espressif/esp-idf
1
0
Fork 1
mirror of https://github.com/espressif/esp-idf.git synced 2025-07-29 18:27:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(mbedtls/sha): New API for setting SHA mode

Browse Source
This commit is contained in:
harshal.patil
2025-05-26 14:27:12 +05:30
parent e7a76ff71e
commit 5210e576d5
32 changed files with 279 additions and 135 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
components/esp_tee/scripts/esp32c6/sec_srv_tbl_default.yml
View File

@ -240,6 +240,10 @@ secure_services:
type: IDF
function: esp_ecc_point_verify
args: 1
- id: 110
type: IDF
function: esp_sha_set_mode
args: 1
# ID: 134-169 (36) - Reserved for future use
- family: attestation
entries:

4
components/esp_tee/scripts/esp32h2/sec_srv_tbl_default.yml
View File

@ -244,6 +244,10 @@ secure_services:
type: IDF
function: esp_crypto_ecc_enable_periph_clk
args: 1
- id: 111
type: IDF
function: esp_sha_set_mode
args: 1
# ID: 134-169 (36) - Reserved for future use
- family: attestation
entries:

5
components/esp_tee/src/esp_secure_service_wrapper.c
View File

@ -202,6 +202,11 @@ int __wrap_esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_
return esp_tee_service_call(4, SS_ESP_SHA_BLOCK, sha_type, data_block, is_first_block);
}
void __wrap_esp_sha_set_mode(esp_sha_type sha_type)
{
esp_tee_service_call(2, SS_ESP_SHA_SET_MODE, sha_type);
}
void __wrap_esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
{
esp_tee_service_call(3, SS_ESP_SHA_READ_DIGEST_STATE, sha_type, digest_state);

5
components/esp_tee/subproject/main/core/esp_secure_services.c
View File

@ -193,6 +193,11 @@ void _ss_esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_fi
esp_sha_block(sha_type, data_block, is_first_block);
}
void _ss_esp_sha_set_mode(esp_sha_type sha_type)
{
esp_sha_set_mode(sha_type);
}
void _ss_esp_crypto_sha_enable_periph_clk(bool enable)
{
esp_crypto_sha_enable_periph_clk(enable);

10
components/hal/esp32/include/hal/sha_ll.h
View File

@ -126,6 +126,16 @@ static inline void sha_ll_load(esp_sha_type sha_type)
DPORT_REG_WRITE(SHA_LOAD_REG(sha_type), 1);
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
(void) sha_type;
}
/**
* @brief Checks if the SHA engine is currently busy hashing a block
*

24
components/hal/esp32c2/include/hal/sha_ll.h
View File

@ -42,6 +42,16 @@ static inline void sha_ll_reset_register(void)
/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
#define sha_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; sha_ll_reset_register(__VA_ARGS__)
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -49,7 +59,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -60,29 +70,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32c3/include/hal/sha_ll.h
View File

@ -45,6 +45,16 @@ static inline void sha_ll_reset_register(void)
/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
#define sha_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; sha_ll_reset_register(__VA_ARGS__)
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -52,7 +62,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -63,29 +73,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32c5/include/hal/sha_ll.h
View File

@ -39,6 +39,16 @@ static inline void sha_ll_reset_register(void)
PCR.ecdsa_conf.ecdsa_rst_en = 0;
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -46,7 +56,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -57,29 +67,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

26
components/hal/esp32c6/include/hal/sha_ll.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -37,6 +37,16 @@ static inline void sha_ll_reset_register(void)
PCR.hmac_conf.hmac_rst_en = 0;
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -44,7 +54,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -55,29 +65,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

26
components/hal/esp32c61/include/hal/sha_ll.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2024-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -39,6 +39,16 @@ static inline void sha_ll_reset_register(void)
PCR.ecdsa_conf.ecdsa_rst_en = 0;
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -46,7 +56,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -57,29 +67,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

26
components/hal/esp32h2/include/hal/sha_ll.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -38,6 +38,16 @@ static inline void sha_ll_reset_register(void)
PCR.ecdsa_conf.ecdsa_rst_en = 0;
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -45,7 +55,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -56,29 +66,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32h21/include/hal/sha_ll.h
View File

@ -38,6 +38,16 @@ static inline void sha_ll_reset_register(void)
PCR.ecdsa_conf.ecdsa_rst_en = 0;
}
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -45,7 +55,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -56,29 +66,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32p4/include/hal/sha_ll.h
View File

@ -47,6 +47,16 @@ static inline void sha_ll_reset_register(void)
/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
#define sha_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; sha_ll_reset_register(__VA_ARGS__)
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -54,7 +64,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -65,29 +75,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32s2/include/hal/sha_ll.h
View File

