espressif/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2026-04-27 19:13:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix/externsive_mbedtls_aes_sha_tests' into 'master'

Browse Source 
Re-introduce the extensive mbedtls AES and SHA tests

Closes SHA-512

See merge request espressif/esp-idf!45489
This commit is contained in:
Mahavir Jain
2026-02-04 18:33:57 +05:30
parent 4159b79b54 2bc49effb4
commit f2635f98d9
14 changed files with 4570 additions and 779 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/esp_tee/test_apps/tee_test_fw/main/CMakeLists.txt
+2 -2
View File
@@ -25,7 +25,7 @@ set(mbedtls_test_srcs_dir "${idf_path}/components/mbedtls/test_apps/main")
if(CONFIG_SOC_AES_SUPPORTED)
list(APPEND srcs "${mbedtls_test_srcs_dir}/test_psa_aes.c"
"${mbedtls_test_srcs_dir}/test_psa_aes_gcm.c"
"${mbedtls_test_srcs_dir}/test_aes_perf.c"
"${mbedtls_test_srcs_dir}/test_psa_aes_perf.c"
)
endif()
@@ -37,7 +37,7 @@ endif()
# Mixed
if(CONFIG_SOC_AES_SUPPORTED AND CONFIG_SOC_SHA_SUPPORTED)
list(APPEND srcs "${mbedtls_test_srcs_dir}/test_aes_sha_parallel.c")
list(APPEND srcs "${mbedtls_test_srcs_dir}/test_psa_aes_sha_parallel.c")
endif()
#ECC
components/mbedtls/port/psa_driver/esp_sha/parallel_engine/psa_crypto_driver_esp_sha512.c
+5 -5
View File
@@ -5,7 +5,7 @@
*
* SPDX-License-Identifier: Apache-2.0
*
* SPDX-FileContributor: 2025 Espressif Systems (Shanghai) CO LTD
* SPDX-FileContributor: 2025-2026 Espressif Systems (Shanghai) CO LTD
*/
#include <string.h>
@@ -211,17 +211,17 @@ static int esp_internal_sha512_parallel_engine_process( esp_sha512_context *ctx,
{
bool first_block = false;
if (ctx->mode == ESP_SHA_MODE_UNUSED) {
if (ctx->operation_mode == ESP_SHA_MODE_UNUSED) {
/* try to use hardware for this digest */
if (esp_sha_try_lock_engine(sha_type(ctx))) {
ctx->mode = ESP_SHA_MODE_HARDWARE;
ctx->operation_mode = ESP_SHA_MODE_HARDWARE;
first_block = true;
} else {
ctx->mode = ESP_SHA_MODE_SOFTWARE;
ctx->operation_mode = ESP_SHA_MODE_SOFTWARE;
}
}
if (ctx->mode == ESP_SHA_MODE_HARDWARE) {
if (ctx->operation_mode == ESP_SHA_MODE_HARDWARE) {
esp_sha_block(sha_type(ctx), data, first_block);
if (read_digest) {
esp_sha_read_digest_state(sha_type(ctx), ctx->state);
components/mbedtls/test_apps/.build-test-rules.yml
+3 -1
View File
@@ -2,10 +2,12 @@
components/mbedtls/test_apps:
disable:
- if: CONFIG_NAME == "aes_no_hw" and SOC_AES_SUPPORTED != 1
- if: CONFIG_NAME == "psram" and SOC_SPIRAM_SUPPORTED != 1
- if: CONFIG_NAME == "psram_all_ext" and SOC_SPIRAM_SUPPORTED != 1
- if: CONFIG_NAME == "ecdsa_sign" and SOC_ECDSA_SUPPORTED != 1
- if: CONFIG_NAME == "psram_all_ext_flash_enc" and SOC_SPIRAM_SUPPORTED != 1
- if: CONFIG_NAME == "psram_all_ext_flash_enc_f4r8" and IDF_TARGET != "esp32s3"
- if: CONFIG_NAME == "ecdsa_sign" and SOC_ECDSA_SUPPORTED != 1
disable_test:
- if: CONFIG_NAME == "psram_all_ext_flash_enc" and IDF_TARGET not in ["esp32", "esp32p4", "esp32c5"]
reason: lack of runners
components/mbedtls/test_apps/main/test_psa_aes.c
+2675 -261
View File
File diff suppressed because it is too large Load Diff
components/mbedtls/test_apps/main/test_psa_aes_gcm.c
+947 -160
View File
File diff suppressed because it is too large Load Diff
components/mbedtls/test_apps/main/test_aes_perf.c → components/mbedtls/test_apps/main/test_psa_aes_perf.c
View File
components/mbedtls/test_apps/main/test_aes_sha_parallel.c → components/mbedtls/test_apps/main/test_psa_aes_sha_parallel.c
View File
components/mbedtls/test_apps/main/test_aes_sha_rsa.c → components/mbedtls/test_apps/main/test_psa_aes_sha_rsa.c
View File
components/mbedtls/test_apps/main/test_psa_sha.c
+776
View File
@@ -0,0 +1,776 @@
/*
* SPDX-FileCopyrightText: 2026 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
#include <string.h>
#include <stdio.h>
#include <stdbool.h>
#include <esp_system.h>
#include "psa/crypto.h"
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "unity.h"
#include "sdkconfig.h"
#include "test_apb_dport_access.h"
#include "soc/soc_caps.h"
#include "test_utils.h"
#include "esp_memory_utils.h"
#if CONFIG_MBEDTLS_HARDWARE_SHA
static const unsigned char *one_hundred_as = (unsigned char *)
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
static const unsigned char *one_hundred_bs = (unsigned char *)
"bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
static const uint8_t sha256_thousand_as[32] = {
0x41, 0xed, 0xec, 0xe4, 0x2d, 0x63, 0xe8, 0xd9, 0xbf, 0x51, 0x5a, 0x9b, 0xa6, 0x93, 0x2e, 0x1c,
0x20, 0xcb, 0xc9, 0xf5, 0xa5, 0xd1, 0x34, 0x64, 0x5a, 0xdb, 0x5d, 0xb1, 0xb9, 0x73, 0x7e, 0xa3
};
static const uint8_t sha256_thousand_bs[32] = {
0xf6, 0xf1, 0x18, 0xe1, 0x20, 0xe5, 0x2b, 0xe0, 0xbd, 0x0c, 0xfd, 0xf2, 0x79, 0x4c, 0xd1, 0x2c, 0x07, 0x68, 0x6c, 0xc8, 0x71, 0x23, 0x5a, 0xc2, 0xf1, 0x14, 0x59, 0x37, 0x8e, 0x6d, 0x23, 0x5b
};
static const uint8_t sha512_thousand_bs[64] = {
0xa6, 0x68, 0x68, 0xa3, 0x73, 0x53, 0x2a, 0x5c, 0xc3, 0x3f, 0xbf, 0x43, 0x4e, 0xba, 0x10, 0x86, 0xb3, 0x87, 0x09, 0xe9, 0x14, 0x3f, 0xbf, 0x37, 0x67, 0x8d, 0x43, 0xd9, 0x9b, 0x95, 0x08, 0xd5, 0x80, 0x2d, 0xbe, 0x9d, 0xe9, 0x1a, 0x54, 0xab, 0x9e, 0xbc, 0x8a, 0x08, 0xa0, 0x1a, 0x89, 0xd8, 0x72, 0x68, 0xdf, 0x52, 0x69, 0x7f, 0x1c, 0x70, 0xda, 0xe8, 0x3f, 0xe5, 0xae, 0x5a, 0xfc, 0x9d
};
static const uint8_t sha384_thousand_bs[48] = {
0x6d, 0xe5, 0xf5, 0x88, 0x57, 0x60, 0x83, 0xff, 0x7c, 0x94, 0x61, 0x5f, 0x8d, 0x96, 0xf2, 0x76, 0xd5, 0x3f, 0x77, 0x0c, 0x8e, 0xc1, 0xbf, 0xb6, 0x04, 0x27, 0xa4, 0xba, 0xea, 0x6c, 0x68, 0x44, 0xbd, 0xb0, 0x9c, 0xef, 0x6a, 0x09, 0x28, 0xe8, 0x1f, 0xfc, 0x95, 0x03, 0x69, 0x99, 0xab, 0x1a
};
static const uint8_t sha1_thousand_as[20] = {
