RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-28 23:29:45 +01:00
Code Releases Activity

Merge pull request #20598 from mguetschow/psa-hashes-sha512-truncated

Browse Source 
sys/psa_crypto: SHA-{384,512/{224,256}}
This commit is contained in:
mguetschow 2024-05-17 09:20:03 +00:00 committed by GitHub
commit 3255b95937
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
23 changed files with 724 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
examples/psa_crypto/Makefile
View File

@ -98,6 +98,14 @@ else
USEMODULE += psa_cipher
USEMODULE += psa_cipher_aes_128_cbc
USEMODULE += psa_hash
USEMODULE += psa_hash_sha_224
USEMODULE += psa_hash_sha_256
USEMODULE += psa_hash_sha_384
USEMODULE += psa_hash_sha_512
USEMODULE += psa_hash_sha_512_224
USEMODULE += psa_hash_sha_512_256
USEMODULE += psa_mac
USEMODULE += psa_mac_hmac_sha_256

102
examples/psa_crypto/example_hash.c Normal file
View File

@ -0,0 +1,102 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup examples
* @{
*
* @brief Example functions for different hashing algorithms supported by PSA Crypto
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
*
* @}
*/
#include <stdio.h>
#include <stdint.h>
#include "psa/crypto.h"
static const uint8_t msg[] = "Hello World!";
static const size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
static const uint8_t hash_sha224[] = {
0x45, 0x75, 0xbb, 0x4e, 0xc1, 0x29, 0xdf, 0x63, 0x80, 0xce, 0xdd, 0xe6, 0xd7,
0x12, 0x17, 0xfe, 0x05, 0x36, 0xf8, 0xff, 0xc4, 0xe1, 0x8b, 0xca, 0x53, 0x0a,
0x7a, 0x1b};
static const uint8_t hash_sha256[] = {
0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, 0x48,
0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, 0x4a, 0xdd,
0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69};
static const uint8_t hash_sha384[] = {
0xbf, 0xd7, 0x6c, 0x0e, 0xbb, 0xd0, 0x06, 0xfe, 0xe5, 0x83, 0x41, 0x05, 0x47,
0xc1, 0x88, 0x7b, 0x02, 0x92, 0xbe, 0x76, 0xd5, 0x82, 0xd9, 0x6c, 0x24, 0x2d,
0x2a, 0x79, 0x27, 0x23, 0xe3, 0xfd, 0x6f, 0xd0, 0x61, 0xf9, 0xd5, 0xcf, 0xd1,
0x3b, 0x8f, 0x96, 0x13, 0x58, 0xe6, 0xad, 0xba, 0x4a};
static const uint8_t hash_sha512[] = {
0x86, 0x18, 0x44, 0xd6, 0x70, 0x4e, 0x85, 0x73, 0xfe, 0xc3, 0x4d, 0x96, 0x7e,
0x20, 0xbc, 0xfe, 0xf3, 0xd4, 0x24, 0xcf, 0x48, 0xbe, 0x04, 0xe6, 0xdc, 0x08,
0xf2, 0xbd, 0x58, 0xc7, 0x29, 0x74, 0x33, 0x71, 0x01, 0x5e, 0xad, 0x89, 0x1c,
0xc3, 0xcf, 0x1c, 0x9d, 0x34, 0xb4, 0x92, 0x64, 0xb5, 0x10, 0x75, 0x1b, 0x1f,
0xf9, 0xe5, 0x37, 0x93, 0x7b, 0xc4, 0x6b, 0x5d, 0x6f, 0xf4, 0xec, 0xc8};
static const uint8_t hash_sha512_224[] = {
0xba, 0x07, 0x02, 0xdd, 0x8d, 0xd2, 0x32, 0x80, 0xb6, 0x17, 0xef, 0x28, 0x8b,
0xcc, 0x7e, 0x27, 0x60, 0x60, 0xb8, 0xeb, 0xcd, 0xdf, 0x28, 0xf8, 0xe4, 0x35,
0x6e, 0xae};
static const uint8_t hash_sha512_256[] = {
0xf3, 0x71, 0x31, 0x9e, 0xee, 0x6b, 0x39, 0xb0, 0x58, 0xec, 0x26, 0x2d, 0x4e,
0x72, 0x3a, 0x26, 0x71, 0x0e, 0x46, 0x76, 0x13, 0x01, 0xc8, 0xb5, 0x4c, 0x56,
0xfa, 0x72, 0x22, 0x67, 0x58, 0x1a};
/**
* @brief Example function to use different hash algorithms
* with the PSA Crypto API.
*
* @return psa_status_t
*/
psa_status_t example_hash(void)
{
psa_status_t status = PSA_ERROR_DOES_NOT_EXIST;
status = psa_hash_compare(PSA_ALG_SHA_224, msg, msg_len, hash_sha224, sizeof(hash_sha224));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_256, msg, msg_len, hash_sha256, sizeof(hash_sha256));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_384, msg, msg_len, hash_sha384, sizeof(hash_sha384));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512, msg, msg_len, hash_sha512, sizeof(hash_sha512));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512_224, msg, msg_len, hash_sha512_224, sizeof(hash_sha512_224));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512_256, msg, msg_len, hash_sha512_256, sizeof(hash_sha512_256));
if (status != PSA_SUCCESS) {
return status;
}
return status;
}

