This is an automated email from the ASF dual-hosted git repository.
xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/nuttx.git
commit bc0fe0ea16c8124e56309bf5bb98c363940d4a97
Author: anjiahao <anjia...@xiaomi.com>
AuthorDate: Thu Sep 8 14:13:08 2022 +0800
crypto:add some hardware support
esp32c3: aes hmac-sha1 hmac-sha256
stm32f0l0g0 stm32l1 : aes
sam34: aes
lpc43: aes
Signed-off-by: anjiahao <anjia...@xiaomi.com>
---
arch/arm/src/lpc43xx/Make.defs | 4 +
arch/arm/src/lpc43xx/lpc43_aes.c | 2 +-
arch/arm/src/lpc43xx/lpc43_crypto.c | 130 ++++++
arch/arm/src/sam34/Make.defs | 4 +
arch/arm/src/sam34/sam_crypto.c | 160 +++++++
arch/arm/src/stm32/Make.defs | 4 +
arch/arm/src/stm32/stm32_crypto.c | 152 ++++++
arch/arm/src/stm32f0l0g0/stm32_crypto.c | 160 +++++++
arch/risc-v/src/esp32c3/Make.defs | 4 +
arch/risc-v/src/esp32c3/esp32c3_aes.c | 19 +-
arch/risc-v/src/esp32c3/esp32c3_aes.h | 8 +
arch/risc-v/src/esp32c3/esp32c3_crypto.c | 518 +++++++++++++++++++++
arch/risc-v/src/esp32c3/esp32c3_sha.h | 148 ++++++
.../esp32c3-devkit/configs/crypto/defconfig | 51 ++
crypto/Kconfig | 5 +
crypto/Makefile | 1 +
crypto/cryptosoft.c | 40 --
crypto/hmac_buff.c | 70 +++
include/crypto/cryptodev.h | 10 +
include/crypto/cryptosoft.h | 3 -
20 files changed, 1440 insertions(+), 53 deletions(-)
diff --git a/arch/arm/src/lpc43xx/Make.defs b/arch/arm/src/lpc43xx/Make.defs
index ab3c658702..8ec251feb6 100644
--- a/arch/arm/src/lpc43xx/Make.defs
+++ b/arch/arm/src/lpc43xx/Make.defs
@@ -126,6 +126,10 @@ ifeq ($(CONFIG_CRYPTO_AES),y)
CHIP_CSRCS += lpc43_aes.c
endif
+ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y)
+CHIP_CSRCS += lpc43_crypto.c
+endif
+
ifeq ($(CONFIG_LPC43_USB0),y)
ifeq ($(CONFIG_USBDEV),y)
CHIP_CSRCS += lpc43_usb0dev.c
diff --git a/arch/arm/src/lpc43xx/lpc43_aes.c b/arch/arm/src/lpc43xx/lpc43_aes.c
index 04c71ea083..e394de0416 100644
--- a/arch/arm/src/lpc43xx/lpc43_aes.c
+++ b/arch/arm/src/lpc43xx/lpc43_aes.c
@@ -37,7 +37,7 @@
#include "arm_internal.h"
#include "chip.h"
-#include <chip/lpc43_aes.h>
+#include <hardware/lpc43_aes.h>
#define AES_BLOCK_SIZE 16
diff --git a/arch/arm/src/lpc43xx/lpc43_crypto.c
b/arch/arm/src/lpc43xx/lpc43_crypto.c
new file mode 100644
index 0000000000..cd06c321e6
--- /dev/null
+++ b/arch/arm/src/lpc43xx/lpc43_crypto.c
@@ -0,0 +1,130 @@
+/****************************************************************************
+ * arch/arm/src/lpc43xx/lpc43_crypto.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <errno.h>
+#include <stdint.h>
+
+#include <crypto/cryptodev.h>
+#include <crypto/xform.h>
+#include <nuttx/crypto/crypto.h>
+
+/****************************************************************************
+ * Private Data
+ ****************************************************************************/
+
+static uint32_t g_lpc43_sesnum;
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: authcompute
+ *
+ * Description:
+ * Calculate the hash.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: lpc43_newsession
+ *
+ * Description:
+ * create new session for crypto.
+ *
+ ****************************************************************************/
+
+static int lpc43_newsession(uint32_t *sid, struct cryptoini *cri)
+{
+ if (sid == NULL || cri == NULL || cri->cri_alg != CRYPTO_AES_CBC)
+ {
+ return -EINVAL;
+ }
+
+ sid = g_lpc43_sesnum++;
+ return OK;
+}
+
+/****************************************************************************
+ * Name: lpc43_freesession
+ *
+ * Description:
+ * free session.
+ *
+ ****************************************************************************/
+
+static int lpc43_freesession(uint64_t tid)
+{
+ return 0;
+}
+
+/****************************************************************************
+ * Name: lpc43_process
+ *
+ * Description:
+ * process session to use hardware algorithm.
+ *
+ ****************************************************************************/
+
+static int lpc43_process(struct cryptop *crp)
+{
+ struct cryptodesc *crd;
+
+ for (crd = crp->crp_desc; crd; crd = crd->crd_next)
+ {
+ switch (crd->crd_alg)
+ {
+ case CRYPTO_AES_CBC:
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ crd->crd_iv, crd->crd_key, 16,
+ AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT);
+ default:
+ return -EINVAL;
+ }
+ }
+}
+
+/****************************************************************************
+ * Name: hwcr_init
+ *
+ * Description:
+ * register the hardware crypto driver.
