/*
- * FIPS-197 compliant AES implementation
+ * ESP32 hardware accelerated AES implementation
+ * based on mbedTLS FIPS-197 compliant version.
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
#include <string.h>
-#include "aes.h"
-#include "esp_crypto.h"
+#include "hwcrypto/aes.h"
+#include "rom/aes.h"
+#include <sys/lock.h>
-/* Implementation that should never be optimized out by the compiler */
-//static void bzero( void *v, size_t n ) {
-// volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-//}
+static _lock_t aes_lock;
-void esp_aes_init( AES_CTX *ctx )
+void esp_aes_acquire_hardware( void )
{
- memset( ctx, 0, sizeof( AES_CTX ) );
-
- AES_LOCK();
- AES_TAKE();
+ /* newlib locks lazy initialize on ESP-IDF */
+ _lock_acquire(&aes_lock);
ets_aes_enable();
- AES_UNLOCK();
+}
+
+void esp_aes_release_hardware( void )
+{
+ uint8_t zero[256/8] = { 0 };
+ ets_aes_setkey_enc(zero, AES256);
+ ets_aes_disable();
+ _lock_release(&aes_lock);
+}
+
+void esp_aes_init( AES_CTX *ctx )
+{
+ bzero( ctx, sizeof( AES_CTX ) );
}
void esp_aes_free( AES_CTX *ctx )
}
bzero( ctx, sizeof( AES_CTX ) );
-
- AES_LOCK();
- AES_GIVE();
-
- if (false == AES_IS_USED()) {
- ets_aes_disable();
- }
-
- AES_UNLOCK();
}
-/*
- * AES key schedule (encryption)
- */
-int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key,
- unsigned int keybits )
+/* Translate number of bits to an AES_BITS enum */
+static int keybits_to_aesbits(unsigned int keybits)
{
- enum AES_BITS keybit;
- uint16_t keybyte = keybits / 8;
-
switch (keybits) {
case 128:
- keybit = AES128;
- break;
+ return AES128;
case 192:
- keybit = AES192;
+ return AES192;
break;
case 256:
- keybit = AES256;
- break;
+ return AES256;
default:
return ( ERR_AES_INVALID_KEY_LENGTH );
}
+}
- if (ctx->enc.keyflag == false) {
- ctx->enc.keyflag = true;
- ctx->enc.keybits = keybits;
- memset(ctx->enc.key, 0, sizeof(ctx->enc.key));
- memcpy(ctx->enc.key, key, keybyte);
- } else {
- ets_aes_setkey_enc(key, keybit);
+/*
+ * AES key schedule (encryption)
+ *
+ */
+int esp_aes_setkey_enc( AES_CTX *ctx, const unsigned char *key,
+ unsigned int keybits )
+{
+ uint16_t keybytes = keybits / 8;
+ int aesbits = keybits_to_aesbits(keybits);
+ if (aesbits < 0) {
+ return aesbits;
}
-
+ ctx->enc.aesbits = aesbits;
+ bzero(ctx->enc.key, sizeof(ctx->enc.key));
+ memcpy(ctx->enc.key, key, keybytes);
return 0;
}
/*
* AES key schedule (decryption)
+ *
*/
int esp_aes_setkey_dec( AES_CTX *ctx, const unsigned char *key,
unsigned int keybits )
{
- enum AES_BITS keybit;
- uint16_t keybyte = keybits / 8;
-
- switch (keybits) {
- case 128:
- keybit = AES128;
- break;
- case 192:
- keybit = AES192;
- break;
- case 256:
- keybit = AES256;
- break;
- default:
- return ( ERR_AES_INVALID_KEY_LENGTH );
- }
-
- if (ctx->dec.keyflag == false) {
- ctx->dec.keyflag = true;
- ctx->dec.keybits = keybits;
- memset(ctx->dec.key, 0, sizeof(ctx->dec.key));
- memcpy(ctx->dec.key, key, keybyte);
- } else {
- ets_aes_setkey_dec(key, keybit);
+ uint16_t keybytes = keybits / 8;
+ int aesbits = keybits_to_aesbits(keybits);
+ if (aesbits < 0) {
+ return aesbits;
}
-
+ ctx->dec.aesbits = aesbits;
+ bzero(ctx->dec.key, sizeof(ctx->dec.key));
+ memcpy(ctx->dec.key, key, keybytes);
return 0;
}
-static void esp_aes_process_enable(AES_CTX *ctx, int mode)
+/*
+ * Inner AES-ECB function. Call only when protected by esp_aes_acquire_hardware().
