Align SHA256 with MD5 and SHA1 implementation

adustm · adbridge · commit 8dc7851916b2 · 2017-07-03T12:10:15.000+01:00
This will solve Size &lt;4 issues
diff --git a/features/mbedtls/targets/TARGET_STM/sha256_alt.c b/features/mbedtls/targets/TARGET_STM/sha256_alt.c
@@ -20,6 +20,7 @@
 #include "mbedtls/sha256.h"
 
 #if defined(MBEDTLS_SHA256_ALT)
+#include "mbedtls/platform.h"
 
 /* Implementation that should never be optimized out by the compiler */
 static void mbedtls_zeroize( void *v, size_t n ) {
@@ -28,7 +29,7 @@ static void mbedtls_zeroize( void *v, size_t n ) {
 
 void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
 {
-    memset( ctx, 0, sizeof( mbedtls_sha256_context ) );	
+    mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
 
     /* Enable HASH clock */
     __HAL_RCC_HASH_CLK_ENABLE();
@@ -38,8 +39,7 @@ void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
 {
     if( ctx == NULL )
         return;
-	
-	/* Force the HASH Periheral Clock Reset */
+    /* Force the HASH Periheral Clock Reset */
     __HAL_RCC_HASH_FORCE_RESET();
 
     /* Release the HASH Periheral Clock Reset */
@@ -54,45 +54,82 @@ void mbedtls_sha256_clone( mbedtls_sha256_context *dst,
     *dst = *src;
 }
 
-/*
- * SHA-256 context setup
- */
 void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
 {
     /* HASH IP initialization */
-    HAL_HASH_DeInit(&ctx->hhash_sha256);
-    
-    /* HASH Configuration */
-    ctx->hhash_sha256.Init.DataType = HASH_DATATYPE_8B;
-    HAL_HASH_Init(&ctx->hhash_sha256);
+    if (HAL_HASH_DeInit(&ctx->hhash_sha256) == HAL_ERROR) {
+        // error found to be returned
+        return;
+    }
 
     ctx->is224 = is224;
+    /* HASH Configuration */
+    ctx->hhash_sha256.Init.DataType = HASH_DATATYPE_8B;
+    if (HAL_HASH_Init(&ctx->hhash_sha256) == HAL_ERROR) {
+        // error found to be returned
+        return;
+    }
 }
 
 void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
 {
-    if (ctx->is224 == 0)
+    if (ctx->is224 == 0) {
         HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *) data, 64);
-    else
+    } else {
         HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *) data, 64);
+    }
 }
 
-/*
- * SHA-256 process buffer
- */
 void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input, size_t ilen )
 {
-    if (ctx->is224 == 0)
-        HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)input, ilen);
-    else
-        HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)input, ilen);
+    size_t currentlen = ilen;
+    // store mechanism to handle MBEDTLS_SHA256_BLOCK_SIZE bytes per MBEDTLS_SHA256_BLOCK_SIZE bytes
+    if (currentlen == 0){ // only change HW status is size if 0
+        if(ctx->hhash_sha256.Phase == HAL_HASH_PHASE_READY) {
+            /* Select the SHA256 or SHA224 mode and reset the HASH processor core, so that the HASH will be ready to compute
+             the message digest of a new message */
+            if (ctx->is224 == 0) {
+                HASH->CR |= HASH_ALGOSELECTION_SHA256 | HASH_CR_INIT;
+            } else {
+                HASH->CR |= HASH_ALGOSELECTION_SHA224 | HASH_CR_INIT;
+            }
+        }
+        ctx->hhash_sha256.Phase = HAL_HASH_PHASE_PROCESS;
+    } else if (currentlen < (MBEDTLS_SHA256_BLOCK_SIZE - ctx->sbuf_len)) {
+        // only buffurize
+        memcpy(ctx->sbuf + ctx->sbuf_len, input, currentlen);
+        ctx->sbuf_len += currentlen;
+    } else {
+        // fill buffer and process it
+        memcpy(ctx->sbuf + ctx->sbuf_len, input, (MBEDTLS_SHA256_BLOCK_SIZE-ctx->sbuf_len));
+        currentlen -= (MBEDTLS_SHA256_BLOCK_SIZE - ctx->sbuf_len);
+        mbedtls_sha256_process(ctx, ctx->sbuf);
+        // now process every input as long as it is %4 bytes
+        size_t iter = currentlen / 4;
+        if (ctx->is224 == 0) {
+            HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + MBEDTLS_SHA256_BLOCK_SIZE - ctx->sbuf_len),  (iter * 4));
+        } else {
+            HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, (uint8_t *)(input + MBEDTLS_SHA256_BLOCK_SIZE - ctx->sbuf_len),  (iter * 4));
+        }
+        // sbuf is now fully accumulated, now copy 1 / 2 or 3 remaining bytes
+        ctx->sbuf_len = currentlen % 4;
+        if (ctx->sbuf_len !=0) {
+            memcpy(ctx->sbuf, input + iter, ctx->sbuf_len);
+        }
+    }
 }
 