+ *
+ ****************************************************************************/
+
+void hwcr_init(void)
+{
+ int hwcr_id;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+
+ hwcr_id = crypto_get_driverid(0);
+ DEBUGASSERT(hwcr_id >= 0);
+
+ memset(algs, 0, sizeof(algs));
+
+ algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_register(hwcr_id, algs, lpc43_newsession,
+ lpc43_freesession, lpc43_process);
+}
diff --git a/arch/arm/src/sam34/Make.defs b/arch/arm/src/sam34/Make.defs
index 9bda3fdcbf..faad35b62f 100644
--- a/arch/arm/src/sam34/Make.defs
+++ b/arch/arm/src/sam34/Make.defs
@@ -99,6 +99,10 @@ ifeq ($(CONFIG_SAM34_AES),y)
CHIP_CSRCS += sam_aes.c
endif
+ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y)
+CHIP_CSRCS += sam_crypto.c
+endif
+
ifeq ($(CONFIG_SAM34_RTC),y)
CHIP_CSRCS += sam_rtc.c
endif
diff --git a/arch/arm/src/sam34/sam_crypto.c b/arch/arm/src/sam34/sam_crypto.c
new file mode 100644
index 0000000000..9bfe7f4b54
--- /dev/null
+++ b/arch/arm/src/sam34/sam_crypto.c
@@ -0,0 +1,160 @@
+/****************************************************************************
+ * arch/arm/src/sam34/sam_crypto.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <errno.h>
+#include <stdint.h>
+
+#include <crypto/cryptodev.h>
+#include <crypto/xform.h>
+#include <nuttx/crypto/crypto.h>
+
+/****************************************************************************
+ * Private Data
+ ****************************************************************************/
+
+FAR static uint32_t g_sam_sesnum = 0;
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: authcompute
+ *
+ * Description:
+ * Calculate the hash.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: sam_newsession
+ *
+ * Description:
+ * create new session for crypto.
+ *
+ ****************************************************************************/
+
+static int sam_newsession(FAR uint32_t *sid, FAR struct cryptoini *cri)
+{
+ if (sid == NULL || cri == NULL)
+ {
+ return -EINVAL;
+ }
+
+ switch (cri->cri_alg)
+ {
+ case CRYPTO_AES_CBC:
+ *sid = g_sam_sesnum++;
+ break;
+ case CRYPTO_AES_CTR:
+ if ((cri->cri_klen / 8 - 4) != 16)
+ {
+ /* sam aes-ctr key bits just support 128 */
+
+ return -EINVAL;
+ }
+
+ *sid = g_sam_sesnum++;
+ break;
+ default :
+ return -EINVAL;
+ }
+
+ return OK;
+}
+
+/****************************************************************************
+ * Name: sam_freesession
+ *
+ * Description:
+ * free session.
+ *
+ ****************************************************************************/
+
+static int sam_freesession(uint64_t tid)
+{
+ return 0;
+}
+
+/****************************************************************************
+ * Name: sam_process
+ *
+ * Description:
+ * process session to use hardware algorithm.
+ *
+ ****************************************************************************/
+
+static int sam_process(struct cryptop *crp)
+{
+ struct cryptodesc *crd;
+ uint8_t iv[AESCTR_BLOCKSIZE];
+
+ for (crd = crp->crp_desc; crd; crd = crd->crd_next)
+ {
+ switch (crd->crd_alg)
+ {
+ case CRYPTO_AES_CBC:
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ crd->crd_iv, crd->crd_key, 16,
+ AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT);
+ case CRYPTO_AES_CTR:
+
+ memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE,
+ AESCTR_NONCESIZE);
+ memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE);
+ memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4);
+
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ iv, crd->crd_key, crd->crd_klen / 8 - 4,
+ AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT);
+ default:
+ return -EINVAL;
+ }
+ }
+}
+
+/****************************************************************************
+ * Name: hwcr_init
+ *
+ * Description:
+ * register the hardware crypto driver.
+ *
+ ****************************************************************************/
+
+void hwcr_init(void)
+{
+ int hwcr_id;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+
+ hwcr_id = crypto_get_driverid(0);
+ DEBUGASSERT(hwcr_id >= 0);
+
+ memset(algs, 0, sizeof(algs));
+
+ algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_register(hwcr_id, algs, sam_newsession,
+ sam_freesession, sam_process);
+}
diff --git a/arch/arm/src/stm32/Make.defs b/arch/arm/src/stm32/Make.defs
index 4f7bf86e04..27087ce058 100644
--- a/arch/arm/src/stm32/Make.defs
+++ b/arch/arm/src/stm32/Make.defs
@@ -221,6 +221,10 @@ ifeq ($(CONFIG_STM32_AES),y)
CHIP_CSRCS += stm32_aes.c
endif
+ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y)
+CHIP_CSRCS += stm32_crypto.c
+endif
+
ifeq ($(CONFIG_STM32_BBSRAM),y)
CHIP_CSRCS += stm32_bbsram.c
endif
diff --git a/arch/arm/src/stm32/stm32_crypto.c
b/arch/arm/src/stm32/stm32_crypto.c
new file mode 100644
index 0000000000..472be58e50
--- /dev/null
+++ b/arch/arm/src/stm32/stm32_crypto.c
@@ -0,0 +1,152 @@
+/****************************************************************************
+ * arch/arm/src/stm32/stm32_crypto.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <errno.h>
+#include <stdint.h>
+
+#include <crypto/cryptodev.h>
+#include <crypto/xform.h>
+#include <nuttx/crypto/crypto.h>
+
+/****************************************************************************
+ * Private Data
+ ****************************************************************************/
+
+static uint32_t g_stm32_sesnum = 0;
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: stm32_newsession
+ *
+ * Description:
+ * create new session for crypto.
+ *
+ ****************************************************************************/
+
+static int stm32_newsession(uint32_t *sid, struct cryptoini *cri)
+{
+ if (sid == NULL || cri == NULL)
+ {
+ return -EINVAL;
+ }
+
+ switch (cri->cri_alg)
+ {
+ case CRYPTO_AES_CBC:
+ *sid = g_stm32_sesnum++;
+ break;
+ case CRYPTO_AES_CTR:
+ if ((cri->cri_klen / 8 - 4) != 16)
+ {
+ /* stm32 aes-ctr key bits just support 128 */
+
+ return -EINVAL;
+ }
+
+ *sid = g_stm32_sesnum++;
+ break;
+ default :
+ return -EINVAL;
+ }
+
+ return OK;
+}
+
+/****************************************************************************
+ * Name: stm32_freesession
+ *
+ * Description:
+ * free session.
