From 702e41e1c83b6bf80b28df6aceda523f1eadba94 Mon Sep 17 00:00:00 2001 From: Renz Bagaporo Date: Wed, 3 Mar 2021 18:21:07 +0800 Subject: [PATCH] esp32s2: move crypto related functions --- components/esp32c3/CMakeLists.txt | 5 +- components/esp32c3/test/test_sha.c | 80 ---- components/esp32s2/CMakeLists.txt | 5 +- components/esp32s2/test/test_ds.c | 379 ------------------ components/esp32s2/test/test_sha.c | 103 ----- components/esp32s3/CMakeLists.txt | 1 - components/esp_common/src/esp_err_to_name.c | 8 +- components/esp_hw_support/CMakeLists.txt | 2 +- .../include/soc/esp32c3}/esp_crypto_lock.h | 0 .../include/soc/esp32c3}/esp_ds.h | 0 .../include/soc/esp32c3}/esp_hmac.h | 0 .../include/soc/esp32s2}/esp_crypto_lock.h | 0 .../include/soc/esp32s2}/esp_ds.h | 0 .../include/soc/esp32s2}/esp_hmac.h | 0 .../include/soc/esp32s3}/esp_crypto_lock.h | 0 .../port/esp32c3/CMakeLists.txt | 6 +- .../port}/esp32c3/esp_crypto_lock.c | 0 .../port}/esp32c3/esp_ds.c | 0 .../port}/esp32c3/esp_hmac.c | 0 .../port/esp32s2/CMakeLists.txt | 6 +- .../port}/esp32s2/esp_crypto_lock.c | 0 .../port}/esp32s2/esp_ds.c | 0 .../port}/esp32s2/esp_hmac.c | 0 .../port/esp32s3/CMakeLists.txt | 4 +- .../port}/esp32s3/esp_crypto_lock.c | 0 .../test/digital_signature_test_cases_3072.h} | 0 .../test/digital_signature_test_cases_4096.h} | 0 .../test/gen_digital_signature_tests.py | 0 .../test/test_ds.c | 101 ++++- .../test/test_hmac.c | 6 +- components/hal/include/hal/sha_types.h | 11 +- .../test/test_aes_sha_rsa.c.bak} | 0 components/{esp32 => mbedtls}/test/test_sha.c | 39 +- docs/doxygen/Doxyfile_esp32c3 | 4 +- docs/doxygen/Doxyfile_esp32s2 | 4 +- tools/ci/mypy_ignore_list.txt | 3 +- 36 files changed, 154 insertions(+), 613 deletions(-) delete mode 100644 components/esp32c3/test/test_sha.c delete mode 100644 components/esp32s2/test/test_ds.c delete mode 100644 components/esp32s2/test/test_sha.c rename components/{esp32c3/include => esp_hw_support/include/soc/esp32c3}/esp_crypto_lock.h (100%) rename components/{esp32c3/include => esp_hw_support/include/soc/esp32c3}/esp_ds.h (100%) rename components/{esp32c3/include => esp_hw_support/include/soc/esp32c3}/esp_hmac.h (100%) rename components/{esp32s2/include => esp_hw_support/include/soc/esp32s2}/esp_crypto_lock.h (100%) rename components/{esp32s2/include => esp_hw_support/include/soc/esp32s2}/esp_ds.h (100%) rename components/{esp32s2/include => esp_hw_support/include/soc/esp32s2}/esp_hmac.h (100%) rename components/{esp32s3/include => esp_hw_support/include/soc/esp32s3}/esp_crypto_lock.h (100%) rename components/{ => esp_hw_support/port}/esp32c3/esp_crypto_lock.c (100%) rename components/{ => esp_hw_support/port}/esp32c3/esp_ds.c (100%) rename components/{ => esp_hw_support/port}/esp32c3/esp_hmac.c (100%) rename components/{ => esp_hw_support/port}/esp32s2/esp_crypto_lock.c (100%) rename components/{ => esp_hw_support/port}/esp32s2/esp_ds.c (100%) rename components/{ => esp_hw_support/port}/esp32s2/esp_hmac.c (100%) rename components/{ => esp_hw_support/port}/esp32s3/esp_crypto_lock.c (100%) rename components/{esp32c3/test/digital_signature_test_cases.h => esp_hw_support/test/digital_signature_test_cases_3072.h} (100%) rename components/{esp32s2/test/digital_signature_test_cases.h => esp_hw_support/test/digital_signature_test_cases_4096.h} (100%) rename components/{esp32s2 => esp_hw_support}/test/gen_digital_signature_tests.py (100%) rename components/{esp32c3 => esp_hw_support}/test/test_ds.c (81%) rename components/{esp32s2 => esp_hw_support}/test/test_hmac.c (99%) rename components/{esp32/test/test_aes_sha_rsa.c => mbedtls/test/test_aes_sha_rsa.c.bak} (100%) rename components/{esp32 => mbedtls}/test/test_sha.c (89%) diff --git a/components/esp32c3/CMakeLists.txt b/components/esp32c3/CMakeLists.txt index 1d00a870ee..eda76c3379 100644 --- a/components/esp32c3/CMakeLists.txt +++ b/components/esp32c3/CMakeLists.txt @@ -11,10 +11,7 @@ if(BOOTLOADER_BUILD) else() # Regular app build - set(srcs "dport_access.c" - "esp_hmac.c" - "esp_ds.c" - "esp_crypto_lock.c") + set(srcs "dport_access.c") set(include_dirs "include") set(requires driver efuse soc riscv) #unfortunately rom/uart uses SOC registers directly diff --git a/components/esp32c3/test/test_sha.c b/components/esp32c3/test/test_sha.c deleted file mode 100644 index 052433d6ac..0000000000 --- a/components/esp32c3/test/test_sha.c +++ /dev/null @@ -1,80 +0,0 @@ -#include -#include -#include -#include "esp_types.h" -#include "esp32c3/clk.h" -#include "esp_log.h" -#include "esp_timer.h" -#include "esp_heap_caps.h" -#include "idf_performance.h" - -#include "unity.h" -#include "test_utils.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "sha/sha_dma.h" - -/* Note: Most of the SHA functions are called as part of mbedTLS, so -are tested as part of mbedTLS tests. Only esp_sha() is different. -*/ - -#define TAG "sha_test" - -TEST_CASE("Test esp_sha()", "[hw_crypto]") -{ - const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size - - int64_t begin, end; - uint32_t us_sha1; - uint8_t sha1_result[20] = { 0 }; - void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL); - TEST_ASSERT_NOT_NULL(buffer); - memset(buffer, 0xEE, BUFFER_SZ); - - const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86, - 0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc, - 0x7a, 0xb7, 0xa5, 0x4a }; - - begin = esp_timer_get_time(); - esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result); - end = esp_timer_get_time(); - TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected)); - us_sha1 = end - begin; - ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1); - - free(buffer); - - TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1); -} - -TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]") -{ - const void* ptr; - spi_flash_mmap_handle_t handle; - uint8_t sha1_espsha[20] = { 0 }; - uint8_t sha1_mbedtls[20] = { 0 }; - uint8_t sha256_espsha[32] = { 0 }; - uint8_t sha256_mbedtls[32] = { 0 }; - - const size_t LEN = 1024 * 1024; - - /* mmap() 1MB of flash, we don't care what it is really */ - esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle); - - TEST_ASSERT_EQUAL_HEX32(ESP_OK, err); - TEST_ASSERT_NOT_NULL(ptr); - - /* Compare esp_sha() result to the mbedTLS result, should always be the same */ - - esp_sha(SHA1, ptr, LEN, sha1_espsha); - int r = mbedtls_sha1_ret(ptr, LEN, sha1_mbedtls); - TEST_ASSERT_EQUAL(0, r); - - esp_sha(SHA2_256, ptr, LEN, sha256_espsha); - r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0); - TEST_ASSERT_EQUAL(0, r); - - TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match"); - - TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match"); -} diff --git a/components/esp32s2/CMakeLists.txt b/components/esp32s2/CMakeLists.txt index 209579c67b..c229ea1ddc 100644 --- a/components/esp32s2/CMakeLists.txt +++ b/components/esp32s2/CMakeLists.txt @@ -13,10 +13,7 @@ else() set(srcs "dport_access.c" "spiram.c" - "spiram_psram.c" - "esp_crypto_lock.c" - "esp_hmac.c" - "esp_ds.c") + "spiram_psram.c") set(include_dirs "include") diff --git a/components/esp32s2/test/test_ds.c b/components/esp32s2/test/test_ds.c deleted file mode 100644 index 719f24adb6..0000000000 --- a/components/esp32s2/test/test_ds.c +++ /dev/null @@ -1,379 +0,0 @@ -// Copyright 2020 Espressif Systems (Shanghai) PTE LTD -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at - -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include "unity.h" -#include "esp32s2/rom/efuse.h" -#include "esp32s2/rom/digital_signature.h" -#include "esp32s2/rom/aes.h" -#include "esp32s2/rom/sha.h" -#include - -#include "esp_ds.h" - -#define NUM_RESULTS 10 - -typedef struct { - uint8_t iv[ETS_DS_IV_LEN]; - ets_ds_p_data_t p_data; - uint8_t expected_c[ETS_DS_C_LEN]; - uint8_t hmac_key_idx; - uint32_t expected_results[NUM_RESULTS][4096/32]; -} encrypt_testcase_t; - -// Generated header (gen_digital_signature_tests.py) defines -// NUM_HMAC_KEYS, test_hmac_keys, NUM_MESSAGES, NUM_CASES, test_messages[], test_cases[] -// Some adaptations were made: removed the 512 bit case and changed RSA lengths to the enums from esp_ds.h -#include "digital_signature_test_cases.h" - -_Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the same as NUM_MESSAGES in generated header"); - -TEST_CASE("Digital Signature Parameter Encryption data NULL", "[hw_crypto]") -{ - const char iv [32]; - esp_ds_p_data_t p_data; - const char key [32]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(NULL, iv, &p_data, key)); -} - -TEST_CASE("Digital Signature Parameter Encryption iv NULL", "[hw_crypto]") -{ - esp_ds_data_t data; - esp_ds_p_data_t p_data; - const char key [32]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, NULL, &p_data, key)); -} - -TEST_CASE("Digital Signature Parameter Encryption p_data NULL", "[hw_crypto]") -{ - esp_ds_data_t data; - const char iv [32]; - const char key [32]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, iv, NULL, key)); -} - -TEST_CASE("Digital Signature Parameter Encryption key NULL", "[hw_crypto]") -{ - esp_ds_data_t data; - const char iv [32]; - esp_ds_p_data_t p_data; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_encrypt_params(&data, iv, &p_data, NULL)); -} - -TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto]") -{ - for (int i = 0; i < NUM_CASES; i++) { - printf("Encrypting test case %d...\n", i); - const encrypt_testcase_t *t = &test_cases[i]; - esp_ds_data_t result = { }; - esp_ds_p_data_t p_data; - - memcpy(p_data.Y, t->p_data.Y, 4096/8); - memcpy(p_data.M, t->p_data.M, 4096/8); - memcpy(p_data.Rb, t->p_data.Rb, 4096/8); - p_data.M_prime = t->p_data.M_prime; - p_data.length = t->p_data.length; - - esp_err_t r = esp_ds_encrypt_params(&result, t->iv, &p_data, - test_hmac_keys[t->hmac_key_idx]); - printf("Encrypting test case %d done\n", i); - TEST_ASSERT_EQUAL(ESP_OK, r); - TEST_ASSERT_EQUAL(t->p_data.length, result.rsa_length); - TEST_ASSERT_EQUAL_HEX8_ARRAY(t->iv, result.iv, ETS_DS_IV_LEN); - TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_c, result.c, ETS_DS_C_LEN); - } -} - -TEST_CASE("Digital Signature start Invalid message", "[hw_crypto]") -{ - esp_ds_data_t ds_data = { }; - ds_data.rsa_length = ESP_DS_RSA_4096; - esp_ds_context_t *ctx; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(NULL, &ds_data, HMAC_KEY1, &ctx)); -} - -TEST_CASE("Digital Signature start Invalid data", "[hw_crypto]") -{ - const char *message = "test"; - esp_ds_context_t *ctx; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, NULL, HMAC_KEY1, &ctx)); -} - -TEST_CASE("Digital Signature start Invalid context", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_4096; - const char *message = "test"; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL)); -} - -TEST_CASE("Digital Signature RSA length 0", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = 0; - const char *message = "test"; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL)); -} - -TEST_CASE("Digital Signature RSA length too long", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = 128; - const char *message = "test"; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL)); -} - -TEST_CASE("Digital Signature start HMAC key out of range", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_4096; - esp_ds_context_t *ctx; - const char *message = "test"; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY5 + 1, &ctx)); - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY0 - 1, &ctx)); -} - -TEST_CASE("Digital Signature finish Invalid signature ptr", "[hw_crypto]") -{ - esp_ds_context_t *ctx = NULL; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_finish_sign(NULL, ctx)); -} - -TEST_CASE("Digital Signature finish Invalid context", "[hw_crypto]") -{ - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_finish_sign(signature_data, NULL)); -} - -TEST_CASE("Digital Signature Blocking