9
examples/psa_crypto/main.c
View File

@ -37,6 +37,8 @@ extern psa_status_t example_eddsa(void);
#endif
#endif
extern psa_status_t example_hash(void);
#ifdef MULTIPLE_SE
#if IS_USED(MODULE_PSA_CIPHER)
extern psa_status_t example_cipher_aes_128_sec_se(void);
@ -63,6 +65,13 @@ int main(void)
(void)status;
(void)start;
status = example_hash();
printf("Hash took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start));
if (status != PSA_SUCCESS) {
failed = true;
printf("Hash failed: %s\n", psa_status_to_humanly_readable(status));
}
#if IS_USED(MODULE_PSA_MAC)
status = example_hmac_sha256();
printf("HMAC SHA256 took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start));

6
features.yaml
View File

@ -835,8 +835,14 @@ groups:
help: SHA-224 hardware acceleration present.
- name: periph_hash_sha_256
help: SHA-256 hardware acceleration present.
- name: periph_hash_sha_384
help: SHA-384 hardware acceleration present.
- name: periph_hash_sha_512
help: SHA-512 hardware acceleration present.
- name: periph_hash_sha_512_224
help: SHA-512/224 hardware acceleration present.
- name: periph_hash_sha_512_256
help: SHA-512/256 hardware acceleration present.
- name: periph_hmac_sha_256
help: HMAC SHA-256 hardware acceleration present.
- name: periph_hwrng

3
makefiles/features_existing.inc.mk
View File

@ -182,7 +182,10 @@ FEATURES_EXISTING := \
periph_hash_sha_1 \
periph_hash_sha_224 \
periph_hash_sha_256 \
periph_hash_sha_384 \
periph_hash_sha_512 \
periph_hash_sha_512_224 \
periph_hash_sha_512_256 \
periph_hmac_sha_256 \
periph_hwrng \
periph_i2c \

3
makefiles/features_modules.inc.mk
View File

@ -29,7 +29,10 @@ PERIPH_IGNORE_MODULES := \
periph_hash_sha_1 \
periph_hash_sha_224 \
periph_hash_sha_256 \
periph_hash_sha_384 \
periph_hash_sha_512 \
periph_hash_sha_512_224 \
periph_hash_sha_512_256 \
periph_hmac_sha_256 \
periph_i2c_hw \
periph_i2c_sw \

3
makefiles/pseudomodules.inc.mk
View File

@ -361,7 +361,10 @@ PSEUDOMODULES += psa_riot_hashes_md5
PSEUDOMODULES += psa_riot_hashes_sha_1
PSEUDOMODULES += psa_riot_hashes_sha_224
PSEUDOMODULES += psa_riot_hashes_sha_256
PSEUDOMODULES += psa_riot_hashes_sha_384
PSEUDOMODULES += psa_riot_hashes_sha_512
PSEUDOMODULES += psa_riot_hashes_sha_512_224
PSEUDOMODULES += psa_riot_hashes_sha_512_256
PSEUDOMODULES += psa_riot_hashes_hmac_sha256
PSEUDOMODULES += fortuna_reseed
PSEUDOMODULES += riotboot_%

47
sys/hashes/psa_riot_hashes/sha_384.c Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"
psa_status_t psa_hashes_sha384_setup(psa_hashes_sha384_ctx_t *ctx)
{
sha384_init((sha384_context_t *)ctx);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha384_update(psa_hashes_sha384_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha384_update((sha384_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha384_finish(psa_hashes_sha384_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha384_final((sha384_context_t *)ctx, hash);
(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}

47
sys/hashes/psa_riot_hashes/sha_512_224.c Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"
psa_status_t psa_hashes_sha512_224_setup(psa_hashes_sha512_224_ctx_t *ctx)
{
sha512_224_init((sha512_224_context_t *)ctx);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha512_224_update(psa_hashes_sha512_224_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha512_224_update((sha512_224_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha512_224_finish(psa_hashes_sha512_224_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha512_224_final((sha512_224_context_t *)ctx, hash);
(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}

47
sys/hashes/psa_riot_hashes/sha_512_256.c Normal file
View File

@ -0,0 +1,47 @@
/*
* Copyright (C) 2023 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT Hash module
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"
psa_status_t psa_hashes_sha512_256_setup(psa_hashes_sha512_256_ctx_t *ctx)
{
sha512_256_init((sha512_256_context_t *)ctx);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha512_256_update(psa_hashes_sha512_256_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha512_256_update((sha512_256_context_t *)ctx, input, input_length);
return PSA_SUCCESS;
}
psa_status_t psa_hashes_sha512_256_finish(psa_hashes_sha512_256_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length)
{
sha512_256_final((sha512_256_context_t *)ctx, hash);
(void)hash_size;
(void)hash_length;
return PSA_SUCCESS;
}

18
sys/include/hashes/psa/riot_hashes.h
View File

@ -49,12 +49,30 @@ typedef sha224_context_t psa_hashes_sha224_ctx_t;
typedef sha256_context_t psa_hashes_sha256_ctx_t;
#endif
#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384))
#include "hashes/sha384.h"
typedef sha384_context_t psa_hashes_sha384_ctx_t;
#endif
#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512))
#include "hashes/sha512.h"
typedef sha512_context_t psa_hashes_sha512_ctx_t;
#endif
#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224))
#include "hashes/sha512_224.h"
typedef sha512_224_context_t psa_hashes_sha512_224_ctx_t;
#endif
#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256))
#include "hashes/sha512_256.h"
typedef sha512_256_context_t psa_hashes_sha512_256_ctx_t;
#endif
#if (IS_USED(MODULE_PSA_RIOT_HASHES_HMAC_SHA256))
#include "hashes/sha256.h"
#endif

9
sys/include/psa_crypto/psa/crypto_contexts.h
View File

@ -46,9 +46,18 @@ typedef union {
#if IS_USED(MODULE_PSA_HASH_SHA_256) || defined(DOXYGEN)
psa_hashes_sha256_ctx_t sha256; /**< SHA-256 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_384) || defined(DOXYGEN)
psa_hashes_sha384_ctx_t sha384; /**< SHA-384 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512) || defined(DOXYGEN)
psa_hashes_sha512_ctx_t sha512; /**< SHA-512 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512_224) || defined(DOXYGEN)
psa_hashes_sha512_224_ctx_t sha512_224; /**< SHA-512/224 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512_256) || defined(DOXYGEN)
psa_hashes_sha512_256_ctx_t sha512_256; /**< SHA-512/256 context */
#endif
} psa_hash_context_t;
#endif

8
sys/include/psa_crypto/psa/crypto_includes.h
View File

@ -31,7 +31,9 @@ extern "C" {
#if IS_USED(MODULE_PSA_RIOT_HASHES_HMAC_SHA256) || IS_USED(MODULE_PSA_RIOT_HASHES_MD5) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_1) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512)
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256)
#include "hashes/psa/riot_hashes.h"
#endif
@ -40,7 +42,9 @@ extern "C" {
#endif
#if IS_USED(MODULE_PERIPH_HASH_SHA_1) || IS_USED(MODULE_PERIPH_HASH_SHA_224) || \
IS_USED(MODULE_PERIPH_HASH_SHA_256) || IS_USED(MODULE_PERIPH_HASH_SHA_512)
IS_USED(MODULE_PERIPH_HASH_SHA_256) || IS_USED(MODULE_PERIPH_HASH_SHA_384) || \
IS_USED(MODULE_PERIPH_HASH_SHA_512) || IS_USED(MODULE_PERIPH_HASH_SHA_512_224) || \
IS_USED(MODULE_PERIPH_HASH_SHA_512_256)
#include "psa_periph_hashes_ctx.h"
#endif

