[Skiboot] [PATCH v2 01/12] crypto: add mbedtls build integration via git submodule

Eric Richter erichte at linux.ibm.com
Mon Jan 20 13:36:49 AEDT 2020


Secure variable support requires more crypto support than skiboot
currently has. Since mbedtls' x509, etc implementations have rather
tight dependencies which prevent easy cherry picking (unlike the
existing sha512.c), it is easier to integrate and maintain the whole
mbedtls library as a submodule.

This revised version of the patch now integrates the files from the
library directly into skiboot's build system rather than invoking
mbedtls' Makefile. This version also removes the previously cherry
picked SHA512 files.

Signed-off-by: Eric Richter <erichte at linux.ibm.com>
---
 .gitmodules                    |   4 +
 libstb/Makefile.inc            |   6 +-
 libstb/crypto/Makefile.inc     |  44 +++
 libstb/crypto/mbedtls          |   1 +
 libstb/crypto/mbedtls-config.h |  99 +++++++
 libstb/mbedtls/Makefile.inc    |  11 -
 libstb/mbedtls/sha512.c        | 480 ---------------------------------
 libstb/mbedtls/sha512.h        | 141 ----------
 8 files changed, 152 insertions(+), 634 deletions(-)
 create mode 100644 .gitmodules
 create mode 100644 libstb/crypto/Makefile.inc
 create mode 160000 libstb/crypto/mbedtls
 create mode 100644 libstb/crypto/mbedtls-config.h
 delete mode 100644 libstb/mbedtls/Makefile.inc
 delete mode 100644 libstb/mbedtls/sha512.c
 delete mode 100644 libstb/mbedtls/sha512.h

diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 00000000..78998dae
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,4 @@
+[submodule "libstb/crypto/mbedtls"]
+	path = libstb/crypto/mbedtls
+	url = https://github.com/ARMmbed/mbedtls
+	branch = mbedtls-2.16
diff --git a/libstb/Makefile.inc b/libstb/Makefile.inc
index d3f68496..1434b3d4 100644
--- a/libstb/Makefile.inc
+++ b/libstb/Makefile.inc
@@ -9,11 +9,13 @@ LIBSTB_OBJS = $(LIBSTB_SRCS:%.c=%.o)
 LIBSTB = $(LIBSTB_DIR)/built-in.a
 
 include $(SRC)/$(LIBSTB_DIR)/secvar/Makefile.inc
-include $(SRC)/$(LIBSTB_DIR)/mbedtls/Makefile.inc
 include $(SRC)/$(LIBSTB_DIR)/drivers/Makefile.inc
 include $(SRC)/$(LIBSTB_DIR)/tss/Makefile.inc
+include $(SRC)/$(LIBSTB_DIR)/crypto/Makefile.inc
 
-$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(SECVAR) $(MBEDTLS)
+CPPFLAGS += -I$(SRC)/$(LIBSTB_DIR)/crypto/mbedtls/include
+
+$(LIBSTB): $(LIBSTB_OBJS:%=$(LIBSTB_DIR)/%) $(DRIVERS) $(TSS) $(SECVAR) $(CRYPTO)
 
 libstb/create-container: libstb/create-container.c libstb/container-utils.c
 	$(call Q, HOSTCC ,$(HOSTCC) $(HOSTCFLAGS) \
diff --git a/libstb/crypto/Makefile.inc b/libstb/crypto/Makefile.inc
new file mode 100644
index 00000000..82803e0d
--- /dev/null
+++ b/libstb/crypto/Makefile.inc
