Skip to content

Commit

Permalink
Merge pull request #20698 from netd-tud/sha3_implementation
Browse files Browse the repository at this point in the history
sys/psa_crypto: sha3 support
  • Loading branch information
mguetschow authored Jul 15, 2024
2 parents 34dfaa2 + 9b50202 commit 9ca9696
Show file tree
Hide file tree
Showing 18 changed files with 532 additions and 1 deletion.
6 changes: 6 additions & 0 deletions features.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -839,6 +839,12 @@ groups:
help: SHA-512/224 hardware acceleration present.
- name: periph_hash_sha_512_256
help: SHA-512/256 hardware acceleration present.
- name: periph_hash_sha3_256
help: SHA-3/256 hardware acceleration present.
- name: periph_hash_sha3_384
help: SHA-3/384 hardware acceleration present.
- name: periph_hash_sha3_512
help: SHA-3/512 hardware acceleration present.
- name: periph_hmac_sha_256
help: HMAC SHA-256 hardware acceleration present.
- name: periph_hwrng
Expand Down
3 changes: 3 additions & 0 deletions makefiles/features_existing.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -180,6 +180,9 @@ FEATURES_EXISTING := \
periph_gpio_ll_switch_dir \
periph_gpio_tamper_wake \
periph_hash_md5 \
periph_hash_sha3_256 \
periph_hash_sha3_384 \
periph_hash_sha3_512 \
periph_hash_sha_1 \
periph_hash_sha_224 \
periph_hash_sha_256 \
Expand Down
3 changes: 3 additions & 0 deletions makefiles/features_modules.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,9 @@ PERIPH_IGNORE_MODULES := \
periph_gpio_ll% \
periph_gpio_mux \
periph_hash_sha_1 \
periph_hash_sha3_256 \
periph_hash_sha3_384 \
periph_hash_sha3_512 \
periph_hash_sha_224 \
periph_hash_sha_256 \
periph_hash_sha_384 \
Expand Down
3 changes: 3 additions & 0 deletions makefiles/pseudomodules.inc.mk
Original file line number Diff line number Diff line change
Expand Up @@ -363,6 +363,9 @@ PSEUDOMODULES += psa_riot_hashes_sha_224
PSEUDOMODULES += psa_riot_hashes_sha_256
PSEUDOMODULES += psa_riot_hashes_sha_384
PSEUDOMODULES += psa_riot_hashes_sha_512
PSEUDOMODULES += psa_riot_hashes_sha3_256
PSEUDOMODULES += psa_riot_hashes_sha3_384
PSEUDOMODULES += psa_riot_hashes_sha3_512
PSEUDOMODULES += psa_riot_hashes_sha_512_224
PSEUDOMODULES += psa_riot_hashes_sha_512_256
PSEUDOMODULES += psa_riot_hashes_hmac_sha256
Expand Down
41 changes: 41 additions & 0 deletions sys/hashes/psa_riot_hashes/sha3_256.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* Copyright (C) 2024 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
*
* @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha3_256_update(psa_hashes_sha3_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha3_update((keccak_state_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_256_setup(psa_hashes_sha3_ctx_t *ctx)
{
sha3_256_init((keccak_state_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_256_finish(psa_hashes_sha3_ctx_t *ctx,
uint8_t *hash)
{
sha3_256_final((keccak_state_t *)ctx, hash);
return PSA_SUCCESS;
}
41 changes: 41 additions & 0 deletions sys/hashes/psa_riot_hashes/sha3_384.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* Copyright (C) 2024 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
*
* @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha3_384_update(psa_hashes_sha3_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha3_update((keccak_state_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_384_setup(psa_hashes_sha3_ctx_t *ctx)
{
sha3_384_init((keccak_state_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_384_finish(psa_hashes_sha3_ctx_t *ctx,
uint8_t *hash)
{
sha3_384_final((keccak_state_t *)ctx, hash);
return PSA_SUCCESS;
}
41 changes: 41 additions & 0 deletions sys/hashes/psa_riot_hashes/sha3_512.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
* Copyright (C) 2024 TU Dresden
*
* This file is subject to the terms and conditions of the GNU Lesser
* General Public License v2.1. See the file LICENSE in the top level
* directory for more details.
*/

