Merge branch 'feature/enable_sha_support_for_esp32c61' into 'master'

feat: enable support for sha peripheral in esp32c61

Closes IDF-9234

See merge request espressif/esp-idf!32830
This commit is contained in:
Mahavir Jain 2024-09-20 13:22:14 +08:00
commit a71e0fc028
9 changed files with 253 additions and 25 deletions

View File

@ -13,8 +13,6 @@
static SHA_CTX ctx; static SHA_CTX ctx;
//TODO: [ESP32C61] IDF-9234
bootloader_sha256_handle_t bootloader_sha256_start() bootloader_sha256_handle_t bootloader_sha256_start()
{ {
// Enable SHA hardware // Enable SHA hardware

View File

@ -44,7 +44,7 @@ void esp_crypto_ds_lock_acquire(void);
void esp_crypto_ds_lock_release(void); void esp_crypto_ds_lock_release(void);
#endif /* SOC_DIG_SIGN_SUPPORTED */ #endif /* SOC_DIG_SIGN_SUPPORTED */
#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) #if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
/** /**
* @brief Acquire lock for the SHA and AES cryptography peripheral. * @brief Acquire lock for the SHA and AES cryptography peripheral.
* *
@ -56,9 +56,9 @@ void esp_crypto_sha_aes_lock_acquire(void);
* *
*/ */
void esp_crypto_sha_aes_lock_release(void); void esp_crypto_sha_aes_lock_release(void);
#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */ #endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */
#if defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) #if defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA)
/** /**
* This API should be used by all components which use the SHA, AES, HMAC and DS crypto hardware on the ESP32S2. * This API should be used by all components which use the SHA, AES, HMAC and DS crypto hardware on the ESP32S2.
* They can not be used in parallel because they use the same DMA or are calling each other. * They can not be used in parallel because they use the same DMA or are calling each other.
@ -76,7 +76,7 @@ void esp_crypto_dma_lock_acquire(void);
* Release lock for the AES and SHA cryptography peripherals, which both use the crypto DMA. * Release lock for the AES and SHA cryptography peripherals, which both use the crypto DMA.
*/ */
void esp_crypto_dma_lock_release(void); void esp_crypto_dma_lock_release(void);
#endif /* defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) */ #endif /* defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA) */
#ifdef SOC_MPI_SUPPORTED #ifdef SOC_MPI_SUPPORTED
/** /**

View File

@ -33,10 +33,10 @@ static _lock_t s_crypto_hmac_lock;
static _lock_t s_crypto_mpi_lock; static _lock_t s_crypto_mpi_lock;
#endif /* SOC_MPI_SUPPORTED */ #endif /* SOC_MPI_SUPPORTED */
#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) #if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
/* Single lock for SHA and AES, sharing a reserved GDMA channel */ /* Single lock for SHA and AES, sharing a reserved GDMA channel */
static _lock_t s_crypto_sha_aes_lock; static _lock_t s_crypto_sha_aes_lock;
#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */ #endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */
#ifdef SOC_ECC_SUPPORTED #ifdef SOC_ECC_SUPPORTED
/* Lock for ECC peripheral */ /* Lock for ECC peripheral */
@ -83,7 +83,7 @@ void esp_crypto_ds_lock_release(void)
} }
#endif /* SOC_DIG_SIGN_SUPPORTED */ #endif /* SOC_DIG_SIGN_SUPPORTED */
#if defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) #if defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED)
void esp_crypto_sha_aes_lock_acquire(void) void esp_crypto_sha_aes_lock_acquire(void)
{ {
_lock_acquire(&s_crypto_sha_aes_lock); _lock_acquire(&s_crypto_sha_aes_lock);
@ -93,9 +93,9 @@ void esp_crypto_sha_aes_lock_release(void)
{ {
_lock_release(&s_crypto_sha_aes_lock); _lock_release(&s_crypto_sha_aes_lock);
} }
#endif /* defined(SOC_SHA_SUPPORTED) && defined(SOC_AES_SUPPORTED) */ #endif /* defined(SOC_SHA_SUPPORTED) || defined(SOC_AES_SUPPORTED) */
#if defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) #if defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA)
void esp_crypto_dma_lock_acquire(void) void esp_crypto_dma_lock_acquire(void)
{ {
_lock_acquire(&s_crypto_sha_aes_lock); _lock_acquire(&s_crypto_sha_aes_lock);
@ -105,7 +105,7 @@ void esp_crypto_dma_lock_release(void)
{ {
_lock_release(&s_crypto_sha_aes_lock); _lock_release(&s_crypto_sha_aes_lock);
} }
#endif /* defined(SOC_SHA_CRYPTO_DMA) && defined(SOC_AES_CRYPTO_DMA) */ #endif /* defined(SOC_SHA_CRYPTO_DMA) || defined(SOC_AES_CRYPTO_DMA) */
#ifdef SOC_MPI_SUPPORTED #ifdef SOC_MPI_SUPPORTED
void esp_crypto_mpi_lock_acquire(void) void esp_crypto_mpi_lock_acquire(void)