@@ -0,0 +1,44 @@
+CRYPTO_DIR = $(LIBSTB_DIR)/crypto
+MBEDTLS_DIR = $(CRYPTO_DIR)/mbedtls/library
+
+SUBDIRS += $(CRYPTO_DIR) $(MBEDTLS_DIR)
+
+# Source file list borrowed from mbedtls/library/Makefile
+# Can probably trim disabled files for slightly less noise
+MBED_CRYPTO_SRCS  = aes.c aesni.c arc4.c
+MBED_CRYPTO_SRCS += aria.c asn1parse.c asn1write.c
+MBED_CRYPTO_SRCS += base64.c bignum.c blowfish.c
+MBED_CRYPTO_SRCS += camellia.c ccm.c chacha20.c
+MBED_CRYPTO_SRCS += chachapoly.c cipher.c cipher_wrap.c
+MBED_CRYPTO_SRCS += cmac.c ctr_drbg.c des.c
+MBED_CRYPTO_SRCS += dhm.c ecdh.c ecdsa.c
+MBED_CRYPTO_SRCS += ecjpake.c ecp.c
+MBED_CRYPTO_SRCS += ecp_curves.c entropy.c entropy_poll.c
+MBED_CRYPTO_SRCS += error.c gcm.c havege.c
+MBED_CRYPTO_SRCS += hkdf.c
+MBED_CRYPTO_SRCS += hmac_drbg.c md.c md2.c
+MBED_CRYPTO_SRCS += md4.c md5.c md_wrap.c
+MBED_CRYPTO_SRCS += memory_buffer_alloc.c nist_kw.c
+MBED_CRYPTO_SRCS += oid.c padlock.c pem.c
+MBED_CRYPTO_SRCS += pk.c pk_wrap.c pkcs12.c
+MBED_CRYPTO_SRCS += pkcs5.c pkparse.c pkwrite.c
+MBED_CRYPTO_SRCS += platform.c platform_util.c poly1305.c
+MBED_CRYPTO_SRCS += ripemd160.c rsa_internal.c rsa.c
+MBED_CRYPTO_SRCS += sha1.c sha256.c sha512.c
+MBED_CRYPTO_SRCS += threading.c timing.c version.c
+MBED_CRYPTO_SRCS += version_features.c xtea.c
+
+MBED_X509_SRCS  = certs.c pkcs11.c x509.c
+MBED_X509_SRCS += x509_create.c x509_crl.c x509_crt.c
+MBED_X509_SRCS += x509_csr.c x509write_crt.c x509write_csr.c
+
+CFLAGS_$(MBEDTLS_DIR)/  = -I$(SRC)/$(LIBSTB_DIR)/crypto -DMBEDTLS_CONFIG_FILE='<mbedtls-config.h>'
+CFLAGS_$(MBEDTLS_DIR)/ += -Wno-unused-function -Wno-suggest-attribute=const
+
+MBEDTLS_SRCS = $(addprefix mbedtls/library/,$(MBED_CRYPTO_SRCS) $(MBED_X509_SRCS))
+
+MBEDTLS_OBJS = $(MBEDTLS_SRCS:%.c=%.o)
+
+CRYPTO = $(CRYPTO_DIR)/built-in.a
+
+$(CRYPTO): $(MBEDTLS_OBJS:%=$(CRYPTO_DIR)/%)
diff --git a/libstb/crypto/mbedtls b/libstb/crypto/mbedtls
new file mode 160000
index 00000000..d81c11b8
--- /dev/null
+++ b/libstb/crypto/mbedtls
@@ -0,0 +1 @@
+Subproject commit d81c11b8ab61fd5b2da8133aa73c5fe33a0633eb
diff --git a/libstb/crypto/mbedtls-config.h b/libstb/crypto/mbedtls-config.h
new file mode 100644
index 00000000..999a6044
--- /dev/null
+++ b/libstb/crypto/mbedtls-config.h
@@ -0,0 +1,99 @@
+/**
+ * \file config-no-entropy.h
+ *
+ * \brief Minimal configuration of features that do not require an entropy source
+ */
+/*
+ *  Copyright (C) 2016, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+/*
+ * Minimal configuration of features that do not require an entropy source
+ * Distinguishing reatures:
+ * - no entropy module
+ * - no TLS protocol implementation available due to absence of an entropy
+ *   source
+ *
+ * See README.txt for usage instructions.