0x29, 0x1e, 0x9a, 0x6c, 0x66, 0x99, 0x49, 0x49, 0xb5, 0x7b, 0xa5,
0xe6, 0x50, 0x36, 0x1e, 0x98, 0xfc, 0x36, 0xb1, 0xba
};
TEST_CASE("mbedtls SHA interleaving", "[mbedtls]")
{
psa_hash_operation_t sha1_op = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t sha256_op = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t sha512_op = PSA_HASH_OPERATION_INIT;
unsigned char sha1[20], sha256[32], sha512[64];
psa_status_t status;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&sha1_op, PSA_ALG_SHA_1);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&sha256_op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&sha512_op, PSA_ALG_SHA_512);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 10; i++) {
status = psa_hash_update(&sha1_op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&sha256_op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&sha512_op, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
size_t hash_len;
status = psa_hash_finish(&sha1_op, sha1, sizeof(sha1), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_finish(&sha256_op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_finish(&sha512_op, sha512, sizeof(sha512), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 calculation");
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 calculation");
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation");
}
#define SHA_TASK_STACK_SIZE (10*1024)
static SemaphoreHandle_t done_sem;
static void tskRunSHA1Test(void *pvParameters)
{
psa_hash_operation_t sha1_op;
unsigned char sha1[20];
psa_status_t status;
size_t hash_len;
for (int i = 0; i < 1000; i++) {
sha1_op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&sha1_op, PSA_ALG_SHA_1);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int j = 0; j < 10; j++) {
status = psa_hash_update(&sha1_op, (unsigned char *)one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&sha1_op, sha1, sizeof(sha1), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_thousand_as, sha1, 20, "SHA1 calculation");
}
xSemaphoreGive(done_sem);
vTaskDelete(NULL);
}
static void tskRunSHA256Test(void *pvParameters)
{
psa_hash_operation_t sha256_op;
unsigned char sha256[32];
psa_status_t status;
size_t hash_len;
for (int i = 0; i < 1000; i++) {
sha256_op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&sha256_op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int j = 0; j < 10; j++) {
status = psa_hash_update(&sha256_op, (unsigned char *)one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&sha256_op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_bs, sha256, 32, "SHA256 calculation");
}
xSemaphoreGive(done_sem);
vTaskDelete(NULL);
}
TEST_CASE("mbedtls SHA multithreading", "[mbedtls]")
{
done_sem = xSemaphoreCreateCounting(4, 0);
xTaskCreate(tskRunSHA1Test, "SHA1Task1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskRunSHA1Test, "SHA1Task2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskRunSHA256Test, "SHA256Task1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskRunSHA256Test, "SHA256Task2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
for (int i = 0; i < 4; i++) {
if (!xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("done_sem not released by test task");
}
}
vSemaphoreDelete(done_sem);
}
void tskRunSHASelftests(void *param)
{
// PSA Crypto API does not provide self-test functions
// Instead, we run basic validation tests for each algorithm
psa_hash_operation_t op;
unsigned char hash[64];
size_t hash_len;
psa_status_t status;
for (int i = 0; i < 5; i++) {
#if CONFIG_MBEDTLS_SHA1_C
// SHA1 validation
op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&op, PSA_ALG_SHA_1);
if (status != PSA_SUCCESS) {
printf("SHA1 setup failed.\n");
while (1) {}
}
status = psa_hash_update(&op, one_hundred_as, 100);
if (status != PSA_SUCCESS) {
printf("SHA1 update failed.\n");
while (1) {}
}
status = psa_hash_finish(&op, hash, sizeof(hash), &hash_len);
if (status != PSA_SUCCESS) {
printf("SHA1 finish failed.\n");
while (1) {}
}
#endif
// SHA256 validation
op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&op, PSA_ALG_SHA_256);
if (status != PSA_SUCCESS) {
printf("SHA256 setup failed.\n");
while (1) {}
}
status = psa_hash_update(&op, one_hundred_bs, 100);
if (status != PSA_SUCCESS) {
printf("SHA256 update failed.\n");
while (1) {}
}
status = psa_hash_finish(&op, hash, sizeof(hash), &hash_len);
if (status != PSA_SUCCESS) {
printf("SHA256 finish failed.\n");
while (1) {}
}
#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
// SHA512 validation
op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&op, PSA_ALG_SHA_512);
if (status != PSA_SUCCESS) {
printf("SHA512 setup failed.\n");
while (1) {}
}
status = psa_hash_update(&op, one_hundred_bs, 100);
if (status != PSA_SUCCESS) {
printf("SHA512 update failed.\n");
while (1) {}
}
status = psa_hash_finish(&op, hash, sizeof(hash), &hash_len);
if (status != PSA_SUCCESS) {
printf("SHA512 finish failed.\n");
while (1) {}
}
#endif //SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
}
xSemaphoreGive(done_sem);
vTaskDelete(NULL);
}
TEST_CASE("mbedtls SHA self-tests multithreaded", "[mbedtls]")
{
done_sem = xSemaphoreCreateCounting(2, 0);
xTaskCreate(tskRunSHASelftests, "SHASelftests1", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
xTaskCreate(tskRunSHASelftests, "SHASelftests2", SHA_TASK_STACK_SIZE, NULL, 3, NULL);
const int TIMEOUT_MS = 40000;
for (int i = 0; i < 2; i++) {
if (!xSemaphoreTake(done_sem, TIMEOUT_MS / portTICK_PERIOD_MS)) {
TEST_FAIL_MESSAGE("done_sem not released by test task");
}
}
vSemaphoreDelete(done_sem);
}
