Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mbedtls with hardware SHA engine #976

yoursunny opened this issue Jan 7, 2018 · 4 comments


Copy link

commented Jan 7, 2018


Board: Heltec WiFi Kit 32
Core Installation/update date: 70d0d46
IDE name: Arduino 1.8.5
Flash Frequency: 80Mhz
Upload Speed: 115200


As a result, SHA256 computation is slow.


#include <mbedtls/sha256.h>

void setup() {

void loop() {
  unsigned long t0 = micros();
  mbedtls_sha256_context ctx;
  for (int i = 0; i < 16777216; ++i) {
    Serial.printf("mode=%d\n", ctx.mode);
    mbedtls_sha256_update(&ctx, reinterpret_cast<const uint8_t*>("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno"), 64);
  uint8_t digest[32];
  mbedtls_sha256_finish(&ctx, digest);
  unsigned long t1 = micros();

  for (int i = 0; i < sizeof(digest); ++i) {
    Serial.printf("%02x", digest[i]);
  Serial.printf("duration=%lu\n", t1 - t0);

Debug Messages:

In "alt" version of mbedtls_sha256_context, there is a mode member that indicates whether hardware or software SHA engine is selected.
The sketch does not compile because the mbedtls_sha256_context only supports software implementation.

sha256-mbedtls:13: error: 'struct mbedtls_sha256_context' has no member named 'mode'

     Serial.printf("mode=%d\n", ctx.mode);

This comment has been minimized.

Copy link

commented Jan 8, 2018

It has disabled due an old bug in hardware acceleration that crash mbedltls sometimes (espressif/esp-idf#630)
It's fixed on IDF now and just waiting for the update for Arduino here: #964


This comment has been minimized.

Copy link
Contributor Author

commented Aug 18, 2018

Core Installation/update date: 172802b
Now that #964 is closed, but CONFIG_MBEDTLS_HARDWARE_SHA stays disabled.
Can this be enabled?

I tried modifying tools/sdk/sdkconfig but it does not seem to be effective. I don't know how to regenerate binaries in there.


This comment has been minimized.

Copy link

commented Aug 1, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Aug 1, 2019


This comment has been minimized.

Copy link
Contributor Author

commented Aug 1, 2019

This issue should remain open. Enabling hardware SHA engine is a useful performance improvement.

@stale stale bot removed the stale label Aug 1, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
2 participants
You can’t perform that action at this time.