View File

@ -0,0 +1,174 @@
/*
* SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include <stdbool.h>
#include "soc/hwcrypto_reg.h"
#include "soc/pcr_struct.h"
#include "hal/sha_types.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* @brief Enable the bus clock for SHA peripheral module
*
* @param enable true to enable the module, false to disable the module
*/
static inline void sha_ll_enable_bus_clock(bool enable)
{
PCR.sha_conf.sha_clk_en = enable;
}
/**
* @brief Reset the SHA peripheral module
*/
static inline void sha_ll_reset_register(void)
{
PCR.sha_conf.sha_rst_en = 1;
PCR.sha_conf.sha_rst_en = 0;
// Clear reset on digital signature, hmac and ecdsa also, otherwise SHA is held in reset
PCR.ds_conf.ds_rst_en = 0;
PCR.hmac_conf.hmac_rst_en = 0;
PCR.ecdsa_conf.ecdsa_rst_en = 0;
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_START_REG, 1);
}
/**
* @brief Continue a SHA block conversion (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}
/**
* @brief Load the current hash digest to digest register
*
* @note Happens automatically on ESP32C6
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_load(esp_sha_type sha_type)
{
}
/**
* @brief Sets the number of message blocks to be hashed
*
* @note DMA operation only
*
* @param num_blocks Number of message blocks to process
*/
static inline void sha_ll_set_block_num(size_t num_blocks)
{
REG_WRITE(SHA_DMA_BLOCK_NUM_REG, num_blocks);
}
/**
* @brief Checks if the SHA engine is currently busy hashing a block
*
* @return true SHA engine busy
* @return false SHA engine idle
*/
static inline bool sha_ll_busy(void)
{
return REG_READ(SHA_BUSY_REG);
}
/**
* @brief Write a text (message) block to the SHA engine
*
* @param input_text Input buffer to be written to the SHA engine
* @param block_word_len Number of words in block
*/
static inline void sha_ll_fill_text_block(const void *input_text, size_t block_word_len)
{
uint32_t *data_words = (uint32_t *)input_text;
uint32_t *reg_addr_buf = (uint32_t *)(SHA_M_MEM);
for (int i = 0; i < block_word_len; i++) {
REG_WRITE(&reg_addr_buf[i], data_words[i]);
}
}
/**
* @brief Read the message digest from the SHA engine
*
* @param sha_type The SHA algorithm type
* @param digest_state Buffer that message digest will be written to
* @param digest_word_len Length of the message digest
*/
static inline void sha_ll_read_digest(esp_sha_type sha_type, void *digest_state, size_t digest_word_len)
{
uint32_t *digest_state_words = (uint32_t *)digest_state;
const size_t REG_WIDTH = sizeof(uint32_t);
for (size_t i = 0; i < digest_word_len; i++) {
digest_state_words[i] = REG_READ(SHA_H_MEM + (i * REG_WIDTH));
}
}
/**
* @brief Write the message digest to the SHA engine
*
* @param sha_type The SHA algorithm type
* @param digest_state Message digest to be written to SHA engine
* @param digest_word_len Length of the message digest
*/
static inline void sha_ll_write_digest(esp_sha_type sha_type, void *digest_state, size_t digest_word_len)
{
uint32_t *digest_state_words = (uint32_t *)digest_state;
uint32_t *reg_addr_buf = (uint32_t *)(SHA_H_MEM);
for (int i = 0; i < digest_word_len; i++) {
REG_WRITE(&reg_addr_buf[i], digest_state_words[i]);
}
}
#ifdef __cplusplus
}
#endif