Invalid message", "[hw_crypto]") -{ - esp_ds_data_t ds_data = { }; - ds_data.rsa_length = ESP_DS_RSA_4096; - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(NULL, &ds_data, HMAC_KEY1, signature_data)); -} - -TEST_CASE("Digital Signature Blocking Invalid data", "[hw_crypto]") -{ - const char *message = "test"; - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, NULL, HMAC_KEY1, signature_data)); -} - -TEST_CASE("Digital Signature Blocking Invalid signature ptr", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_4096; - const char *message = "test"; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, NULL)); -} - -TEST_CASE("Digital Signature Blocking RSA length 0", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = 0; - const char *message = "test"; - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, signature_data)); -} - -TEST_CASE("Digital Signature Blocking RSA length too long", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = 128; - const char *message = "test"; - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, signature_data)); -} - -TEST_CASE("Digital Signature Blocking HMAC key out of range", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = 127; - const char *message = "test"; - uint8_t signature_data [128 * 4]; - - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY5 + 1, signature_data)); - TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY0 - 1, signature_data)); -} - -#if CONFIG_IDF_ENV_FPGA - -static void burn_hmac_keys(void) -{ - printf("Burning %d HMAC keys to efuse...\n", NUM_HMAC_KEYS); - for (int i = 0; i < NUM_HMAC_KEYS; i++) { - // TODO: vary the purpose across the keys - ets_efuse_purpose_t purpose = ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE; - - // starting from block 1, block 0 occupied with HMAC upstream test key - int ets_status = ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i, - purpose, - test_hmac_keys[i], 32); - - if (ets_status == ESP_OK) { - printf("written DS test key to block [%d]!\n", ETS_EFUSE_BLOCK_KEY1 + i); - } else { - printf("writing DS test key to block [%d] failed, maybe written already\n", ETS_EFUSE_BLOCK_KEY1 + i); - } - } -} - -TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_4096; - esp_ds_context_t *ctx; - const char *message = "test"; - - // HMAC fails in that case because it checks for the correct purpose - TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx)); -} - -TEST_CASE("Digital Signature Blocking wrong HMAC key purpose (FPGA only)", "[hw_crypto]") -{ - esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_4096; - const char *message = "test"; - uint8_t signature_data [128 * 4]; - - // HMAC fails in that case because it checks for the correct purpose - TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data)); -} - -TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto]") -{ - burn_hmac_keys(); - - for (int i = 0; i < NUM_CASES; i++) { - printf("Running test case %d...\n", i); - const encrypt_testcase_t *t = &test_cases[i]; - - // copy encrypt parameter test case into ds_data structure - esp_ds_data_t ds_data = { }; - memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN); - memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN); - ds_data.rsa_length = t->p_data.length; - - for (int j = 0; j < NUM_MESSAGES; j++) { - uint8_t signature[4096/8] = { 0 }; - printf(" ... message %d\n", j); - esp_ds_context_t *esp_ds_ctx; - - esp_err_t ds_r = esp_ds_start_sign(test_messages[j], - &ds_data, - t->hmac_key_idx + 1, - &esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - - ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - - TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[j], signature, sizeof(signature)); - } - } -} - -TEST_CASE("Digital Signature Blocking Operation (FPGA only)", "[hw_crypto]") -{ - burn_hmac_keys(); - - for (int i = 0; i < NUM_CASES; i++) { - printf("Running test case %d...\n", i); - const encrypt_testcase_t *t = &test_cases[i]; - - // copy encrypt parameter test case into ds_data structure - esp_ds_data_t ds_data = { }; - memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN); - memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN); - ds_data.rsa_length = t->p_data.length; - - uint8_t signature[4096/8] = { 0 }; - esp_ds_context_t *esp_ds_ctx; - - esp_err_t ds_r = esp_ds_start_sign(test_messages[0], - &ds_data, - t->hmac_key_idx + 1, - &esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - - ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - - TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[0], signature, sizeof(signature)); - } -} -TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto]") -{ - burn_hmac_keys(); - - // Set up a valid test case - const encrypt_testcase_t *t = &test_cases[0]; - esp_ds_data_t ds_data = { }; - memcpy(ds_data.iv, t->iv, ETS_DS_IV_LEN); - memcpy(ds_data.c, t->expected_c, ETS_DS_C_LEN); - ds_data.rsa_length = t->p_data.length; - - uint8_t signature[4096/8] = { 0 }; - const uint8_t zero[4096/8] = { 0 }; - - // Corrupt the IV one bit at a time, rerun and expect failure - for (int bit = 0; bit < 128; bit++) { - printf("Corrupting IV bit %d...\n", bit); - ds_data.iv[bit / 8] ^= 1 << (bit % 8); - esp_ds_context_t *esp_ds_ctx; - - esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); - TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, 4096/8); - - ds_data.iv[bit / 8] ^= 1 << (bit % 8); - } - - // Corrupt encrypted key data one bit at a time, rerun and expect failure - printf("Corrupting C...\n"); - for (int bit = 0; bit < ETS_DS_C_LEN * 8; bit++) { - printf("Corrupting C bit %d...