nrf_security: Set max enabled hash block size in Cracen

Define the maximum block size of the hash functions based
on the enabled algorithms to reduce stack size.

Also rename it to the more descriptive
SX_HASH_MAX_ENABLED_BLOCK_SIZE.

Signed-off-by: Georgios Vasilakis <[email protected]>

Author: Vge0rge

subsys/nrf_security/src/drivers/cracen/cracenpsa/include/cracen_psa_primitives.h

@@ -17,9 +17,7 @@
 #include <sxsymcrypt/cmac.h>
 #include <sxsymcrypt/internal.h>
 #include <sxsymcrypt/trng.h>
-
-/* Max blocksize of the supported algorithms 144 bytes */
-#define MAX_HASH_BLOCK_SIZE 144
+#include <sxsymcrypt/hashdefs.h>
 
 #define SX_BLKCIPHER_IV_SZ	(16U)
 #define SX_BLKCIPHER_AES_BLK_SZ (16U)
@@ -141,7 +139,7 @@ struct cracen_hash_operation_s {
 	size_t bytes_left_for_next_block;
 
 	/* Buffer for input data to fill up the next block */
-	uint8_t input_buffer[MAX_HASH_BLOCK_SIZE];
+	uint8_t input_buffer[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 
 	/* Flag to know if the Hashing has already started */
 	bool is_first_block;
@@ -192,13 +190,13 @@ struct cracen_mac_operation_s {
 	size_t bytes_left_for_next_block;
 
 	/* Buffer for input data to fill up the next block */
-	uint8_t input_buffer[MAX_HASH_BLOCK_SIZE];
+	uint8_t input_buffer[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 
 	union {
 		struct {
 			struct sitask task;
 
-			uint8_t workmem[MAX_HASH_BLOCK_SIZE + PSA_HASH_MAX_SIZE];
+			uint8_t workmem[SX_HASH_MAX_ENABLED_BLOCK_SIZE + PSA_HASH_MAX_SIZE];
 		} hmac;
 
 		struct {
@@ -216,7 +214,7 @@ struct cracen_key_derivation_operation {
 	psa_algorithm_t alg;
 	enum cracen_kd_state state;
 	uint64_t capacity;
-	uint8_t output_block[MAX_HASH_BLOCK_SIZE];
+	uint8_t output_block[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 	uint8_t output_block_available_bytes;
 	union{
 		cracen_mac_operation_t mac_op;
@@ -225,16 +223,16 @@ struct cracen_key_derivation_operation {
 	union {
 		struct {
 			uint8_t blk_counter;
-			uint8_t prk[MAX_HASH_BLOCK_SIZE];
-			uint8_t t[MAX_HASH_BLOCK_SIZE];
+			uint8_t prk[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
+			uint8_t t[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 			char info[CRACEN_HKDF_MAX_INFO_SIZE];
 			size_t info_length;
 			bool info_set;
 		} hkdf;
 
 		struct {
 			uint64_t input_cost;
-			char password[MAX_HASH_BLOCK_SIZE];
+			char password[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 			size_t password_length;
 			char salt[CRACEN_PBKDF_MAX_SALT_SIZE];
 			size_t salt_length;
@@ -274,7 +272,7 @@ struct cracen_key_derivation_operation {
 			uint8_t label[CRACEN_TLS12_PRF_MAX_LABEL_SIZE];
 			size_t label_length;
 			size_t counter;
-			uint8_t a[MAX_HASH_BLOCK_SIZE];
+			uint8_t a[SX_HASH_MAX_ENABLED_BLOCK_SIZE];
 		} tls12;
 	};
 };

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/hash.c

@@ -19,6 +19,10 @@
 #include <cracen/mem_helpers.h>
 #include "cracen_psa_primitives.h"
 
+_Static_assert(SX_HASH_MAX_ENABLED_BLOCK_SIZE != 1,
+	       "To compile this file you need at least one hash algorithm enabled in the driver "
+	       "using the PSA_WANT_* configs.");
+
 psa_status_t cracen_hash_compute(psa_algorithm_t alg, const uint8_t *input, size_t input_length,
 				 uint8_t *hash, size_t hash_size, size_t *hash_length)
 {

subsys/nrf_security/src/drivers/cracen/cracenpsa/src/mac.c

@@ -11,6 +11,7 @@
 #include <string.h>
 #include <sxsymcrypt/cmac.h>
 #include <sxsymcrypt/hash.h>
+#include <sxsymcrypt/hashdefs.h>
 #include <sxsymcrypt/keyref.h>
 #include <zephyr/sys/__assert.h>
 #include "common.h"
@@ -35,7 +36,7 @@ static psa_status_t cracen_hmac_setup(cracen_mac_operation_t *operation,
 
 	/* HMAC task creation and configuration. */
 	si_task_init(&operation->hmac.task, operation->hmac.workmem,
-		     MAX_HASH_BLOCK_SIZE + PSA_HASH_MAX_SIZE);
+		     SX_HASH_MAX_ENABLED_BLOCK_SIZE + PSA_HASH_MAX_SIZE);
 	si_mac_create_hmac(&operation->hmac.task, sx_hash_algo, key_buffer, key_buffer_size);
 
 	/* Wait until the key is processed */

subsys/nrf_security/src/drivers/cracen/sxsymcrypt/include/sxsymcrypt/hashdefs.h

@@ -34,6 +34,30 @@
 #define SX_HASH_BLOCKSZ_SHA1 64
 #define SX_HASH_BLOCKSZ_SM3 64
 
+/*
+ * !!! ORDER MATTERS !!!
+ */
+#if defined(PSA_NEED_CRACEN_SHA3_224)
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA3_224
+#elif defined(PSA_NEED_CRACEN_SHA3_256)
+/* SHAKE256 has the same size but doesn't have a PSA_NEED yet */
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA3_256
+#elif defined(PSA_NEED_CRACEN_SHA_512) || defined(PSA_NEED_CRACEN_SHA_384)
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA2_512
+#elif defined(PSA_NEED_CRACEN_SHA3_384)
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA3_384
+#elif defined(PSA_NEED_CRACEN_SHA3_512)
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA3_512
+#elif defined(PSA_NEED_CRACEN_SHA_256) || defined(PSA_NEED_CRACEN_SHA_224)
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA2_256
+#elif defined(PSA_NEED_CRACEN_SHA_1)
+/* SM3 has the same size but doesn't have a PSA_NEED yet */
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE SX_HASH_BLOCKSZ_SHA1
+#else
+/* A static assert is used in the hash.c against size 1. */
+#define SX_HASH_MAX_ENABLED_BLOCK_SIZE 1
+#endif
+
 /* These are not magic numbers, the number here is the size in bytes of the
  * extramem field of sxhash. The extra memory holds the data for saving/resuming
  * the state and should have the size of statesz + maxpadsz.