73
sys/psa_crypto/Makefile.dep
View File

@ -228,6 +228,30 @@ ifneq (,$(filter psa_hash_sha_256_backend_riot,$(USEMODULE)))
USEMODULE += psa_riot_hashes_sha_256
endif
## SHA-384
ifneq (,$(filter psa_hash_sha_384,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_384_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_384
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_384,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_384_backend_periph
else
USEMODULE += psa_hash_sha_384_backend_riot
endif
endif
endif
ifneq (,$(filter psa_hash_sha_384_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_384
endif
ifneq (,$(filter psa_hash_sha_384_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_384
endif
## SHA-512
ifneq (,$(filter psa_hash_sha_512,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_custom_backend,$(USEMODULE)))
@ -251,6 +275,55 @@ ifneq (,$(filter psa_hash_sha_512_backend_riot,$(USEMODULE)))
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512
endif
## SHA-512/224
ifneq (,$(filter psa_hash_sha_512_224,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_224_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_512_224
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_512_224,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_512_224_backend_periph
else
USEMODULE += psa_hash_sha_512_224_backend_riot
endif
endif
endif
ifneq (,$(filter psa_hash_sha_512_224_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_512_224
endif
ifneq (,$(filter psa_hash_sha_512_224_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512_224
endif
## SHA-512/256
ifneq (,$(filter psa_hash_sha_512_256,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha_512_256_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha_512_256
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha_512_256,$(FEATURES_USED)))
USEMODULE += psa_hash_sha_512_256_backend_periph
else
USEMODULE += psa_hash_sha_512_256_backend_riot
endif
endif
endif
ifneq (,$(filter psa_hash_sha_512_256_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha_512_256
endif
ifneq (,$(filter psa_hash_sha_512_256_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha_512_256
endif
# Key Management
ifneq (,$(filter psa_key_management,$(USEMODULE)))
USEMODULE += psa_key_slot_mgmt

36
sys/psa_crypto/Makefile.include
View File

@ -134,6 +134,18 @@ ifneq (,$(filter psa_hash_sha_256,$(USEMODULE)))
endif
endif
PSEUDOMODULES += psa_hash_sha_384
PSEUDOMODULES += psa_hash_sha_384_backend_periph
PSEUDOMODULES += psa_hash_sha_384_backend_riot
PSEUDOMODULES += psa_hash_sha_384_custom_backend
# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha_384,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha_384))
$(error "One (and only one) backend should be selected for psa_hash_sha_384")
endif
endif
PSEUDOMODULES += psa_hash_sha_512
PSEUDOMODULES += psa_hash_sha_512_backend_periph
PSEUDOMODULES += psa_hash_sha_512_backend_riot
@ -146,6 +158,30 @@ ifneq (,$(filter psa_hash_sha_512,$(USEMODULE)))
endif
endif
PSEUDOMODULES += psa_hash_sha_512_224
PSEUDOMODULES += psa_hash_sha_512_224_backend_periph
PSEUDOMODULES += psa_hash_sha_512_224_backend_riot
PSEUDOMODULES += psa_hash_sha_512_224_custom_backend
# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha_512_224,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha_512_224))
$(error "One (and only one) backend should be selected for psa_hash_sha_512_224")
endif
endif
PSEUDOMODULES += psa_hash_sha_512_256
PSEUDOMODULES += psa_hash_sha_512_256_backend_periph
PSEUDOMODULES += psa_hash_sha_512_256_backend_riot
PSEUDOMODULES += psa_hash_sha_512_256_custom_backend
# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha_512_256,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha_512_256))
$(error "One (and only one) backend should be selected for psa_hash_sha_512_256")
endif
endif
## Key Management
PSEUDOMODULES += psa_key_management