+ *
+ ****************************************************************************/
+
+static int stm32_freesession(uint64_t tid)
+{
+ return 0;
+}
+
+/****************************************************************************
+ * Name: stm32_process
+ *
+ * Description:
+ * process session to use hardware algorithm.
+ *
+ ****************************************************************************/
+
+static int stm32_process(struct cryptop *crp)
+{
+ struct cryptodesc *crd;
+ uint8_t iv[AESCTR_BLOCKSIZE];
+
+ for (crd = crp->crp_desc; crd; crd = crd->crd_next)
+ {
+ switch (crd->crd_alg)
+ {
+ case CRYPTO_AES_CBC:
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ crd->crd_iv, crd->crd_key, 16,
+ AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT);
+ case CRYPTO_AES_CTR:
+
+ memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE,
+ AESCTR_NONCESIZE);
+ memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE);
+ memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4);
+
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ iv, crd->crd_key, crd->crd_klen / 8 - 4,
+ AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT);
+ default:
+ return -EINVAL;
+ }
+ }
+}
+
+/****************************************************************************
+ * Name: hwcr_init
+ *
+ * Description:
+ * register the hardware crypto driver.
+ *
+ ****************************************************************************/
+
+void hwcr_init(void)
+{
+ int hwcr_id;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+
+ hwcr_id = crypto_get_driverid(0);
+ DEBUGASSERT(hwcr_id >= 0);
+
+ memset(algs, 0, sizeof(algs));
+
+ algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_register(hwcr_id, algs, stm32_newsession,
+ stm32_freesession, stm32_process);
+}
diff --git a/arch/arm/src/stm32f0l0g0/stm32_crypto.c
b/arch/arm/src/stm32f0l0g0/stm32_crypto.c
new file mode 100644
index 0000000000..e93e4d15aa
--- /dev/null
+++ b/arch/arm/src/stm32f0l0g0/stm32_crypto.c
@@ -0,0 +1,160 @@
+/****************************************************************************
+ * arch/arm/src/stm32f0l0g0/stm32_crypto.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <errno.h>
+#include <stdint.h>
+
+#include <crypto/cryptodev.h>
+#include <crypto/xform.h>
+#include <nuttx/crypto/crypto.h>
+
+/****************************************************************************
+ * Private Data
+ ****************************************************************************/
+
+static uint32_t g_stm32_sesnum = 0;
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: authcompute
+ *
+ * Description:
+ * Calculate the hash.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: stm32_newsession
+ *
+ * Description:
+ * create new session for crypto.
+ *
+ ****************************************************************************/
+
+static int stm32_newsession(uint32_t *sid, struct cryptoini *cri)
+{
+ if (sid == NULL || cri == NULL)
+ {
+ return -EINVAL;
+ }
+
+ switch (cri->cri_alg)
+ {
+ case CRYPTO_AES_CBC:
+ *sid = g_stm32_sesnum++;
+ break;
+ case CRYPTO_AES_CTR:
+ if ((cri->cri_klen / 8 - 4) != 16)
+ {
+ /* stm32 aes-ctr key bits just support 128 */
+
+ return -EINVAL;
+ }
+
+ *sid = g_stm32_sesnum++;
+ break;
+ default :
+ return -EINVAL;
+ }
+
+ return OK;
+}
+
+/****************************************************************************
+ * Name: stm32_freesession
+ *
+ * Description:
+ * free session.
+ *
+ ****************************************************************************/
+
+static int stm32_freesession(uint64_t tid)
+{
+ return 0;
+}
+
+/****************************************************************************
+ * Name: stm32_process
+ *
+ * Description:
+ * process session to use hardware algorithm.
+ *
+ ****************************************************************************/
+
+static int stm32_process(struct cryptop *crp)
+{
+ struct cryptodesc *crd;
+ uint8_t iv[AESCTR_BLOCKSIZE];
+
+ for (crd = crp->crp_desc; crd; crd = crd->crd_next)
+ {
+ switch (crd->crd_alg)
+ {
+ case CRYPTO_AES_CBC:
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ crd->crd_iv, crd->crd_key, 16,
+ AES_MODE_CBC, crd->crd_flags & CRD_F_ENCRYPT);
+ case CRYPTO_AES_CTR:
+
+ memcpy(iv, crd->crd_key + crd->crd_klen / 8 - AESCTR_NONCESIZE,
+ AESCTR_NONCESIZE);
+ memcpy(iv + AESCTR_NONCESIZE, crd->crd_iv, AESCTR_IVSIZE);
+ memset(iv + AESCTR_NONCESIZE + AESCTR_IVSIZE , 0, 4);
+
+ return aes_cypher(crp->crp_dst, crp->crp_buf, crd->crd_len,
+ iv, crd->crd_key, crd->crd_klen / 8 - 4,
+ AES_MODE_CTR, crd->crd_flags & CRD_F_ENCRYPT);
+ default:
+ return -EINVAL;
+ }
+ }
+}
+
+/****************************************************************************
+ * Name: hwcr_init
+ *
+ * Description:
+ * register the hardware crypto driver.
