s7g2_crypto_hash.c
Go to the documentation of this file.
1 /**
2  * @file s7g2_crypto_hash.c
3  * @brief Synergy S7G2 hash hardware accelerator
4  *
5  * @section License
6  *
7  * SPDX-License-Identifier: GPL-2.0-or-later
8  *
9  * Copyright (C) 2010-2025 Oryx Embedded SARL. All rights reserved.
10  *
11  * This file is part of CycloneCRYPTO Open.
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License
15  * as published by the Free Software Foundation; either version 2
16  * of the License, or (at your option) any later version.
17  *
18  * This program is distributed in the hope that it will be useful,
19  * but WITHOUT ANY WARRANTY; without even the implied warranty of
20  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21  * GNU General Public License for more details.
22  *
23  * You should have received a copy of the GNU General Public License
24  * along with this program; if not, write to the Free Software Foundation,
25  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
26  *
27  * @author Oryx Embedded SARL (www.oryx-embedded.com)
28  * @version 2.5.0
29  **/
30 
31 //Switch to the appropriate trace level
32 #define TRACE_LEVEL CRYPTO_TRACE_LEVEL
33 
34 //Dependencies
35 #include "hw_sce_hash_private.h"
36 #include "core/crypto.h"
37 #include "hardware/s7g2/s7g2_crypto.h"
38 #include "hardware/s7g2/s7g2_crypto_hash.h"
39 #include "hash/hash_algorithms.h"
40 #include "debug.h"
41 
42 //Check crypto library configuration
43 #if (S7G2_CRYPTO_HASH_SUPPORT == ENABLED)
44 
45 //Padding string
46 static const uint8_t padding[64] =
47 {
48  0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
49  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
50  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
51  0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
52 };
53 
54 
55 #if (MD5_SUPPORT == ENABLED)
56 
57 /**
58  * @brief Initialize MD5 message digest context
59  * @param[in] context Pointer to the MD5 context to initialize
60  **/
61 
62 void md5Init(Md5Context *context)
63 {
64  //Set initial hash value
65  context->h[0] = BETOH32(0x67452301);
66  context->h[1] = BETOH32(0xEFCDAB89);
67  context->h[2] = BETOH32(0x98BADCFE);
68  context->h[3] = BETOH32(0x10325476);
69 
70  //Number of bytes in the buffer
71  context->size = 0;
72  //Total length of the message
73  context->totalSize = 0;
74 }
75 
76 
77 /**
78  * @brief Update the MD5 context with a portion of the message being hashed
79  * @param[in] context Pointer to the MD5 context
80  * @param[in] data Pointer to the buffer being hashed
81  * @param[in] length Length of the buffer
82  **/
83 
84 void md5Update(Md5Context *context, const void *data, size_t length)
85 {
86  size_t n;
87 
88  //Acquire exclusive access to the SCE7 module
89  osAcquireMutex(&s7g2CryptoMutex);
90 
91  //Process the incoming data
92  while(length > 0)
93  {
94  //Check whether some data is pending in the buffer
95  if(context->size == 0 && length >= 64)
96  {
97  //The length must be a multiple of 64 bytes
98  n = length - (length % 64);
99 
100  //Update hash value
101  HW_SCE_MD5_MessageDigestGeneration(context->h, data, n / 4,
102  context->h);
103 
104  //Update the MD5 context
105  context->totalSize += n;
106  //Advance the data pointer
107  data = (uint8_t *) data + n;
108  //Remaining bytes to process
109  length -= n;
110  }
111  else
112  {
113  //The buffer can hold at most 64 bytes
114  n = MIN(length, 64 - context->size);
