pic32cx_bz_crypto_hash.c
Go to the documentation of this file.
1 /**
2  * @file pic32cx_bz_crypto_hash.c
3  * @brief PIC32CX BZ2 hash hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.4
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "pic32c.h"
36 #include "core/crypto.h"
37 #include "hardware/pic32cx_bz/pic32cx_bz_crypto.h"
38 #include "hardware/pic32cx_bz/pic32cx_bz_crypto_hash.h"
39 #include "hash/hash_algorithms.h"
40 #include "debug.h"
41 
42 //Check crypto library configuration
43 #if (PIC32CX_BZ_CRYPTO_HASH_SUPPORT == ENABLED)
44 
45 //IAR EWARM compiler?
46 #if defined(__ICCARM__)
47 
48 //ICM region descriptor
49 #pragma data_alignment = 64
50 static Pic32cxbzIcmDesc icmDesc;
51 //ICM hash area
52 #pragma data_alignment = 128
53 static uint32_t icmHash[8];
54 
55 //Keil MDK-ARM or GCC compiler?
56 #else
57 
58 //ICM region descriptor
59 static Pic32cxbzIcmDesc icmDesc __attribute__((aligned(64)));
60 //ICM hash area
61 static uint32_t icmHash[8] __attribute__((aligned(128)));
62 
63 #endif
64 
65 //Padding string
66 static const uint8_t padding[64] =
67 {
68  0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
69  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
70  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
71  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
72 };
73 
74 
75 /**
76  * @brief Update hash value
77  * @param[in] algo Hash algorithm
78  * @param[in] data Pointer to the input buffer
79  * @param[in] length Length of the input buffer
80  * @param[in,out] h Hash value
81  **/
82 
83 void hashProcessData(uint32_t algo, const uint8_t *data, size_t length,
84  uint32_t *h)
85 {
86  //Acquire exclusive access to the ICM module
87  osAcquireMutex(&pic32cxbzCryptoMutex);
88 
89  //Perform software reset
90  ICM_REGS->ICM_CTRL = ICM_CTRL_SWRST_Msk;
91 
92  //Set ICM region descriptor
93  icmDesc.raddr = (uint32_t) data;
94  icmDesc.rcfg = ICM_RCFG_ALGO(algo) | ICM_RCFG_EOM_Msk;
95  icmDesc.rctrl = (length / 64) - 1;
96  icmDesc.rnext = 0;
97 
98  //Data memory barrier
99  __DMB();
100 
101  //Set configuration register
102  ICM_REGS->ICM_CFG = ICM_CFG_UALGO(algo) | ICM_CFG_UIHASH_Msk | ICM_CFG_SLBDIS_Msk;
103  //The start address is a multiple of 64 bytes
104  ICM_REGS->ICM_DSCR = (uint32_t) &icmDesc;
105  //The hash memory location must be a multiple of 128 bytes
106  ICM_REGS->ICM_HASH = (uint32_t) &icmHash;
107 
108  //Set initial hash value
109  ICM_REGS->ICM_UIHVAL[0] = h[0];
110  ICM_REGS->ICM_UIHVAL[1] = h[1];
111  ICM_REGS->ICM_UIHVAL[2] = h[2];
112  ICM_REGS->ICM_UIHVAL[3] = h[3];
113  ICM_REGS->ICM_UIHVAL[4] = h[4];
114 
115  //SHA-224 or SHA-256 algorithm?
