From 7ddbd2a9eab0dc54897d6b5bb8ee1d4b3be1fe27 Mon Sep 17 00:00:00 2001 From: Vadim Sukhomlinov Date: Fri, 30 Jul 2021 08:40:32 -0700 Subject: cr50: drop cryptoc for SHA1/SHA2 support To implement FIPS module we need to bring many crypto functions in the module boundary. Unfortunately, cryptoc is a third-party library used by dcrypto code in cr50. Cryptoc is also not well-maintained and shared with other projects. While just making local copy of cryptoc would solve an issue, it's suboptimal as prevents from many optimizations and improvements. Provided SHA & HMAC implementations from Ti50 project. This provides better performance (500us vs. 670us earlier for HMAC DRBG) and reduce code size. This implementation also enables stack use savings when only specific digest is needed. Earlier SHA512 context was allocated when only SHA256 is needed greatly increasing stack consumption for code using HMAC_DRBG and others. However, it introduce subtle API changes which require handling. As for tests, since core implementation is hardware-independent, make it available for BOARD=host too. Before change (with cryptoc): *** 12368 bytes in flash and 5784 bytes in RAM After: *** 13136 bytes in flash and 5796 bytes in RAM BUG=b:138578318 TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py Signed-off-by: Vadim Sukhomlinov Change-Id: I2ff5362aee9078ce83dc1f8081943a5101d5f666 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3064201 Reviewed-by: Vadim Sukhomlinov Reviewed-by: Andrey Pronin Tested-by: Vadim Sukhomlinov Auto-Submit: Vadim Sukhomlinov Commit-Queue: Vadim Sukhomlinov --- chip/host/dcrypto/app_cipher.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'chip/host/dcrypto/app_cipher.c') diff --git a/chip/host/dcrypto/app_cipher.c b/chip/host/dcrypto/app_cipher.c index 4c4809005c..a3ce4e3184 100644 --- a/chip/host/dcrypto/app_cipher.c +++ b/chip/host/dcrypto/app_cipher.c @@ -9,15 +9,15 @@ void app_compute_hash(const void *p_buf, size_t num_bytes, void *p_hash, size_t hash_len) { - uint8_t digest[SHA256_DIGEST_SIZE]; + struct sha256_digest digest; /* * Use the built in dcrypto engine to generate the sha1 hash of the * buffer. */ - DCRYPTO_SHA256_hash(p_buf, num_bytes, digest); + SHA256_hw_hash(p_buf, num_bytes, &digest); - memcpy(p_hash, digest, MIN(hash_len, sizeof(digest))); + memcpy(p_hash, digest.b8, MIN(hash_len, sizeof(digest))); if (hash_len > sizeof(digest)) memset((uint8_t *)p_hash + sizeof(digest), 0, -- cgit v1.2.1