From nobody Sun Dec 14 06:22:05 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1764355718; cv=none; d=zohomail.com; s=zohoarc; b=FRLv4fJgV7VaAOWIZCqg0Qr2mkqKW/6bbX9/7FlUPWIG0ej22EkeziUp0Wd2y99Ulxl97Yle+ptCaNvmPmf9CHGCfrGNWx+uDS0S2eM8DNPllG8NiDyi7Rck1GdnNpTzFSlf5nnIYOmqCzQfiTre3dzXmDBHSP8hhmnklUrbd34= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1764355718; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=AG6MYW2ts+qmKiceaP2reK+W5LS3b/4VvnJvBEvZlPo=; b=Y2HmrkAEQ/Xn2+J4fXcDcK7P8AoIKYMJJ0VIWYKUdASzKngE+dNXkyIb+szcKXcUMihHHIVebZlcLG4hsCWi/dd95feO+3fcomau3bp3nc3zAdKtDJjv9uL/pdKT7MOaS9xNUH0F1X11amT5W8f/yFrz5hENmjwiS9smuT55STY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1764355718011350.1196866064266; Fri, 28 Nov 2025 10:48:38 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1175089.1500010 (Exim 4.92) (envelope-from ) id 1vP3Vo-0007At-UZ; Fri, 28 Nov 2025 18:48:08 +0000 Received: by outflank-mailman (output) from mailman id 1175089.1500010; Fri, 28 Nov 2025 18:48:08 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vP3Vo-0007Am-Qy; Fri, 28 Nov 2025 18:48:08 +0000 Received: by outflank-mailman (input) for mailman id 1175089; Fri, 28 Nov 2025 18:48:08 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vP3Vo-0006rr-8i for xen-devel@lists.xenproject.org; Fri, 28 Nov 2025 18:48:08 +0000 Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com [2a00:1450:4864:20::32a]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id c5399310-cc8a-11f0-980a-7dc792cee155; Fri, 28 Nov 2025 19:48:03 +0100 (CET) Received: by mail-wm1-x32a.google.com with SMTP id 5b1f17b1804b1-47778b23f64so12615955e9.0 for ; Fri, 28 Nov 2025 10:48:03 -0800 (PST) Received: from localhost.localdomain (host-92-29-237-183.as13285.net. [92.29.237.183]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-47903c7360fsm102534325e9.0.2025.11.28.10.48.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Nov 2025 10:48:01 -0800 (PST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c5399310-cc8a-11f0-980a-7dc792cee155 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1764355683; x=1764960483; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=AG6MYW2ts+qmKiceaP2reK+W5LS3b/4VvnJvBEvZlPo=; b=R+Rb8+d/lXufoPzzRKxQ9uwLjeD7KTQE7wnrOVVcbZ7HE3/6NTzQ2TOeNCb3RdtsFP 40hXB3kTerdvRGQhfchtOxl8RqPkBJZDNeFv9f67kFBuBrhXVIeTh6a7cBImEgguEEWD 994Ou6Gh0ziCqc55vOiXsazquYYqvx7Cy7I4Y= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764355683; x=1764960483; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=AG6MYW2ts+qmKiceaP2reK+W5LS3b/4VvnJvBEvZlPo=; b=j4s1vftz3VBVUWR0aeDUi3rRENbtvGY6Qj0KFXW2Xq6mX3kWraboq+sLWbj7m/wTrC VYzB7WYpy95cGOhqQ3QSjW8VLyGY4Cktlk8mEvdLbYnhRriuEW9qoMbQKy4vvL4W14eO zNWhT6Z6iDAirsIUGxMS8S1qUgcDzTV/0EBgVV7kxnZdOjqifmySc25/NFxvPoduc/gw aOFtfP5zc8QDcrkHIu/JqgR4hYHzVhUyVbOSw5ANIXtIZsOdyhKMrF/DD/bsTkuniW/u yha40fFKyzBprpzObXm2BN3TLLzO3HjaljqmK+m7FDNAaoENACt7rJZVC4CTPgXALDMU Gzcg== X-Gm-Message-State: AOJu0YwcS8wVXrgEs3ayATUeBWb4d9YK238KbpEESTefx8ZlDztojBvj