blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-09 09:09:10 -04:00
Code Issues Projects Releases Wiki Activity

feat(mbedtls): Support both SHA block and DMA modes during runtime

Browse Source 
Dynamically switch the SHA operation modes based on the buffer operating length
This commit is contained in:
harshal.patil 2025-01-24 16:26:47 +05:30
parent 2e708d1a7d
commit 7d8211bf87
No known key found for this signature in database
GPG Key ID: 67334E837530B75C
28 changed files with 458 additions and 1271 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/esp-tls/test_apps/main/app_main.c
View File

@ -12,10 +12,8 @@
#include "soc/soc_caps.h"
#if SOC_SHA_SUPPORT_PARALLEL_ENG
#include "sha/sha_parallel_engine.h"
#elif SOC_SHA_SUPPORT_DMA
#include "sha/sha_dma.h"
#else
#include "sha/sha_block.h"
#include "sha/sha_core.h"
#endif
#include "esp_newlib.h"

1
components/esp_tee/scripts/esp32c6/secure_service.tbl
View File

@ -35,6 +35,7 @@
128 IDF esp_sha_dma 6
129 IDF esp_sha_read_digest_state 2
130 IDF esp_sha_write_digest_state 2
131 IDF esp_sha_block 3
# ID: 168-183 (16) - eFuse
168 IDF esp_efuse_check_secure_version 1
169 IDF esp_efuse_read_field_blob 3

7
components/esp_tee/src/esp_secure_service_wrapper.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -211,6 +211,11 @@ int __wrap_esp_sha_dma(esp_sha_type sha_type, const void *input, uint32_t ilen,
return esp_tee_service_call(7, SS_ESP_SHA_DMA, sha_type, input, ilen, buf, buf_len, is_first_block);
}
int __wrap_esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
{
return esp_tee_service_call(4, SS_ESP_SHA_BLOCK, sha_type, data_block, is_first_block);
}
void __wrap_esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
{
esp_tee_service_call(3, SS_ESP_SHA_READ_DIGEST_STATE, sha_type, digest_state);

2
components/esp_tee/subproject/main/CMakeLists.txt
View File

@ -66,7 +66,7 @@ list(APPEND include "${mbedtls_dir}/port/include"
"${mbedtls_dir}/port/aes/include"
"${mbedtls_dir}/port/aes/dma/include")
# SHA
list(APPEND include "${mbedtls_dir}/port/sha/dma/include")
list(APPEND include "${mbedtls_dir}/port/sha/core/include")
# esp_app_desc_t configuration structure for TEE
list(APPEND srcs "common/esp_app_desc_tee.c")

7
components/esp_tee/subproject/main/core/esp_secure_services.c
View File

@ -21,7 +21,7 @@
#include "soc/soc_caps.h"
#include "aes/esp_aes.h"
#include "sha/sha_dma.h"
#include "sha/sha_core.h"
#include "esp_tee.h"
#include "esp_tee_memory_utils.h"
@ -314,6 +314,11 @@ void _ss_esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state)
sha_hal_write_digest(sha_type, digest_state);
}
void _ss_esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
{
esp_sha_block(sha_type, data_block, is_first_block);
}
/* ---------------------------------------------- OTA ------------------------------------------------- */
int _ss_esp_tee_ota_begin(void)

8
components/hal/test_apps/crypto/main/CMakeLists.txt
View File

@ -60,13 +60,13 @@ if(CONFIG_SOC_SHA_SUPPORTED)
if(CONFIG_SOC_SHA_SUPPORT_DMA)
list(APPEND srcs "sha/sha_dma.c"
"$ENV{IDF_PATH}/components/mbedtls/port/sha/dma/sha.c")
list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/sha/dma/include")
"$ENV{IDF_PATH}/components/mbedtls/port/sha/core/sha.c")
list(APPEND priv_include_dirs "$ENV{IDF_PATH}/components/mbedtls/port/sha/core/include")
if(NOT CONFIG_SOC_SHA_GDMA)
list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/sha/dma/esp_sha_crypto_dma_impl.c")
list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/sha/core/esp_sha_crypto_dma_impl.c")
else()
list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/sha/dma/esp_sha_gdma_impl.c"
list(APPEND srcs "$ENV{IDF_PATH}/components/mbedtls/port/sha/core/esp_sha_gdma_impl.c"
"$ENV{IDF_PATH}/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c")
endif()
endif()

2
components/hal/test_apps/crypto/main/sha/sha_dma.c
View File

@ -17,7 +17,7 @@
#if SOC_SHA_SUPPORTED
#if SOC_SHA_SUPPORT_DMA
#include "sha/sha_dma.h"
#include "sha/sha_core.h"
#include "sha_dma.h"
#if defined(SOC_SHA_SUPPORT_SHA1)

22
components/mbedtls/CMakeLists.txt
View File

@ -191,12 +191,10 @@ endif()
# Choose peripheral type
if(CONFIG_SOC_SHA_SUPPORTED)
if(CONFIG_SOC_SHA_SUPPORT_DMA)
set(SHA_PERIPHERAL_TYPE "dma")
elseif(CONFIG_SOC_SHA_SUPPORT_PARALLEL_ENG)
if(CONFIG_SOC_SHA_SUPPORT_PARALLEL_ENG)
set(SHA_PERIPHERAL_TYPE "parallel_engine")
else()
set(SHA_PERIPHERAL_TYPE "block")
set(SHA_PERIPHERAL_TYPE "core")
endif()
endif()
@ -208,15 +206,15 @@ if(CONFIG_SOC_AES_SUPPORTED)
endif()
endif()
if(SHA_PERIPHERAL_TYPE STREQUAL "dma")
target_include_directories(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/dma/include")
if(SHA_PERIPHERAL_TYPE STREQUAL "core")
target_include_directories(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/core/include")
if(NOT CONFIG_SOC_SHA_GDMA)
set(SHA_DMA_SRCS "${COMPONENT_DIR}/port/sha/dma/esp_sha_crypto_dma_impl.c")
else()
set(SHA_DMA_SRCS "${COMPONENT_DIR}/port/sha/dma/esp_sha_gdma_impl.c")
if(CONFIG_SOC_SHA_GDMA)
set(SHA_CORE_SRCS "${COMPONENT_DIR}/port/sha/core/esp_sha_gdma_impl.c")
elseif(CONFIG_SOC_SHA_CRYPTO_DMA)
set(SHA_CORE_SRCS "${COMPONENT_DIR}/port/sha/core/esp_sha_crypto_dma_impl.c")
endif()
target_sources(mbedcrypto PRIVATE "${SHA_DMA_SRCS}")
target_sources(mbedcrypto PRIVATE "${SHA_CORE_SRCS}")
endif()
if(AES_PERIPHERAL_TYPE STREQUAL "dma")
@ -232,7 +230,7 @@ if(AES_PERIPHERAL_TYPE STREQUAL "dma")
target_sources(mbedcrypto PRIVATE "${AES_DMA_SRCS}")
endif()
if(SHA_PERIPHERAL_TYPE STREQUAL "dma" OR AES_PERIPHERAL_TYPE STREQUAL "dma")
if((SHA_PERIPHERAL_TYPE STREQUAL "core" AND CONFIG_SOC_SHA_SUPPORT_DMA) OR AES_PERIPHERAL_TYPE STREQUAL "dma")
target_link_libraries(mbedcrypto PRIVATE idf::esp_mm)
if(CONFIG_SOC_SHA_GDMA OR CONFIG_SOC_AES_GDMA)
if(CONFIG_SOC_AXI_DMA_EXT_MEM_ENC_ALIGNMENT)