+ *
+ ****************************************************************************/
+
+void hwcr_init(void)
+{
+ int hwcr_id;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+
+ hwcr_id = crypto_get_driverid(0);
+ DEBUGASSERT(hwcr_id >= 0);
+
+ memset(algs, 0, sizeof(algs));
+
+ algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ crypto_register(hwcr_id, algs, stm32_newsession,
+ stm32_freesession, stm32_process);
+}
diff --git a/arch/risc-v/src/esp32c3/Make.defs
b/arch/risc-v/src/esp32c3/Make.defs
index 58a6f13eff..e9a775d3df 100644
--- a/arch/risc-v/src/esp32c3/Make.defs
+++ b/arch/risc-v/src/esp32c3/Make.defs
@@ -148,6 +148,10 @@ ifeq ($(CONFIG_ESP32C3_ADC),y)
CHIP_CSRCS += esp32c3_adc.c
endif
+ifeq ($(CONFIG_CRYPTO_CRYPTODEV_HARDWARE),y)
+CHIP_CSRCS += esp32c3_crypto.c
+endif
+
ifeq ($(CONFIG_ESP32C3_AES_ACCELERATOR),y)
CHIP_CSRCS += esp32c3_aes.c
endif
diff --git a/arch/risc-v/src/esp32c3/esp32c3_aes.c
b/arch/risc-v/src/esp32c3/esp32c3_aes.c
index ce9f412552..15041012f1 100644
--- a/arch/risc-v/src/esp32c3/esp32c3_aes.c
+++ b/arch/risc-v/src/esp32c3/esp32c3_aes.c
@@ -585,11 +585,9 @@ int esp32c3_aes_init(void)
* Name: aes_cypher
****************************************************************************/
-#ifdef CONFIG_CRYPTO_AES
-
-int aes_cypher(void *out, const void *in, size_t size,
- const void *iv, const void *key, size_t keysize,
- int mode, int encrypt)
+int esp32c3_aes_cypher(void *out, const void *in, size_t size,
+ const void *iv, const void *key, size_t keysize,
+ int mode, int encrypt)
{
int ret;
uint8_t iv_buf[AES_BLK_SIZE];
@@ -602,7 +600,12 @@ int aes_cypher(void *out, const void *in, size_t size,
return -EINVAL;
}
- if (keysize != 16)
+ if (mode == AES_MODE_CTR)
+ {
+ keysize -= 4;
+ }
+
+ if (keysize != 16 && keysize != 32)
{
return -EINVAL;
}
@@ -640,6 +643,7 @@ int aes_cypher(void *out, const void *in, size_t size,
memcpy(iv_buf, iv, AES_BLK_SIZE);
ret = esp32c3_aes_ctr_cypher(&aes, &nc_off, iv_buf, cache_buf,
in, out, size);
+ break;
default :
ret = -EINVAL;
break;
@@ -647,6 +651,3 @@ int aes_cypher(void *out, const void *in, size_t size,
return ret;
}
-
-#endif
-
diff --git a/arch/risc-v/src/esp32c3/esp32c3_aes.h
b/arch/risc-v/src/esp32c3/esp32c3_aes.h
index 6ed25f17c0..3dd2a276e6 100644
--- a/arch/risc-v/src/esp32c3/esp32c3_aes.h
+++ b/arch/risc-v/src/esp32c3/esp32c3_aes.h
@@ -208,6 +208,14 @@ int esp32c3_aes_xts_setkey(struct esp32c3_aes_xts_s *aes,
const void *keyptr,
int esp32c3_aes_init(void);
+/****************************************************************************
+ * Name: aes_cypher
+ ****************************************************************************/
+
+int esp32c3_aes_cypher(void *out, const void *in, size_t size,
+ const void *iv, const void *key, size_t keysize,
+ int mode, int encrypt);
+
#ifdef __cplusplus
}
#endif
diff --git a/arch/risc-v/src/esp32c3/esp32c3_crypto.c
b/arch/risc-v/src/esp32c3/esp32c3_crypto.c
new file mode 100644
index 0000000000..41b942771e
--- /dev/null
+++ b/arch/risc-v/src/esp32c3/esp32c3_crypto.c
@@ -0,0 +1,518 @@
+/****************************************************************************
+ * arch/risc-v/src/esp32c3/esp32c3_crypto.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <errno.h>
+#include <sys/queue.h>
+
+#include <crypto/cryptodev.h>
+#include <crypto/xform.h>
+#include <nuttx/kmalloc.h>
+#include <nuttx/crypto/crypto.h>
+
+#include "esp32c3_sha.h"
+#include "esp32c3_aes.h"
+
+/****************************************************************************
+ * Private Functions Prototypes
+ ****************************************************************************/
+
+static void sha1_init(void *ctx);
+static int sha1_update(void *ctx, const uint8_t *in, uint16_t len);
+static void sha1_final(uint8_t *out, void *ctx);
+static void sha256_init(void *ctx);
+static int sha256_update(void *ctx, const uint8_t *in, uint16_t len);
+static void sha256_final(uint8_t *out, void *ctx);
+static int esp32c3_freesession(uint64_t tid);
+
+/****************************************************************************
+ * Private Data
+ ****************************************************************************/
+
+SLIST_HEAD(esp32c3_crypto_list, esp32c3_crypto_data);
+static struct esp32c3_crypto_list *g_esp32c3_sessions = NULL;
+static uint32_t g_esp32c3_sesnum = 0;
+
+const struct auth_hash g_auth_hash_hmac_sha1_esp32c3 =
+{
+ CRYPTO_SHA1_HMAC, "HMAC-SHA1",
+ 20, 20, 12, sizeof(struct esp32c3_sha1_context_s),
+ HMAC_SHA1_BLOCK_LEN,
+ sha1_init, NULL, NULL,
+ sha1_update,
+ sha1_final
+};
+
+const struct auth_hash g_auth_hash_hmac_sha256_esp32c3 =
+{
+ CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
+ 32, 32, 16, sizeof(struct esp32c3_sha256_context_s),
+ HMAC_SHA2_256_BLOCK_LEN,
+ sha256_init, NULL, NULL,
+ sha256_update,
+ sha256_final
+};
+
+struct esp32c3_crypto_data
+{
+ int alg; /* Algorithm */
+ union
+ {
+ struct
+ {
+ uint8_t *ictx;
+ uint8_t *octx;
+ uint32_t klen;
+ const struct auth_hash *axf;
+ } HWCR_AUTH;
+ } HWCR_UN;
+
+#define hw_ictx HWCR_UN.HWCR_AUTH.ictx
+#define hw_octx HWCR_UN.HWCR_AUTH.octx
+#define hw_klen HWCR_UN.HWCR_AUTH.klen
+#define hw_axf HWCR_UN.HWCR_AUTH.axf
+
+ SLIST_ENTRY(esp32c3_crypto_data) next;
+};
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+static void sha1_init(void *ctx)
+{
+ esp32c3_sha1_starts(ctx);
+}
+
+static int sha1_update(void *ctx, const uint8_t *in, uint16_t len)
+{
+ return esp32c3_sha1_update((struct esp32c3_sha1_context_s *)ctx,
+ (const unsigned char *)in,
+ (size_t)len);
+}
+
+static void sha1_final(uint8_t *out, void *ctx)
+{
+ esp32c3_sha1_finish((struct esp32c3_sha1_context_s *)ctx,
+ (unsigned char *)out);
+}
+
+static void sha256_init(void *ctx)
+{
+ esp32c3_sha256_starts(ctx, false);
+}
+
+static int sha256_update(void *ctx, const uint8_t *in, uint16_t len)
+{
+ return esp32c3_sha256_update((struct esp32c3_sha256_context_s *)ctx,
+ (const unsigned char *)in,
+ (size_t)len);
+}
+
+static void sha256_final(uint8_t *out, void *ctx)
+{
+ esp32c3_sha256_finish((struct esp32c3_sha256_context_s *)ctx,
+ (unsigned char *)out);
+}
+
+/****************************************************************************
+ * Name: authcompute
+ *
+ * Description:
+ * Calculate the hash.
