NUCLEO_F756ZG / mbedTLS: MD5 hw acceleration #4156
Conversation
|
|
||
| #define MBEDTLS_MD5_C |
There was a problem hiding this comment.
@adustm I am not sure this was removed
| */ | ||
| void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen ) | ||
| { | ||
| HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)input, ilen); |
There was a problem hiding this comment.
what if ilen < 64?
Don't you need some accumulation buffer like in the SHA1 use case? Is this done in HAL_HASH_MD5_Accumulate?
| { | ||
| __HAL_HASH_START_DIGEST(); | ||
|
|
||
| HAL_HASH_MD5_Finish(&ctx->hhash_md5, output, 10); |
There was a problem hiding this comment.
Disregard, I understand now this is timeout value, and not length
| */ | ||
| typedef struct | ||
| { | ||
| uint32_t total[2]; /*!< number of bytes processed */ |
There was a problem hiding this comment.
ok to remove. They are unused
| typedef struct | ||
| { | ||
| uint32_t total[2]; /*!< number of bytes processed */ | ||
| uint32_t state[4]; /*!< intermediate digest state */ |
There was a problem hiding this comment.
ok to remove. They are unused
| { | ||
| uint32_t total[2]; /*!< number of bytes processed */ | ||
| uint32_t state[4]; /*!< intermediate digest state */ | ||
| unsigned char buffer[64]; /*!< data block being processed */ |
There was a problem hiding this comment.
ok to remove. They are unused
|
|
||
| #if defined(MBEDTLS_MD5_ALT) | ||
| #include "mbedtls/platform.h" | ||
| #include "mbedtls/config.h" |
There was a problem hiding this comment.
is this include needed? isn't it already included in md5.h and md5.c before the inclusion of md5_alt.h?
Please check what header files inclusions are needed in this header files, and what should be moved to md5_alt.c file
| #endif | ||
|
|
||
| #ifdef __cplusplus | ||
| extern "C" { |
| #endif | ||
|
|
||
| #ifdef __cplusplus | ||
| } |
adustm
force-pushed
the
STM_md5_f756zg
branch
2 times, most recently
from
00f86c1 to
13561ef
Compare
|
/morph test-nightly |
Result: FAILUREYour command has finished executing! Here's what you wrote!
OutputTest failed! |
+ remove unused includes files
|
Hello, could you let me know what is wrong with the
, please ? |
| void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] ); | ||
|
|
||
| /* Internal use */ | ||
| void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] ); |
There was a problem hiding this comment.
change 64 to MBEDTLS_MD5_BLOCK_SIZE
There was a problem hiding this comment.
According to my interpretation of the HAL documentation, mbedtls_md5_update will not work with input buffers of size that is not a multiple of 64. This could be tested with ad hoc tests, or by performing an RSA PSS signature off-device and checking it on the device.
| mbedtls_md5_process(ctx, ctx->sbuf); | ||
| // now process every input as long as it is %4 bytes | ||
| size_t iter = currentlen / 4; | ||
| HAL_HASH_MD5_Accumulate(&ctx->hhash_md5, (uint8_t *)(input+MBEDTLS_MD5_BLOCK_SIZE-ctx->sbuf_len), (iter*4)); |
There was a problem hiding this comment.
The documentation of HAL_HASH_MD5_Accumulate states:
If the Size is multiple of 64 bytes, appending the input buffer is possible.
If the Size is not multiple of 64 bytes, the padding is managed by hardware and appending the input buffer is no more possible.
So I don't think this code is correct: it can process blocks of 4 bytes. My understanding is that every block other than the last block must have a size that is a multiple of 64.
The documentation is slightly different for SHA-1 and SHA-256, see https://github.com/ARMmbed/mbed-os/pull/4159/files#r118019139
|
Same come comment as @gilles-peskine-arm. Otherwise same comments as #4162. |
# Conflicts: # features/mbedtls/targets/TARGET_STM/md5_alt.h
|
Hello, @0xc0170 do you know what is failing in the Cam-CI uvisor Build & Test script ? |
It's uvisor related issue , @Patater can you please help? Anyway, this is sent to workshop branch, the most of work was already pushed to master, shall this be rebased and redirected to master? @sbutcher-arm @sg- what do you think ? We got couple of similar PR. |
|
If this PR is rebased and redirected to master, the uVisor CI will have a chance of passing. As of now, the workshop branch is too old to work with uVisor CI due to uVisor tests needing RTX5. |
|
Hello, |
|
I cannot rebase, as the workshop branch is far from the master branch. You first have to merge the workshop branch in the master branch. Or would it be acceptable that you bypass the Cam-CI uvisor Build & Test check when you merge in a branch that is not the master ? This check will be repassed when the workshop branch will be merged into the master branch anyway? Kind regards |
|
Hello @adbridge @0xc0170 cc @screamerbg |
|
@adustm This PR needs to be redirected to master and then rebased once done (it is still raised against the workshop branch.) |
Description
mbedtls_MD5 hw acceleration for NUCLEO_F756ZG
Status
READY
Related PRs
This PR is the same as #3956, but based on another mbed-os branch
** This PR needs #3954 + #3950 to be merged first**
Steps to test or reproduce
same as in #3950