10
components/mbedtls/esp_tee/esp_tee_mbedtls.cmake
View File

@ -15,13 +15,13 @@ list(APPEND srcs "${hal_dir}/aes_hal.c"
list(APPEND include_dirs "${COMPONENT_DIR}/port/aes/include"
"${COMPONENT_DIR}/port/aes/dma/include"
"${COMPONENT_DIR}/port/sha/dma/include")
"${COMPONENT_DIR}/port/sha/core/include")
list(APPEND srcs "${COMPONENT_DIR}/port/aes/esp_aes_common.c"
"${COMPONENT_DIR}/port/aes/dma/esp_aes.c"
"${COMPONENT_DIR}/port/aes/dma/esp_aes_dma_core.c")
list(APPEND srcs "${COMPONENT_DIR}/port/sha/dma/sha.c"
list(APPEND srcs "${COMPONENT_DIR}/port/sha/core/sha.c"
"${COMPONENT_DIR}/port/sha/esp_sha.c")
# Supporting headers
@ -54,8 +54,8 @@ endforeach()
target_link_libraries(${COMPONENT_LIB} INTERFACE ${mbedtls_targets})
if(CONFIG_MBEDTLS_HARDWARE_SHA)
target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/dma/esp_sha1.c"
"${COMPONENT_DIR}/port/sha/dma/esp_sha256.c"
"${COMPONENT_DIR}/port/sha/dma/esp_sha512.c"
target_sources(mbedcrypto PRIVATE "${COMPONENT_DIR}/port/sha/core/esp_sha1.c"
"${COMPONENT_DIR}/port/sha/core/esp_sha256.c"
"${COMPONENT_DIR}/port/sha/core/esp_sha512.c"
)
endif()

22
components/mbedtls/port/include/esp32s2/sha.h
View File

@ -1,19 +1,11 @@
// Copyright 2019-2020 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
/*
* SPDX-FileCopyrightText: 2019-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include "sha/sha_dma.h"
#include "sha/sha_core.h"
#warning esp32s2/sha.h is deprecated, please use sha/sha_dma.h instead
#warning esp32s2/sha.h is deprecated, please use sha/sha_core.h instead

122
components/mbedtls/port/include/sha/sha_block.h
View File

@ -6,124 +6,4 @@
#pragma once
#include <stddef.h>
#include "hal/sha_types.h"
/** @brief Low-level support functions for the hardware SHA engine
*
* @note If you're looking for a SHA API to use, try mbedtls component
* mbedtls/shaXX.h. That API supports hardware acceleration.
*
* The API in this header provides some building blocks for implementing a
* full SHA API such as the one in mbedtls, and also a basic SHA function esp_sha().
*
*/
#ifdef __cplusplus
extern "C" {
#endif
/** @brief Calculate SHA1 or SHA2 sum of some data, using hardware SHA engine
*
* @note For more versatile SHA calculations, where data doesn't need
* to be passed all at once, try the mbedTLS mbedtls/shaX.h APIs.
*
* @note It is not necessary to lock any SHA hardware before calling
* this function, thread safety is managed internally.
*
* @param sha_type SHA algorithm to use.
*
* @param input Input data buffer.
*
* @param ilen Length of input data in bytes.
*
* @param output Buffer for output SHA digest. Output is 20 bytes for
* sha_type SHA1, 28 bytes for sha_type SHA2_224, 32 bytes for
* sha_type SHA2_256, 48 bytes for sha_type SHA2_384, 64 bytes for
* sha_type SHA2_512.
*/
void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output);
/** @brief Execute SHA block operation
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_acquire_hardware() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
*
* @param data_block Pointer to the input data. Block size is
* determined by algorithm (SHA1/SHA2_256 = 64 bytes,
* SHA2_384/SHA2_512 = 128 bytes)
*
* @param is_first_block If this parameter is true, the SHA state will
* be initialised (with the initial state of the given SHA algorithm)
* before the block is calculated. If false, the existing state of the
* SHA engine will be used.
*
*/
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block);
/**
* @brief Read out the current state of the SHA digest
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* If the SHA suffix padding block has been executed already, the
* value that is read is the SHA digest.
* Otherwise, the value that is read is an interim SHA state.
*
* @param sha_type SHA algorithm in use.
* @param digest_state Pointer to a memory buffer to hold the SHA state. Size
* is 20 bytes (SHA1), 32 bytes (SHA2_256), or 64 bytes (SHA2_384, SHA2_512).
*/
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Set the current state of the SHA digest
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* @param sha_type SHA algorithm in use.
* @param digest_state Digest state to write to hardware
*/
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Enables the SHA peripheral and takes the lock.
*/
void esp_sha_acquire_hardware(void);
/**
* @brief Disables the SHA peripheral and releases the lock.
*/
void esp_sha_release_hardware(void);
/**
* @brief Sets the initial hash value for SHA512/t.
*
* @note Is generated according to the algorithm described in the TRM,
* chapter SHA-Accelerator
*
* @note The engine must be locked until the value is used for an operation
* or read out. Else you risk another operation overwriting it.
*
* @param t
*
* @return 0 if successful
*/
int esp_sha_512_t_init_hash(uint16_t t);
#ifdef __cplusplus
}
#endif
#include "sha/sha_core.h"