TEST_CASE("mbedtls SHA512 clone", "[mbedtls]")
{
psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t clone = PSA_HASH_OPERATION_INIT;
unsigned char sha512[64];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&op, PSA_ALG_SHA_512);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_clone(&op, &clone);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&clone, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&op, sha512, sizeof(sha512), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 original calculation");
status = psa_hash_finish(&clone, sha512, sizeof(sha512), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_thousand_bs, sha512, 64, "SHA512 cloned calculation");
}
TEST_CASE("mbedtls SHA384 clone", "[mbedtls]")
{
psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t clone = PSA_HASH_OPERATION_INIT;
unsigned char sha384[48];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&op, PSA_ALG_SHA_384);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_clone(&op, &clone);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&clone, one_hundred_bs, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&op, sha384, sizeof(sha384), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 original calculation");
status = psa_hash_finish(&clone, sha384, sizeof(sha384), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha384_thousand_bs, sha384, 48, "SHA512 cloned calculation");
}
TEST_CASE("mbedtls SHA256 clone", "[mbedtls]")
{
psa_hash_operation_t op = PSA_HASH_OPERATION_INIT;
psa_hash_operation_t clone = PSA_HASH_OPERATION_INIT;
unsigned char sha256[64];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_clone(&op, &clone);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&clone, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 original calculation");
status = psa_hash_finish(&clone, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, sha256, 32, "SHA256 cloned calculation");
}
typedef struct {
psa_hash_operation_t op;
uint8_t result[32];
psa_status_t ret;
bool done;
} finalise_sha_param_t;
static void tskFinaliseSha(void *v_param)
{
finalise_sha_param_t *param = (finalise_sha_param_t *)v_param;
psa_status_t status;
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&param->op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
size_t hash_len;
param->ret = psa_hash_finish(&param->op, param->result, sizeof(param->result), &hash_len);
param->done = true;
vTaskDelete(NULL);
}
TEST_CASE("mbedtls SHA session passed between tasks", "[mbedtls]")
{
finalise_sha_param_t param = { 0 };
psa_status_t status;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
param.op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&param.op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int i = 0; i < 5; i++) {
status = psa_hash_update(&param.op, one_hundred_as, 100);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
// pass the SHA context off to a different task
//
// note: at the moment this doesn't crash even if a mutex semaphore is used as the
// engine lock, but it can crash...
xTaskCreate(tskFinaliseSha, "SHAFinalise", SHA_TASK_STACK_SIZE, &param, 3, NULL);
while (!param.done) {
vTaskDelay(1);
}
TEST_ASSERT_EQUAL(PSA_SUCCESS, param.ret);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_thousand_as, param.result, 32, "SHA256 result from other task");
}
/* Random input generated and hashed using python:
import hashlib
import os, binascii
input = bytearray(os.urandom(150))
arr = ''
for idx, b in enumerate(input):
if idx % 8 == 0:
arr += '\n'
arr += "{}, ".format(hex(b))
digest = hashlib.sha256(input).hexdigest()
*/
const uint8_t test_vector[] = {
0xe4, 0x1a, 0x1a, 0x30, 0x71, 0xd3, 0x94, 0xb0,
0xc3, 0x7e, 0x99, 0x9f, 0x1a, 0xde, 0x4a, 0x36,
0xb1, 0x1, 0x81, 0x2b, 0x41, 0x91, 0x11, 0x7f,
0xd8, 0xe1, 0xd5, 0xe5, 0x52, 0x6d, 0x92, 0xee,
0x6c, 0xf7, 0x70, 0xea, 0x3a, 0xb, 0xc9, 0x97,
0xc0, 0x12, 0x6f, 0x10, 0x5b, 0x90, 0xd8, 0x52,
0x91, 0x69, 0xea, 0xc4, 0x1f, 0xc, 0xcf, 0xc6,
0xf0, 0x43, 0xc6, 0xa3, 0x1f, 0x46, 0x3c, 0x3d,
0x25, 0xe5, 0xa8, 0x27, 0x86, 0x85, 0x32, 0x3f,
0x33, 0xd8, 0x40, 0xc4, 0x41, 0xf6, 0x4b, 0x12,
0xd8, 0x5e, 0x4, 0x27, 0x42, 0x90, 0x73, 0x4,
0x8, 0x42, 0xd1, 0x64, 0xd, 0x84, 0x3, 0x1,
0x76, 0x88, 0xe4, 0x95, 0xdf, 0xe7, 0x62, 0xb4,
0xb3, 0xb2, 0x7e, 0x6d, 0x78, 0xca, 0x79, 0x82,
0xcc, 0xba, 0x22, 0xd2, 0x90, 0x2e, 0xe3, 0xa8,
0x2a, 0x53, 0x3a, 0xb1, 0x9a, 0x7f, 0xb7, 0x8b,
0xfa, 0x32, 0x47, 0xc1, 0x5c, 0x6, 0x4f, 0x7b,
0xcd, 0xb3, 0xf4, 0xf1, 0xd0, 0xb5, 0xbf, 0xfb,
0x7c, 0xc3, 0xa5, 0xb2, 0xc4, 0xd4,
};
const uint8_t test_vector_digest[] = {
0xff, 0x1c, 0x60, 0xcb, 0x21, 0xf0, 0x63, 0x68,
0xb9, 0xfc, 0xfe, 0xad, 0x3e, 0xb0, 0x2e, 0xd1,
0xf9, 0x08, 0x82, 0x82, 0x83, 0x06, 0xc1, 0x8a,
0x98, 0x5d, 0x36, 0xc0, 0xb7, 0xeb, 0x35, 0xe0,
};
TEST_CASE("mbedtls SHA, input in flash", "[mbedtls]")
{
psa_hash_operation_t sha256_op = PSA_HASH_OPERATION_INIT;
unsigned char sha256[32];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_setup(&sha256_op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&sha256_op, test_vector, sizeof(test_vector));
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_finish(&sha256_op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(test_vector_digest, sha256, 32, "SHA256 calculation");
}
#if 0 // PSA Crypto API does not support SHA512/t variants (SHA512/224, SHA512/256)
/* Note: SHA512/t variants (SHA512/224, SHA512/256) use ESP-specific mbedTLS extensions
* (esp_sha512_set_mode, esp_sha512_set_t) which don't have direct PSA Crypto API equivalents.
* PSA Crypto defines PSA_ALG_SHA_512_224 and PSA_ALG_SHA_512_256 for these algorithms.
