summaryrefslogtreecommitdiff
path: root/wolfcrypt/src/port/Espressif
diff options
context:
space:
mode:
authorauth12 <[email protected]>2020-07-22 08:34:12 -0700
committerauth12 <[email protected]>2020-07-22 08:34:12 -0700
commit5015ddb9b1eee748efc24056e46f81888c975f7a (patch)
treea810f6ee90f8bfe0e934fdd9142198e6b3862957 /wolfcrypt/src/port/Espressif
downloadwolfssl_windows-5015ddb9b1eee748efc24056e46f81888c975f7a.tar.xz
wolfssl_windows-5015ddb9b1eee748efc24056e46f81888c975f7a.zip
Initial commit
Diffstat (limited to 'wolfcrypt/src/port/Espressif')
-rw-r--r--wolfcrypt/src/port/Espressif/README.md109
-rw-r--r--wolfcrypt/src/port/Espressif/esp32_aes.c299
-rw-r--r--wolfcrypt/src/port/Espressif/esp32_mp.c514
-rw-r--r--wolfcrypt/src/port/Espressif/esp32_sha.c434
-rw-r--r--wolfcrypt/src/port/Espressif/esp32_util.c67
5 files changed, 1423 insertions, 0 deletions
diff --git a/wolfcrypt/src/port/Espressif/README.md b/wolfcrypt/src/port/Espressif/README.md
new file mode 100644
index 0000000..4f0d0b5
--- /dev/null
+++ b/wolfcrypt/src/port/Espressif/README.md
@@ -0,0 +1,109 @@
+# ESP32 Port
+
+Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
+
+## ESP32 Acceleration
+
+For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
+
+### Building
+
+To enable hw acceleration :
+
+Uncomment out #define WOLFSSL_ESPIDF in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+Uncomment out #define WOLFSSL_ESPWROOM32 in /path/to/wolfssl/wolfssl/wolfcrypt/settings.h
+
+To disable portions of the hardware acceleration you can optionally define:
+
+```
+/* Disabled SHA, AES and RSA acceleration */
+#define NO_ESP32WROOM32_CRYPT
+/* Disabled AES acceleration */
+#define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
+/* Disabled SHA acceleration */
+#define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
+/* Disabled RSA Primitive acceleration */
+#define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+```
+
+### Coding
+
+In your application you must include <wolfssl/wolfcrypt/settings.h> before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`.
+
+
+### Benchmarks
+
+w/ USE_FAST_MATH and WOLFSSL_SMALL_STACK options
+
+Software only implementation :
+
+```
+AES-128-CBC-enc 1 MB took 1.001 seconds, 1.146 MB/s
+AES-128-CBC-dec 1 MB took 1.017 seconds, 1.104 MB/s
+AES-192-CBC-enc 1 MB took 1.018 seconds, 1.055 MB/s
+AES-192-CBC-dec 1 MB took 1.006 seconds, 1.019 MB/s
+AES-256-CBC-enc 1000 KB took 1.000 seconds, 1000.000 KB/s
+AES-256-CBC-dec 975 KB took 1.007 seconds, 968.222 KB/s
+AES-128-GCM-enc 350 KB took 1.055 seconds, 331.754 KB/s
+AES-128-GCM-dec 350 KB took 1.054 seconds, 332.068 KB/s
+AES-192-GCM-enc 325 KB took 1.013 seconds, 320.829 KB/s
+AES-192-GCM-dec 325 KB took 1.013 seconds, 320.829 KB/s
+AES-256-GCM-enc 325 KB took 1.041 seconds, 312.200 KB/s
+AES-256-GCM-dec 325 KB took 1.041 seconds, 312.200 KB/s
+SHA 6 MB took 1.004 seconds, 5.714 MB/s
+SHA-256 2 MB took 1.006 seconds, 1.747 MB/s
+SHA-384 1 MB took 1.011 seconds, 1.159 MB/s
+SHA-512 1 MB took 1.009 seconds, 1.161 MB/s
+HMAC-SHA 6 MB took 1.001 seconds, 5.634 MB/s
+HMAC-SHA256 2 MB took 1.000 seconds, 1.733 MB/s
+HMAC-SHA384 1 MB took 1.004 seconds, 1.046 MB/s
+HMAC-SHA512 1 MB took 1.002 seconds, 1.048 MB/s
+RSA 2048 public 16 ops took 1.056 sec, avg 66.000 ms, 15.152 ops/sec
+RSA 2048 private 2 ops took 2.488 sec, avg 1244.000 ms, 0.804 ops/sec
+ECC 256 key gen 4 ops took 1.101 sec, avg 275.250 ms, 3.633 ops/sec
+ECDHE 256 agree 4 ops took 1.098 sec, avg 274.500 ms, 3.643 ops/sec
+ECDSA 256 sign 4 ops took 1.111 sec, avg 277.750 ms, 3.600 ops/sec
+ECDSA 256 verify 2 ops took 1.099 sec, avg 549.500 ms, 1.820 ops/sec
+```
+
+Hardware Acceleration :
+
+
+```
+AES-128-CBC-enc 6 MB took 1.004 seconds, 5.958 MB/s
+AES-128-CBC-dec 5 MB took 1.002 seconds, 5.287 MB/s
+AES-192-CBC-enc 6 MB took 1.004 seconds, 5.958 MB/s
+AES-192-CBC-dec 5 MB took 1.002 seconds, 5.287 MB/s
+AES-256-CBC-enc 6 MB took 1.001 seconds, 5.951 MB/s
+AES-256-CBC-dec 5 MB took 1.004 seconds, 5.277 MB/s
+AES-128-GCM-enc 375 KB took 1.067 seconds, 351.453 KB/s
+AES-128-GCM-dec 375 KB took 1.067 seconds, 351.453 KB/s
+AES-192-GCM-enc 350 KB took 1.010 seconds, 346.535 KB/s
+AES-192-GCM-dec 350 KB took 1.009 seconds, 346.878 KB/s
+AES-256-GCM-enc 350 KB took 1.016 seconds, 344.488 KB/s
+AES-256-GCM-dec 350 KB took 1.016 seconds, 344.488 KB/s
+SHA 14 MB took 1.000 seconds, 14.062 MB/s
+SHA-256 15 MB took 1.000 seconds, 15.234 MB/s
+SHA-384 17 MB took 1.000 seconds, 17.383 MB/s
+SHA-512 18 MB took 1.001 seconds, 17.512 MB/s
+HMAC-SHA 14 MB took 1.000 seconds, 13.818 MB/s
+HMAC-SHA256 15 MB took 1.001 seconds, 14.951 MB/s
+HMAC-SHA384 17 MB took 1.001 seconds, 16.683 MB/s
+HMAC-SHA512 17 MB took 1.000 seconds, 16.943 MB/s
+RSA 2048 public 20 ops took 1.017 sec, avg 50.850 ms, 19.666 ops/sec
+RSA 2048 private 4 ops took 1.059 sec, avg 264.750 ms, 3.777 ops/sec
+ECC 256 key gen 4 ops took 1.092 sec, avg 273.000 ms, 3.663 ops/sec
+ECDHE 256 agree 4 ops took 1.089 sec, avg 272.250 ms, 3.673 ops/sec
+ECDSA 256 sign 4 ops took 1.101 sec, avg 275.250 ms, 3.633 ops/sec
