mirror of
				https://github.com/espressif/esp-idf.git
				synced 2025-10-24 19:12:38 +00:00 
			
		
		
		
	Merge branch 'feature/mbedtls_md5_update_v4.3' into 'release/v4.3'
mbedtls: Add CONFIG_MBEDTLS_ROM_MD to enable ROM MD acceleration(back port v4.3) See merge request espressif/esp-idf!13133
This commit is contained in:
		| @@ -152,6 +152,10 @@ if(CONFIG_MBEDTLS_HARDWARE_GCM) | |||||||
|     target_sources(mbedcrypto PRIVATE  "${COMPONENT_DIR}/port/aes/esp_aes_gcm.c") |     target_sources(mbedcrypto PRIVATE  "${COMPONENT_DIR}/port/aes/esp_aes_gcm.c") | ||||||
| endif() | endif() | ||||||
|  |  | ||||||
|  | if(CONFIG_MBEDTLS_ROM_MD5) | ||||||
|  |     target_sources(mbedcrypto PRIVATE  "${COMPONENT_DIR}/port/md/esp_md.c") | ||||||
|  | endif() | ||||||
|  |  | ||||||
| foreach(target ${mbedtls_targets}) | foreach(target ${mbedtls_targets}) | ||||||
|     target_compile_definitions(${target} PUBLIC -DMBEDTLS_CONFIG_FILE="mbedtls/esp_config.h") |     target_compile_definitions(${target} PUBLIC -DMBEDTLS_CONFIG_FILE="mbedtls/esp_config.h") | ||||||
| endforeach() | endforeach() | ||||||
|   | |||||||
| @@ -293,6 +293,12 @@ menu "mbedTLS" | |||||||
|             SHA hardware acceleration is faster than software in some situations but |             SHA hardware acceleration is faster than software in some situations but | ||||||
|             slower in others. You should benchmark to find the best setting for you. |             slower in others. You should benchmark to find the best setting for you. | ||||||
|  |  | ||||||
|  |     config MBEDTLS_ROM_MD5 | ||||||
|  |         bool "Use MD5 implementation in ROM" | ||||||
|  |         default y | ||||||
|  |         help | ||||||
|  |             Use ROM MD5 in mbedTLS. | ||||||
|  |  | ||||||
|     config MBEDTLS_ATCA_HW_ECDSA_SIGN |     config MBEDTLS_ATCA_HW_ECDSA_SIGN | ||||||
|         bool "Enable hardware ECDSA sign acceleration when using ATECC608A" |         bool "Enable hardware ECDSA sign acceleration when using ATECC608A" | ||||||
|         default n |         default n | ||||||
|   | |||||||
| @@ -5,7 +5,7 @@ | |||||||
|  |  | ||||||
| COMPONENT_ADD_INCLUDEDIRS := port/include mbedtls/include esp_crt_bundle/include | COMPONENT_ADD_INCLUDEDIRS := port/include mbedtls/include esp_crt_bundle/include | ||||||
|  |  | ||||||
| COMPONENT_SRCDIRS := mbedtls/library port port/$(IDF_TARGET) port/sha port/sha/parallel_engine port/aes port/aes/block esp_crt_bundle | COMPONENT_SRCDIRS := mbedtls/library port port/$(IDF_TARGET) port/sha port/sha/parallel_engine port/aes port/aes/block port/md esp_crt_bundle | ||||||
|  |  | ||||||
| COMPONENT_OBJEXCLUDE := mbedtls/library/net_sockets.o | COMPONENT_OBJEXCLUDE := mbedtls/library/net_sockets.o | ||||||
|  |  | ||||||
|   | |||||||
| @@ -144,6 +144,15 @@ | |||||||
| #undef MBEDTLS_SHA512_ALT | #undef MBEDTLS_SHA512_ALT | ||||||
| #endif | #endif | ||||||
|  |  | ||||||
|  | /* MBEDTLS_MDx_ALT to enable ROM MD support | ||||||
|  |    with software fallback. | ||||||
|  | */ | ||||||
|  | #ifdef CONFIG_MBEDTLS_ROM_MD5 | ||||||
|  | #define MBEDTLS_MD5_ALT | ||||||
|  | #else | ||||||
|  | #undef MBEDTLS_MD5_ALT | ||||||
|  | #endif | ||||||
|  |  | ||||||
| /* The following MPI (bignum) functions have ESP32 hardware support. | /* The following MPI (bignum) functions have ESP32 hardware support. | ||||||
|    For exponential mod, both software and hardware implementation |    For exponential mod, both software and hardware implementation | ||||||
|    will be compiled. If CONFIG_MBEDTLS_HARDWARE_MPI is enabled, mod APIs |    will be compiled. If CONFIG_MBEDTLS_HARDWARE_MPI is enabled, mod APIs | ||||||
|   | |||||||
							
								
								
