feat: enable support for sha peripheral in esp32c61

2024-10-05 20:47:46 -04:00 · 2024-08-13 16:47:11 +05:30 · 2024-08-13 16:47:11 +05:30 · 12fc7a677e
commit 12fc7a677e
parent eab98765ad
9 changed files with 253 additions and 25 deletions
--- a/components/bootloader_support/src/esp32c61/bootloader_sha.c
+++ b/components/bootloader_support/src/esp32c61/bootloader_sha.c
@ -13,8 +13,6 @@

 static SHA_CTX ctx;

-//TODO: [ESP32C61] IDF-9234
-
 bootloader_sha256_handle_t bootloader_sha256_start()
 {
    // Enable SHA hardware
--- a/components/esp_hw_support/include/esp_crypto_lock.h
+++ b/components/esp_hw_support/include/esp_crypto_lock.h
@ -44,7 +44,7 @@ void esp_crypto_ds_lock_acquire(void);
 void esp_crypto_ds_lock_release(void);
 #endif /* SOC_DIG_SIGN_SUPPORTED */

-#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED)
+#if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
 /**
 * @brief Acquire lock for the SHA and AES cryptography peripheral.
 *
@ -56,9 +56,9 @@ void esp_crypto_sha_aes_lock_acquire(void);
 *
 */
 void esp_crypto_sha_aes_lock_release(void);
-#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */
+#endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */

-#if defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA)
+#if defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA)
 /**
 * This API should be used by all components which use the SHA, AES, HMAC and DS crypto hardware on the ESP32S2.
 * They can not be used in parallel because they use the same DMA or are calling each other.
@ -76,7 +76,7 @@ void esp_crypto_dma_lock_acquire(void);
 * Release lock for the AES and SHA cryptography peripherals, which both use the crypto DMA.
 */
 void esp_crypto_dma_lock_release(void);
-#endif /* defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) */
+#endif /* defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA) */

 #ifdef SOC_MPI_SUPPORTED
 /**
--- a/components/esp_security/src/esp_crypto_lock.c
+++ b/components/esp_security/src/esp_crypto_lock.c
@ -33,10 +33,10 @@ static _lock_t s_crypto_hmac_lock;
 static _lock_t s_crypto_mpi_lock;
 #endif /* SOC_MPI_SUPPORTED */

-#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED)
+#if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
 /* Single lock for SHA and AES, sharing a reserved GDMA channel */
 static _lock_t s_crypto_sha_aes_lock;
-#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */
+#endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */

 #ifdef SOC_ECC_SUPPORTED
 /* Lock for ECC peripheral */
@ -83,7 +83,7 @@ void esp_crypto_ds_lock_release(void)
 }
 #endif /* SOC_DIG_SIGN_SUPPORTED */

-#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED)
+#if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
 void esp_crypto_sha_aes_lock_acquire(void)
 {
    _lock_acquire(&s_crypto_sha_aes_lock);
@ -93,9 +93,9 @@ void esp_crypto_sha_aes_lock_release(void)
 {
    _lock_release(&s_crypto_sha_aes_lock);
 }
-#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */
+#endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */

-#if defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA)
+#if defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA)
 void esp_crypto_dma_lock_acquire(void)
 {
    _lock_acquire(&s_crypto_sha_aes_lock);
@ -105,7 +105,7 @@ void esp_crypto_dma_lock_release(void)
 {
    _lock_release(&s_crypto_sha_aes_lock);
 }
-#endif /* defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) */
+#endif /* defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA) */