+ECDSA 256 verify 2 ops took 1.092 sec, avg 546.000 ms, 1.832 ops/sec
+```
+
+Condition :
+- Model : ESP32-WROOM-32
+- CPU Speed: 240Mhz
+- ESP-IDF : v3.3-beta1-39-g6cb37ecc5(commit hash : 6cb37ecc5)
+- OS : Ubuntu 18.04.1 LTS (Bionic Beaver)
+
+## Support
+
+Email us at [[email protected]](mailto:[email protected]).
diff --git a/wolfcrypt/src/port/Espressif/esp32_aes.c b/wolfcrypt/src/port/Espressif/esp32_aes.c
new file mode 100644
index 0000000..f2fb8a5
--- /dev/null
+++ b/wolfcrypt/src/port/Espressif/esp32_aes.c
@@ -0,0 +1,299 @@
+/* esp32_aes.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef NO_AES
+
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+
+#include <wolfssl/wolfcrypt/aes.h>
+#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
+
+static const char* TAG = "wolf_hw_aes";
+/* mutex */
+static wolfSSL_Mutex aes_mutex;
+static int espaes_CryptHwMutexInit = 0;
+
+/*
+* lock hw engine.
+* this should be called before using engine.
+*/
+static int esp_aes_hw_InUse()
+{
+ int ret = 0;
+
+ ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
+
+ if(espaes_CryptHwMutexInit == 0) {
+ ret = esp_CryptHwMutexInit(&aes_mutex);
+ if(ret == 0){
+ espaes_CryptHwMutexInit = 1;
+ } else {
+ ESP_LOGE(TAG, "aes mutx initialization failed.");
+ return -1;
+ }
+ }
+ /* lock hardware */
+ ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
+ if(ret != 0) {
+ ESP_LOGE(TAG, "aes engine lock failed.");
+ return -1;
+ }
+ /* Enable AES hardware */
+ periph_module_enable(PERIPH_AES_MODULE);
+
+ ESP_LOGV(TAG, "leave esp_aes_hw_InUse");
+ return ret;
+}
+
+/*
+* release hw engine
+*/
+static void esp_aes_hw_Leave( void )
+{
+ ESP_LOGV(TAG, "enter esp_aes_hw_Leave");
+ /* Disable AES hardware */
+ periph_module_disable(PERIPH_AES_MODULE);
+
+ /* unlock */
+ esp_CryptHwMutexUnLock(&aes_mutex);
+
+ ESP_LOGV(TAG, "leave esp_aes_hw_Leave");
+}
+
+/*
+ * set key to hardware key registers.
+ */
+static void esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
+{
+ int i;
+ word32 mode_ = 0;
+
+ ESP_LOGV(TAG, "enter esp_aes_hw_Set_KeyMode");
+
+ /* check mode */
+ if(mode == ESP32_AES_UPDATEKEY_ENCRYPT) {
+ mode_ = 0;
+ } else if(mode == ESP32_AES_UPDATEKEY_DECRYPT){
+ mode_ = 4;
+ } else {
+ ESP_LOGE(TAG, "unexpected error.");
+ return;
+ }
+
+ /* update key */
+ for(i=0;i<(ctx->keylen)/sizeof(word32);i++){
+ DPORT_REG_WRITE(AES_KEY_BASE + (i*4), *(((word32*)ctx->key) + i));
+ }
+
+ /* mode
+ * 0 AES-128 Encryption
+ * 1 AES-192 Encryption
+ * 2 AES-256 Encryption
+ * 4 AES-128 Decryption
+ * 5 AES-192 Decryption
+ * 6 AES-256 Decryption
+ */
+ switch(ctx->keylen){
+ case 24: mode_ += 1; break;
+ case 32: mode_ += 2; break;
+ default: break;
+ }
+
+ DPORT_REG_WRITE(AES_MODE_REG, mode_);
+ ESP_LOGV(TAG, "leave esp_aes_hw_Setkey");
+}
+
+/*
+ * Process a one block of AES
+ */
+static void esp_aes_bk(const byte* in, byte* out)
+{
+ const word32 *inwords = (const word32 *)in;
+ word32 *outwords = (word32 *)out;
+
+ ESP_LOGV(TAG, "enter esp_aes_bk");
+
+ /* copy text for encrypting/decrypting blocks */
+ DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
+ DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
+
+ /* start engine */
+ DPORT_REG_WRITE(AES_START_REG, 1);
+
+ /* wait until finishing the process */
+ while(1) {
+ if(DPORT_REG_READ(AES_IDLE_REG) == 1)
+ break;
+ }
+
+ /* read-out blocks */
+ esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
+ ESP_LOGV(TAG, "leave esp_aes_bk");
+}
+
+/*
+* wc_esp32AesEncrypt
+* @brief: a one block encrypt of the input block, into the output block
+* @param aes: a pointer of the AES object used to encrypt data
+* @param in : a pointer of the input buffer containing plain text to be encrypted
+* @param out: a pointer of the output buffer in which to store the cipher text of
+* the encrypted message
+*/
+int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
+{
+ ESP_LOGV(TAG, "enter wc_esp32AesEncrypt");
+ /* lock the hw engine */
+ esp_aes_hw_InUse();
+ /* load the key into the register */
+ esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
+ /* process a one block of AES */
+ esp_aes_bk(in, out);
+ /* release hw */
+ esp_aes_hw_Leave();
+ return 0;
+}
+/*
+* wc_esp32AesDecrypt
+* @brief: a one block decrypt of the input block, into the output block
+* @param aes: a pointer of the AES object used to decrypt data
+* @param in : a pointer of the input buffer containing plain text to be decrypted
+* @param out: a pointer of the output buffer in which to store the cipher text of
+* the decrypted message
+*/
+int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
+{
+ ESP_LOGV(TAG, "enter wc_esp32AesDecrypt");
+ /* lock the hw engine */
+ esp_aes_hw_InUse();
+ /* load the key into the register */
+ esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
+ /* process a one block of AES */
+ esp_aes_bk(in, out);
+ /* release hw engine */
+ esp_aes_hw_Leave();
+ return 0;
+}
+/*
+* wc_esp32AesCbcEncrypt
+* @brief: Encrypts a plain text message from the input buffer, and places the
+* resulting cipher text into the output buffer using cipher block chaining
+* with AES.
+* @param aes: a pointer of the AES object used to encrypt data
+* @param out: a pointer of the output buffer in which to store the cipher text of
+* the encrypted message
+* @param in : a pointer of the input buffer containing plain text to be encrypted
+* @param sz : size of input message
+*/
+int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+{
+ int i;
+ int offset = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte *iv;
+ byte temp_block[AES_BLOCK_SIZE];
+
+ ESP_LOGV(TAG, "enter wc_esp32AesCbcEncrypt");
+
+ iv = (byte*)aes->reg;
+
+ esp_aes_hw_InUse();
+
+ esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
+
+ while (blocks--) {
+ XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
+
+ /* XOR block with IV for CBC */
+ for (i = 0; i < AES_BLOCK_SIZE; i++)
+ temp_block[i] ^= iv[i];
+
+ esp_aes_bk(temp_block, (out + offset));
+
+ offset += AES_BLOCK_SIZE;
+
+ /* store IV for next block */
+ XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+ }
+
+ esp_aes_hw_Leave();
+ ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt");
+ return 0;
+}
+/*
+* wc_esp32AesCbcDecrypt
+* @brief: Encrypts a plain text message from the input buffer, and places the
+* resulting cipher text into the output buffer using cipher block chaining
+* with AES.
+* @param aes: a pointer of the AES object used to decrypt data
+* @param out: a pointer of the output buffer in which to store the cipher text of
+* the decrypted message
+* @param in : a pointer of the input buffer containing plain text to be decrypted
+* @param sz : size of input message
+*/
+int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+{
+ int i;
+ int offset = 0;
+ word32 blocks = (sz / AES_BLOCK_SIZE);
+ byte* iv;
+ byte temp_block[AES_BLOCK_SIZE];
+
+ ESP_LOGV(TAG, "enter wc_esp32AesCbcDecrypt");
+
+ iv = (byte*)aes->reg;
+
+ esp_aes_hw_InUse();
+
+ esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
+
+ while (blocks--) {
+ XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
+
+ esp_aes_bk((in + offset), (out + offset));
+
+ /* XOR block with IV for CBC */
+ for (i = 0; i < AES_BLOCK_SIZE; i++)
+ (out + offset)[i] ^= iv[i];
+
+ /* store IV for next block */
+ XMEMCPY(iv, temp_block, AES_BLOCK_SIZE);
+
+ offset += AES_BLOCK_SIZE;
+ }
+
+ esp_aes_hw_Leave();
+ ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
+ return 0;
+}
+
+#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* NO_AES */
diff --git a/wolfcrypt/src/port/Espressif/esp32_mp.c b/wolfcrypt/src/port/Espressif/esp32_mp.c
new file mode 100644
index 0000000..2174089
--- /dev/null
+++ b/wolfcrypt/src/port/Espressif/esp32_mp.c
@@ -0,0 +1,514 @@
+/* esp32_mp.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#include "wolfssl/wolfcrypt/logging.h"
+
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+
+#ifdef NO_INLINE
+ #include <wolfssl/wolfcrypt/misc.h>
+#else
+ #define WOLFSSL_MISC_INCLUDED
+ #include <wolfcrypt/src/misc.c>
+#endif
+#include <wolfssl/wolfcrypt/tfm.h>
+
+static const char* const TAG = "wolfssl_mp";
+
+#define ESP_HW_RSAMAX_BIT 4096
+#define ESP_HW_MULTI_RSAMAX_BITS 2048
+#define ESP_HW_RSAMIN_BIT 512
+#define BYTE_TO_WORDS(s) (((s+3)>>2)) /* (s+(4-1))/ 4 */
+#define BITS_TO_WORDS(s) (((s+31)>>3)>>2) /* (s+(32-1))/ 8/ 4*/
+
+#define MP_NG -1
+
+/* mutex */
+static wolfSSL_Mutex mp_mutex;
+static int espmp_CryptHwMutexInit = 0;
+/*
+* check if the hw is ready before accessing it
+*/
+static int esp_mp_hw_wait_clean()
+{
+ int timeout = 0;
+ while(++timeout < ESP_RSA_TIMEOUT && DPORT_REG_READ(RSA_CLEAN_REG) != 1){}
+
+ if(timeout >= ESP_RSA_TIMEOUT) {
+ ESP_LOGE(TAG, "waiting hw ready is time-outed.");
+ return MP_NG;
+ }
+ return MP_OKAY;
+}
+/*
+* lock hw engine.
+* this should be called before using engine.
+*/
+static int esp_mp_hw_lock()
+{
+ int ret = 0;
+
+ if(espmp_CryptHwMutexInit == 0) {
+ ret = esp_CryptHwMutexInit(&mp_mutex);
+ if(ret == 0){
+ espmp_CryptHwMutexInit = 1;
+ } else {
+ ESP_LOGE(TAG, "mp mutx initialization failed.");
+ return MP_NG;
+ }
+ }
+ /* lock hardware */
+ ret = esp_CryptHwMutexLock(&mp_mutex, portMAX_DELAY);
+ if(ret != 0) {
+ ESP_LOGE(TAG, "mp engine lock failed.");
+ return MP_NG;
+ }
+ /* Enable RSA hardware */
+ periph_module_enable(PERIPH_RSA_MODULE);
+
+ return ret;
+}
+/*
+* Release hw engine
+*/
+static void esp_mp_hw_unlock( void )
+{
+ /* Disable RSA hardware */
+ periph_module_disable(PERIPH_RSA_MODULE);
+
+ /* unlock */
+ esp_CryptHwMutexUnLock(&mp_mutex);
+}
+/* this is based on an article by Cetin Kaya Koc, A New Algorithm for Inversion*/
+/* mod p^k, June 28 2017. */
+static int esp_calc_Mdash(mp_int *M, word32 k, mp_digit* md)
+{
+ int i;
+ int xi;
+ int b0 = 1;
+ int bi;
+ word32 N = 0;
+ word32 x;
+
+ N = M->dp[0];
+ bi = b0;
+ x = 0;
+
+ for(i = 0; i < k; i++) {
+ xi = bi % 2;
+ if(xi < 0){
+ xi *= -1;
+ }
+ bi = (bi - N * xi) / 2;
+ x |= (xi << i);
+ }
+ /* 2's complement */
+ *md = ~x + 1;
+ return MP_OKAY;
+}
+/* start hw process */
+static void process_start(word32 reg)
+{
+ /* clear interrupt */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
+ /* start process */
+ DPORT_REG_WRITE(reg, 1);
+}
+/* wait until done */
+static int wait_uitil_done(word32 reg)
+{
+ int timeout = 0;
+ /* wait until done && not timeout */
+ while(1) {
+ if(++timeout < ESP_RSA_TIMEOUT && DPORT_REG_READ(reg) == 1){
+ break;
+ }
+ }
+
+ /* clear interrupt */
+ DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
+
+ if(timeout >= ESP_RSA_TIMEOUT) {
+ ESP_LOGE(TAG, "rsa operation is time-outed.");
+ return MP_NG;
+ }
+
+ return MP_OKAY;
+}
+/* read data from memory into mp_init */
+static void esp_memblock_to_mpint(word32 mem_address, mp_int* mp, word32 numwords)
+{
+ esp_dport_access_read_buffer((uint32_t*)mp->dp, mem_address, numwords);
+ mp->used = numwords;
+}
+
+/* write mp_init into memory block */
+static void esp_mpint_to_memblock(word32 mem_address, const mp_int* mp,
+ const word32 bits,
+ const word32 hwords)
+{
+ word32 i;
+ word32 len = (bits / 8 + ((bits & 7) != 0 ? 1 : 0));
+
+ len = (len+sizeof(word32)-1)/sizeof(word32);
+
+ for(i=0;i < hwords; i++) {
+ if(i < len) {
+ DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), mp->dp[i]);
+ } else {
+ DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), 0);
+ }
+ }
+}
+/* return needed hw words. */
+/* supported words length */
+/* words : {16 , 32, 48, 64, 80, 96, 112, 128} */
+/* bits : {512,1024, 1536, 2048, 2560, 3072, 3584, 4096} */
+static word32 words2hwords(word32 wd)
+{
+ const word32 shit_ = 4;
+
+ return (((wd + 0xf)>>shit_)<<shit_);
+}
+/* count the number of words is needed for bits */
+static word32 bits2words(word32 bits)
+{
+ /* 32 bits */
+ const word32 d = sizeof(word32) * WOLFSSL_BIT_SIZE;
+
+ return((bits + (d - 1))/d);
+}
+/* get rinv */
+static int esp_get_rinv(mp_int *rinv, mp_int *M, word32 exp)
+{
+ int ret = 0;
+
+ /* 2^(exp)*/
+ if((ret = mp_2expt(rinv, exp)) != MP_OKAY) {
+ ESP_LOGE(TAG, "failed to calculate mp_2expt()");
+ return ret;
+ }
+
+ /* r_inv = R^2 mod M(=P) */
+ if(ret == 0 && (ret = mp_mod(rinv, M, rinv)) != MP_OKAY){
+ ESP_LOGE(TAG, "failed to calculate mp_mod()");
+ return ret;
+ }
+
+ return ret;
+}
+/* Z = X * Y; */
+int esp_mp_mul(fp_int* X, fp_int* Y, fp_int* Z)
+{
+ int ret = 0;
+ int neg = (X->sign == Y->sign)? MP_ZPOS : MP_NEG;
+
+ word32 Xs;
+ word32 Ys;
+ word32 Zs;
+ word32 maxWords_sz;
+ word32 hwWords_sz;
+
+ /* ask bits number */
+ Xs = mp_count_bits(X);
+ Ys = mp_count_bits(Y);
+ Zs = Xs + Ys;
+
+ /* maximum bits and words for writing to hw */
+ maxWords_sz = bits2words(max(Xs, Ys));
+ hwWords_sz = words2hwords(maxWords_sz);
+
+ /* sanity check */
+ if((hwWords_sz<<5) > ESP_HW_MULTI_RSAMAX_BITS) {
+ ESP_LOGW(TAG, "exceeds max bit length(2048)");
+ return -2;
+ }
+
+ /*Steps to use hw in the following order:
+ * 1. wait until clean hw engine
+ * 2. Write(2*N/512bits - 1 + 8) to MULT_MODE_REG
+ * 3. Write X and Y to memory blocks
+ * need to write data to each memory block only according to the length
+ * of the number.
