[NUC472] Fix SHA accelerator errors

1. Fix clone SHA context error. Convert SHA H/W context to SHA S/W context due to just one instance of SHA H/W.
2. Fix partial update error.

Author: ccli8

hal/targets/hal/TARGET_NUVOTON/TARGET_NUC472/crypto/sha/sha1_alt.c

@@ -25,29 +25,19 @@
 
 #include "sha1_alt.h"
 #include "crypto-misc.h"
+#include "nu_bitutil.h"
+#include "string.h"
 
 void mbedtls_sha1_init(mbedtls_sha1_context *ctx)
 {
     if (crypto_sha_acquire()) {
-        ctx->mbedtls_sha1_init = mbedtls_sha1_hw_init;
-        ctx->mbedtls_sha1_free = mbedtls_sha1_hw_free;
-        ctx->mbedtls_sha1_clone = mbedtls_sha1_hw_clone;
-        ctx->mbedtls_sha1_starts = mbedtls_sha1_hw_starts;
-        ctx->mbedtls_sha1_update = mbedtls_sha1_hw_update;
-        ctx->mbedtls_sha1_finish = mbedtls_sha1_hw_finish;
-        ctx->mbedtls_sha1_process = mbedtls_sha1_hw_process;
+        ctx->ishw = 1;
+        mbedtls_sha1_hw_init(&ctx->hw_ctx);
     }
     else {
-        ctx->mbedtls_sha1_init = mbedtls_sha1_sw_init;
-        ctx->mbedtls_sha1_free = mbedtls_sha1_sw_free;
-        ctx->mbedtls_sha1_clone = mbedtls_sha1_sw_clone;
-        ctx->mbedtls_sha1_starts = mbedtls_sha1_sw_starts;
-        ctx->mbedtls_sha1_update = mbedtls_sha1_sw_update;
-        ctx->mbedtls_sha1_finish = mbedtls_sha1_sw_finish;
-        ctx->mbedtls_sha1_process = mbedtls_sha1_sw_process;
+        ctx->ishw = 0;
+        mbedtls_sha1_sw_init(&ctx->sw_ctx);
     }
-    
-    ctx->mbedtls_sha1_init(ctx);
 }
 
 void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
@@ -56,48 +46,90 @@ void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
         return;
     }
 
-    ctx->mbedtls_sha1_free(ctx);
-    
-    if (ctx->mbedtls_sha1_init == mbedtls_sha1_hw_init) {
+    if (ctx->ishw) {
+        mbedtls_sha1_hw_free(&ctx->hw_ctx);
         crypto_sha_release();
     }
+    else {
+        mbedtls_sha1_sw_free(&ctx->sw_ctx);
+    }
 }
 
 void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
                         const mbedtls_sha1_context *src)
 {
-    *dst = *src;
+    if (src->ishw) {
+        // Clone S/W ctx from H/W ctx
+        dst->ishw = 0;
+        dst->sw_ctx.total[0] = src->hw_ctx.total;
+        dst->sw_ctx.total[1] = 0;
+        {
+            unsigned char output[20];
+            crypto_sha_getinternstate(output, sizeof (output));
+            dst->sw_ctx.state[0] = nu_get32_be(output);
+            dst->sw_ctx.state[1] = nu_get32_be(output + 4);
+            dst->sw_ctx.state[2] = nu_get32_be(output + 8);
+            dst->sw_ctx.state[3] = nu_get32_be(output + 12);
+            dst->sw_ctx.state[4] = nu_get32_be(output + 16);
+        }
+        memcpy(dst->sw_ctx.buffer, src->hw_ctx.buffer, src->hw_ctx.buffer_left);
+        if (src->hw_ctx.buffer_left == src->hw_ctx.blocksize) {
+            mbedtls_sha1_sw_process(&dst->sw_ctx, dst->sw_ctx.buffer);
+        }
+    }
+    else {
+        // Clone S/W ctx from S/W ctx
+        dst->sw_ctx = src->sw_ctx;
+    }
 }
 
 /*
  * SHA-1 context setup
  */
 void mbedtls_sha1_starts(mbedtls_sha1_context *ctx)
 {
-    ctx->mbedtls_sha1_starts(ctx);
-    
-    return;
+    if (ctx->ishw) {
+        mbedtls_sha1_hw_starts(&ctx->hw_ctx);
+    }
+    else {
+        mbedtls_sha1_sw_starts(&ctx->sw_ctx);
+    }
 }
 
 /*
  * SHA-1 process buffer
  */
 void mbedtls_sha1_update(mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen)
 {
-    ctx->mbedtls_sha1_update(ctx, input, ilen);
+    if (ctx->ishw) {
+        mbedtls_sha1_hw_update(&ctx->hw_ctx, input, ilen);
+    }
+    else {
+        mbedtls_sha1_sw_update(&ctx->sw_ctx, input, ilen);
+    }
 }
 