*/
#if CONFIG_MBEDTLS_HARDWARE_SHA && SOC_SHA_SUPPORT_SHA512_T
/*
* FIPS-180-2 test vectors
*/
static unsigned char sha512T_test_buf[2][113] = {
{ "abc" },
{
"abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
}
};
static const size_t sha512T_test_buflen[2] = {
3, 112
};
static const psa_algorithm_t sha512T_algo[4] = {
PSA_ALG_SHA_512_224, PSA_ALG_SHA_512_256, PSA_ALG_SHA_512_224, PSA_ALG_SHA_512_256
};
static const size_t sha512T_t_len[4] = { 224, 256, 224, 256 };
static const unsigned char sha512_test_sum[4][32] = {
/* SHA512-224 */
{
0x46, 0x34, 0x27, 0x0f, 0x70, 0x7b, 0x6a, 0x54,
0xda, 0xae, 0x75, 0x30, 0x46, 0x08, 0x42, 0xe2,
0x0e, 0x37, 0xed, 0x26, 0x5c, 0xee, 0xe9, 0xa4,
0x3e, 0x89, 0x24, 0xaa
},
{
0x23, 0xfe, 0xc5, 0xbb, 0x94, 0xd6, 0x0b, 0x23,
0x30, 0x81, 0x92, 0x64, 0x0b, 0x0c, 0x45, 0x33,
0x35, 0xd6, 0x64, 0x73, 0x4f, 0xe4, 0x0e, 0x72,
0x68, 0x67, 0x4a, 0xf9
},
/* SHA512-256 */
{
0x53, 0x04, 0x8e, 0x26, 0x81, 0x94, 0x1e, 0xf9,
0x9b, 0x2e, 0x29, 0xb7, 0x6b, 0x4c, 0x7d, 0xab,
0xe4, 0xc2, 0xd0, 0xc6, 0x34, 0xfc, 0x6d, 0x46,
0xe0, 0xe2, 0xf1, 0x31, 0x07, 0xe7, 0xaf, 0x23
},
{
0x39, 0x28, 0xe1, 0x84, 0xfb, 0x86, 0x90, 0xf8,
0x40, 0xda, 0x39, 0x88, 0x12, 0x1d, 0x31, 0xbe,
0x65, 0xcb, 0x9d, 0x3e, 0xf8, 0x3e, 0xe6, 0x14,
0x6f, 0xea, 0xc8, 0x61, 0xe1, 0x9b, 0x56, 0x3a
}
/* For SHA512_T testing we use t=224 & t=256
* so the hash digest should be same as above
*/
};
/* This will run total of 4 test cases (PSA doesn't need separate tests for SHA512/t vs SHA512/224,256)
* SHA512/224, SHA512/256 with PSA Crypto API
*/
TEST_CASE("mbedtls SHA512/t", "[mbedtls]")
{
psa_hash_operation_t sha512_op;
unsigned char sha512[64];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
// Test SHA512/224 and SHA512/256
for (int i = 0; i < 2; i++) {
for (int j = 0; j < 2; j++) {
int k = i * 2 + j;
sha512_op = (psa_hash_operation_t)PSA_HASH_OPERATION_INIT;
status = psa_hash_setup(&sha512_op, sha512T_algo[i]);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&sha512_op, sha512T_test_buf[j], sha512T_test_buflen[j]);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_finish(&sha512_op, sha512, sizeof(sha512), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_test_sum[k], sha512, sha512T_t_len[i] / 8, "SHA512t calculation");
}
}
}
#endif //CONFIG_MBEDTLS_HARDWARE_SHA
#endif
#ifdef CONFIG_SPIRAM_USE_MALLOC
#include "test_mbedtls_utils.h"
TEST_CASE("mbedtls SHA256 PSRAM DMA", "[mbedtls]")
{
const unsigned CALLS = 256;
const unsigned CALL_SZ = 16 * 1024;
psa_hash_operation_t sha256_op = PSA_HASH_OPERATION_INIT;
unsigned char sha256[32];
psa_status_t status;
size_t hash_len;
// allocate external memory
uint8_t *buf = heap_caps_malloc(CALL_SZ, MALLOC_CAP_8BIT | MALLOC_CAP_SPIRAM);
TEST_ASSERT(esp_ptr_external_ram(buf));
memset(buf, 0x54, CALL_SZ);
status = psa_hash_setup(&sha256_op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
for (int c = 0; c < CALLS; c++) {
status = psa_hash_update(&sha256_op, buf, CALL_SZ);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
}
status = psa_hash_finish(&sha256_op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
free(buf);
/* Check the result. Reference value can be calculated using:
* dd if=/dev/zero bs=$((16*1024)) count=256 | tr '\000' '\124' | sha256sum
*/
const char *expected_hash = "8d031167bd706ac337e07aa9129c34ae4ae792d0a79a2c70e7f012102e8adc3d";
char hash_str[sizeof(sha256) * 2 + 1];
utils_bin2hex(hash_str, sizeof(hash_str), sha256, sizeof(sha256));
TEST_ASSERT_EQUAL_STRING(expected_hash, hash_str);
}
#if SOC_SHA_SUPPORT_DMA
TEST_CASE("mbedtls SHA256 PSRAM DMA large buffer", "[hw_crypto]")
{
psa_hash_operation_t sha256_op = PSA_HASH_OPERATION_INIT;
unsigned char sha256[32];
psa_status_t status;
size_t hash_len;
// Initialize PSA Crypto
status = psa_crypto_init();
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
const size_t SZ = 257984; // specific size to cover issue in https://github.com/espressif/esp-idf/issues/11915
void *buffer = heap_caps_malloc(SZ, MALLOC_CAP_8BIT | MALLOC_CAP_SPIRAM);
TEST_ASSERT_NOT_NULL(buffer);
memset(buffer, 0x55, SZ);
status = psa_hash_setup(&sha256_op, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_update(&sha256_op, buffer, SZ);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
status = psa_hash_finish(&sha256_op, sha256, sizeof(sha256), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, status);
free(buffer);
/* Check the result. Reference value can be calculated using:
* dd if=/dev/zero bs=257984 count=1 | tr '\000' '\125' | sha256sum
*/
const char *expected_hash = "f2330c9f81ff1c8f0515247faa82be8b6f9685601de6f5dae79172766f136c33";
char hash_str[sizeof(sha256) * 2 + 1];
utils_bin2hex(hash_str, sizeof(hash_str), sha256, sizeof(sha256));
TEST_ASSERT_EQUAL_STRING(expected_hash, hash_str);
}
#endif // SOC_SHA_SUPPORT_DMA
#endif //CONFIG_SPIRAM_USE_MALLOC
#if CONFIG_ESP_SYSTEM_RTC_FAST_MEM_AS_HEAP_DEPCHECK && !CONFIG_IDF_TARGET_ESP32H2
// Not enough rtc memory for test on H2
TEST_CASE("mbedtls SHA stack in RTC RAM", "[mbedtls]")
{
done_sem = xSemaphoreCreateBinary();
static StaticTask_t rtc_task;
size_t STACK_SIZE = 3072;
uint8_t *rtc_stack = heap_caps_calloc(STACK_SIZE, 1, MALLOC_CAP_RTCRAM);
TEST_ASSERT(esp_ptr_in_rtc_dram_fast(rtc_stack));