@ -51,6 +51,16 @@ static inline void sha_ll_reset_register(void)
/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
#define sha_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; sha_ll_reset_register(__VA_ARGS__)
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -58,7 +68,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -69,29 +79,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

24
components/hal/esp32s3/include/hal/sha_ll.h
View File

@ -46,6 +46,16 @@ static inline void sha_ll_reset_register(void)
/// the critical section needs to declare the __DECLARE_RCC_ATOMIC_ENV variable in advance
#define sha_ll_reset_register(...) (void)__DECLARE_RCC_ATOMIC_ENV; sha_ll_reset_register(__VA_ARGS__)
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_set_mode(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
}
/**
* @brief Start a new SHA block conversions (no initial hash in HW)
*
@ -53,7 +63,7 @@ static inline void sha_ll_reset_register(void)
*/
static inline void sha_ll_start_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_START_REG, 1);
}
@ -64,29 +74,23 @@ static inline void sha_ll_start_block(esp_sha_type sha_type)
*/
static inline void sha_ll_continue_block(esp_sha_type sha_type)
{
REG_WRITE(SHA_MODE_REG, sha_type);
(void) sha_type;
REG_WRITE(SHA_CONTINUE_REG, 1);
}
/**
* @brief Start a new SHA message conversion using DMA (no initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_start_dma(esp_sha_type sha_type)
static inline void sha_ll_start_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_START_REG, 1);
}
/**
* @brief Continue a SHA message conversion using DMA (initial hash in HW)
*
* @param sha_type The SHA algorithm type
*/
static inline void sha_ll_continue_dma(esp_sha_type sha_type)
static inline void sha_ll_continue_dma(void)
{
REG_WRITE(SHA_MODE_REG, sha_type);
REG_WRITE(SHA_DMA_CONTINUE_REG, 1);
}

12
components/hal/include/hal/sha_hal.h
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2015-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -22,6 +22,13 @@
extern "C" {
#endif
/**
* @brief Load the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
void sha_hal_set_mode(esp_sha_type sha_type);
/**
* @brief Hashes a single message block
*
@ -60,11 +67,10 @@ void sha_hal_write_digest(esp_sha_type sha_type, void *digest_state);
/**
* @brief Hashes a number of message blocks using DMA
*
* @param sha_type SHA algorithm to hash with
* @param num_blocks Number of blocks to hash
* @param first_block Is this the first block in a message or a continuation?
*/
void sha_hal_hash_dma(esp_sha_type sha_type, size_t num_blocks, bool first_block);
void sha_hal_hash_dma(size_t num_blocks, bool first_block);
#endif
#if SOC_SHA_SUPPORT_SHA512_T

16
components/hal/sha_hal.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2020-2023 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2020-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@ -66,12 +66,14 @@ inline static size_t state_length(esp_sha_type type)
}
#endif
void sha_hal_set_mode(esp_sha_type sha_type)
{
sha_ll_set_mode(sha_type);
}
/* Hash a single block */
void sha_hal_hash_block(esp_sha_type sha_type, const void *data_block, size_t block_word_len, bool first_block)
{
sha_hal_wait_idle();
sha_ll_fill_text_block(data_block, block_word_len);
/* Start hashing */
@ -85,17 +87,15 @@ void sha_hal_hash_block(esp_sha_type sha_type, const void *data_block, size_t bl
#if SOC_SHA_SUPPORT_DMA
/* Hashes a number of message blocks using DMA */
void sha_hal_hash_dma(esp_sha_type sha_type, size_t num_blocks, bool first_block)
void sha_hal_hash_dma(size_t num_blocks, bool first_block)
{
sha_hal_wait_idle();
sha_ll_set_block_num(num_blocks);
/* Start hashing */
if (first_block) {
sha_ll_start_dma(sha_type);
sha_ll_start_dma();
} else {
sha_ll_continue_dma(sha_type);
sha_ll_continue_dma();
}
}

11
components/hal/test_apps/crypto/main/sha/sha_block.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: CC0-1.0
*/
@ -73,6 +73,9 @@ static void sha1_update_block(sha1_ctx* ctx, esp_sha_type sha_type, const unsign
sha_ll_reset_register();
}
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
if (ctx->first_block == 0) {
/* Writes the message digest to the SHA engine */
sha_hal_write_digest(sha_type, ctx->state);
@ -174,6 +177,9 @@ static void sha256_update_block(sha256_ctx* ctx, esp_sha_type sha_type, const un
sha_ll_reset_register();
}
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
if (ctx->first_block == 0) {
/* Writes the message digest to the SHA engine */
sha_hal_write_digest(sha_type, ctx->state);
@ -320,6 +326,9 @@ static void sha512_update_block(sha512_ctx* ctx, esp_sha_type sha_type, const un
sha_ll_reset_register();
}
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
if (ctx->first_block && sha_type == SHA2_512T){
sha_512_t_init_hash_block(ctx->t_val);
ctx->first_block = 0;