 #ifdef SOC_MPI_SUPPORTED
 void esp_crypto_mpi_lock_acquire(void)
--- a/components/hal/esp32c61/include/hal/sha_ll.h
+++ b/components/hal/esp32c61/include/hal/sha_ll.h
@ -0,0 +1,174 @@
+/*
+ * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include <stdbool.h>
+#include "soc/hwcrypto_reg.h"
+#include "soc/pcr_struct.h"
+#include "hal/sha_types.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/**
+ * @brief Enable the bus clock for SHA peripheral module
+ *
+ * @param enable true to enable the module, false to disable the module
+ */
+static inline void sha_ll_enable_bus_clock(bool enable)
+{
+    PCR.sha_conf.sha_clk_en = enable;
+}
+
+/**
+ * @brief Reset the SHA peripheral module
+ */
+static inline void sha_ll_reset_register(void)
+{
+    PCR.sha_conf.sha_rst_en = 1;
+    PCR.sha_conf.sha_rst_en = 0;
+
+    // Clear reset on digital signature, hmac and ecdsa also, otherwise SHA is held in reset
+    PCR.ds_conf.ds_rst_en = 0;
+    PCR.hmac_conf.hmac_rst_en = 0;
+    PCR.ecdsa_conf.ecdsa_rst_en = 0;
+}
+
+/**
+ * @brief Start a new SHA block conversions (no initial hash in HW)
+ *
+ * @param sha_type The SHA algorithm type
+ */
+static inline void sha_ll_start_block(esp_sha_type sha_type)
+{
+    REG_WRITE(SHA_MODE_REG, sha_type);
+    REG_WRITE(SHA_START_REG, 1);
+}
+
+/**
+ * @brief Continue a SHA block conversion (initial hash in HW)
+ *
+ * @param sha_type The SHA algorithm type
+ */
+static inline void sha_ll_continue_block(esp_sha_type sha_type)
+{
+    REG_WRITE(SHA_MODE_REG, sha_type);
+    REG_WRITE(SHA_CONTINUE_REG, 1);
+}
+
+/**
+ * @brief Start a new SHA message conversion using DMA (no initial hash in HW)
+ *
+ * @param sha_type The SHA algorithm type
+ */
+static inline void sha_ll_start_dma(esp_sha_type sha_type)
+{
+    REG_WRITE(SHA_MODE_REG, sha_type);
+    REG_WRITE(SHA_DMA_START_REG, 1);
+}
+
+/**
+ * @brief Continue a SHA message conversion using DMA (initial hash in HW)
+ *
+ * @param sha_type The SHA algorithm type
+ */
+static inline void sha_ll_continue_dma(esp_sha_type sha_type)
+{
+    REG_WRITE(SHA_MODE_REG, sha_type);
+    REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
+}
+
+/**
+ * @brief Load the current hash digest to digest register
+ *
+ * @note Happens automatically on ESP32C6
+ *
+ * @param sha_type The SHA algorithm type
+ */
+static inline void sha_ll_load(esp_sha_type sha_type)
+{
+}
+
+/**
+ * @brief Sets the number of message blocks to be hashed
+ *
+ * @note DMA operation only
+ *
+ * @param num_blocks Number of message blocks to process
+ */
+static inline void sha_ll_set_block_num(size_t num_blocks)
+{
+    REG_WRITE(SHA_DMA_BLOCK_NUM_REG, num_blocks);
+}
+
+/**
+ * @brief Checks if the SHA engine is currently busy hashing a block
+ *
+ * @return true SHA engine busy
+ * @return false SHA engine idle
+ */
+static inline bool sha_ll_busy(void)
+{
+    return REG_READ(SHA_BUSY_REG);
+}
+
+/**
+ * @brief Write a text (message) block to the SHA engine
+ *
+ * @param input_text Input buffer to be written to the SHA engine
+ * @param block_word_len Number of words in block
+ */
+static inline void sha_ll_fill_text_block(const void *input_text, size_t block_word_len)
+{
+    uint32_t *data_words = (uint32_t *)input_text;
+    uint32_t *reg_addr_buf = (uint32_t *)(SHA_M_MEM);
+
+    for (int i = 0; i < block_word_len; i++) {
+        REG_WRITE(&reg_addr_buf[i], data_words[i]);
+    }
+}
+
+/**
+ * @brief Read the message digest from the SHA engine
+ *
+ * @param sha_type The SHA algorithm type
+ * @param digest_state Buffer that message digest will be written to
+ * @param digest_word_len Length of the message digest
+ */
+static inline void sha_ll_read_digest(esp_sha_type sha_type, void *digest_state, size_t digest_word_len)
+{
+    uint32_t *digest_state_words = (uint32_t *)digest_state;
+    const size_t REG_WIDTH = sizeof(uint32_t);
+
+    for (size_t i = 0; i < digest_word_len; i++) {
+        digest_state_words[i] = REG_READ(SHA_H_MEM + (i * REG_WIDTH));
+    }
+
+}
+
+/**
+ * @brief Write the message digest to the SHA engine
+ *
+ * @param sha_type The SHA algorithm type
+ * @param digest_state Message digest to be written to SHA engine
+ * @param digest_word_len Length of the message digest
+ */
+static inline void sha_ll_write_digest(esp_sha_type sha_type, void *digest_state, size_t digest_word_len)
+{
+    uint32_t *digest_state_words = (uint32_t *)digest_state;
+    uint32_t *reg_addr_buf = (uint32_t *)(SHA_H_MEM);
+
+    for (int i = 0; i < digest_word_len; i++) {
+        REG_WRITE(&reg_addr_buf[i], digest_state_words[i]);
+    }
+}
+
+
+#ifdef __cplusplus
+}
+#endif
--- a/components/hal/test_apps/crypto/main/sha/test_sha.c
+++ b/components/hal/test_apps/crypto/main/sha/test_sha.c
@ -205,7 +205,7 @@ TEST_GROUP(sha);
 TEST_SETUP(sha)
 {
    test_utils_record_free_mem();
-    TEST_ESP_OK(test_utils_set_leak_level(0, ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_GENERAL));
+    TEST_ESP_OK(test_utils_set_leak_level(400, ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_GENERAL));
 }