+ * 4. Write 1 to MUL_START_REG
+ * 5. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
+ * (Or until the INTER interrupt is generated.)
+ * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
+ * 7. Read the Z from RSA_Z_MEM
+ * 8. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
+ * 9. Release the hw engine
+ */
+ /* lock hw for use */
+ if((ret = esp_mp_hw_lock()) != MP_OKAY)
+ return ret;
+
+ if((ret = esp_mp_hw_wait_clean()) != MP_OKAY){
+ return ret;
+ }
+
+ /* step.1 (2*N/512) => N/256. 512 bits => 16 words */
+ DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 3) - 1 + 8);
+ /* step.2 write X, M and r_inv into memory */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
+ /* Y(let-extend) */
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + (hwWords_sz<<2), Y, Ys, hwWords_sz);
+ /* step.3 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.4,5 wait until done */
+ wait_uitil_done(RSA_INTERRUPT_REG);
+ /* step.6 read the result form MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Zs));
+
+ /* step.7 clear and release hw */
+ esp_mp_hw_unlock();
+
+ Z->sign = (Z->used > 0)? neg : MP_ZPOS;
+
+ return ret;
+}
+/* Z = X * Y (mod M) */
+int esp_mp_mulmod(fp_int* X, fp_int* Y, fp_int* M, fp_int* Z)
+{
+ int ret = 0;
+ int negcheck = 0;
+ word32 Xs;
+ word32 Ys;
+ word32 Ms;
+ word32 maxWords_sz;
+ word32 hwWords_sz;
+ word32 zwords;
+
+ mp_int r_inv;
+ mp_int tmpZ;
+ mp_digit mp;
+
+ /* neg check */
+ if(X->sign != Y->sign) {
+ /* X*Y becomes negative */
+ negcheck = 1;
+ }
+ /* ask bits number */
+ Xs = mp_count_bits(X);
+ Ys = mp_count_bits(Y);
+ Ms = mp_count_bits(M);
+
+ /* maximum bits and words for writing to hw */
+ maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
+ zwords = bits2words(min(Ms, Xs + Ys));
+ hwWords_sz = words2hwords(maxWords_sz);
+
+ if((hwWords_sz<<5) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGE(TAG, "exceeds hw maximum bits");
+ return -2;
+ }
+ /* calculate r_inv = R^2 mode M
+ * where: R = b^n, and b = 2^32
+ * accordingly R^2 = 2^(n*32*2)
+ */
+ ret = mp_init_multi(&tmpZ, &r_inv, NULL, NULL, NULL, NULL);
+ if(ret == 0 && (ret = esp_get_rinv(&r_inv, M, (hwWords_sz<<6))) != MP_OKAY) {
+ ESP_LOGE(TAG, "calculate r_inv failed.");
+ mp_clear(&tmpZ);
+ mp_clear(&r_inv);
+ return ret;
+ }
+ /* lock hw for use */
+ if((ret = esp_mp_hw_lock()) != MP_OKAY){
+ mp_clear(&tmpZ);
+ mp_clear(&r_inv);
+ return ret;
+ }
+ /* Calculate M' */
+ if((ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY) {
+ ESP_LOGE(TAG, "failed to calculate M dash");
+ mp_clear(&tmpZ);
+ mp_clear(&r_inv);
+ return -1;
+ }
+ /*Steps to use hw in the following order:
+ * 1. wait until clean hw engine
+ * 2. Write(N/512bits - 1) to MULT_MODE_REG
+ * 3. Write X,M(=G, X, P) to memory blocks
+ * need to write data to each memory block only according to the length
+ * of the number.
+ * 4. Write M' to M_PRIME_REG
+ * 5. Write 1 to MODEXP_START_REG
+ * 6. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
+ * (Or until the INTER interrupt is generated.)
+ * 7. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
+ * 8. Write Y to RSA_X_MEM
+ * 9. Write 1 to RSA_MULT_START_REG
+ * 10. Wait for the second operation to be completed. Poll INTERRUPT_REG until it reads 1.
+ * 11. Read the Z from RSA_Z_MEM
+ * 12. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
+ * 13. Release the hw engine
+ */
+
+ if((ret = esp_mp_hw_wait_clean()) != MP_OKAY){
+ return ret;
+ }
+ /* step.1 512 bits => 16 words */
+ DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 4) - 1);
+
+ /* step.2 write X, M and r_inv into memory */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE, &r_inv, mp_count_bits(&r_inv),
+ hwWords_sz);
+ /* step.3 write M' into memory */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+ /* step.4 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.5,6 wait until done */
+ wait_uitil_done(RSA_INTERRUPT_REG);
+ /* step.7 Y to MEM_X */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, Y, Ys, hwWords_sz);
+
+ /* step.8 start process */
+ process_start(RSA_MULT_START_REG);
+
+ /* step.9,11 wait until done */
+ wait_uitil_done(RSA_INTERRUPT_REG);
+
+ /* step.12 read the result from MEM_Z */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
+
+ /* step.13 clear and release hw */
+ esp_mp_hw_unlock();
+
+ /* additional steps */
+ /* this needs for known issue when Z is greater than M */
+ if(mp_cmp(&tmpZ, M)==FP_GT) {
+ /* Z -= M */
+ mp_sub(&tmpZ, M, &tmpZ);
+ }
+ if(negcheck) {
+ mp_sub(M, &tmpZ, &tmpZ);
+ }
+
+ mp_copy(&tmpZ, Z);
+
+ mp_clear(&tmpZ);
+ mp_clear(&r_inv);
+
+ return ret;
+}
+/* Z = X^Y mod M */
+int esp_mp_exptmod(fp_int* X, fp_int* Y, word32 Ys, fp_int* M, fp_int* Z)
+{
+ int ret = 0;
+
+ word32 Xs;
+ word32 Ms;
+ word32 maxWords_sz;
+ word32 hwWords_sz;
+
+ mp_int r_inv;
+ mp_digit mp;
+
+ /* ask bits number */
+ Xs = mp_count_bits(X);
+ Ms = mp_count_bits(M);
+ /* maximum bits and words for writing to hw */
+ maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
+ hwWords_sz = words2hwords(maxWords_sz);
+
+ if((hwWords_sz<<5) > ESP_HW_RSAMAX_BIT) {
+ ESP_LOGE(TAG, "exceeds hw maximum bits");
+ return -2;
+ }
+ /* calculate r_inv = R^2 mode M
+ * where: R = b^n, and b = 2^32
+ * accordingly R^2 = 2^(n*32*2)
+ */
+ ret = mp_init(&r_inv);
+ if(ret == 0 && (ret = esp_get_rinv(&r_inv, M, (hwWords_sz<<6))) != MP_OKAY) {
+ ESP_LOGE(TAG, "calculate r_inv failed.");
+ mp_clear(&r_inv);
+ return ret;
+ }
+ /* lock and init the hw */
+ if((ret = esp_mp_hw_lock()) != MP_OKAY) {
+ mp_clear(&r_inv);
+ return ret;
+ }
+ /* calc M' */
+ /* if Pm is odd, uses mp_montgomery_setup() */
+ if((ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY) {
+ ESP_LOGE(TAG, "failed to calculate M dash");
+ mp_clear(&r_inv);
+ return -1;
+ }
+
+ /*Steps to use hw in the following order:
+ * 1. Write(N/512bits - 1) to MODEXP_MODE_REG
+ * 2. Write X, Y, M and r_inv to memory blocks
+ * need to write data to each memory block only according to the length
+ * of the number.