115 
116  //Copy the data to the buffer
117  osMemcpy(context->buffer + context->size, data, n);
118 
119  //Update the MD5 context
120  context->size += n;
121  context->totalSize += n;
122  //Advance the data pointer
123  data = (uint8_t *) data + n;
124  //Remaining bytes to process
125  length -= n;
126 
127  //Check whether the buffer is full
128  if(context->size == 64)
129  {
130  //Update hash value
131  HW_SCE_MD5_MessageDigestGeneration(context->h, context->x, 16,
132  context->h);
133 
134  //Empty the buffer
135  context->size = 0;
136  }
137  }
138  }
139 
140  //Release exclusive access to the SCE7 module
141  osReleaseMutex(&s7g2CryptoMutex);
142 }
143 
144 
145 /**
146  * @brief Finish the MD5 message digest
147  * @param[in] context Pointer to the MD5 context
148  * @param[out] digest Calculated digest
149  **/
150 
151 void md5Final(Md5Context *context, uint8_t *digest)
152 {
153  uint_t i;
154  size_t paddingSize;
155  uint64_t totalSize;
156 
157  //Length of the original message (before padding)
158  totalSize = context->totalSize * 8;
159 
160  //Pad the message so that its length is congruent to 56 modulo 64
161  if(context->size < 56)
162  {
163  paddingSize = 56 - context->size;
164  }
165  else
166  {
167  paddingSize = 64 + 56 - context->size;
168  }
169 
170  //Append padding
171  md5Update(context, padding, paddingSize);
172 
173  //Append the length of the original message
174  for(i = 0; i < 8; i++)
175  {
176  context->buffer[56 + i] = totalSize & 0xFF;
177  totalSize >>= 8;
178  }
179 
180  //Calculate the message digest
181  md5ProcessBlock(context);
182 
183  //Copy the resulting digest
184  for(i = 0; i < (MD5_DIGEST_SIZE / 4); i++)
185  {
186  STORE32BE(context->h[i], digest + i * 4);
187  }
188 }
189 
190 
191 /**
192  * @brief Finish the MD5 message digest (no padding added)
193  * @param[in] context Pointer to the MD5 context
194  * @param[out] digest Calculated digest
195  **/
196 
197 void md5FinalRaw(Md5Context *context, uint8_t *digest)
198 {
199  uint_t i;
200 
201  //Copy the resulting digest
202  for(i = 0; i < (MD5_DIGEST_SIZE / 4); i++)
203  {
204  STORE32BE(context->h[i], digest + i * 4);
205  }
206 }
207 
208 
209 /**
210  * @brief Process message in 16-word blocks
211  * @param[in] context Pointer to the MD5 context
212  **/
213 
214 void md5ProcessBlock(Md5Context *context)
215 {
216  //Acquire exclusive access to the SCE7 module
217  osAcquireMutex(&s7g2CryptoMutex);
218  //Accelerate MD5 inner compression loop
219  HW_SCE_MD5_MessageDigestGeneration(context->h, context->x, 16, context->h);
220  //Release exclusive access to the SCE7 module
221  osReleaseMutex(&s7g2CryptoMutex);
222 }
223 
224 #endif
225 #if (SHA1_SUPPORT == ENABLED)
226 
227 /**
228  * @brief Initialize SHA-1 message digest context
229  * @param[in] context Pointer to the SHA-1 context to initialize
230  **/
231 
232 void sha1Init(Sha1Context *context)
233 {
234  //Set initial hash value
235  context->h[0] = BETOH32(0x67452301);
236  context->h[1] = BETOH32(0xEFCDAB89);
237  context->h[2] = BETOH32(0x98BADCFE);
238  context->h[3] = BETOH32(0x10325476);
239  context->h[4] = BETOH32(0xC3D2E1F0);
240 
241  //Number of bytes in the buffer
242  context->size = 0;
243  //Total length of the message
244  context->totalSize = 0;
245 }
246 
247 
248 /**
249  * @brief Update the SHA-1 context with a portion of the message being hashed
250  * @param[in] context Pointer to the SHA-1 context