BX9eJgwMdKWcWHWHMPEvp9gSzIpceOxS8MRCldvB9cJAuigI57eHX+Hssytv2oWYO03QXfnAcRI Z6/FA X-Gm-Gg: ASbGncv9wZemiuQFs5j5SrzD0RCjK0xVDKpe3jC4GPzVmKTgNk/XaANzgOekTlakcJL rlK4VZ63v5sO3H3m8eKlk/JP3Tb1RKZwxndPSJ7ageRKlxo2EpHkTemEeBV6pUAtxtq61wwYdfD mKkxxQVpqMJFKXQxEeuvvpOjs+mzwQkUnPSn0w+so+x7QI5cNA/OETVViWcS0sYdjwW132MZXEZ t6wTzT1ZIFPialIDM8Rf/Y2nIKo+JykBiViCOL1krEfohP4faeCrF7ybx7mO+zVkMPnTgtD/4Nd mB6BsVXSurWB+uPx/T1GHQ83KkekiH5qiYdR1KL31Ud4AI6DZpaFIn7CZJVWSaILkHWo/z2K7bw JFy4dGcZRhMIFaHDbntEKFa0VTQsa4Znp3m1GUKU4Js/rmNYuarqd4G3/W5coWp7zemR4YOoiCe A0ySmSCzmdAtR64W6mG391CVtOk/mpB3MAdozTYyEKJvpgJ5uAltOQwpo76j6sVg== X-Google-Smtp-Source: AGHT+IFhhwqpMg7mkzdITg7hOlHjYtF5diSqEe1z9DZDxr9p1ucctR1yTEwa6ZPLvMpyJoA6fJLfEQ== X-Received: by 2002:a05:600c:1c82:b0:477:9650:3175 with SMTP id 5b1f17b1804b1-477c1057310mr342274145e9.0.1764355682812; Fri, 28 Nov 2025 10:48:02 -0800 (PST) From: Andrew Cooper To: Xen-devel Cc: Andrew Cooper , Krystian Hebel , Sergii Dmytruk , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Subject: [PATCH 1/2] xen/lib: Misc SHA2 cleanup Date: Fri, 28 Nov 2025 18:47:56 +0000 Message-Id: <20251128184757.1243678-2-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20251128184757.1243678-1-andrew.cooper3@citrix.com> References: <20251128184757.1243678-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1764355719298019200 In sha2_256_transform(), make state be an array of 8 rather than a pointer, which lets the compiler do slightly more checking. For better or worse, the canonical API in Linux is just the algorithm name. As we're intending to import more from Linux in this area, drop the digest suffix before we gain more users. Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 --- xen/arch/x86/cpu/microcode/amd.c | 2 +- xen/include/xen/sha2.h | 4 ++-- xen/lib/sha2-256.c | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/xen/arch/x86/cpu/microcode/amd.c b/xen/arch/x86/cpu/microcode/= amd.c index e7ae1e802353..adabe6e6e838 100644 --- a/xen/arch/x86/cpu/microcode/amd.c +++ b/xen/arch/x86/cpu/microcode/amd.c @@ -139,7 +139,7 @@ static bool check_digest(const struct container_microco= de *mc) return false; } =20 - sha2_256_digest(digest, patch, mc->len); + sha2_256(digest, patch, mc->len); =20 if ( memcmp(digest, pd->digest, sizeof(digest)) ) { diff --git a/xen/include/xen/sha2.h b/xen/include/xen/sha2.h index 09c69195a97d..7a99c1259d6e 100644 --- a/xen/include/xen/sha2.h +++ b/xen/include/xen/sha2.h @@ -9,8 +9,8 @@ =20 #define SHA2_256_DIGEST_SIZE 32 =20 -void sha2_256_digest(uint8_t digest[SHA2_256_DIGEST_SIZE], - const void *msg, size_t len); +void sha2_256(uint8_t digest[SHA2_256_DIGEST_SIZE], + const void *msg, size_t len); =20 struct sha2_256_state { uint32_t state[SHA2_256_DIGEST_SIZE / sizeof(uint32_t)]; diff --git a/xen/lib/sha2-256.c b/xen/lib/sha2-256.c index d1b2c20b9812..ed585ac0d4c1 100644 --- a/xen/lib/sha2-256.c +++ b/xen/lib/sha2-256.c @@ -68,7 +68,7 @@ static const uint32_t K[] =3D { 0x90befffaU, 0xa4506cebU, 0xbef9a3f7U, 0xc67178f2U, }; =20 -static void