ra6_crypto_hash.c
Go to the documentation of this file.
1 /**
2  * @file ra6_crypto_hash.c
3  * @brief RA6 hash hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2024 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.4.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "hw_sce_hash_private.h"
36 #include "core/crypto.h"
37 #include "hardware/ra6/ra6_crypto.h"
38 #include "hardware/ra6/ra6_crypto_hash.h"
39 #include "hash/hash_algorithms.h"
40 #include "debug.h"
41 
42 //Check crypto library configuration
43 #if (RA6_CRYPTO_HASH_SUPPORT == ENABLED)
44 
45 //Padding string
46 static const uint8_t padding[64] =
47 {
48  0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
50  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
51  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
52 };
53 
54 
55 #if (SHA224_SUPPORT == ENABLED)
56 
57 /**
58  * @brief Initialize SHA-224 message digest context
59  * @param[in] context Pointer to the SHA-224 context to initialize
60  **/
61 
62 void sha224Init(Sha224Context *context)
63 {
64  //Set initial hash value
65  context->h[0] = BETOH32(0xC1059ED8);
66  context->h[1] = BETOH32(0x367CD507);
67  context->h[2] = BETOH32(0x3070DD17);
68  context->h[3] = BETOH32(0xF70E5939);
69  context->h[4] = BETOH32(0xFFC00B31);
70  context->h[5] = BETOH32(0x68581511);
71  context->h[6] = BETOH32(0x64F98FA7);
72  context->h[7] = BETOH32(0xBEFA4FA4);
73 
74  //Number of bytes in the buffer
75  context->size = 0;
76  //Total length of the message
77  context->totalSize = 0;
78 }
79 
80 #endif
81 #if (SHA256_SUPPORT == ENABLED)
82 
83 /**
84  * @brief Initialize SHA-256 message digest context
85  * @param[in] context Pointer to the SHA-256 context to initialize
86  **/
87 
88 void sha256Init(Sha256Context *context)
89 {
90  //Set initial hash value
91  context->h[0] = BETOH32(0x6A09E667);
92  context->h[1] = BETOH32(0xBB67AE85);
93  context->h[2] = BETOH32(0x3C6EF372);
94  context->h[3] = BETOH32(0xA54FF53A);
95  context->h[4] = BETOH32(0x510E527F);
96  context->h[5] = BETOH32(0x9B05688C);
97  context->h[6] = BETOH32(0x1F83D9AB);
98  context->h[7] = BETOH32(0x5BE0CD19);
99 
100  //Number of bytes in the buffer
101  context->size = 0;
102  //Total length of the message
103  context->totalSize = 0;
104 }
105 
106 
107 /**
108  * @brief Update the SHA-256 context with a portion of the message being hashed
109  * @param[in] context Pointer to the SHA-256 context
110  * @param[in] data Pointer to the buffer being hashed
111  * @param[in] length Length of the buffer
112  **/
113 
114 void sha256Update(Sha256Context *context, const void *data, size_t length)
115 {
116  size_t n;
117 
118  //Acquire exclusive access to the SCE module
119  osAcquireMutex(&ra6CryptoMutex);
120 
121  //Process the incoming data
122  while(length > 0)
123  {
124  //Check whether some data is pending in the buffer
125  if(context->size == 0 && length >= 64)
126  {
127  //The length must be a multiple of 64 bytes
128  n = length - (length % 64);
129 
130  //Update hash value
131  HW_SCE_Sha224256GenerateMessageDigestSub(context->h, data, n / 4,
132  context->h);
133 
134  //Update the SHA-256 context
135  context->totalSize += n;
136  //Advance the data pointer
137  data = (uint8_t *) data + n;
138  //Remaining bytes to process
139  length -= n;
140  }
141  else
142  {
143  //The buffer can hold at most 64 bytes
144  n = MIN(length, 64 - context->size);
145 
146  //Copy the data to the buffer
147  osMemcpy(context->buffer + context->size, data, n);
148 
149  //Update the SHA-256 context
150  context->size += n;
151  context->totalSize += n;
152  //Advance the data pointer
153  data = (uint8_t *) data + n;
154  //Remaining bytes to process
155  length -= n;
156 
157  //Check whether the buffer is full
158  if(context->size == 64)
159  {
160  //Update hash value
161  HW_SCE_Sha224256GenerateMessageDigestSub(context->h, context->w, 16,
162  context->h);
163 
164  //Empty the buffer
165  context->size = 0;
166  }
167  }
168  }
169 
170  //Release exclusive access to the SCE module
171  osReleaseMutex(&ra6CryptoMutex);
172 }
173 
174 
175 /**
176  * @brief Finish the SHA-256 message digest