 /*
  * SHA-1 final digest
  */
 void mbedtls_sha1_finish(mbedtls_sha1_context *ctx, unsigned char output[20])
 {
-    ctx->mbedtls_sha1_finish(ctx, output);
+    if (ctx->ishw) {
+        mbedtls_sha1_hw_finish(&ctx->hw_ctx, output);
+    }
+    else {
+        mbedtls_sha1_sw_finish(&ctx->sw_ctx, output);
+    }
 }
 
 void mbedtls_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[64])
 {
-    ctx->mbedtls_sha1_process(ctx, data);
+    if (ctx->ishw) {
+        mbedtls_sha1_hw_process(&ctx->hw_ctx, data);
+    }
+    else {
+        mbedtls_sha1_sw_process(&ctx->sw_ctx, data);
+    }
 }
 
 #endif /* MBEDTLS_SHA1_ALT */

hal/targets/hal/TARGET_NUVOTON/TARGET_NUC472/crypto/sha/sha1_alt.h

@@ -40,18 +40,9 @@ struct mbedtls_sha1_context_s;
  */
 typedef struct mbedtls_sha1_context_s
 {
-    union {
-        crypto_sha_context hw_ctx;
-        mbedtls_sha1_sw_context sw_ctx;
-    };
-    
-    void (*mbedtls_sha1_init)(struct mbedtls_sha1_context_s *ctx);
-    void (*mbedtls_sha1_free)(struct mbedtls_sha1_context_s *ctx);
-    void (*mbedtls_sha1_clone)(struct mbedtls_sha1_context_s *dst, const struct mbedtls_sha1_context_s *src);
-    void (*mbedtls_sha1_starts)(struct mbedtls_sha1_context_s *ctx);
-    void (*mbedtls_sha1_update)(struct mbedtls_sha1_context_s *ctx, const unsigned char *input, size_t ilen);
-    void (*mbedtls_sha1_finish)(struct mbedtls_sha1_context_s *ctx, unsigned char output[20]);
-    void (*mbedtls_sha1_process)(struct mbedtls_sha1_context_s *ctx, const unsigned char data[64]);
+    int ishw;
+    crypto_sha_context hw_ctx;
+    mbedtls_sha1_sw_context sw_ctx;
 }
 mbedtls_sha1_context;
 

hal/targets/hal/TARGET_NUVOTON/TARGET_NUC472/crypto/sha/sha1_alt_sw.c

@@ -65,32 +65,30 @@ static void mbedtls_zeroize( void *v, size_t n ) {
 }
 #endif
 
-void mbedtls_sha1_sw_init( mbedtls_sha1_context *ctx )
+void mbedtls_sha1_sw_init( mbedtls_sha1_sw_context *ctx )
 {
-    memset( &ctx->sw_ctx, 0, sizeof( ctx->sw_ctx ) );
+    memset( ctx, 0, sizeof( mbedtls_sha1_sw_context ) );
 }
 
-void mbedtls_sha1_sw_free( mbedtls_sha1_context *ctx )
+void mbedtls_sha1_sw_free( mbedtls_sha1_sw_context *ctx )
 {
     if( ctx == NULL )
         return;
 
-    mbedtls_zeroize( &ctx->sw_ctx, sizeof( ctx->sw_ctx ) );
+    mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_sw_context ) );
 }
 
-void mbedtls_sha1_sw_clone( mbedtls_sha1_context *dst,
-                         const mbedtls_sha1_context *src )
+void mbedtls_sha1_sw_clone( mbedtls_sha1_sw_context *dst,
+                         const mbedtls_sha1_sw_context *src )
 {
-    dst->sw_ctx = src->sw_ctx;
+    *dst = *src;
 }
 
 /*
  * SHA-1 context setup
  */
-void mbedtls_sha1_sw_starts( mbedtls_sha1_context *ctx_ )
+void mbedtls_sha1_sw_starts( mbedtls_sha1_sw_context *ctx )
 {
-    mbedtls_sha1_sw_context *ctx = &ctx_->sw_ctx;
-    
     ctx->total[0] = 0;
     ctx->total[1] = 0;
 
@@ -101,10 +99,8 @@ void mbedtls_sha1_sw_starts( mbedtls_sha1_context *ctx_ )
     ctx->state[4] = 0xC3D2E1F0;
 }
 
-void mbedtls_sha1_sw_process( mbedtls_sha1_context *ctx_, const unsigned char data[64] )
+void mbedtls_sha1_sw_process( mbedtls_sha1_sw_context *ctx, const unsigned char data[64] )
 {
-    mbedtls_sha1_sw_context *ctx = &ctx_->sw_ctx;
-    
     uint32_t temp, W[16], A, B, C, D, E;
 
     GET_UINT32_BE( W[ 0], data,  0 );
@@ -262,10 +258,8 @@ void mbedtls_sha1_sw_process( mbedtls_sha1_context *ctx_, const unsigned char da
 /*
  * SHA-1 process buffer
  */
-void mbedtls_sha1_sw_update( mbedtls_sha1_context *ctx_, const unsigned char *input, size_t ilen )
+void mbedtls_sha1_sw_update( mbedtls_sha1_sw_context *ctx, const unsigned char *input, size_t ilen )
 {
-    mbedtls_sha1_sw_context *ctx = &ctx_->sw_ctx;
-    
     size_t fill;
     uint32_t left;
 