sha2_256_transform(uint32_t *state, const void *_input) +static void sha2_256_transform(uint32_t state[8], const void *_input) { const uint32_t *input =3D _input; uint32_t a, b, c, d, e, f, g, h, t1, t2; @@ -197,8 +197,8 @@ void sha2_256_final(struct sha2_256_state *s, uint8_t d= igest[SHA2_256_DIGEST_SIZ put_unaligned_be32(s->state[i], &dst[i]); } =20 -void sha2_256_digest(uint8_t digest[SHA2_256_DIGEST_SIZE], - const void *msg, size_t len) +void sha2_256(uint8_t digest[SHA2_256_DIGEST_SIZE], + const void *msg, size_t len) { struct sha2_256_state s; =20 @@ -243,7 +243,7 @@ static void __init __constructor test_sha2_256(void) const struct test *t =3D &tests[i]; uint8_t res[SHA2_256_DIGEST_SIZE] =3D {}; =20 - sha2_256_digest(res, t->msg, strlen(t->msg)); + sha2_256(res, t->msg, strlen(t->msg)); =20 if ( memcmp(res, t->digest, sizeof(t->digest)) =3D=3D 0 ) continue; --=20 2.39.5 From nobody Sun Dec 14 06:22:05 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass(p=reject dis=none) header.from=citrix.com ARC-Seal: i=1; a=rsa-sha256; t=1764355710; cv=none; d=zohomail.com; s=zohoarc; b=Z0G6HrD14o3PqW42ggUzG54qv5JR3pHGPoB3ecaM9UtRPAbIosOcI2dhC5xEhvoQmv1SQsEINHosk8UkLwV92irAgxItfPbJjNIH6ddUBJPYBn3HEE2cm1dAN1wNAcIr//KtXLWcx/fW7imXq0I6kZ43P591/vbxIYFiNhJ64v0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1764355710; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=U5iN5oCUV2c9KWI51YUJ6xwnAH3DNseJ0SKRiMxlo8k=; b=d/nSLTwTnYK7JI6PZhczhD1JQjxzf2nffToj66O92UrGu9SuZ8offb9BcGsdEEK3EU+0z+5emZRAKQzWfqUXP5bMk6MfcdSUbWizx2HNAxQw5fbGKrsu6gGr3ivRaJfbzGGc9pYvdl6gaJavLhg30C34l14Hqz+kMNrnnf95DFY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1764355710207333.7551500701268; Fri, 28 Nov 2025 10:48:30 -0800 (PST) Received: from list by lists.xenproject.org with outflank-mailman.1175088.1500000 (Exim 4.92) (envelope-from ) id 1vP3Vm-0006wz-MZ; Fri, 28 Nov 2025 18:48:06 +0000 Received: by outflank-mailman (output) from mailman id 1175088.1500000; Fri, 28 Nov 2025 18:48:06 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vP3Vm-0006ws-Jw; Fri, 28 Nov 2025 18:48:06 +0000 Received: by outflank-mailman (input) for mailman id 1175088; Fri, 28 Nov 2025 18:48:05 +0000 Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254] helo=se1-gles-sth1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1vP3Vl-0006j2-Ot for xen-devel@lists.xenproject.org; Fri, 28 Nov 2025 18:48:05 +0000 Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [2a00:1450:4864:20::331]) by se1-gles-sth1.inumbo.com (Halon) with ESMTPS id c5ca4e3f-cc8a-11f0-9d18-b5c5bf9af7f9; Fri, 28 Nov 2025 19:48:04 +0100 (CET) Received: by mail-wm1-x331.google.com with SMTP id 5b1f17b1804b1-477b198f4bcso14951995e9.3 for ; Fri, 28 Nov 2025 10:48:05 -0800 (PST) Received: from localhost.localdomain (host-92-29-237-183.as13285.net. [92.29.237.183]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-47903c7360fsm102534325e9.0.2025.11.28.10.48.