TEST_ASSERT_NOT_NULL(xTaskCreateStatic(tskRunSHA256Test, "tskRunSHA256Test_task", STACK_SIZE, NULL,
3, rtc_stack, &rtc_task));
TEST_ASSERT_TRUE(xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS));
/* Give task time to cleanup before freeing stack */
vTaskDelay(1000 / portTICK_PERIOD_MS);
free(rtc_stack);
vSemaphoreDelete(done_sem);
}
#endif //CONFIG_ESP_SYSTEM_RTC_FAST_MEM_AS_HEAP_DEPCHECK
#if CONFIG_FREERTOS_TASK_CREATE_ALLOW_EXT_MEM && CONFIG_SPIRAM_USE_MALLOC
TEST_CASE("mbedtls SHA stack in PSRAM", "[mbedtls]")
{
done_sem = xSemaphoreCreateBinary();
static StaticTask_t psram_task;
size_t STACK_SIZE = 3072;
uint8_t *psram_stack = heap_caps_calloc(STACK_SIZE, 1, MALLOC_CAP_SPIRAM);
TEST_ASSERT(esp_ptr_external_ram(psram_stack));
TEST_ASSERT_NOT_NULL(xTaskCreateStatic(tskRunSHA256Test, "tskRunSHA256Test_task", STACK_SIZE, NULL,
3, psram_stack, &psram_task));
TEST_ASSERT_TRUE(xSemaphoreTake(done_sem, 10000 / portTICK_PERIOD_MS));
/* Give task time to cleanup before freeing stack */
vTaskDelay(1000 / portTICK_PERIOD_MS);
free(psram_stack);
vSemaphoreDelete(done_sem);
}
#endif //CONFIG_FREERTOS_TASK_CREATE_ALLOW_EXT_MEM && CONFIG_SPIRAM_USE_MALLOC
TEST_CASE("Test PSA SHA-384 with clone", "[hw_crypto][psa]")
{
// Test Vector 1: SHA-384("hello world")
// Expected: fdbd8e75a67f29f701a4e040385e2e23986303ea10239211af907fcbb83578b3e417cb71ce646efd0819dd8c088de1bd
const unsigned char test3_input[] = "hello world";
const unsigned char test3_expected[48] = {
0xfd, 0xbd, 0x8e, 0x75, 0xa6, 0x7f, 0x29, 0xf7,
0x01, 0xa4, 0xe0, 0x40, 0x38, 0x5e, 0x2e, 0x23,
0x98, 0x63, 0x03, 0xea, 0x10, 0x23, 0x92, 0x11,
0xaf, 0x90, 0x7f, 0xcb, 0xb8, 0x35, 0x78, 0xb3,
0xe4, 0x17, 0xcb, 0x71, 0xce, 0x64, 0x6e, 0xfd,
0x08, 0x19, 0xdd, 0x8c, 0x08, 0x8d, 0xe1, 0xbd
};
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
psa_status_t psa_status = psa_hash_setup(&operation, PSA_ALG_SHA_384);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)test3_input, 5); // "hello"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_hash_operation_t clone = PSA_HASH_OPERATION_INIT;
psa_status = psa_hash_clone(&operation, &clone);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&clone, (const uint8_t *)(test3_input + 5), 6); // " world"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
unsigned char psa_output[48];
size_t psa_output_len;
psa_status = psa_hash_finish(&clone, psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(48, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test3_expected, psa_output, 48);
}
#endif // CONFIG_MBEDTLS_HARDWARE_SHA
components/mbedtls/test_apps/main/test_sha.c
+127 -348
View File
@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2021-2025 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2021-2026 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
@@ -16,385 +16,164 @@
#include "spi_flash_mmap.h"
#include "soc/soc_caps.h"
#define MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
#include "unity.h"
#include "test_utils.h"
#include "psa/crypto.h"
#include "sha/sha_parallel_engine.h"
#include "psa/crypto.h"
#include "mbedtls/md.h"
/* Note: Most of the SHA functions are called as part of mbedTLS, so
are tested as part of mbedTLS tests. Only esp_sha() is different.
*/
#define TAG "sha_test"
// New test for PSA SHA-512 implementation
TEST_CASE("Test PSA SHA-512 with known test vectors", "[hw_crypto][psa]")
#if SOC_SHA_SUPPORTED && CONFIG_MBEDTLS_HARDWARE_SHA
TEST_CASE("Test esp_sha()", "[hw_crypto]")
{
ESP_LOGI(TAG, "Testing PSA SHA-512 implementation with known test vectors");
const size_t BUFFER_SZ = 32 * 1024 + 6; // NB: not an exact multiple of SHA block size
// Test Vector 1: SHA-512("abc")
// Expected: ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f
const unsigned char test1_input[] = "abc";
const size_t test1_input_len = 3;
const unsigned char test1_expected[64] = {
0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31,
0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a,
0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd,
0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f
};
int64_t elapsed;
uint32_t us_sha1;
uint8_t sha1_result[20] = { 0 };
// Test Vector 2: SHA-512("")
// Expected: cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
const unsigned char test2_input[] = "";
const size_t test2_input_len = 0;
const unsigned char test2_expected[64] = {
0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd, 0xf1, 0x54, 0x28, 0x50, 0xd6, 0x6d, 0x80, 0x07,
0xd6, 0x20, 0xe4, 0x05, 0x0b, 0x57, 0x15, 0xdc, 0x83, 0xf4, 0xa9, 0x21, 0xd3, 0x6c, 0xe9, 0xce,
0x47, 0xd0, 0xd1, 0x3c, 0x5d, 0x85, 0xf2, 0xb0, 0xff, 0x83, 0x18, 0xd2, 0x87, 0x7e, 0xec, 0x2f,
0x63, 0xb9, 0x31, 0xbd, 0x47, 0x41, 0x7a, 0x81, 0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e
};
#if SOC_SHA_SUPPORT_SHA512
uint32_t us_sha512;
uint8_t sha512_result[64] = { 0 };
#endif
unsigned char psa_output[64];
unsigned char mbedtls_output[64];
size_t psa_output_len;
psa_status_t psa_status;
int mbedtls_ret;
void *buffer = heap_caps_malloc(BUFFER_SZ, MALLOC_CAP_8BIT|MALLOC_CAP_INTERNAL);
TEST_ASSERT_NOT_NULL(buffer);
memset(buffer, 0xEE, BUFFER_SZ);
ESP_LOGI(TAG, "=== Test 1: SHA-512(\"abc\") ===");
