move hwcrypto from esp32 to mbedtls
This commit is contained in:
morris
parent
9f3b550ff4
commit
709a320f33
|
|
@ -17,7 +17,7 @@
|
||||||
that can be used from bootloader or app code.
|
that can be used from bootloader or app code.
|
||||||
|
|
||||||
This header is available to source code in the bootloader & bootloader_support components only.
|
This header is available to source code in the bootloader & bootloader_support components only.
|
||||||
Use mbedTLS APIs or include hwcrypto/sha.h to calculate SHA256 in IDF apps.
|
Use mbedTLS APIs or include esp32/sha.h to calculate SHA256 in IDF apps.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
|
|
|
||||||
|
|
@ -40,9 +40,7 @@ else()
|
||||||
"spiram_psram.c"
|
"spiram_psram.c"
|
||||||
"system_api.c"
|
"system_api.c"
|
||||||
"task_wdt.c"
|
"task_wdt.c"
|
||||||
"wifi_init.c"
|
"wifi_init.c")
|
||||||
"hwcrypto/aes.c"
|
|
||||||
"hwcrypto/sha.c")
|
|
||||||
set(COMPONENT_ADD_INCLUDEDIRS "include")
|
set(COMPONENT_ADD_INCLUDEDIRS "include")
|
||||||
|
|
||||||
set(COMPONENT_REQUIRES driver esp_event efuse)
|
set(COMPONENT_REQUIRES driver esp_event efuse)
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
# Component Makefile
|
# Component Makefile
|
||||||
#
|
#
|
||||||
|
|
||||||
COMPONENT_SRCDIRS := . hwcrypto
|
COMPONENT_SRCDIRS := .
|
||||||
LIBS ?=
|
LIBS ?=
|
||||||
ifndef CONFIG_NO_BLOBS
|
ifndef CONFIG_NO_BLOBS
|
||||||
LIBS += core rtc net80211 pp wpa smartconfig coexist wps wpa2 espnow phy mesh
|
LIBS += core rtc net80211 pp wpa smartconfig coexist wps wpa2 espnow phy mesh
|
||||||
|
|
|
||||||
|
|
@ -18,8 +18,8 @@
|
||||||
#include "soc/rtc.h"
|
#include "soc/rtc.h"
|
||||||
#include "esp_log.h"
|
#include "esp_log.h"
|
||||||
#include "mbedtls/sha256.h"
|
#include "mbedtls/sha256.h"
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
#include "hwcrypto/aes.h"
|
#include "esp32/aes.h"
|
||||||
#include "mbedtls/rsa.h"
|
#include "mbedtls/rsa.h"
|
||||||
|
|
||||||
static const char *TAG = "test";
|
static const char *TAG = "test";
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,7 @@
|
||||||
#include "mbedtls/sha1.h"
|
#include "mbedtls/sha1.h"
|
||||||
#include "mbedtls/sha256.h"
|
#include "mbedtls/sha256.h"
|
||||||
#include "mbedtls/sha512.h"
|
#include "mbedtls/sha512.h"
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
|
|
||||||
/* Note: Most of the SHA functions are called as part of mbedTLS, so
|
/* Note: Most of the SHA functions are called as part of mbedTLS, so
|
||||||
are tested as part of mbedTLS tests. Only esp_sha() is different.
|
are tested as part of mbedTLS tests. Only esp_sha() is different.
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
ROM functions for hardware AES support.
|
ROM functions for hardware AES support.
|
||||||
|
|
||||||
It is not recommended to use these functions directly,
|
It is not recommended to use these functions directly,
|
||||||
use the wrapper functions in hwcrypto/aes.h instead.
|
use the wrapper functions in esp32/aes.h instead.
|
||||||
|
|
||||||
*/
|
*/
|
||||||
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
It is not recommended to use these functions directly. If using
|
It is not recommended to use these functions directly. If using
|
||||||
them from esp-idf then use the esp_sha_lock_engine() and
|
them from esp-idf then use the esp_sha_lock_engine() and
|
||||||
esp_sha_lock_memory_block() functions in hwcrypto/sha.h to ensure
|
esp_sha_lock_memory_block() functions in esp32/sha.h to ensure
|
||||||
exclusive access.