 TEST_TEAR_DOWN(sha)
--- a/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c
+++ b/components/mbedtls/port/crypto_shared_gdma/esp_crypto_shared_gdma.c
@ -92,8 +92,12 @@ static esp_err_t crypto_shared_gdma_init(void)
    transfer_cfg.max_data_burst_size = 0;
    gdma_config_transfer(rx_channel, &transfer_cfg);

+#ifdef SOC_AES_SUPPORTED
    gdma_connect(rx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
    gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
+#elif SOC_SHA_SUPPORTED
+    gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
+#endif

    return ESP_OK;

@ -123,11 +127,17 @@ esp_err_t esp_crypto_shared_gdma_start(const lldesc_t *input, const lldesc_t *ou
    /* Tx channel is shared between AES and SHA, need to connect to peripheral every time */
    gdma_disconnect(tx_channel);

+#ifdef SOC_SHA_SUPPORTED
    if (peripheral == GDMA_TRIG_PERIPH_SHA) {
        gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
-    } else if (peripheral == GDMA_TRIG_PERIPH_AES) {
+    } else
+#endif // SOC_SHA_SUPPORTED
+#ifdef SOC_AES_SUPPORTED
+    if (peripheral == GDMA_TRIG_PERIPH_AES) {
        gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
-    } else {
+    } else
+#endif // SOC_AES_SUPPORTED
+    {
        return ESP_ERR_INVALID_ARG;
    }

@ -176,11 +186,17 @@ esp_err_t esp_crypto_shared_gdma_start_axi_ahb(const crypto_dma_desc_t *input, c
    /* Tx channel is shared between AES and SHA, need to connect to peripheral every time */
    gdma_disconnect(tx_channel);

+#ifdef SOC_SHA_SUPPORTED
    if (peripheral == GDMA_TRIG_PERIPH_SHA) {
        gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
-    } else if (peripheral == GDMA_TRIG_PERIPH_AES) {
+    } else
+#endif // SOC_SHA_SUPPORTED
+#ifdef SOC_AES_SUPPORTED
+    if (peripheral == GDMA_TRIG_PERIPH_AES) {
        gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
-    } else {
+    } else
+#endif // SOC_AES_SUPPORTED
+    {
        return ESP_ERR_INVALID_ARG;
    }

