Skip to content

Commit 601463d

Browse files
taltenbachd3zd3z
taltenbach
authored and
d3zd3z
committed
bootutil: Add SHA-512 support with mbedTLS
The use of SHA-512 was only available with PSA. This commit adds support for SHA-512 when using mbedTLS. Signed-off-by: Thomas Altenbach <[email protected]>
1 parent f1f557f commit 601463d

File tree

1 file changed

+42
-3
lines changed
  • boot/bootutil/include/bootutil/crypto

1 file changed

+42
-3
lines changed

boot/bootutil/include/bootutil/crypto/sha.h

Lines changed: 42 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,12 @@
5555

5656
#elif defined(MCUBOOT_USE_MBED_TLS)
5757

58+
#ifdef MCUBOOT_SHA512
59+
#include <mbedtls/sha512.h>
60+
#else
5861
#include <mbedtls/sha256.h>
62+
#endif
63+
5964
#include <mbedtls/version.h>
6065
#if MBEDTLS_VERSION_NUMBER >= 0x03000000
6166
#include <mbedtls/compat-2.x.h>
@@ -123,31 +128,65 @@ static inline int bootutil_sha_finish(bootutil_sha_context *ctx,
123128

124129
#elif defined(MCUBOOT_USE_MBED_TLS)
125130

131+
#ifdef MCUBOOT_SHA512
132+
typedef mbedtls_sha512_context bootutil_sha_context;
133+
#else
126134
typedef mbedtls_sha256_context bootutil_sha_context;
135+
#endif
127136

128137
static inline int bootutil_sha_init(bootutil_sha_context *ctx)
129138
{
139+
int ret;
140+
141+
#ifdef MCUBOOT_SHA512
142+
mbedtls_sha512_init(ctx);
143+
ret = mbedtls_sha512_starts_ret(ctx, 0);
144+
#else
130145
mbedtls_sha256_init(ctx);
131-
return mbedtls_sha256_starts_ret(ctx, 0);
146+
ret = mbedtls_sha256_starts_ret(ctx, 0);
147+
#endif
148+
149+
return ret;
132150
}
133151

134152
static inline int bootutil_sha_drop(bootutil_sha_context *ctx)
135153
{
154+
#ifdef MCUBOOT_SHA512
155+
mbedtls_sha512_free(ctx);
156+
#else
136157
mbedtls_sha256_free(ctx);
158+
#endif
159+
137160
return 0;
138161
}
139162

140163
static inline int bootutil_sha_update(bootutil_sha_context *ctx,
141164
const void *data,
142165
uint32_t data_len)
143166
{
144-
return mbedtls_sha256_update_ret(ctx, data, data_len);
167+
int ret;
168+
169+
#ifdef MCUBOOT_SHA512
170+
ret = mbedtls_sha512_update_ret(ctx, data, data_len);
171+
#else
172+
ret = mbedtls_sha256_update_ret(ctx, data, data_len);
173+
#endif
174+
175+
return ret;
145176
}
146177

147178
static inline int bootutil_sha_finish(bootutil_sha_context *ctx,
148179
uint8_t *output)
149180
{
150-
return mbedtls_sha256_finish_ret(ctx, output);
181+
int ret;
182+
183+
#ifdef MCUBOOT_SHA512
184+
ret = mbedtls_sha512_finish_ret(ctx, output);
185+
#else
186+
ret = mbedtls_sha256_finish_ret(ctx, output);
187+
#endif
188+
189+
return ret;
151190
}
152191

153192
#endif /* MCUBOOT_USE_MBED_TLS */

0 commit comments

Comments
 (0)