Port CC 310 sha 512 driver #10913
Port CC 310 sha 512 driver #10913
Conversation
Port the cc310 SHA512 driver, even though it is sw implementation. Because the linker could not remove the cc310 sha512 implementation, there was duplicate implementation of SHA512, without enabling the sha512 alternative implementation.
|
81880 bytes less in flash isn't a mistype? |
|
It looked to me strange as well, however, looking at the generated map file with GCC)ARM toolchain I see ROM value: |
|
@RonEld, thank you for your changes. |
|
If this works out, you have made our summer more interesting. Thanks, keep the optimizations coming. |
🌞 🍹 |
|
looking at the generated map file, I think the numbers I found are incorrect and not realted to this change, unfortunately. There was probably some environment issues causeing the differnce. |
|
@ARMmbed/mbed-os-crypto Please review |
Is this acceptable? Note that SHA-384 is used in the real world, especially for HTTPS on the web. I think most clients and servers also accept SHA-256 but not SHA-512. The reason they use SHA-384 in preference to SHA-256 is that it's faster on 64-bit machines, but they normally also support SHA-256 to interoperate with 32-bit endpoints or to save on the transmitted data size. Even so, losing SHA-384 can affect applications and should at least be clearly documented. |
It's a limitation of opting in to hardware acceleration on this platform, which the system integrator would need to accept as valid for their expected use cases. We are making it opt-in, right? |
It is defined by default in |
|
I'd rather avoid braking changes and do it as an option. We can break at next major version. |
|
The idea was to make it for the next major release, unless it is required for current minor release, in which case we should make it optional, by removing |
Have the alternative sha512 undefined by default, in order not to break backwards compatability.
|
I made the alternative sha512 optional. I will make a separate PR, updating the readme file |
|
@ARMmbed/mbed-os-crypto , please add your review comments! |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
| int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, | ||
| const unsigned char data[128] ) | ||
| { | ||
| return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); |
There was a problem hiding this comment.
Will this break applications that were using software SHA-512 previously? Should we return non-error here?
| void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) | ||
| { | ||
| memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); | ||
|
|
There was a problem hiding this comment.
Remove extra newline here.
| return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); | ||
| } | ||
| #endif //MBEDTLS_SHA512_ALT | ||
|
|
Remove redundant extra lines.
|
@Patater Thank you for your comments! I have addressed them. |
|
@ARMmbed/mbed-os-maintainers Can we start the CI? |
|
CI started |
Test run: SUCCESSSummary: 11 of 11 test jobs passed |
SeppoTakalo
added
ready for merge
release-version: 5.14.0-rc1
and removed
needs: work
labels
Description
Port the cc310 SHA512 driver, even though it is sw implementation.
Because the linker could not remove the cc310 sha512 implementation,
there was duplicate implementation of SHA512, without enabling
the sha512 alternative implementation.
There is a minor performance degradation (284 KB/s instead of 322 KB/s), however improvement in memory usage.
According to the generated map file, using GCC_ARM:
ROM: 81880 bytes smaller
RAM: 48 bytes smaller
Downside s the SHA384 is not supported with this driver introduction anymore.
Pull request type
Reviewers
@ARMmbed/mbed-os-crypto
Release Notes
SHA384 is not supported, returning
MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED