mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 16:20:53 +02:00
Merge pull request #10500 from rizlik/sha224_only
crpytocb: support SHA224 under WOLF_CRYPTO_CB_ONLY_SHA256
This commit is contained in:
@@ -30,9 +30,8 @@ jobs:
|
||||
- name: RSA
|
||||
cppflags: -DWOLF_CRYPTO_CB_ONLY_RSA
|
||||
# WOLF_CRYPTO_CB_ONLY_SHA256: strips software SHA-256; swdev provides
|
||||
# the software path via cryptocb. SHA-224 not yet supported.
|
||||
# the software path via cryptocb.
|
||||
- name: SHA256
|
||||
extra_config: --disable-sha224
|
||||
cppflags: -DWOLF_CRYPTO_CB_ONLY_SHA256
|
||||
# WOLF_CRYPTO_CB_ONLY_AES: strips software AES; swdev provides the
|
||||
# software path via cryptocb.
|
||||
@@ -50,7 +49,6 @@ jobs:
|
||||
# algorithm call that a single-strip entry would still resolve via
|
||||
# the remaining software paths.
|
||||
- name: ALL
|
||||
extra_config: --disable-sha224
|
||||
cppflags: >-
|
||||
-DWOLF_CRYPTO_CB_ONLY_ECC -DWOLF_CRYPTO_CB_ONLY_RSA
|
||||
-DWOLF_CRYPTO_CB_ONLY_SHA256 -DWOLF_CRYPTO_CB_ONLY_AES
|
||||
|
||||
@@ -119,8 +119,7 @@ struct layouts, so flipping them between the two compiles is safe.
|
||||
CPPFLAGS="-DWOLF_CRYPTO_CB_ONLY_ECC \
|
||||
-DWOLF_CRYPTO_CB_ONLY_RSA \
|
||||
-DWOLF_CRYPTO_CB_ONLY_SHA256 \
|
||||
-DWOLF_CRYPTO_CB_ONLY_AES" \
|
||||
--disable-sha224
|
||||
-DWOLF_CRYPTO_CB_ONLY_AES"
|
||||
make
|
||||
make check
|
||||
```
|
||||
@@ -135,8 +134,6 @@ Notes:
|
||||
Out-of-tree (VPATH) builds fail at configure time. swdev is built
|
||||
from `wolfcrypt/test/include.am` and inherits `PARENT_SRCS`,
|
||||
`PARENT_BUILD_CFLAGS`, etc., from the parent build.
|
||||
- `--disable-sha224` is required when `WOLF_CRYPTO_CB_ONLY_SHA256` is
|
||||
set: SHA-224 is unsupported for now.
|
||||
|
||||
For the full CI matrix that exercises each `_ONLY_*` macro, see
|
||||
`.github/workflows/cryptocb-only.yml`.
|
||||
|
||||
@@ -209,6 +209,44 @@ out:
|
||||
wc_Sha256Free(&shadow);
|
||||
return ret;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_SHA224
|
||||
/* SHA-224 is SHA-256 with a different IV/truncation; wc_Sha224 is a typedef
|
||||
* of wc_Sha256, so the same shadow/copy-state dance applies. */
|
||||
static int swdev_sha224(wc_CryptoInfo* info)
|
||||
{
|
||||
wc_Sha224* sha224 = info->hash.sha224;
|
||||
wc_Sha224 shadow;
|
||||
int ret;
|
||||
|
||||
if (sha224 == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
ret = wc_InitSha224(&shadow);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
|
||||
swdev_sha256_copy_state((wc_Sha256*)&shadow, (const wc_Sha256*)sha224);
|
||||
|
||||
if (info->hash.in != NULL) {
|
||||
ret = wc_Sha224Update(&shadow, info->hash.in, info->hash.inSz);
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (info->hash.digest != NULL) {
|
||||
ret = wc_Sha224Final(&shadow, info->hash.digest);
|
||||
if (ret != 0)
|
||||
goto out;
|
||||
}
|
||||
|
||||
swdev_sha256_copy_state((wc_Sha256*)sha224, (const wc_Sha256*)&shadow);
|
||||
|
||||
out:
|
||||
wc_Sha224Free(&shadow);
|
||||
return ret;
|
||||
}
|
||||
#endif /* WOLFSSL_SHA224 */
|
||||
#endif /* !NO_SHA256 */
|
||||
|
||||
#ifndef NO_AES
|
||||
@@ -513,6 +551,10 @@ WC_SWDEV_EXPORT int wc_SwDev_Callback(int devId, wc_CryptoInfo* info,
|
||||
switch (info->hash.type) {
|
||||
case WC_HASH_TYPE_SHA256:
|
||||
return swdev_sha256(info);
|
||||
#ifdef WOLFSSL_SHA224
|
||||
case WC_HASH_TYPE_SHA224:
|
||||
return swdev_sha224(info);
|
||||
#endif
|
||||
default:
|
||||
return CRYPTOCB_UNAVAILABLE;
|
||||
}
|
||||
|
||||
+109
-4
@@ -60,10 +60,6 @@ on the specific device platform.
