static int optimus_verify_bootloader(struct ImgBurnInfo* pDownInfo, u8* genSum)
{
int ret = OPT_DOWN_OK;
unsigned char* pBuf = (unsigned char*)OPTIMUS_DOWNLOAD_TRANSFER_BUF_ADDR;
uint64_t size = 0;
/*size = 0x60000;////////////TODO:hardcode len!!*/
size=pDownInfo->imgPktSz;
ret = store_boot_read(pBuf, (u64)0, size);
if(ret){
DWN_ERR("Fail to read bootloader\n");
return __LINE__;
}
sha1_csum(pBuf, (u32)pDownInfo->imgPktSz, genSum);
return ret;
}
char *ape_ws_compute_key(const char *key, unsigned int key_len)
{
unsigned char digest[20];
char out[128];
char *b64;
if (key_len > 32) {
return NULL;
}
memcpy(out, key, key_len);
memcpy(out+key_len, WS_GUID, sizeof(WS_GUID)-1);
sha1_csum((unsigned char *)out, (sizeof(WS_GUID)-1)+key_len, digest);
b64 = base64_encode(digest, 20);
return b64; /* must be released */
}
int do_sha1sum(struct cmd_ctx *ctx, int argc, char * const argv[])
{
unsigned long addr, len;
unsigned int i;
u8 output[20];
if (argc < 3)
return cmd_usage(ctx->cmdtp);
addr = simple_strtoul(argv[1], NULL, 16);
len = simple_strtoul(argv[2], NULL, 16);
sha1_csum((unsigned char *) addr, len, output);
printf("SHA1 for %08lx ... %08lx ==> ", addr, addr + len - 1);
for (i = 0; i < 20; i++)
printf("%02x", output[i]);
printf("\n");
return 0;
}
//key value which end up 20 bytes sha1sum
//check the sha1sum and remove it after checked ok
static int _burn_key_in_type_sha1(const char* keyname, void* databuf, const unsigned bufLen, char* decryptBuf)
{
int ret = 0;
const unsigned srcKeyLen = bufLen;
const char* srcKeyVal = (char*)databuf;
const unsigned shaSumLen = 20;
const unsigned licLen = srcKeyLen - shaSumLen;
const u8* orgSum = (u8*)srcKeyVal + licLen;
u8 genSum[shaSumLen];
if (srcKeyLen <= 20) {
KM_ERR("Err key len %d for sha1 fmt\n", srcKeyLen);
return __LINE__;
}
sha1_csum((u8*)srcKeyVal, licLen, genSum);
ret = memcmp(orgSum, genSum, shaSumLen);
if (ret) {
const unsigned fmtStrLen = shaSumLen * 2 + 2;
char org_sha1Str[fmtStrLen + 2];
char gen_sha1Str[fmtStrLen + 2];
int byteIndex = 0;
org_sha1Str[0] = gen_sha1Str[0] = '\0';
for (byteIndex = 0; byteIndex < shaSumLen; ++byteIndex)
{
sprintf(org_sha1Str, "%s%02x", org_sha1Str, orgSum[byteIndex]);
sprintf(gen_sha1Str, "%s%02x", gen_sha1Str, genSum[byteIndex]);
}
KM_ERR("sha1sum, orgSum[%s] != genSum[%s]\n", org_sha1Str, gen_sha1Str);
return __LINE__;
}
KM_MSG("Verify key with sha1sum OK\n");
ret = key_unify_write(keyname, srcKeyVal, licLen);
return ret;
}
int do_sha1sum(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[])
{
unsigned long addr, len;
unsigned int i;
u8 output[20];
if (argc < 3) {
cmd_usage(cmdtp);
return 1;
}
addr = simple_strtoul(argv[1], NULL, 16);
len = simple_strtoul(argv[2], NULL, 16);
sha1_csum((unsigned char *) addr, len, output);
printf("SHA1 for %08lx ... %08lx ==> ", addr, addr + len - 1);
for (i = 0; i < 20; i++)
printf("%02x", output[i]);
printf("\n");
return 0;
}
static void image_set_header(void *ptr, struct stat *sbuf, int ifd,
struct mkimage_params *params)
{
unsigned char sha1_output[20];
uint32_t checksum;
image_header_t * hdr = (image_header_t *)ptr;
// CWWeng 2015/3/5 add SHA-1 library for hardware checksum
if (params->checksum == IH_CHECKSUM_SHA1) {
sha1_csum((const unsigned char *)(ptr + sizeof(image_header_t)), sbuf->st_size - sizeof(image_header_t), sha1_output);