									
										154
									
								
								components/mbedtls/port/include/md/esp_md.h
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										154
									
								
								components/mbedtls/port/include/md/esp_md.h
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,154 @@ | |||||||
|  | // Copyright 2020 Espressif Systems (Shanghai) PTE LTD | ||||||
|  | // | ||||||
|  | // Licensed under the Apache License, Version 2.0 (the "License"); | ||||||
|  | // you may not use this file except in compliance with the License. | ||||||
|  | // You may obtain a copy of the License at | ||||||
|  |  | ||||||
|  | //     http://www.apache.org/licenses/LICENSE-2.0 | ||||||
|  | // | ||||||
|  | // Unless required by applicable law or agreed to in writing, software | ||||||
|  | // distributed under the License is distributed on an "AS IS" BASIS, | ||||||
|  | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||||
|  | // See the License for the specific language governing permissions and | ||||||
|  |  | ||||||
|  | #pragma once | ||||||
|  |  | ||||||
|  | #include "esp_rom_md5.h" | ||||||
|  |  | ||||||
|  | #ifdef __cplusplus | ||||||
|  | extern "C" { | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | typedef struct MD5Context mbedtls_md5_context; | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          Initialize MD5 context | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context to be initialized | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | int esp_md5_init_ret( mbedtls_md5_context *ctx ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          Clear MD5 context | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context to be cleared | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | void esp_md5_free( mbedtls_md5_context *ctx ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          Clone (the state of) an MD5 context | ||||||
|  |  * | ||||||
|  |  * \param dst      The destination context | ||||||
|  |  * \param src      The context to be cloned | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | void esp_md5_clone( mbedtls_md5_context *dst, const mbedtls_md5_context *src ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 process buffer | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context | ||||||
|  |  * \param input    buffer holding the data | ||||||
|  |  * \param ilen     length of the input data | ||||||
|  |  * | ||||||
|  |  * \return         0 if successful | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | int esp_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 final digest | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context | ||||||
|  |  * \param output   MD5 checksum result | ||||||
|  |  * | ||||||
|  |  * \return         0 if successful | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | int esp_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 process data block (internal use only) | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context | ||||||
|  |  * \param data     buffer holding one block of data | ||||||
|  |  * | ||||||
|  |  * \return         0 if successful | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | int esp_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 context setup | ||||||
|  |  * | ||||||
|  |  * \deprecated     Superseded by mbedtls_md5_starts_ret() in 2.7.0 | ||||||
|  |  * | ||||||
|  |  * \param ctx      context to be initialized | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | void esp_md5_init( mbedtls_md5_context *ctx ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 process buffer | ||||||
|  |  * | ||||||
|  |  * \deprecated     Superseded by mbedtls_md5_update_ret() in 2.7.0 | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context | ||||||
|  |  * \param input    buffer holding the data | ||||||
|  |  * \param ilen     length of the input data | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | void esp_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ); | ||||||
|  |  | ||||||
|  | /** | ||||||
|  |  * \brief          MD5 final digest | ||||||
|  |  * | ||||||
|  |  * \deprecated     Superseded by mbedtls_md5_finish_ret() in 2.7.0 | ||||||
|  |  * | ||||||
|  |  * \param ctx      MD5 context | ||||||
|  |  * \param output   MD5 checksum result | ||||||
|  |  * | ||||||
|  |  * \warning        MD5 is considered a weak message digest and its use | ||||||
|  |  *                 constitutes a security risk. We recommend considering | ||||||
|  |  *                 stronger message digests instead. | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | void esp_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ); | ||||||
|  |  | ||||||
|  | #ifdef __cplusplus | ||||||
|  | } | ||||||
|  | #endif | ||||||
							
								
								
									
										50
									
								
								components/mbedtls/port/include/md5_alt.h
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										50
									