178
components/mbedtls/port/include/sha/sha_core.h Normal file
View File

@ -0,0 +1,178 @@
/*
* SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include <stddef.h>
#include "hal/sha_types.h"
#include "soc/soc_caps.h"
/** @brief Low-level support functions for the hardware SHA engine using DMA
*
* @note If you're looking for a SHA API to use, try mbedtls component
* mbedtls/shaXX.h. That API supports hardware acceleration.
*
* The API in this header provides some building blocks for implementing a
* full SHA API such as the one in mbedtls, and also a basic SHA function esp_sha().
*
* Some technical details about the hardware SHA engine:
*
* - The crypto DMA is shared between the SHA and AES engine, it is not
* possible for them to run calcalutions in parallel.
*
*/
#ifdef __cplusplus
extern "C" {
#endif
/** @brief Calculate SHA1 or SHA2 sum of some data, using hardware SHA engine
*
* @note For more versatile SHA calculations, where data doesn't need
* to be passed all at once, try the mbedTLS mbedtls/shaX.h APIs.
*
* @note It is not necessary to lock any SHA hardware before calling
* this function, thread safety is managed internally.
*
* @param sha_type SHA algorithm to use.
*
* @param input Input data buffer.
*
* @param ilen Length of input data in bytes.
*
* @param output Buffer for output SHA digest. Output is 20 bytes for
* sha_type SHA1, 28 bytes for sha_type SHA2_224, 32 bytes for
* sha_type SHA2_256, 48 bytes for sha_type SHA2_384, 64 bytes for
* sha_type SHA2_512.
*/
void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output);
/** @brief Execute SHA block operation
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_acquire_hardware() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
*
* @param data_block Pointer to the input data. Block size is
* determined by algorithm (SHA1/SHA2_256 = 64 bytes,
* SHA2_384/SHA2_512 = 128 bytes)
*
* @param is_first_block If this parameter is true, the SHA state will
* be initialised (with the initial state of the given SHA algorithm)
* before the block is calculated. If false, the existing state of the
* SHA engine will be used.
*
*/
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block);
#if SOC_SHA_SUPPORT_DMA
/** @brief Execute SHA block operation using DMA
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
*
* @param input Pointer to the input data. Block size is
* determined by algorithm (SHA1/SHA2_256 = 64 bytes,
* SHA2_384/SHA2_512 = 128 bytes)
*
* @param ilen length of input data should be multiple of block length.
*
* @param buf Pointer to blocks of data that will be prepended
* to data_block before hashing. Useful when there is two sources of
* data that need to be efficiently calculated in a single SHA DMA
* operation.
*
* @param buf_len length of buf data should be multiple of block length.
* Should not be longer than the maximum amount of bytes in a single block
* (128 bytes)
*
* @param is_first_block If this parameter is true, the SHA state will
* be initialised (with the initial state of the given SHA algorithm)
* before the block is calculated. If false, the existing state of the
* SHA engine will be used.
*
* @param t The number of bits for the SHA512/t hash function, with
* output truncated to t bits. Used for calculating the initial hash.
* t is any positive integer between 1 and 512, except 384.
*
* @return 0 if successful
*/
int esp_sha_dma(esp_sha_type sha_type, const void *input, uint32_t ilen,
const void *buf, uint32_t buf_len, bool is_first_block);
#endif /* SOC_SHA_SUPPORT_DMA */
/**
* @brief Read out the current state of the SHA digest
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* If the SHA suffix padding block has been executed already, the
* value that is read is the SHA digest.
* Otherwise, the value that is read is an interim SHA state.
*
* @param sha_type SHA algorithm in use.
* @param digest_state Pointer to a memory buffer to hold the SHA state. Size
* is 20 bytes (SHA1), 32 bytes (SHA2_256), or 64 bytes (SHA2_384, SHA2_512).
*/
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Set the current state of the SHA digest
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* When resuming a
*
* @param sha_type SHA algorithm in use.
* @param digest_state
*/
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Enables the SHA and crypto DMA peripheral and takes the
* locks for both of them.
*/
void esp_sha_acquire_hardware(void);
/**
* @brief Disables the SHA and crypto DMA peripheral and releases the
* locks.
*/
void esp_sha_release_hardware(void);
/**
* @brief Sets the initial hash value for SHA512/t.
*
* @note Is generated according to the algorithm described in the TRM,
* chapter SHA-Accelerator
*
* @note The engine must be locked until the value is used for an operation
* or read out. Else you risk another operation overwriting it.
*
* @param t
*
* @return 0 if successful
*/
int esp_sha_512_t_init_hash(uint16_t t);
#ifdef __cplusplus
}
#endif

145
components/mbedtls/port/include/sha/sha_dma.h
View File

@ -6,147 +6,4 @@
#pragma once
#include "hal/sha_types.h"
/** @brief Low-level support functions for the hardware SHA engine using DMA
*
* @note If you're looking for a SHA API to use, try mbedtls component
* mbedtls/shaXX.h. That API supports hardware acceleration.
*
* The API in this header provides some building blocks for implementing a
* full SHA API such as the one in mbedtls, and also a basic SHA function esp_sha().
*
* Some technical details about the hardware SHA engine:
*
* - The crypto DMA is shared between the SHA and AES engine, it is not
* possible for them to run calcalutions in parallel.
*
*/
#ifdef __cplusplus
extern "C" {
#endif
/** @brief Calculate SHA1 or SHA2 sum of some data, using hardware SHA engine
*
* @note For more versatile SHA calculations, where data doesn't need
* to be passed all at once, try the mbedTLS mbedtls/shaX.h APIs.
*
* @note It is not necessary to lock any SHA hardware before calling
* this function, thread safety is managed internally.
*
* @param sha_type SHA algorithm to use.
*
* @param input Input data buffer.
*
* @param ilen Length of input data in bytes.
*
* @param output Buffer for output SHA digest. Output is 20 bytes for
* sha_type SHA1, 28 bytes for sha_type SHA2_224, 32 bytes for
* sha_type SHA2_256, 48 bytes for sha_type SHA2_384, 64 bytes for
* sha_type SHA2_512.
*/
void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output);
/** @brief Execute SHA block operation using DMA
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
*
* @param input Pointer to the input data. Block size is
* determined by algorithm (SHA1/SHA2_256 = 64 bytes,
* SHA2_384/SHA2_512 = 128 bytes)
*
* @param ilen length of input data should be multiple of block length.
*
* @param buf Pointer to blocks of data that will be prepended
* to data_block before hashing. Useful when there is two sources of
* data that need to be efficiently calculated in a single SHA DMA
* operation.
*
* @param buf_len length of buf data should be multiple of block length.
* Should not be longer than the maximum amount of bytes in a single block
* (128 bytes)
*
* @param is_first_block If this parameter is true, the SHA state will
* be initialised (with the initial state of the given SHA algorithm)
* before the block is calculated. If false, the existing state of the
* SHA engine will be used.
*
* @param t The number of bits for the SHA512/t hash function, with
* output truncated to t bits. Used for calculating the initial hash.
* t is any positive integer between 1 and 512, except 384.
*
* @return 0 if successful
*/
int esp_sha_dma(esp_sha_type sha_type, const void *input, uint32_t ilen,
const void *buf, uint32_t buf_len, bool is_first_block);
/**
* @brief Read out the current state of the SHA digest
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* If the SHA suffix padding block has been executed already, the
* value that is read is the SHA digest.
* Otherwise, the value that is read is an interim SHA state.
*
* @param sha_type SHA algorithm in use.
* @param digest_state Pointer to a memory buffer to hold the SHA state. Size
* is 20 bytes (SHA1), 32 bytes (SHA2_256), or 64 bytes (SHA2_384, SHA2_512).
*/
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Set the current state of the SHA digest
*
* @note Call esp_sha_aquire_hardware() before calling this
* function.
*
* When resuming a
*
* @param sha_type SHA algorithm in use.
* @param digest_state
*/
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Enables the SHA and crypto DMA peripheral and takes the
* locks for both of them.
*/
void esp_sha_acquire_hardware(void);
/**
* @brief Disables the SHA and crypto DMA peripheral and releases the
* locks.
*/
void esp_sha_release_hardware(void);
/**
* @brief Sets the initial hash value for SHA512/t.
*
* @note Is generated according to the algorithm described in the TRM,
* chapter SHA-Accelerator
*
* @note The engine must be locked until the value is used for an operation
* or read out. Else you risk another operation overwriting it.
*
* @param t
*
* @return 0 if successful
*/
int esp_sha_512_t_init_hash(uint16_t t);
#ifdef __cplusplus
}
#endif
#include "sha/sha_core.h"

