From patchwork Tue Nov 11 12:41:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Simon Glass X-Patchwork-Id: 677 Return-Path: X-Original-To: u-boot-concept@u-boot.org Delivered-To: u-boot-concept@u-boot.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762864942; bh=hyKKcEN1gAaBuDvCy7NebcKFJv2IM3FhJoGLrGshjE4=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=QT0WUTQNSdwIdb8EVJpJpInBx3o75ACG8c9g/qpvLT+7a34rfvBlrO3v08vkEGHr9 1MC9PUB9UNBFCTQ4FIWMjRUB35902Su3UAYvjVnkhy7SINKdrB9lYqzrlNrXAXaV9y U4ylMFTS+sO+zXR0UQpkZNeI2tEZ6o3ubBKXaItDZRZEg7dB/TABWoF7AQ9q4XIfHD vS8SwzW1AAL3SDuoTRBpL6NXrVZE7Wm05rbxA9E3ck4Jjazb3pPAZ1v6Lxm5EgpeqD XH1Hh02lG/aNNIE4Ys3BARs/39woBuBlgCGeKzrJXkBOcGnZzMHPMBUkG9Oc36SNgf kmZzTZqGfq8AQ== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 9EB8268378 for ; Tue, 11 Nov 2025 05:42:22 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id LuLQNZknv-lv for ; Tue, 11 Nov 2025 05:42:22 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762864942; bh=hyKKcEN1gAaBuDvCy7NebcKFJv2IM3FhJoGLrGshjE4=; h=From:To:Date:In-Reply-To:References:CC:Subject:List-Id: List-Archive:List-Help:List-Owner:List-Post:List-Subscribe: List-Unsubscribe:From; b=QT0WUTQNSdwIdb8EVJpJpInBx3o75ACG8c9g/qpvLT+7a34rfvBlrO3v08vkEGHr9 1MC9PUB9UNBFCTQ4FIWMjRUB35902Su3UAYvjVnkhy7SINKdrB9lYqzrlNrXAXaV9y U4ylMFTS+sO+zXR0UQpkZNeI2tEZ6o3ubBKXaItDZRZEg7dB/TABWoF7AQ9q4XIfHD vS8SwzW1AAL3SDuoTRBpL6NXrVZE7Wm05rbxA9E3ck4Jjazb3pPAZ1v6Lxm5EgpeqD XH1Hh02lG/aNNIE4Ys3BARs/39woBuBlgCGeKzrJXkBOcGnZzMHPMBUkG9Oc36SNgf kmZzTZqGfq8AQ== Received: from mail.u-boot.org (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id 8DAEB68484 for ; Tue, 11 Nov 2025 05:42:22 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762864940; bh=DW2l6Ney1IPlobiZHtPIIEug6H2rtJ43+ufI2vc6mu8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=FqmfH005q7PUxwwu39gxIl8H8ujSF+Zd02Qs5NuHjtzWndITLzVWhO+oNKujT6r1d xnCWVLcSnLfeKi5GKYId1IJ97llHPjw9RRkjXzppeHOU0hUia1ZXdOfsOOOEQ/Eexs BkSMETY0LQnIs/MgxCUEFiSdksTC1e4rIKd9NHsNFmR3X4apeFW9sCwobSudQOi1Ux /u///ykM7DRUGyhNUUBJG9ZRsy5tqvHFXBd5O+qpPlhPOAiOZvc07lTpFOkHOGehrY 90cUPcAoXGiz3MhF9uNfyFg8QXmOsAdIrzskDxVV2xbDamul6/pbr9LDkWE29AcX6r uCu3rTmveNjkg== Received: from localhost (localhost [127.0.0.1]) by mail.u-boot.org (Postfix) with ESMTP id E7CE168378; Tue, 11 Nov 2025 05:42:20 -0700 (MST) X-Virus-Scanned: Debian amavis at Received: from mail.u-boot.org ([127.0.0.1]) by localhost (mail.u-boot.org [127.0.0.1]) (amavis, port 10026) with ESMTP id pbf3kUJTseJK; Tue, 11 Nov 2025 05:42:20 -0700 (MST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=u-boot.org; s=default; t=1762864936; bh=uibUjZaVAvZBzYSYqqt6txxsUQuvDIjZUS4QSXkadE8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=X5yq7GSf5495IJ+b3sN8DyOt9rhX9Dh2X/UzwT5+9g+XuzSYg0HX7qoPKqv/j9TNp ccxWqAie7py6No3WNf1o8ObiKTBYDmkT4E5F5xdOpHlXmOjdc7oorKom8r7wgrS/8e rDpF/RM0W14lAIJPj/MXEMc6Y2aSM2PUhaYDpF77tjdDvsP5hUOfOoxMAjFCbOYEeG kLDwXt0ZDdbke8Psz4PcD0Rw9yfZnt9MejDeRTjjGSXGWqI5PDZVL3J45JXU7D2XQL KmmKq5HMR6GKcse2D1KcTakLNV51ZRB2TVrMDGXrHSnoPmvgvJDjKHlMTo9XtVERXy cr4+uoho6lVHw== Received: from u-boot.org (unknown [73.34.74.121]) by mail.u-boot.org (Postfix) with ESMTPSA id 88E0D684E0; Tue, 11 Nov 2025 05:42:16 -0700 (MST) From: Simon Glass To: U-Boot Concept Date: Tue, 11 Nov 2025 05:41:12 -0700 Message-ID: <20251111124131.1198930-7-sjg@u-boot.