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Nov 2025 10:48:03 -0800 (PST) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: c5ca4e3f-cc8a-11f0-9d18-b5c5bf9af7f9 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=citrix.com; s=google; t=1764355684; x=1764960484; darn=lists.xenproject.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=U5iN5oCUV2c9KWI51YUJ6xwnAH3DNseJ0SKRiMxlo8k=; b=riTVPxRSsBFk+Xi2sSowCoamYDfwiXif08pxjvtwUlLQVB2FuTMvgTDUb1wirgoso8 FOOKGJ5PmvRFXtcsp35AHrD2I8s95v8/389YJmLylNrtPNYotTbrFFWDO0gLyYHHSXyw 085/TLLU2IDCd4SgmuEVMp3zNbyamehtdq7w0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1764355684; x=1764960484; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=U5iN5oCUV2c9KWI51YUJ6xwnAH3DNseJ0SKRiMxlo8k=; b=OsllQSbtpZMov3WYn6TCpQnFhtUCyQ7hA0831v0HKGAVa6Z9bzxpfQEv6Ti+msGoei eYxRNzwaTzagl+mFd9eFVzdZ39Gs0pi4jVggt9Aenp9PQx5RQDUZQCyAa09uy0GRjstM WBuK9ke7n5bTLNFNA7c4cizZRK8itYCGaRiJhm0qyf7PC5R9vVI/YYlgx6GW9/JaZqwa Lr/ls40AZq7l0bRCsSq/lYHs3ElSykYDyclPwp9RBiFq6CAscbI/NA2jaD2Fj1duVH4t wTnNdZkunyku0IgpuEASl7QW9kOQ0Y/EObD8+hDmMeO8+TM/ViOxlGCVPU7i8yjVO6xC J11Q== X-Gm-Message-State: AOJu0Yyo1ZIEqC/1ttvOGSV7He1cDufjcl4LRQ5tSDk1N8f5x8RbnhEm 8+DXwaoPa+8zfbPK9nx/MaHg13m5tJ2ENL1xNKJiHxUZLTow+MQxyEDq0bfq9qfeuY/sndL74kx LiFpg X-Gm-Gg: ASbGncsoGvyY70A+nHC9piojj7uWW58cyBgm6lUULN55WzEK9lOZF617NaDVk7/bSdR Xr+PB3MIWgdpfJHywVkIYHM6dvbgNLpfymaUL99OU5MUdOc8/55w5HwMlxHXp9e94l4VCJf+zSq ZftkKwicd7mKg7YPPpqyLFsND5kxyrTN6sHQJv4xdVrLVwL5V1P/ZARtyqB7CUr/ojOhcfVKlH4 wSQTzw6qWTgn5ejowkffVYMicOO5zsXK1KxmpmKT4HDNG4lL6oYNelmyfUQ4GjweBYmASCXLIoU GnCDF7FtPXvAAgrvMvz7DnxRQL/A2+dHqEQgQ+T6NuXCf98lIh4xUcqbo/1bWCwr2eEFsnRmhTR 8HJ5zUU4FPdqYV3bwCDA+jIYKtkXAAnKZ9ybGD4qMO7Uq2AiewSGjqzvsKjJ9M/hsnHkz64noMu adqr33r+DK59hTt3b09WyYh0V/RhZhc9QV1jn+GtPOBOHyEiiuiLLXmen1NHw/jg== X-Google-Smtp-Source: AGHT+IFrMtAdXOyGD52+Szr1Tqi5CBsCanS1Vxe+gywHvBkWDilkMFglrehP0IMrwmo8fJw0qL0AEA== X-Received: by 2002:a05:600c:1993:b0:477:9392:8557 with SMTP id 5b1f17b1804b1-477c01b495amr282532355e9.18.1764355684197; Fri, 28 Nov 2025 10:48:04 -0800 (PST) From: Andrew Cooper To: Xen-devel Cc: Krystian Hebel , Sergii Dmytruk , Andrew Cooper , Jan Beulich , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= Subject: [PATCH 2/2] xen/lib: Introduce SHA-1 Date: Fri, 28 Nov 2025 18:47:57 +0000 Message-Id: <20251128184757.1243678-3-andrew.cooper3@citrix.com> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20251128184757.1243678-1-andrew.cooper3@citrix.com> References: <20251128184757.1243678-1-andrew.cooper3@citrix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @citrix.com) X-ZM-MESSAGEID: 1764355711438019200 From: Krystian Hebel Future work will need to interact with the TPM, which requires calculating digests for all active hash banks. Introduce an implementation in lib/, partially derived from Trenchboot which itself is derived from Linux. In order to be useful to other architectures, it is careful with endianness and misaligned accesses as well as being more MISRA friendly, but is only wired up for x86 in the short term. Signed-off-by: Krystian Hebel Signed-off-by: Sergii