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+/* System support */
+#define MBEDTLS_HAVE_ASM
+#define MBEDTLS_HAVE_TIME
+
+/* mbed TLS feature support */
+//#define MBEDTLS_CIPHER_MODE_CBC
+#define MBEDTLS_CIPHER_MODE_CFB
+//#define MBEDTLS_CIPHER_PADDING_PKCS7
+//#define MBEDTLS_REMOVE_ARC4_CIPHERSUITES
+//#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
+//#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
+//#define MBEDTLS_ECP_NIST_OPTIM
+//#define MBEDTLS_ECDSA_DETERMINISTIC
+//#define MBEDTLS_PK_RSA_ALT_SUPPORT
+#define MBEDTLS_PKCS1_V15
+//#define MBEDTLS_PKCS1_V21
+//#define MBEDTLS_SELF_TEST
+#define MBEDTLS_VERSION_FEATURES
+#define MBEDTLS_X509_CHECK_KEY_USAGE
+#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+
+/* mbed TLS modules */
+//#define MBEDTLS_AES_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+//#define MBEDTLS_CCM_C
+//#define MBEDTLS_CIPHER_C
+//#define MBEDTLS_ECDSA_C
+//#define MBEDTLS_ECP_C
+#define MBEDTLS_ERROR_C
+//#define MBEDTLS_GCM_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+//#define MBEDTLS_PEM_PARSE_C
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+//#define MBEDTLS_PK_WRITE_C
+#define MBEDTLS_PLATFORM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_SHA256_C
+#define MBEDTLS_SHA512_C
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CRL_PARSE_C
+//#define MBEDTLS_CMAC_C
+
+/* Settings to reduce/remove warnings */
+#define MBEDTLS_MPI_WINDOW_SIZE	3	// (max/default is 6) Increase for speed, may introduce warnings
+#define MBEDTLS_MPI_MAX_SIZE	512	// (default is 1024) increase for more bits in user-MPIs
+#define SIZE_MAX		65535	// this might need to be in libc?
+
+/* Disableable to mitigate warnings */
+//#define MBEDTLS_ASN1_WRITE_C  // Expects SIZE_MAX
+#define MBEDTLS_VERSION_C     // Possible 'const' function
+#define MBEDTLS_HMAC_DRBG_C
+
+/* Miscellaneous options and fixes*/
+//#define MBEDTLS_AES_ROM_TABLES
+#define MBEDTLS_NO_UDBL_DIVISION	// Disabled due to unsupported operation
+
+#endif /* MBEDTLS_CONFIG_H */
diff --git a/libstb/mbedtls/Makefile.inc b/libstb/mbedtls/Makefile.inc
deleted file mode 100644
index deacd26c..00000000
--- a/libstb/mbedtls/Makefile.inc
+++ /dev/null
@@ -1,11 +0,0 @@
-# -*-Makefile-*-
-
-MBEDTLS_DIR = libstb/mbedtls
-
-SUBDIRS += $(MBEDTLS_DIR)
-
-MBEDTLS_SRCS = sha512.c
-MBEDTLS_OBJS = $(MBEDTLS_SRCS:%.c=%.o)
-MBEDTLS = $(MBEDTLS_DIR)/built-in.a
-
-$(MBEDTLS): $(MBEDTLS_OBJS:%=$(MBEDTLS_DIR)/%)
diff --git a/libstb/mbedtls/sha512.c b/libstb/mbedtls/sha512.c
deleted file mode 100644
index a1337954..00000000
--- a/libstb/mbedtls/sha512.c
+++ /dev/null
@@ -1,480 +0,0 @@
-/*
- *  FIPS-180-2 compliant SHA-384/512 implementation
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *  This file is part of mbed TLS (https://tls.mbed.org)
- */
-/*
- *  The SHA-512 Secure Hash Standard was published by NIST in 2002.