116  if(algo == ICM_CFG_UALGO_SHA224_Val || algo == ICM_CFG_UALGO_SHA256_Val)
117  {
118  ICM_REGS->ICM_UIHVAL[5] = h[5];
119  ICM_REGS->ICM_UIHVAL[6] = h[6];
120  ICM_REGS->ICM_UIHVAL[7] = h[7];
121  }
122 
123  //Enable RHC interrupt (Region Hash Completed)
124  ICM_REGS->ICM_IER = ICM_IER_RHC(1);
125  //Enable ICM module
126  ICM_REGS->ICM_CTRL = ICM_CTRL_ENABLE_Msk;
127 
128  //The RHC status flag is set when the ICM has completed the region
129  while((ICM_REGS->ICM_ISR & ICM_ISR_RHC_Msk) == 0)
130  {
131  }
132 
133  //Disable ICM module
134  ICM_REGS->ICM_CTRL = ICM_CTRL_DISABLE_Msk;
135 
136  //Data memory barrier
137  __DMB();
138 
139  //Read resulting hash value
140  h[0] = icmHash[0];
141  h[1] = icmHash[1];
142  h[2] = icmHash[2];
143  h[3] = icmHash[3];
144  h[4] = icmHash[4];
145 
146  //SHA-224 or SHA-256 algorithm?
147  if(algo == ICM_CFG_UALGO_SHA224_Val || algo == ICM_CFG_UALGO_SHA256_Val)
148  {
149  h[5] = icmHash[5];
150  h[6] = icmHash[6];
151  h[7] = icmHash[7];
152  }
153 
154  //Release exclusive access to the ICM module
155  osReleaseMutex(&pic32cxbzCryptoMutex);
156 }
157 
158 
159 #if (SHA1_SUPPORT == ENABLED)
160 
161 /**
162  * @brief Initialize SHA-1 message digest context
163  * @param[in] context Pointer to the SHA-1 context to initialize
164  **/
165 
166 void sha1Init(Sha1Context *context)
167 {
168  //Set initial hash value
169  context->h[0] = BETOH32(0x67452301);
170  context->h[1] = BETOH32(0xEFCDAB89);
171  context->h[2] = BETOH32(0x98BADCFE);
172  context->h[3] = BETOH32(0x10325476);
173  context->h[4] = BETOH32(0xC3D2E1F0);
174 
175  //Number of bytes in the buffer
176  context->size = 0;
177  //Total length of the message
178  context->totalSize = 0;
179 }
180 
181 
182 /**
183  * @brief Update the SHA-1 context with a portion of the message being hashed
184  * @param[in] context Pointer to the SHA-1 context
185  * @param[in] data Pointer to the buffer being hashed
186  * @param[in] length Length of the buffer
187  **/
188 
189 void sha1Update(Sha1Context *context, const void *data, size_t length)
190 {
191  size_t n;
192 
193  //Process the incoming data
194  while(length > 0)
195  {
196  //Check whether some data is pending in the buffer
197  if(context->size == 0 && length >= 64)
198  {
199  //The length must be a multiple of 64 bytes
200  n = length - (length % 64);
201 
202  //Update hash value
203  hashProcessData(ICM_CFG_UALGO_SHA1_Val, data, n, context->h);
204 
205  //Update the SHA-1 context
206  context->totalSize += n;
207  //Advance the data pointer
208  data = (uint8_t *) data + n;
209  //Remaining bytes to process
210  length -= n;
211  }
212  else
213  {
214  //The buffer can hold at most 64 bytes
215  n = MIN(length, 64 - context->size);
216 
217  //Copy the data to the buffer
218  osMemcpy(context->buffer + context->size, data, n);
219 
220  //Update the SHA-1 context
221  context->size += n;
222  context->totalSize += n;
223  //Advance the data pointer
224  data = (uint8_t *) data + n;
225  //Remaining bytes to process
226  length -= n;
227 
228  //Check whether the buffer is full
229  if(context->size == 64)
230  {
231  //Update hash value
232  hashProcessData(ICM_CFG_UALGO_SHA1_Val, context->buffer,
233  context->size, context->h);
234 
235  //Empty the buffer
236  context->size = 0;
237  }
238  }
239  }
240 }
241 
242 
243 /**
244  * @brief Finish the SHA-1 message digest
245  * @param[in] context Pointer to the SHA-1 context