|
exclusive access.
|
||||||
*/
|
*/
|
||||||
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,9 @@ target_sources(mbedtls PRIVATE "${COMPONENT_PATH}/port/esp_bignum.c"
|
||||||
"${COMPONENT_PATH}/port/esp_sha256.c"
|
"${COMPONENT_PATH}/port/esp_sha256.c"
|
||||||
"${COMPONENT_PATH}/port/esp_sha512.c"
|
"${COMPONENT_PATH}/port/esp_sha512.c"
|
||||||
"${COMPONENT_PATH}/port/mbedtls_debug.c"
|
"${COMPONENT_PATH}/port/mbedtls_debug.c"
|
||||||
"${COMPONENT_PATH}/port/net_sockets.c")
|
"${COMPONENT_PATH}/port/net_sockets.c"
|
||||||
|
"${COMPONENT_PATH}/port/esp32/aes.c"
|
||||||
|
"${COMPONENT_PATH}/port/esp32/sha.c")
|
||||||
|
|
||||||
foreach(target ${mbedtls_targets})
|
foreach(target ${mbedtls_targets})
|
||||||
# Propagate compile options to mbedtls library targets
|
# Propagate compile options to mbedtls library targets
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
COMPONENT_ADD_INCLUDEDIRS := port/include mbedtls/include
|
COMPONENT_ADD_INCLUDEDIRS := port/include mbedtls/include
|
||||||
|
|
||||||
COMPONENT_SRCDIRS := mbedtls/library port
|
COMPONENT_SRCDIRS := mbedtls/library port port/esp32
|
||||||
|
|
||||||
COMPONENT_OBJEXCLUDE := mbedtls/library/net_sockets.o
|
COMPONENT_OBJEXCLUDE := mbedtls/library/net_sockets.o
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -27,7 +27,7 @@
|
||||||
*/
|
*/
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include "mbedtls/aes.h"
|
#include "mbedtls/aes.h"
|
||||||
#include "hwcrypto/aes.h"
|
#include "esp32/aes.h"
|
||||||
#include "soc/dport_reg.h"
|
#include "soc/dport_reg.h"
|
||||||
#include "soc/hwcrypto_reg.h"
|
#include "soc/hwcrypto_reg.h"
|
||||||
#include <sys/lock.h>
|
#include <sys/lock.h>
|
||||||
|
|
@ -27,13 +27,13 @@
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <byteswap.h>
|
#include <machine/endian.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
|
|
||||||
#include "freertos/FreeRTOS.h"
|
#include "freertos/FreeRTOS.h"
|
||||||
#include "freertos/semphr.h"
|
#include "freertos/semphr.h"
|
||||||
|
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
#include "esp32/rom/ets_sys.h"
|
#include "esp32/rom/ets_sys.h"
|
||||||
#include "soc/dport_reg.h"
|
#include "soc/dport_reg.h"
|
||||||
#include "soc/hwcrypto_reg.h"
|
#include "soc/hwcrypto_reg.h"
|
||||||
|
|
@ -135,6 +135,7 @@ static SemaphoreHandle_t sha_get_engine_state(esp_sha_type sha_type)
|
||||||
unsigned idx = sha_engine_index(sha_type);
|
unsigned idx = sha_engine_index(sha_type);
|
||||||
volatile SemaphoreHandle_t *engine = &engine_states[idx];
|
volatile SemaphoreHandle_t *engine = &engine_states[idx];
|
||||||
SemaphoreHandle_t result = *engine;
|
SemaphoreHandle_t result = *engine;
|
||||||
|
uint32_t set_engine = 0;
|
||||||
|
|
||||||
if (result == NULL) {
|
if (result == NULL) {
|
||||||
// Create a new semaphore for 'in use' flag
|
// Create a new semaphore for 'in use' flag
|
||||||
|
|
@ -143,7 +144,7 @@ static SemaphoreHandle_t sha_get_engine_state(esp_sha_type sha_type)
|
||||||
xSemaphoreGive(new_engine); // start available
|
xSemaphoreGive(new_engine); // start available
|
||||||
|
|
||||||