- *
- *  http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
- */
-
-#include "sha512.h"
-
-#define UL64(x) x
-
-#include <string.h>
-#include <stdio.h>
-#define mbedtls_printf printf
-
-#if !defined(MBEDTLS_SHA512_ALT)
-
-/* Implementation that should never be optimized out by the compiler */
-static void mbedtls_zeroize( void *v, size_t n ) {
-    volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-}
-
-/*
- * 64-bit integer manipulation macros (big endian)
- */
-#ifndef GET_UINT64_BE
-#define GET_UINT64_BE(n,b,i)                            \
-{                                                       \
-    (n) = ( (uint64_t) (b)[(i)    ] << 56 )       \
-        | ( (uint64_t) (b)[(i) + 1] << 48 )       \
-        | ( (uint64_t) (b)[(i) + 2] << 40 )       \
-        | ( (uint64_t) (b)[(i) + 3] << 32 )       \
-        | ( (uint64_t) (b)[(i) + 4] << 24 )       \
-        | ( (uint64_t) (b)[(i) + 5] << 16 )       \
-        | ( (uint64_t) (b)[(i) + 6] <<  8 )       \
-        | ( (uint64_t) (b)[(i) + 7]       );      \
-}
-#endif /* GET_UINT64_BE */
-
-#ifndef PUT_UINT64_BE
-#define PUT_UINT64_BE(n,b,i)                            \
-{                                                       \
-    (b)[(i)    ] = (unsigned char) ( (n) >> 56 );       \
-    (b)[(i) + 1] = (unsigned char) ( (n) >> 48 );       \
-    (b)[(i) + 2] = (unsigned char) ( (n) >> 40 );       \
-    (b)[(i) + 3] = (unsigned char) ( (n) >> 32 );       \
-    (b)[(i) + 4] = (unsigned char) ( (n) >> 24 );       \
-    (b)[(i) + 5] = (unsigned char) ( (n) >> 16 );       \
-    (b)[(i) + 6] = (unsigned char) ( (n) >>  8 );       \
-    (b)[(i) + 7] = (unsigned char) ( (n)       );       \
-}
-#endif /* PUT_UINT64_BE */
-
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
-{
-    memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
-}
-
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
-{
-    if( ctx == NULL )
-        return;
-
-    mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
-}
-
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
-                           const mbedtls_sha512_context *src )
-{
-    *dst = *src;
-}
-
-/*
- * SHA-512 context setup
- */
-void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
-{
-    ctx->total[0] = 0;
-    ctx->total[1] = 0;
-
-    if( is384 == 0 )
-    {
-        /* SHA-512 */
-        ctx->state[0] = UL64(0x6A09E667F3BCC908);
-        ctx->state[1] = UL64(0xBB67AE8584CAA73B);
-        ctx->state[2] = UL64(0x3C6EF372FE94F82B);
-        ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
-        ctx->state[4] = UL64(0x510E527FADE682D1);
-        ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
-        ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
-        ctx->state[7] = UL64(0x5BE0CD19137E2179);
-    }
-    else
-    {
-        /* SHA-384 */
-        ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
-        ctx->state[1] = UL64(0x629A292A367CD507);
-        ctx->state[2] = UL64(0x9159015A3070DD17);
-        ctx->state[3] = UL64(0x152FECD8F70E5939);
-        ctx->state[4] = UL64(0x67332667FFC00B31);
-        ctx->state[5] = UL64(0x8EB44A8768581511);
-        ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
-        ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
-    }
-
-    ctx->is384 = is384;
-}
-
-#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
-
-/*
- * Round constants
- */
-static const uint64_t K[80] =
-{
-    UL64(0x428A2F98D728AE22),  UL64(0x7137449123EF65CD),
-    UL64(0xB5C0FBCFEC4D3B2F),  UL64(0xE9B5DBA58189DBBC),
-    UL64(0x3956C25BF348B538),  UL64(0x59F111F1B605D019),
-    UL64(0x923F82A4AF194F9B),  UL64(0xAB1C5ED5DA6D8118),
-    UL64(0xD807AA98A3030242),  UL64(0x12835B0145706FBE),
-    UL64(0x243185BE4EE4B28C),  UL64(0x550C7DC3D5FFB4E2),
-    UL64(0x72BE5D74F27B896F),  UL64(0x80DEB1FE3B1696B1),
-    UL64(0x9BDC06A725C71235),  UL64(0xC19BF174CF692694),
-    UL64(0xE49B69C19EF14AD2),  UL64(0xEFBE4786384F25E3),
-    UL64(0x0FC19DC68B8CD5B5),  UL64(0x240CA1CC77AC9C65),
-    UL64(0x2DE92C6F592B0275),  UL64(0x4A7484AA6EA6E483),
-    UL64(0x5CB0A9DCBD41FBD4),  UL64(0x76F988DA831153B5),
-    UL64(0x983E5152EE66DFAB),  UL64(0xA831C66D2DB43210),
-    UL64(0xB00327C898FB213F),  UL64(0xBF597FC7BEEF0EE4),
-    UL64(0xC6E00BF33DA88FC2),  UL64(0xD5A79147930AA725),
-    UL64(0x06CA6351E003826F),  UL64(0x142929670A0E6E70),
-    UL64(0x27B70A8546D22FFC),  UL64(0x2E1B21385C26C926),
-    UL64(0x4D2C6DFC5AC42AED),  UL64(0x53380D139D95B3DF),
-    UL64(0x650A73548BAF63DE),  UL64(0x766A0ABB3C77B2A8),