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251111124131.1198930-1-sjg@u-boot.org> References: <20251111124131.1198930-1-sjg@u-boot.org> MIME-Version: 1.0 Message-ID-Hash: GWLSLQ5VW5ILXBJ52YTNTEHTVLQQ37UG X-Message-ID-Hash: GWLSLQ5VW5ILXBJ52YTNTEHTVLQQ37UG X-MailFrom: sjg@u-boot.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: Heinrich Schuchardt , Simon Glass , Claude X-Mailman-Version: 3.3.10 Precedence: list Subject: [Concept] [PATCH 06/15] lib: Adapt argon2 library for U-Boot List-Id: Discussion and patches related to U-Boot Concept Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Simon Glass Rename argon.c to argon_wrapper.c so we can use 'argon' as the library name. Move the include file into the normal place. Add SPDX tags but otherwise keep the files as is. The code style uses spaces instead of tabs and has other differences with U-Boot Co-developed-by: Claude Signed-off-by: Simon Glass --- {lib/argon2 => include}/argon2.h | 15 ++++++-- lib/argon2/Makefile | 10 ++++++ lib/argon2/{argon2.c => argon2_wrapper.c} | 25 +++++++++++--- lib/argon2/blake2/blake2-impl.h | 10 +++--- lib/argon2/blake2/blake2.h | 1 + lib/argon2/blake2/blake2b.c | 7 ++-- lib/argon2/blake2/blamka-round-ref.h | 1 + lib/argon2/core.c | 42 +++-------------------- lib/argon2/core.h | 1 + lib/argon2/ref.c | 7 ++-- 10 files changed, 65 insertions(+), 54 deletions(-) rename {lib/argon2 => include}/argon2.h (98%) create mode 100644 lib/argon2/Makefile rename lib/argon2/{argon2.c => argon2_wrapper.c} (95%) diff --git a/lib/argon2/argon2.h b/include/argon2.h similarity index 98% rename from lib/argon2/argon2.h rename to include/argon2.h index 3980bb352f2..977739f555b 100644 --- a/lib/argon2/argon2.h +++ b/include/argon2.h @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 */ /* * Argon2 reference source code package - reference C implementations * @@ -18,10 +19,20 @@ #ifndef ARGON2_H #define ARGON2_H -#include -#include +#include #include +/* U-Boot: Define missing integer constant macros */ +#ifndef UINT32_C +#define UINT32_C(c) c ## U +#endif +#ifndef UINT64_C +#define UINT64_C(c) c ## ULL +#endif + +/* U-Boot: Disable threading */ +#define ARGON2_NO_THREADS + #if defined(__cplusplus) extern "C" { #endif diff --git a/lib/argon2/Makefile b/lib/argon2/Makefile new file mode 100644 index 00000000000..c9f729d27e6 --- /dev/null +++ b/lib/argon2/Makefile @@ -0,0 +1,10 @@ +# SPDX-License-Identifier: GPL-2.0+ +# +# (C) Copyright 2025 Canonical Ltd +# +# Argon2 password hashing library +# Based on PHC winner: https://github.com/P-H-C/phc-winner-argon2 + +obj-$(CONFIG_ARGON2) += argon2.o + +argon2-y := argon2_wrapper.o core.o ref.o blake2/blake2b.o diff --git a/lib/argon2/argon2.c b/lib/argon2/argon2_wrapper.c similarity index 95% rename from lib/argon2/argon2.c rename to lib/argon2/argon2_wrapper.c index 34da3d6b4ac..2c1882165f1 100644 --- a/lib/argon2/argon2.c +++ b/lib/argon2/argon2_wrapper.