\n", bit); - ds_data.c[bit / 8] ^= 1 << (bit % 8); - esp_ds_context_t *esp_ds_ctx; - - esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_OK, ds_r); - ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); - TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); - TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, 4096/8); - - ds_data.c[bit / 8] ^= 1 << (bit % 8); - } -} - -#endif // CONFIG_IDF_ENV_FPGA diff --git a/components/esp32s2/test/test_sha.c b/components/esp32s2/test/test_sha.c deleted file mode 100644 index 6a57faf08b..0000000000 --- a/components/esp32s2/test/test_sha.c +++ /dev/null @@ -1,103 +0,0 @@ -#include -#include -#include -#include "esp_types.h" -#include "esp32s2/clk.h" -#include "esp_log.h" -#include "ccomp_timer.h" -#include "esp_heap_caps.h" -#include "idf_performance.h" - -#include "unity.h" -#include "test_utils.h" -#include "mbedtls/sha1.h" -#include "mbedtls/sha256.h" -#include "mbedtls/sha512.h" -#include "sha/sha_dma.h" - -/* Note: Most of the SHA functions are called as part of mbedTLS, so -are tested as part of mbedTLS tests. Only esp_sha() is different. -*/ - -#define TAG "sha_test" - -TEST_CASE("Test esp_sha()", "[hw_crypto]") -{ - const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size - - uint32_t us_sha1, us_sha512; - uint8_t sha1_result[20] = { 0 }; - uint8_t sha512_result[64] = { 0 }; - void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL); - TEST_ASSERT_NOT_NULL(buffer); - memset(buffer, 0xEE, BUFFER_SZ); - - const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86, - 0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc, - 0x7a, 0xb7, 0xa5, 0x4a }; - const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a, - 0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0, - 0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80, - 0x20, 0x9c, 0x04, 0x27, 0x7d, 0x3b, 0xf9, 0x1f, - 0xb2, 0xa3, 0x45, 0x3c, 0xa1, 0x6a, 0x8d, 0xdd, - 0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8, - 0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75, - 0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 }; - - ccomp_timer_start();; - esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result); - us_sha1 = ccomp_timer_stop(); - TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected)); - ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1); - - ccomp_timer_start();; - esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result); - us_sha512 = ccomp_timer_stop(); - TEST_ASSERT_EQUAL_HEX8_ARRAY(sha512_expected, sha512_result, sizeof(sha512_expected)); - ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %u us", us_sha512); - - free(buffer); - - TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1); - TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%dus", us_sha512); -} - -TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]") -{ - const void* ptr; - spi_flash_mmap_handle_t handle; - uint8_t sha1_espsha[20] = { 0 }; - uint8_t sha1_mbedtls[20] = { 0 }; - uint8_t sha256_espsha[32] = { 0 }; - uint8_t sha256_mbedtls[32] = { 0 }; - uint8_t sha512_espsha[64] = { 0 }; - uint8_t sha512_mbedtls[64] = { 0 }; - - const size_t LEN = 1024 * 1024; - - /* mmap() 1MB of flash, we don't care what it is really */ - esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle); - - TEST_ASSERT_EQUAL_HEX32(ESP_OK, err); - TEST_ASSERT_NOT_NULL(ptr); - - /* Compare esp_sha() result to the mbedTLS result, should always be the same */ - - esp_sha(SHA1, ptr, LEN, sha1_espsha); - int r = mbedtls_sha1_ret(ptr, LEN, sha1_mbedtls); - TEST_ASSERT_EQUAL(0, r); - - esp_sha(SHA2_256, ptr, LEN, sha256_espsha); - r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0); - TEST_ASSERT_EQUAL(0, r); - - esp_sha(SHA2_512, ptr, LEN, sha512_espsha); - r = mbedtls_sha512_ret(ptr, LEN, sha512_mbedtls, 0); - TEST_ASSERT_EQUAL(0, r); - - TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match"); - - TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match"); - - TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match"); -} diff --git a/components/esp32s3/CMakeLists.txt b/components/esp32s3/CMakeLists.txt index f4a19a15da..d07f001ae7 100644 --- a/components/esp32s3/CMakeLists.txt +++ b/components/esp32s3/CMakeLists.txt @@ -13,7 +13,6 @@ else() # Regular app build set(srcs "dport_access.c" - "esp_crypto_lock.c" "spiram.c" "spi_timing_config.c") set(include_dirs "include") diff --git a/components/esp_common/src/esp_err_to_name.c b/components/esp_common/src/esp_err_to_name.c index e7b429f72e..460eafcf00 100644 --- a/components/esp_common/src/esp_err_to_name.c +++ b/components/esp_common/src/esp_err_to_name.c @@ -5,9 +5,6 @@ #if __has_include("soc/soc.h") #include "soc/soc.h" #endif -#if __has_include("esp_ds.h") -#include "esp_ds.h" -#endif #if __has_include("esp_efuse.h") #include "esp_efuse.h" #endif @@ -59,6 +56,9 @@ #if __has_include("nvs.h") #include "nvs.h" #endif +#if __has_include("soc/esp32s2/esp_ds.h") +#include "soc/esp32s2/esp_ds.h" +#endif #if __has_include("ulp_common.h") #include "ulp_common.h" #endif @@ -740,7 +740,7 @@ static const esp_err_msg_t esp_err_msg_table[] = { ERR_TBL_IT(ESP_ERR_HW_CRYPTO_BASE), /* 49152 0xc000 Starting number of HW cryptography module error codes */ # endif - // components/esp32s2/include/esp_ds.h + // components/esp_hw_support/include/soc/esp32s2/esp_ds.h # ifdef ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL ERR_TBL_IT(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL), /* 49153 0xc001 HMAC peripheral problem */ # endif diff --git a/components/esp_hw_support/CMakeLists.txt b/components/esp_hw_support/CMakeLists.txt index b2906aa75d..7be6d6e18d 100644 --- a/components/esp_hw_support/CMakeLists.txt +++ b/components/esp_hw_support/CMakeLists.txt @@ -25,7 +25,7 @@ else() endif() idf_component_register(SRCS ${srcs} - INCLUDE_DIRS include include/soc + INCLUDE_DIRS include include/soc include/soc/${target} PRIV_INCLUDE_DIRS port/include REQUIRES ${requires} PRIV_REQUIRES ${priv_requires} diff --git a/components/esp32c3/include/esp_crypto_lock.h b/components/esp_hw_support/include/soc/esp32c3/esp_crypto_lock.h similarity index 100% rename from components/esp32c3/include/esp_crypto_lock.h rename to components/esp_hw_support/include/soc/esp32c3/esp_crypto_lock.h