arch/xtensa/espressif: Add SHA accelerator features

Add SHA accelerator features for esp32[-s2|-s3] Signed-off-by: Eren Terzioglu <eren.terzioglu@espressif.com>
2026-05-22 22:20:01 +08:00 · 2026-02-10 14:25:22 +01:00
parent c1f542687b
commit 515e87391a
1 changed files with 128 additions and 5 deletions
@@ -59,6 +59,46 @@ SLIST_HEAD(esp_crypto_list, esp_crypto_data);
 static struct esp_crypto_list *g_esp_sessions = NULL;
 static uint32_t g_esp_sesnum = 0;

+const struct auth_hash g_auth_hash_sha1_esp =
+{
+  CRYPTO_SHA1, "SHA1",
+  0, 20, 12, sizeof(struct esp_sha1_context_s),
+  0,
+  sha1_init, NULL, NULL,
+  sha1_update,
+  sha1_final
+};
+
+const struct auth_hash g_auth_hash_sha256_esp =
+{
+  CRYPTO_SHA2_256, "SHA256",
+  0, 32, 12, sizeof(struct esp_sha256_context_s),
+  0,
+  sha256_init, NULL, NULL,
+  sha256_update,
+  sha256_final
+};
+
+const struct auth_hash g_auth_hash_sha384_esp =
+{
+  CRYPTO_SHA2_384, "SHA384",
+  0, 48, 12, sizeof(struct esp_sha512_context_s),
+  0,
+  sha384_init, NULL, NULL,
+  sha512_update,
+  sha512_final
+};
+
+const struct auth_hash g_auth_hash_sha512_esp =
+{
+  CRYPTO_SHA2_512, "SHA512",
+  0, 64, 12, sizeof(struct esp_sha512_context_s),
+  0,
+  sha512_init, NULL, NULL,
+  sha512_update,
+  sha512_final
+};
+
 const struct auth_hash g_auth_hash_hmac_sha1_esp =
 {
  CRYPTO_SHA1_HMAC, "HMAC-SHA1",
@@ -344,6 +384,50 @@ static void sha512_final(uint8_t *out, void *ctx)
                        (unsigned char *)out);
 }

+/****************************************************************************
+ * Name: hash
+ *
+ * Description:
+ *   Calculate the hash.
+ *
+ * Input Parameters:
+ *   crp      - The description of the crypto operation
+ *   crd      - Boundaries of the crypto operation
+ *   data     - Specific crypto operation data
+ *   buf      - Input data to be hashed
+ *
+ * Returned Value:
+ *   OK is returned on success.
+ *   Otherwise, a negated errno value is returned.
+ *
+ ****************************************************************************/
+
+static int hash(struct cryptop *crp,
+                struct cryptodesc *crd,
+                struct esp_crypto_data *data,
+                caddr_t buf)
+{
+  const struct auth_hash *axf;
+
+  if (data->hw_ictx == 0)
+    {
+      return -EINVAL;
+    }
+
+  axf = data->hw_axf;
+
+  if (crd->crd_flags & CRD_F_UPDATE)
+    {
+      return axf->update(data->hw_ictx, (uint8_t *)buf, crd->crd_len);
+    }
+  else
+    {
+      axf->final((uint8_t *)crp->crp_mac, data->hw_ictx);
+    }
+
+  return 0;
+}
+
 /****************************************************************************
 * Name: authcompute
 *
@@ -390,6 +474,8 @@ static int authcompute(struct cryptop *crp, struct cryptodesc *crd,
    {
      case CRYPTO_SHA1_HMAC:
      case CRYPTO_SHA2_256_HMAC:
+      case CRYPTO_SHA2_384_HMAC:
+      case CRYPTO_SHA2_512_HMAC:
        if (data->hw_octx == NULL)
          {
            return -EINVAL;
@@ -488,19 +574,42 @@ static int esp_newsession(uint32_t *sid, struct cryptoini *cri)

      switch (cri->cri_alg)
        {
+          case CRYPTO_SHA1:
+            axf = &g_auth_hash_sha1_esp;
+            goto sha_common;
+          case CRYPTO_SHA2_256:
+            axf = &g_auth_hash_sha256_esp;
+            goto sha_common;
+          case CRYPTO_SHA2_384:
+            axf = &g_auth_hash_sha384_esp;
+            goto sha_common;
+          case CRYPTO_SHA2_512:
+            axf = &g_auth_hash_sha512_esp;
+            goto sha_common;
+          sha_common:
+              data->hw_ictx = kmm_malloc(axf->ctxsize);
+              if (data->hw_ictx == NULL)
+                {
+                  kmm_free(data);
+                  return -ENOBUFS;
+                }
+
+              axf->init(data->hw_ictx);
+              data->hw_axf = axf;
+            break;
          case CRYPTO_SHA1_HMAC:
            axf = &g_auth_hash_hmac_sha1_esp;
-            goto common;
+            goto hmac_common;
          case CRYPTO_SHA2_256_HMAC:
            axf = &g_auth_hash_hmac_sha256_esp;
-            goto common;
+            goto hmac_common;
          case CRYPTO_SHA2_384_HMAC:
            axf = &g_auth_hash_hmac_sha384_esp;
-            goto common;
+            goto hmac_common;
          case CRYPTO_SHA2_512_HMAC:
            axf = &g_auth_hash_hmac_sha512_esp;
-            goto common;
-          common:
+            goto hmac_common;
+          hmac_common:
            data->hw_ictx = kmm_malloc(axf->ctxsize);
            if (data->hw_ictx == NULL)
              {
@@ -684,6 +793,16 @@ static int esp_process(struct cryptop *crp)

      switch (data->alg)
        {
+          case CRYPTO_SHA1:
+          case CRYPTO_SHA2_256:
+          case CRYPTO_SHA2_384:
+          case CRYPTO_SHA2_512:
+            if ((crp->crp_etype = hash(crp, crd, data,
+                crp->crp_buf)) != 0)
+              {
+                return 0;
+              }
+            break;
          case CRYPTO_SHA1_HMAC:
          case CRYPTO_SHA2_256_HMAC:
          case CRYPTO_SHA2_384_HMAC:
@@ -727,6 +846,10 @@ void hwcr_init(void)

  memset(algs, 0, sizeof(algs));

+  algs[CRYPTO_SHA1] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA2_256] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA2_384] = CRYPTO_ALG_FLAG_SUPPORTED;
+  algs[CRYPTO_SHA2_512] = CRYPTO_ALG_FLAG_SUPPORTED;
  algs[CRYPTO_SHA1_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
  algs[CRYPTO_SHA2_256_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;
  algs[CRYPTO_SHA2_384_HMAC] = CRYPTO_ALG_FLAG_SUPPORTED;