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 /* * Argon2 reference source code package - reference C implementations * @@ -15,12 +16,12 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +/* U-Boot: Use U-Boot headers */ +#include +#include +#include #include "argon2.h" -#include "encoding.h" #include "core.h" const char *argon2_type2string(argon2_type type, int uppercase) { @@ -161,6 +162,15 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost, memcpy(hash, out, hashlen); } + /* U-Boot: encoding not supported (requires encoding.c) */ +#ifdef __UBOOT__ + /* Return error if encoding requested */ + if (encoded && encodedlen) { + clear_internal_memory(out, hashlen); + free(out); + return ARGON2_ENCODING_FAIL; + } +#else /* if encoding requested, write it */ if (encoded && encodedlen) { if (encode_string(encoded, encodedlen, &context, type) != ARGON2_OK) { @@ -170,6 +180,7 @@ int argon2_hash(const uint32_t t_cost, const uint32_t m_cost, return ARGON2_ENCODING_FAIL; } } +#endif clear_internal_memory(out, hashlen); free(out); @@ -236,6 +247,8 @@ int argon2id_hash_raw(const uint32_t t_cost, const uint32_t m_cost, ARGON2_VERSION_NUMBER); } +/* U-Boot: verify functions not needed */ +#ifndef __UBOOT__ static int argon2_compare(const uint8_t *b1, const uint8_t *b2, size_t len) { size_t i; uint8_t d = 0U; @@ -364,6 +377,7 @@ int argon2i_verify_ctx(argon2_context *context, const char *hash) { int argon2id_verify_ctx(argon2_context *context, const char *hash) { return argon2_verify_ctx(context, hash, Argon2_id); } +#endif /* U-Boot: verify functions */ const char *argon2_error_message(int error_code) { switch (error_code) { @@ -444,9 +458,12 @@ const char *argon2_error_message(int error_code) { } } +/* U-Boot: encodedlen not needed */ +#ifndef __UBOOT__ size_t argon2_encodedlen(uint32_t t_cost, uint32_t m_cost, uint32_t parallelism, uint32_t saltlen, uint32_t hashlen, argon2_type type) { return strlen("$$v=$m=,t=,p=$$") + strlen(argon2_type2string(type, 0)) + numlen(t_cost) + numlen(m_cost) + numlen(parallelism) + b64len(saltlen) + b64len(hashlen) + numlen(ARGON2_VERSION_NUMBER) + 1; } +#endif /* U-Boot: encodedlen */ diff --git a/lib/argon2/blake2/blake2-impl.h b/lib/argon2/blake2/blake2-impl.h index 86d0d5cfa9b..5cdb2fc8b4f 100644 --- a/lib/argon2/blake2/blake2-impl.h +++ b/lib/argon2/blake2/blake2-impl.h @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 */ /* * Argon2 reference source code package - reference C implementations * @@ -18,12 +19,11 @@ #ifndef PORTABLE_BLAKE2_IMPL_H #define PORTABLE_BLAKE2_IMPL_H -#include -#include +/* U-Boot includes */ +#include +#include -#ifdef _WIN32 -#define BLAKE2_INLINE __inline -#elif defined(__GNUC__) || defined(__clang__) +#if defined(__GNUC__) || defined(__clang__) #define BLAKE2_INLINE __inline__ #else #define BLAKE2_INLINE diff --git a/lib/argon2/blake2/blake2.h b/lib/argon2/blake2/blake2.h index 501c6a3186d..6c7bb6625fe 100644 --- a/lib/argon2/blake2/blake2.h +++ b/lib/argon2/blake2/blake2.h @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 */ /* * Argon2 reference source code package - reference C implementations * diff --git a/lib/argon2/blake2/blake2b.c b/lib/argon2/blake2/blake2b.c index 3b519ddb4d0..f0e78a5c671 100644 --- a/lib/argon2/blake2/blake2b.c +++ b/lib/argon2/blake2/blake2b.