Skip to content

Commit

Permalink
sys/psa_crypto: support for SHA-{384,512-{224,256}}
Browse files Browse the repository at this point in the history
  • Loading branch information
mguetschow committed May 14, 2024
1 parent 12180f5 commit ecf2595
Show file tree
Hide file tree
Showing 15 changed files with 490 additions and 8 deletions.
6 changes: 6 additions & 0 deletions features.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -835,8 +835,14 @@ groups:
help: SHA-224 hardware acceleration present.
- name: periph_hash_sha_256
help: SHA-256 hardware acceleration present.
- name: periph_hash_sha_384
help: SHA-384 hardware acceleration present.
- name: periph_hash_sha_512
help: SHA-512 hardware acceleration present.
- name: periph_hash_sha_512_224
help: SHA-512/224 hardware acceleration present.
- name: periph_hash_sha_512_256
help: SHA-512/256 hardware acceleration present.
- name: periph_hmac_sha_256
help: HMAC SHA-256 hardware acceleration present.
- name: periph_hwrng
Expand Down
3 changes: 3 additions & 0 deletions makefiles/features_existing.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,10 @@ FEATURES_EXISTING := \
periph_hash_sha_1 \
periph_hash_sha_224 \
periph_hash_sha_256 \
periph_hash_sha_384 \
periph_hash_sha_512 \
periph_hash_sha_512_224 \
periph_hash_sha_512_256 \
periph_hmac_sha_256 \
periph_hwrng \
periph_i2c \
Expand Down
3 changes: 3 additions & 0 deletions makefiles/features_modules.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,10 @@ PERIPH_IGNORE_MODULES := \
periph_hash_sha_1 \
periph_hash_sha_224 \
periph_hash_sha_256 \
periph_hash_sha_384 \
periph_hash_sha_512 \
periph_hash_sha_512_224 \
periph_hash_sha_512_256 \
periph_hmac_sha_256 \
periph_i2c_hw \
periph_i2c_sw \
Expand Down
3 changes: 3 additions & 0 deletions makefiles/pseudomodules.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -361,7 +361,10 @@ PSEUDOMODULES += psa_riot_hashes_md5
PSEUDOMODULES += psa_riot_hashes_sha_1
PSEUDOMODULES += psa_riot_hashes_sha_224
PSEUDOMODULES += psa_riot_hashes_sha_256
PSEUDOMODULES += psa_riot_hashes_sha_384
PSEUDOMODULES += psa_riot_hashes_sha_512
PSEUDOMODULES += psa_riot_hashes_sha_512_224
PSEUDOMODULES += psa_riot_hashes_sha_512_256
PSEUDOMODULES += psa_riot_hashes_hmac_sha256
PSEUDOMODULES += fortuna_reseed
PSEUDOMODULES += riotboot_%
Expand Down
47 changes: 47 additions & 0 deletions sys/hashes/psa_riot_hashes/sha_384.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <[email protected]>
*
* @}
*/

#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha384_setup(psa_hashes_sha384_ctx_t *ctx)
{
sha384_init((sha384_context_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha384_update(psa_hashes_sha384_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha384_update((sha384_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha384_finish(psa_hashes_sha384_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha384_final((sha384_context_t *)ctx, hash);

(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}
47 changes: 47 additions & 0 deletions sys/hashes/psa_riot_hashes/sha_512_224.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <[email protected]>
*
* @}
*/

#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha512_224_setup(psa_hashes_sha512_224_ctx_t *ctx)
{
sha512_224_init((sha512_224_context_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha512_224_update(psa_hashes_sha512_224_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha512_224_update((sha512_224_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha512_224_finish(psa_hashes_sha512_224_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha512_224_final((sha512_224_context_t *)ctx, hash);

(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}
47 changes: 47 additions & 0 deletions sys/hashes/psa_riot_hashes/sha_512_256.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <[email protected]>
*
* @}
*/

#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha512_256_setup(psa_hashes_sha512_256_ctx_t *ctx)
{
sha512_256_init((sha512_256_context_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha512_256_update(psa_hashes_sha512_256_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha512_256_update((sha512_256_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha512_256_finish(psa_hashes_sha512_256_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha512_256_final((sha512_256_context_t *)ctx, hash);