+ *
+ ****************************************************************************/
+
+static int authcompute(struct cryptop *crp, struct cryptodesc *crd,
+ struct esp32c3_crypto_data *data,
+ caddr_t buf)
+{
+ unsigned char aalg[AALG_MAX_RESULT_LEN];
+ const struct auth_hash *axf;
+ int err = 0;
+
+ if (data->hw_ictx == 0)
+ {
+ return -EINVAL;
+ }
+
+ axf = data->hw_axf;
+ err = axf->update(data->hw_ictx, (uint8_t *)buf, crd->crd_len);
+ if (err)
+ {
+ return err;
+ }
+
+ if (crd->crd_flags & CRD_F_ESN)
+ {
+ axf->update(data->hw_ictx, crd->crd_esn, 4);
+ }
+
+ switch (data->alg)
+ {
+ case CRYPTO_SHA1_HMAC:
+ case CRYPTO_SHA2_256_HMAC:
+ if (data->hw_octx == NULL)
+ {
+ return -EINVAL;
+ }
+
+ axf->final(aalg, data->hw_ictx);
+ axf->update(data->hw_octx, aalg, axf->hashsize);
+ axf->final(aalg, data->hw_octx);
+
+ break;
+ }
+
+ /* Inject the authentication data */
+
+ bcopy(aalg, crp->crp_mac, axf->hashsize);
+ return 0;
+}
+
+/****************************************************************************
+ * Name: esp32c3_newsession
+ *
+ * Description:
+ * create new session for crypto.
+ *
+ ****************************************************************************/
+
+static int esp32c3_newsession(uint32_t *sid, struct cryptoini *cri)
+{
+ struct esp32c3_crypto_list *session;
+ struct esp32c3_crypto_data *prev = NULL;
+ struct esp32c3_crypto_data *data;
+ const struct auth_hash *axf;
+ int i;
+ int k;
+
+ if (sid == NULL || cri == NULL)
+ {
+ return -EINVAL;
+ }
+
+ for (i = 0; i < g_esp32c3_sesnum; i++)
+ {
+ if (SLIST_EMPTY(&g_esp32c3_sessions[i]))
+ {
+ break;
+ }
+ }
+
+ if (i >= g_esp32c3_sesnum)
+ {
+ if (g_esp32c3_sessions == NULL)
+ {
+ g_esp32c3_sesnum = 1;
+ }
+ else
+ {
+ g_esp32c3_sesnum *= 2;
+ }
+
+ session = kmm_calloc(g_esp32c3_sesnum,
+ sizeof(struct esp32c3_crypto_list));
+ if (session == NULL)
+ {
+ g_esp32c3_sesnum /= 2;
+ return -ENOBUFS;
+ }
+
+ if (g_esp32c3_sessions != NULL)
+ {
+ bcopy(g_esp32c3_sessions, session, (g_esp32c3_sesnum / 2) *
+ sizeof(struct esp32c3_crypto_list));
+ kmm_free(g_esp32c3_sessions);
+ }
+
+ g_esp32c3_sessions = session;
+ }
+
+ session = &g_esp32c3_sessions[i];
+ *sid = i;
+
+ while (cri)
+ {
+ data = kmm_malloc(sizeof(struct esp32c3_crypto_data));
+ if (data == NULL)
+ {
+ esp32c3_freesession(i);
+ return -ENOBUFS;
+ }
+
+ switch (cri->cri_alg)
+ {
+ case CRYPTO_AES_CBC:
+ break;
+ case CRYPTO_AES_CTR:
+ if ((cri->cri_klen / 8 - 4) != 16 &&
+ (cri->cri_klen / 8 -4) != 32)
+ {
+ /* esp32c3 aes-ctr key bits just support 128 & 256 */
+
+ esp32c3_freesession(i);
+ kmm_free(data);
+ return -EINVAL;
+ }
+
+ break;
+ case CRYPTO_SHA1_HMAC:
+ axf = &g_auth_hash_hmac_sha1_esp32c3;
+ goto common;
+ case CRYPTO_SHA2_256_HMAC:
+ axf = &g_auth_hash_hmac_sha256_esp32c3;
+ goto common;
+ common:
+ data->hw_ictx = kmm_malloc(axf->ctxsize);
+ if (data->hw_ictx == NULL)
+ {
+ kmm_free(data);
+ return -ENOBUFS;
+ }
+
+ data->hw_octx = kmm_malloc(axf->ctxsize);
+ if (data->hw_octx == NULL)
+ {
+ kmm_free(data->hw_ictx);
+ kmm_free(data);
+ return -ENOBUFS;
+ }
+
+ for (k = 0; k < cri->cri_klen / 8; k++)
+ {
+ cri->cri_key[k] ^= HMAC_IPAD_VAL;
+ }
+
+ axf->init(data->hw_ictx);
+ axf->update(data->hw_ictx, (uint8_t *)cri->cri_key,
+ cri->cri_klen / 8);
+ axf->update(data->hw_ictx, hmac_ipad_buffer,
+ axf->blocksize - (cri->cri_klen / 8));
+
+ for (k = 0; k < cri->cri_klen / 8; k++)
+ {
+ cri->cri_key[k] ^= (HMAC_IPAD_VAL ^ HMAC_OPAD_VAL);
+ }
+
+ axf->init(data->hw_octx);