/**
* @ingroup sys_psa_crypto
* @{
*
* @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
*
* @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
*
* @}
*/
#include "psa/crypto.h"
#include "hashes/psa/riot_hashes.h"

psa_status_t psa_hashes_sha3_512_update(psa_hashes_sha3_ctx_t *ctx,
const uint8_t *input,
size_t input_length)
{
sha3_update((keccak_state_t *)ctx, input, input_length);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_512_setup(psa_hashes_sha3_ctx_t *ctx)
{
sha3_512_init((keccak_state_t *)ctx);
return PSA_SUCCESS;
}

psa_status_t psa_hashes_sha3_512_finish(psa_hashes_sha3_ctx_t *ctx,
uint8_t *hash)
{
sha3_512_final((keccak_state_t *)ctx, hash);
return PSA_SUCCESS;
}
8 changes: 8 additions & 0 deletions sys/include/hashes/psa/riot_hashes.h
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,14 @@ typedef sha512_256_context_t psa_hashes_sha512_256_ctx_t;
#include "hashes/sha256.h"
#endif

#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_256) \
|| IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_384) \
|| IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_512))
#include "hashes/sha3.h"

typedef keccak_state_t psa_hashes_sha3_ctx_t;
#endif

#ifdef __cplusplus
}
#endif
Expand Down
4 changes: 4 additions & 0 deletions sys/include/psa_crypto/psa/crypto_contexts.h
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,10 @@ typedef union {
#if IS_USED(MODULE_PSA_HASH_SHA_512) || defined(DOXYGEN)
psa_hashes_sha512_ctx_t sha512; /**< SHA-512 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA3_256) || IS_USED(MODULE_PSA_HASH_SHA3_384) \
|| IS_USED(MODULE_PSA_HASH_SHA3_512) || defined(DOXYGEN)
psa_hashes_sha3_ctx_t sha3; /**< SHA-3 context */
#endif
#if IS_USED(MODULE_PSA_HASH_SHA_512_224) || defined(DOXYGEN)
psa_hashes_sha512_224_ctx_t sha512_224; /**< SHA-512/224 context */
#endif
Expand Down
3 changes: 2 additions & 1 deletion sys/include/psa_crypto/psa/crypto_includes.h
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@ extern "C" {
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_1) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256)
IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_256) || \
IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_384) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_512)
#include "hashes/psa/riot_hashes.h"
#endif

Expand Down
72 changes: 72 additions & 0 deletions sys/psa_crypto/Makefile.dep
Original file line number Diff line number Diff line change
Expand Up @@ -324,6 +324,78 @@ ifneq (,$(filter psa_hash_sha_512_256_backend_riot,$(USEMODULE)))
USEMODULE += psa_riot_hashes_sha_512_256
endif

## SHA-3/256
ifneq (,$(filter psa_hash_sha3_256,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha3_256_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha3_256
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha3_256,$(FEATURES_USED)))
USEMODULE += psa_hash_sha3_256_backend_periph
else
USEMODULE += psa_hash_sha3_256_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha3_256_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha3_256
endif

ifneq (,$(filter psa_hash_sha3_256_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha3_256
endif

## SHA-3/384
ifneq (,$(filter psa_hash_sha3_384,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha3_384_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha3_384
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha3_384,$(FEATURES_USED)))
USEMODULE += psa_hash_sha3_384_backend_periph
else
USEMODULE += psa_hash_sha3_384_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha3_384_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha3_384
endif

ifneq (,$(filter psa_hash_sha3_384_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha3_384
endif