251  * @param[in] data Pointer to the buffer being hashed
252  * @param[in] length Length of the buffer
253  **/
254 
255 void sha1Update(Sha1Context *context, const void *data, size_t length)
256 {
257  size_t n;
258 
259  //Acquire exclusive access to the SCE7 module
260  osAcquireMutex(&s7g2CryptoMutex);
261 
262  //Process the incoming data
263  while(length > 0)
264  {
265  //Check whether some data is pending in the buffer
266  if(context->size == 0 && length >= 64)
267  {
268  //The length must be a multiple of 64 bytes
269  n = length - (length % 64);
270 
271  //Update hash value
272  HW_SCE_SHA1_UpdateHash(data, n / 4, context->h);
273 
274  //Update the SHA-1 context
275  context->totalSize += n;
276  //Advance the data pointer
277  data = (uint8_t *) data + n;
278  //Remaining bytes to process
279  length -= n;
280  }
281  else
282  {
283  //The buffer can hold at most 64 bytes
284  n = MIN(length, 64 - context->size);
285 
286  //Copy the data to the buffer
287  osMemcpy(context->buffer + context->size, data, n);
288 
289  //Update the SHA-1 context
290  context->size += n;
291  context->totalSize += n;
292  //Advance the data pointer
293  data = (uint8_t *) data + n;
294  //Remaining bytes to process
295  length -= n;
296 
297  //Check whether the buffer is full
298  if(context->size == 64)
299  {
300  //Update hash value
301  HW_SCE_SHA1_UpdateHash(context->w, 16, context->h);
302 
303  //Empty the buffer
304  context->size = 0;
305  }
306  }
307  }
308 
309  //Release exclusive access to the SCE7 module
310  osReleaseMutex(&s7g2CryptoMutex);
311 }
312 
313 
314 /**
315  * @brief Finish the SHA-1 message digest
316  * @param[in] context Pointer to the SHA-1 context
317  * @param[out] digest Calculated digest
318  **/
319 
320 void sha1Final(Sha1Context *context, uint8_t *digest)
321 {
322  uint_t i;
323  size_t paddingSize;
324  uint64_t totalSize;
325 
326  //Length of the original message (before padding)
327  totalSize = context->totalSize * 8;
328 
329  //Pad the message so that its length is congruent to 56 modulo 64
330  if(context->size < 56)
331  {
332  paddingSize = 56 - context->size;
333  }
334  else
335  {
336  paddingSize = 64 + 56 - context->size;
337  }
338 
339  //Append padding
340  sha1Update(context, padding, paddingSize);
341 
342  //Append the length of the original message
343  for(i = 0; i < 8; i++)
344  {
345  context->buffer[63 - i] = totalSize & 0xFF;
346  totalSize >>= 8;
347  }
348 
349  //Calculate the message digest
350  sha1ProcessBlock(context);
351 
352  //Copy the resulting digest
353  for(i = 0; i < (SHA1_DIGEST_SIZE / 4); i++)
354  {
355  STORE32LE(context->h[i], digest + i * 4);
356  }
357 }
358 
359 
360 /**
361  * @brief Finish the SHA-1 message digest (no padding added)
362  * @param[in] context Pointer to the SHA-1 context
363  * @param[out] digest Calculated digest
364  **/
365 
366 void sha1FinalRaw(Sha1Context *context, uint8_t *digest)
367 {
368  uint_t i;
369 
370  //Copy the resulting digest
371  for(i = 0; i < (SHA1_DIGEST_SIZE / 4); i++)
372  {
373  STORE32LE(context->h[i], digest + i * 4);
374  }
375 }
376 
377 
378 /**
379  * @brief Process message in 16-word blocks
380  * @param[in] context Pointer to the SHA-1 context
381  **/
382 
383 void sha1ProcessBlock(Sha1Context *context)
384 {
385  //Acquire exclusive access to the SCE7 module
386  osAcquireMutex(&s7g2CryptoMutex);
387  //Accelerate SHA-1 inner compression loop
