[opentitantool] Eliminate the `mundane` crate
Use the `sha2` crate to compute the needed SHA-256 digests.
Signed-off-by: Chris Frantz <cfrantz@google.com>
diff --git a/sw/host/opentitanlib/Cargo.toml b/sw/host/opentitanlib/Cargo.toml
index c6c1d09..bce3e3a 100644
--- a/sw/host/opentitanlib/Cargo.toml
+++ b/sw/host/opentitanlib/Cargo.toml
@@ -25,11 +25,6 @@
serialport = "4.0.1"
zerocopy = "0.5.0"
hex = "0.4.3"
-# We depend on mundane, but `cargo raze` can't auto generate bazel rules for it.
-# In order to not break the current meson-based build system, we'll leave
-# mundane as a dependency. To regenerate the bazel dependency rules via
-# `cargo raze`, you'll have to temporarily comment out `mundane`.
-mundane = "0.5.0"
memoffset = "0.6.0"
num-bigint-dig = "0.7.0"
num-traits = "0.2.14"
diff --git a/sw/host/opentitanlib/src/bootstrap/legacy.rs b/sw/host/opentitanlib/src/bootstrap/legacy.rs
index c8c47aa..b7c2729 100644
--- a/sw/host/opentitanlib/src/bootstrap/legacy.rs
+++ b/sw/host/opentitanlib/src/bootstrap/legacy.rs
@@ -3,7 +3,7 @@
// SPDX-License-Identifier: Apache-2.0
use anyhow::Result;
-use mundane::hash::{Digest, Hasher, Sha256};
+use sha2::{Digest, Sha256};
use std::time::Duration;
use thiserror::Error;
use zerocopy::AsBytes;
@@ -51,21 +51,20 @@
/// Computes the hash in the header.
fn header_hash(&self) -> [u8; Frame::HASH_LEN] {
let frame = self.as_bytes();
- let sha = Sha256::hash(&frame[Frame::HASH_LEN..]);
- sha.bytes()
+ let sha = Sha256::digest(&frame[Frame::HASH_LEN..]);
+ sha.into()
}
/// Computes the hash over the entire frame.
fn frame_hash(&self) -> [u8; Frame::HASH_LEN] {
- let sha = Sha256::hash(self.as_bytes());
- let mut digest = sha.bytes();
+ let mut digest = Sha256::digest(self.as_bytes());
// Touch up zeroes into ones, as that is what the old chips are doing.
for b in &mut digest {
if *b == 0 {
*b = 1;
}
}
- digest
+ digest.into()
}
/// Creates a sequence of frames based on a `payload` binary.
diff --git a/sw/host/opentitanlib/src/bootstrap/primitive.rs b/sw/host/opentitanlib/src/bootstrap/primitive.rs
index 386dd2c..a140554 100644
--- a/sw/host/opentitanlib/src/bootstrap/primitive.rs
+++ b/sw/host/opentitanlib/src/bootstrap/primitive.rs
@@ -3,7 +3,7 @@
// SPDX-License-Identifier: Apache-2.0
use anyhow::Result;
-use mundane::hash::{Digest, Hasher, Sha256};
+use sha2::{Digest, Sha256};
use std::time::Duration;
use zerocopy::AsBytes;
@@ -44,22 +44,20 @@
/// Computes the hash in the header.
fn header_hash(&self) -> [u8; Frame::HASH_LEN] {
let frame = self.as_bytes();
- let sha = Sha256::hash(&frame[Frame::HASH_LEN..]);
- let mut digest = sha.bytes();
+ let mut digest = Sha256::digest(&frame[Frame::HASH_LEN..]);
// Note: the OpenTitan HMAC produces the digest in little-endian order,
// so we reverse the order of the bytes in the digest.
digest.reverse();
- digest
+ digest.into()
}
/// Computes the hash over the entire frame.
fn frame_hash(&self) -> [u8; Frame::HASH_LEN] {
- let sha = Sha256::hash(self.as_bytes());
- let mut digest = sha.bytes();
+ let mut digest = Sha256::digest(self.as_bytes());
// Note: the OpenTitan HMAC produces the digest in little-endian order,
// so we reverse the order of the bytes in the digest.
digest.reverse();
- digest
+ digest.into()
}
/// Creates a sequence of frames based on a `payload` binary.
diff --git a/sw/host/opentitanlib/src/bootstrap/rescue.rs b/sw/host/opentitanlib/src/bootstrap/rescue.rs
index 8baa687..f199d72 100644
--- a/sw/host/opentitanlib/src/bootstrap/rescue.rs
+++ b/sw/host/opentitanlib/src/bootstrap/rescue.rs
@@ -3,7 +3,7 @@
// SPDX-License-Identifier: Apache-2.0
use anyhow::{bail, ensure, Result};
-use mundane::hash::{Digest, Hasher, Sha256};
+use sha2::{Digest, Sha256};
use std::time::{Duration, Instant};
use thiserror::Error;
use zerocopy::AsBytes;
@@ -51,21 +51,20 @@
/// Computes the hash in the header.
fn header_hash(&self) -> [u8; Frame::HASH_LEN] {
let frame = self.as_bytes();
- let sha = Sha256::hash(&frame[Frame::HASH_LEN..]);
- sha.bytes()
+ let sha = Sha256::digest(&frame[Frame::HASH_LEN..]);
+ sha.into()
}
/// Computes the hash over the entire frame.
fn frame_hash(&self) -> [u8; Frame::HASH_LEN] {
- let sha = Sha256::hash(self.as_bytes());
- let mut digest = sha.bytes();
+ let mut digest = Sha256::digest(self.as_bytes());
// Touch up zeroes into ones, as that is what the old chips are doing.
for b in &mut digest {
if *b == 0 {
*b = 1;
}
}
- digest
+ digest.into()
}
/// Creates a sequence of frames based on a `payload` binary.
