From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=aPta=L7=lists.denx.de=u-boot-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-16.8 required=3.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9B916C07E95
	for <u-boot@archiver.kernel.org>; Wed,  7 Jul 2021 23:11:29 +0000 (UTC)
Received: from phobos.denx.de (phobos.denx.de [85.214.62.61])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 1BE7C61C59
	for <u-boot@archiver.kernel.org>; Wed,  7 Jul 2021 23:11:29 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1BE7C61C59
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=eyet-services.de
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 2C5D282ED4;
	Thu,  8 Jul 2021 01:10:56 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=eyet-services.de
Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Received: by phobos.denx.de (Postfix, from userid 109)
 id BE98682EF8; Thu,  8 Jul 2021 01:10:54 +0200 (CEST)
Received: from beige.elm.relay.mailchannels.net
 (beige.elm.relay.mailchannels.net [23.83.212.16])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id DC9F382E05
 for <u-boot@lists.denx.de>; Thu,  8 Jul 2021 01:10:51 +0200 (CEST)
Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none)
 header.from=eyet-services.de
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=jaeckel-floss@eyet-services.de
X-Sender-Id: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de
Received: from relay.mailchannels.net (localhost [127.0.0.1])
 by relay.mailchannels.net (Postfix) with ESMTP id A38456811CB;
 Wed,  7 Jul 2021 23:10:49 +0000 (UTC)
Received: from cpanel-004-fra.hostingww.com
 (100-96-17-89.trex-nlb.outbound.svc.cluster.local [100.96.17.89])
 (Authenticated sender: instrampxe0y3a)
 by relay.mailchannels.net (Postfix) with ESMTPA id 2C90E680FDD;
 Wed,  7 Jul 2021 23:10:47 +0000 (UTC)
X-Sender-Id: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de
Received: from cpanel-004-fra.hostingww.com
 (ec2-18-198-100-52.eu-central-1.compute.amazonaws.com [18.198.100.52])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384)
 by 100.96.17.89 (trex/6.3.3); Wed, 07 Jul 2021 23:10:49 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: instrampxe0y3a|x-authuser|jaeckel@eyet-services.de
X-MailChannels-Auth-Id: instrampxe0y3a
X-Chemical-Trouble: 0a25710129437c29_1625699449438_3591472009
X-MC-Loop-Signature: 1625699449438:3799061671
X-MC-Ingress-Time: 1625699449438
Received: from hsi-kbw-109-192-186-038.hsi6.kabel-badenwuerttemberg.de
 ([109.192.186.38]:44974 helo=draupnir.jaeckel.lan)
 by cpanel-004-fra.hostingww.com with esmtpsa (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2)
 (envelope-from <jaeckel-floss@eyet-services.de>)
 id 1m1Ggl-0006Qv-Kf; Wed, 07 Jul 2021 23:10:45 +0000
From: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
To: u-boot@lists.denx.de
Cc: Steffen Jaeckel <jaeckel-floss@eyet-services.de>,
 Simon Glass <sjg@chromium.org>, Alexandru Gagniuc <mr.nuke.me@gmail.com>,
 Bin Meng <bmeng.cn@gmail.com>, Da Xue <da@libre.computer>,
 Heiko Schocher <hs@denx.de>, Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Joel Peshkin <joel.peshkin@broadcom.com>,
 Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>,
 Patrick Delaunay <patrick.delaunay@foss.st.com>,
 Siew Chin Lim <elly.siew.chin.lim@intel.com>,
 "Yuezhang.Mo@sony.com" <Yuezhang.Mo@sony.com>
Subject: [PATCH v4 7/8] common: add support to fallback to plain SHA256
Date: Thu,  8 Jul 2021 01:09:45 +0200
Message-Id: <20210707230946.2497660-8-jaeckel-floss@eyet-services.de>
X-Mailer: git-send-email 2.32.0
In-Reply-To: <20210707230946.2497660-1-jaeckel-floss@eyet-services.de>
References: <20210707230946.2497660-1-jaeckel-floss@eyet-services.de>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-OutGoing-Spam-Status: No, score=-0.5
X-AuthUser: jaeckel@eyet-services.de
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

In case crypt-based hashing is enabled this will be the default mechanism
that is used. If a user wants to have support for both, the environment
variable `bootstopusesha256` can be set to `true` to allow plain SHA256
based hashing of the password.

Signed-off-by: Steffen Jaeckel <jaeckel-floss@eyet-services.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
---

Changes in v4:
Take review comments into account

 common/Kconfig.boot |  8 ++++++++
 common/autoboot.c   | 22 +++++++++++++++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/common/Kconfig.boot b/common/Kconfig.boot
index d19bc32836..764656720a 100644
--- a/common/Kconfig.boot
+++ b/common/Kconfig.boot
@@ -834,6 +834,14 @@ config AUTOBOOT_ENCRYPTION
 	  This provides a way to ship a secure production device which can also
 	  be accessed at the U-Boot command line.
 
+config AUTOBOOT_SHA256_FALLBACK
+	bool "Allow fallback from crypt-hashed password to sha256"
+	depends on AUTOBOOT_ENCRYPTION && CRYPT_PW
+	help
+	  This option adds support to fall back from crypt-hashed
+	  passwords to checking a SHA256 hashed password in case the
+	  'bootstopusesha256' environment variable is set to 'true'.
+
 config AUTOBOOT_DELAY_STR
 	string "Delay autobooting via specific input key / string"
 	depends on AUTOBOOT_KEYED && !AUTOBOOT_ENCRYPTION
diff --git a/common/autoboot.c b/common/autoboot.c
index 35ef526c42..8b9e9aa878 100644
--- a/common/autoboot.c
+++ b/common/autoboot.c
@@ -306,6 +306,26 @@ static void flush_stdin(void)
 		(void)getchar();
 }
 
+/**
+ * fallback_to_sha256() - check whether we should fall back to sha256
+ *                        password checking
+ *
+ * This checks for the environment variable `bootstopusesha256` in case
+ * sha256-fallback has been enabled via the config setting
+ * `AUTOBOOT_SHA256_FALLBACK`.
+ *
+ * @return `false` if we must not fall-back, `true` if plain sha256 should be tried
+ */
+static bool fallback_to_sha256(void)
+{
+	if (IS_ENABLED(CONFIG_AUTOBOOT_SHA256_FALLBACK))
+		return env_get_yesno("bootstopusesha256") == 1;
+	else if (IS_ENABLED(CONFIG_CRYPT_PW))
+		return false;
+	else
+		return true;
+}
+
 /***************************************************************************
  * Watch for 'delay' seconds for autoboot stop or autoboot delay string.
  * returns: 0 -  no key string, allow autoboot 1 - got key string, abort
@@ -326,7 +346,7 @@ static int abortboot_key_sequence(int bootdelay)
 #  endif
 
 	if (IS_ENABLED(CONFIG_AUTOBOOT_ENCRYPTION)) {
-		if (IS_ENABLED(CONFIG_CRYPT_PW))
+		if (IS_ENABLED(CONFIG_CRYPT_PW) && !fallback_to_sha256())
 			abort = passwd_abort_crypt(etime);
 		else
 			abort = passwd_abort_sha256(etime);
-- 
2.32.0