguard Worker 	rem_size = new_size % VB2_SHA256_BLOCK_SIZE;
61*8617a60dSAndroid Build Coastguard Worker 
62*8617a60dSAndroid Build Coastguard Worker 	memcpy(vb2_sha_ctx.block,
63*8617a60dSAndroid Build Coastguard Worker 	       &shifted_data[remaining_blocks * VB2_SHA256_BLOCK_SIZE],
64*8617a60dSAndroid Build Coastguard Worker 	       rem_size);
65*8617a60dSAndroid Build Coastguard Worker 
66*8617a60dSAndroid Build Coastguard Worker 	vb2_sha_ctx.size = rem_size;
67*8617a60dSAndroid Build Coastguard Worker 	vb2_sha_ctx.total_size += (remaining_blocks + 1) * VB2_SHA256_BLOCK_SIZE;
68*8617a60dSAndroid Build Coastguard Worker 	return VB2_SUCCESS;
69*8617a60dSAndroid Build Coastguard Worker }
70*8617a60dSAndroid Build Coastguard Worker 
vb2ex_hwcrypto_digest_finalize(uint8_t * digest,uint32_t digest_size)71*8617a60dSAndroid Build Coastguard Worker vb2_error_t vb2ex_hwcrypto_digest_finalize(uint8_t *digest,
72*8617a60dSAndroid Build Coastguard Worker 					   uint32_t digest_size)
73*8617a60dSAndroid Build Coastguard Worker {
74*8617a60dSAndroid Build Coastguard Worker 	unsigned int block_nb;
75*8617a60dSAndroid Build Coastguard Worker 	unsigned int pm_size;
76*8617a60dSAndroid Build Coastguard Worker 	unsigned int size_b;
77*8617a60dSAndroid Build Coastguard Worker 	int i;
78*8617a60dSAndroid Build Coastguard Worker 
79*8617a60dSAndroid Build Coastguard Worker 	if (digest_size != VB2_SHA256_DIGEST_SIZE) {
80*8617a60dSAndroid Build Coastguard Worker 		VB2_DEBUG("ERROR: Digest size does not match expected length.\n");
81*8617a60dSAndroid Build Coastguard Worker 		return VB2_ERROR_SHA_FINALIZE_DIGEST_SIZE;
82*8617a60dSAndroid Build Coastguard Worker 	}
83*8617a60dSAndroid Build Coastguard Worker 
84*8617a60dSAndroid Build Coastguard Worker 	block_nb = (1 + ((VB2_SHA256_BLOCK_SIZE - SHA256_MIN_PAD_LEN)
85*8617a60dSAndroid Build Coastguard Worker 			 < (vb2_sha_ctx.size % VB2_SHA256_BLOCK_SIZE)));
86*8617a60dSAndroid Build Coastguard Worker 
87*8617a60dSAndroid Build Coastguard Worker 	size_b = (vb2_sha_ctx.total_size + vb2_sha_ctx.size) * 8;
88*8617a60dSAndroid Build Coastguard Worker 	pm_size = block_nb * VB2_SHA256_BLOCK_SIZE;
89*8617a60dSAndroid Build Coastguard Worker 
90*8617a60dSAndroid Build Coastguard Worker 	memset(vb2_sha_ctx.block + vb2_sha_ctx.size, 0,
91*8617a60dSAndroid Build Coastguard Worker 	       pm_size - vb2_sha_ctx.size);
92*8617a60dSAndroid Build Coastguard Worker 	vb2_sha_ctx.block[vb2_sha_ctx.size] = SHA256_PAD_BEGIN;
93*8617a60dSAndroid Build Coastguard Worker 	UNPACK32(size_b, vb2_sha_ctx.block + pm_size - 4);
94*8617a60dSAndroid Build Coastguard Worker 
95*8617a60dSAndroid Build Coastguard Worker 	vb2_sha256_transform_hwcrypto(vb2_sha_ctx.block, block_nb);
96*8617a60dSAndroid Build Coastguard Worker 
97*8617a60dSAndroid Build Coastguard Worker 	for (i = 0; i < ARRAY_SIZE(vb2_hash_seq); i++) {
98*8617a60dSAndroid Build Coastguard Worker 		VB2_ASSERT(vb2_hash_seq[i] < ARRAY_SIZE(vb2_sha_ctx.h));
99*8617a60dSAndroid Build Coastguard Worker 		UNPACK32(vb2_sha_ctx.h[vb2_hash_seq[i]], &digest[i * 4]);
100*8617a60dSAndroid Build Coastguard Worker 	}
101*8617a60dSAndroid Build Coastguard Worker 	return VB2_SUCCESS;
102*8617a60dSAndroid Build Coastguard Worker }
103