checksum = sha1_output[0] + (sha1_output[1] << 8) + (sha1_output[2] << 16) + (sha1_output[3] << 24);
}
else {
checksum = crc32(0,
(const unsigned char *)(ptr +
sizeof(image_header_t)),
sbuf->st_size - sizeof(image_header_t));
}
/* Build new header */
image_set_magic(hdr, IH_MAGIC);
image_set_time(hdr, sbuf->st_mtime);
image_set_size(hdr, sbuf->st_size - sizeof(image_header_t));
image_set_load(hdr, params->addr);
image_set_ep(hdr, params->ep);
image_set_dcrc(hdr, checksum);
image_set_os(hdr, params->os);
image_set_arch(hdr, params->arch);
image_set_type(hdr, params->type);
image_set_comp(hdr, params->comp);
image_set_name(hdr, params->imagename);
checksum = crc32(0, (const unsigned char *)hdr,
sizeof(image_header_t));
image_set_hcrc(hdr, checksum);
}
u32 tpm_find_key_sha1(struct udevice *dev, const u8 auth[20],
const u8 pubkey_digest[20], u32 *handle)
{
u16 key_count;
u32 key_handles[10];
u8 buf[288];
u8 *ptr;
u32 err;
u8 digest[20];
size_t buf_len;
unsigned int i;
/* fetch list of already loaded keys in the TPM */
err = tpm_get_capability(dev, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
sizeof(buf));
if (err)
return -1;
key_count = get_unaligned_be16(buf);
ptr = buf + 2;
for (i = 0; i < key_count; ++i, ptr += 4)
key_handles[i] = get_unaligned_be32(ptr);
/* now search a(/ the) key which we can access with the given auth */
for (i = 0; i < key_count; ++i) {
buf_len = sizeof(buf);
err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len);
if (err && err != TPM_AUTHFAIL)
return -1;
if (err)
continue;
sha1_csum(buf, buf_len, digest);
if (!memcmp(digest, pubkey_digest, 20)) {
*handle = key_handles[i];
return 0;
}
}
return 1;
}
int main( void )
{
int keysize;
unsigned long i, j, tsc;
unsigned char buf[BUFSIZE];
unsigned char tmp[32];
arc4_context arc4;
des3_context des3;
des_context des;
aes_context aes;
rsa_context rsa;
memset( buf, 0xAA, sizeof( buf ) );
printf( "\n" );
/*
* MD2 timing
*/
printf( " MD2 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md2_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 32; j++ )
md2_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* MD4 timing
*/
printf( " MD4 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md4_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md4_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* MD5 timing
*/
printf( " MD5 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
md5_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
md5_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* SHA-1 timing
*/
printf( " SHA-1 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha1_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha1_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* SHA-256 timing
*/
printf( " SHA-256 : " );
fflush( stdout );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
sha2_csum( buf, BUFSIZE, tmp );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
sha2_csum( buf, BUFSIZE, tmp );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* ARC4 timing
*/
printf( " ARC4 : " );
fflush( stdout );
arc4_setup( &arc4, tmp, 32 );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
arc4_crypt( &arc4, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
arc4_crypt( &arc4, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* Triple-DES timing
*/
printf( " 3DES : " );
fflush( stdout );