|
||||
|
||||
#if !defined(NO_SHA256) && !defined(WOLFSSL_RISCV_ASM)
|
||||
|
||||
#if defined(WOLF_CRYPTO_CB_ONLY_SHA256) && defined(WOLFSSL_SHA224)
|
||||
#error "WOLF_CRYPTO_CB_ONLY_SHA256 is incompatible with WOLFSSL_SHA224"
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
|
||||
/* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
|
||||
#define FIPS_NO_WRAPPERS
|
||||
@@ -101,6 +97,42 @@ on the specific device platform.
|
||||
#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
|
||||
#endif
|
||||
|
||||
/* WOLF_CRYPTO_CB_ONLY_SHA256 strips the software SHA-256 implementation and
|
||||
* routes every operation through the crypto callback. It is mutually exclusive
|
||||
* with any in-tree SHA-256 hardware/asm backend below: keep this list in sync
|
||||
* with the #elif chain at the start of the "Hardware Acceleration" section. */
|
||||
#if defined(WOLF_CRYPTO_CB_ONLY_SHA256) && ( \
|
||||
defined(WOLFSSL_TI_HASH) || \
|
||||
defined(WOLFSSL_CRYPTOCELL) || \
|
||||
defined(MAX3266X_SHA) || \
|
||||
defined(FREESCALE_LTC_SHA) || \
|
||||
defined(FREESCALE_MMCAU_SHA) || \
|
||||
defined(WOLFSSL_PIC32MZ_HASH) || \
|
||||
defined(STM32_HASH_SHA2) || \
|
||||
(defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_HASH)) || \
|
||||
(defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)) || \
|
||||
defined(WOLFSSL_AFALG_HASH) || \
|
||||
defined(WOLFSSL_DEVCRYPTO_HASH) || \
|
||||
(defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_HASH)) || \
|
||||
defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) || \
|
||||
defined(WOLFSSL_RENESAS_TSIP_TLS) || \
|
||||
defined(WOLFSSL_RENESAS_SCEPROTECT) || \
|
||||
defined(WOLFSSL_RENESAS_RSIP) || \
|
||||
defined(PSOC6_HASH_SHA2) || \
|
||||
defined(WOLFSSL_IMXRT_DCP) || \
|
||||
defined(WOLFSSL_NXP_HASHCRYPT_SHA) || \
|
||||
defined(WOLFSSL_SILABS_SE_ACCEL) || \
|
||||
defined(WOLFSSL_KCAPI_HASH) || \
|
||||
(defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_HASH)) || \
|
||||
defined(WOLFSSL_RENESAS_RX64_HASH) || \
|
||||
defined(WOLFSSL_PPC32_ASM) || \
|
||||
defined(WOLFSSL_ARMASM) || \
|
||||
(defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
|
||||
(defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))))
|
||||
#error "WOLF_CRYPTO_CB_ONLY_SHA256 is incompatible with SHA-256 hardware" \
|
||||
" acceleration backends"
|
||||
#endif
|
||||
|
||||
#ifdef WOLFSSL_ESPIDF
|
||||
/* Define the ESP_LOGx(TAG, WOLFSSL_ESPIDF_BLANKLINE_MESSAGE value for output messages here.