220
components/mbedtls/port/sha/block/esp_sha1.c
View File

@ -1,220 +0,0 @@
/*
* SHA-1 implementation with hardware ESP support added.
*
* SPDX-FileCopyrightText: The Mbed TLS Contributors
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2023 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-1 standard was published by NIST in 1993.
*
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
#include <mbedtls/build_info.h>
#if defined(MBEDTLS_SHA1_C) && defined(MBEDTLS_SHA1_ALT)
#include "mbedtls/sha1.h"
#include <string.h>
#include <assert.h>
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_block.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
{
volatile unsigned char *p = (unsigned char *)v;
while ( n-- ) {
*p++ = 0;
}
}
/*
* 32-bit integer manipulation macros (big endian)
*/
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n,b,i) \
{ \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
}
#endif
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
assert(ctx != NULL);
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
{
if ( ctx == NULL ) {
return;
}
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
}
void mbedtls_sha1_clone( mbedtls_sha1_context *dst,
const mbedtls_sha1_context *src )
{
memcpy(dst, src, sizeof(mbedtls_sha1_context));
}
/*
* SHA-1 context setup
*/
int mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
ctx->mode = SHA1;
return 0;
}
static void esp_internal_sha_update_state(mbedtls_sha1_context *ctx)
{
if (ctx->sha_state == ESP_SHA1_STATE_INIT) {
ctx->first_block = true;
ctx->sha_state = ESP_SHA1_STATE_IN_PROCESS;
} else if (ctx->sha_state == ESP_SHA1_STATE_IN_PROCESS) {
ctx->first_block = false;
esp_sha_write_digest_state(ctx->mode, ctx->state);
}
}
static void esp_internal_sha1_block_process(mbedtls_sha1_context *ctx, const uint8_t *data)
{
esp_sha_block(SHA1, data, ctx->first_block);
if (ctx->first_block) {
ctx->first_block = false;
}
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
{
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
esp_sha_block(ctx->mode, data, ctx->first_block);
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return 0;
}
int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
uint32_t left, local_len = 0;
if ( !ilen || (input == NULL)) {
return 0;
}
left = ctx->total[0] & 0x3F;
fill = 64 - left;
ctx->total[0] += (uint32_t) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if ( ctx->total[0] < (uint32_t) ilen ) {
ctx->total[1]++;
}
if ( left && ilen >= fill ) {
memcpy( (void *) (ctx->buffer + left), input, fill );
input += fill;
ilen -= fill;
left = 0;
local_len = 64;
}
if ( (ilen >= 64) || local_len) {
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha1_block_process(ctx, ctx->buffer);
}
while ( ilen >= 64 ) {
esp_internal_sha1_block_process(ctx, input);
input += 64;
ilen -= 64;
}
esp_sha_read_digest_state(SHA1, ctx->state);
esp_sha_release_hardware();
}
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input, ilen);
}
return 0;
}
static const unsigned char sha1_padding[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
/*
* SHA-1 final digest
*/
int mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
{
int ret = -1;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
PUT_UINT32_BE( high, msglen, 0 );
PUT_UINT32_BE( low, msglen, 4 );
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
if ( ( ret = mbedtls_sha1_update( ctx, sha1_padding, padn ) ) != 0 ) {
return ret;
}
if ( ( ret = mbedtls_sha1_update( ctx, msglen, 8 ) ) != 0 ) {
return ret;
}
memcpy(output, ctx->state, 20);
return ret;
}
#endif /* MBEDTLS_SHA1_C && MBEDTLS_SHA1_ALT */

289
components/mbedtls/port/sha/block/esp_sha512.c
View File

@ -1,289 +0,0 @@
/*
* SHA-512 implementation with hardware ESP support added.
*
* SPDX-FileCopyrightText: The Mbed TLS Contributors
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2023 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-512 Secure Hash Standard was published by NIST in 2002.
*
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
#include <mbedtls/build_info.h>
#if defined(MBEDTLS_SHA512_C) && defined(MBEDTLS_SHA512_ALT)
#include "mbedtls/sha512.h"
#if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64
#else
#define UL64(x) x##ULL
#endif
#include <string.h>
#include <assert.h>
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_block.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
{
volatile unsigned char *p = v;
while ( n-- ) {
*p++ = 0;
}
}
/*
* 64-bit integer manipulation macros (big endian)
*/
#ifndef PUT_UINT64_BE
#define PUT_UINT64_BE(n,b,i) \
{ \
(b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
(b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
(b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 7] = (unsigned char) ( (n) ); \
}
#endif /* PUT_UINT64_BE */
void esp_sha512_set_mode(mbedtls_sha512_context *ctx, esp_sha_type type)
{
switch (type) {
case SHA2_384:
case SHA2_512224:
case SHA2_512256:
case SHA2_512T:
ctx->mode = type;
break;
default:
ctx->mode = SHA2_512;
break;
}
}
/* For SHA512/t mode the intial hash value will depend on t */
void esp_sha512_set_t( mbedtls_sha512_context *ctx, uint16_t t_val)
{
ctx->t_val = t_val;
}
void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
{
assert(ctx != NULL);
memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
}
void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
{
if ( ctx == NULL ) {
return;
}
mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
}
void mbedtls_sha512_clone( mbedtls_sha512_context *dst,
const mbedtls_sha512_context *src )
{
memcpy(dst, src, sizeof(mbedtls_sha512_context));
}
/*
* SHA-512 context setup
*/
int mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
{
mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
if ( is384 ) {
ctx->mode = SHA2_384;
} else {
ctx->mode = SHA2_512;
}
return 0;
}
static int esp_internal_sha_update_state(mbedtls_sha512_context *ctx)
{
if (ctx->sha_state == ESP_SHA512_STATE_INIT) {
if (ctx->mode == SHA2_512T) {
int ret = -1;
if ((ret = esp_sha_512_t_init_hash(ctx->t_val)) != 0) {
return ret;
}
ctx->first_block = false;
} else {
ctx->first_block = true;
}
ctx->sha_state = ESP_SHA512_STATE_IN_PROCESS;
} else if (ctx->sha_state == ESP_SHA512_STATE_IN_PROCESS) {
ctx->first_block = false;
esp_sha_write_digest_state(ctx->mode, ctx->state);
}
return 0;
}
static void esp_internal_sha512_block_process(mbedtls_sha512_context *ctx, const uint8_t *data)
{
esp_sha_block(ctx->mode, data, ctx->first_block);
if (ctx->first_block) {
ctx->first_block = false;
}
}
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
{
int ret = -1;
esp_sha_acquire_hardware();
ret = esp_internal_sha_update_state(ctx);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
esp_sha_block(ctx->mode, data, ctx->first_block);
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return ret;
}
/*
* SHA-512 process buffer
*/
int mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
size_t ilen )
{
size_t fill;
unsigned int left, local_len = 0;
if ( ilen == 0 ) {
return 0;
}
left = (unsigned int) (ctx->total[0] & 0x7F);
fill = 128 - left;
ctx->total[0] += (uint64_t) ilen;
if ( ctx->total[0] < (uint64_t) ilen ) {
ctx->total[1]++;
}
if ( left && ilen >= fill ) {
memcpy( (void *) (ctx->buffer + left), input, fill );
input += fill;
ilen -= fill;
left = 0;
local_len = 128;
}
if ( (ilen >= 128) || local_len) {
esp_sha_acquire_hardware();
int ret = esp_internal_sha_update_state(ctx);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha512_block_process(ctx, ctx->buffer);
}
while ( ilen >= 128 ) {
esp_internal_sha512_block_process(ctx, input);
input += 128;
ilen -= 128;
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
}
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input, ilen);
}
return 0;
}
static const unsigned char sha512_padding[128] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
/*
* SHA-512 final digest
*/
int mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char *output )
{
int ret = -1;
size_t last, padn;
uint64_t high, low;
unsigned char msglen[16];
high = ( ctx->total[0] >> 61 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
PUT_UINT64_BE( high, msglen, 0 );
PUT_UINT64_BE( low, msglen, 8 );
last = (size_t)( ctx->total[0] & 0x7F );
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
if ( ( ret = mbedtls_sha512_update( ctx, sha512_padding, padn ) ) != 0 ) {
return ret;
}
if ( ( ret = mbedtls_sha512_update( ctx, msglen, 16 ) ) != 0 ) {
return ret;
}
if (ctx->mode == SHA2_384) {
memcpy(output, ctx->state, 48);
} else {
memcpy(output, ctx->state, 64);
}
return ret;
}
#endif /* MBEDTLS_SHA512_C && MBEDTLS_SHA512_ALT */