+ axf->update(data->hw_octx, (uint8_t *)cri->cri_key,
+ cri->cri_klen / 8);
+ axf->update(data->hw_octx, hmac_opad_buffer,
+ axf->blocksize - (cri->cri_klen / 8));
+
+ for (k = 0; k < cri->cri_klen / 8; k++)
+ {
+ cri->cri_key[k] ^= HMAC_OPAD_VAL;
+ }
+
+ data->hw_axf = axf;
+ break;
+ default :
+ esp32c3_freesession(i);
+ kmm_free(data);
+ return -EINVAL;
+ }
+
+ if (prev == NULL)
+ {
+ SLIST_INSERT_HEAD(session, data, next);
+ }
+ else
+ {
+ SLIST_INSERT_AFTER(prev, data, next);
+ }
+
+ data->alg = cri->cri_alg;
+ cri = cri->cri_next;
+ prev = data;
+ }
+
+ return OK;
+}
+
+/****************************************************************************
+ * Name: esp32c3_freesession
+ *
+ * Description:
+ * free session.
+ *
+ ****************************************************************************/
+
+static int esp32c3_freesession(uint64_t tid)
+{
+ struct esp32c3_crypto_list *session;
+ struct esp32c3_crypto_data *data;
+ const struct auth_hash *axf;
+
+ uint32_t sid = ((uint32_t)tid) & 0xffffffff;
+
+ if (sid > g_esp32c3_sesnum || SLIST_EMPTY(&g_esp32c3_sessions[sid]))
+ {
+ return -EINVAL;
+ }
+
+ session = &g_esp32c3_sessions[sid];
+
+ while (!SLIST_EMPTY(session))
+ {
+ data = SLIST_FIRST(session);
+ switch (data->alg)
+ {
+ case CRYPTO_SHA1_HMAC:
+ case CRYPTO_SHA2_256_HMAC:
+ axf = data->hw_axf;
+ if (data->hw_ictx)
+ {
+ explicit_bzero(data->hw_ictx, axf->ctxsize);
+ kmm_free(data->hw_ictx);
+ }
+
+ if (data->hw_octx)
+ {
+ explicit_bzero(data->hw_octx, axf->ctxsize);
+ kmm_free(data->hw_octx);
+ }
+
+ break;
+ }
+
+ SLIST_REMOVE_HEAD(session, next);
+ kmm_free(data);
+ }
+
+ return 0;
+}
+
+/****************************************************************************
+ * Name: esp32c3_process
+ *
+ * Description:
+ * process session to use hardware algorithm.
+ *
+ ****************************************************************************/
+
+static int esp32c3_process(struct cryptop *crp)
+{
+ struct cryptodesc *crd;
+ struct esp32c3_crypto_list *session;
+ struct esp32c3_crypto_data *data;
+ uint8_t iv[AESCTR_BLOCKSIZE];
+ uint32_t lid;
+ int err = 0;
+
+ lid = crp->crp_sid & 0xffffffff;
+
+ /* Go through crypto descriptors, processing as we go */
+
+ session = &g_esp32c3_sessions[lid];
+ for (crd = crp->crp_desc; crd; crd = crd->crd_next)
+ {
+ SLIST_FOREACH(data, session, next)
+ {
+ if (data->alg == crd->crd_alg)
+ {
+ break;
+ }
+ }
+
+ if (data == NULL)
+ {
+ crp->crp_etype = EINVAL;
+ return -EINVAL;
+ }
+
+ switch (data->alg)
+ {
+ case CRYPTO_AES_CBC:
+ err = esp32c3_aes_cypher(crp->crp_dst, crp->crp_buf,
+ crd->crd_len,
+ crd->crd_iv, crd->crd_key, 16,
+ AES_MODE_CBC,
+ crd->crd_flags & CRD_F_ENCRYPT);
+ if (err < 0)
+ {
+ return err;
+ }
+
+ break;
+ case CRYPTO_AES_CTR:
+ memcpy(iv, crd->crd_key + crd->crd_klen / 8 - 4, 4);
+ memcpy(iv + 4, crd->crd_iv, 8);
+ iv[15] = 0x1;
+ err = esp32c3_aes_cypher(crp->crp_dst, crp->crp_buf,
+ crd->crd_len,
+ iv, crd->crd_key,
+ crd->crd_klen / 8 - 4,
+ AES_MODE_CTR ,
+ crd->crd_flags & CRD_F_ENCRYPT);
+ if (err < 0)
+ {
+ return err;
+ }
+
+ break;
+ case CRYPTO_SHA1_HMAC:
+ case CRYPTO_SHA2_256_HMAC:
+ if ((crp->crp_etype = authcompute(crp, crd, data,
+ crp->crp_buf)) != 0)
+ {
+ return crp->crp_etype;
+ }
+
+ break;
+ default:
+ return -EINVAL;
+ }
+ }
+
+ return OK;
+}
+
+/****************************************************************************
+ * Name: hwcr_init
+ *
+ * Description:
+ * register the hardware crypto driver.