// try to atomically set the previously NULL *engine to new_engine
|
// try to atomically set the previously NULL *engine to new_engine
|
||||||
uint32_t set_engine = (uint32_t)new_engine;
|
set_engine = (uint32_t)new_engine;
|
||||||
uxPortCompareSet((volatile uint32_t *)engine, 0, &set_engine);
|
uxPortCompareSet((volatile uint32_t *)engine, 0, &set_engine);
|
||||||
|
|
||||||
if (set_engine != 0) { // we lost a race setting *engine
|
if (set_engine != 0) { // we lost a race setting *engine
|
||||||
|
|
@ -229,6 +230,8 @@ void esp_sha_wait_idle(void)
|
||||||
|
|
||||||
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
|
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
|
||||||
{
|
{
|
||||||
|
uint32_t *digest_state_words = NULL;
|
||||||
|
uint32_t *reg_addr_buf = NULL;
|
||||||
#ifndef NDEBUG
|
#ifndef NDEBUG
|
||||||
{
|
{
|
||||||
SemaphoreHandle_t *engine_state = sha_get_engine_state(sha_type);
|
SemaphoreHandle_t *engine_state = sha_get_engine_state(sha_type);
|
||||||
|
|
@ -246,8 +249,8 @@ void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
|
||||||
|
|
||||||
DPORT_REG_WRITE(SHA_LOAD_REG(sha_type), 1);
|
DPORT_REG_WRITE(SHA_LOAD_REG(sha_type), 1);
|
||||||
while(DPORT_REG_READ(SHA_BUSY_REG(sha_type)) == 1) { }
|
while(DPORT_REG_READ(SHA_BUSY_REG(sha_type)) == 1) { }
|
||||||
uint32_t *digest_state_words = (uint32_t *)digest_state;
|
digest_state_words = (uint32_t *)digest_state;
|
||||||
uint32_t *reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE);
|
reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE);
|
||||||
if(sha_type == SHA2_384 || sha_type == SHA2_512) {
|
if(sha_type == SHA2_384 || sha_type == SHA2_512) {
|
||||||
/* for these ciphers using 64-bit states, swap each pair of words */
|
/* for these ciphers using 64-bit states, swap each pair of words */
|
||||||
DPORT_INTERRUPT_DISABLE(); // Disable interrupt only on current CPU.
|
DPORT_INTERRUPT_DISABLE(); // Disable interrupt only on current CPU.
|
||||||
|
|
@ -264,6 +267,8 @@ void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
|
||||||
|
|
||||||
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
|
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
|
||||||
{
|
{
|
||||||
|
uint32_t *reg_addr_buf = NULL;
|
||||||
|
uint32_t *data_words = NULL;
|
||||||
#ifndef NDEBUG
|
#ifndef NDEBUG
|
||||||
{
|
{
|
||||||
SemaphoreHandle_t *engine_state = sha_get_engine_state(sha_type);
|
SemaphoreHandle_t *engine_state = sha_get_engine_state(sha_type);
|
||||||
|
|
@ -280,10 +285,10 @@ void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_
|
||||||
esp_sha_wait_idle();
|
esp_sha_wait_idle();
|
||||||
|
|
||||||
/* Fill the data block */
|
/* Fill the data block */
|
||||||
uint32_t *reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE);
|
reg_addr_buf = (uint32_t *)(SHA_TEXT_BASE);
|
||||||
uint32_t *data_words = (uint32_t *)data_block;
|
data_words = (uint32_t *)data_block;
|
||||||
for (int i = 0; i < block_length(sha_type) / 4; i++) {
|
for (int i = 0; i < block_length(sha_type) / 4; i++) {
|
||||||
reg_addr_buf[i] = __bswap_32(data_words[i]);
|
reg_addr_buf[i] = __builtin_bswap32(data_words[i]);
|
||||||
}
|
}
|
||||||