+ *
+ * Optimisation to prevent overhead of locking each time when
+ * encrypting many blocks in sequence.
+ */
+static int esp_aes_crypt_ecb_inner( AES_CTX *ctx,
+ int mode,
+ const unsigned char input[16],
+ unsigned char output[16] )
{
if ( mode == AES_ENCRYPT ) {
- esp_aes_setkey_enc(ctx, ctx->enc.key, ctx->enc.keybits);
+ ets_aes_setkey_enc(ctx->enc.key, ctx->enc.aesbits);
+ ets_aes_crypt(input, output);
} else {
- esp_aes_setkey_dec(ctx, ctx->dec.key, ctx->dec.keybits);
+ ets_aes_setkey_dec(ctx->enc.key, ctx->enc.aesbits);
+ /* TODO: previous commit esp_aes_decrypt function calls this but this is not correct! */
+ ets_aes_crypt(input, output);
}
-
- return;
-}
-
-static void esp_aes_process_disable(AES_CTX *ctx, int mode)
-{
-
+ return 0;
}
/*
* AES-ECB block encryption
*/
-
void esp_aes_encrypt( AES_CTX *ctx,
const unsigned char input[16],
unsigned char output[16] )
{
- ets_aes_crypt(input, output);
-
- return ;
+ esp_aes_acquire_hardware();
+ esp_aes_crypt_ecb_inner(ctx, AES_ENCRYPT, input, output);
+ esp_aes_release_hardware();
}
-
/*
* AES-ECB block decryption
*/
const unsigned char input[16],
unsigned char output[16] )
{
- ets_aes_crypt(input, output);
-
- return ;
+ esp_aes_acquire_hardware();
+ esp_aes_crypt_ecb_inner(ctx, AES_DECRYPT, input, output);
+ esp_aes_release_hardware();
}
const unsigned char input[16],
unsigned char output[16] )
{
- AES_LOCK();
-
- esp_aes_process_enable(ctx, mode);
-
- if ( mode == AES_ENCRYPT ) {
- esp_aes_encrypt( ctx, input, output );
- } else {
- esp_aes_decrypt( ctx, input, output );
- }
-
- esp_aes_process_disable(ctx, mode);
-
- AES_UNLOCK();
-
+ esp_aes_acquire_hardware();
+ esp_aes_crypt_ecb_inner(ctx, mode, input, output);
+ esp_aes_release_hardware();
return 0;
}
return ( ERR_AES_INVALID_INPUT_LENGTH );
}
+ esp_aes_acquire_hardware();
+
if ( mode == AES_DECRYPT ) {
while ( length > 0 ) {
memcpy( temp, input, 16 );
- esp_aes_crypt_ecb( ctx, mode, input, output );
+ esp_aes_crypt_ecb_inner( ctx, mode, input, output );
for ( i = 0; i < 16; i++ ) {
output[i] = (unsigned char)( output[i] ^ iv[i] );
output[i] = (unsigned char)( input[i] ^ iv[i] );
}
- esp_aes_crypt_ecb( ctx, mode, output, output );
+ esp_aes_crypt_ecb_inner( ctx, mode, output, output );
memcpy( iv, output, 16 );
input += 16;
}
}
+ esp_aes_release_hardware();
+
return 0;
}
int c;
size_t n = *iv_off;
+ esp_aes_acquire_hardware();
+
if ( mode == AES_DECRYPT ) {
while ( length-- ) {
if ( n == 0 ) {
- esp_aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
+ esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
}
c = *input++;
} else {
while ( length-- ) {
if ( n == 0 ) {
- esp_aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
+ esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
}
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
*iv_off = n;
+ esp_aes_release_hardware();