246  * @param[out] digest Calculated digest (optional parameter)
247  **/
248 
249 void sha1Final(Sha1Context *context, uint8_t *digest)
250 {
251  size_t paddingSize;
252  uint64_t totalSize;
253 
254  //Length of the original message (before padding)
255  totalSize = context->totalSize * 8;
256 
257  //Pad the message so that its length is congruent to 56 modulo 64
258  if(context->size < 56)
259  {
260  paddingSize = 56 - context->size;
261  }
262  else
263  {
264  paddingSize = 64 + 56 - context->size;
265  }
266 
267  //Append padding
268  sha1Update(context, padding, paddingSize);
269 
270  //Append the length of the original message
271  context->w[14] = htobe32((uint32_t) (totalSize >> 32));
272  context->w[15] = htobe32((uint32_t) totalSize);
273 
274  //Calculate the message digest
275  hashProcessData(ICM_CFG_UALGO_SHA1_Val, context->buffer, 64, context->h);
276 
277  //Copy the resulting digest
278  if(digest != NULL)
279  {
280  osMemcpy(digest, context->digest, SHA1_DIGEST_SIZE);
281  }
282 }
283 
284 
285 /**
286  * @brief Finish the SHA-1 message digest (no padding added)
287  * @param[in] context Pointer to the SHA-1 context
288  * @param[out] digest Calculated digest
289  **/
290 
291 void sha1FinalRaw(Sha1Context *context, uint8_t *digest)
292 {
293  //Copy the resulting digest
294  osMemcpy(digest, context->digest, SHA1_DIGEST_SIZE);
295 }
296 
297 #endif
298 #if (SHA224_SUPPORT == ENABLED)
299 
300 /**
301  * @brief Initialize SHA-224 message digest context
302  * @param[in] context Pointer to the SHA-224 context to initialize
303  **/
304 
305 void sha224Init(Sha224Context *context)
306 {
307  //Set initial hash value
308  context->h[0] = BETOH32(0xC1059ED8);
309  context->h[1] = BETOH32(0x367CD507);
310  context->h[2] = BETOH32(0x3070DD17);
311  context->h[3] = BETOH32(0xF70E5939);
312  context->h[4] = BETOH32(0xFFC00B31);
313  context->h[5] = BETOH32(0x68581511);
314  context->h[6] = BETOH32(0x64F98FA7);
315  context->h[7] = BETOH32(0xBEFA4FA4);
316 
317  //Number of bytes in the buffer
318  context->size = 0;
319  //Total length of the message
320  context->totalSize = 0;
321 }
322 
323 #endif
324 #if (SHA256_SUPPORT == ENABLED)
325 
326 /**
327  * @brief Initialize SHA-256 message digest context
328  * @param[in] context Pointer to the SHA-256 context to initialize
329  **/
330 
331 void sha256Init(Sha256Context *context)
332 {
333  //Set initial hash value
334  context->h[0] = BETOH32(0x6A09E667);
335  context->h[1] = BETOH32(0xBB67AE85);
336  context->h[2] = BETOH32(0x3C6EF372);
337  context->h[3] = BETOH32(0xA54FF53A);
338  context->h[4] = BETOH32(0x510E527F);
339  context->h[5] = BETOH32(0x9B05688C);
340  context->h[6] = BETOH32(0x1F83D9AB);
341  context->h[7] = BETOH32(0x5BE0CD19);
342 
343  //Number of bytes in the buffer
344  context->size = 0;
345  //Total length of the message
346  context->totalSize = 0;
347 }
348 
349 
350 /**
351  * @brief Update the SHA-256 context with a portion of the message being hashed
352  * @param[in] context Pointer to the SHA-256 context
353  * @param[in] data Pointer to the buffer being hashed
354  * @param[in] length Length of the buffer
355  **/
356 
357 void sha256Update(Sha256Context *context, const void *data, size_t length)
358 {
359  size_t n;
360 
361  //Process the incoming data
362  while(length > 0)
363  {
364  //Check whether some data is pending in the buffer
365  if(context->size == 0 && length >= 64)
366  {