+ * 3. Write M' to M_PRIME_REG
+ * 4. Write 1 to MODEXP_START_REG
+ * 5. Wait for the operation to be done. Poll INTERRUPT_REG until it reads 1.
+ * (Or until the INTER interrupt is generated.)
+ * 6. Read the result Z(=Y) from Z_MEM
+ * 7. Write 1 to INTERRUPT_REG to clear the interrupt.
+ */
+ if((ret = esp_mp_hw_wait_clean()) != MP_OKAY){
+ return ret;
+ }
+
+ /* step.1 */
+ DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (hwWords_sz >> 4) - 1);
+ /* step.2 write G, X, P, r_inv and M' into memory */
+ esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
+ esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE, &r_inv, mp_count_bits(&r_inv),
+ hwWords_sz);
+ /* step.3 write M' into memory */
+ DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+ /* step.4 start process */
+ process_start(RSA_START_MODEXP_REG);
+
+ /* step.5 wait until done */
+ wait_uitil_done(RSA_INTERRUPT_REG);
+ /* step.6 read a result form memory */
+ esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
+ /* step.7 clear and release hw */
+ esp_mp_hw_unlock();
+
+ mp_clear(&r_inv);
+
+ return ret;
+}
+#endif /* !NO_RSA || HAVE_ECC */
+#endif /* (WOLFSS_ESP32WROOM32_CRYPT) && (NO_WOLFSSL_ESP32WROOM32_CRYPT_RES_PRI)*/
diff --git a/wolfcrypt/src/port/Espressif/esp32_sha.c b/wolfcrypt/src/port/Espressif/esp32_sha.c
new file mode 100644
index 0000000..94789cd
--- /dev/null
+++ b/wolfcrypt/src/port/Espressif/esp32_sha.c
@@ -0,0 +1,434 @@
+/* esp32_sha.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+ #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_SHA) || !defined(NO_SHA256) || defined(WC_SHA384) || \
+ defined(WC_SHA512)
+
+#include "wolfssl/wolfcrypt/logging.h"
+
+
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/sha512.h>
+
+#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
+#include "wolfssl/wolfcrypt/error-crypt.h"
+
+#ifdef NO_INLINE
+ #include <wolfssl/wolfcrypt/misc.h>
+#else
+ #define WOLFSSL_MISC_INCLUDED
+ #include <wolfcrypt/src/misc.c>
+#endif
+
+static const char* TAG = "wolf_hw_sha";
+/* continue register offset */
+#define CONTINUE_REG_OFFSET (0x04) /* start_reg + 0x04 */
+
+#ifdef NO_SHA
+ #define WC_SHA_DIGEST_SIZE 20
+#endif
+/* mutex */
+#if defined(SINGLE_THREADED)
+static int InUse = 0;
+#else
+static wolfSSL_Mutex sha_mutex;
+static int espsha_CryptHwMutexInit = 0;
+#endif
+/*
+ enum SHA_TYPE {
+ SHA1 = 0,
+ SHA2_256,
+ SHA2_384,
+ SHA2_512,
+ SHA_INVALID = -1,
+ };
+*/
+static word32 esp_sha_digest_size(enum SHA_TYPE type)
+{
+ ESP_LOGV(TAG, "enter esp_sha_digest_size");
+
+ switch(type){
+#ifndef NO_SHA
+ case SHA1:
+ return WC_SHA_DIGEST_SIZE;
+#endif
+#ifndef NO_SHA256
+ case SHA2_256:
+ return WC_SHA256_DIGEST_SIZE;
+#endif
+#ifdef WOLFSSL_SHA384
+ case SHA2_384:
+ return WC_SHA384_DIGEST_SIZE;
+#endif
+#ifdef WOLFSSL_SHA512
+ case SHA2_512:
+ return WC_SHA512_DIGEST_SIZE;
+#endif
+ default:
+ ESP_LOGE(TAG, "Bad sha type");
+ return WC_SHA_DIGEST_SIZE;
+ }
+ ESP_LOGV(TAG, "leave esp_sha_digest_size");
+}
+/*
+* wait until engines becomes idle
+*/
+static void esp_wait_until_idle()
+{
+ while((DPORT_REG_READ(SHA_1_BUSY_REG) !=0) ||
+ (DPORT_REG_READ(SHA_256_BUSY_REG)!=0) ||
+ (DPORT_REG_READ(SHA_384_BUSY_REG)!=0) ||
+ (DPORT_REG_READ(SHA_512_BUSY_REG)!=0)){ }
+}
+/*
+* lock hw engine.