+
return 0;
}
unsigned char c;
unsigned char ov[17];
+ esp_aes_acquire_hardware();
+
while ( length-- ) {
memcpy( ov, iv, 16 );
- esp_aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
+ esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, iv, iv );
if ( mode == AES_DECRYPT ) {
ov[16] = *input;
memcpy( iv, ov + 1, 16 );
}
+ esp_aes_release_hardware();
+
return 0;
}
int c, i;
size_t n = *nc_off;
+ esp_aes_acquire_hardware();
+
while ( length-- ) {
if ( n == 0 ) {
- esp_aes_crypt_ecb( ctx, AES_ENCRYPT, nonce_counter, stream_block );
+ esp_aes_crypt_ecb_inner( ctx, AES_ENCRYPT, nonce_counter, stream_block );
for ( i = 16; i > 0; i-- )
if ( ++nonce_counter[i - 1] != 0 ) {
*nc_off = n;
+ esp_aes_release_hardware();
+
return 0;
}
-
/*
- * Multi-precision integer library
+ * ESP32 hardware accelerated multi-precision integer functions
+ * based on mbedTLS implementation
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
#include <string.h>
#include <stdlib.h>
-#include "bignum.h"
-#include "esp_crypto.h"
+#include <sys/lock.h>
+#include "hwcrypto/bignum.h"
+#include "rom/ets_sys.h"
+#include "rom/bigint.h"
/* Implementation that should never be optimized out by the compiler */
//static void bzero( void *v, size_t n ) {
#define BITS_TO_LIMBS(i) ( (i) / biL + ( (i) % biL != 0 ) )
#define CHARS_TO_LIMBS(i) ( (i) / ciL + ( (i) % ciL != 0 ) )
+static _lock_t mpi_lock;
+
+void esp_mpi_acquire_hardware( void )
+{
+ /* newlib locks lazy initialize on ESP-IDF */
+ _lock_acquire(&mpi_lock);
+ ets_bigint_enable();
+}
+
+void esp_mpi_release_hardware( void )
+{
+ ets_bigint_disable();
+ _lock_release(&mpi_lock);
+}
+
+
/*
* Initialize one MPI
*/
X->s = 1;
X->n = 0;
X->p = NULL;
- BIGNUM_LOCK();
- BIGNUM_TAKE();
- ets_bigint_enable();
- BIGNUM_UNLOCK();
}
/*
X->s = 1;
X->n = 0;
X->p = NULL;
- BIGNUM_LOCK();
- BIGNUM_GIVE();
- if (false == BIGNUM_IS_USED())
- ets_bigint_disable();
- BIGNUM_UNLOCK();
}
/*
goto cleanup;
}
- BIGNUM_LOCK();
+ esp_mpi_acquire_hardware();
if (ets_bigint_mult_prepare((uint32_t *)s1, (uint32_t *)s2, bites)){
ets_bigint_wait_finish();
if (ets_bigint_mult_getz((uint32_t *)dest, bites) == true) {
} else{
esp_mpi_printf("Baseline multiplication failed\n");
}
- BIGNUM_UNLOCK();
+ esp_mpi_release_hardware();
X->s = A->s * B->s;
n = N->n;
m = ( B->n < n ) ? B->n : n;
- BIGNUM_LOCK();
+ esp_mpi_acquire_hardware();
if (ets_bigint_montgomery_mult_prepare(N->p, B->p, d, m, n, false)) {
ets_bigint_wait_finish();
} else{
esp_mpi_printf("Montgomery multiplication failed\n");
}
- BIGNUM_UNLOCK();
+ esp_mpi_release_hardware();
}
+++ /dev/null
-#include "esp_crypto.h"
-#include "freertos/FreeRTOS.h"
-#include "freertos/semphr.h"
-
-static SemaphoreHandle_t esp_crypto_mutex[MUTEX_MAX_NUM];
-static int esp_crypto_sig[MUTEX_MAX_NUM];
-
-#if 0
-#define ESP_DEBUG ets_printf
-#else
-#define ESP_DEBUG(...)