diff --git a/components/esp32c3/include/esp_ds.h b/components/esp_hw_support/include/soc/esp32c3/esp_ds.h similarity index 100% rename from components/esp32c3/include/esp_ds.h rename to components/esp_hw_support/include/soc/esp32c3/esp_ds.h diff --git a/components/esp32c3/include/esp_hmac.h b/components/esp_hw_support/include/soc/esp32c3/esp_hmac.h similarity index 100% rename from components/esp32c3/include/esp_hmac.h rename to components/esp_hw_support/include/soc/esp32c3/esp_hmac.h diff --git a/components/esp32s2/include/esp_crypto_lock.h b/components/esp_hw_support/include/soc/esp32s2/esp_crypto_lock.h similarity index 100% rename from components/esp32s2/include/esp_crypto_lock.h rename to components/esp_hw_support/include/soc/esp32s2/esp_crypto_lock.h diff --git a/components/esp32s2/include/esp_ds.h b/components/esp_hw_support/include/soc/esp32s2/esp_ds.h similarity index 100% rename from components/esp32s2/include/esp_ds.h rename to components/esp_hw_support/include/soc/esp32s2/esp_ds.h diff --git a/components/esp32s2/include/esp_hmac.h b/components/esp_hw_support/include/soc/esp32s2/esp_hmac.h similarity index 100% rename from components/esp32s2/include/esp_hmac.h rename to components/esp_hw_support/include/soc/esp32s2/esp_hmac.h diff --git a/components/esp32s3/include/esp_crypto_lock.h b/components/esp_hw_support/include/soc/esp32s3/esp_crypto_lock.h similarity index 100% rename from components/esp32s3/include/esp_crypto_lock.h rename to components/esp_hw_support/include/soc/esp32s3/esp_crypto_lock.h diff --git a/components/esp_hw_support/port/esp32c3/CMakeLists.txt b/components/esp_hw_support/port/esp32c3/CMakeLists.txt index 0bde69c4b8..5b93a6e004 100644 --- a/components/esp_hw_support/port/esp32c3/CMakeLists.txt +++ b/components/esp_hw_support/port/esp32c3/CMakeLists.txt @@ -9,7 +9,11 @@ set(srcs "cpu_util_esp32c3.c" ) if(NOT BOOTLOADER_BUILD) - list(APPEND srcs "../async_memcpy_impl_gdma.c" "memprot.c") + list(APPEND srcs "../async_memcpy_impl_gdma.c" + "memprot.c" + "esp_hmac.c" + "esp_crypto_lock.c" + "esp_ds.c") endif() add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}") diff --git a/components/esp32c3/esp_crypto_lock.c b/components/esp_hw_support/port/esp32c3/esp_crypto_lock.c similarity index 100% rename from components/esp32c3/esp_crypto_lock.c rename to components/esp_hw_support/port/esp32c3/esp_crypto_lock.c diff --git a/components/esp32c3/esp_ds.c b/components/esp_hw_support/port/esp32c3/esp_ds.c similarity index 100% rename from components/esp32c3/esp_ds.c rename to components/esp_hw_support/port/esp32c3/esp_ds.c diff --git a/components/esp32c3/esp_hmac.c b/components/esp_hw_support/port/esp32c3/esp_hmac.c similarity index 100% rename from components/esp32c3/esp_hmac.c rename to components/esp_hw_support/port/esp32c3/esp_hmac.c diff --git a/components/esp_hw_support/port/esp32s2/CMakeLists.txt b/components/esp_hw_support/port/esp32s2/CMakeLists.txt index 2f46610a4b..e379a61cb2 100644 --- a/components/esp_hw_support/port/esp32s2/CMakeLists.txt +++ b/components/esp_hw_support/port/esp32s2/CMakeLists.txt @@ -14,7 +14,11 @@ set(srcs ) if(NOT BOOTLOADER_BUILD) - list(APPEND srcs "async_memcpy_impl_cp_dma.c" "memprot.c") + list(APPEND srcs "async_memcpy_impl_cp_dma.c" + "memprot.c" + "esp_hmac.c" + "esp_crypto_lock.c" + "esp_ds.c") endif() add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}") diff --git a/components/esp32s2/esp_crypto_lock.c b/components/esp_hw_support/port/esp32s2/esp_crypto_lock.c similarity index 100% rename from components/esp32s2/esp_crypto_lock.c rename to components/esp_hw_support/port/esp32s2/esp_crypto_lock.c diff --git a/components/esp32s2/esp_ds.c b/components/esp_hw_support/port/esp32s2/esp_ds.c similarity index 100% rename from components/esp32s2/esp_ds.c rename to components/esp_hw_support/port/esp32s2/esp_ds.c diff --git a/components/esp32s2/esp_hmac.c b/components/esp_hw_support/port/esp32s2/esp_hmac.c similarity index 100% rename from components/esp32s2/esp_hmac.c rename to components/esp_hw_support/port/esp32s2/esp_hmac.c diff --git a/components/esp_hw_support/port/esp32s3/CMakeLists.txt b/components/esp_hw_support/port/esp32s3/CMakeLists.txt index b698f0b02e..6f12e969ea 100644 --- a/components/esp_hw_support/port/esp32s3/CMakeLists.txt +++ b/components/esp_hw_support/port/esp32s3/CMakeLists.txt @@ -13,7 +13,9 @@ set(srcs ) if(NOT BOOTLOADER_BUILD) - list(APPEND srcs "../async_memcpy_impl_gdma.c" "memprot.c") + list(APPEND srcs "../async_memcpy_impl_gdma.c" + "esp_crypto_lock.c" + "memprot.c") endif() add_prefix(srcs "${CMAKE_CURRENT_LIST_DIR}/" "${srcs}") diff --git a/components/esp32s3/esp_crypto_lock.c b/components/esp_hw_support/port/esp32s3/esp_crypto_lock.c similarity index 100% rename from components/esp32s3/esp_crypto_lock.c rename to components/esp_hw_support/port/esp32s3/esp_crypto_lock.c diff --git a/components/esp32c3/test/digital_signature_test_cases.h b/components/esp_hw_support/test/digital_signature_test_cases_3072.h similarity index 100% rename from components/esp32c3/test/digital_signature_test_cases.h rename to components/esp_hw_support/test/digital_signature_test_cases_3072.h diff --git a/components/esp32s2/test/digital_signature_test_cases.h b/components/esp_hw_support/test/digital_signature_test_cases_4096.h similarity index 100% rename from components/esp32s2/test/digital_signature_test_cases.h rename to components/esp_hw_support/test/digital_signature_test_cases_4096.h diff --git a/components/esp32s2/test/gen_digital_signature_tests.py b/components/esp_hw_support/test/gen_digital_signature_tests.py similarity index 100% rename from components/esp32s2/test/gen_digital_signature_tests.py rename to components/esp_hw_support/test/gen_digital_signature_tests.py diff --git a/components/esp32c3/test/test_ds.c b/components/esp_hw_support/test/test_ds.c similarity index 81% rename from components/esp32c3/test/test_ds.c