-    UL64(0x81C2C92E47EDAEE6),  UL64(0x92722C851482353B),
-    UL64(0xA2BFE8A14CF10364),  UL64(0xA81A664BBC423001),
-    UL64(0xC24B8B70D0F89791),  UL64(0xC76C51A30654BE30),
-    UL64(0xD192E819D6EF5218),  UL64(0xD69906245565A910),
-    UL64(0xF40E35855771202A),  UL64(0x106AA07032BBD1B8),
-    UL64(0x19A4C116B8D2D0C8),  UL64(0x1E376C085141AB53),
-    UL64(0x2748774CDF8EEB99),  UL64(0x34B0BCB5E19B48A8),
-    UL64(0x391C0CB3C5C95A63),  UL64(0x4ED8AA4AE3418ACB),
-    UL64(0x5B9CCA4F7763E373),  UL64(0x682E6FF3D6B2B8A3),
-    UL64(0x748F82EE5DEFB2FC),  UL64(0x78A5636F43172F60),
-    UL64(0x84C87814A1F0AB72),  UL64(0x8CC702081A6439EC),
-    UL64(0x90BEFFFA23631E28),  UL64(0xA4506CEBDE82BDE9),
-    UL64(0xBEF9A3F7B2C67915),  UL64(0xC67178F2E372532B),
-    UL64(0xCA273ECEEA26619C),  UL64(0xD186B8C721C0C207),
-    UL64(0xEADA7DD6CDE0EB1E),  UL64(0xF57D4F7FEE6ED178),
-    UL64(0x06F067AA72176FBA),  UL64(0x0A637DC5A2C898A6),
-    UL64(0x113F9804BEF90DAE),  UL64(0x1B710B35131C471B),
-    UL64(0x28DB77F523047D84),  UL64(0x32CAAB7B40C72493),
-    UL64(0x3C9EBE0A15C9BEBC),  UL64(0x431D67C49C100D4C),
-    UL64(0x4CC5D4BECB3E42B6),  UL64(0x597F299CFC657E2A),
-    UL64(0x5FCB6FAB3AD6FAEC),  UL64(0x6C44198C4A475817)
-};
-
-void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
-{
-    int i;
-    uint64_t temp1, temp2, W[80];
-    uint64_t A, B, C, D, E, F, G, H;
-
-#define  SHR(x,n) (x >> n)
-#define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
-
-#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^  SHR(x, 7))
-#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^  SHR(x, 6))
-
-#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
-#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
-
-#define F0(x,y,z) ((x & y) | (z & (x | y)))
-#define F1(x,y,z) (z ^ (x & (y ^ z)))
-
-#define P(a,b,c,d,e,f,g,h,x,K)                  \
-{                                               \
-    temp1 = h + S3(e) + F1(e,f,g) + K + x;      \
-    temp2 = S2(a) + F0(a,b,c);                  \
-    d += temp1; h = temp1 + temp2;              \
-}
-
-    for( i = 0; i < 16; i++ )
-    {
-        GET_UINT64_BE( W[i], data, i << 3 );
-    }
-
-    for( ; i < 80; i++ )
-    {
-        W[i] = S1(W[i -  2]) + W[i -  7] +
-               S0(W[i - 15]) + W[i - 16];
-    }
-
-    A = ctx->state[0];
-    B = ctx->state[1];
-    C = ctx->state[2];
-    D = ctx->state[3];
-    E = ctx->state[4];
-    F = ctx->state[5];
-    G = ctx->state[6];
-    H = ctx->state[7];
-    i = 0;
-
-    do
-    {
-        P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++;
-        P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++;
-        P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++;
-        P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++;
-        P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++;
-        P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++;
-        P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++;
-        P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++;
-    }
-    while( i < 80 );
-
-    ctx->state[0] += A;
-    ctx->state[1] += B;
-    ctx->state[2] += C;
-    ctx->state[3] += D;
-    ctx->state[4] += E;
-    ctx->state[5] += F;
-    ctx->state[6] += G;
-    ctx->state[7] += H;
-}
-#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
-
-/*
- * SHA-512 process buffer
- */
-void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
-                    size_t ilen )
-{
-    size_t fill;
-    unsigned int left;
-
-    if( ilen == 0 )
-        return;
-
-    left = (unsigned int) (ctx->total[0] & 0x7F);
-    fill = 128 - left;
-
-    ctx->total[0] += (uint64_t) ilen;
-
-    if( ctx->total[0] < (uint64_t) ilen )
-        ctx->total[1]++;
-
-    if( left && ilen >= fill )
-    {
-        memcpy( (void *) (ctx->buffer + left), input, fill );
-        mbedtls_sha512_process( ctx, ctx->buffer );
-        input += fill;
-        ilen  -= fill;
-        left = 0;
-    }
-
-    while( ilen >= 128 )
-    {
-        mbedtls_sha512_process( ctx, input );
-        input += 128;
-        ilen  -= 128;
-    }
-
-    if( ilen > 0 )
-        memcpy( (void *) (ctx->buffer + left), input, ilen );
-}
-
-static const unsigned char sha512_padding[128] =
-{
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * SHA-512 final digest
- */
-void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] )
-{
-    size_t last, padn;
-    uint64_t high, low;
-    unsigned char msglen[16];
-
-    high = ( ctx->total[0] >> 61 )
-         | ( ctx->total[1] <<  3 );