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 /* * Argon2 reference source code package - reference C implementations * @@ -15,9 +16,9 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +/* U-Boot includes */ +#include +#include #include "blake2.h" #include "blake2-impl.h" diff --git a/lib/argon2/blake2/blamka-round-ref.h b/lib/argon2/blake2/blamka-round-ref.h index 16cfc1c74af..3b60c384b38 100644 --- a/lib/argon2/blake2/blamka-round-ref.h +++ b/lib/argon2/blake2/blamka-round-ref.h @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 */ /* * Argon2 reference source code package - reference C implementations * diff --git a/lib/argon2/core.c b/lib/argon2/core.c index e697882eb96..4662cf05bf5 100644 --- a/lib/argon2/core.c +++ b/lib/argon2/core.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 /* * Argon2 reference source code package - reference C implementations * @@ -15,32 +16,14 @@ * software. If not, they may be obtained at the above URLs. */ -/*For memory wiping*/ -#ifdef _WIN32 -#include -#include /* For SecureZeroMemory */ -#endif -#if defined __STDC_LIB_EXT1__ -#define __STDC_WANT_LIB_EXT1__ 1 -#endif -#define VC_GE_2005(version) (version >= 1400) - -/* for explicit_bzero() on glibc */ -#define _DEFAULT_SOURCE - -#include -#include -#include +/* U-Boot includes */ +#include +#include #include "core.h" -#include "thread.h" #include "blake2/blake2.h" #include "blake2/blake2-impl.h" -#ifdef GENKAT -#include "genkat.h" -#endif - #if defined(__clang__) #if __has_attribute(optnone) #define NOT_OPTIMIZED __attribute__((optnone)) @@ -123,25 +106,10 @@ void free_memory(const argon2_context *context, uint8_t *memory, } } -#if defined(__OpenBSD__) -#define HAVE_EXPLICIT_BZERO 1 -#elif defined(__GLIBC__) && defined(__GLIBC_PREREQ) -#if __GLIBC_PREREQ(2,25) -#define HAVE_EXPLICIT_BZERO 1 -#endif -#endif - void NOT_OPTIMIZED secure_wipe_memory(void *v, size_t n) { -#if defined(_MSC_VER) && VC_GE_2005(_MSC_VER) || defined(__MINGW32__) - SecureZeroMemory(v, n); -#elif defined memset_s - memset_s(v, n, 0, n); -#elif defined(HAVE_EXPLICIT_BZERO) - explicit_bzero(v, n); -#else + /* Use volatile pointer to prevent compiler optimization */ static void *(*const volatile memset_sec)(void *, int, size_t) = &memset; memset_sec(v, 0, n); -#endif } /* Memory clear flag defaults to true. */ diff --git a/lib/argon2/core.h b/lib/argon2/core.h index 59e25646cbc..0c27fc6541d 100644 --- a/lib/argon2/core.h +++ b/lib/argon2/core.h @@ -1,3 +1,4 @@ +/* SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 */ /* * Argon2 reference source code package - reference C implementations * diff --git a/lib/argon2/ref.c b/lib/argon2/ref.c index 10e45eba64e..d67292c856f 100644 --- a/lib/argon2/ref.c +++ b/lib/argon2/ref.c @@ -1,3 +1,4 @@ +// SPDX-License-Identifier: Apache-2.0 OR CC0-1.0 /* * Argon2 reference source code package - reference C implementations * @@ -15,9 +16,9 @@ * software. If not, they may be obtained at the above URLs. */ -#include -#include -#include +/* U-Boot includes */ +#include +#include #include "argon2.h" #include "core.h"