177  * @param[in] context Pointer to the SHA-256 context
178  * @param[out] digest Calculated digest (optional parameter)
179  **/
180 
181 void sha256Final(Sha256Context *context, uint8_t *digest)
182 {
183  size_t paddingSize;
184  uint64_t totalSize;
185 
186  //Length of the original message (before padding)
187  totalSize = context->totalSize * 8;
188 
189  //Pad the message so that its length is congruent to 56 modulo 64
190  if(context->size < 56)
191  {
192  paddingSize = 56 - context->size;
193  }
194  else
195  {
196  paddingSize = 64 + 56 - context->size;
197  }
198 
199  //Append padding
200  sha256Update(context, padding, paddingSize);
201 
202  //Append the length of the original message
203  context->w[14] = htobe32((uint32_t) (totalSize >> 32));
204  context->w[15] = htobe32((uint32_t) totalSize);
205 
206  //Calculate the message digest
207  sha256ProcessBlock(context);
208 
209  //Copy the resulting digest
210  if(digest != NULL)
211  {
212  osMemcpy(digest, context->digest, SHA256_DIGEST_SIZE);
213  }
214 }
215 
216 
217 /**
218  * @brief Finish the SHA-256 message digest (no padding added)
219  * @param[in] context Pointer to the SHA-256 context
220  * @param[out] digest Calculated digest
221  **/
222 
223 void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
224 {
225  //Copy the resulting digest
226  osMemcpy(digest, context->digest, SHA256_DIGEST_SIZE);
227 }
228 
229 
230 /**
231  * @brief Process message in 16-word blocks
232  * @param[in] context Pointer to the SHA-256 context
233  **/
234 
235 void sha256ProcessBlock(Sha256Context *context)
236 {
237  //Acquire exclusive access to the SCE module
238  osAcquireMutex(&ra6CryptoMutex);
239 
240  //Accelerate SHA-256 inner compression loop
241  HW_SCE_Sha224256GenerateMessageDigestSub(context->h, context->w, 16,
242  context->h);
243 
244  //Release exclusive access to the SCE module
245  osReleaseMutex(&ra6CryptoMutex);
246 }
247 
248 #endif
249 #endif
BETOH32
#define BETOH32(value)
Definition: cpu_endian.h:451
htobe32
#define htobe32(value)
Definition: cpu_endian.h:446
crypto.h
General definitions for cryptographic algorithms.
debug.h
Debugging facilities.
n
uint8_t n
Definition: dhcpv6_common.h:416
data
uint8_t data[]
Definition: ethernet.h:222
hash_algorithms.h
Collection of hash algorithms.
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:141
MIN
#define MIN(a, b)
Definition: os_port.h:63
osAcquireMutex
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
Definition: os_port_chibios.c:388
osReleaseMutex
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
Definition: os_port_chibios.c:400
ra6CryptoMutex
OsMutex ra6CryptoMutex
Definition: ra6_crypto.c:41
ra6_crypto.h
RA6 hardware cryptographic accelerator (SCE7 / SCE9)
sha224Init
void sha224Init(Sha224Context *context)
Initialize SHA-224 message digest context.
Definition: ra6_crypto_hash.c:62
sha256FinalRaw
void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest (no padding added)
Definition: ra6_crypto_hash.c:223
sha256Update
void sha256Update(Sha256Context *context, const void *data, size_t length)
Update the SHA-256 context with a portion of the message being hashed.
Definition: ra6_crypto_hash.c:114
sha256ProcessBlock
void sha256ProcessBlock(Sha256Context *context)
Process message in 16-word blocks.
Definition: ra6_crypto_hash.c:235
sha256Final
void sha256Final(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest.
Definition: ra6_crypto_hash.c:181
sha256Init
void sha256Init(Sha256Context *context)
Initialize SHA-256 message digest context.
Definition: ra6_crypto_hash.c:88
ra6_crypto_hash.h
RA6 hash hardware accelerator.
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: sha256.h:45
Sha256Context
SHA-256 algorithm context.
Definition: sha256.h:62
Sha256Context::digest
uint8_t digest[32]
Definition: sha256.h:66
Sha256Context::totalSize
uint64_t totalSize
Definition: sha256.h:74
Sha256Context::size
size_t size
Definition: sha256.h:73
Sha256Context::buffer
uint8_t buffer[64]
Definition: sha256.h:71
Sha256Context::h
uint32_t h[8]
Definition: sha256.h:65
Sha256Context::w
uint32_t w[16]
Definition: sha256.h:70
length
uint8_t length
Definition: tcp.h:368