82
components/mbedtls/port/sha/block/sha.c
View File

@ -1,82 +0,0 @@
/*
* SPDX-FileCopyrightText: 2022-2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <stddef.h>
#include <sys/lock.h>
#include "soc/soc_caps.h"
#include "soc/periph_defs.h"
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_private/periph_ctrl.h"
#include "sha/sha_block.h"
#include "hal/sha_hal.h"
#include "hal/sha_ll.h"
static _lock_t s_sha_lock;
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state)
{
sha_hal_write_digest(sha_type, digest_state);
}
void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
{
sha_hal_read_digest(sha_type, digest_state);
}
/* Return block size (in bytes) for a given SHA type */
inline static size_t block_length(esp_sha_type type)
{
switch (type) {
case SHA1:
case SHA2_224:
case SHA2_256:
return 64;
#if SOC_SHA_SUPPORT_SHA384
case SHA2_384:
#endif
#if SOC_SHA_SUPPORT_SHA512
case SHA2_512:
#endif
#if SOC_SHA_SUPPORT_SHA512_T
case SHA2_512224:
case SHA2_512256:
case SHA2_512T:
#endif
return 128;
default:
return 0;
}
}
/* Lock the SHA peripheral and then enable it */
void esp_sha_acquire_hardware()
{
_lock_acquire(&s_sha_lock); /* Released when releasing hw with esp_sha_release_hardware() */
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
sha_ll_reset_register();
}
}
/* Disable SHA peripheral block and then release it */
void esp_sha_release_hardware()
{
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
}
_lock_release(&s_sha_lock);
}
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
{
sha_hal_hash_block(sha_type, data_block, block_length(sha_type) / 4, is_first_block);
}

63
components/mbedtls/port/sha/dma/esp_sha1.c → components/mbedtls/port/sha/core/esp_sha1.c
View File

@ -5,7 +5,7 @@
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileContributor: 2016-2025 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-1 standard was published by NIST in 1993.
@ -20,6 +20,8 @@
#include "mbedtls/sha1.h"
#include <string.h>
#include <stdbool.h>
#include <assert.h>
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
@ -30,7 +32,8 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_dma.h"
#include "esp_sha_internal.h"
#include "sha/sha_core.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
@ -81,7 +84,6 @@ int mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
ctx->mode = SHA1;
@ -99,28 +101,36 @@ static void esp_internal_sha_update_state(mbedtls_sha1_context *ctx)
}
}
static int esp_internal_sha1_dma_process(mbedtls_sha1_context *ctx,
const uint8_t *data, size_t len,
uint8_t *buf, size_t buf_len)
static void esp_internal_sha1_block_process(mbedtls_sha1_context *ctx, const uint8_t *data)
{
return esp_sha_dma(SHA1, data, len, buf, buf_len, ctx->first_block);
esp_sha_block(SHA1, data, ctx->first_block);
if (ctx->first_block) {
ctx->first_block = false;
}
}
int mbedtls_internal_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
{
int ret = -1;
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
ret = esp_sha_dma(ctx->mode, data, 64, 0, 0, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(64) == SHA_DMA_MODE) {
int ret = esp_sha_dma(SHA1, data, 64, NULL, 0, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
esp_sha_block(ctx->mode, data, ctx->first_block);
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return ret;
return 0;
}
int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
@ -144,7 +154,6 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
if ( left && ilen >= fill ) {
memcpy( (void *) (ctx->buffer + left), input, fill );
input += fill;
ilen -= fill;
left = 0;
@ -152,16 +161,33 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
}
len = (ilen / 64) * 64;
if ( len || local_len) {
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
int ret = esp_internal_sha1_dma_process(ctx, input, len, ctx->buffer, local_len);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(len) == SHA_DMA_MODE) {
int ret = esp_sha_dma(SHA1, input, len, ctx->buffer, local_len, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha1_block_process(ctx, ctx->buffer);
}
uint32_t length_processed = 0;
while ( len - length_processed > 0 ) {
esp_internal_sha1_block_process(ctx, input + length_processed);
length_processed += 64;
}
}
esp_sha_read_digest_state(SHA1, ctx->state);
@ -173,7 +199,6 @@ int mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input,
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input + len, ilen - len );
}
return 0;
}

60
components/mbedtls/port/sha/block/esp_sha256.c → components/mbedtls/port/sha/core/esp_sha256.c
View File

