From ce09351cc9d70c6c586d85c1865beaa4f83ca176 Mon Sep 17 00:00:00 2001
From: B Galliart <bgallia@gmail.com>
Date: Thu, 22 Aug 2019 20:34:30 -0500
Subject: [PATCH] Updated digest commands to include SHA-2 support, hash
 strings, perform multi-round hashing and apply the result in the
 configuration settings

---
 src/hci/commands/digest_cmd.c | 133 +++++++++++++++++++++++++++++-----
 1 file changed, 113 insertions(+), 20 deletions(-)

diff --git a/src/hci/commands/digest_cmd.c b/src/hci/commands/digest_cmd.c
index 71308064fb..2a3288d52c 100644
--- a/src/hci/commands/digest_cmd.c
+++ b/src/hci/commands/digest_cmd.c
@@ -29,6 +29,9 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #include <ipxe/crypto.h>
 #include <ipxe/md5.h>
 #include <ipxe/sha1.h>
+#include <ipxe/sha256.h>
+#include <ipxe/sha512.h>
+#include <ipxe/settings.h>
 #include <usr/imgmgmt.h>
 
 /** @file
@@ -38,15 +41,25 @@ FILE_LICENCE ( GPL2_OR_LATER );
  */
 
 /** "digest" options */
-struct digest_options {};
+struct digest_options { 
+	/** String to digest */
+	char *str;
+	/** Rounds to rehash */
+	unsigned int rounds;
+};
 
 /** "digest" option list */
-static struct option_descriptor digest_opts[] = {};
+static struct option_descriptor digest_opts[] = {
+	OPTION_DESC ( "rounds", 'r', required_argument,
+		struct digest_options, rounds, parse_integer),
+	OPTION_DESC ( "str", 's', required_argument,
+		struct digest_options, str, parse_string ),
+};
 
 /** "digest" command descriptor */
 static struct command_descriptor digest_cmd =
-	COMMAND_DESC ( struct digest_options, digest_opts, 1, MAX_ARGUMENTS,
-		       "<image> [<image>...]" );
+	COMMAND_DESC ( struct digest_options, digest_opts, 0, MAX_ARGUMENTS,
+		       "[<image>] [<image>...]" );
 
 /**
  * The "digest" command
@@ -60,45 +73,88 @@ static int digest_exec ( int argc, char **argv,
 			 struct digest_algorithm *digest ) {
 	struct digest_options opts;
 	struct image *image;
+	struct named_setting setting;
 	uint8_t digest_ctx[digest->ctxsize];
 	uint8_t digest_out[digest->digestsize];
 	uint8_t buf[128];
 	size_t offset;
 	size_t len;
 	size_t frag_len;
+	unsigned long origlen;
 	int i;
-	unsigned j;
+	unsigned j, r;
 	int rc;
+	char hashstr[130];
+
+	if ( argc < 2 ) {
+		print_usage ( &digest_cmd, argv );
+		return 0;
+	}
 
 	/* Parse options */
 	if ( ( rc = parse_options ( argc, argv, &digest_cmd, &opts ) ) != 0 )
 		return rc;
 
-	for ( i = optind ; i < argc ; i++ ) {
+	for ( i = optind ; i < argc || opts.str ; i++ ) {
+
+		hashstr[0] = '\0';
 
 		/* Acquire image */
-		if ( ( rc = imgacquire ( argv[i], 0, &image ) ) != 0 )
+		if ( ( ! opts.str ) && 
+			( ( rc = imgacquire ( argv[i], 0, &image ) ) != 0 ) )
 			continue;
-		offset = 0;
-		len = image->len;
 
 		/* calculate digest */
 		digest_init ( digest, digest_ctx );
-		while ( len ) {
-			frag_len = len;
-			if ( frag_len > sizeof ( buf ) )
-				frag_len = sizeof ( buf );
-			copy_from_user ( buf, image->data, offset, frag_len );
-			digest_update ( digest, digest_ctx, buf, frag_len );
-			len -= frag_len;
-			offset += frag_len;
+		if ( opts.str ) {
+			origlen = strlen( opts.str );
+			digest_update ( digest, digest_ctx, opts.str,
+				origlen );
+		} else {
+			offset = 0;
+			len = image->len;
+			origlen = image->len;
+			while ( len ) {
+				frag_len = len;
+				if ( frag_len > sizeof ( buf ) )
+					frag_len = sizeof ( buf );
+				copy_from_user ( buf, image->data, offset, frag_len );
+				digest_update ( digest, digest_ctx, buf, frag_len );
+				len -= frag_len;
+				offset += frag_len;
+			}
 		}
 		digest_final ( digest, digest_ctx, digest_out );
 
-		for ( j = 0 ; j < sizeof ( digest_out ) ; j++ )
-			printf ( "%02x", digest_out[j] );
+		for ( r = 1 ; r < opts.rounds ; r++ ) {
+			digest_init ( digest, digest_ctx );
+			digest_update ( digest, digest_ctx, digest_out,
+				sizeof ( digest_out ) );
+			digest_final ( digest, digest_ctx, digest_out );
+		}
+
+		if ( sizeof( hashstr ) >= sizeof ( digest_out ) )
+			for ( j = 0 ; j < sizeof ( digest_out ) ; j++ )
+				sprintf ( hashstr + j*2, "%02x", digest_out[j] );
 
-		printf ( "  %s\n", image->name );
+		if ( parse_autovivified_setting ( "hash", &setting ) == 0 ) {
+			setting.setting.type = &setting_type_string;
+			storef_setting ( setting.settings, &setting.setting,
+				hashstr );
+		}
+
+		if ( parse_autovivified_setting ( "hashlen", &setting ) == 0 ) {
+			setting.setting.type = &setting_type_int32;
+			storen_setting ( setting.settings, &setting.setting,
+				origlen );
+		}
+
+		if ( opts.str ) {
+			printf( "%s\n", hashstr );
+			break;
+		}
+
+		printf ( "%s  %s\n", hashstr, image->name );
 	}
 
 	return 0;
@@ -112,6 +168,22 @@ static int sha1sum_exec ( int argc, char **argv ) {
 	return digest_exec ( argc, argv, &sha1_algorithm );
 }
 
+static int sha224sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha224_algorithm );
+}
+
+static int sha256sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha256_algorithm );
+}
+
+static int sha384sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha384_algorithm );
+}
+
+static int sha512sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha512_algorithm );
+}
+
 struct command md5sum_command __command = {
 	.name = "md5sum",
 	.exec = md5sum_exec,
@@ -121,3 +193,24 @@ struct command sha1sum_command __command = {
 	.name = "sha1sum",
 	.exec = sha1sum_exec,
 };
+
+struct command sha224sum_command __command = {
+	.name = "sha224sum",
+	.exec = sha224sum_exec,
+};
+
+struct command sha256sum_command __command = {
+	.name = "sha256sum",
+	.exec = sha256sum_exec,
+};
+
+struct command sha384sum_command __command = {
+	.name = "sha384sum",
+	.exec = sha384sum_exec,
+};
+
+struct command sha512sum_command __command = {
+	.name = "sha512sum",
+	.exec = sha512sum_exec,
+};
+