rename to components/esp_hw_support/test/test_ds.c index aaffce8439..5e43bc7e55 100644 --- a/components/esp32c3/test/test_ds.c +++ b/components/esp_hw_support/test/test_ds.c @@ -12,16 +12,32 @@ // See the License for the specific language governing permissions and // limitations under the License. +#include #include "unity.h" + +#include "soc/soc_caps.h" + +#if SOC_DIG_SIGN_SUPPORTED +#if CONFIG_IDF_TARGET_ESP32S2 +#include "esp32s2/rom/efuse.h" +#include "esp32s2/rom/digital_signature.h" +#include "esp32s2/rom/aes.h" +#include "esp32s2/rom/sha.h" +#elif CONFIG_IDF_TARGET_ESP32C3 #include "esp32c3/rom/efuse.h" #include "esp32c3/rom/digital_signature.h" #include "esp32c3/rom/hmac.h" -#include +#endif #include "esp_ds.h" #define NUM_RESULTS 10 + +#if CONFIG_IDF_TARGET_ESP32S2 +#define DS_MAX_BITS (4096) +#elif CONFIG_IDF_TARGET_ESP32C3 #define DS_MAX_BITS (ETS_DS_MAX_BITS) +#endif typedef struct { uint8_t iv[ETS_DS_IV_LEN]; @@ -31,9 +47,16 @@ typedef struct { uint32_t expected_results[NUM_RESULTS][DS_MAX_BITS/32]; } encrypt_testcase_t; -// Generated header (components/esp32s2/test/gen_digital_signature_tests.py) defines +// Generated header digital_signature_test_cases_.h (by gen_digital_signature_tests.py) defines // NUM_HMAC_KEYS, test_hmac_keys, NUM_MESSAGES, NUM_CASES, test_messages[], test_cases[] -#include "digital_signature_test_cases.h" +// Some adaptations were made: removed the 512 bit case and changed RSA lengths to the enums from esp_ds.h +#if DS_MAX_BITS == 4096 +#define RSA_LEN (ESP_DS_RSA_4096) +#include "digital_signature_test_cases_4096.h" +#elif DS_MAX_BITS == 3072 +#define RSA_LEN (ESP_DS_RSA_3072) +#include "digital_signature_test_cases_3072.h" +#endif _Static_assert(NUM_RESULTS == NUM_MESSAGES, "expected_results size should be the same as NUM_MESSAGES in generated header"); @@ -81,16 +104,15 @@ TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto] [ds]") esp_ds_data_t result = { }; esp_ds_p_data_t p_data; - memcpy(p_data.Y, t->p_data.Y, ESP_DS_SIGNATURE_MAX_BIT_LEN/8); - memcpy(p_data.M, t->p_data.M, ESP_DS_SIGNATURE_MAX_BIT_LEN/8); - memcpy(p_data.Rb, t->p_data.Rb, ESP_DS_SIGNATURE_MAX_BIT_LEN/8); + memcpy(p_data.Y, t->p_data.Y, DS_MAX_BITS/8); + memcpy(p_data.M, t->p_data.M, DS_MAX_BITS/8); + memcpy(p_data.Rb, t->p_data.Rb, DS_MAX_BITS/8); p_data.M_prime = t->p_data.M_prime; p_data.length = t->p_data.length; esp_err_t r = esp_ds_encrypt_params(&result, t->iv, &p_data, test_hmac_keys[t->hmac_key_idx]); printf("Encrypting test case %d done\n", i); - TEST_ASSERT_EQUAL(ESP_OK, r); TEST_ASSERT_EQUAL(t->p_data.length, result.rsa_length); TEST_ASSERT_EQUAL_HEX8_ARRAY(t->iv, result.iv, ETS_DS_IV_LEN); @@ -101,7 +123,7 @@ TEST_CASE("Digital Signature Parameter Encryption", "[hw_crypto] [ds]") TEST_CASE("Digital Signature start Invalid message", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = { }; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; esp_ds_context_t *ctx; TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(NULL, &ds_data, HMAC_KEY1, &ctx)); @@ -118,7 +140,7 @@ TEST_CASE("Digital Signature start Invalid data", "[hw_crypto] [ds]") TEST_CASE("Digital Signature start Invalid context", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; const char *message = "test"; TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_start_sign(message, &ds_data, HMAC_KEY1, NULL)); @@ -145,7 +167,7 @@ TEST_CASE("Digital Signature RSA length too long", "[hw_crypto] [ds]") TEST_CASE("Digital Signature start HMAC key out of range", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; esp_ds_context_t *ctx; const char *message = "test"; @@ -170,7 +192,7 @@ TEST_CASE("Digital Signature finish Invalid context", "[hw_crypto] [ds]") TEST_CASE("Digital Signature Blocking Invalid message", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = { }; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; uint8_t signature_data [128 * 4]; TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(NULL, &ds_data, HMAC_KEY1, signature_data)); @@ -187,7 +209,7 @@ TEST_CASE("Digital Signature Blocking Invalid data", "[hw_crypto] [ds]") TEST_CASE("Digital Signature Blocking Invalid signature ptr", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; const char *message = "test"; TEST_ASSERT_EQUAL(ESP_ERR_INVALID_ARG, esp_ds_sign(message, &ds_data, HMAC_KEY1, NULL)); @@ -226,17 +248,26 @@ TEST_CASE("Digital Signature Blocking HMAC key out of range", "[hw_crypto] [ds]" #if CONFIG_IDF_ENV_FPGA -// Burn eFuse blocks 1, 2 and 3. Block 0 is used for HMAC tests already. static void burn_hmac_keys(void) { printf("Burning %d HMAC keys to efuse...\n", NUM_HMAC_KEYS); for (int i = 0; i < NUM_HMAC_KEYS; i++) { // TODO: vary the purpose across the keys ets_efuse_purpose_t purpose = ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE; - ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i, - purpose, - test_hmac_keys[i], 32); + + // starting from block 1, block 0 occupied with HMAC upstream test key + int __attribute__((unused)) ets_status = ets_efuse_write_key(ETS_EFUSE_BLOCK_KEY1 + i, + purpose, + test_hmac_keys[i], 32); +#if CONFIG_IDF_TARGET_ESP32S2 + if (ets_status == ESP_OK) { + printf("written DS test key to block [%d]!