@ -5,7 +5,7 @@
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileContributor: 2016-2025 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-256 Secure Hash Standard was published by NIST in 2002.
@ -20,6 +20,7 @@
#include "mbedtls/sha256.h"
#include <string.h>
#include <stdbool.h>
#include <assert.h>
#if defined(MBEDTLS_SELF_TEST)
@ -31,7 +32,8 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_block.h"
#include "esp_sha_internal.h"
#include "sha/sha_core.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
@ -67,8 +69,6 @@ do { \
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
assert(ctx != NULL);
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
@ -127,7 +127,20 @@ int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned
{
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
esp_sha_block(ctx->mode, data, ctx->first_block);
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(64) == SHA_DMA_MODE) {
int ret = esp_sha_dma(ctx->mode, data, 64, NULL, 0, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
esp_sha_block(ctx->mode, data, ctx->first_block);
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return 0;
@ -140,7 +153,7 @@ int mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *inp
size_t ilen )
{
size_t fill;
uint32_t left, local_len = 0;
uint32_t left, len, local_len = 0;
if ( ilen == 0 ) {
return 0;
@ -166,31 +179,42 @@ int mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *inp
local_len = 64;
}
if ( (ilen >= 64) || local_len) {
len = (ilen / 64) * 64;
if ( len || local_len) {
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha256_block_process(ctx, ctx->buffer);
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(len) == SHA_DMA_MODE) {
int ret = esp_sha_dma(ctx->mode, input, len, ctx->buffer, local_len, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha256_block_process(ctx, ctx->buffer);
}
uint32_t length_processed = 0;
while ( len - length_processed > 0 ) {
esp_internal_sha256_block_process(ctx, input + length_processed);
length_processed += 64;
}
}
while ( ilen >= 64 ) {
esp_internal_sha256_block_process(ctx, input);
input += 64;
ilen -= 64;
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
}
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input, ilen);
memcpy( (void *) (ctx->buffer + left), input + len, ilen - len );
}
return 0;

67
components/mbedtls/port/sha/dma/esp_sha512.c → components/mbedtls/port/sha/core/esp_sha512.c
View File

@ -5,7 +5,7 @@
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileContributor: 2016-2025 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-512 Secure Hash Standard was published by NIST in 2002.
@ -26,6 +26,8 @@
#endif
#include <string.h>
#include <stdbool.h>
#include <assert.h>
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
@ -36,7 +38,8 @@
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_dma.h"
#include "esp_sha_internal.h"
#include "sha/sha_core.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
@ -79,8 +82,7 @@ void esp_sha512_set_mode(mbedtls_sha512_context *ctx, esp_sha_type type)
}
}
/* For SHA512/t mode the intial hash value will depend on t */
/* For SHA512/t mode the initial hash value will depend on t */
void esp_sha512_set_t( mbedtls_sha512_context *ctx, uint16_t t_val)
{
ctx->t_val = t_val;
@ -135,6 +137,7 @@ static int esp_internal_sha_update_state(mbedtls_sha512_context *ctx)
ctx->first_block = true;
}
ctx->sha_state = ESP_SHA512_STATE_IN_PROCESS;
} else if (ctx->sha_state == ESP_SHA512_STATE_IN_PROCESS) {
ctx->first_block = false;
esp_sha_write_digest_state(ctx->mode, ctx->state);
@ -142,20 +145,19 @@ static int esp_internal_sha_update_state(mbedtls_sha512_context *ctx)
return 0;
}
static int esp_internal_sha512_dma_process(mbedtls_sha512_context *ctx,
const uint8_t *data, size_t len,
uint8_t *buf, size_t buf_len)
static void esp_internal_sha512_block_process(mbedtls_sha512_context *ctx, const uint8_t *data)
{
esp_sha_block(ctx->mode, data, ctx->first_block);
return esp_sha_dma(ctx->mode, data, len, buf, buf_len, ctx->first_block);
if (ctx->first_block) {
ctx->first_block = false;
}
}
int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
{
int ret = -1;
esp_sha_acquire_hardware();
ret = esp_internal_sha_update_state(ctx);
@ -164,17 +166,22 @@ int mbedtls_internal_sha512_process( mbedtls_sha512_context *ctx, const unsigned
return ret;
}
ret = esp_internal_sha512_dma_process(ctx, data, 128, 0, 0);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(128) == SHA_DMA_MODE) {
ret = esp_sha_dma(ctx->mode, data, 128, NULL, 0, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
esp_sha_block(ctx->mode, data, ctx->first_block);
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return ret;
}
/*
@ -209,7 +216,6 @@ int mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *inp
}
len = (ilen / 128) * 128;
if ( len || local_len) {
esp_sha_acquire_hardware();
@ -221,20 +227,33 @@ int mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *inp
return ret;
}
ret = esp_internal_sha512_dma_process(ctx, input, len, ctx->buffer, local_len);
#if SOC_SHA_SUPPORT_DMA
if (sha_operation_mode(len) == SHA_DMA_MODE) {
ret = esp_sha_dma(ctx->mode, input, len, ctx->buffer, local_len, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
} else
#endif /* SOC_SHA_SUPPORT_DMA */
{
/* First process buffered block, if any */
if ( local_len ) {
esp_internal_sha512_block_process(ctx, ctx->buffer);
}
if (ret != 0) {
esp_sha_release_hardware();
return ret;
uint32_t length_processed = 0;
while ( len - length_processed > 0 ) {
esp_internal_sha512_block_process(ctx, input + length_processed);
length_processed += 128;
}
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
}
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input + len, ilen - len );
}

5
components/mbedtls/port/sha/dma/esp_sha_crypto_dma_impl.c → components/mbedtls/port/sha/core/esp_sha_crypto_dma_impl.c
View File

@ -3,15 +3,12 @@
*
* SPDX-License-Identifier: Apache-2.0
*/
#include "soc/soc_caps.h"
#include "esp_sha_dma_priv.h"
#include "soc/soc_caps.h"
#include "soc/crypto_dma_reg.h"
#include "hal/crypto_dma_ll.h"
esp_err_t esp_sha_dma_start(const crypto_dma_desc_t *input)
{
crypto_dma_ll_set_mode(CRYPTO_DMA_SHA);

0
components/mbedtls/port/sha/dma/esp_sha_gdma_impl.c → components/mbedtls/port/sha/core/esp_sha_gdma_impl.c
View File

3
components/mbedtls/port/sha/dma/include/esp_sha_dma_priv.h → components/mbedtls/port/sha/core/include/esp_sha_dma_priv.h
View File

@ -14,6 +14,7 @@
extern "C" {
#endif
#if SOC_SHA_SUPPORT_DMA
/**
* @brief Start the DMA engine
*
@ -23,7 +24,7 @@ extern "C" {
* - ESP_ERR_INVALID_STATE: No DMA channel available
*/
esp_err_t esp_sha_dma_start(const crypto_dma_desc_t *input);
#endif /* SOC_SHA_SUPPORT_DMA */
#ifdef __cplusplus
}

59
components/mbedtls/port/sha/core/include/esp_sha_internal.h Normal file
View File

