-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NUCLEO_F439ZI/mbedtls: add SHA1 hw_acceleration #4157
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added same comments as #4156
In fact, the subject of this PR is misleading. The subject is SHA1 HW acceleration, but the content is MD5 HW ac celeration. Please check the mistake
|
||
#define MBEDTLS_MD5_C |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please remove
*/ | ||
void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) | ||
{ | ||
HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)input, ilen); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what if ilen < 64?
Don't you need some accumulation buffer like in the SHA1 use case? Is this done in HAL_HASH_MD5_Accumulate
?
{ | ||
__HAL_HASH_START_DIGEST(); | ||
|
||
HAL_HASH_MD5_Finish(&ctx->hhash_md5, output, 10); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why 10? Is this hex value?
|
||
#if defined(MBEDTLS_MD5_ALT) | ||
#include "mbedtls/platform.h" | ||
#include "mbedtls/config.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is this include needed? isn't it already included in md5.h and md5.c before the inclusion of md5_alt.h?
Please check what header files inclusions are needed in this header files, and what should be moved to md5_alt.c file
*/ | ||
typedef struct | ||
{ | ||
uint32_t total[2]; /*!< number of bytes processed */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is this referenced?
typedef struct | ||
{ | ||
uint32_t total[2]; /*!< number of bytes processed */ | ||
uint32_t state[4]; /*!< intermediate digest state */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is this referenced?
{ | ||
uint32_t total[2]; /*!< number of bytes processed */ | ||
uint32_t state[4]; /*!< intermediate digest state */ | ||
unsigned char buffer[64]; /*!< data block being processed */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
where is this referenced?
#endif | ||
|
||
#ifdef __cplusplus | ||
extern "C" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can be removed
#endif | ||
|
||
#ifdef __cplusplus | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can be removed
Hello, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
one additional, minor, comment. After that, It's approved from my side
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] ); | ||
|
||
/* Internal use */ | ||
void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
change 64 to MBEDTLS_SHA1_BLOCK_SIZE
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok
mbedtls_sha1_process(ctx, ctx->sbuf); | ||
// now process every input as long as it is %4 bytes | ||
size_t iter = currentlen / 4; | ||
HAL_HASH_SHA1_Accumulate(&ctx->hhash_sha1, (uint8_t *)(input+MBEDTLS_SHA1_BLOCK_SIZE-ctx->sbuf_len), (iter*4)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same comment as in the SHA256:
Please verify how HAL_HASH_SHA1_Accumulate
will behave if iter = 0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello @RonEld ,
It will call HASH_WriteData in stm32f4xx_hal_hash.c line 225
for(buffercounter = 0U; buffercounter < Size; buffercounter+=4U)
{
HASH->DIN = *(uint32_t*)inputaddr;
inputaddr+=4U;
}
It will do nothing in case the Size is =0 (tested for the 3 toolchains GCC_ARM / IAR / ARM)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same remarks as PR #4159
This is equivalent to #4162 and I have already reviewed that one. |
Hello @gilles-peskine-arm @andresag01 , |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall, see my comments in PR #4162
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hello, @0xc0170 do you know what is failing in the Cam-CI uvisor Build & Test script ? |
Given all the approvals and that mbed TLS 2.5 is part of master can this PR be rebased on master? |
Move include platform from sha1_alt.h to sha1_alt.c
Hello |
Hello, the scripts are still running after 3 days, I guess it should be executed again ? Thanks in advance |
Bumping CI by closing then opening. |
retest uvisor |
1 similar comment
retest uvisor |
bump ? |
/morph test |
Result: FAILUREYour command has finished executing! Here's what you wrote!
OutputTest failed! |
Hello @adbridge |
/morph test |
Result: SUCCESSYour command has finished executing! Here's what you wrote!
OutputAll builds and test passed! |
👍 |
Description
Enable SHA1 for STM32F439ZI
Enable HW acceleration for SHA1 algorithm on STM32F439ZI
is PR #3947 on another branch
Status
READY
Steps to test or reproduce
To test this feature, you have to modify TESTS/mbedtls/selfttest/main.cpp in order to call sha1 self test:
add:
#include "mbedtls/sha1.h"
then
then