8
components/hal/test_apps/crypto/main/sha/sha_dma.c
View File

@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2023-2024 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2023-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: CC0-1.0
*/
@ -61,6 +61,8 @@ static void sha1_update_dma(sha1_ctx* ctx, esp_sha_type sha_type, const unsigned
/* Enable peripheral module */
esp_sha_acquire_hardware();
esp_sha_set_mode(sha_type);
esp_internal_sha1_update_state(ctx, sha_type);
int ret = esp_sha_dma(sha_type, input, len, ctx->buffer, local_len, ctx->first_block);
@ -157,6 +159,8 @@ static void sha256_update_dma(sha256_ctx* ctx, esp_sha_type sha_type, const unsi
/* Enable peripheral module */
esp_sha_acquire_hardware();
esp_sha_set_mode(sha_type);
esp_internal_sha256_update_state(ctx);
int ret = esp_sha_dma(ctx->mode, input, len, ctx->buffer, local_len, ctx->first_block);
@ -306,6 +310,8 @@ static void sha512_update_dma(sha512_ctx* ctx, esp_sha_type sha_type, const unsi
/* Enable peripheral module */
esp_sha_acquire_hardware();
esp_sha_set_mode(sha_type);
esp_internal_sha512_update_state(ctx);
int ret = esp_sha_dma(ctx->mode, input, len, ctx->buffer, local_len, ctx->first_block);

12
components/mbedtls/port/include/sha/sha_core.h
View File

@ -50,12 +50,19 @@ extern "C" {
*/
void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output);
/**
* @brief Set the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
void esp_sha_set_mode(esp_sha_type sha_type);
/** @brief Execute SHA block operation
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_acquire_hardware() before calling this
* @note Call esp_sha_acquire_hardware() and esp_sha_set_mode() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
@ -78,7 +85,7 @@ void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_
* @note This is a piece of a SHA algorithm, rather than an entire SHA
* algorithm.
*
* @note Call esp_sha_aquire_hardware() before calling this
* @note Call esp_sha_aquire_hardware() and esp_sha_set_mode() before calling this
* function.
*
* @param sha_type SHA algorithm to use.
@ -145,7 +152,6 @@ void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state);
*/
void esp_sha_write_digest_state(esp_sha_type sha_type, void *digest_state);
/**
* @brief Enables the SHA and crypto DMA peripheral and takes the
* locks for both of them.

25
components/mbedtls/port/include/sha/sha_parallel_engine.h
View File

@ -1,16 +1,8 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
/*
* SPDX-FileCopyrightText: 2015-2025 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#pragma once
#include "hal/sha_types.h"
@ -69,6 +61,13 @@ extern "C" {
*/
void esp_sha(esp_sha_type sha_type, const unsigned char *input, size_t ilen, unsigned char *output);
/**
* @brief Set the mode for the SHA engine
*
* @param sha_type The SHA algorithm type
*/
void esp_sha_set_mode(esp_sha_type sha_type);
/* @brief Begin to execute a single SHA block operation
*
* @note This is a piece of a SHA algorithm, rather than an entire SHA

5
components/mbedtls/port/sha/core/esp_sha1.c
View File

@ -113,6 +113,9 @@ static void esp_internal_sha1_block_process(mbedtls_sha1_context *ctx, const uin
int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[64])
{
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
esp_internal_sha_update_state(ctx);
#if SOC_SHA_SUPPORT_DMA
@ -166,6 +169,8 @@ int mbedtls_sha1_update(mbedtls_sha1_context *ctx, const unsigned char *input, s
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
esp_internal_sha_update_state(ctx);
#if SOC_SHA_SUPPORT_DMA

5
components/mbedtls/port/sha/core/esp_sha256.c
View File

@ -126,6 +126,9 @@ static void esp_internal_sha256_block_process(mbedtls_sha256_context *ctx, const
int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[64])
{
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
esp_internal_sha_update_state(ctx);
#if SOC_SHA_SUPPORT_DMA
@ -185,6 +188,8 @@ int mbedtls_sha256_update(mbedtls_sha256_context *ctx, const unsigned char *inpu
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
esp_internal_sha_update_state(ctx);
#if SOC_SHA_SUPPORT_DMA