388  HW_SCE_SHA1_UpdateHash(context->w, 16, context->h);
389  //Release exclusive access to the SCE7 module
390  osReleaseMutex(&s7g2CryptoMutex);
391 }
392 
393 #endif
394 #if (SHA224_SUPPORT == ENABLED)
395 
396 /**
397  * @brief Initialize SHA-224 message digest context
398  * @param[in] context Pointer to the SHA-224 context to initialize
399  **/
400 
401 void sha224Init(Sha224Context *context)
402 {
403  //Set initial hash value
404  context->h[0] = BETOH32(0xC1059ED8);
405  context->h[1] = BETOH32(0x367CD507);
406  context->h[2] = BETOH32(0x3070DD17);
407  context->h[3] = BETOH32(0xF70E5939);
408  context->h[4] = BETOH32(0xFFC00B31);
409  context->h[5] = BETOH32(0x68581511);
410  context->h[6] = BETOH32(0x64F98FA7);
411  context->h[7] = BETOH32(0xBEFA4FA4);
412 
413  //Number of bytes in the buffer
414  context->size = 0;
415  //Total length of the message
416  context->totalSize = 0;
417 }
418 
419 #endif
420 #if (SHA256_SUPPORT == ENABLED)
421 
422 /**
423  * @brief Initialize SHA-256 message digest context
424  * @param[in] context Pointer to the SHA-256 context to initialize
425  **/
426 
427 void sha256Init(Sha256Context *context)
428 {
429  //Set initial hash value
430  context->h[0] = BETOH32(0x6A09E667);
431  context->h[1] = BETOH32(0xBB67AE85);
432  context->h[2] = BETOH32(0x3C6EF372);
433  context->h[3] = BETOH32(0xA54FF53A);
434  context->h[4] = BETOH32(0x510E527F);
435  context->h[5] = BETOH32(0x9B05688C);
436  context->h[6] = BETOH32(0x1F83D9AB);
437  context->h[7] = BETOH32(0x5BE0CD19);
438 
439  //Number of bytes in the buffer
440  context->size = 0;
441  //Total length of the message
442  context->totalSize = 0;
443 }
444 
445 
446 /**
447  * @brief Update the SHA-256 context with a portion of the message being hashed
448  * @param[in] context Pointer to the SHA-256 context
449  * @param[in] data Pointer to the buffer being hashed
450  * @param[in] length Length of the buffer
451  **/
452 
453 void sha256Update(Sha256Context *context, const void *data, size_t length)
454 {
455  size_t n;
456 
457  //Acquire exclusive access to the SCE7 module
458  osAcquireMutex(&s7g2CryptoMutex);
459 
460  //Process the incoming data
461  while(length > 0)
462  {
463  //Check whether some data is pending in the buffer
464  if(context->size == 0 && length >= 64)
465  {
466  //The length must be a multiple of 64 bytes
467  n = length - (length % 64);
468 
469  //Update hash value
470  HW_SCE_SHA256_UpdateHash(data, n / 4, context->h);
471 
472  //Update the SHA-256 context
473  context->totalSize += n;
474  //Advance the data pointer
475  data = (uint8_t *) data + n;
476  //Remaining bytes to process
477  length -= n;
478  }
479  else
480  {
481  //The buffer can hold at most 64 bytes
482  n = MIN(length, 64 - context->size);
483 
484  //Copy the data to the buffer
485  osMemcpy(context->buffer + context->size, data, n);
486 
487  //Update the SHA-256 context
488  context->size += n;
489  context->totalSize += n;
490  //Advance the data pointer
491  data = (uint8_t *) data + n;
492  //Remaining bytes to process
493  length -= n;
494 
495  //Check whether the buffer is full
496  if(context->size == 64)
497  {
498  //Update hash value
499  HW_SCE_SHA256_UpdateHash(context->w, 16, context->h);
500 
501  //Empty the buffer
502  context->size = 0;
503  }
504  }
505  }
506 
507  //Release exclusive access to the SCE7 module
508  osReleaseMutex(&s7g2CryptoMutex);
509 }
510 