23
sys/psa_crypto/doc.txt
View File

@ -312,12 +312,30 @@
* - psa_hash_sha_256_custom_backend
* - psa_hash_sha_256_backend_riot
*
* #### SHA 384
* - psa_hash_sha_384
* - psa_hash_sha_384_backend_periph
* - psa_hash_sha_384_custom_backend
* - psa_hash_sha_384_backend_riot
*
* #### SHA 512
* - psa_hash_sha_512
* - psa_hash_sha_512_backend_periph
* - psa_hash_sha_512_custom_backend
* - psa_hash_sha_512_backend_riot
*
* #### SHA 512/224
* - psa_hash_sha_512_224
* - psa_hash_sha_512_224_backend_periph
* - psa_hash_sha_512_224_custom_backend
* - psa_hash_sha_512_224_backend_riot
*
* #### SHA 512/256
* - psa_hash_sha_512_256
* - psa_hash_sha_512_256_backend_periph
* - psa_hash_sha_512_256_custom_backend
* - psa_hash_sha_512_256_backend_riot
*
* ### MAC
* - Base: psa_mac
*
@ -469,7 +487,7 @@
* USEMODULE += psa_riot_hashes_sha_256
*
* will build the file at `sys/hashes/psa_riot_hashes/sha_256.c`, but none of the other files in
* the directory).
* the directory.
*
* To enable submodules for your implementation add the following to the directory makefile:
* @code
@ -568,7 +586,10 @@
* - `psa_hashes_sha1_ctx_t`
* - `psa_hashes_sha224_ctx_t`
* - `psa_hashes_sha256_ctx_t`
* - `psa_hashes_sha384_ctx_t`
* - `psa_hashes_sha512_ctx_t`
* - `psa_hashes_sha512_224_ctx_t`
* - `psa_hashes_sha512_256_ctx_t`
*
* #### Ciphers
* - `psa_cipher_aes_128_ctx_t`

127
sys/psa_crypto/include/psa_hashes.h
View File

@ -66,7 +66,7 @@ psa_status_t psa_hashes_md5_finish(psa_hashes_md5_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* CONFIG_HASHES_MD5 */
#endif /* MODULE_PSA_HASH_MD5 */
#if IS_USED(MODULE_PSA_HASH_SHA_1) || defined(DOXYGEN)
/**
@ -105,7 +105,7 @@ psa_status_t psa_hashes_sha1_finish(psa_hashes_sha1_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* CONFIG_HASHES_SHA1 */
#endif /* MODULE_PSA_HASH_SHA_1 */
#if IS_USED(MODULE_PSA_HASH_SHA_224) || defined(DOXYGEN)
/**
@ -144,7 +144,7 @@ psa_status_t psa_hashes_sha224_finish(psa_hashes_sha224_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* CONFIG_HASHES_SHA224 */
#endif /* MODULE_PSA_HASH_SHA_224 */
#if IS_USED(MODULE_PSA_HASH_SHA_256) || defined(DOXYGEN)
/**
@ -183,7 +183,46 @@ psa_status_t psa_hashes_sha256_finish(psa_hashes_sha256_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* CONFIG_HASHES_SHA256 */
#endif /* MODULE_PSA_HASH_SHA_256 */
#if IS_USED(MODULE_PSA_HASH_SHA_384) || defined(DOXYGEN)
/**
* @brief Low level wrapper function to call a driver for an SHA384 hash setup
* See @ref psa_hash_setup()
*
* @param ctx
* @return psa_status_t
*/
psa_status_t psa_hashes_sha384_setup(psa_hashes_sha384_ctx_t *ctx);
/**
* @brief Low level wrapper function to call a driver for an SHA384 hash update
* See @ref psa_hash_update()
*
* @param ctx
* @param input
* @param input_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha384_update(psa_hashes_sha384_ctx_t *ctx,
const uint8_t *input,
size_t input_length);
/**
* @brief Low level wrapper function to call a driver for an SHA384 hash finish
* See @ref psa_hash_finish()
*
* @param ctx
* @param hash
* @param hash_size
* @param hash_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha384_finish(psa_hashes_sha384_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* MODULE_PSA_HASH_SHA_384 */
#if IS_USED(MODULE_PSA_HASH_SHA_512) || defined(DOXYGEN)
/**
@ -222,7 +261,85 @@ psa_status_t psa_hashes_sha512_finish(psa_hashes_sha512_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* CONFIG_HASHES_SHA512 */
#endif /* MODULE_PSA_HASH_SHA_512 */
#if IS_USED(MODULE_PSA_HASH_SHA_512_224) || defined(DOXYGEN)
/**
* @brief Low level wrapper function to call a driver for an SHA512/224 hash setup
* See @ref psa_hash_setup()
*
* @param ctx
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_224_setup(psa_hashes_sha512_224_ctx_t *ctx);
/**
* @brief Low level wrapper function to call a driver for an SHA512/224 hash update
* See @ref psa_hash_update()
*
* @param ctx
* @param input
* @param input_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_224_update(psa_hashes_sha512_224_ctx_t *ctx,
const uint8_t *input,
size_t input_length);
/**
* @brief Low level wrapper function to call a driver for an SHA512/224 hash finish
* See @ref psa_hash_finish()
*
* @param ctx
* @param hash
* @param hash_size
* @param hash_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_224_finish(psa_hashes_sha512_224_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* MODULE_PSA_HASH_SHA_512_224 */
#if IS_USED(MODULE_PSA_HASH_SHA_512_256) || defined(DOXYGEN)
/**
* @brief Low level wrapper function to call a driver for an SHA512/256 hash setup
* See @ref psa_hash_setup()
*
* @param ctx
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_256_setup(psa_hashes_sha512_256_ctx_t *ctx);
/**
* @brief Low level wrapper function to call a driver for an SHA512/256 hash update
* See @ref psa_hash_update()
*
* @param ctx
* @param input
* @param input_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_256_update(psa_hashes_sha512_256_ctx_t *ctx,
const uint8_t *input,
size_t input_length);
/**
* @brief Low level wrapper function to call a driver for an SHA512/256 hash finish
* See @ref psa_hash_finish()
*
* @param ctx
* @param hash
* @param hash_size
* @param hash_length
* @return psa_status_t
*/
psa_status_t psa_hashes_sha512_256_finish(psa_hashes_sha512_256_ctx_t *ctx,
uint8_t *hash,
size_t hash_size,
size_t *hash_length);
#endif /* MODULE_PSA_HASH_SHA_512_256 */
#ifdef __cplusplus
}