des3_set_3keys( &des3, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des3_cbc_encrypt( &des3, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des3_cbc_encrypt( &des3, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* DES timing
*/
printf( " DES : " );
fflush( stdout );
des_set_key( &des, tmp );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
des_cbc_encrypt( &des, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
des_cbc_encrypt( &des, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
/*
* AES timings
*/
for( keysize = 128; keysize <= 256; keysize += 64 )
{
printf( " AES-%d : ", keysize );
fflush( stdout );
aes_set_key( &aes, tmp, keysize );
set_alarm( 1 );
for( i = 1; ! alarmed; i++ )
aes_cbc_encrypt( &aes, tmp, buf, buf, BUFSIZE );
tsc = hardclock();
for( j = 0; j < 1024; j++ )
aes_cbc_encrypt( &aes, tmp, buf, buf, BUFSIZE );
printf( "%9ld Kb/s, %9ld cycles/byte\n", i * BUFSIZE / 1024,
( hardclock() - tsc ) / ( j * BUFSIZE ) );
}
/*
* RSA-1024 timing
*/
printf( " RSA-1024 : " );
fflush( stdout );
rsa_gen_key( &rsa, 1024, 65537, myrand, NULL );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, 128, buf, 128 );
}
printf( "%9ld public/s\n", i / 4 );
printf( " RSA-1024 : " );
fflush( stdout );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, 128, buf, 128 );
}
printf( "%9ld private/s\n", i / 4 );
rsa_free( &rsa );
/*
* RSA-2048 timing
*/
printf( " RSA-2048 : " );
fflush( stdout );
rsa_gen_key( &rsa, 2048, 65537, myrand, NULL );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_public( &rsa, buf, 256, buf, 256 );
}
printf( "%9ld public/s\n", i / 4 );
printf( " RSA-2048 : " );
fflush( stdout );
set_alarm( 4 );
for( i = 1; ! alarmed; i++ )
{
buf[0] = 0;
rsa_private( &rsa, buf, 256, buf, 256 );
}
printf( "%9ld private/s\n\n", i / 4 );
rsa_free( &rsa );
#ifdef WIN32
printf( " Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif
return( 0 );
}
int main (int argc, char **argv)
{
unsigned char output[20];
int i, len;
char *imagefile;
char *cmdname = *argv;
unsigned char *ptr;
unsigned char *data;
struct stat sbuf;
unsigned char *ptroff;
int ifd;
int off;
if (argc > 1) {
imagefile = argv[1];
ifd = open (imagefile, O_RDWR|O_BINARY);
if (ifd < 0) {
fprintf (stderr, "%s: Can't open %s: %s\n",
cmdname, imagefile, strerror(errno));
exit (EXIT_FAILURE);
}
if (fstat (ifd, &sbuf) < 0) {
fprintf (stderr, "%s: Can't stat %s: %s\n",
cmdname, imagefile, strerror(errno));
exit (EXIT_FAILURE);
}
len = sbuf.st_size;
ptr = (unsigned char *)mmap(0, len,
PROT_READ, MAP_SHARED, ifd, 0);
if (ptr == (unsigned char *)MAP_FAILED) {
fprintf (stderr, "%s: Can't read %s: %s\n",
cmdname, imagefile, strerror(errno));
exit (EXIT_FAILURE);
}
/* create a copy, so we can blank out the sha1 sum */
data = malloc (len);
memcpy (data, ptr, len);
off = SHA1_SUM_POS;
ptroff = &data[len + off];
for (i = 0; i < SHA1_SUM_LEN; i++) {
ptroff[i] = 0;
}
sha1_csum ((unsigned char *) data, len, (unsigned char *)output);
printf ("U-Boot sum:\n");
for (i = 0; i < 20 ; i++) {
printf ("%02X ", output[i]);
}
printf ("\n");
/* overwrite the sum in the bin file, with the actual */
lseek (ifd, SHA1_SUM_POS, SEEK_END);
if (write (ifd, output, SHA1_SUM_LEN) != SHA1_SUM_LEN) {
fprintf (stderr, "%s: Can't write %s: %s\n",
cmdname, imagefile, strerror(errno));
exit (EXIT_FAILURE);
}
free (data);
(void) munmap((void *)ptr, len);
(void) close (ifd);
}
return EXIT_SUCCESS;
}
