-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
drivers:crypto:hisilicon:Add HASH and HMAC algorithm #6823
Conversation
I'm concerned with the header files in I would prefer if all .h files here were kept in |
The header files in core/drivers/crypto/hisilicon/includes are only used by the source files in core/drivers/crypto/hisilicon, so I also think it would be better to put all .h files in core/drivers/crypto/hisilicon/. |
Thanks, then we're on the same page. Please add a patch on top of this that moves the .h files as we agreed. |
e180d37
to
f108abf
Compare
@@ -49,6 +49,298 @@ | |||
#define SEC_ICV_LEN_OFFSET_V3 4 | |||
#define SEC_DK_LEN_OFFSET_V3 16 | |||
#define SEC_KEY_SEL_OFFSET_V3 21 | |||
#define SEC_GET_FIELD(val, mask, shift) (((val) & (mask)) >> (shift)) | |||
#define ALIGN(_val, _size) \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please use ROUNDUP()
from <util.h>
instead.
if (ctx->has_next && !ctx->iv_len) { | ||
/* LONG BD FIRST */ | ||
sqe->ai_apd_cs |= AI_GEN_INNER; | ||
sqe->ai_apd_cs |= (AUTHPAD_NOPAD << SEC_APAD_OFFSET); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
SHIFT_U32()
or SHIFT_U64()
are generally preferred since they are safer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ai_apd_cs is u8
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure in this particular case there no issue since SEC_APAD_OFFSET
is 2
, but you you need to crosscheck to see that it isn't 31 in case AUTHPAD_NOPAD
is a signed 32-bit integer. So it's better to use these shift macros where possible.
* To ensure in data is NULL, reset ctx need to free in data | ||
* which is not NULL. | ||
*/ | ||
if (hash_ctx->in) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's no need to check this since free(NULL)
does nothing.
|
||
static TEE_Result sec_hash_initialize(struct crypto_hash_ctx *ctx) | ||
{ | ||
struct crypto_hash *hash; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please initialize all local variables. Same for the rest of this file.
out_hash_ctx->long_data_len = in_hash_ctx->long_data_len; | ||
|
||
if (in_hash_ctx->in) { | ||
out_hash_ctx->in = (uint8_t *)malloc(out_hash_ctx->buf_len); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to cast void pointers.
.copy_state = sec_hash_copy_state, | ||
}; | ||
|
||
struct crypto_hash *to_hash_ctx(struct crypto_hash_ctx *ctx) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function should be static
return HISI_QM_DRVCRYPT_NO_ERR; | ||
} | ||
|
||
TEE_Result sec_digest_ctx_init(struct hashctx *hash_ctx, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Global functions should use a prefix. Wouldn't hisi_sec_
make sense in this file? Same for all the other globals in this file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will use hisi_sec_
as a prefix for global functions, thanks.
} | ||
|
||
hash = to_hmac_ctx(ctx); | ||
if (!hash) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
to_hmac_ctx()
doesn't return NULL.
.copy_state = sec_hmac_copy_state, | ||
}; | ||
|
||
struct crypto_hmac *to_hmac_ctx(struct crypto_mac_ctx *ctx) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function should be static.
c245159
to
55d4ac6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the title of the commit messages, please add a single space after each colon.
|
||
static enum hisi_drv_status sec_digest_fill_bd3_sqe(void *bd, void *msg) | ||
{ | ||
struct hisi_sec_bd3_sqe *sqe = (struct hisi_sec_bd3_sqe *)bd; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to cast a void pointer, same below.
struct hashctx *ctx = (struct hashctx *)msg; | ||
uint32_t alg_type = 0; | ||
|
||
sqe->bd_param = (BD_TYPE3 | SHIFT_U32(ctx->scene, SEC_SCENE_OFFSET_V3)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The outer ()
are not needed.
return HISI_QM_DRVCRYPT_IN_EPARA; | ||
} | ||
|
||
sqe->auth_mac_key |= SHIFT_U64((ctx->mac_len / SEC_ENCODE_BYTES), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The inner ()
are not needed.
return TEE_ERROR_BAD_PARAMETERS; | ||
} | ||
|
||
hash = (struct crypto_hash *)calloc(1, sizeof(*hash)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to cast a void pointer, please fix all the places in this patch.
|
Add HASH and HMAC algorithm by SEC, and support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, SM3, and HMAC algorithms based on these algorithms. Signed-off-by: leisen <leisen1@huawei.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
The header files in core/drivers/crypto/hisilicon/includes are only used by the source files in core/drivers/crypto/hisilicon, so move the header file from core/drivers/crypto/hisilicon/include to core/drivers/crypto/hisilicon/. Signed-off-by: leisen <leisen1@huawei.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Hi @jforissier ,all review comments have been modified. Can you help me merge the patch? |
A few space characters added to the second commit subject, and pushed to master. Thanks! |
Add HASH and HMAC algorithm by SEC, and support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, SM3, and HMAC algorithms based on these algorithms.