From bf36c5d521c17460553e39d82232a51273b83aed Mon Sep 17 00:00:00 2001
From: Simon Glass <sjg@chromium.org>
Date: Wed, 5 Dec 2012 14:46:38 +0000
Subject: [PATCH] Add hash command to perform hashing using various algorithms

This new command supports hashing SHA1 and SHA256. It could be extended
to others such as MD5 and the CRC algorithms. The syntax is modeled on
those:

   hash <algorithm> <address> <length> [*<dest_addr> | <dest_envvar>]

to calculate a hash, and:

   hash -v <algorithm> <address> <length> [*<verify_addr> | <verify_envvar>]

to verify a hash.

Use CONFIG_CMD_HASH to enable the command, CONFIG_SHA1 to enable SHA1 and
CONFIG_SHA256 to enable SHA256.

The existing sha1sum command remains.

Signed-off-by: Simon Glass <sjg@chromium.org>
---
 README                   | 18 ++++++++++++
 common/Makefile          |  1 +
 common/cmd_hash.c        | 63 ++++++++++++++++++++++++++++++++++++++++
 include/config_cmd_all.h |  1 +
 4 files changed, 83 insertions(+)
 create mode 100644 common/cmd_hash.c

diff --git a/README b/README
index 5810ced1dd..4d9dd57cc3 100644
--- a/README
+++ b/README
@@ -827,6 +827,7 @@ The following options need to be configured:
 		CONFIG_CMD_GETTIME	* Get time since boot
 		CONFIG_CMD_GO		* the 'go' command (exec code)
 		CONFIG_CMD_GREPENV	* search environment
+		CONFIG_CMD_HASH		* calculate hash / digest
 		CONFIG_CMD_HWFLOW	* RTS/CTS hw flow control
 		CONFIG_CMD_I2C		* I2C serial bus support
 		CONFIG_CMD_IDE		* IDE harddisk support
@@ -2411,6 +2412,23 @@ CBFS (Coreboot Filesystem) support
 		A better solution is to properly configure the firewall,
 		but sometimes that is not allowed.
 
+- Hashing support:
+		CONFIG_CMD_HASH
+
+		This enables a generic 'hash' command which can produce
+		hashes / digests from a few algorithms (e.g. SHA1, SHA256).
+
+		CONFIG_HASH_VERIFY
+
+		Enable the hash verify command (hash -v). This adds to code
+		size a little.
+
+		CONFIG_SHA1 - support SHA1 hashing
+		CONFIG_SHA256 - support SHA256 hashing
+
+		Note: There is also a sha1sum command, which should perhaps
+		be deprecated in favour of 'hash sha1'.
+
 - Show boot progress:
 		CONFIG_SHOW_BOOT_PROGRESS
 
diff --git a/common/Makefile b/common/Makefile
index 068598bbb0..ce5ee6eb89 100644
--- a/common/Makefile
+++ b/common/Makefile
@@ -104,6 +104,7 @@ COBJS-$(CONFIG_CMD_FS_GENERIC) += cmd_fs.o
 COBJS-$(CONFIG_CMD_GETTIME) += cmd_gettime.o
 COBJS-$(CONFIG_CMD_GPIO) += cmd_gpio.o
 COBJS-$(CONFIG_CMD_I2C) += cmd_i2c.o
+COBJS-$(CONFIG_CMD_HASH) += cmd_hash.o
 COBJS-$(CONFIG_CMD_IDE) += cmd_ide.o
 COBJS-$(CONFIG_CMD_IMMAP) += cmd_immap.o
 COBJS-$(CONFIG_CMD_INI) += cmd_ini.o
diff --git a/common/cmd_hash.c b/common/cmd_hash.c
new file mode 100644
index 0000000000..689c608572
--- /dev/null
+++ b/common/cmd_hash.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2012 The Chromium OS Authors.
+ *
+ * (C) Copyright 2011
+ * Joe Hershberger, National Instruments, joe.hershberger@ni.com
+ *
+ * (C) Copyright 2000
+ * Wolfgang Denk, DENX Software Engineering, wd@denx.de.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+#include <common.h>
+#include <command.h>
+#include <hash.h>
+
+static int do_hash(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
+{
+#ifdef CONFIG_HASH_VERIFY
+	int verify = 0;
+
+	if (!strcmp(argv[1], "-v")) {
+		verify = 1;
+		argc--;
+		argv++;
+	}
+#endif
+	/* Move forward to 'algorithm' parameter */
+	argc--;
+	argv++;
+	return hash_command(*argv, verify, cmdtp, flag, argc - 1, argv + 1);
+}
+
+#ifdef CONFIG_HASH_VERIFY
+U_BOOT_CMD(
+	hash,	6,	1,	do_hash,
+	"compute hash message digest",
+	"algorithm address count [[*]sum_dest]\n"
+		"    - compute message digest [save to env var / *address]\n"
+	"hash -v algorithm address count [*]sum\n"
+		"    - verify hash of memory area with env var / *address"
+);
+#else
+U_BOOT_CMD(
+	hash,	5,	1,	do_hash,
+	"compute message digest",
+	"algorithm address count [[*]sum_dest]\n"
+		"    - compute message digest [save to env var / *address]"
+);
+#endif
diff --git a/include/config_cmd_all.h b/include/config_cmd_all.h
index 148d676d21..124d51fe13 100644
--- a/include/config_cmd_all.h
+++ b/include/config_cmd_all.h
@@ -41,6 +41,7 @@
 #define CONFIG_CMD_FLASH	/* flinfo, erase, protect	*/
 #define CONFIG_CMD_FPGA		/* FPGA configuration Support	*/
 #define CONFIG_CMD_GETTIME	/* Get time since boot         */
+#define CONFIG_CMD_HASH		/* calculate hash / digest	*/
 #define CONFIG_CMD_HWFLOW	/* RTS/CTS hw flow control	*/
 #define CONFIG_CMD_I2C		/* I2C serial bus support	*/
 #define CONFIG_CMD_IDE		/* IDE harddisk support		*/