511 
512 /**
513  * @brief Finish the SHA-256 message digest
514  * @param[in] context Pointer to the SHA-256 context
515  * @param[out] digest Calculated digest
516  **/
517 
518 void sha256Final(Sha256Context *context, uint8_t *digest)
519 {
520  uint_t i;
521  size_t paddingSize;
522  uint64_t totalSize;
523 
524  //Length of the original message (before padding)
525  totalSize = context->totalSize * 8;
526 
527  //Pad the message so that its length is congruent to 56 modulo 64
528  if(context->size < 56)
529  {
530  paddingSize = 56 - context->size;
531  }
532  else
533  {
534  paddingSize = 64 + 56 - context->size;
535  }
536 
537  //Append padding
538  sha256Update(context, padding, paddingSize);
539 
540  //Append the length of the original message
541  for(i = 0; i < 8; i++)
542  {
543  context->buffer[63 - i] = totalSize & 0xFF;
544  totalSize >>= 8;
545  }
546 
547  //Calculate the message digest
548  sha256ProcessBlock(context);
549 
550  //Copy the resulting digest
551  for(i = 0; i < (SHA256_DIGEST_SIZE / 4); i++)
552  {
553  STORE32LE(context->h[i], digest + i * 4);
554  }
555 }
556 
557 
558 /**
559  * @brief Finish the SHA-256 message digest (no padding added)
560  * @param[in] context Pointer to the SHA-256 context
561  * @param[out] digest Calculated digest
562  **/
563 
564 void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
565 {
566  uint_t i;
567 
568  //Copy the resulting digest
569  for(i = 0; i < (SHA256_DIGEST_SIZE / 4); i++)
570  {
571  STORE32LE(context->h[i], digest + i * 4);
572  }
573 }
574 
575 
576 /**
577  * @brief Process message in 16-word blocks
578  * @param[in] context Pointer to the SHA-256 context
579  **/
580 
581 void sha256ProcessBlock(Sha256Context *context)
582 {
583  //Acquire exclusive access to the SCE7 module
584  osAcquireMutex(&s7g2CryptoMutex);
585  //Accelerate SHA-256 inner compression loop
586  HW_SCE_SHA256_UpdateHash(context->w, 16, context->h);
587  //Release exclusive access to the SCE7 module
588  osReleaseMutex(&s7g2CryptoMutex);
589 }
590 
591 #endif
592 #endif
sha1Init
void sha1Init(Sha1Context *context)
Initialize SHA-1 message digest context.
Definition: s7g2_crypto_hash.c:232
Sha256Context
SHA-256 algorithm context.
Definition: sha256.h:62
data
uint8_t data[]
Definition: ethernet.h:222
sha1Final
void sha1Final(Sha1Context *context, uint8_t *digest)
Finish the SHA-1 message digest.
Definition: s7g2_crypto_hash.c:320
STORE32LE
#define STORE32LE(a, p)
Definition: cpu_endian.h:279
Sha256Context::size
size_t size
Definition: sha256.h:69
Sha256Context::h
uint32_t h[8]
Definition: sha256.h:63
sha224Init
void sha224Init(Sha224Context *context)
Initialize SHA-224 message digest context.
Definition: s7g2_crypto_hash.c:401
BETOH32
#define BETOH32(value)
Definition: cpu_endian.h:451
sha1ProcessBlock
void sha1ProcessBlock(Sha1Context *context)
Process message in 16-word blocks.
Definition: s7g2_crypto_hash.c:383
Sha1Context::totalSize
uint64_t totalSize
Definition: sha1.h:70
Md5Context::x
uint32_t x[16]
Definition: md5.h:66
sha256ProcessBlock
void sha256ProcessBlock(Sha256Context *context)
Process message in 16-word blocks.
Definition: s7g2_crypto_hash.c:581
Md5Context::buffer
uint8_t buffer[64]
Definition: md5.h:67
osMemcpy
#define osMemcpy(dest, src, length)
Definition: os_port.h:144
Sha256Context::w
uint32_t w[16]
Definition: sha256.h:66
md5ProcessBlock
void md5ProcessBlock(Md5Context *context)
Process message in 16-word blocks.