|
||||
**
|
||||
@@ -2148,6 +2180,35 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
|
||||
#elif defined(PSOC6_HASH_SHA2)
|
||||
/* Implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */
|
||||
|
||||
#elif defined(WOLF_CRYPTO_CB_ONLY_SHA256)
|
||||
int wc_InitSha224_ex(wc_Sha224* sha224, void* heap, int devId)
|
||||
{
|
||||
int ret;
|
||||
if (sha224 == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
ret = InitSha256((wc_Sha256*)sha224);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
sha224->digest[0] = 0xc1059ed8;
|
||||
sha224->digest[1] = 0x367cd507;
|
||||
sha224->digest[2] = 0x3070dd17;
|
||||
sha224->digest[3] = 0xf70e5939;
|
||||
sha224->digest[4] = 0xffc00b31;
|
||||
sha224->digest[5] = 0x68581511;
|
||||
sha224->digest[6] = 0x64f98fa7;
|
||||
sha224->digest[7] = 0xbefa4fa4;
|
||||
sha224->heap = heap;
|
||||
sha224->devId = devId;
|
||||
sha224->devCtx = NULL;
|
||||
#ifdef WOLFSSL_SMALL_STACK_CACHE
|
||||
sha224->W = NULL;
|
||||
#endif
|
||||
#ifdef WOLFSSL_ASYNC_CRYPT
|
||||
XMEMSET(&sha224->asyncDev, 0, sizeof(sha224->asyncDev));
|
||||
#endif
|
||||
return ret;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
#define NEED_SOFT_SHA224
|
||||
@@ -2369,6 +2430,50 @@ static WC_INLINE int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
|
||||
}
|
||||
#endif /* end of SHA224 software implementation */
|
||||
|
||||
#ifdef WOLF_CRYPTO_CB_ONLY_SHA256
|
||||
|
||||
int wc_Sha224Update(wc_Sha224* sha224, const byte* data, word32 len)
|
||||
{
|
||||
if (sha224 == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
if (data == NULL && len == 0)
|
||||
return 0;
|
||||
if (data == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifndef WOLF_CRYPTO_CB_FIND
|
||||
if (sha224->devId != INVALID_DEVID)
|
||||
#endif
|
||||
{
|
||||
int ret = wc_CryptoCb_Sha224Hash(sha224, data, len, NULL);
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||
return ret;
|
||||
}
|
||||
|
||||
return NO_VALID_DEVID;
|
||||
}
|
||||
|
||||
int wc_Sha224Final(wc_Sha224* sha224, byte* hash)
|
||||
{
|
||||
int ret;
|
||||
|
||||
if (sha224 == NULL || hash == NULL)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifndef WOLF_CRYPTO_CB_FIND
|
||||
if (sha224->devId != INVALID_DEVID)
|
||||
#endif
|
||||
{
|
||||
ret = wc_CryptoCb_Sha224Hash(sha224, NULL, 0, hash);
|
||||
if (ret != WC_NO_ERR_TRACE(CRYPTOCB_UNAVAILABLE))
|
||||
return ret;
|
||||
}
|
||||
|
||||
return NO_VALID_DEVID;
|
||||
}
|
||||
|
||||
#endif /* WOLF_CRYPTO_CB_ONLY_SHA256 */
|
||||
|
||||
int wc_InitSha224(wc_Sha224* sha224)
|
||||
{
|
||||
int devId = INVALID_DEVID;
|
||||
|
||||
@@ -72593,6 +72593,40 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA224
|
||||
if (info->hash.type == WC_HASH_TYPE_SHA224) {
|
||||
if (info->hash.sha224 == NULL)
|
||||
return NOT_COMPILED_IN;
|
||||
|
||||
/* set devId to invalid, so software is used */
|
||||
info->hash.sha224->devId = INVALID_DEVID;
|
||||
#if defined(WOLF_CRYPTO_CB_ONLY_SHA256)
|
||||
#ifdef DEBUG_WOLFSSL
|
||||
printf("CryptoDevCb: exampleVar %d\n", myCtx->exampleVar);
|
||||
#endif
|
||||
if (myCtx->exampleVar == 99) {
|
||||
info->hash.sha224->devId = devIdArg;
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
if (info->hash.in != NULL) {
|
||||
ret = wc_Sha224Update(
|
||||
info->hash.sha224,
|
||||
info->hash.in,
|
||||
info->hash.inSz);
|
||||
}
|
||||
if (info->hash.digest != NULL) {
|
||||
ret = wc_Sha224Final(
|
||||
info->hash.sha224,
|
||||
info->hash.digest);
|
||||
}
|
||||
|
||||
/* reset devId */
|
||||
info->hash.sha224->devId = devIdArg;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef WOLFSSL_SHA384
|
||||
if (info->hash.type == WC_HASH_TYPE_SHA384) {
|
||||
if (info->hash.sha384 == NULL)
|
||||
|
||||
Reference in New Issue
Block a user