48
sys/psa_crypto/psa_crypto_algorithm_dispatch.c
View File

@ -81,6 +81,14 @@ psa_status_t psa_algorithm_dispatch_hash_setup(psa_hash_operation_t *operation,
}
break;
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_384))
case PSA_ALG_SHA_384:
status = psa_hashes_sha384_setup(&operation->ctx.sha384);
if (status != PSA_SUCCESS) {
return status;
}
break;
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512))
case PSA_ALG_SHA_512:
status = psa_hashes_sha512_setup(&operation->ctx.sha512);
@ -89,6 +97,22 @@ psa_status_t psa_algorithm_dispatch_hash_setup(psa_hash_operation_t *operation,
}
break;
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_224))
case PSA_ALG_SHA_512_224:
status = psa_hashes_sha512_224_setup(&operation->ctx.sha512_224);
if (status != PSA_SUCCESS) {
return status;
}
break;
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_256))
case PSA_ALG_SHA_512_256:
status = psa_hashes_sha512_256_setup(&operation->ctx.sha512_256);
if (status != PSA_SUCCESS) {
return status;
}
break;
#endif
default:
(void)status;
(void)operation;
@ -120,10 +144,22 @@ psa_status_t psa_algorithm_dispatch_hash_update(psa_hash_operation_t *operation,
case PSA_ALG_SHA_256:
return psa_hashes_sha256_update(&operation->ctx.sha256, input, input_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_384))
case PSA_ALG_SHA_384:
return psa_hashes_sha384_update(&operation->ctx.sha384, input, input_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512))
case PSA_ALG_SHA_512:
return psa_hashes_sha512_update(&operation->ctx.sha512, input, input_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_224))
case PSA_ALG_SHA_512_224:
return psa_hashes_sha512_224_update(&operation->ctx.sha512_224, input, input_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_256))
case PSA_ALG_SHA_512_256:
return psa_hashes_sha512_256_update(&operation->ctx.sha512_256, input, input_length);
#endif
default:
(void)operation;
(void)input;
@ -154,10 +190,22 @@ psa_status_t psa_algorithm_dispatch_hash_finish(psa_hash_operation_t *operation,
case PSA_ALG_SHA_256:
return psa_hashes_sha256_finish(&operation->ctx.sha256, hash, hash_size, hash_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_384))
case PSA_ALG_SHA_384:
return psa_hashes_sha384_finish(&operation->ctx.sha384, hash, hash_size, hash_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512))
case PSA_ALG_SHA_512:
return psa_hashes_sha512_finish(&operation->ctx.sha512, hash, hash_size, hash_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_224))
case PSA_ALG_SHA_512_224:
return psa_hashes_sha512_224_finish(&operation->ctx.sha512_224, hash, hash_size, hash_length);
#endif
#if (IS_USED(MODULE_PSA_HASH_SHA_512_256))
case PSA_ALG_SHA_512_256:
return psa_hashes_sha512_256_finish(&operation->ctx.sha512_256, hash, hash_size, hash_length);
#endif
default:
(void)operation;
(void)hash;

