[digest] Add commands for all enabled digest algorithms

Add "sha256sum", "sha512sum", and similar commands. Include these new commands only when DIGEST_CMD is enabled in config/general.h and the corresponding algorithm is enabled in config/crypto.h. Leave "mdsum" and "sha1sum" included whenever only DIGEST_CMD is enabled, to avoid potentially breaking backwards compatibility with builds that disabled MD5 or SHA-1 as a TLS or X.509 digest algorithm, but would still have expected those commands to be present. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2025-12-16 09:32:33 +03:00 · 2025-08-06 13:05:26 +01:00
parent 2e4e1f7e9e
commit f45782f9f3
8 changed files with 284 additions and 2 deletions
--- a/src/config/config_digest_cmd.c
+++ b/src/config/config_digest_cmd.c
@@ -0,0 +1,61 @@
+/*
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <config/crypto.h>
+
+/** @file
+ *
+ * Digest command configuration
+ *
+ */
+
+PROVIDE_REQUIRING_SYMBOL();
+
+/* MD4 */
+#if defined ( CRYPTO_DIGEST_MD4 )
+REQUIRE_OBJECT ( cmd_md4 );
+#endif
+
+/* MD5 is present by default for historical reasons */
+
+/* SHA-1 is present by default for historical reasons */
+
+/* SHA-224 */
+#if defined ( CRYPTO_DIGEST_SHA224 )
+REQUIRE_OBJECT ( cmd_sha224 );
+#endif
+
+/* SHA-256 */
+#if defined ( CRYPTO_DIGEST_SHA256 )
+REQUIRE_OBJECT ( cmd_sha256 );
+#endif
+
+/* SHA-384 */
+#if defined ( CRYPTO_DIGEST_SHA384 )
+REQUIRE_OBJECT ( cmd_sha384 );
+#endif
+
+/* SHA-512 */
+#if defined ( CRYPTO_DIGEST_SHA512 )
+REQUIRE_OBJECT ( cmd_sha512 );
+#endif
--- a/src/crypto/mishmash/cmd_md4.c
+++ b/src/crypto/mishmash/cmd_md4.c
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/md4.h>
+#include <hci/digest_cmd.h>
+
+static int md4sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &md4_algorithm );
+}
+
+struct command md4sum_command __command = {
+	.name = "md4sum",
+	.exec = md4sum_exec,
+};
--- a/src/crypto/mishmash/cmd_sha224.c
+++ b/src/crypto/mishmash/cmd_sha224.c
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha256.h>
+#include <hci/digest_cmd.h>
+
+static int sha224sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha224_algorithm );
+}
+
+struct command sha224sum_command __command = {
+	.name = "sha224sum",
+	.exec = sha224sum_exec,
+};
--- a/src/crypto/mishmash/cmd_sha256.c
+++ b/src/crypto/mishmash/cmd_sha256.c
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha256.h>
+#include <hci/digest_cmd.h>
+
+static int sha256sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha256_algorithm );
+}
+
+struct command sha256sum_command __command = {
+	.name = "sha256sum",
+	.exec = sha256sum_exec,
+};
--- a/src/crypto/mishmash/cmd_sha384.c
+++ b/src/crypto/mishmash/cmd_sha384.c
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <hci/digest_cmd.h>
+
+static int sha384sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha384_algorithm );
+}
+
+struct command sha384sum_command __command = {
+	.name = "sha384sum",
+	.exec = sha384sum_exec,
+};
--- a/src/crypto/mishmash/cmd_sha512.c
+++ b/src/crypto/mishmash/cmd_sha512.c
@@ -0,0 +1,36 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/sha512.h>
+#include <hci/digest_cmd.h>
+
+static int sha512sum_exec ( int argc, char **argv ) {
+	return digest_exec ( argc, argv, &sha512_algorithm );
+}
+
+struct command sha512sum_command __command = {
+	.name = "sha512sum",
+	.exec = sha512sum_exec,
+};
--- a/src/hci/commands/digest_cmd.c
+++ b/src/hci/commands/digest_cmd.c
@@ -30,6 +30,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
 #include <ipxe/md5.h>
 #include <ipxe/sha1.h>
 #include <usr/imgmgmt.h>
+#include <hci/digest_cmd.h>

 /** @file
 *
@@ -56,8 +57,7 @@ static struct command_descriptor digest_cmd =
 * @v digest		Digest algorithm
 * @ret rc		Return status code
 */
-static int digest_exec ( int argc, char **argv,
-			 struct digest_algorithm *digest ) {
+int digest_exec ( int argc, char **argv, struct digest_algorithm *digest ) {
 	struct digest_options opts;
 	struct image *image;
 	uint8_t digest_ctx[digest->ctxsize];
@@ -90,6 +90,8 @@ static int digest_exec ( int argc, char **argv,
 	return 0;
 }

+/* Include "md5sum" and "sha1sum" commands unconditionally */
+
 static int md5sum_exec ( int argc, char **argv ) {
 	return digest_exec ( argc, argv, &md5_algorithm );
 }
@@ -107,3 +109,7 @@ struct command sha1sum_command __command = {
 	.name = "sha1sum",
 	.exec = sha1sum_exec,
 };
+
+/* Drag in commands for any other enabled algorithms */
+REQUIRING_SYMBOL ( digest_exec );
+REQUIRE_OBJECT ( config_digest_cmd );
--- a/src/include/hci/digest_cmd.h
+++ b/src/include/hci/digest_cmd.h
@@ -0,0 +1,35 @@
+/*
+ * Copyright (C) 2025 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ *
+ * You can also choose to distribute this program under the terms of
+ * the Unmodified Binary Distribution Licence (as given in the file
+ * COPYING.UBDL), provided that you have satisfied its requirements.
+ */
+
+#ifndef _DIGEST_CMD_H
+#define _DIGEST_CMD_H
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <ipxe/crypto.h>
+#include <ipxe/command.h>
+
+extern int digest_exec ( int argc, char **argv,
+			 struct digest_algorithm *digest );
+
+#endif /* _DIGEST_CMD_H */