-    low  = ( ctx->total[0] <<  3 );
-
-    PUT_UINT64_BE( high, msglen, 0 );
-    PUT_UINT64_BE( low,  msglen, 8 );
-
-    last = (size_t)( ctx->total[0] & 0x7F );
-    padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
-
-    mbedtls_sha512_update( ctx, sha512_padding, padn );
-    mbedtls_sha512_update( ctx, msglen, 16 );
-
-    PUT_UINT64_BE( ctx->state[0], output,  0 );
-    PUT_UINT64_BE( ctx->state[1], output,  8 );
-    PUT_UINT64_BE( ctx->state[2], output, 16 );
-    PUT_UINT64_BE( ctx->state[3], output, 24 );
-    PUT_UINT64_BE( ctx->state[4], output, 32 );
-    PUT_UINT64_BE( ctx->state[5], output, 40 );
-
-    if( ctx->is384 == 0 )
-    {
-        PUT_UINT64_BE( ctx->state[6], output, 48 );
-        PUT_UINT64_BE( ctx->state[7], output, 56 );
-    }
-}
-
-#endif /* !MBEDTLS_SHA512_ALT */
-
-/*
- * output = SHA-512( input buffer )
- */
-void mbedtls_sha512( const unsigned char *input, size_t ilen,
-             unsigned char output[64], int is384 )
-{
-    mbedtls_sha512_context ctx;
-
-    mbedtls_sha512_init( &ctx );
-    mbedtls_sha512_starts( &ctx, is384 );
-    mbedtls_sha512_update( &ctx, input, ilen );
-    mbedtls_sha512_finish( &ctx, output );
-    mbedtls_sha512_free( &ctx );
-}
-
-#if defined(MBEDTLS_SELF_TEST)
-
-/*
- * FIPS-180-2 test vectors
- */
-static const unsigned char sha512_test_buf[3][113] =
-{
-    { "abc" },
-    { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
-      "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
-    { "" }
-};
-
-static const int sha512_test_buflen[3] =
-{
-    3, 112, 1000
-};
-
-static const unsigned char sha512_test_sum[6][64] =
-{
-    /*
-     * SHA-384 test vectors
-     */
-    { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
-      0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
-      0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
-      0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
-      0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
-      0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
-    { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
-      0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
-      0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
-      0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
-      0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
-      0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
-    { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
-      0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
-      0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
-      0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
-      0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
-      0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
-
-    /*
-     * SHA-512 test vectors
-     */
-    { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
-      0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
-      0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
-      0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
-      0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
-      0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
-      0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
-      0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
-    { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
-      0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
-      0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
-      0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
-      0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
-      0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
-      0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
-      0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
-    { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
-      0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
-      0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
-      0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
-      0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
-      0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
-      0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
-      0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
-};
-
-/*
- * Checkup routine
- */
-int mbedtls_sha512_self_test( int verbose )
-{
-    int i, j, k, buflen, ret = 0;
-    unsigned char buf[1024];
-    unsigned char sha512sum[64];
-    mbedtls_sha512_context ctx;