asm volatile ("memw");
|
asm volatile ("memw");
|
||||||
|
|
||||||
|
|
@ -311,9 +316,10 @@ void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, uns
|
||||||
const size_t BLOCKS_PER_CHUNK = 100;
|
const size_t BLOCKS_PER_CHUNK = 100;
|
||||||
const size_t MAX_CHUNK_LEN = BLOCKS_PER_CHUNK * block_len;
|
const size_t MAX_CHUNK_LEN = BLOCKS_PER_CHUNK * block_len;
|
||||||
|
|
||||||
|
SHA_CTX ctx;
|
||||||
|
|
||||||
esp_sha_lock_engine(sha_type);
|
esp_sha_lock_engine(sha_type);
|
||||||
|
|
||||||
SHA_CTX ctx;
|
|
||||||
ets_sha_init(&ctx);
|
ets_sha_init(&ctx);
|
||||||
|
|
||||||
while (ilen > 0) {
|
while (ilen > 0) {
|
||||||
|
|
@ -47,7 +47,7 @@
|
||||||
#endif /* MBEDTLS_PLATFORM_C */
|
#endif /* MBEDTLS_PLATFORM_C */
|
||||||
#endif /* MBEDTLS_SELF_TEST */
|
#endif /* MBEDTLS_SELF_TEST */
|
||||||
|
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
|
|
||||||
/* Implementation that should never be optimized out by the compiler */
|
/* Implementation that should never be optimized out by the compiler */
|
||||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,7 @@
|
||||||
#endif /* MBEDTLS_PLATFORM_C */
|
#endif /* MBEDTLS_PLATFORM_C */
|
||||||
#endif /* MBEDTLS_SELF_TEST */
|
#endif /* MBEDTLS_SELF_TEST */
|
||||||
|
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
|
|
||||||
/* Implementation that should never be optimized out by the compiler */
|
/* Implementation that should never be optimized out by the compiler */
|
||||||
static void mbedtls_zeroize( void *v, size_t n ) {
|
static void mbedtls_zeroize( void *v, size_t n ) {
|
||||||
|
|
|
||||||
|
|
@ -54,7 +54,7 @@
|
||||||
#endif /* MBEDTLS_PLATFORM_C */
|
#endif /* MBEDTLS_PLATFORM_C */
|
||||||
#endif /* MBEDTLS_SELF_TEST */
|
#endif /* MBEDTLS_SELF_TEST */
|
||||||
|
|
||||||
#include "hwcrypto/sha.h"
|
#include "esp32/sha.h"
|
||||||
|
|
||||||
inline static esp_sha_type sha_type(const mbedtls_sha512_context *ctx)
|
inline static esp_sha_type sha_type(const mbedtls_sha512_context *ctx)
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -28,7 +28,7 @@ extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_AES_ALT)
|
#if defined(MBEDTLS_AES_ALT)
|
||||||
#include "hwcrypto/aes.h"
|
#include "esp32/aes.h"
|
||||||
|
|
||||||
typedef esp_aes_context mbedtls_aes_context;
|
typedef esp_aes_context mbedtls_aes_context;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -328,6 +328,9 @@ int esp_internal_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16
|
||||||
/** Deprecated, see esp_aes_internal_decrypt */
|
/** Deprecated, see esp_aes_internal_decrypt */
|
||||||
void esp_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) __attribute__((deprecated));
|
void esp_aes_decrypt( esp_aes_context *ctx, const unsigned char input[16], unsigned char output[16] ) __attribute__((deprecated));
|
||||||
|
|
||||||
|
/** AES-XTS buffer encryption/decryption */
|
||||||
|
int esp_aes_crypt_xts( esp_aes_xts_context *ctx, int mode, size_t length, const unsigned char data_unit[16], const unsigned char *input, unsigned char *output );
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
Loading…
Reference in a new issue