HW Accelerated SHA1 and SHA256

Add Poritng for Sha1 and SHA256 over Cryptocell
pull/6794/head
Ron Eldor 2017-03-22 19:36:38 +02:00
parent fdf5587e29
commit 19e2adf98d
5 changed files with 442 additions and 1 deletions

View File

@ -21,8 +21,8 @@
#ifndef __MBEDTLS_DEVICE__
#define __MBEDTLS_DEVICE__
#define MBEDTLS_AES_ALT
#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
#define MBEDTLS_AES_ALT
#define MBEDTLS_SHA1_ALT
#define MBEDTLS_SHA256_ALT
#define MBEDTLS_CCM_ALT

View File

@ -0,0 +1,86 @@
/*
* sha1_alt.c
*
* Copyright (C) 2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/sha1.h"
#if defined(MBEDTLS_SHA1_ALT)
#include <string.h>
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
{
if( ctx == NULL )
return;
CRYS_HASH_Free( &ctx->crys_hash_ctx );
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src )
{
memcpy( dst, src, sizeof( mbedtls_sha1_context ) );
}
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx )
{
if( CRYS_HASH_Init( &ctx->crys_hash_ctx, CRYS_HASH_SHA1_mode ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] )
{
CRYSError_t CrysErr = CRYS_OK;
CRYS_HASH_Result_t crys_result = {0};
CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result );
if( CrysErr == CRYS_OK )
{
memcpy( output, crys_result, 20 );
return ( 0 );
}
else
return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED );
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA1_HW_ACCEL_FAILED );
return ( 0 );
}
#endif //MBEDTLS_SHA1_ALT

View File

@ -0,0 +1,148 @@
/*
* sha1_alt.h
*
* Copyright (C) 2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#ifndef __SHA1_ALT__
#define __SHA1_ALT__
#if defined(MBEDTLS_SHA1_ALT)
#include "crys_hash.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-1 context structure
*/
typedef struct
{
CRYS_HASHUserContext_t crys_hash_ctx;
} mbedtls_sha1_context;
/**
* \brief This function initializes a SHA-1 context.
*
* \param ctx The SHA-1 context to initialize.
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
/**
* \brief This function clears a SHA-1 context.
*
* \param ctx The SHA-1 context to clear.
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
/**
* \brief This function clones the state of a SHA-1 context.
*
* \param dst The destination context.
* \param src The context to clone.
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src );
/**
* \brief This function starts a SHA-1 checksum calculation.
*
* \param ctx The context to initialize.
*
* \return \c 0 if successful
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_sha1_starts_ret( mbedtls_sha1_context *ctx );
/**
* \brief This function feeds an input buffer into an ongoing SHA-1
* checksum calculation.
*
* \param ctx The SHA-1 context.
* \param input The buffer holding the input data.
* \param ilen The length of the input data.
*
* \return \c 0 if successful
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_sha1_update_ret( mbedtls_sha1_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief This function finishes the SHA-1 operation, and writes
* the result to the output buffer.
*
* \param ctx The SHA-1 context.
* \param output The SHA-1 checksum result.
*
* \return \c 0 if successful
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_sha1_finish_ret( mbedtls_sha1_context *ctx,
unsigned char output[20] );
/**
* \brief SHA-1 process data block (internal use only)
*
* \param ctx SHA-1 context
* \param data The data block being processed.
*
* \return \c 0 if successful
*
* \warning SHA-1 is considered a weak message digest and its use
* constitutes a security risk. We recommend considering
* stronger message digests instead.
*
*/
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx,
const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#endif //MBEDTLS_SHA1_ALT
#endif //__SHA1_ALT__

View File

@ -0,0 +1,86 @@
/*
* sha256_alt.c
*
* Copyright (C) 2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include "mbedtls/sha256.h"
#if defined(MBEDTLS_SHA256_ALT)
#include <string.h>
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
{
if( ctx == NULL )
return;
CRYS_HASH_Free( &ctx->crys_hash_ctx );
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src )
{
memcpy( dst, src, sizeof( mbedtls_sha256_context ) );
}
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 )
{
if(CRYS_HASH_Init( &ctx->crys_hash_ctx, is224 ?
CRYS_HASH_SHA224_mode : CRYS_HASH_SHA256_mode ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)data, 64 ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen )
{
if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK )
return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED );
return ( 0 );
}
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] )
{
CRYSError_t CrysErr = CRYS_OK;
CRYS_HASH_Result_t crys_result = {0};
CrysErr = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result );
if( CrysErr == CRYS_OK )
{
memcpy( output, crys_result, 32 );
return ( 0 );
}
else
return ( MBEDTLS_ERR_SHA256_HW_ACCEL_FAILED );
}
#endif //MBEDTLS_SHA256_ALT

View File

@ -0,0 +1,121 @@
/*
* sha256_alt.h
*
* Copyright (C) 2018, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#ifndef __SHA256_ALT__
#define __SHA256_ALT__
#if defined(MBEDTLS_SHA256_ALT)
#include "crys_hash.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-256 context structure
*/
typedef struct
{
CRYS_HASHUserContext_t crys_hash_ctx;
} mbedtls_sha256_context;
/**
* \brief This function initializes a SHA-256 context.
*
* \param ctx The SHA-256 context to initialize.
*/
void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
/**
* \brief This function clears a SHA-256 context.
*
* \param ctx The SHA-256 context to clear.
*/
void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
/**
* \brief This function clones the state of a SHA-256 context.
*
* \param dst The destination context.
* \param src The context to clone.
*/
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src );
/**
* \brief This function starts a SHA-224 or SHA-256 checksum
* calculation.
*
* \param ctx The context to initialize.
* \param is224 Determines which function to use.
* <ul><li>0: Use SHA-256.</li>
* <li>1: Use SHA-224.</li></ul>
*
* \return \c 0 on success.
*/
int mbedtls_sha256_starts_ret( mbedtls_sha256_context *ctx, int is224 );
/**
* \brief This function feeds an input buffer into an ongoing
* SHA-256 checksum calculation.
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param ilen length of the input data
*
* \return \c 0 on success.
*/
int mbedtls_sha256_update_ret( mbedtls_sha256_context *ctx,
const unsigned char *input,
size_t ilen );
/**
* \brief This function finishes the SHA-256 operation, and writes
* the result to the output buffer.
*
* \param ctx The SHA-256 context.
* \param output The SHA-224 or SHA-256 checksum result.
*
* \return \c 0 on success.
*/
int mbedtls_sha256_finish_ret( mbedtls_sha256_context *ctx,
unsigned char output[32] );
/**
* \brief This function processes a single data block within
* the ongoing SHA-256 computation. This function is for
* internal use only.
*
* \param ctx The SHA-256 context.
* \param data The buffer holding one block of data.
*
* \return \c 0 on success.
*/
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx,
const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#endif // MBEDTLS_SHA256_ALT__
#endif //__SHA256_ALT__