367  //The length must be a multiple of 64 bytes
368  n = length - (length % 64);
369 
370  //Update hash value
371  hashProcessData(ICM_CFG_UALGO_SHA256_Val, data, n, context->h);
372 
373  //Update the SHA-256 context
374  context->totalSize += n;
375  //Advance the data pointer
376  data = (uint8_t *) data + n;
377  //Remaining bytes to process
378  length -= n;
379  }
380  else
381  {
382  //The buffer can hold at most 64 bytes
383  n = MIN(length, 64 - context->size);
384 
385  //Copy the data to the buffer
386  osMemcpy(context->buffer + context->size, data, n);
387 
388  //Update the SHA-256 context
389  context->size += n;
390  context->totalSize += n;
391  //Advance the data pointer
392  data = (uint8_t *) data + n;
393  //Remaining bytes to process
394  length -= n;
395 
396  //Check whether the buffer is full
397  if(context->size == 64)
398  {
399  //Update hash value
400  hashProcessData(ICM_CFG_UALGO_SHA256_Val, context->buffer,
401  context->size, context->h);
402 
403  //Empty the buffer
404  context->size = 0;
405  }
406  }
407  }
408 }
409 
410 
411 /**
412  * @brief Finish the SHA-256 message digest
413  * @param[in] context Pointer to the SHA-256 context
414  * @param[out] digest Calculated digest (optional parameter)
415  **/
416 
417 void sha256Final(Sha256Context *context, uint8_t *digest)
418 {
419  size_t paddingSize;
420  uint64_t totalSize;
421 
422  //Length of the original message (before padding)
423  totalSize = context->totalSize * 8;
424 
425  //Pad the message so that its length is congruent to 56 modulo 64
426  if(context->size < 56)
427  {
428  paddingSize = 56 - context->size;
429  }
430  else
431  {
432  paddingSize = 64 + 56 - context->size;
433  }
434 
435  //Append padding
436  sha256Update(context, padding, paddingSize);
437 
438  //Append the length of the original message
439  context->w[14] = htobe32((uint32_t) (totalSize >> 32));
440  context->w[15] = htobe32((uint32_t) totalSize);
441 
442  //Calculate the message digest
443  hashProcessData(ICM_CFG_UALGO_SHA256_Val, context->buffer, 64, context->h);
444 
445  //Copy the resulting digest
446  if(digest != NULL)
447  {
448  osMemcpy(digest, context->digest, SHA256_DIGEST_SIZE);
449  }
450 }
451 
452 
453 /**
454  * @brief Finish the SHA-256 message digest (no padding added)
455  * @param[in] context Pointer to the SHA-256 context
456  * @param[out] digest Calculated digest
457  **/
458 
459 void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
460 {
461  //Copy the resulting digest
462  osMemcpy(digest, context->digest, SHA256_DIGEST_SIZE);
463 }
464 
465 #endif
466 #endif
Sha256Context
SHA-256 algorithm context.
Definition: sha256.h:62
sha1FinalRaw
void sha1FinalRaw(Sha1Context *context, uint8_t *digest)
Finish the SHA-1 message digest (no padding added)
Definition: pic32cx_bz_crypto_hash.c:291
data
uint8_t data[]
Definition: ethernet.h:222
Sha256Context::size
size_t size
Definition: sha256.h:73
sha256Update
void sha256Update(Sha256Context *context, const void *data, size_t length)
Update the SHA-256 context with a portion of the message being hashed.
Definition: pic32cx_bz_crypto_hash.c:357
Sha256Context::h
uint32_t h[8]
Definition: sha256.h:65
BETOH32
#define BETOH32(value)
Definition: cpu_endian.h:451
sha1Init
void sha1Init(Sha1Context *context)
Initialize SHA-1 message digest context.
Definition: pic32cx_bz_crypto_hash.c:166
pic32cx_bz_crypto_hash.h
PIC32CX BZ2 hash hardware accelerator.
