diff options
| author | Vadim Sukhomlinov <sukhomlinov@google.com> | 2021-07-30 08:40:32 -0700 |
|---|---|---|
| committer | Commit Bot <commit-bot@chromium.org> | 2021-08-12 14:18:48 +0000 |
| commit | 7ddbd2a9eab0dc54897d6b5bb8ee1d4b3be1fe27 (patch) | |
| tree | 43356bb71d38ea7f5ea1639855ac3b322d460176 /board/cr50/dcrypto/internal.h | |
| parent | 43f6e7be087720507e57cf27e9460aae64c3b69a (diff) | |
| download | chrome-ec-7ddbd2a9eab0dc54897d6b5bb8ee1d4b3be1fe27.tar.gz | |
cr50: drop cryptoc for SHA1/SHA2 supportstabilize-14150.882.B-cr50_stabstabilize-14150.881.B-cr50_stabstabilize-14150.74.B-cr50_stabstabilize-14150.734.B-cr50_stabstabilize-14150.64.B-cr50_stabstabilize-14150.43.B-cr50_stabstabilize-14150.376.B-cr50_stabrelease-R94-14150.B-cr50_stabrelease-R94-14150.49.B-cr50_stab
To implement FIPS module we need to bring many crypto functions in the
module boundary. Unfortunately, cryptoc is a third-party library used
by dcrypto code in cr50. Cryptoc is also not well-maintained and shared
with other projects. While just making local copy of cryptoc would
solve an issue, it's suboptimal as prevents from many optimizations and
improvements.
Provided SHA & HMAC implementations from Ti50 project. This provides
better performance (500us vs. 670us earlier for HMAC DRBG) and reduce
code size. This implementation also enables stack use savings when
only specific digest is needed. Earlier SHA512 context was allocated
when only SHA256 is needed greatly increasing stack consumption for
code using HMAC_DRBG and others.
However, it introduce subtle API changes which require handling.
As for tests, since core implementation is hardware-independent, make
it available for BOARD=host too.
Before change (with cryptoc):
*** 12368 bytes in flash and 5784 bytes in RAM
After:
*** 13136 bytes in flash and 5796 bytes in RAM
BUG=b:138578318
TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
Change-Id: I2ff5362aee9078ce83dc1f8081943a5101d5f666
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3064201
Reviewed-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Auto-Submit: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Commit-Queue: Vadim Sukhomlinov <sukhomlinov@chromium.org>
Diffstat (limited to 'board/cr50/dcrypto/internal.h')
| -rw-r--r-- | board/cr50/dcrypto/internal.h | 56 |
1 files changed, 44 insertions, 12 deletions
diff --git a/board/cr50/dcrypto/internal.h b/board/cr50/dcrypto/internal.h index 2e6f62e2e8..17430036cb 100644 --- a/board/cr50/dcrypto/internal.h +++ b/board/cr50/dcrypto/internal.h @@ -2,7 +2,6 @@ * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ - #ifndef __EC_CHIP_G_DCRYPTO_INTERNAL_H #define __EC_CHIP_G_DCRYPTO_INTERNAL_H @@ -13,10 +12,7 @@ #include "util.h" #include "cryptoc/p256.h" -#include "cryptoc/sha.h" -#include "cryptoc/sha256.h" -#include "cryptoc/sha384.h" -#include "cryptoc/sha512.h" +#include "hmacsha2.h" #ifdef __cplusplus extern "C" { @@ -33,12 +29,16 @@ extern "C" { #define SHA_DIGEST_WORDS (SHA_DIGEST_SIZE / sizeof(uint32_t)) #define SHA256_DIGEST_WORDS (SHA256_DIGEST_SIZE / sizeof(uint32_t)) -#ifdef SHA512_SUPPORT +#ifdef CONFIG_UPTO_SHA512 #define SHA_DIGEST_MAX_BYTES SHA512_DIGEST_SIZE #else #define SHA_DIGEST_MAX_BYTES SHA256_DIGEST_SIZE #endif +#ifndef CHAR_BIT +#define CHAR_BIT 8 +#endif + enum sha_mode { SHA1_MODE = 0, SHA256_MODE = 1 @@ -56,12 +56,6 @@ struct access_helper { int dcrypto_grab_sha_hw(void); void dcrypto_release_sha_hw(void); #endif -void dcrypto_sha_hash(enum sha_mode mode, const uint8_t *data, - uint32_t n, uint8_t *digest); -void dcrypto_sha_init(enum sha_mode mode); -void dcrypto_sha_update(struct HASH_CTX *unused, - const void *data, uint32_t n); -void dcrypto_sha_wait(enum sha_mode mode, uint32_t *digest); /* * BIGNUM. @@ -206,6 +200,44 @@ uint32_t dcrypto_dmem_load(size_t offset, const void *words, size_t n_words); */ void *always_memset(void *s, int c, size_t n); +#ifndef __alias +#define __alias(func) __attribute__((alias(#func))) +#endif + +/* rotate 32-bit value right */ +static inline uint32_t ror(uint32_t value, int bits) +{ + /* return __builtin_rotateright32(value, bits); */ + return (value >> bits) | (value << (32 - bits)); +} + +/* rotate 64-bit value right */ +static inline uint64_t ror64(uint64_t value, int bits) +{ + /* return __builtin_rotateright64(value, bits); */ + return (value >> bits) | (value << (64 - bits)); +} + +/* rotate 32-bit value left */ +static inline uint32_t rol(uint32_t value, int bits) +{ + /* return __builtin_rotateleft32(value, bits); */ + return (value << bits) | (value >> (32 - bits)); +} + +/* rotate 64-bit value left */ +static inline uint64_t rol64(uint64_t value, int bits) +{ + /* return __builtin_rotateleft64(value, bits); */ + return (value << bits) | (value >> (64 - bits)); +} + +/* stack based allocation */ +#ifndef alloca +#define alloca __builtin_alloca +#endif + + /* * Key ladder. */ |