From 7ddbd2a9eab0dc54897d6b5bb8ee1d4b3be1fe27 Mon Sep 17 00:00:00 2001 From: Vadim Sukhomlinov Date: Fri, 30 Jul 2021 08:40:32 -0700 Subject: cr50: drop cryptoc for SHA1/SHA2 support To implement FIPS module we need to bring many crypto functions in the module boundary. Unfortunately, cryptoc is a third-party library used by dcrypto code in cr50. Cryptoc is also not well-maintained and shared with other projects. While just making local copy of cryptoc would solve an issue, it's suboptimal as prevents from many optimizations and improvements. Provided SHA & HMAC implementations from Ti50 project. This provides better performance (500us vs. 670us earlier for HMAC DRBG) and reduce code size. This implementation also enables stack use savings when only specific digest is needed. Earlier SHA512 context was allocated when only SHA256 is needed greatly increasing stack consumption for code using HMAC_DRBG and others. However, it introduce subtle API changes which require handling. As for tests, since core implementation is hardware-independent, make it available for BOARD=host too. Before change (with cryptoc): *** 12368 bytes in flash and 5784 bytes in RAM After: *** 13136 bytes in flash and 5796 bytes in RAM BUG=b:138578318 TEST=make BOARD=cr50 CRYPTO_TEST=1; test/tpm_test/tpmtest.py Signed-off-by: Vadim Sukhomlinov Change-Id: I2ff5362aee9078ce83dc1f8081943a5101d5f666 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3064201 Reviewed-by: Vadim Sukhomlinov Reviewed-by: Andrey Pronin Tested-by: Vadim Sukhomlinov Auto-Submit: Vadim Sukhomlinov Commit-Queue: Vadim Sukhomlinov --- fuzz/mem_hash_tree.cc | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'fuzz') diff --git a/fuzz/mem_hash_tree.cc b/fuzz/mem_hash_tree.cc index 15c9de4142..88e85b87cf 100644 --- a/fuzz/mem_hash_tree.cc +++ b/fuzz/mem_hash_tree.cc @@ -72,23 +72,23 @@ void MemHashTree::UpdatePath(uint64_t label, for (int level = 0; level < height_; ++level) { shifted_parent_label &= ~child_index_mask; - LITE_SHA256_CTX ctx; - DCRYPTO_SHA256_init(&ctx, 1); + struct sha256_ctx ctx; + SHA256_hw_init(&ctx); int empty_nodes = 0; for (int index = 0; index < fan_out; ++index) { auto itr = hash_tree_.find(MaskedLabel(shifted_parent_label | index, level)); if (itr == hash_tree_.end()) { - HASH_update(&ctx, empty_node_hashes_[level].data(), + SHA256_update(&ctx, empty_node_hashes_[level].data(), empty_node_hashes_[level].size()); ++empty_nodes; } else { - HASH_update(&ctx, itr->second.data(), itr->second.size()); + SHA256_update(&ctx, itr->second.data(), itr->second.size()); } } shifted_parent_label = shifted_parent_label >> bits_per_level_; - const uint8_t* temp = HASH_final(&ctx); + const uint8_t* temp = SHA256_final(&ctx)->b8; std::copy(temp, temp + SHA256_DIGEST_SIZE, hash.begin()); MaskedLabel node_key(shifted_parent_label, level + 1); if (empty_nodes == fan_out) { @@ -118,12 +118,12 @@ void MemHashTree::Reset(uint8_t bits_per_level, uint8_t height) { uint8_t fan_out = 1 << bits_per_level; for (int level = 1; level < height; ++level) { - LITE_SHA256_CTX ctx; - DCRYPTO_SHA256_init(&ctx, 1); + struct sha256_ctx ctx; + SHA256_hw_init(&ctx); for (int index = 0; index < fan_out; ++index) { - HASH_update(&ctx, hash.data(), hash.size()); + SHA256_update(&ctx, hash.data(), hash.size()); } - const uint8_t* temp = HASH_final(&ctx); + const uint8_t* temp = SHA256_final(&ctx)->b8; std::copy(temp, temp + SHA256_DIGEST_SIZE, hash.begin()); empty_node_hashes_[level] = hash; } -- cgit v1.2.1