@ -0,0 +1,59 @@
/*
* SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include <stddef.h>
#include <stdbool.h>
#include "soc/soc_caps.h"
#include "sdkconfig.h"
#ifdef __cplusplus
extern "C" {
#endif
#if SOC_SHA_SUPPORT_DMA
/*
* SHA operations for input data length below the threshold would use the block mode of the SHA peripheral.
* The SHA peripheral's block mode is faster for smaller lengths of input data as compared to the DMA mode
* because, the DMA mode involves various overheads like setting up the DMA descriptors.
*
* The below threshold numbers vary for some SoCs due to some properties that these SoCs hold,
* like the cache type involved and its configurations, multi-core systems, DMA architectures, etc.
*
* For future SoCs with different and newer properties, this threshold value may require fine-tuning.
* These values are calculated by performing a SHA operation in purely DMA mode versus purely block
* mode for various lengths of the input data.
*/
#if CONFIG_IDF_TARGET_ESP32P4
#define SHA_DMA_MODE_THRESHOLD 512
#elif CONFIG_IDF_TARGET_ESP32S3
#define SHA_DMA_MODE_THRESHOLD 256
#else
#define SHA_DMA_MODE_THRESHOLD 128
#endif
#endif /* SOC_SHA_SUPPORT_DMA */
typedef enum {
SHA_BLOCK_MODE,
#if SOC_SHA_SUPPORT_DMA
SHA_DMA_MODE,
#endif /* SOC_SHA_SUPPORT_DMA */
} esp_sha_mode;
static inline esp_sha_mode sha_operation_mode(size_t length)
{
#if SOC_SHA_SUPPORT_DMA
if (length > SHA_DMA_MODE_THRESHOLD) {
return SHA_DMA_MODE;
} else
#endif /* SOC_SHA_SUPPORT_DMA */
return SHA_BLOCK_MODE;
}
#ifdef __cplusplus
}
#endif

107
components/mbedtls/port/sha/dma/sha.c → components/mbedtls/port/sha/core/sha.c
View File

@ -1,39 +1,27 @@
/*
* ESP hardware accelerated SHA1/256/512 implementation
* based on mbedTLS FIPS-197 compliant version.
* SPDX-FileCopyrightText: 2025 Espressif Systems (Shanghai) CO LTD
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* Additions Copyright (C) 2016-2020, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
* ESP hardware accelerated SHA1/256/512 implementation
* based on mbedTLS FIPS-197 compliant version.
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
/*
* The SHA-1 standard was published by NIST in 1993.
*
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
#include <string.h>
#include <stddef.h>
#include <stdio.h>
#include <sys/lock.h>
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_log.h"
#include "esp_memory_utils.h"
#include "esp_crypto_lock.h"
#include "esp_private/esp_crypto_lock_internal.h"
#include "esp_log.h"
#include "sha/sha_core.h"
#include "hal/sha_hal.h"
#include "hal/sha_ll.h"
#include "soc/soc_caps.h"
#if SOC_SHA_SUPPORT_DMA
#include "esp_memory_utils.h"
#include "esp_attr.h"
#include "esp_crypto_dma.h"
#include "esp_heap_caps.h"
@ -51,10 +39,6 @@
#include "esp_private/periph_ctrl.h"
#include "sys/param.h"
#include "sha/sha_dma.h"
#include "hal/sha_hal.h"
#include "hal/sha_ll.h"
#include "soc/soc_caps.h"
#include "esp_sha_dma_priv.h"
#include "sdkconfig.h"
@ -62,22 +46,10 @@
#include "esp_flash_encrypt.h"
#endif /* SOC_AXI_DMA_EXT_MEM_ENC_ALIGNMENT */
#if SOC_SHA_GDMA
#if !ESP_TEE_BUILD
#define SHA_LOCK() esp_crypto_sha_aes_lock_acquire()
#define SHA_RELEASE() esp_crypto_sha_aes_lock_release()
#else
#define SHA_RCC_ATOMIC()
#define SHA_LOCK()
#define SHA_RELEASE()
#endif
#elif SOC_SHA_CRYPTO_DMA
#define SHA_LOCK() esp_crypto_dma_lock_acquire()
#define SHA_RELEASE() esp_crypto_dma_lock_release()
#if SOC_SHA_CRYPTO_DMA
#include "hal/crypto_dma_ll.h"
#endif
const static char *TAG = "esp-sha";
#endif /* SOC_SHA_SUPPORT_DMA */
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state)
{
@ -114,26 +86,26 @@ inline static size_t block_length(esp_sha_type type)
}
}
/* Enable SHA peripheral and then lock it */
void esp_sha_acquire_hardware()
void esp_sha_acquire_hardware(void)
{
SHA_LOCK(); /* Released when releasing hw with esp_sha_release_hardware() */
#if !ESP_TEE_BUILD
/* Released when releasing hw with esp_sha_release_hardware() */
esp_crypto_sha_aes_lock_acquire();
#endif
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(true);
#if SOC_AES_CRYPTO_DMA
crypto_dma_ll_enable_bus_clock(true);
#endif
sha_ll_reset_register();
#if SOC_AES_CRYPTO_DMA
crypto_dma_ll_enable_bus_clock(true);
crypto_dma_ll_reset_register();
#endif
}
}
/* Disable SHA peripheral block and then release it */
void esp_sha_release_hardware()
void esp_sha_release_hardware(void)
{
SHA_RCC_ATOMIC() {
sha_ll_enable_bus_clock(false);
@ -142,9 +114,20 @@ void esp_sha_release_hardware()
#endif
}
SHA_RELEASE();
#if !ESP_TEE_BUILD
esp_crypto_sha_aes_lock_release();
#endif
}
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
{
sha_hal_hash_block(sha_type, data_block, block_length(sha_type) / 4, is_first_block);
}
#if SOC_SHA_SUPPORT_DMA
const static char *TAG = "esp-sha";
static bool s_check_dma_capable(const void *p)
{
bool is_capable = false;
@ -157,26 +140,21 @@ static bool s_check_dma_capable(const void *p)
}
/* Hash the input block by block, using non-DMA mode */
static void esp_sha_block_mode(esp_sha_type sha_type, const uint8_t *input, uint32_t ilen,
const uint8_t *buf, uint32_t buf_len, bool is_first_block)
static void esp_sha_block_mode_fallback(esp_sha_type sha_type, const uint8_t *input, uint32_t ilen,
const uint8_t *buf, uint32_t buf_len, bool is_first_block)
{
size_t blk_len = 0;
size_t blk_word_len = 0;
int num_block = 0;
blk_len = block_length(sha_type);
size_t blk_len = block_length(sha_type);
assert(blk_len != 0);
blk_word_len = blk_len / 4;
num_block = ilen / blk_len;
int num_block = ilen / blk_len;
if (buf_len != 0) {
sha_hal_hash_block(sha_type, buf, blk_word_len, is_first_block);
esp_sha_block(sha_type, buf, is_first_block);
is_first_block = false;
}
for (int i = 0; i < num_block; i++) {
sha_hal_hash_block(sha_type, input + blk_len * i, blk_word_len, is_first_block);
esp_sha_block(sha_type, input + blk_len * i, is_first_block);
is_first_block = false;
}
}
@ -346,7 +324,7 @@ int esp_sha_dma(esp_sha_type sha_type, const void *input, uint32_t ilen,
/* DMA cannot access memory in flash, hash block by block instead of using DMA */
if (!s_check_dma_capable(input) && (ilen != 0)) {
esp_sha_block_mode(sha_type, input, ilen, buf, buf_len, is_first_block);
esp_sha_block_mode_fallback(sha_type, input, ilen, buf, buf_len, is_first_block);
return 0;
}
@ -407,3 +385,4 @@ cleanup:
free(dma_cap_buf);
return ret;
}
#endif /* SOC_SHA_SUPPORT_DMA */

