Merge pull request #5630 from adustm/fix5079_sha1_md5_sha256_hwcrypto

Fix #5079. Support of call to mbedtls_x_finish without calling mbedtls_x_update
2018-01-31 12:08:44 -06:00 · 2018-01-31 12:08:44 -06:00 · c06a42b05d
parent 195b3ea24b 88c3b3ee28
commit c06a42b05d
4 changed files with 52 additions and 54 deletions
--- a/features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/TARGET_STM32F439xI/mbedtls_device.h
+++ b/features/mbedtls/targets/TARGET_STM/TARGET_STM32F4/TARGET_STM32F439xI/mbedtls_device.h
@ -22,12 +22,10 @@

 #define MBEDTLS_AES_ALT

-/* FIXME: Don't enable SHA1, SHA256 and MD5 hardware acceleration until issue
- * #5079 is fixed. (https://github.com/ARMmbed/mbed-os/issues/5079) */
-/* #define MBEDTLS_SHA256_ALT */
+#define MBEDTLS_SHA256_ALT

-/* #define MBEDTLS_SHA1_ALT */
+#define MBEDTLS_SHA1_ALT

-/* #define MBEDTLS_MD5_ALT */
+#define MBEDTLS_MD5_ALT

 #endif /* MBEDTLS_DEVICE_H */
--- a/features/mbedtls/targets/TARGET_STM/md5_alt.c
+++ b/features/mbedtls/targets/TARGET_STM/md5_alt.c
@ -17,8 +17,8 @@
 *  limitations under the License.
 *
 */
-#if defined(MBEDTLS_MD5_C)
 #include "mbedtls/md5.h"
+#if defined(MBEDTLS_MD5_C)

 #if defined(MBEDTLS_MD5_ALT)
 #include "mbedtls/platform.h"
@ -127,42 +127,40 @@ void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[ST_
 void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
 {
    size_t currentlen = ilen;
-    if (st_md5_restore_hw_context(ctx) != 1) {
-        return; // Return HASH_BUSY timout error here
-    }
-    // store mechanism to accumulate ST_MD5_BLOCK_SIZE bytes (512 bits) in the HW
-    if (currentlen == 0){ // only change HW status is size if 0
-        if(ctx->hhash_md5.Phase == HAL_HASH_PHASE_READY) {
-          /* Select the MD5 mode and reset the HASH processor core, so that the HASH will be ready to compute
-             the message digest of a new message */
-          HASH->CR |= HASH_ALGOSELECTION_MD5 | HASH_CR_INIT;
+    /* If ilen = 0 : do nothing */
+    if (currentlen != 0) {
+        if (st_md5_restore_hw_context(ctx) != 1) {
+            return; // Return HASH_BUSY timout error here
        }
-        ctx->hhash_md5.Phase = HAL_HASH_PHASE_PROCESS;
-    } else if (currentlen < (ST_MD5_BLOCK_SIZE - ctx->sbuf_len)) {
-        // only buffurize
-        memcpy(ctx->sbuf+ctx->sbuf_len, input, currentlen);
-        ctx->sbuf_len += currentlen;
-    } else {
-        // fill buffer and process it
-        memcpy(ctx->sbuf + ctx->sbuf_len, input, (ST_MD5_BLOCK_SIZE - ctx->sbuf_len));
-        currentlen -= (ST_MD5_BLOCK_SIZE - ctx->sbuf_len);
-        mbedtls_md5_process(ctx, ctx->sbuf);
-        // Process every input as long as it is %64 bytes, ie 512 bits
-        size_t iter = currentlen / ST_MD5_BLOCK_SIZE;
-        if (iter !=0) {
-            if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input + ST_MD5_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_MD5_BLOCK_SIZE)) != 0) {
-                return; // Return error code here
+
+        // store mechanism to accumulate ST_MD5_BLOCK_SIZE bytes (512 bits) in the HW
+        if (currentlen < (ST_MD5_BLOCK_SIZE - ctx->sbuf_len)) {
+            // only buffurize
+            memcpy(ctx->sbuf+ctx->sbuf_len, input, currentlen);
+            ctx->sbuf_len += currentlen;
+        } else {
+            // fill buffer and process it
+            memcpy(ctx->sbuf + ctx->sbuf_len, input, (ST_MD5_BLOCK_SIZE - ctx->sbuf_len));
+            currentlen -= (ST_MD5_BLOCK_SIZE - ctx->sbuf_len);
+            mbedtls_md5_process(ctx, ctx->sbuf);
+            // Process every input as long as it is %64 bytes, ie 512 bits
+            size_t iter = currentlen / ST_MD5_BLOCK_SIZE;
+            if (iter !=0) {
+                if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input + ST_MD5_BLOCK_SIZE - ctx->sbuf_len), (iter * ST_MD5_BLOCK_SIZE)) != 0) {
+                    return; // Return error code here
+                }
+            }
+            // sbuf is completely accumulated, now copy up to 63 remaining bytes
+            ctx->sbuf_len = currentlen % ST_MD5_BLOCK_SIZE;
+            if (ctx->sbuf_len !=0) {
+                memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
            }
        }
-        // sbuf is completely accumulated, now copy up to 63 remaining bytes
-        ctx->sbuf_len = currentlen % ST_MD5_BLOCK_SIZE;
-        if (ctx->sbuf_len !=0) {
-            memcpy(ctx->sbuf, input + ilen - ctx->sbuf_len, ctx->sbuf_len);
+
+        if (st_md5_save_hw_context(ctx) != 1) {
+            return; // return HASH_BUSY timeout Error here
        }
    }
-    if (st_md5_save_hw_context(ctx) != 1) {
-        return; // return HASH_BUSY timeout Error here
-    }
 }