Pic32cxbzIcmDesc
ICM region descriptor.
Definition: pic32cx_bz_crypto_hash.h:55
ICM_RCFG_ALGO
#define ICM_RCFG_ALGO
Definition: sam4c_crypto_hash.h:51
sha1Update
void sha1Update(Sha1Context *context, const void *data, size_t length)
Update the SHA-1 context with a portion of the message being hashed.
Definition: pic32cx_bz_crypto_hash.c:189
Sha1Context::totalSize
uint64_t totalSize
Definition: sha1.h:74
h
uint8_t h
Definition: ndp.h:302
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:141
Sha256Context::w
uint32_t w[16]
Definition: sha256.h:70
sha256Final
void sha256Final(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest.
Definition: pic32cx_bz_crypto_hash.c:417
Sha1Context::h
uint32_t h[5]
Definition: sha1.h:65
crypto.h
General definitions for cryptographic algorithms.
Pic32cxbzIcmDesc::rctrl
uint32_t rctrl
ICM region control.
Definition: pic32cx_bz_crypto_hash.h:58
Pic32cxbzIcmDesc::rnext
uint32_t rnext
ICM region next address.
Definition: pic32cx_bz_crypto_hash.h:59
hashProcessData
void hashProcessData(uint32_t algo, const uint8_t *data, size_t length, uint32_t *h)
Update hash value.
Definition: pic32cx_bz_crypto_hash.c:83
length
uint8_t length
Definition: tcp.h:368
Sha256Context::buffer
uint8_t buffer[64]
Definition: sha256.h:71
MIN
#define MIN(a, b)
Definition: os_port.h:63
Pic32cxbzIcmDesc::raddr
uint32_t raddr
ICM region start address.
Definition: pic32cx_bz_crypto_hash.h:56
hash_algorithms.h
Collection of hash algorithms.
htobe32
#define htobe32(value)
Definition: cpu_endian.h:446
pic32cx_bz_crypto.h
PIC32CX BZ2 hardware cryptographic accelerator.
Sha256Context::digest
uint8_t digest[32]
Definition: sha256.h:66
SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: sha1.h:45
sha256FinalRaw
void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest (no padding added)
Definition: pic32cx_bz_crypto_hash.c:459
n
uint8_t n
Definition: dhcpv6_common.h:416
osAcquireMutex
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
Definition: os_port_chibios.c:396
osReleaseMutex
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
Definition: os_port_chibios.c:408
Sha1Context::size
size_t size
Definition: sha1.h:73
Sha1Context::w
uint32_t w[16]
Definition: sha1.h:70
Pic32cxbzIcmDesc::rcfg
uint32_t rcfg
ICM region configuration.
Definition: pic32cx_bz_crypto_hash.h:57
Sha1Context
SHA-1 algorithm context.
Definition: sha1.h:62
Sha1Context::buffer
uint8_t buffer[64]
Definition: sha1.h:71
Sha256Context::totalSize
uint64_t totalSize
Definition: sha256.h:74
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: sha256.h:45
sha1Final
void sha1Final(Sha1Context *context, uint8_t *digest)
Finish the SHA-1 message digest.
Definition: pic32cx_bz_crypto_hash.c:249
Sha1Context::digest
uint8_t digest[20]
Definition: sha1.h:66
sha224Init
void sha224Init(Sha224Context *context)
Initialize SHA-224 message digest context.
Definition: pic32cx_bz_crypto_hash.c:305
__attribute__
__attribute__((naked))
AVR32 Ethernet MAC interrupt wrapper.
Definition: avr32_eth_driver.c:380
debug.h
Debugging facilities.
sha256Init
void sha256Init(Sha256Context *context)
Initialize SHA-256 message digest context.
Definition: pic32cx_bz_crypto_hash.c:331
pic32cxbzCryptoMutex
OsMutex pic32cxbzCryptoMutex
Definition: pic32cx_bz_crypto.c:45