234
components/mbedtls/port/sha/dma/esp_sha256.c
View File

@ -1,234 +0,0 @@
/*
* SHA-256 implementation with hardware ESP support added.
*
* SPDX-FileCopyrightText: The Mbed TLS Contributors
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2016-2024 Espressif Systems (Shanghai) CO LTD
*/
/*
* The SHA-256 Secure Hash Standard was published by NIST in 2002.
*
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
#include <mbedtls/build_info.h>
#if defined(MBEDTLS_SHA256_C) && defined(MBEDTLS_SHA256_ALT)
#include "mbedtls/sha256.h"
#include <string.h>
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#include "sha/sha_dma.h"
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n )
{
volatile unsigned char *p = v;
while ( n-- ) {
*p++ = 0;
}
}
/*
* 32-bit integer manipulation macros (big endian)
*/
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n,b,i) \
do { \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
} while( 0 )
#endif
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n,b,i) \
do { \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
} while( 0 )
#endif
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
{
if ( ctx == NULL ) {
return;
}
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
}
void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
const mbedtls_sha256_context *src )
{
*dst = *src;
}
/*
* SHA-256 context setup
*/
int mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
{
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
if ( is224 ) {
ctx->mode = SHA2_224;
} else {
ctx->mode = SHA2_256;
}
return 0;
}
static void esp_internal_sha_update_state(mbedtls_sha256_context *ctx)
{
if (ctx->sha_state == ESP_SHA256_STATE_INIT) {
ctx->first_block = true;
ctx->sha_state = ESP_SHA256_STATE_IN_PROCESS;
} else if (ctx->sha_state == ESP_SHA256_STATE_IN_PROCESS) {
ctx->first_block = false;
esp_sha_write_digest_state(ctx->mode, ctx->state);
}
}
int mbedtls_internal_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
{
int ret = -1;
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
ret = esp_sha_dma(ctx->mode, data, 64, 0, 0, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
return ret;
}
/*
* SHA-256 process buffer
*/
int mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
size_t ilen )
{
size_t fill;
uint32_t left, len, local_len = 0;
if ( ilen == 0 ) {
return 0;
}
left = ctx->total[0] & 0x3F;
fill = 64 - left;
ctx->total[0] += (uint32_t) ilen;
ctx->total[0] &= 0xFFFFFFFF;
if ( ctx->total[0] < (uint32_t) ilen ) {
ctx->total[1]++;
}
/* Check if any data pending from previous call to this API */
if ( left && ilen >= fill ) {
memcpy( (void *) (ctx->buffer + left), input, fill );
input += fill;
ilen -= fill;
left = 0;
local_len = 64;
}
len = (ilen / 64) * 64;
if ( len || local_len) {
esp_sha_acquire_hardware();
esp_internal_sha_update_state(ctx);
int ret = esp_sha_dma(ctx->mode, input, len, ctx->buffer, local_len, ctx->first_block);
if (ret != 0) {
esp_sha_release_hardware();
return ret;
}
esp_sha_read_digest_state(ctx->mode, ctx->state);
esp_sha_release_hardware();
}
if ( ilen > 0 ) {
memcpy( (void *) (ctx->buffer + left), input + len, ilen - len );
}
return 0;
}
static const unsigned char sha256_padding[64] = {
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
/*
* SHA-256 final digest
*/
int mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char *output )
{
int ret = -1;
uint32_t last, padn;
uint32_t high, low;
unsigned char msglen[8];
high = ( ctx->total[0] >> 29 )
| ( ctx->total[1] << 3 );
low = ( ctx->total[0] << 3 );
PUT_UINT32_BE( high, msglen, 0 );
PUT_UINT32_BE( low, msglen, 4 );
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
if ( ( ret = mbedtls_sha256_update( ctx, sha256_padding, padn ) ) != 0 ) {
return ret;
}
if ( ( ret = mbedtls_sha256_update( ctx, msglen, 8 ) ) != 0 ) {
return ret;
}
if (ctx->mode == SHA2_224) {
memcpy(output, ctx->state, 28);
} else {
memcpy(output, ctx->state, 32);
}
return ret;
}
#endif /* MBEDTLS_SHA256_C && MBEDTLS_SHA256_ALT */

4
components/mbedtls/port/sha/esp_sha.c
View File

@ -18,10 +18,8 @@
#if SOC_SHA_SUPPORT_PARALLEL_ENG
#include "sha/sha_parallel_engine.h"
#elif SOC_SHA_SUPPORT_DMA
#include "sha/sha_dma.h"
#else
#include "sha/sha_block.h"
#include "sha/sha_core.h"
#endif
static const char *TAG = "esp_sha";

4
components/wpa_supplicant/test_apps/main/test_wpa_supplicant_main.c
View File

@ -12,10 +12,8 @@
#include "soc/soc_caps.h"
#if SOC_SHA_SUPPORT_PARALLEL_ENG
#include "sha/sha_parallel_engine.h"
#elif SOC_SHA_SUPPORT_DMA
#include "sha/sha_dma.h"
#else
#include "sha/sha_block.h"
#include "sha/sha_core.h"
#endif
#define TEST_MEMORY_LEAK_THRESHOLD_DEFAULT 0

2
tools/ci/check_copyright_ignore.txt
View File

@ -479,13 +479,11 @@ components/mbedtls/port/include/esp32/aes.h
components/mbedtls/port/include/esp32/sha.h
components/mbedtls/port/include/esp32s2/aes.h
components/mbedtls/port/include/esp32s2/gcm.h
components/mbedtls/port/include/esp32s2/sha.h
components/mbedtls/port/include/mbedtls/esp_debug.h
components/mbedtls/port/include/sha/sha_parallel_engine.h
components/mbedtls/port/include/sha1_alt.h
components/mbedtls/port/include/sha256_alt.h
components/mbedtls/port/include/sha512_alt.h
components/mbedtls/port/sha/dma/sha.c
components/mbedtls/port/sha/parallel_engine/sha.c
components/nvs_flash/include/nvs_handle.hpp
components/nvs_flash/src/nvs_cxx_api.cpp