\n", ETS_EFUSE_BLOCK_KEY1 + i); + } else { + printf("writing DS test key to block [%d] failed, maybe written already\n", ETS_EFUSE_BLOCK_KEY1 + i); + } +#endif } +#if CONFIG_IDF_TARGET_ESP32C3 /* verify the keys are what we expect (possibly they're already burned, doesn't matter but they have to match) */ uint8_t block_compare[32]; for (int i = 0; i < NUM_HMAC_KEYS; i++) { @@ -244,6 +275,7 @@ static void burn_hmac_keys(void) memcpy(block_compare, (void *)ets_efuse_get_read_register_address(ETS_EFUSE_BLOCK_KEY1 + i), 32); TEST_ASSERT_EQUAL_HEX8_ARRAY(test_hmac_keys[i], block_compare, 32); } +#endif } // This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys(). @@ -251,12 +283,16 @@ static void burn_hmac_keys(void) TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; esp_ds_context_t *ctx; const char *message = "test"; // HMAC fails in that case because it checks for the correct purpose +#if CONFIG_IDF_TARGET_ESP32S2 + TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx)); +#elif CONFIG_IDF_TARGET_ESP32C3 TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_start_sign(message, &ds_data, HMAC_KEY0, &ctx)); +#endif } // This test uses the HMAC_KEY0 eFuse key which hasn't been burned by burn_hmac_keys(). @@ -264,12 +300,16 @@ TEST_CASE("Digital Signature wrong HMAC key purpose (FPGA only)", "[hw_crypto] [ TEST_CASE("Digital Signature Blocking wrong HMAC key purpose (FPGA only)", "[hw_crypto] [ds]") { esp_ds_data_t ds_data = {}; - ds_data.rsa_length = ESP_DS_RSA_3072; + ds_data.rsa_length = RSA_LEN; const char *message = "test"; uint8_t signature_data [128 * 4]; // HMAC fails in that case because it checks for the correct purpose +#if CONFIG_IDF_TARGET_ESP32S2 + TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data)); +#elif CONFIG_IDF_TARGET_ESP32C3 TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_HMAC_FAIL, esp_ds_sign(message, &ds_data, HMAC_KEY0, signature_data)); +#endif } TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]") @@ -291,6 +331,7 @@ TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]") printf(" ... message %d\n", j); esp_ds_context_t *esp_ds_ctx; + esp_err_t ds_r = esp_ds_start_sign(test_messages[j], &ds_data, t->hmac_key_idx + 1, @@ -302,8 +343,9 @@ TEST_CASE("Digital Signature Operation (FPGA only)", "[hw_crypto] [ds]") TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[j], signature, sizeof(signature)); } - +#if CONFIG_IDF_TARGET_ESP32C3 ets_hmac_invalidate_downstream(ETS_EFUSE_KEY_PURPOSE_HMAC_DOWN_DIGITAL_SIGNATURE); +#endif } } @@ -322,12 +364,24 @@ TEST_CASE("Digital Signature Blocking Operation (FPGA only)", "[hw_crypto] [ds]" ds_data.rsa_length = t->p_data.length; uint8_t signature[DS_MAX_BITS/8] = { 0 }; +#if CONFIG_IDF_TARGET_ESP32S2 + esp_ds_context_t *esp_ds_ctx; + esp_err_t ds_r = esp_ds_start_sign(test_messages[0], + &ds_data, + t->hmac_key_idx + 1, + &esp_ds_ctx); + TEST_ASSERT_EQUAL(ESP_OK, ds_r); + + ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); + TEST_ASSERT_EQUAL(ESP_OK, ds_r); +#elif CONFIG_IDF_TARGET_ESP32C3 esp_err_t ds_r = esp_ds_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, signature); TEST_ASSERT_EQUAL(ESP_OK, ds_r); +#endif TEST_ASSERT_EQUAL_HEX8_ARRAY(t->expected_results[0], signature, sizeof(signature)); } @@ -356,7 +410,11 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]") esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx); TEST_ASSERT_EQUAL(ESP_OK, ds_r); ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); +#if CONFIG_IDF_TARGET_ESP32S2 + TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); +#elif CONFIG_IDF_TARGET_ESP32C3 TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); +#endif TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, DS_MAX_BITS/8); ds_data.iv[bit / 8] ^= 1 << (bit % 8); @@ -372,7 +430,11 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]") esp_err_t ds_r = esp_ds_start_sign(test_messages[0], &ds_data, t->hmac_key_idx + 1, &esp_ds_ctx); TEST_ASSERT_EQUAL(ESP_OK, ds_r); ds_r = esp_ds_finish_sign(signature, esp_ds_ctx); +#if CONFIG_IDF_TARGET_ESP32S2 + TEST_ASSERT_EQUAL(ESP_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); +#elif CONFIG_IDF_TARGET_ESP32C3 TEST_ASSERT_EQUAL(ESP32C3_ERR_HW_CRYPTO_DS_INVALID_DIGEST, ds_r); +#endif TEST_ASSERT_EQUAL_HEX8_ARRAY(zero, signature, DS_MAX_BITS/8); ds_data.c[bit / 8] ^= 1 << (bit % 8); @@ -380,3 +442,4 @@ TEST_CASE("Digital Signature Invalid Data (FPGA only)", "[hw_crypto] [ds]") } #endif // CONFIG_IDF_ENV_FPGA +#endif // SOC_DIG_SIGN_SUPPORTED diff --git a/components/esp32s2/test/test_hmac.c b/components/esp_hw_support/test/test_hmac.c similarity index 99% rename from components/esp32s2/test/test_hmac.c rename to components/esp_hw_support/test/test_hmac.c index 6a4c2c75e8..85ce63c54e 100644 --- a/components/esp32s2/test/test_hmac.c +++ b/components/esp_hw_support/test/test_hmac.c @@ -12,12 +12,14 @@ // See the License for the specific language governing permissions and // limitations under the License. -#include "esp_hmac.h" #include "unity.h" #include "esp_efuse.h" #include "esp_efuse_table.h" #include "esp_log.h" +#if SOC_HMAC_SUPPORTED +#include "esp_hmac.h" + #if CONFIG_IDF_ENV_FPGA #include "esp32s2/rom/efuse.h" @@ -1033,3 +1035,5 @@ TEST_CASE("HMAC key out of range", "[hw_crypto]") } #endif // CONFIG_IDF_ENV_FPGA + +#endif // SOC_HMAC_SUPPORTED diff --git a/components/hal/include/hal/sha_types.h b/components/hal/include/hal/sha_types.h index 275ca60c63..547124b5ce 100644 --- a/components/hal/include/hal/sha_types.h +++ b/components/hal/include/hal/sha_types.h @@ -19,25 +19,26 @@ /* Use enum from rom for backwards compatibility */ #if CONFIG_IDF_TARGET_ESP32 #include "esp32/rom/sha.h" -typedef enum SHA_TYPE esp_sha_type; #elif CONFIG_IDF_TARGET_ESP32S2 #include "esp32s2/rom/sha.h" -typedef SHA_TYPE esp_sha_type; #elif CONFIG_IDF_TARGET_ESP32S3 #include "esp32s3/rom/sha.h" -typedef SHA_TYPE esp_sha_type; #elif CONFIG_IDF_TARGET_ESP32C3 #include "esp32c3/rom/sha.h" -typedef SHA_TYPE esp_sha_type; #elif CONFIG_IDF_TARGET_ESP32H2 #include "esp32h2/rom/sha.h" -typedef SHA_TYPE esp_sha_type; #endif #ifdef __cplusplus extern "C" { #endif +/* Use enum from rom for backwards compatibility */ +#if CONFIG_IDF_TARGET_ESP32 +typedef enum SHA_TYPE esp_sha_type; +#else +typedef SHA_TYPE esp_sha_type; +#endif #ifdef __cplusplus } diff --git a/components/esp32/test/test_aes_sha_rsa.c b/components/mbedtls/test/test_aes_sha_rsa.c.bak similarity index 100% rename from components/esp32/test/test_aes_sha_rsa.c rename to components/mbedtls/test/test_aes_sha_rsa.c.bak diff --git a/components/esp32/test/test_sha.c b/components/mbedtls/test/test_sha.c