								
								components/mbedtls/port/include/md5_alt.h
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,50 @@ | |||||||
|  | /** | ||||||
|  |  * \file md5_alt.h | ||||||
|  |  * | ||||||
|  |  * \brief MD5 block cipher | ||||||
|  |  * | ||||||
|  |  *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved | ||||||
|  |  *  SPDX-License-Identifier: Apache-2.0 | ||||||
|  |  * | ||||||
|  |  *  Licensed under the Apache License, Version 2.0 (the "License"); you may | ||||||
|  |  *  not use this file except in compliance with the License. | ||||||
|  |  *  You may obtain a copy of the License at | ||||||
|  |  * | ||||||
|  |  *  http://www.apache.org/licenses/LICENSE-2.0 | ||||||
|  |  * | ||||||
|  |  *  Unless required by applicable law or agreed to in writing, software | ||||||
|  |  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT | ||||||
|  |  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||||
|  |  *  See the License for the specific language governing permissions and | ||||||
|  |  *  limitations under the License. | ||||||
|  |  * | ||||||
|  |  * | ||||||
|  |  */ | ||||||
|  | #ifndef MD5_ALT_H | ||||||
|  | #define MD5_ALT_H | ||||||
|  |  | ||||||
|  | #ifdef __cplusplus | ||||||
|  | extern "C" { | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #if defined(MBEDTLS_MD5_ALT) | ||||||
|  | #include "md/esp_md.h" | ||||||
|  |  | ||||||
|  | #define mbedtls_md5_init                        esp_md5_init | ||||||
|  | #define mbedtls_md5_update                      esp_md5_update | ||||||
|  | #define mbedtls_md5_finish                      esp_md5_finish | ||||||
|  | #define mbedtls_md5_starts_ret                  esp_md5_init_ret | ||||||
|  | #define mbedtls_md5_update_ret                  esp_md5_update_ret | ||||||
|  | #define mbedtls_md5_finish_ret                  esp_md5_finish_ret | ||||||
|  |  | ||||||
|  | #define mbedtls_md5_free                        esp_md5_free | ||||||
|  | #define mbedtls_md5_clone                       esp_md5_clone | ||||||
|  | #define mbedtls_internal_md5_process            esp_md5_process | ||||||
|  |  | ||||||
|  | #endif /* MBEDTLS_MD5_ALT */ | ||||||
|  |  | ||||||
|  | #ifdef __cplusplus | ||||||
|  | } | ||||||
|  | #endif | ||||||
|  |  | ||||||
|  | #endif | ||||||
							
								
								
									
										78
									
								
								components/mbedtls/port/md/esp_md.c
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										78
									
								
								components/mbedtls/port/md/esp_md.c
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,78 @@ | |||||||
|  | // Copyright 2020 Espressif Systems (Shanghai) PTE LTD | ||||||
|  | // | ||||||
|  | // Licensed under the Apache License, Version 2.0 (the "License"); | ||||||
|  | // you may not use this file except in compliance with the License. | ||||||
|  | // You may obtain a copy of the License at | ||||||
|  |  | ||||||
|  | //     http://www.apache.org/licenses/LICENSE-2.0 | ||||||
|  | // | ||||||
|  | // Unless required by applicable law or agreed to in writing, software | ||||||
|  | // distributed under the License is distributed on an "AS IS" BASIS, | ||||||
|  | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||||
|  | // See the License for the specific language governing permissions and | ||||||
|  |  | ||||||
|  | #include <stdio.h> | ||||||
|  | #include <string.h> | ||||||
|  | #include "mbedtls/md5.h" | ||||||
|  | #include "mbedtls/platform_util.h" | ||||||
|  |  | ||||||
|  | #if defined(MBEDTLS_MD5_ALT) | ||||||
|  | #include "md/esp_md.h" | ||||||
|  |  | ||||||
|  | int esp_md5_finish_ret( mbedtls_md5_context *ctx, unsigned char output[16] ) | ||||||
|  | { | ||||||
|  |     esp_rom_md5_final(output, ctx); | ||||||
|  |  | ||||||
|  |     return 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | int esp_md5_update_ret( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) | ||||||
|  | { | ||||||
|  |     esp_rom_md5_update(ctx, input, ilen); | ||||||
|  |  | ||||||
|  |     return 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | int esp_md5_init_ret( mbedtls_md5_context *ctx ) | ||||||
|  | { | ||||||
|  |     esp_rom_md5_init(ctx); | ||||||
|  |  | ||||||
|  |     return 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | void esp_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ) | ||||||
|  | { | ||||||
|  |     esp_md5_finish_ret(ctx, output); | ||||||
|  | } | ||||||
|  |  | ||||||
|  | void esp_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) | ||||||
|  | { | ||||||
|  |     esp_md5_update_ret(ctx, input, ilen); | ||||||
|  | } | ||||||
|  |  | ||||||
|  | void esp_md5_init( mbedtls_md5_context *ctx ) | ||||||
|  | { | ||||||
|  |     esp_md5_init_ret(ctx); | ||||||
|  | } | ||||||
|  |  | ||||||
|  | void esp_md5_free( mbedtls_md5_context *ctx ) | ||||||
|  | { | ||||||
|  |     if (ctx == NULL) { | ||||||
|  |         return; | ||||||
|  |     } | ||||||
|  |  | ||||||
|  |     mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md5_context ) ); | ||||||
|  | } | ||||||
|  |  | ||||||
|  | int esp_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] ) | ||||||
|  | { | ||||||
|  |     esp_md5_update_ret(ctx, data, 64); | ||||||
|  |  | ||||||
|  |     return 0; | ||||||
|  | } | ||||||
|  |  | ||||||
|  | void esp_md5_clone( mbedtls_md5_context *dst, const mbedtls_md5_context *src ) | ||||||
|  | { | ||||||
|  |     *dst = *src; | ||||||
|  | } | ||||||
|  | #endif | ||||||
		Reference in New Issue
	
	Block a user
	 Mahavir Jain
					Mahavir Jain