-#endif
-
-int esp_crypto_init(void)
-{
- int i;
-
- for (i = 0; i < MUTEX_MAX_NUM; i++) {
- esp_crypto_mutex[i] = xSemaphoreCreateMutex();
- ESP_DEBUG("init num %d mutex %p\n", i, esp_crypto_mutex[i]);
- if (!esp_crypto_mutex[i]) {
- goto failed1;
- }
- esp_crypto_sig[i] = 0;
- }
-
- return 0;
-
-failed1:
- ESP_DEBUG("esp_crypto_init failed\n");
- for (i--; i >= 0; i--) {
- vQueueDelete(esp_crypto_mutex[i]);
- }
-
- return -1;
-}
-
-void esp_crypto_lock(unsigned int num)
-{
- ESP_DEBUG("1num %d, mutex %p\n", num, esp_crypto_mutex[num]);
- xSemaphoreTake(esp_crypto_mutex[num], portMAX_DELAY);
-}
-
-void esp_crypto_unlock(unsigned int num)
-{
- ESP_DEBUG("2num %d, mutex %p\n", num, esp_crypto_mutex[num]);
- xSemaphoreGive(esp_crypto_mutex[num]);
-}
-
-void esp_crypto_take(unsigned int num)
-{
- esp_crypto_sig[num]++;
-}
-
-void esp_crypto_give(unsigned int num)
-{
- if (esp_crypto_sig[num]) {
- esp_crypto_sig[num]--;
- }
-}
-
-bool esp_crypto_is_used(unsigned int num)
-{
- return (esp_crypto_sig[num] != 0) ? true : false;
-}
-
/*
- * FIPS-180-1 compliant SHA-1 implementation
+ * ESP32 hardware accelerated SHA1/256/512 implementation
+ * based on mbedTLS FIPS-197 compliant version.
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
*/
#include <string.h>
-#include "sha.h"
-#include "esp_crypto.h"
+#include <sys/lock.h>
+#include "hwcrypto/sha.h"
+#include "rom/ets_sys.h"
-/* Implementation that should never be optimized out by the compiler */
-//static void bzero( void *v, size_t n ) {
-// volatile unsigned char *p = v; while( n-- ) *p++ = 0;
-//}
-void esp_sha1_init( SHA1_CTX *ctx )
-{
- memset( ctx, 0, sizeof( SHA1_CTX ) );
+static _lock_t sha_lock;
- SHA_LOCK();
- SHA_TAKE();
+void esp_sha_acquire_hardware( void )
+{
+ /* newlib locks lazy initialize on ESP-IDF */
+ _lock_acquire(&sha_lock);
ets_sha_enable();
- SHA_UNLOCK();
+}
+
+void esp_sha_release_hardware( void )
+{
+ /* Want to empty internal SHA buffers where possible,
+ need to check if this is sufficient for this. */
+ SHA_CTX zero = { 0 };
+ ets_sha_init(&zero);
+ ets_sha_disable();
+ _lock_release(&sha_lock);
+}
+
+void esp_sha1_init( SHA1_CTX *ctx )
+{
+ bzero( ctx, sizeof( SHA1_CTX ) );
}
void esp_sha1_free( SHA1_CTX *ctx )
}
bzero( ctx, sizeof( SHA1_CTX ) );
-
- SHA_LOCK();
- SHA_GIVE();
-
- if (false == SHA_IS_USED()) {
- ets_sha_disable();
- }
-
- SHA_UNLOCK();
}
void esp_sha1_clone( SHA1_CTX *dst, const SHA1_CTX *src )
*dst = *src;
}
-void esp_sha1_process(SHA1_CTX *ctx, const unsigned char data[64])
-{
-
-}
-
/*
* SHA-1 context setup
*/
void esp_sha1_start( SHA1_CTX *ctx )
{
- SHA_LOCK();
- ets_sha_init(&ctx->context);
-
+ esp_sha_acquire_hardware();
ctx->context_type = SHA1;
}
void esp_sha1_finish( SHA1_CTX *ctx, unsigned char output[20] )
{
ets_sha_finish(&ctx->context, ctx->context_type, output);
- SHA_UNLOCK();
+ esp_sha_release_hardware();
}
/*
esp_sha1_free( &ctx );
}
-/////
-/* Implementation that should never be optimized out by the compiler */
void esp_sha256_init( SHA256_CTX *ctx )
{
- memset( ctx, 0, sizeof( SHA256_CTX ) );
-
- SHA_LOCK();
- SHA_TAKE();
- ets_sha_enable();
- SHA_UNLOCK();
-}
-
-void esp_sha256_process(SHA256_CTX *ctx, const unsigned char data[64])
-{
-
+ bzero( ctx, sizeof( SHA256_CTX ) );
}
void esp_sha256_free( SHA256_CTX *ctx )
}
bzero( ctx, sizeof( SHA256_CTX ) );
-
- SHA_LOCK();