Definition: s7g2_crypto_hash.c:214
sha256Final
void sha256Final(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest.
Definition: s7g2_crypto_hash.c:518
Sha1Context::h
uint32_t h[5]
Definition: sha1.h:63
crypto.h
General definitions for cryptographic algorithms.
sha256Update
void sha256Update(Sha256Context *context, const void *data, size_t length)
Update the SHA-256 context with a portion of the message being hashed.
Definition: s7g2_crypto_hash.c:453
Md5Context
MD5 algorithm context.
Definition: md5.h:62
md5Final
void md5Final(Md5Context *context, uint8_t *digest)
Finish the MD5 message digest.
Definition: s7g2_crypto_hash.c:151
length
uint8_t length
Definition: tcp.h:375
Sha256Context::buffer
uint8_t buffer[64]
Definition: sha256.h:67
MIN
#define MIN(a, b)
Definition: os_port.h:63
Md5Context::totalSize
uint64_t totalSize
Definition: md5.h:70
sha256Init
void sha256Init(Sha256Context *context)
Initialize SHA-256 message digest context.
Definition: s7g2_crypto_hash.c:427
MD5_DIGEST_SIZE
#define MD5_DIGEST_SIZE
Definition: md5.h:45
hash_algorithms.h
Collection of hash algorithms.
s7g2_crypto_hash.h
Synergy S7G2 hash hardware accelerator.
SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: sha1.h:45
md5FinalRaw
void md5FinalRaw(Md5Context *context, uint8_t *digest)
Finish the MD5 message digest (no padding added)
Definition: s7g2_crypto_hash.c:197
n
uint8_t n
Definition: dhcpv6_common.h:416
s7g2CryptoMutex
OsMutex s7g2CryptoMutex
Definition: s7g2_crypto.c:41
md5Update
void md5Update(Md5Context *context, const void *data, size_t length)
Update the MD5 context with a portion of the message being hashed.
Definition: s7g2_crypto_hash.c:84
osAcquireMutex
void osAcquireMutex(OsMutex *mutex)
Acquire ownership of the specified mutex object.
Definition: os_port_chibios.c:396
osReleaseMutex
void osReleaseMutex(OsMutex *mutex)
Release ownership of the specified mutex object.
Definition: os_port_chibios.c:408
sha1Update
void sha1Update(Sha1Context *context, const void *data, size_t length)
Update the SHA-1 context with a portion of the message being hashed.
Definition: s7g2_crypto_hash.c:255
Sha1Context::size
size_t size
Definition: sha1.h:69
Md5Context::size
size_t size
Definition: md5.h:69
Sha1Context::w
uint32_t w[16]
Definition: sha1.h:66
Sha1Context
SHA-1 algorithm context.
Definition: sha1.h:62
md5Init
void md5Init(Md5Context *context)
Initialize MD5 message digest context.
Definition: s7g2_crypto_hash.c:62
Sha1Context::buffer
uint8_t buffer[64]
Definition: sha1.h:67
Sha256Context::totalSize
uint64_t totalSize
Definition: sha256.h:70
s7g2_crypto.h
Synergy S7G2 hardware cryptographic accelerator (SCE7)
uint_t
unsigned int uint_t
Definition: compiler_port.h:57
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: sha256.h:45
sha256FinalRaw
void sha256FinalRaw(Sha256Context *context, uint8_t *digest)
Finish the SHA-256 message digest (no padding added)
Definition: s7g2_crypto_hash.c:564
STORE32BE
#define STORE32BE(a, p)
Definition: cpu_endian.h:286
Md5Context::h
uint32_t h[4]
Definition: md5.h:63
debug.h
Debugging facilities.
sha1FinalRaw
void sha1FinalRaw(Sha1Context *context, uint8_t *digest)
Finish the SHA-1 message digest (no padding added)
Definition: s7g2_crypto_hash.c:366