## SHA-3/512
ifneq (,$(filter psa_hash_sha3_512,$(USEMODULE)))
ifeq (,$(filter psa_hash_sha3_512_custom_backend,$(USEMODULE)))
FEATURES_OPTIONAL += periph_hash_sha3_512
include $(RIOTMAKE)/features_check.inc.mk
# HACK: Due to kconfig migration, may cause problems
ifneq (,$(filter periph_hash_sha3_512,$(FEATURES_USED)))
USEMODULE += psa_hash_sha3_512_backend_periph
else
USEMODULE += psa_hash_sha3_512_backend_riot
endif
endif
endif

ifneq (,$(filter psa_hash_sha3_512_backend_periph,$(USEMODULE)))
FEATURES_REQUIRED += periph_hash_sha3_512
endif

ifneq (,$(filter psa_hash_sha3_512_backend_riot,$(USEMODULE)))
USEMODULE += hashes
USEMODULE += psa_riot_hashes
USEMODULE += psa_riot_hashes_sha3_512
endif

# Key Management
ifneq (,$(filter psa_key_management,$(USEMODULE)))
USEMODULE += psa_key_slot_mgmt
Expand Down
36 changes: 36 additions & 0 deletions sys/psa_crypto/Makefile.include
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,42 @@ ifneq (,$(filter psa_hash_sha_512,$(USEMODULE)))
endif
endif

PSEUDOMODULES += psa_hash_sha3_256
PSEUDOMODULES += psa_hash_sha3_256_backend_periph
PSEUDOMODULES += psa_hash_sha3_256_backend_riot
PSEUDOMODULES += psa_hash_sha3_256_custom_backend

# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha3_256,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha3_256))
$(error "One (and only one) backend should be selected for psa_hash_sha3_256")
endif
endif

PSEUDOMODULES += psa_hash_sha3_384
PSEUDOMODULES += psa_hash_sha3_384_backend_periph
PSEUDOMODULES += psa_hash_sha3_384_backend_riot
PSEUDOMODULES += psa_hash_sha3_384_custom_backend

# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha3_384,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha3_384))
$(error "One (and only one) backend should be selected for psa_hash_sha3_384")
endif
endif

PSEUDOMODULES += psa_hash_sha3_512
PSEUDOMODULES += psa_hash_sha3_512_backend_periph
PSEUDOMODULES += psa_hash_sha3_512_backend_riot
PSEUDOMODULES += psa_hash_sha3_512_custom_backend

# check that one and only one backend has been selected
ifneq (,$(filter psa_hash_sha3_512,$(USEMODULE)))
ifneq (1,$(call backends,psa_hash_sha3_512))
$(error "One (and only one) backend should be selected for psa_hash_sha3_512")
endif
endif

PSEUDOMODULES += psa_hash_sha_512_224
PSEUDOMODULES += psa_hash_sha_512_224_backend_periph
PSEUDOMODULES += psa_hash_sha_512_224_backend_riot
Expand Down
18 changes: 18 additions & 0 deletions sys/psa_crypto/doc.txt
Original file line number Diff line number Diff line change
Expand Up @@ -336,6 +336,24 @@
* - psa_hash_sha_512_256_custom_backend
* - psa_hash_sha_512_256_backend_riot
*
* #### SHA 3/256
* - psa_hash_sha3_256
* - psa_hash_sha3_256_backend_periph
* - psa_hash_sha3_256_custom_backend
* - psa_hash_sha3_256_backend_riot
*
* #### SHA 3/384
* - psa_hash_sha3_384
* - psa_hash_sha3_384_backend_periph
* - psa_hash_sha3_384_custom_backend
* - psa_hash_sha3_384_backend_riot
*
* #### SHA 3/512
* - psa_hash_sha3_512
* - psa_hash_sha3_512_backend_periph
* - psa_hash_sha3_512_custom_backend
* - psa_hash_sha3_512_backend_riot
*
* ### MAC
* - Base: psa_mac
*
Expand Down
Loading

0 comments on commit 9ca9696

Please sign in to comment.