- SHA_GIVE();
-
- if (false == SHA_IS_USED()) {
- ets_sha_disable();
- }
-
- SHA_UNLOCK();
}
void esp_sha256_clone( SHA256_CTX *dst, const SHA256_CTX *src )
*/
void esp_sha256_start( SHA256_CTX *ctx, int is224 )
{
- SHA_LOCK();
+ esp_sha_acquire_hardware();
ets_sha_init(&ctx->context);
if ( is224 == 0 ) {
void esp_sha256_finish( SHA256_CTX *ctx, unsigned char output[32] )
{
ets_sha_finish(&ctx->context, ctx->context_type, output);
- SHA_UNLOCK();
+ esp_sha_release_hardware();
}
/*
void esp_sha512_init( SHA512_CTX *ctx )
{
memset( ctx, 0, sizeof( SHA512_CTX ) );
-
- SHA_LOCK();
- SHA_TAKE();
- ets_sha_enable();
- SHA_UNLOCK();
-}
-
-void esp_sha512_process( SHA512_CTX *ctx, const unsigned char data[128] )
-{
-
}
void esp_sha512_free( SHA512_CTX *ctx )
}
bzero( ctx, sizeof( SHA512_CTX ) );
-
- SHA_LOCK();
- SHA_GIVE();
-
- if (false == SHA_IS_USED()) {
- ets_sha_disable();
- }
-
- SHA_UNLOCK();
}
void esp_sha512_clone( SHA512_CTX *dst, const SHA512_CTX *src )
*/
void esp_sha512_start( SHA512_CTX *ctx, int is384 )
{
- SHA_LOCK();
+ esp_sha_acquire_hardware();
ets_sha_init(&ctx->context);
if ( is384 == 0 ) {
void esp_sha512_finish( SHA512_CTX *ctx, unsigned char output[64] )
{
ets_sha_finish(&ctx->context, ctx->context_type, output);
- SHA_UNLOCK();
+ esp_sha_release_hardware();
}
/*
/**
* \file esp_aes.h
*
- * \brief AES block cipher
+ * \brief AES block cipher, ESP32 hardware accelerated version
+ * Based on mbedTLS version.
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
#define ESP_AES_H
#include "esp_types.h"
-#include "rom/ets_sys.h"
#include "rom/aes.h"
#ifdef __cplusplus
#define ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
typedef struct {
- bool keyflag;
- uint16_t keybits;
+ enum AES_BITS aesbits;
uint8_t key[32];
} key_context, KEY_CTX;
KEY_CTX dec;
} aes_context, AES_CTX;
+/**
+ * \brief Lock access to AES hardware unit
+ *
+ * AES hardware unit can only be used by one
+ * consumer at a time.
+ *
+ * esp_aes_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_aes_xxx functions directly.
+ */
+void esp_aes_acquire_hardware( void );
+
+/**
+ * \brief Unlock access to AES hardware unit
+ *
+ * esp_aes_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_aes_xxx functions directly.
+ */
+void esp_aes_release_hardware( void );
+
/**
* \brief Initialize AES context
*
/**
* \file bignum_alt.h
*
- * \brief Multi-precision integer library
+ * \brief Multi-precision integer library, ESP32 hardware accelerated version
+ * Based on mbedTLS version.
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ * Additions Copyright (C) 2016, Espressif Systems (Shanghai) PTE Ltd
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* limitations under the License.
*
*/
-
+
#ifndef _ESP_BIGNUM_H
#define _ESP_BIGNUM_H
#include "esp_types.h"
-#include "rom/ets_sys.h"
-#include "rom/bigint.h"
#define MPI_DEBUG_ALT
esp_mpi_uint *p; /*!< pointer to limbs */
}mpi, MPI_CTX;
+/**
+ * \brief Lock access to MPI hardware unit
+ *
+ * MPI hardware unit can only be used by one
+ * consumer at a time.
+ *
+ * esp_mpi_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_bigint_xxx functions directly.
+ */
+void esp_mpi_acquire_hardware( void );
+
+/**
+ * \brief Unlock access to MPI hardware unit
+ *
+ * esp_mpi_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_bigint_xxx functions directly.