--- a/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in
+++ b/components/soc/esp32c61/include/soc/Kconfig.soc_caps.in
@ -67,6 +67,10 @@ config SOC_SYSTIMER_SUPPORTED
    bool
    default y

+config SOC_SHA_SUPPORTED
+    bool
+    default y
+
 config SOC_ECC_SUPPORTED
    bool
    default y
@ -459,6 +463,34 @@ config SOC_MPU_REGION_WO_SUPPORTED
    bool
    default n

+config SOC_SHA_DMA_MAX_BUFFER_SIZE
+    int
+    default 3968
+
+config SOC_SHA_SUPPORT_DMA
+    bool
+    default y
+
+config SOC_SHA_SUPPORT_RESUME
+    bool
+    default y
+
+config SOC_SHA_GDMA
+    bool
+    default y
+
+config SOC_SHA_SUPPORT_SHA1
+    bool
+    default y
+
+config SOC_SHA_SUPPORT_SHA224
+    bool
+    default y
+
+config SOC_SHA_SUPPORT_SHA256
+    bool
+    default y
+
 config SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
    bool
    default y
--- a/components/soc/esp32c61/include/soc/hwcrypto_reg.h
+++ b/components/soc/esp32c61/include/soc/hwcrypto_reg.h
@ -0,0 +1,8 @@
+/*
+ * SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ */
+#pragma once
+
+#include "soc/sha_reg.h"
--- a/components/soc/esp32c61/include/soc/soc_caps.h
+++ b/components/soc/esp32c61/include/soc/soc_caps.h
@ -39,7 +39,7 @@
 #define SOC_LEDC_SUPPORTED              1
 #define SOC_SYSTIMER_SUPPORTED          1       //TODO: [ESP32C61] IDF-9307, IDF-9308
 //  \#define SOC_SUPPORT_COEXISTENCE         1
-//  \#define SOC_SHA_SUPPORTED               1    //TODO: [ESP32C61] IDF-9234
+#define SOC_SHA_SUPPORTED               1
 #define SOC_ECC_SUPPORTED               1
 #define SOC_ECC_EXTENDED_MODES_SUPPORTED   1
 #define SOC_FLASH_ENC_SUPPORTED         1
@ -274,19 +274,19 @@
   for SHA this means that the biggest safe amount of bytes is
   31 blocks of 128 bytes = 3968
 */
-// #define SOC_SHA_DMA_MAX_BUFFER_SIZE     (3968)
-// #define SOC_SHA_SUPPORT_DMA             (1)
+#define SOC_SHA_DMA_MAX_BUFFER_SIZE     (3968)
+#define SOC_SHA_SUPPORT_DMA             (1)

 // /* The SHA engine is able to resume hashing from a user */
-// #define SOC_SHA_SUPPORT_RESUME          (1)
+#define SOC_SHA_SUPPORT_RESUME          (1)

 // /* Has a centralized DMA, which is shared with all peripherals */
-// #define SOC_SHA_GDMA             (1)
+#define SOC_SHA_GDMA             (1)

 // /* Supported HW algorithms */
-// #define SOC_SHA_SUPPORT_SHA1            (1)
-// #define SOC_SHA_SUPPORT_SHA224          (1)
-// #define SOC_SHA_SUPPORT_SHA256          (1)
+#define SOC_SHA_SUPPORT_SHA1            (1)
+#define SOC_SHA_SUPPORT_SHA224          (1)
+#define SOC_SHA_SUPPORT_SHA256          (1)

 /*--------------------------- ECDSA CAPS ---------------------------------------*/
 #define SOC_ECDSA_SUPPORT_EXPORT_PUBKEY     (1)