+* this should be called before using engine.
+*/
+int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
+{
+ int ret = 0;
+
+ ESP_LOGV(TAG, "enter esp_sha_hw_lock");
+
+ /* Init mutex */
+#if defined(SINGLE_THREADED)
+ if(ctx->mode == ESP32_SHA_INIT) {
+ if(!InUse) {
+ ctx->mode = ESP32_SHA_HW;
+ InUse = 1;
+ } else {
+ ctx->mode = ESP32_SHA_SW;
+ }
+ } else {
+ /* this should not happens */
+ ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
+ return -1;
+ }
+#else
+ if(espsha_CryptHwMutexInit == 0){
+ ret = esp_CryptHwMutexInit(&sha_mutex);
+ if(ret == 0) {
+ espsha_CryptHwMutexInit = 1;
+ } else {
+ ESP_LOGE(TAG, " mutex initialization failed.");
+ ctx->mode = ESP32_SHA_SW;
+ return 0;
+ }
+ }
+ /* check if this sha has been operated as sw or hw, or not yet init */
+ if(ctx->mode == ESP32_SHA_INIT){
+ /* try to lock the hw engine */
+ if(esp_CryptHwMutexLock(&sha_mutex, (TickType_t)0) == 0) {
+ ctx->mode = ESP32_SHA_HW;
+ } else {
+ ESP_LOGI(TAG, "someone used. hw is locked.....");
+ ESP_LOGI(TAG, "the rest of operation will use sw implementation for this sha");
+ ctx->mode = ESP32_SHA_SW;
+ return 0;
+ }
+ } else {
+ /* this should not happens */
+ ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
+ return -1;
+ }
+#endif
+ /* Enable SHA hardware */
+ periph_module_enable(PERIPH_SHA_MODULE);
+
+ ESP_LOGV(TAG, "leave esp_sha_hw_lock");
+ return ret;
+}
+/*
+* release hw engine
+*/
+void esp_sha_hw_unlock( void )
+{
+ ESP_LOGV(TAG, "enter esp_sha_hw_unlock");
+
+ /* Disable AES hardware */
+ periph_module_disable(PERIPH_SHA_MODULE);
+#if defined(SINGLE_THREADED)
+ InUse = 0;
+#else
+ /* unlock hw engine for next use */
+ esp_CryptHwMutexUnLock(&sha_mutex);
+#endif
+ ESP_LOGV(TAG, "leave esp_sha_hw_unlock");
+}
+/*
+* start sha process by using hw engine
+*/
+static void esp_sha_start_process(WC_ESP32SHA* sha, word32 address)
+{
+ ESP_LOGV(TAG, "enter esp_sha_start_process");
+
+ if(sha->isfirstblock){
+ /* start first message block */
+ DPORT_REG_WRITE(address, 1);
+ sha->isfirstblock = 0;
+ } else {
+ /* CONTINU_REG */
+ DPORT_REG_WRITE(address + CONTINUE_REG_OFFSET , 1);
+ }
+
+ ESP_LOGV(TAG, "leave esp_sha_start_process");
+}
+/*
+* process message block
+*/
+static void esp_process_block(WC_ESP32SHA* ctx, word32 address,
+ const word32* data, word32 len)
+{
+ int i;
+
+ ESP_LOGV(TAG, "enter esp_process_block");
+
+ /* check if there are any busy engine */
+ esp_wait_until_idle();
+ /* load message data into hw */
+ for(i=0;i<((len)/(sizeof(word32)));++i){
+ DPORT_REG_WRITE(SHA_TEXT_BASE+(i*sizeof(word32)),*(data+i));
+ }
+ /* notify hw to start process */
+ esp_sha_start_process(ctx, address);
+
+ ESP_LOGV(TAG, "leave esp_process_block");
+}
+/*
+* retrieve sha digest from memory
+*/
+static void esp_digest_state(WC_ESP32SHA* ctx, byte* hash, enum SHA_TYPE sha_type)
+{
+ /* registers */
+ word32 SHA_LOAD_REG = SHA_1_LOAD_REG;
+ word32 SHA_BUSY_REG = SHA_1_BUSY_REG;
+
+ ESP_LOGV(TAG, "enter esp_digest_state");
+
+ /* sanity check */
+ if(sha_type == SHA_INVALID) {
+ ESP_LOGE(TAG, "unexpected error. sha_type is invalid.");
+ return;
+ }
+
+ SHA_LOAD_REG += (sha_type << 4);
+ SHA_BUSY_REG += (sha_type << 4);
+
+ if(ctx->isfirstblock == 1){
+ /* no hardware use yet. Nothing to do yet */
+ return ;
+ }
+
+ /* wait until idle */
+ esp_wait_until_idle();
+
+ /* LOAD final digest */
+ DPORT_REG_WRITE(SHA_LOAD_REG, 1);
+ /* wait until done */
+ while(DPORT_REG_READ(SHA_BUSY_REG) == 1){ }
+
+ esp_dport_access_read_buffer((word32*)(hash), SHA_TEXT_BASE,
+ esp_sha_digest_size(sha_type)/sizeof(word32));
+
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+ if(sha_type==SHA2_384||sha_type==SHA2_512) {
+ word32 i;
+ word32* pwrd1 = (word32*)(hash);
+ /* swap value */
+ for(i = 0; i <WC_SHA512_DIGEST_SIZE/4; i+=2 ) {
+ pwrd1[i] ^= pwrd1[i+1];
+ pwrd1[i+1]^= pwrd1[i];
+ pwrd1[i] ^= pwrd1[i+1];
+ }
+ }
+#endif
+
+ ESP_LOGV(TAG, "leave esp_digest_state");
+}
+
+#ifndef NO_SHA
+/*
+* sha1 process
+*/
+int esp_sha_process(struct wc_Sha* sha, const byte* data)
+{
+ int ret = 0;
+
+ ESP_LOGV(TAG, "enter esp_sha_process");
+
+ word32 SHA_START_REG = SHA_1_START_REG;
+
+ esp_process_block(&sha->ctx, SHA_START_REG, (const word32*)data,
+ WC_SHA_BLOCK_SIZE);
+
+ ESP_LOGV(TAG, "leave esp_sha_process");
+ return ret;
+}
+/*
+* retrieve sha1 digest
+*/
+int esp_sha_digest_process(struct wc_Sha* sha, byte blockproc)
+{
+ int ret = 0;
+
+ ESP_LOGV(TAG, "enter esp_sha_digest_process");
+
+ if(blockproc) {
+ word32 SHA_START_REG = SHA_1_START_REG;