+ *
+ ****************************************************************************/
+
+void hwcr_init(void)
+{
+ int hwcr_id;
+ int algs[CRYPTO_ALGORITHM_MAX + 1];
+
+ hwcr_id = crypto_get_driverid(0);
+ DEBUGASSERT(hwcr_id >= 0);
+
+ memset(algs, 0, sizeof(algs));
+
+ algs[CRYPTO_AES_CBC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_AES_CTR] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+ algs[CRYPTO_SHA2_256_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
+
+ esp32c3_sha_init();
+ crypto_register(hwcr_id, algs, esp32c3_newsession,
+ esp32c3_freesession, esp32c3_process);
+}
diff --git a/arch/risc-v/src/esp32c3/esp32c3_sha.h
b/arch/risc-v/src/esp32c3/esp32c3_sha.h
index 962204c30a..8c732ffcba 100644
--- a/arch/risc-v/src/esp32c3/esp32c3_sha.h
+++ b/arch/risc-v/src/esp32c3/esp32c3_sha.h
@@ -112,6 +112,154 @@ struct esp32c3_sha512_context_s
int esp32c3_sha_init(void);
+/****************************************************************************
+ * Name: esp32c3_sha1_init
+ *
+ * Description:
+ * Initializes a SHA-1 context.
+ *
+ * Input Parameters:
+ * ctx - The SHA-1 context to initialize
+ *
+ * Returned Value:
+ * None.
+ *
+ ****************************************************************************/
+
+void esp32c3_sha1_init(struct esp32c3_sha1_context_s *ctx);
+
+/****************************************************************************
+ * Name: esp32c3_sha1_starts
+ *
+ * Description:
+ * Starts a SHA-1 checksum calculation.
+ *
+ * Input Parameters:
+ * ctx - The SHA-1 context to initialize
+ *
+ * Returned Value:
+ * OK is returned on success.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha1_starts(struct esp32c3_sha1_context_s *ctx);
+
+/****************************************************************************
+ * Name: esp32c3_sha1_update
+ *
+ * Description:
+ * Feeds an input buffer into an ongoing SHA-1 checksum calculation.
+ *
+ * Input Parameters:
+ * ctx - The SHA-1 context to use
+ * input - The buffer holding the input data
+ * ilen - The length of the input data in Bytes
+ *
+ * Returned Value:
+ * OK is returned on success.
+ * Otherwise, a negated errno value is returned.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha1_update(struct esp32c3_sha1_context_s *ctx,
+ const unsigned char *input,
+ size_t ilen);
+
+/****************************************************************************
+ * Name: esp32c3_sha1_finish
+ *
+ * Description:
+ * Finishes the SHA-1 operation,
+ * and writes the result to the output buffer.
+ *
+ * Input Parameters:
+ * ctx - The SHA-1 context to use
+ * output - The SHA-1 checksum result
+ *
+ * Returned Value:
+ * OK is returned on success.
+ * Otherwise, a negated errno value is returned.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha1_finish(struct esp32c3_sha1_context_s *ctx,
+ unsigned char output[20]);
+
+/****************************************************************************
+ * Name: esp32c3_sha256_init
+ *
+ * Description:
+ * Initializes a SHA-256 context.
+ *
+ * Input Parameters:
+ * ctx - The SHA-256 context to initialize
+ *
+ * Returned Value:
+ * None.
+ *
+ ****************************************************************************/
+
+void esp32c3_sha256_init(struct esp32c3_sha256_context_s *ctx);
+
+/****************************************************************************
+ * Name: esp32c3_sha256_starts
+ *
+ * Description:
+ * Starts a SHA-224 or SHA-256 checksum calculation.
+ *
+ * Input Parameters:
+ * ctx - The SHA-256 context to initialize
+ * is224 - Determines which function to use
+ *
+ * Returned Value:
+ * OK is returned on success.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha256_starts(struct esp32c3_sha256_context_s *ctx, bool is224);
+
+/****************************************************************************
+ * Name: esp32c3_sha256_update
+ *
+ * Description:
+ * Feeds an input buffer into an ongoing SHA-224 or SHA-256
+ * checksum calculation.
+ *
+ * Input Parameters:
+ * ctx - The SHA-256 context to use
+ * input - The buffer holding the input data
+ * ilen - The length of the input data in Bytes
+ *
+ * Returned Value:
+ * OK is returned on success.
+ * Otherwise, a negated errno value is returned.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha256_update(struct esp32c3_sha256_context_s *ctx,
+ const unsigned char *input,
+ size_t ilen);
+
+/****************************************************************************
+ * Name: esp32c3_sha256_finish
+ *
+ * Description:
+ * Finishes the SHA-224 or SHA-256 operation, and writes the result to
+ * the output buffer.
+ *
+ * Input Parameters:
+ * ctx - The SHA-256 context to use
+ * output - The SHA-256 checksum result
+ *
+ * Returned Value:
+ * OK is returned on success.
+ * Otherwise, a negated errno value is returned.
+ *
+ ****************************************************************************/
+
+int esp32c3_sha256_finish(struct esp32c3_sha256_context_s *ctx,
+ unsigned char output[32]);
+
#ifdef __cplusplus
}
#endif
diff --git a/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig
b/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig
new file mode 100644
index 0000000000..d08de2cdfc
--- /dev/null
+++ b/boards/risc-v/esp32c3/esp32c3-devkit/configs/crypto/defconfig
@@ -0,0 +1,51 @@
+#
+# This file is autogenerated: PLEASE DO NOT EDIT IT.
+#
+# You can use "make menuconfig" to make any modifications to the installed
.config file.
+# You can then do "make savedefconfig" to generate a new defconfig file that
includes your
+# modifications.