View File

@ -205,7 +205,7 @@ TEST_GROUP(sha);
TEST_SETUP(sha) TEST_SETUP(sha)
{ {
test_utils_record_free_mem(); test_utils_record_free_mem();
TEST_ESP_OK(test_utils_set_leak_level(0, ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_GENERAL)); TEST_ESP_OK(test_utils_set_leak_level(400, ESP_LEAK_TYPE_CRITICAL, ESP_COMP_LEAK_GENERAL));
} }
TEST_TEAR_DOWN(sha) TEST_TEAR_DOWN(sha)

View File

@ -92,8 +92,12 @@ static esp_err_t crypto_shared_gdma_init(void)
transfer_cfg.max_data_burst_size = 0; transfer_cfg.max_data_burst_size = 0;
gdma_config_transfer(rx_channel, &transfer_cfg); gdma_config_transfer(rx_channel, &transfer_cfg);
#ifdef SOC_AES_SUPPORTED
gdma_connect(rx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0)); gdma_connect(rx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0)); gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
#elif SOC_SHA_SUPPORTED
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
#endif
return ESP_OK; return ESP_OK;
@ -123,11 +127,17 @@ esp_err_t esp_crypto_shared_gdma_start(const lldesc_t *input, const lldesc_t *ou
/* Tx channel is shared between AES and SHA, need to connect to peripheral every time */ /* Tx channel is shared between AES and SHA, need to connect to peripheral every time */
gdma_disconnect(tx_channel); gdma_disconnect(tx_channel);
#ifdef SOC_SHA_SUPPORTED
if (peripheral == GDMA_TRIG_PERIPH_SHA) { if (peripheral == GDMA_TRIG_PERIPH_SHA) {
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0)); gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
} else if (peripheral == GDMA_TRIG_PERIPH_AES) { } else
#endif // SOC_SHA_SUPPORTED
#ifdef SOC_AES_SUPPORTED
if (peripheral == GDMA_TRIG_PERIPH_AES) {
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0)); gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
} else { } else
#endif // SOC_AES_SUPPORTED
{
return ESP_ERR_INVALID_ARG; return ESP_ERR_INVALID_ARG;
} }
@ -176,11 +186,17 @@ esp_err_t esp_crypto_shared_gdma_start_axi_ahb(const crypto_dma_desc_t *input, c
/* Tx channel is shared between AES and SHA, need to connect to peripheral every time */ /* Tx channel is shared between AES and SHA, need to connect to peripheral every time */
gdma_disconnect(tx_channel); gdma_disconnect(tx_channel);
#ifdef SOC_SHA_SUPPORTED
if (peripheral == GDMA_TRIG_PERIPH_SHA) { if (peripheral == GDMA_TRIG_PERIPH_SHA) {
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0)); gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_SHA, 0));
} else if (peripheral == GDMA_TRIG_PERIPH_AES) { } else
#endif // SOC_SHA_SUPPORTED
#ifdef SOC_AES_SUPPORTED
if (peripheral == GDMA_TRIG_PERIPH_AES) {
gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0)); gdma_connect(tx_channel, GDMA_MAKE_TRIGGER(GDMA_TRIG_PERIPH_AES, 0));
} else { } else
#endif // SOC_AES_SUPPORTED
{
return ESP_ERR_INVALID_ARG; return ESP_ERR_INVALID_ARG;
} }