similarity index 89% rename from components/esp32/test/test_sha.c rename to components/mbedtls/test/test_sha.c index 627ee1a085..063cdcf0a6 100644 --- a/components/esp32/test/test_sha.c +++ b/components/mbedtls/test/test_sha.c @@ -7,19 +7,31 @@ #include #include #include "esp_types.h" -#include "esp32/clk.h" #include "esp_log.h" -#include "esp_timer.h" +#include "ccomp_timer.h" #include "esp_heap_caps.h" #include "idf_performance.h" +#if CONFIG_IDF_TARGET_ESP32 +#include "esp32/clk.h" +#elif CONFIG_IDF_TARGET_ESP32S2 +#include "esp32s2/clk.h" +#elif CONFIG_IDF_TARGET_ESP32C3 +#include "esp32c3/clk.h" +#endif + +#include "soc/soc_caps.h" + #include "unity.h" #include "test_utils.h" #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" + +#if SOC_SHA_SUPPORT_SHA512 #include "mbedtls/sha512.h" +#endif + #include "sha/sha_parallel_engine.h" -#include "ccomp_timer.h" /* Note: Most of the SHA functions are called as part of mbedTLS, so are tested as part of mbedTLS tests. Only esp_sha() is different. @@ -32,9 +44,14 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]") const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size int64_t elapsed; - uint32_t us_sha1, us_sha512; + uint32_t us_sha1; uint8_t sha1_result[20] = { 0 }; + +#if SOC_SHA_SUPPORT_SHA512 + uint32_t us_sha512; uint8_t sha512_result[64] = { 0 }; +#endif + void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL); TEST_ASSERT_NOT_NULL(buffer); memset(buffer, 0xEE, BUFFER_SZ); @@ -42,6 +59,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]") const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86, 0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc, 0x7a, 0xb7, 0xa5, 0x4a }; +#if SOC_SHA_SUPPORT_SHA512 const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a, 0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0, 0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80, @@ -50,6 +68,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]") 0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8, 0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75, 0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 }; +#endif ccomp_timer_start(); esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result); @@ -58,6 +77,7 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]") us_sha1 = elapsed; ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %u us", us_sha1); +#if SOC_SHA_SUPPORT_SHA512 ccomp_timer_start(); esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result); elapsed = ccomp_timer_stop(); @@ -65,11 +85,15 @@ TEST_CASE("Test esp_sha()", "[hw_crypto]") us_sha512 = elapsed; ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %u us", us_sha512); +#endif free(buffer); TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%dus", us_sha1); + +#if SOC_SHA_SUPPORT_SHA512 TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%dus", us_sha512); +#endif } TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]") @@ -80,8 +104,11 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]") uint8_t sha1_mbedtls[20] = { 0 }; uint8_t sha256_espsha[32] = { 0 }; uint8_t sha256_mbedtls[32] = { 0 }; + +#if SOC_SHA_SUPPORT_SHA512 uint8_t sha512_espsha[64] = { 0 }; uint8_t sha512_mbedtls[64] = { 0 }; +#endif const size_t LEN = 1024 * 1024; @@ -101,13 +128,17 @@ TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]") r = mbedtls_sha256_ret(ptr, LEN, sha256_mbedtls, 0); TEST_ASSERT_EQUAL(0, r); +#if SOC_SHA_SUPPORT_SHA512 esp_sha(SHA2_512, ptr, LEN, sha512_espsha); r = mbedtls_sha512_ret(ptr, LEN, sha512_mbedtls, 0); TEST_ASSERT_EQUAL(0, r); +#endif TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match"); TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match"); +#if SOC_SHA_SUPPORT_SHA512 TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match"); +#endif } diff --git a/docs/doxygen/Doxyfile_esp32c3 b/docs/doxygen/Doxyfile_esp32c3 index 17262969ea..df3e780e9e 100644 --- a/docs/doxygen/Doxyfile_esp32c3 +++ b/docs/doxygen/Doxyfile_esp32c3 @@ -1,4 +1,4 @@ INPUT += \ $(IDF_PATH)/components/driver/esp32c3/include/driver/temp_sensor.h \ - $(IDF_PATH)/components/esp32s2/include/esp_ds.h \ - $(IDF_PATH)/components/esp32c3/include/esp_hmac.h + $(IDF_PATH)/components/esp_hw_support/include/soc/esp32c3/esp_ds.h \ + $(IDF_PATH)/components/esp_hw_support/include/soc/esp32c3/esp_hmac.h diff --git a/docs/doxygen/Doxyfile_esp32s2 b/docs/doxygen/Doxyfile_esp32s2 index afdeb2d6fc..f71db98952 100644 --- a/docs/doxygen/Doxyfile_esp32s2 +++ b/docs/doxygen/Doxyfile_esp32s2 @@ -7,8 +7,8 @@ INPUT += \ $(IDF_PATH)/components/driver/esp32s2/include/driver/temp_sensor.h \ $(IDF_PATH)/components/soc/$(IDF_TARGET)/include/soc/touch_sensor_channel.h \ $(IDF_PATH)/components/driver/$(IDF_TARGET)/include/driver/touch_sensor.h \ - $(IDF_PATH)/components/esp32s2/include/esp_hmac.h \ - $(IDF_PATH)/components/esp32s2/include/esp_ds.h \ + $(IDF_PATH)/components/esp_hw_support/include/soc/esp32s2/esp_ds.h \ + $(IDF_PATH)/components/esp_hw_support/include/soc/esp32s2/esp_hmac.h \ $(IDF_PATH)/components/ulp/include/esp32s2/ulp_riscv.h \ $(IDF_PATH)/components/ulp/include/$(IDF_TARGET)/ulp.h \ $(IDF_PATH)/components/touch_element/include/touch_element/touch_element.h \ diff --git a/tools/ci/mypy_ignore_list.txt b/tools/ci/mypy_ignore_list.txt index 0d575c3477..65bce5e72d 100644 --- a/tools/ci/mypy_ignore_list.txt +++ b/tools/ci/mypy_ignore_list.txt @@ -1,9 +1,10 @@ components/app_update/otatool.py components/efuse/efuse_table_gen.py components/efuse/test_efuse_host/efuse_tests.py -components/esp32s2/test/gen_digital_signature_tests.py components/esp_local_ctrl/python/esp_local_ctrl_pb2.py components/esp_netif/test_apps/component_ut_test.py +components/esp_hw_support/test/gen_digital_signature_tests.py +components/espcoredump/corefile/elf.py components/espcoredump/corefile/gdb.py components/espcoredump/test/test_espcoredump.py components/lwip/weekend_test/net_suite_test.py