From a060c7b0cb2c8d0001a5e37d71a8e7729da42649 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Thu, 27 Jun 2019 18:23:26 +0300 Subject: [PATCH 1/3] Port CC 310 sha512 driver Port the cc310 SHA512 driver, even though it is sw implementation. Because the linker could not remove the cc310 sha512 implementation, there was duplicate implementation of SHA512, without enabling the sha512 alternative implementation. --- .../FEATURE_CRYPTOCELL310/mbedtls_device.h | 1 + .../FEATURE_CRYPTOCELL310/sha512_alt.c | 86 +++++++++++++++++++ .../FEATURE_CRYPTOCELL310/sha512_alt.h | 37 ++++++++ 3 files changed, 124 insertions(+) create mode 100644 features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c create mode 100644 features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.h diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h index c612c14e577..69c573d460e 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h @@ -24,6 +24,7 @@ #define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT #define MBEDTLS_SHA1_ALT #define MBEDTLS_SHA256_ALT +#define MBEDTLS_SHA512_ALT #define MBEDTLS_CCM_ALT #define MBEDTLS_ECDSA_VERIFY_ALT #define MBEDTLS_ECDSA_SIGN_ALT diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c new file mode 100644 index 00000000000..86786bbc3cf --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c @@ -0,0 +1,86 @@ +/* + * sha512_alt.c + * + * Copyright (C) 2019, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "mbedtls/sha512.h" +#if defined(MBEDTLS_SHA512_ALT) +#include +#include "mbedtls/platform.h" + +void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) +{ + memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); + +} + +void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) +{ + if( ctx == NULL ) + return; + CRYS_HASH_Free( &ctx->crys_hash_ctx ); + memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); +} + +void mbedtls_sha512_clone( mbedtls_sha512_context *dst, + const mbedtls_sha512_context *src ) +{ + memcpy(dst,src,sizeof(mbedtls_sha512_context)); +} + + +int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 ) +{ + if( is384 ) + return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); + if( CRYS_HASH_Init( &ctx->crys_hash_ctx, CRYS_HASH_SHA512_mode ) != CRYS_OK ) + return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, + const unsigned char data[128] ) +{ + return( MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED ); +} + +int mbedtls_sha512_update_ret( mbedtls_sha512_context *ctx, + const unsigned char *input, + size_t ilen ) +{ + if( CRYS_HASH_Update( &ctx->crys_hash_ctx, (uint8_t*)input, ilen ) != CRYS_OK ) + return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); + return ( 0 ); +} + +int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, + unsigned char output[64] ) +{ + CRYSError_t crys_err = CRYS_OK; + CRYS_HASH_Result_t crys_result = {0}; + crys_err = CRYS_HASH_Finish( &ctx->crys_hash_ctx, crys_result ); + if( crys_err == CRYS_OK ) + { + memcpy(output,crys_result,64); + return ( 0 ); + } + else + return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); +} +#endif //MBEDTLS_SHA512_ALT + diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.h b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.h new file mode 100644 index 00000000000..114341f0b61 --- /dev/null +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.h @@ -0,0 +1,37 @@ +/* + * sha512_alt.h + * + * Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef __SHA512_ALT__ +#define __SHA512_ALT__ + +#if defined(MBEDTLS_SHA512_ALT) + +#include "crys_hash.h" + +/** + * \brief SHA-512 context structure + */ +typedef struct +{ + CRYS_HASHUserContext_t crys_hash_ctx; +} mbedtls_sha512_context; + +#endif // MBEDTLS_SHA256_ALT__ +#endif //__SHA256_ALT__ From 6b17df768563131677401dca775cf010c846c537 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Mon, 8 Jul 2019 18:32:18 +0300 Subject: [PATCH 2/3] Make the alternative sha512 optional Have the alternative sha512 undefined by default, in order not to break backwards compatability. --- features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h index 69c573d460e..3373f6089bb 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/mbedtls_device.h @@ -24,7 +24,7 @@ #define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT #define MBEDTLS_SHA1_ALT #define MBEDTLS_SHA256_ALT -#define MBEDTLS_SHA512_ALT +//#define MBEDTLS_SHA512_ALT #define MBEDTLS_CCM_ALT #define MBEDTLS_ECDSA_VERIFY_ALT #define MBEDTLS_ECDSA_SIGN_ALT From 4cf3e1c1bc4ab5c12cb1a197e17af6984e488d51 Mon Sep 17 00:00:00 2001 From: Ron Eldor Date: Tue, 23 Jul 2019 13:54:09 +0300 Subject: [PATCH 3/3] Style fixes Remove redundant extra lines. --- features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c index 86786bbc3cf..3ba5ba95087 100644 --- a/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c +++ b/features/cryptocell/FEATURE_CRYPTOCELL310/sha512_alt.c @@ -26,7 +26,6 @@ void mbedtls_sha512_init( mbedtls_sha512_context *ctx ) { memset( ctx, 0, sizeof( mbedtls_sha512_context ) ); - } void mbedtls_sha512_free( mbedtls_sha512_context *ctx ) @@ -83,4 +82,3 @@ int mbedtls_sha512_finish_ret( mbedtls_sha512_context *ctx, return ( MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED ); } #endif //MBEDTLS_SHA512_ALT -