View File

@ -71,6 +71,10 @@ config SOC_SYSTIMER_SUPPORTED
bool bool
default y default y
config SOC_SHA_SUPPORTED
bool
default y
config SOC_ECC_SUPPORTED config SOC_ECC_SUPPORTED
bool bool
default y default y
@ -471,6 +475,34 @@ config SOC_MPU_REGION_WO_SUPPORTED
bool bool
default n default n
config SOC_SHA_DMA_MAX_BUFFER_SIZE
int
default 3968
config SOC_SHA_SUPPORT_DMA
bool
default y
config SOC_SHA_SUPPORT_RESUME
bool
default y
config SOC_SHA_GDMA
bool
default y
config SOC_SHA_SUPPORT_SHA1
bool
default y
config SOC_SHA_SUPPORT_SHA224
bool
default y
config SOC_SHA_SUPPORT_SHA256
bool
default y
config SOC_ECDSA_SUPPORT_EXPORT_PUBKEY config SOC_ECDSA_SUPPORT_EXPORT_PUBKEY
bool bool
default y default y

View File

@ -0,0 +1,8 @@
/*
* SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include "soc/sha_reg.h"

View File

@ -39,7 +39,7 @@
#define SOC_LEDC_SUPPORTED 1 #define SOC_LEDC_SUPPORTED 1
#define SOC_SYSTIMER_SUPPORTED 1 #define SOC_SYSTIMER_SUPPORTED 1
// \#define SOC_SUPPORT_COEXISTENCE 1 // \#define SOC_SUPPORT_COEXISTENCE 1
// \#define SOC_SHA_SUPPORTED 1 //TODO: [ESP32C61] IDF-9234 #define SOC_SHA_SUPPORTED 1
#define SOC_ECC_SUPPORTED 1 #define SOC_ECC_SUPPORTED 1
#define SOC_ECC_EXTENDED_MODES_SUPPORTED 1 #define SOC_ECC_EXTENDED_MODES_SUPPORTED 1
#define SOC_FLASH_ENC_SUPPORTED 1 #define SOC_FLASH_ENC_SUPPORTED 1
@ -274,19 +274,19 @@
for SHA this means that the biggest safe amount of bytes is for SHA this means that the biggest safe amount of bytes is
31 blocks of 128 bytes = 3968 31 blocks of 128 bytes = 3968
*/ */
// #define SOC_SHA_DMA_MAX_BUFFER_SIZE (3968) #define SOC_SHA_DMA_MAX_BUFFER_SIZE (3968)
// #define SOC_SHA_SUPPORT_DMA (1) #define SOC_SHA_SUPPORT_DMA (1)
// /* The SHA engine is able to resume hashing from a user */ // /* The SHA engine is able to resume hashing from a user */
// #define SOC_SHA_SUPPORT_RESUME (1) #define SOC_SHA_SUPPORT_RESUME (1)
// /* Has a centralized DMA, which is shared with all peripherals */ // /* Has a centralized DMA, which is shared with all peripherals */
// #define SOC_SHA_GDMA (1) #define SOC_SHA_GDMA (1)
// /* Supported HW algorithms */ // /* Supported HW algorithms */
// #define SOC_SHA_SUPPORT_SHA1 (1) #define SOC_SHA_SUPPORT_SHA1 (1)
// #define SOC_SHA_SUPPORT_SHA224 (1) #define SOC_SHA_SUPPORT_SHA224 (1)
// #define SOC_SHA_SUPPORT_SHA256 (1) #define SOC_SHA_SUPPORT_SHA256 (1)
/*--------------------------- ECDSA CAPS ---------------------------------------*/ /*--------------------------- ECDSA CAPS ---------------------------------------*/
#define SOC_ECDSA_SUPPORT_EXPORT_PUBKEY (1) #define SOC_ECDSA_SUPPORT_EXPORT_PUBKEY (1)