@@ -284,15 +278,15 @@ void mbedtls_sha1_sw_update( mbedtls_sha1_context *ctx_, const unsigned char *in
     if( left && ilen >= fill )
     {
         memcpy( (void *) (ctx->buffer + left), input, fill );
-        mbedtls_sha1_sw_process( ctx_, ctx->buffer );
+        mbedtls_sha1_sw_process( ctx, ctx->buffer );
         input += fill;
         ilen  -= fill;
         left = 0;
     }
 
     while( ilen >= 64 )
     {
-        mbedtls_sha1_sw_process( ctx_, input );
+        mbedtls_sha1_sw_process( ctx, input );
         input += 64;
         ilen  -= 64;
     }
@@ -312,10 +306,8 @@ static const unsigned char sha1_padding[64] =
 /*
  * SHA-1 final digest
  */
-void mbedtls_sha1_sw_finish( mbedtls_sha1_context *ctx_, unsigned char output[20] )
+void mbedtls_sha1_sw_finish( mbedtls_sha1_sw_context *ctx, unsigned char output[20] )
 {
-    mbedtls_sha1_sw_context *ctx = &ctx_->sw_ctx;
-    
     uint32_t last, padn;
     uint32_t high, low;
     unsigned char msglen[8];
@@ -330,8 +322,8 @@ void mbedtls_sha1_sw_finish( mbedtls_sha1_context *ctx_, unsigned char output[20
     last = ctx->total[0] & 0x3F;
     padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
 
-    mbedtls_sha1_sw_update( ctx_, sha1_padding, padn );
-    mbedtls_sha1_sw_update( ctx_, msglen, 8 );
+    mbedtls_sha1_sw_update( ctx, sha1_padding, padn );
+    mbedtls_sha1_sw_update( ctx, msglen, 8 );
 
     PUT_UINT32_BE( ctx->state[0], output,  0 );
     PUT_UINT32_BE( ctx->state[1], output,  4 );

hal/targets/hal/TARGET_NUVOTON/TARGET_NUC472/crypto/sha/sha1_alt_sw.h

@@ -39,8 +39,6 @@
 extern "C" {
 #endif
 
-struct mbedtls_sha1_context_s;
-
 /**
  * \brief          SHA-1 context structure
  */
@@ -57,30 +55,30 @@ mbedtls_sha1_sw_context;
  *
  * \param ctx      SHA-1 context to be initialized
  */
-void mbedtls_sha1_sw_init( struct mbedtls_sha1_context_s *ctx );
+void mbedtls_sha1_sw_init( mbedtls_sha1_sw_context *ctx );
 
 /**
  * \brief          Clear SHA-1 context
  *
  * \param ctx      SHA-1 context to be cleared
  */
-void mbedtls_sha1_sw_free( struct mbedtls_sha1_context_s *ctx );
+void mbedtls_sha1_sw_free( mbedtls_sha1_sw_context *ctx );
 
 /**
  * \brief          Clone (the state of) a SHA-1 context
  *
  * \param dst      The destination context
  * \param src      The context to be cloned
  */
-void mbedtls_sha1_sw_clone( struct mbedtls_sha1_context_s *dst,
-                         const struct mbedtls_sha1_context_s *src );
+void mbedtls_sha1_sw_clone( mbedtls_sha1_sw_context *dst,
+                         const mbedtls_sha1_sw_context *src );
 
 /**
  * \brief          SHA-1 context setup
  *
  * \param ctx      context to be initialized
  */
-void mbedtls_sha1_sw_starts( struct mbedtls_sha1_context_s *ctx );
+void mbedtls_sha1_sw_starts( mbedtls_sha1_sw_context *ctx );
 
 /**
  * \brief          SHA-1 process buffer
@@ -89,18 +87,18 @@ void mbedtls_sha1_sw_starts( struct mbedtls_sha1_context_s *ctx );
  * \param input    buffer holding the  data
  * \param ilen     length of the input data
  */
-void mbedtls_sha1_sw_update( struct mbedtls_sha1_context_s *ctx, const unsigned char *input, size_t ilen );
+void mbedtls_sha1_sw_update( mbedtls_sha1_sw_context *ctx, const unsigned char *input, size_t ilen );
 
 /**
  * \brief          SHA-1 final digest
  *
  * \param ctx      SHA-1 context
  * \param output   SHA-1 checksum result
  */
-void mbedtls_sha1_sw_finish( struct mbedtls_sha1_context_s *ctx, unsigned char output[20] );
+void mbedtls_sha1_sw_finish( mbedtls_sha1_sw_context *ctx, unsigned char output[20] );
 
 /* Internal use */
-void mbedtls_sha1_sw_process( struct mbedtls_sha1_context_s *ctx, const unsigned char data[64] );
+void mbedtls_sha1_sw_process( mbedtls_sha1_sw_context *ctx, const unsigned char data[64] );
 
 #ifdef __cplusplus
 }