-
Notifications
You must be signed in to change notification settings - Fork 2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Move TI hardware acceleration into Matter repo (#9579)
Moved the SHA, AES, and ECJPAKE alt headers and source files into the Matter repository. Fixed an issue with the semantics of SHA256 context cloning. Changed the CHIPCryptoPALmbedTLS.cpp implementation to clone the temporary context back over the original context when done with the non-final finalization. Increased the SHA context opaque size in CHIPCryptoPAL.h to fit the TI driver accelerated SHA context. In future commits it may be possible to share a single SHA driver instance between all the contexts in mbedtls. This has the disadvantage of requiring a mutex for driver usage and reference counting. This would also increase processing time due to the thrashing of the internal digest buffer. But has the potential advantage that the SHA context can be copied directly with a memcpy. The Hash_SHA256_stream object is now created on the stack and let to fall out of context at the end of a translation unit. This causes an issue if the resources are not freed. Update the mbedtls PAL to initialize and free the underlying SHA context structure.
- Loading branch information
1 parent
6f73ebc
commit c4bf82e
Showing
14 changed files
with
1,493 additions
and
39 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,135 @@ | ||
/* | ||
* | ||
* Copyright (c) 2020 Project CHIP Authors | ||
* Copyright (c) 2020 Texas Instruments Incorporated | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
#include "aes_alt.h" | ||
#include "mbedtls/aes.h" | ||
|
||
#if defined(MBEDTLS_AES_ALT) | ||
|
||
#include <string.h> | ||
|
||
#include "ti_drivers_config.h" | ||
|
||
#include <ti/devices/DeviceFamily.h> | ||
#include <ti/drivers/AESECB.h> | ||
#include <ti/drivers/cryptoutils/cryptokey/CryptoKeyPlaintext.h> | ||
|
||
/* | ||
* number of active contexts, used for power on/off of the crypto core | ||
*/ | ||
static unsigned int ref_num = 0; | ||
|
||
static AESECB_Handle AESECB_handle = NULL; | ||
|
||
void mbedtls_aes_init(mbedtls_aes_context * ctx) | ||
{ | ||
AESECB_Params AESECBParams; | ||
|
||
if (ref_num == 0) | ||
{ | ||
AESECB_Params_init(&AESECBParams); | ||
AESECBParams.returnBehavior = AESECB_RETURN_BEHAVIOR_POLLING; | ||
AESECB_handle = AESECB_open(CONFIG_AESECB_1, &AESECBParams); | ||
|
||
// handle will be NULL if open failed, subsequent calls will fail with a generic HW error | ||
} | ||
ref_num++; | ||
} | ||
|
||
void mbedtls_aes_free(mbedtls_aes_context * ctx) | ||
{ | ||
if (ref_num > 0) | ||
{ | ||
ref_num--; | ||
if (ref_num == 0) | ||
{ | ||
AESECB_close(AESECB_handle); | ||
|
||
AESECB_handle = NULL; | ||
} | ||
} | ||
|
||
memset((void *) ctx, 0x00, sizeof(ctx)); | ||
} | ||
|
||
int mbedtls_aes_setkey_enc(mbedtls_aes_context * ctx, const unsigned char * key, unsigned int keybits) | ||
{ | ||
int_fast16_t statusCrypto; | ||
size_t keylen = keybits / 8U; // 8 bits in a byte | ||
|
||
if (keylen > sizeof(ctx->keyMaterial)) | ||
{ | ||
return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; | ||
} | ||
|
||
/* Initialize AES key */ | ||
memcpy(ctx->keyMaterial, key, keylen); | ||
statusCrypto = CryptoKeyPlaintext_initKey(&ctx->cryptoKey, (uint8_t *) ctx->keyMaterial, keylen); | ||
|
||
if (CryptoKey_STATUS_SUCCESS != statusCrypto) | ||
{ | ||
return MBEDTLS_ERR_AES_HW_ACCEL_FAILED; | ||
} | ||
|
||
return 0; | ||
} | ||
|
||
int mbedtls_aes_setkey_dec(mbedtls_aes_context * ctx, const unsigned char * key, unsigned int keybits) | ||
{ | ||
int_fast16_t statusCrypto; | ||
size_t keylen = keybits / 8U; // 8 bits in a byte | ||
|
||
if (keylen > sizeof(ctx->keyMaterial)) | ||
{ | ||
return MBEDTLS_ERR_AES_INVALID_KEY_LENGTH; | ||
} | ||
|
||
/* Initialize AES key */ | ||
statusCrypto = CryptoKeyPlaintext_initKey(&ctx->cryptoKey, (uint8_t *) key, keylen); | ||
|
||
if (CryptoKey_STATUS_SUCCESS != statusCrypto) | ||
{ | ||
return MBEDTLS_ERR_AES_HW_ACCEL_FAILED; | ||
} | ||
|
||
return 0; | ||
} | ||
|
||
int mbedtls_aes_crypt_ecb(mbedtls_aes_context * ctx, int mode, const unsigned char input[16], unsigned char output[16]) | ||
{ | ||
int statusCrypto; | ||
AESECB_Operation operationOneStepEncrypt; | ||
|
||
/* run it through the authentication + encryption, pass the ccmLVal = 2 */ | ||
AESECB_Operation_init(&operationOneStepEncrypt); | ||
|
||
operationOneStepEncrypt.key = &ctx->cryptoKey; | ||
operationOneStepEncrypt.inputLength = 16; | ||
operationOneStepEncrypt.input = (uint8_t *) input; | ||
operationOneStepEncrypt.output = (uint8_t *) output; | ||
|
||
statusCrypto = AESECB_oneStepEncrypt(AESECB_handle, &operationOneStepEncrypt); | ||
|
||
if (CryptoKey_STATUS_SUCCESS != statusCrypto) | ||
{ | ||
return MBEDTLS_ERR_AES_HW_ACCEL_FAILED; | ||
} | ||
|
||
return 0; | ||
} | ||
#endif |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
/* | ||
* | ||
* Copyright (c) 2020 Project CHIP Authors | ||
* Copyright (c) 2020 Texas Instruments Incorporated | ||
* | ||
* Licensed under the Apache License, Version 2.0 (the "License"); | ||
* you may not use this file except in compliance with the License. | ||
* You may obtain a copy of the License at | ||
* | ||
* http://www.apache.org/licenses/LICENSE-2.0 | ||
* | ||
* Unless required by applicable law or agreed to in writing, software | ||
* distributed under the License is distributed on an "AS IS" BASIS, | ||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
* See the License for the specific language governing permissions and | ||
* limitations under the License. | ||
*/ | ||
|
||
#pragma once | ||
|
||
#if !defined(MBEDTLS_CONFIG_FILE) | ||
#include "mbedtls-config.h" | ||
#else | ||
#include MBEDTLS_CONFIG_FILE | ||
#endif | ||
|
||
#if defined(MBEDTLS_AES_ALT) | ||
|
||
#include <ti/drivers/AESECB.h> | ||
#include <ti/drivers/cryptoutils/cryptokey/CryptoKey.h> | ||
|
||
#ifdef __cplusplus | ||
extern "C" { | ||
#endif | ||
|
||
typedef struct | ||
{ | ||
CryptoKey cryptoKey; /*!< structure for the AES driver */ | ||
uint32_t keyMaterial[16]; /*!< memory for the key bytes used by cryptoKey */ | ||
} mbedtls_aes_context; | ||
|
||
#ifdef __cplusplus | ||
} | ||
#endif | ||
|
||
#endif /* MBEDTLS_AES_ALT */ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.