+
+ esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
+ WC_SHA_BLOCK_SIZE);
+ }
+
+ esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA1);
+
+ ESP_LOGV(TAG, "leave esp_sha_digest_process");
+
+ return ret;
+}
+#endif /* NO_SHA */
+
+
+#ifndef NO_SHA256
+/*
+* sha256 process
+*/
+int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
+{
+ int ret = 0;
+ word32 SHA_START_REG = SHA_1_START_REG;
+
+ ESP_LOGV(TAG, "enter esp_sha256_process");
+
+ /* start register offset */
+ SHA_START_REG += (SHA2_256 << 4);
+
+ esp_process_block(&sha->ctx, SHA_START_REG, (const word32*)data,
+ WC_SHA256_BLOCK_SIZE);
+
+ ESP_LOGV(TAG, "leave esp_sha256_process");
+
+ return ret;
+}
+/*
+* retrieve sha256 digest
+*/
+int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockproc)
+{
+ int ret = 0;
+
+ ESP_LOGV(TAG, "enter esp_sha256_digest_process");
+
+ if(blockproc) {
+ word32 SHA_START_REG = SHA_1_START_REG + (SHA2_256 << 4);
+
+ esp_process_block(&sha->ctx, SHA_START_REG, sha->buffer,
+ WC_SHA256_BLOCK_SIZE);
+ }
+
+ esp_digest_state(&sha->ctx, (byte*)sha->digest, SHA2_256);
+
+ ESP_LOGV(TAG, "leave esp_sha256_digest_process");
+ return ret;
+}
+#endif /* NO_SHA256 */
+
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+/*
+* sha512 proess. this is used for sha384 too.
+*/
+void esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
+{
+ enum SHA_TYPE sha_type = sha->ctx.sha_type;
+ word32 SHA_START_REG = SHA_1_START_REG;
+
+ ESP_LOGV(TAG, "enter esp_sha512_block");
+ /* start register offset */
+ SHA_START_REG += (sha_type << 4);
+
+ if(sha->ctx.mode == ESP32_SHA_SW){
+ ByteReverseWords64(sha->buffer, sha->buffer,
+ WC_SHA512_BLOCK_SIZE);
+ if(isfinal){
+ sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha->hiLen;
+ sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha->loLen;
+ }
+
+ } else {
+ ByteReverseWords((word32*)sha->buffer, (word32*)sha->buffer,
+ WC_SHA512_BLOCK_SIZE);
+ if(isfinal){
+ sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] =
+ rotlFixed64(sha->hiLen, 32U);
+ sha->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] =
+ rotlFixed64(sha->loLen, 32U);
+ }
+
+ esp_process_block(&sha->ctx, SHA_START_REG, data, WC_SHA512_BLOCK_SIZE);
+ }
+ ESP_LOGV(TAG, "leave esp_sha512_block");
+}
+/*
+* sha512 process. this is used for sha384 too.
+*/
+int esp_sha512_process(struct wc_Sha512* sha)
+{
+ word32 *data = (word32*)sha->buffer;
+
+ ESP_LOGV(TAG, "enter esp_sha512_process");
+
+ esp_sha512_block(sha, data, 0);
+
+ ESP_LOGV(TAG, "leave esp_sha512_process");
+ return 0;
+}
+/*
+* retrieve sha512 digest. this is used for sha384 too.
+*/
+int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
+{
+ ESP_LOGV(TAG, "enter esp_sha512_digest_process");
+
+ if(blockproc) {
+ word32* data = (word32*)sha->buffer;
+
+ esp_sha512_block(sha, data, 1);
+ }
+ if(sha->ctx.mode != ESP32_SHA_SW)
+ esp_digest_state(&sha->ctx, (byte*)sha->digest, sha->ctx.sha_type);
+
+ ESP_LOGV(TAG, "leave esp_sha512_digest_process");
+ return 0;
+}
+#endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
+#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* !defined(NO_SHA) ||... */
diff --git a/wolfcrypt/src/port/Espressif/esp32_util.c b/wolfcrypt/src/port/Espressif/esp32_util.c
new file mode 100644
index 0000000..b501b5e
--- /dev/null
+++ b/wolfcrypt/src/port/Espressif/esp32_util.c
@@ -0,0 +1,67 @@
+/* esp32_util.c
+ *
+ * Copyright (C) 2006-2020 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+ (!defined(NO_AES) || !defined(NO_SHA) || !defined(NO_SHA256) ||\
+ defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
+
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+
+int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
+ return wc_InitMutex(mutex);
+}
+
+int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBlockTime) {
+#ifdef SINGLE_THREADED
+ return wc_LockMutex(mutex);
+#else
+ return ((xSemaphoreTake( *mutex, xBlockTime ) == pdTRUE) ? 0 : BAD_MUTEX_E);
+#endif
+}
+
+int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
+ return wc_UnLockMutex(mutex);
+}
+
+#endif
+
+#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+
+#include "esp_timer.h"
+#include "esp_log.h"
+
+static uint64_t startTime = 0;
+
+
+void wc_esp32TimerStart()
+{
+ startTime = esp_timer_get_time();
+}
+
+uint64_t wc_esp32elapsedTime()
+{
+ /* return elapsed time since wc_esp32AesTimeStart() is called in us */
+ return esp_timer_get_time() - startTime;
+}
+
+#endif /*WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-25 07:46:29 +0000