1. For SHA AC, use atomic flag to manage its ownership.
(1) Nuvoton SHA AC doesn't support SHA context save & restore, so S/W
SHA fallback has been supported before. To make non-blocking 'acquire'
semantics clearer, introduce 'try_acquire' to substitute for 'acquire'.
(2) No biting CPU due to mechanism above.
(3) No deadlock due to mechanism above.
2. For AES/DES/ECC AC, change to mutex to manage their ownership.
(1) Change crypto-misc.c to crypto-misc.cpp to utilize C++ SingletonPtr
which guarantees thread-safe mutex construct-on-first-use.
(2) With change to crypto-misc.cpp, add 'extern "C"' modifier to CRYPTO_IRQHandler()
to avoid name mangling in C++.
(3) No priority inversion because mutex has osMutexPrioInherit attribute
bit set.
(4) No deadlock because these AC are all locked for a short sequence
of operations rather than the whole lifetime of mbedtls context.
(5) For double mbedtls_internal_ecp_init() issue, it has been fixed in upper
mbedtls layer. So no need to change ecc init/free flow.
Take SHA1 for example, without the fix, SHA H/W is not stopped in either case:
(1) ctx->total == 0 in mbedtls_sha1_hw_finish()
(2) mbedtls_sha1_hw_finish() is not called by upper layer
For example, even though MBEDTLS_SHA512_C is disabled (via #undef MBEDTLS_SHA512_C),
mbedtls_sha512_context is still necessary due to referenced in sha512.h.
Add counter to track crypto init among crypto sub-modules. It includes:
1. Enable crypto clock
2. Enable crypto interrupt
As counter gets zero, crypto clock is disabled to save power.
1. aes.h/des.h/sha1.h/sha256.h/sha512.h includes config.h before aes_alt.h/des_alt.h/sha1_alt.h/sha256_alt.h/sha512_alt.h.
2. aes_alt.h/des_alt.h/sha1_alt.h/sha256_alt.h/sha512_alt.h should not be included in any other location.
3. Just include aes.h/des.h/sha1.h/sha256.h/sha512.h in aes_alt.c/des_alt.c/sha1_alt.c/sha256_alt.c/sha512_alt.c.
ccli8
Krzysztof Stachowiak
Martin Kojtal
Krzysztof Stachowiak