5
tests/sys/psa_crypto_hashes/Makefile
View File

@ -6,6 +6,11 @@ USEMODULE += ztimer_usec
USEMODULE += psa_crypto
USEMODULE += psa_hash
USEMODULE += psa_hash_sha_224
USEMODULE += psa_hash_sha_256
USEMODULE += psa_hash_sha_384
USEMODULE += psa_hash_sha_512
USEMODULE += psa_hash_sha_512_224
USEMODULE += psa_hash_sha_512_256
include $(RIOTBASE)/Makefile.include

1
tests/sys/psa_crypto_hashes/Makefile.ci
View File

@ -1,5 +1,6 @@
BOARD_INSUFFICIENT_MEMORY := \
arduino-duemilanove \
arduino-leonardo \
arduino-nano \
arduino-uno \
atmega328p \

105
tests/sys/psa_crypto_hashes/example_hash.c Normal file
View File

@ -0,0 +1,105 @@
/*
* Copyright (C) 2023 TU Dresden
* 2024 HAW Hamburg
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup tests
* @{
*
* @brief Tests the PSA hash configurations
* Contents have been copied from `examples/psa_crypto`
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
* @author Lena Boeckmann <lena.boeckmann@haw-hamburg.de>
*
* @}
*/
#include <stdio.h>
#include <stdint.h>
#include "psa/crypto.h"
static const uint8_t msg[] = "Hello World!";
static const size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
static const uint8_t hash_sha224[] = {
0x45, 0x75, 0xbb, 0x4e, 0xc1, 0x29, 0xdf, 0x63, 0x80, 0xce, 0xdd, 0xe6, 0xd7,
0x12, 0x17, 0xfe, 0x05, 0x36, 0xf8, 0xff, 0xc4, 0xe1, 0x8b, 0xca, 0x53, 0x0a,
0x7a, 0x1b};
static const uint8_t hash_sha256[] = {
0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81, 0x48,
0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28, 0x4a, 0xdd,
0xd2, 0x00, 0x12, 0x6d, 0x90, 0x69};
static const uint8_t hash_sha384[] = {
0xbf, 0xd7, 0x6c, 0x0e, 0xbb, 0xd0, 0x06, 0xfe, 0xe5, 0x83, 0x41, 0x05, 0x47,
0xc1, 0x88, 0x7b, 0x02, 0x92, 0xbe, 0x76, 0xd5, 0x82, 0xd9, 0x6c, 0x24, 0x2d,
0x2a, 0x79, 0x27, 0x23, 0xe3, 0xfd, 0x6f, 0xd0, 0x61, 0xf9, 0xd5, 0xcf, 0xd1,
0x3b, 0x8f, 0x96, 0x13, 0x58, 0xe6, 0xad, 0xba, 0x4a};
static const uint8_t hash_sha512[] = {
0x86, 0x18, 0x44, 0xd6, 0x70, 0x4e, 0x85, 0x73, 0xfe, 0xc3, 0x4d, 0x96, 0x7e,
0x20, 0xbc, 0xfe, 0xf3, 0xd4, 0x24, 0xcf, 0x48, 0xbe, 0x04, 0xe6, 0xdc, 0x08,
0xf2, 0xbd, 0x58, 0xc7, 0x29, 0x74, 0x33, 0x71, 0x01, 0x5e, 0xad, 0x89, 0x1c,
0xc3, 0xcf, 0x1c, 0x9d, 0x34, 0xb4, 0x92, 0x64, 0xb5, 0x10, 0x75, 0x1b, 0x1f,
0xf9, 0xe5, 0x37, 0x93, 0x7b, 0xc4, 0x6b, 0x5d, 0x6f, 0xf4, 0xec, 0xc8};
static const uint8_t hash_sha512_224[] = {
0xba, 0x07, 0x02, 0xdd, 0x8d, 0xd2, 0x32, 0x80, 0xb6, 0x17, 0xef, 0x28, 0x8b,
0xcc, 0x7e, 0x27, 0x60, 0x60, 0xb8, 0xeb, 0xcd, 0xdf, 0x28, 0xf8, 0xe4, 0x35,
0x6e, 0xae};
static const uint8_t hash_sha512_256[] = {
0xf3, 0x71, 0x31, 0x9e, 0xee, 0x6b, 0x39, 0xb0, 0x58, 0xec, 0x26, 0x2d, 0x4e,
0x72, 0x3a, 0x26, 0x71, 0x0e, 0x46, 0x76, 0x13, 0x01, 0xc8, 0xb5, 0x4c, 0x56,
0xfa, 0x72, 0x22, 0x67, 0x58, 0x1a};
/**
* @brief Example function to use different hash algorithms
* with the PSA Crypto API.
*
* @return psa_status_t
*/
psa_status_t example_hash(void)
{
psa_status_t status = PSA_ERROR_DOES_NOT_EXIST;
status = psa_hash_compare(PSA_ALG_SHA_224, msg, msg_len, hash_sha224, sizeof(hash_sha224));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_256, msg, msg_len, hash_sha256, sizeof(hash_sha256));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_384, msg, msg_len, hash_sha384, sizeof(hash_sha384));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512, msg, msg_len, hash_sha512, sizeof(hash_sha512));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512_224, msg, msg_len, hash_sha512_224, sizeof(hash_sha512_224));
if (status != PSA_SUCCESS) {
return status;
}
status = psa_hash_compare(PSA_ALG_SHA_512_256, msg, msg_len, hash_sha512_256, sizeof(hash_sha512_256));
if (status != PSA_SUCCESS) {
return status;
}
return status;
}