+ */
+void esp_mpi_release_hardware( void );
+
/**
* \brief Initialize one MPI (make internal references valid)
* This just makes it ready to be set or freed,
+++ /dev/null
-#ifndef _MULTI_CRYPTO_H_
-#define _MULTI_CRYPTO_H_
-
-#include "esp_types.h"
-#include "rom/ets_sys.h"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-enum {
- AES_MUTEX = 0,
- BIGNUM_MUTEX,
- SHA_MUTEX,
-
- MUTEX_MAX_NUM,
-};
-
-int esp_crypto_init(void);
-
-void esp_crypto_lock(unsigned int num);
-void esp_crypto_unlock(unsigned int num);
-
-void esp_crypto_take(unsigned int num);
-void esp_crypto_give(unsigned int num);
-bool esp_crypto_is_used(unsigned int num);
-
-#define MUTEX_LOCK(num) esp_crypto_lock(num)
-#define MUTEX_UNLOCK(num) esp_crypto_unlock(num)
-
-#define SIG_TAKE(num) esp_crypto_take(num)
-#define SIG_GIVE(num) esp_crypto_give(num)
-#define SIG_IS_USED(num) esp_crypto_is_used(num)
-
-#define AES_LOCK() MUTEX_LOCK(AES_MUTEX)
-#define AES_UNLOCK() MUTEX_UNLOCK(AES_MUTEX)
-#define BIGNUM_LOCK() MUTEX_LOCK(BIGNUM_MUTEX)
-#define BIGNUM_UNLOCK() MUTEX_UNLOCK(BIGNUM_MUTEX)
-#define SHA_LOCK() MUTEX_LOCK(SHA_MUTEX)
-#define SHA_UNLOCK() MUTEX_UNLOCK(SHA_MUTEX)
-
-#define AES_TAKE() SIG_TAKE(AES_MUTEX)
-#define AES_GIVE() SIG_GIVE(AES_MUTEX)
-#define AES_IS_USED() SIG_IS_USED(AES_MUTEX)
-#define BIGNUM_TAKE() SIG_TAKE(BIGNUM_MUTEX)
-#define BIGNUM_GIVE() SIG_GIVE(BIGNUM_MUTEX)
-#define BIGNUM_IS_USED() SIG_IS_USED(BIGNUM_MUTEX)
-#define SHA_TAKE() SIG_TAKE(SHA_MUTEX)
-#define SHA_GIVE() SIG_GIVE(SHA_MUTEX)
-#define SHA_IS_USED() SIG_IS_USED(SHA_MUTEX)
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* esp_crypto.h */
#ifndef _ESP_SHA_H_
#define _ESP_SHA_H_
-#include "esp_types.h"
-#include "rom/ets_sys.h"
#include "rom/sha.h"
+#include "esp_types.h"
+
#ifdef __cplusplus
extern "C" {
#endif
*/
typedef struct {
SHA_CTX context;
- int context_type;
+ enum SHA_TYPE context_type; /* defined in rom/sha.h */
} sha_context;
typedef sha_context SHA1_CTX;
+/**
+ * \brief Lock access to SHA hardware unit
+ *
+ * SHA hardware unit can only be used by one
+ * consumer at a time.
+ *
+ * esp_sha_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_sha_xxx functions directly.
+ */
+void esp_sha_acquire_hardware( void );
+
+/**
+ * \brief Unlock access to SHA hardware unit
+ *
+ * esp_sha_xxx API calls automatically manage locking & unlocking of
+ * hardware, this function is only needed if you want to call
+ * ets_sha_xxx functions directly.
+ */
+void esp_sha_release_hardware( void );
+
/**
* \brief Initialize SHA-1 context
*
*/
void esp_sha1_clone( SHA1_CTX *dst, const SHA1_CTX *src );
-void esp_sha1_process(SHA1_CTX *ctx, const unsigned char data[64]);
-
/**
* \brief SHA-1 context setup
*
///
#define SHA256 SHA2_256
-#define SHA224 4
+#define SHA224 4 /* TODO: check this */
/**
* \brief SHA-256 context structure
* \param ctx SHA-256 context to be cleared
*/
void esp_sha256_free( SHA256_CTX *ctx );
-void esp_sha256_process(SHA256_CTX *ctx, const unsigned char data[64]);
/**
* \brief Clone (the state of) a SHA-256 context
*/
void esp_sha512_init( SHA512_CTX *ctx );
-void esp_sha512_process( SHA512_CTX *ctx, const unsigned char data[128] );
-
/**
* \brief Clear SHA-512 context
*
projects / esp-idf / commitdiff