Dmytruk Signed-off-by: Andrew Cooper Acked-by: Jan Beulich --- CC: Jan Beulich CC: Roger Pau Monn=C3=A9 * Split out of Trenchboot series. * Add selftests, adjust types --- xen/include/xen/sha1.h | 14 +++ xen/lib/Makefile | 1 + xen/lib/sha1.c | 215 +++++++++++++++++++++++++++++++++++++++++ 3 files changed, 230 insertions(+) create mode 100644 xen/include/xen/sha1.h create mode 100644 xen/lib/sha1.c diff --git a/xen/include/xen/sha1.h b/xen/include/xen/sha1.h new file mode 100644 index 000000000000..d649da8ebd97 --- /dev/null +++ b/xen/include/xen/sha1.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * SHA1: https://csrc.nist.gov/pubs/fips/180-4/upd1/final + */ +#ifndef XEN_SHA1_H +#define XEN_SHA1_H + +#include + +#define SHA1_DIGEST_SIZE 20 + +void sha1(uint8_t digest[SHA1_DIGEST_SIZE], const void *msg, size_t len); + +#endif /* XEN_SHA1_H */ diff --git a/xen/lib/Makefile b/xen/lib/Makefile index 5ccb1e5241c5..fd4b9ece63fb 100644 --- a/xen/lib/Makefile +++ b/xen/lib/Makefile @@ -17,6 +17,7 @@ lib-y +=3D memset.o lib-y +=3D muldiv64.o lib-y +=3D parse-size.o lib-y +=3D rbtree.o +lib-$(CONFIG_X86) +=3D sha1.o lib-$(CONFIG_X86) +=3D sha2-256.o lib-y +=3D sort.o lib-y +=3D strcasecmp.o diff --git a/xen/lib/sha1.c b/xen/lib/sha1.c new file mode 100644 index 000000000000..eac2bdd4dfb3 --- /dev/null +++ b/xen/lib/sha1.c @@ -0,0 +1,215 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * SHA1: https://csrc.nist.gov/pubs/fips/180-4/upd1/final + * + * Originally derived from Linux. Modified substantially to optimise for = size + * and Xen's expected usecases. + */ +#include +#include +#include +#include + +struct sha1_state { + size_t count; /* Byte Count. */ + uint32_t state[SHA1_DIGEST_SIZE / sizeof(uint32_t)]; + uint8_t buf[64]; +}; + +static uint32_t blend(uint32_t w[16], unsigned int i) +{ +#define W(i) w[(i) & 15] + + return W(i) =3D rol32(W(i + 13) ^ W(i + 8) ^ W(i + 2) ^ W(i), 1); + +#undef W +} + +static void sha1_transform(uint32_t state[5], const void *_input) +{ + const uint32_t *input =3D _input; + uint32_t a, b, c, d, e, t; + uint32_t w[16]; + unsigned int i =3D 0; + + a =3D state[0]; + b =3D state[1]; + c =3D state[2]; + d =3D state[3]; + e =3D state[4]; + + /* Round 1 - iterations 0-16 take their input from 'input' */ + for ( ; i < 16; ++i ) + { + t =3D get_unaligned_be32(&input[i]); + w[i] =3D t; + e +=3D t + rol32(a, 5) + (((c ^ d) & b) ^ d) + 0x5a827999U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 1 tail. Input from 512-bit mixing array */ + for ( ; i < 20; ++i ) + { + t =3D blend(w, i); + e +=3D t + rol32(a, 5) + (((c ^ d) & b) ^ d) + 0x5a827999U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 2 */ + for ( ; i < 40; ++i ) + { + t =3D blend(w, i); + e +=3D t + rol32(a, 5) + (b ^ c ^ d) + 0x6ed9eba1U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 3 */ + for ( ; i < 60; ++i ) + { + t =3D blend(w, i); + e +=3D t + rol32(a, 5) + ((b & c) + (d & (b ^ c))) + 0x8f1bbcdcU; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + /* Round 