(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}
18 changes: 18 additions & 0 deletions sys/include/hashes/psa/riot_hashes.h
Original file line number Diff line number Diff line change
Expand Up @@ -49,12 +49,30 @@ typedef sha224_context_t psa_hashes_sha224_ctx_t;
typedef sha256_context_t psa_hashes_sha256_ctx_t;
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384))
#include "hashes/sha384.h"

typedef sha384_context_t psa_hashes_sha384_ctx_t;
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512))
#include "hashes/sha512.h"

typedef sha512_context_t psa_hashes_sha512_ctx_t;
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224))
#include "hashes/sha512_224.h"

typedef sha512_224_context_t psa_hashes_sha512_224_ctx_t;
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256))
#include "hashes/sha512_256.h"

typedef sha512_256_context_t psa_hashes_sha512_256_ctx_t;
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_HMAC_SHA256))
#include "hashes/sha256.h"
#endif
Expand Down
9 changes: 9 additions & 0 deletions sys/include/psa_crypto/psa/crypto_contexts.h
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,18 @@ typedef union {
#if IS_USED(MODULE_PSA_HASH_SHA_256) || defined(DOXYGEN)
psa_hashes_sha256_ctx_t sha256; /**< SHA-256 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_384) || defined(DOXYGEN)
psa_hashes_sha384_ctx_t sha384; /**< SHA-384 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512) || defined(DOXYGEN)
psa_hashes_sha512_ctx_t sha512; /**< SHA-512 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512_224) || defined(DOXYGEN)
psa_hashes_sha512_224_ctx_t sha512_224; /**< SHA-512/224 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512_256) || defined(DOXYGEN)
psa_hashes_sha512_256_ctx_t sha512_256; /**< SHA-512/256 context */
#endif
} psa_hash_context_t;
#endif

Expand Down
8 changes: 6 additions & 2 deletions sys/include/psa_crypto/psa/crypto_includes.h
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,9 @@ extern "C" {

#if IS_USED(MODULE_PSA_RIOT_HASHES_HMAC_SHA256) || IS_USED(MODULE_PSA_RIOT_HASHES_MD5) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_1) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512)
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256)
#include "hashes/psa/riot_hashes.h"
#endif

Expand All @@ -40,7 +42,9 @@ extern "C" {
#endif

#if IS_USED(MODULE_PERIPH_HASH_SHA_1) || IS_USED(MODULE_PERIPH_HASH_SHA_224) || \
IS_USED(MODULE_PERIPH_HASH_SHA_256) || IS_USED(MODULE_PERIPH_HASH_SHA_512)
IS_USED(MODULE_PERIPH_HASH_SHA_256) || IS_USED(MODULE_PERIPH_HASH_SHA_384) || \
IS_USED(MODULE_PERIPH_HASH_SHA_512) || IS_USED(MODULE_PERIPH_HASH_SHA_512_224) || \
IS_USED(MODULE_PERIPH_HASH_SHA_512_256)
#include "psa_periph_hashes_ctx.h"
#endif

Expand Down
73 changes: 73 additions & 0 deletions sys/psa_crypto/Makefile.dep
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,30 @@ ifneq (,$(filter psa_hash_sha_256_backend_riot,$(USEMODULE)))
USEMODULE += psa_riot_hashes_sha_256
endif

## SHA-384
ifneq (,$(filter psa_hash_sha_384,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_384_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_384
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_384,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_384_backend_periph
else
USEMODULE += psa_hash_sha_384_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha_384_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_384
endif

ifneq (,$(filter psa_hash_sha_384_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_384
endif

## SHA-512
ifneq (,$(filter psa_hash_sha_512,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_custom_backend,$(USEMODULE)))
Expand All @@ -251,6 +275,55 @@ ifneq (,$(filter psa_hash_sha_512_backend_riot,$(USEMODULE)))
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512
endif

## SHA-512/224
ifneq (,$(filter psa_hash_sha_512_224,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_224_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_512_224
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_512_224,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_512_224_backend_periph
else
USEMODULE += psa_hash_sha_512_224_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha_512_224_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_512_224
endif

ifneq (,$(filter psa_hash_sha_512_224_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512_224
endif

## SHA-512/256
ifneq (,$(filter psa_hash_sha_512_256,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_256_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_512_256
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_512_256,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_512_256_backend_periph
else
USEMODULE += psa_hash_sha_512_256_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha_512_256_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_512_256
endif

ifneq (,$(filter psa_hash_sha_512_256_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512_256
endif

# Key Management
ifneq (,$(filter psa_key_management,$(USEMODULE)))
USEMODULE += psa_key_slot_mgmt
Expand Down
Loading

0 comments on commit ecf2595

Please sign in to comment.