37
tests/sys/psa_crypto_hashes/example_hash_sha256.c
View File

@ -1,37 +0,0 @@
/*
* Copyright (C) 2024 HAW Hamburg
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/
/**
* @ingroup tests
* @{
*
* @brief Tests the PSA hash configurations
* Contents have been copied from `examples/psa_crypto`
*
* @author Mikolai Gütschow <mikolai.guetschow@tu-dresden.de>
* @author Lena Boeckmann <lena.boeckmann@haw-hamburg.de>
*
* @}
*/
#include "psa/crypto.h"
static const uint8_t HASH_MSG[] = {
0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x73, 0x74,
0x72, 0x69, 0x6e, 0x67, 0x20, 0x66, 0x6f, 0x72,
0x20, 0x68, 0x6d, 0x61, 0x63, 0x32, 0x35, 0x36
};
psa_status_t example_hash_sha256(void)
{
uint8_t hash_out[PSA_HASH_LENGTH(PSA_ALG_SHA_256)];
size_t hash_length;
return psa_hash_compute(PSA_ALG_SHA_256, HASH_MSG, sizeof(HASH_MSG), hash_out, sizeof(hash_out), &hash_length);
}

8
tests/sys/psa_crypto_hashes/main.c
View File

@ -22,7 +22,7 @@
#include "psa/crypto.h"
#include "ztimer.h"
extern psa_status_t example_hash_sha256(void);
extern psa_status_t example_hash(void);
int main(void)
{
@ -34,11 +34,11 @@ int main(void)
ztimer_acquire(ZTIMER_USEC);
ztimer_now_t start = ztimer_now(ZTIMER_USEC);
status = example_hash_sha256();
printf("Hash SHA256 took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start));
status = example_hash();
printf("Hash took %d us\n", (int)(ztimer_now(ZTIMER_USEC) - start));
if (status != PSA_SUCCESS) {
failed = true;
printf("Hash SHA256 failed: %s\n", psa_status_to_humanly_readable(status));
printf("Hash failed: %s\n", psa_status_to_humanly_readable(status));
}
ztimer_release(ZTIMER_USEC);