+#
+# CONFIG_NSH_ARGCAT is not set
+# CONFIG_NSH_CMDOPT_HEXDUMP is not set
+# CONFIG_NSH_CMDPARMS is not set
+CONFIG_ALLOW_BSD_COMPONENTS=y
+CONFIG_ARCH="risc-v"
+CONFIG_ARCH_BOARD="esp32c3-devkit"
+CONFIG_ARCH_BOARD_ESP32C3_DEVKIT=y
+CONFIG_ARCH_CHIP="esp32c3"
+CONFIG_ARCH_CHIP_ESP32C3=y
+CONFIG_ARCH_CHIP_ESP32C3WROOM02=y
+CONFIG_ARCH_INTERRUPTSTACK=1536
+CONFIG_ARCH_RISCV=y
+CONFIG_ARCH_STACKDUMP=y
+CONFIG_BOARD_LOOPSPERMSEC=15000
+CONFIG_BUILTIN=y
+CONFIG_CRYPTO=y
+CONFIG_CRYPTO_AES=y
+CONFIG_CRYPTO_CRYPTODEV=y
+CONFIG_CRYPTO_CRYPTODEV_HARDWARE=y
+CONFIG_CRYPTO_RANDOM_POOL=y
+CONFIG_DEV_ZERO=y
+CONFIG_ESP32C3_AES_ACCELERATOR=y
+CONFIG_ESP32C3_SHA_ACCELERATOR=y
+CONFIG_FS_PROCFS=y
+CONFIG_IDLETHREAD_STACKSIZE=2048
+CONFIG_INIT_ENTRYPOINT="nsh_main"
+CONFIG_INTELHEX_BINARY=y
+CONFIG_LIBC_PERROR_STDOUT=y
+CONFIG_LIBC_STRERROR=y
+CONFIG_NFILE_DESCRIPTORS_PER_BLOCK=6
+CONFIG_NSH_ARCHINIT=y
+CONFIG_NSH_BUILTIN_APPS=y
+CONFIG_NSH_FILEIOSIZE=512
+CONFIG_NSH_READLINE=y
+CONFIG_NSH_STRERROR=y
+CONFIG_PREALLOC_TIMERS=0
+CONFIG_RR_INTERVAL=200
+CONFIG_SCHED_WAITPID=y
+CONFIG_START_DAY=29
+CONFIG_START_MONTH=11
+CONFIG_START_YEAR=2019
+CONFIG_SYSTEM_NSH=y
+CONFIG_TESTING_CRYPTO=y
+CONFIG_UART0_SERIAL_CONSOLE=y
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 5dd465eac3..aafafa763b 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -40,6 +40,11 @@ config CRYPTO_CRYPTODEV
depends on ALLOW_BSD_COMPONENTS
default n
+config CRYPTO_CRYPTODEV_HARDWARE
+ bool "cryptodev hardware support"
+ depends on CRYPTO_CRYPTODEV
+ default n
+
config CRYPTO_SW_AES
bool "Software AES library"
depends on ALLOW_BSD_COMPONENTS
diff --git a/crypto/Makefile b/crypto/Makefile
index 1029620f5c..0c2620aeb9 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -51,6 +51,7 @@ ifeq ($(CONFIG_CRYPTO_CRYPTODEV),y)
CRYPTO_CSRCS += idgen.c
CRYPTO_CSRCS += key_wrap.c
CRYPTO_CSRCS += siphash.c
+ CRYPTO_CSRCS += hmac_buff.c
endif
# BLAKE2s hash algorithm
diff --git a/crypto/cryptosoft.c b/crypto/cryptosoft.c
index 77d011f901..1d1817e4a9 100644
--- a/crypto/cryptosoft.c
+++ b/crypto/cryptosoft.c
@@ -47,46 +47,6 @@
* Private Data
****************************************************************************/
-const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN] =
-{
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
- 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
-};
-
-const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN] =
-{
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
- 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
-};
-
FAR struct swcr_data **swcr_sessions = NULL;
uint32_t swcr_sesnum = 0;
int swcr_id = -1;
diff --git a/crypto/hmac_buff.c b/crypto/hmac_buff.c
new file mode 100644
index 0000000000..1dc581301f
--- /dev/null
+++ b/crypto/hmac_buff.c
@@ -0,0 +1,70 @@
+/****************************************************************************
+ * crypto/hmac_buff.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership. The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <stdint.h>
+#include <crypto/cryptodev.h>
+
+/****************************************************************************
+ * Public Functions
+ ****************************************************************************/
+
+const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN] =
+{
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
+ 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
+};
+
+const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN] =
+{
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
+ 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
+};
diff --git a/include/crypto/cryptodev.h b/include/crypto/cryptodev.h
index e0c1815009..b61ecba96a 100644
--- a/include/crypto/cryptodev.h
+++ b/include/crypto/cryptodev.h
@@ -313,6 +313,11 @@ struct crypt_op
caddr_t iv;
};
+/* hamc buffer, software & hardware need it */
+
+extern const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN];
+extern const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN];
+
#define CRYPTO_MAX_MAC_LEN 20
/* done against open of /dev/crypto, to get a cloned descriptor.
@@ -344,4 +349,9 @@ int crypto_getfeat(FAR int *);
FAR struct cryptop *crypto_getreq(int);
void crypto_freereq(FAR struct cryptop *);
+
+#ifdef CONFIG_CRYPTO_CRYPTODEV_HARDWARE
+void hwcr_init(void);
+#endif
+
#endif /* __INCLUDE_CRYPTO_CRYPTODEV_H */
diff --git a/include/crypto/cryptosoft.h b/include/crypto/cryptosoft.h
index ea8af3aa7b..ff7fa64f51 100644
--- a/include/crypto/cryptosoft.h
+++ b/include/crypto/cryptosoft.h
@@ -73,9 +73,6 @@ struct swcr_data
struct swcr_data *sw_next;
};
-extern const uint8_t hmac_ipad_buffer[HMAC_MAX_BLOCK_LEN];
-extern const uint8_t hmac_opad_buffer[HMAC_MAX_BLOCK_LEN];
-
int swcr_encdec(FAR struct cryptop *, FAR struct cryptodesc *,
FAR struct swcr_data *, caddr_t);
int swcr_authcompute(FAR struct cryptop *, FAR struct cryptodesc *,