const uint8_t sha1_expected[20] = { 0xc7, 0xbb, 0xd3, 0x74, 0xf2, 0xf6, 0x20, 0x86,
0x61, 0xf4, 0x50, 0xd5, 0xf5, 0x18, 0x44, 0xcc,
0x7a, 0xb7, 0xa5, 0x4a };
#if SOC_SHA_SUPPORT_SHA512
const uint8_t sha512_expected[64] = { 0xc7, 0x7f, 0xda, 0x8c, 0xb3, 0x58, 0x14, 0x8a,
0x52, 0x3b, 0x46, 0x04, 0xc0, 0x85, 0xc5, 0xf0,
0x46, 0x64, 0x14, 0xd5, 0x96, 0x7a, 0xa2, 0x80,
0x20, 0x9c, 0x04, 0x27, 0x7d, 0x3b, 0xf9, 0x1f,
0xb2, 0xa3, 0x45, 0x3c, 0xa1, 0x6a, 0x8d, 0xdd,
0x35, 0x5e, 0x35, 0x57, 0x76, 0x22, 0x74, 0xd8,
0x1e, 0x07, 0xc6, 0xa2, 0x9e, 0x3b, 0x65, 0x75,
0x80, 0x7d, 0xe6, 0x6e, 0x47, 0x61, 0x2c, 0x94 };
#endif
// Test with PSA
ESP_LOGI(TAG, "Testing PSA psa_hash_compute()...");
psa_status = psa_hash_compute(PSA_ALG_SHA_512, test1_input, test1_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
ESP_LOGI(TAG, "PSA status: 0x%x, output_len: %zu", (unsigned int)psa_status, psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(64, psa_output_len);
ccomp_timer_start();
esp_sha(SHA1, buffer, BUFFER_SZ, sha1_result);
elapsed = ccomp_timer_stop();
TEST_ASSERT_EQUAL_HEX8_ARRAY(sha1_expected, sha1_result, sizeof(sha1_expected));
us_sha1 = elapsed;
ESP_LOGI(TAG, "esp_sha() 32KB SHA1 in %" PRIu32 " us", us_sha1);
ESP_LOGI(TAG, "PSA result: %02x %02x %02x %02x %02x %02x %02x %02x...",
psa_output[0], psa_output[1], psa_output[2], psa_output[3],
psa_output[4], psa_output[5], psa_output[6], psa_output[7]);
ESP_LOGI(TAG, "Expected result: %02x %02x %02x %02x %02x %02x %02x %02x...",
test1_expected[0], test1_expected[1], test1_expected[2], test1_expected[3],
test1_expected[4], test1_expected[5], test1_expected[6], test1_expected[7]);
#if SOC_SHA_SUPPORT_SHA512
ccomp_timer_start();
esp_sha(SHA2_512, buffer, BUFFER_SZ, sha512_result);
elapsed = ccomp_timer_stop();
TEST_ASSERT_EQUAL_HEX8_ARRAY(sha512_expected, sha512_result, sizeof(sha512_expected));
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, psa_output, 64);
ESP_LOGI(TAG, "✓ PSA SHA-512(\"abc\") PASSED");
us_sha512 = elapsed;
ESP_LOGI(TAG, "esp_sha() 32KB SHA512 in %" PRIu32 " us", us_sha512);
#endif
// Test with mbedtls_md
ESP_LOGI(TAG, "Testing mbedtls_md()...");
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512);
TEST_ASSERT_NOT_NULL(md_info);
/* NOTE: The Mbed TLS ROM implementation needs to updated to support SHA224 operations */
#if !CONFIG_MBEDTLS_USE_CRYPTO_ROM_IMPL
#if SOC_SHA_SUPPORT_SHA224
uint8_t sha224_result[28] = { 0 };
const uint8_t sha224_expected[28] = { 0xc0, 0x2a, 0x54, 0x2f, 0x70, 0x93, 0xaa, 0x3e,
0xb6, 0xec, 0xe6, 0xb2, 0xb8, 0xe6, 0x57, 0x27,
0xf9, 0x34, 0x9e, 0xb7, 0xbc, 0x96, 0x0d, 0xf5,
0xd9, 0x87, 0xa8, 0x17 };
esp_sha(SHA2_224, buffer, BUFFER_SZ, sha224_result);
TEST_ASSERT_EQUAL_HEX8_ARRAY(sha224_expected, sha224_result, sizeof(sha224_expected));
#endif
#endif
mbedtls_ret = mbedtls_md(md_info, test1_input, test1_input_len, mbedtls_output);
ESP_LOGI(TAG, "mbedtls_md return: %d", mbedtls_ret);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
#if SOC_SHA_SUPPORT_SHA384
uint8_t sha384_result[48] = { 0 };
const uint8_t sha384_expected[48] = { 0x72, 0x13, 0xc8, 0x09, 0x7b, 0xbc, 0x9e, 0x65,
0x02, 0xf8, 0x1d, 0xd2, 0x02, 0xd3, 0xd1, 0x80,
0x48, 0xb9, 0xfb, 0x10, 0x2f, 0x1b, 0xd1, 0x40,
0x4c, 0xc6, 0x3c, 0xfe, 0xcf, 0xa0, 0x83, 0x1b,
0x6e, 0xfb, 0x97, 0x17, 0x65, 0x08, 0x28, 0x04,
0x2f, 0x06, 0x2c, 0x97, 0x4e, 0xf8, 0x26, 0x86 };
esp_sha(SHA2_384, buffer, BUFFER_SZ, sha384_result);
TEST_ASSERT_EQUAL_HEX8_ARRAY(sha384_expected, sha384_result, sizeof(sha384_expected));
#endif
ESP_LOGI(TAG, "mbedtls result: %02x %02x %02x %02x %02x %02x %02x %02x...",
mbedtls_output[0], mbedtls_output[1], mbedtls_output[2], mbedtls_output[3],
mbedtls_output[4], mbedtls_output[5], mbedtls_output[6], mbedtls_output[7]);
free(buffer);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, mbedtls_output, 64);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-512(\"abc\") PASSED");
TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA1_32KB, "%" PRId32 " us", us_sha1);
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 64);
ESP_LOGI(TAG, "✓ PSA and mbedtls_md results match");
ESP_LOGI(TAG, "=== Test 2: SHA-512(\"\") (empty string) ===");
// Test with PSA
psa_status = psa_hash_compute(PSA_ALG_SHA_512, test2_input, test2_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(64, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, psa_output, 64);
ESP_LOGI(TAG, "✓ PSA SHA-512(\"\") PASSED");
// Test with mbedtls_md
mbedtls_ret = mbedtls_md(md_info, test2_input, test2_input_len, mbedtls_output);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, mbedtls_output, 64);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-512(\"\") PASSED");
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 64);
ESP_LOGI(TAG, "✓ All PSA SHA-512 tests PASSED!");
#if SOC_SHA_SUPPORT_SHA512
TEST_PERFORMANCE_CCOMP_LESS_THAN(TIME_SHA512_32KB, "%" PRId32 " us", us_sha512);
#endif
}
TEST_CASE("Test PSA SHA-256 with known test vectors", "[hw_crypto][psa]")
/* NOTE: This test attempts to mmap 1MB of flash starting from address 0x00, which overlaps
* the entire TEE protected region, causing the mmap operation to fail and triggering an
* exception in the subsequent steps.
