Add update mechanism for ImageGeneratorCrypto sha256.

chipsalliance · Apr 16, 2024 · 7c028e2 · 7c028e2
1 parent f1390cb
commit 7c028e2
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 16 deletions.
diff --git a/builder/src/lib.rs b/builder/src/lib.rs
@@ -422,7 +422,7 @@ pub fn elf2rom(elf_bytes: &[u8]) -> io::Result<Vec<u8>> {
         let rom_info_start = rom_info_sym.value as usize;
 
         let rom_info = RomInfo {
-            sha256_digest: sha256::sha256_word_reversed(&result[0..rom_info_start])?,
+            sha256_digest: sha256::sha256_word_reversed(&result[0..rom_info_start]),
             revision: image_revision()?,
             flags: 0,
             version: version::get_rom_version(),

diff --git a/builder/src/sha256.rs b/builder/src/sha256.rs
@@ -1,18 +1,14 @@
 // Licensed under the Apache-2.0 license
 use caliptra_image_gen::ImageGeneratorCrypto;
+use caliptra_image_gen::ImageGeneratorHasher;
 use caliptra_image_openssl::OsslCrypto;
-use std::io::{self, ErrorKind};
 
-pub fn sha256_word_reversed(bytes: &[u8]) -> io::Result<[u32; 8]> {
-    let crypto = OsslCrypto::default();
+pub fn sha256_word_reversed(bytes: &[u8]) -> [u32; 8] {
+    let mut sha = OsslCrypto::default().sha256_start();
 
-    let mut reversed = Vec::<u8>::new();
     for i in 0..bytes.len() / 4 {
         let word = u32::from_le_bytes(bytes[i * 4..][..4].try_into().unwrap());
-        reversed.extend_from_slice(&word.swap_bytes().to_le_bytes());
+        sha.update(&word.swap_bytes().to_le_bytes());
     }
-
-    crypto
-        .sha256_digest(&reversed)
-        .map_err(|e| io::Error::new(ErrorKind::Other, e))
+    sha.finish()
 }
diff --git a/image/gen/src/lib.rs b/image/gen/src/lib.rs
@@ -42,10 +42,26 @@ pub trait ImageGenratorExecutable {
     fn size(&self) -> u32;
 }
 
+pub trait ImageGeneratorHasher {
+    type Output: Copy;
+
+    fn update(&mut self, data: &[u8]);
+
+    fn finish(self) -> Self::Output;
+}
+
 /// Image Gnerator Crypto Trait
 pub trait ImageGeneratorCrypto {
+    type Sha256Hasher: ImageGeneratorHasher<Output = [u32; SHA256_DIGEST_WORD_SIZE]>;
+
+    fn sha256_start(&self) -> Self::Sha256Hasher;
+
     /// Calculate SHA-256 digest
-    fn sha256_digest(&self, data: &[u8]) -> anyhow::Result<[u32; SHA256_DIGEST_WORD_SIZE]>;
+    fn sha256_digest(&self, data: &[u8]) -> anyhow::Result<[u32; SHA256_DIGEST_WORD_SIZE]> {
+        let mut hasher = self.sha256_start();
+        hasher.update(data);
+        Ok(hasher.finish())
+    }
 
     /// Calculate SHA-384 digest
     fn sha384_digest(&self, data: &[u8]) -> anyhow::Result<ImageDigest>;

diff --git a/image/openssl/src/lib.rs b/image/openssl/src/lib.rs
@@ -16,7 +16,7 @@ use std::path::PathBuf;
 
 use anyhow::{anyhow, Context};
 
-use caliptra_image_gen::ImageGeneratorCrypto;
+use caliptra_image_gen::{ImageGeneratorCrypto, ImageGeneratorHasher};
 use caliptra_image_types::*;
 use caliptra_lms_types::{LmotsAlgorithmType, LmsAlgorithmType};
 use openssl::bn::{BigNum, BigNumContext};
@@ -44,11 +44,25 @@ const D_MESG: u16 = 0x8181;
 const D_LEAF: u16 = 0x8282;
 const D_INTR: u16 = 0x8383;
 
+pub struct OsslSha256Hasher(Sha256);
+
+impl ImageGeneratorHasher for OsslSha256Hasher {
+    type Output = [u32; SHA256_DIGEST_WORD_SIZE];
+
+    fn update(&mut self, data: &[u8]) {
+        self.0.update(data)
+    }
+
+    fn finish(self) -> Self::Output {
+        to_hw_format(&self.0.finish())
+    }
+}
+
 impl ImageGeneratorCrypto for OsslCrypto {
-    fn sha256_digest(&self, data: &[u8]) -> anyhow::Result<[u32; SHA256_DIGEST_WORD_SIZE]> {
-        let mut engine = Sha256::new();
-        engine.update(data);
-        Ok(to_hw_format(&engine.finish()))
+    type Sha256Hasher = OsslSha256Hasher;
+
+    fn sha256_start(&self) -> Self::Sha256Hasher {
+        OsslSha256Hasher(Sha256::default())
     }
 
     /// Calculate SHA-384 Digest