-/*
- * SHA-256 final digest
- */
 void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
 {
+    if (ctx->sbuf_len > 0) {
+        if (ctx->is224 == 0) {
+            HAL_HASHEx_SHA256_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len);
+        } else {
+            HAL_HASHEx_SHA224_Accumulate(&ctx->hhash_sha256, ctx->sbuf, ctx->sbuf_len);
+        }
+    }
+    mbedtls_zeroize(ctx->sbuf, MBEDTLS_SHA256_BLOCK_SIZE);
+    ctx->sbuf_len = 0;
     __HAL_HASH_START_DIGEST();
         
     if (ctx->is224 == 0)
diff --git a/features/mbedtls/targets/TARGET_STM/sha256_alt.h b/features/mbedtls/targets/TARGET_STM/sha256_alt.h
@@ -1,7 +1,9 @@
-/*
- *  sha256_alt.h SHA-256 hash
- *******************************************************************************
- *  Copyright (C) 2017, STMicroelectronics
+/**
+ * \file sha256_alt.h
+ *
+ * \brief SHA256 hw acceleration (hash function)
+ *
+ * Copyright (c) 2017, STMicroelectronics
  *  SPDX-License-Identifier: Apache-2.0
  *
  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -21,22 +23,28 @@
 #define MBEDTLS_SHA256_ALT_H
 
 #if defined (MBEDTLS_SHA256_ALT)
-#include "mbedtls/platform.h"
-#include "mbedtls/config.h"
 
 #include "cmsis.h"
 #include <string.h>
+
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+#define MBEDTLS_SHA256_BLOCK_SIZE ((size_t)(64)) // must be a multiple of 4
 /**
  * \brief          SHA-256 context structure
+ * \note     HAL_HASH_SHA256_Accumulate cannot handle less than 4 bytes, unless it is the last call to the  function
+ *           A MBEDTLS_SHA256_BLOCK_SIZE bytes buffer is used to save values and handle the processing
+ *           MBEDTLS_SHA256_BLOCK_SIZE bytes per MBEDTLS_SHA256_BLOCK_SIZE bytes
+ *           If sha256_finish is called and sbuf_len>0, the remaining bytes are accumulated prior to the call to HAL_HASH_SHA256_Finish
  */
 typedef struct
 {
     int is224;                  /*!< 0 => SHA-256, else SHA-224 */  
     HASH_HandleTypeDef hhash_sha256;  
+    unsigned char sbuf[MBEDTLS_SHA256_BLOCK_SIZE]; /*!< MBEDTLS_SHA256_BLOCK_SIZE buffer to store values so that algorithm is caled once the buffer is filled */
+    unsigned char sbuf_len; /*!< number of bytes to be processed in sbuf */
 }
 mbedtls_sha256_context;
 
@@ -96,32 +104,6 @@ void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char da
 }
 #endif
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/**
- * \brief          Output = SHA-256( input buffer )
- *
- * \param input    buffer holding the  data
- * \param ilen     length of the input data
- * \param output   SHA-224/256 checksum result
- * \param is224    0 = use SHA256, 1 = use SHA224
- */
-void mbedtls_sha256( const unsigned char *input, size_t ilen,
-           unsigned char output[32], int is224 );
-
-/**
- * \brief          Checkup routine
- *
- * \return         0 if successful, or 1 if the test failed
- */
-int mbedtls_sha256_self_test( int verbose );
-
-#ifdef __cplusplus
-}
-#endif
-
 #endif /* MBEDTLS_SHA256_ALT */
 
-#endif /* sha1_alt.h */
+#endif /* sha256_alt.h */