*/
#if !CONFIG_SECURE_ENABLE_TEE
TEST_CASE("Test esp_sha() function with long input", "[hw_crypto]")
{
ESP_LOGI(TAG, "Testing PSA SHA-256 implementation with known test vectors");
int r = -1;
const void* ptr;
spi_flash_mmap_handle_t handle;
#if CONFIG_MBEDTLS_SHA1_C
uint8_t sha1_espsha[20] = { 0 };
uint8_t sha1_mbedtls[20] = { 0 };
#endif
uint8_t sha256_espsha[32] = { 0 };
uint8_t sha256_mbedtls[32] = { 0 };
// Test Vector 1: SHA-256("abc")
// Expected: ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad
const unsigned char test1_input[] = "abc";
const size_t test1_input_len = 3;
const unsigned char test1_expected[32] = {
0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad
};
#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
uint8_t sha512_espsha[64] = { 0 };
uint8_t sha512_mbedtls[64] = { 0 };
#endif
// Test Vector 2: SHA-256("")
// Expected: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
const unsigned char test2_input[] = "";
const size_t test2_input_len = 0;
const unsigned char test2_expected[32] = {
0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14,
0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24,
0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c,
0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55
};
const size_t LEN = 1024 * 1024;
// Test Vector 3: SHA-256("hello world")
// Expected: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9
const unsigned char test3_input[] = "hello world";
const unsigned char test3_expected[32] = {
0xb9, 0x4d, 0x27, 0xb9, 0x93, 0x4d, 0x3e, 0x08,
0xa5, 0x2e, 0x52, 0xd7, 0xda, 0x7d, 0xab, 0xfa,
0xc4, 0x84, 0xef, 0xe3, 0x7a, 0x53, 0x80, 0xee,
0x90, 0x88, 0xf7, 0xac, 0xe2, 0xef, 0xcd, 0xe9
};
/* mmap() 1MB of flash, we don't care what it is really */
esp_err_t err = spi_flash_mmap(0x0, LEN, SPI_FLASH_MMAP_DATA, &ptr, &handle);
unsigned char psa_output[32];
unsigned char mbedtls_output[32];
size_t psa_output_len;
psa_status_t psa_status;
int mbedtls_ret;
TEST_ASSERT_EQUAL_HEX32(ESP_OK, err);
TEST_ASSERT_NOT_NULL(ptr);
ESP_LOGI(TAG, "=== Test 1: SHA-256(\"abc\") ===");
/* Compare esp_sha() result to the PSA result, should always be the same */
#if CONFIG_MBEDTLS_SHA1_C
esp_sha(SHA1, ptr, LEN, sha1_espsha);
size_t hash_len;
r = psa_hash_compute(PSA_ALG_SHA_1, ptr, LEN, sha1_mbedtls, sizeof(sha1_mbedtls), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, r);
#endif
// Test with PSA
ESP_LOGI(TAG, "Testing PSA psa_hash_compute()...");
psa_status = psa_hash_compute(PSA_ALG_SHA_256, test1_input, test1_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
ESP_LOGI(TAG, "PSA status: 0x%x, output_len: %zu", (unsigned int)psa_status, psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(32, psa_output_len);
esp_sha(SHA2_256, ptr, LEN, sha256_espsha);
r = psa_hash_compute(PSA_ALG_SHA_256, ptr, LEN, sha256_mbedtls, sizeof(sha256_mbedtls), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, r);
ESP_LOGI(TAG, "PSA result: %02x %02x %02x %02x %02x %02x %02x %02x...",
psa_output[0], psa_output[1], psa_output[2], psa_output[3],
psa_output[4], psa_output[5], psa_output[6], psa_output[7]);
ESP_LOGI(TAG, "Expected result: %02x %02x %02x %02x %02x %02x %02x %02x...",
test1_expected[0], test1_expected[1], test1_expected[2], test1_expected[3],
test1_expected[4], test1_expected[5], test1_expected[6], test1_expected[7]);
#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
esp_sha(SHA2_512, ptr, LEN, sha512_espsha);
r = psa_hash_compute(PSA_ALG_SHA_512, ptr, LEN, sha512_mbedtls, sizeof(sha512_mbedtls), &hash_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, r);
#endif
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, psa_output, 32);
ESP_LOGI(TAG, "✓ PSA SHA-256(\"abc\") PASSED");
/* munmap() 1MB of flash when the usge of memory-mapped ptr is over */
spi_flash_munmap(handle);
// Test with mbedtls_md
ESP_LOGI(TAG, "Testing mbedtls_md()...");
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
TEST_ASSERT_NOT_NULL(md_info);
#if CONFIG_MBEDTLS_SHA1_C
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha1_espsha, sha1_mbedtls, sizeof(sha1_espsha), "SHA1 results should match");
#endif
mbedtls_ret = mbedtls_md(md_info, test1_input, test1_input_len, mbedtls_output);
ESP_LOGI(TAG, "mbedtls_md return: %d", mbedtls_ret);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha256_espsha, sha256_mbedtls, sizeof(sha256_espsha), "SHA256 results should match");
ESP_LOGI(TAG, "mbedtls result: %02x %02x %02x %02x %02x %02x %02x %02x...",
mbedtls_output[0], mbedtls_output[1], mbedtls_output[2], mbedtls_output[3],
mbedtls_output[4], mbedtls_output[5], mbedtls_output[6], mbedtls_output[7]);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, mbedtls_output, 32);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-256(\"abc\") PASSED");
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 32);
ESP_LOGI(TAG, "✓ PSA and mbedtls_md results match");
ESP_LOGI(TAG, "=== Test 2: SHA-256(\"\") (empty string) ===");
// Test with PSA
psa_status = psa_hash_compute(PSA_ALG_SHA_256, test2_input, test2_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(32, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, psa_output, 32);
ESP_LOGI(TAG, "✓ PSA SHA-256(\"\") PASSED");
// Test with mbedtls_md
mbedtls_ret = mbedtls_md(md_info, test2_input, test2_input_len, mbedtls_output);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, mbedtls_output, 32);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-256(\"\") PASSED");
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 32);
ESP_LOGI(TAG, "✓ All PSA SHA-256 tests PASSED!");
// Test Vector 3: SHA-256("hello world")
// This will do with PSA only but _update will be called multiple time
ESP_LOGI(TAG, "=== Test 3: SHA-256(\"hello world\") ===");
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
psa_status = psa_hash_setup(&operation, PSA_ALG_SHA_256);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)test3_input, 5); // "hello"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)(test3_input + 5), 6); // " world"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_finish(&operation, psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(32, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test3_expected, psa_output, 32);