4 */ + for ( ; i < 80; ++i ) + { + t =3D blend(w, i); + e +=3D t + rol32(a, 5) + (b ^ c ^ d) + 0xca62c1d6U; + b =3D ror32(b, 2); + t =3D e; e =3D d; d =3D c; c =3D b; b =3D a; a =3D t; + } + + state[0] +=3D a; + state[1] +=3D b; + state[2] +=3D c; + state[3] +=3D d; + state[4] +=3D e; +} + +static void sha1_init(struct sha1_state *s) +{ + *s =3D (struct sha1_state){ + .state =3D { + 0x67452301U, + 0xefcdab89U, + 0x98badcfeU, + 0x10325476U, + 0xc3d2e1f0U, + }, + }; +} + +static void sha1_update(struct sha1_state *s, const void *msg, size_t len) +{ + unsigned int partial =3D s->count & 63; + + s->count +=3D len; + + if ( (partial + len) >=3D 64 ) + { + if ( partial ) + { + unsigned int rem =3D 64 - partial; + + /* Fill the partial block. */ + memcpy(s->buf + partial, msg, rem); + msg +=3D rem; + len -=3D rem; + + sha1_transform(s->state, s->buf); + partial =3D 0; + } + + for ( ; len >=3D 64; msg +=3D 64, len -=3D 64 ) + sha1_transform(s->state, msg); + } + + /* Remaining data becomes partial. */ + memcpy(s->buf + partial, msg, len); +} + +static void sha1_final(struct sha1_state *s, uint8_t digest[SHA1_DIGEST_SI= ZE]) +{ + uint32_t *dst =3D (uint32_t *)digest; + unsigned int i, partial =3D s->count & 63; + + /* Start padding */ + s->buf[partial++] =3D 0x80; + + if ( partial > 56 ) + { + /* Need one extra block - pad to 64 */ + memset(s->buf + partial, 0, 64 - partial); + sha1_transform(s->state, s->buf); + partial =3D 0; + } + /* Pad to 56 */ + memset(s->buf + partial, 0x0, 56 - partial); + + /* Append the bit count */ + put_unaligned_be64((uint64_t)s->count << 3, &s->buf[56]); + sha1_transform(s->state, s->buf); + + /* Store state in digest */ + for ( i =3D 0; i < 5; i++ ) + put_unaligned_be32(s->state[i], &dst[i]); +} + +void sha1(uint8_t digest[SHA1_DIGEST_SIZE], const void *msg, size_t len) +{ + struct sha1_state s; + + sha1_init(&s); + sha1_update(&s, msg, len); + sha1_final(&s, digest); +} + +#ifdef CONFIG_SELF_TESTS + +#include +#include + +static const struct test { + const char *msg; + uint8_t digest[SHA1_DIGEST_SIZE]; +} tests[] __initconst =3D { + { + .msg =3D "abc", + .digest =3D { + 0xa9, 0x99, 0x3e, 0x36, 0x47, 0x06, 0x81, 0x6a, 0xba, 0x3e, + 0x25, 0x71, 0x78, 0x50, 0xc2, 0x6c, 0x9c, 0xd0, 0xd8, 0x9d, + }, + }, + { + .msg =3D "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq= ", + .digest =3D { + 0x84, 0x98, 0x3e, 0x44, 0x1c, 0x3b, 0xd2, 0x6e, 0xba, 0xae, + 0x4a, 0xa1, 0xf9, 0x51, 0x29, 0xe5, 0xe5, 0x46, 0x70, 0xf1, + }, + }, +}; + +static void __init __constructor test_sha1(void) +{ + for ( unsigned int i =3D 0; i < ARRAY_SIZE(tests); ++i ) + { + const struct test *t =3D &tests[i]; + uint8_t res[SHA1_DIGEST_SIZE] =3D {}; + + sha1(res, t->msg, strlen(t->msg)); + + if ( memcmp(res, t->digest, sizeof(t->digest)) =3D=3D 0 ) + continue; + + panic("%s() msg '%s' failed\n" + " expected %" STR(SHA1_DIGEST_SIZE) "phN\n" + " got %" STR(SHA1_DIGEST_SIZE) "phN\n", + __func__, t->msg, t->digest, res); + } +} +#endif /* CONFIG_SELF_TESTS */ --=20 2.39.5