4
components/mbedtls/port/sha/core/esp_sha512.c
View File

@ -160,6 +160,8 @@ int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, const unsigned
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
ret = esp_internal_sha_update_state(ctx);
if (ret != 0) {
esp_sha_release_hardware();
@ -220,6 +222,8 @@ int mbedtls_sha512_update(mbedtls_sha512_context *ctx, const unsigned char *inpu
esp_sha_acquire_hardware();
esp_sha_set_mode(ctx->mode);
int ret = esp_internal_sha_update_state(ctx);
if (ret != 0) {

8
components/mbedtls/port/sha/core/sha.c
View File

@ -102,6 +102,12 @@ void esp_sha_release_hardware(void)
esp_crypto_sha_aes_lock_release();
}
void esp_sha_set_mode(esp_sha_type sha_type)
{
sha_hal_wait_idle();
sha_hal_set_mode(sha_type);
}
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool is_first_block)
{
sha_hal_hash_block(sha_type, data_block, block_length(sha_type) / 4, is_first_block);
@ -284,7 +290,7 @@ static esp_err_t esp_sha_dma_process(esp_sha_type sha_type, const void *input, u
return -1;
}
sha_hal_hash_dma(sha_type, num_blks, is_first_block);
sha_hal_hash_dma(num_blks, is_first_block);
sha_hal_wait_idle();

7
components/mbedtls/port/sha/parallel_engine/sha.c
View File

@ -50,7 +50,7 @@ static portMUX_TYPE memory_block_lock = portMUX_INITIALIZER_UNLOCKED;
/* Binary semaphore managing the state of each concurrent SHA engine.
Available = noone is using this SHA engine
Available = no one is using this SHA engine
Taken = a SHA session is running on this SHA engine
Indexes:
@ -209,6 +209,11 @@ void esp_sha_read_digest_state(esp_sha_type sha_type, void *digest_state)
esp_sha_unlock_memory_block();
}
void esp_sha_set_mode(esp_sha_type sha_type)
{
sha_hal_set_mode(sha_type);
}
void esp_sha_block(esp_sha_type sha_type, const void *data_block, bool first_block)
{
#ifndef NDEBUG

1
components/wpa_supplicant/esp_supplicant/src/crypto/fastpsk.c
View File

@ -160,6 +160,7 @@ static inline void write32_be(uint32_t n, uint8_t out[4])
void sha1_op(uint32_t blocks[FAST_PSK_SHA1_BLOCKS_BUF_WORDS], uint32_t output[SHA1_OUTPUT_SZ_WORDS])
{
esp_sha_set_mode(SHA1);
/* First block */
esp_sha_block(SHA1, blocks, true);
/* Second block */

1
docs/en/migration-guides/release-5.x/5.5/index.rst
View File

@ -6,6 +6,7 @@ Migration from 5.4 to 5.5
.. toctree::
:maxdepth: 1
security
system
peripherals
protocols

19
docs/en/migration-guides/release-5.x/5.5/security.rst Normal file
View File

@ -0,0 +1,19 @@
Security
========
:link_to_translation:`zh_CN:[中文]`
.. only:: SOC_SHA_SUPPORTED
Mbed TLS
--------
Starting from **ESP-IDF v5.5**, there is a change in how the SHA sub-function APIs, :cpp:func:`esp_sha_block` and :cpp:func:`esp_sha_dma`, are used.
Previously, these APIs used to set the SHA mode internally, however, in the updated version, you must explicitly set the SHA mode before invoking them.
For instance, if you intend to use the **SHA-256** algorithm, you must first call :cpp:func:`esp_sha_set_mode` with the argument ``SHA2_256``:
.. code-block:: c
esp_sha_set_mode(SHA2_256);

1
docs/zh_CN/migration-guides/release-5.x/5.5/index.rst
View File

@ -6,6 +6,7 @@
.. toctree::
:maxdepth: 1
security
system
peripherals
protocols

4
docs/zh_CN/migration-guides/release-5.x/5.5/security.rst Normal file
View File

@ -0,0 +1,4 @@
安全性
=======
:link_to_translation:`en:[English]`

1
tools/ci/check_copyright_ignore.txt
View File

@ -480,7 +480,6 @@ components/mbedtls/port/include/esp32/sha.h
components/mbedtls/port/include/esp32s2/aes.h
components/mbedtls/port/include/esp32s2/gcm.h
components/mbedtls/port/include/mbedtls/esp_debug.h
components/mbedtls/port/include/sha/sha_parallel_engine.h
components/mbedtls/port/include/sha1_alt.h
components/mbedtls/port/include/sha256_alt.h
components/mbedtls/port/include/sha512_alt.h