-
-    mbedtls_sha512_init( &ctx );
-
-    for( i = 0; i < 6; i++ )
-    {
-        j = i % 3;
-        k = i < 3;
-
-        if( verbose != 0 )
-            mbedtls_printf( "  SHA-%d test #%d: ", 512 - k * 128, j + 1 );
-
-        mbedtls_sha512_starts( &ctx, k );
-
-        if( j == 2 )
-        {
-            memset( buf, 'a', buflen = 1000 );
-
-            for( j = 0; j < 1000; j++ )
-                mbedtls_sha512_update( &ctx, buf, buflen );
-        }
-        else
-            mbedtls_sha512_update( &ctx, sha512_test_buf[j],
-                                 sha512_test_buflen[j] );
-
-        mbedtls_sha512_finish( &ctx, sha512sum );
-
-        if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
-        {
-            if( verbose != 0 )
-                mbedtls_printf( "failed\n" );
-
-            ret = 1;
-            goto exit;
-        }
-
-        if( verbose != 0 )
-            mbedtls_printf( "passed\n" );
-    }
-
-    if( verbose != 0 )
-        mbedtls_printf( "\n" );
-
-exit:
-    mbedtls_sha512_free( &ctx );
-
-    return( ret );
-}
-
-#endif /* MBEDTLS_SELF_TEST */
diff --git a/libstb/mbedtls/sha512.h b/libstb/mbedtls/sha512.h
deleted file mode 100644
index 627694f4..00000000
--- a/libstb/mbedtls/sha512.h
+++ /dev/null
@@ -1,141 +0,0 @@
-/**
- * \file sha512.h
- *
- * \brief SHA-384 and SHA-512 cryptographic hash function
- *
- *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
- *  SPDX-License-Identifier: Apache-2.0
- *
- *  Licensed under the Apache License, Version 2.0 (the "License"); you may
- *  not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *  http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- *
- *  This file is part of mbed TLS (https://tls.mbed.org)
- */
-#ifndef MBEDTLS_SHA512_H
-#define MBEDTLS_SHA512_H
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#include <stddef.h>
-#include <stdint.h>
-
-#if !defined(MBEDTLS_SHA512_ALT)
-// Regular implementation
-//
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          SHA-512 context structure
- */
-typedef struct
-{
-    uint64_t total[2];          /*!< number of bytes processed  */
-    uint64_t state[8];          /*!< intermediate digest state  */
-    unsigned char buffer[128];  /*!< data block being processed */
-    int is384;                  /*!< 0 => SHA-512, else SHA-384 */
-}
-mbedtls_sha512_context;
-
-/**
- * \brief          Initialize SHA-512 context
- *
- * \param ctx      SHA-512 context to be initialized
- */
-void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
-
-/**
- * \brief          Clear SHA-512 context
- *
- * \param ctx      SHA-512 context to be cleared
- */
-void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
-
-/**
- * \brief          Clone (the state of) a SHA-512 context
- *
- * \param dst      The destination context
- * \param src      The context to be cloned
- */
-void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
-                           const mbedtls_sha512_context *src );
-
-/**
- * \brief          SHA-512 context setup
- *
- * \param ctx      context to be initialized
- * \param is384    0 = use SHA512, 1 = use SHA384
- */
-void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
-
-/**
- * \brief          SHA-512 process buffer
- *
- * \param ctx      SHA-512 context
- * \param input    buffer holding the  data
- * \param ilen     length of the input data
- */
-void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
-                    size_t ilen );
-
-/**
- * \brief          SHA-512 final digest
- *
- * \param ctx      SHA-512 context
- * \param output   SHA-384/512 checksum result
- */
-void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] );
-
-#ifdef __cplusplus
-}
-#endif
-
-#else  /* MBEDTLS_SHA512_ALT */
-#include "sha512_alt.h"
-#endif /* MBEDTLS_SHA512_ALT */
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Output = SHA-512( input buffer )
- *
- * \param input    buffer holding the  data
- * \param ilen     length of the input data
- * \param output   SHA-384/512 checksum result
- * \param is384    0 = use SHA512, 1 = use SHA384
- */
-void mbedtls_sha512( const unsigned char *input, size_t ilen,
-             unsigned char output[64], int is384 );
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_sha512_self_test( int verbose );
-
-/* Internal use */
-void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] );
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* mbedtls_sha512.h */
-- 
2.21.0



More information about the Skiboot mailing list