 void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
@ -170,11 +168,12 @@ void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
    if (st_md5_restore_hw_context(ctx) != 1) {
        return; // Return HASH_BUSY timout error here
    }
-    if (ctx->sbuf_len > 0) {
-        if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, ctx->sbuf, ctx->sbuf_len) != 0) {
-            return; // Return error code here
-        }
+    /* Last accumulation for extra bytes in sbuf_len */
+    /* This sets HW flags in case mbedtls_md5_update has not been called yet */
+    if (HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, ctx->sbuf, ctx->sbuf_len) != 0) {
+        return; // Return error code here
    }
+
    mbedtls_zeroize( ctx->sbuf, ST_MD5_BLOCK_SIZE);
    ctx->sbuf_len = 0;
    __HAL_HASH_START_DIGEST();
--- a/features/mbedtls/targets/TARGET_STM/sha1_alt.c
+++ b/features/mbedtls/targets/TARGET_STM/sha1_alt.c
@ -169,10 +169,10 @@ void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
        return; // Return HASH_BUSY timout error here
    }

-    if (ctx->sbuf_len > 0) {
-        if (HAL_HASH_SHA1_Accumulate(&ctx->hhash_sha1, ctx->sbuf, ctx->sbuf_len) != 0) {
-            return; // Return error code here
-        }
+    /* Last accumulation for extra bytes in sbuf_len */
+    /* This allows the HW flags to be in place in case mbedtls_sha256_update has not been called yet */
+    if (HAL_HASH_SHA1_Accumulate(&ctx->hhash_sha1, ctx->sbuf, ctx->sbuf_len) != 0) {
+        return; // Return error code here
    }
    mbedtls_zeroize(ctx->sbuf, ST_SHA1_BLOCK_SIZE);
    ctx->sbuf_len = 0;
--- a/features/mbedtls/targets/TARGET_STM/sha256_alt.c
+++ b/features/mbedtls/targets/TARGET_STM/sha256_alt.c
@ -187,17 +187,18 @@ void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32
    if (st_sha256_restore_hw_context(ctx) != 1) {
        return; // Return HASH_BUSY timout error here
    }
-    if (ctx->sbuf_len > 0) {
-        if (ctx->is224 == 0) {
-            if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len) != 0) {
-                return; // Return error code here
-            }
-        } else {
-            if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len) != 0) {
-                return; // Return error code here
-            }
+    /* Last accumulation for extra bytes in sbuf_len */
+    /* This allows the HW flags to be in place in case mbedtls_sha256_update has not been called yet */
+    if (ctx->is224 == 0) {
+        if (HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len) != 0) {
+            return; // Return error code here
+        }
+    } else {
+        if (HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len) != 0) {
+            return; // Return error code here
        }
    }
+
    mbedtls_zeroize(ctx->sbuf, ST_SHA256_BLOCK_SIZE);
    ctx->sbuf_len = 0;
    __HAL_HASH_START_DIGEST();