ESP_LOGI(TAG, "✓ PSA SHA-256(\"hello world\") PASSED");
#if SOC_SHA_SUPPORT_SHA512 && CONFIG_MBEDTLS_SHA512_C
TEST_ASSERT_EQUAL_MEMORY_MESSAGE(sha512_espsha, sha512_mbedtls, sizeof(sha512_espsha), "SHA512 results should match");
#endif
}
TEST_CASE("Test PSA SHA-384 with known test vectors", "[hw_crypto][psa]")
{
ESP_LOGI(TAG, "Testing PSA SHA-384 implementation with known test vectors");
// Test Vector 1: SHA-384("abc")
// Expected: cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7
const unsigned char test1_input[] = "abc";
const size_t test1_input_len = 3;
const unsigned char test1_expected[48] = {
0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b,
0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07,
0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63,
0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed,
0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23,
0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7
};
// Test Vector 2: SHA-384("")
// Expected: 38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b
const unsigned char test2_input[] = "";
const size_t test2_input_len = 0;
const unsigned char test2_expected[48] = {
0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38,
0x4c, 0xd9, 0x32, 0x7e, 0xb1, 0xb1, 0xe3, 0x6a,
0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43,
0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda,
0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb,
0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b
};
// Test Vector 3: SHA-384("hello world")
// Expected: fdbd8e75a67f29f701a4e040385e2e23986303ea10239211af907fcbb83578b3e417cb71ce646efd0819dd8c088de1bd
const unsigned char test3_input[] = "hello world";
const unsigned char test3_expected[48] = {
0xfd, 0xbd, 0x8e, 0x75, 0xa6, 0x7f, 0x29, 0xf7,
0x01, 0xa4, 0xe0, 0x40, 0x38, 0x5e, 0x2e, 0x23,
0x98, 0x63, 0x03, 0xea, 0x10, 0x23, 0x92, 0x11,
0xaf, 0x90, 0x7f, 0xcb, 0xb8, 0x35, 0x78, 0xb3,
0xe4, 0x17, 0xcb, 0x71, 0xce, 0x64, 0x6e, 0xfd,
0x08, 0x19, 0xdd, 0x8c, 0x08, 0x8d, 0xe1, 0xbd
};
unsigned char psa_output[48];
unsigned char mbedtls_output[48];
size_t psa_output_len;
psa_status_t psa_status;
int mbedtls_ret;
ESP_LOGI(TAG, "=== Test 1: SHA-384(\"abc\") ===");
// Test with PSA
ESP_LOGI(TAG, "Testing PSA psa_hash_compute()...");
psa_status = psa_hash_compute(PSA_ALG_SHA_384, test1_input, test1_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
ESP_LOGI(TAG, "PSA status: 0x%x, output_len: %zu", (unsigned int)psa_status, psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(48, psa_output_len);
ESP_LOGI(TAG, "PSA result: %02x %02x %02x %02x %02x %02x %02x %02x...",
psa_output[0], psa_output[1], psa_output[2], psa_output[3],
psa_output[4], psa_output[5], psa_output[6], psa_output[7]);
ESP_LOGI(TAG, "Expected result: %02x %02x %02x %02x %02x %02x %02x %02x...",
test1_expected[0], test1_expected[1], test1_expected[2], test1_expected[3],
test1_expected[4], test1_expected[5], test1_expected[6], test1_expected[7]);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, psa_output, 48);
ESP_LOGI(TAG, "✓ PSA SHA-384(\"abc\") PASSED");
// Test with mbedtls_md
ESP_LOGI(TAG, "Testing mbedtls_md()...");
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA384);
TEST_ASSERT_NOT_NULL(md_info);
mbedtls_ret = mbedtls_md(md_info, test1_input, test1_input_len, mbedtls_output);
ESP_LOGI(TAG, "mbedtls_md return: %d", mbedtls_ret);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
ESP_LOGI(TAG, "mbedtls result: %02x %02x %02x %02x %02x %02x %02x %02x...",
mbedtls_output[0], mbedtls_output[1], mbedtls_output[2], mbedtls_output[3],
mbedtls_output[4], mbedtls_output[5], mbedtls_output[6], mbedtls_output[7]);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test1_expected, mbedtls_output, 48);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-384(\"abc\") PASSED");
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 48);
ESP_LOGI(TAG, "✓ PSA and mbedtls_md results match");
ESP_LOGI(TAG, "=== Test 2: SHA-384(\"\") (empty string) ===");
// Test with PSA
psa_status = psa_hash_compute(PSA_ALG_SHA_384, test2_input, test2_input_len,
psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(48, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, psa_output, 48);
ESP_LOGI(TAG, "✓ PSA SHA-384(\"\") PASSED");
// Test with mbedtls_md
mbedtls_ret = mbedtls_md(md_info, test2_input, test2_input_len, mbedtls_output);
TEST_ASSERT_EQUAL(0, mbedtls_ret);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test2_expected, mbedtls_output, 48);
ESP_LOGI(TAG, "✓ mbedtls_md SHA-384(\"\") PASSED");
// Verify both methods produce the same result
TEST_ASSERT_EQUAL_MEMORY(psa_output, mbedtls_output, 48);
ESP_LOGI(TAG, "✓ All PSA SHA-384 tests PASSED!");
// Test Vector 3: SHA-384("hello world")
// This will do with PSA only but _update will be called multiple time
ESP_LOGI(TAG, "=== Test 3: SHA-384(\"hello world\") ===");
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
psa_status = psa_hash_setup(&operation, PSA_ALG_SHA_384);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)test3_input, 5); // "hello"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)(test3_input + 5), 6); // " world"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_finish(&operation, psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(48, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test3_expected, psa_output, 48);
ESP_LOGI(TAG, "✓ PSA SHA-384(\"hello world\") PASSED");
}
TEST_CASE("Test PSA SHA-384 with clone", "[hw_crypto][psa]")
{
// Test Vector 1: SHA-384("hello world")
// Expected: fdbd8e75a67f29f701a4e040385e2e23986303ea10239211af907fcbb83578b3e417cb71ce646efd0819dd8c088de1bd
const unsigned char test3_input[] = "hello world";
const unsigned char test3_expected[48] = {
0xfd, 0xbd, 0x8e, 0x75, 0xa6, 0x7f, 0x29, 0xf7,
0x01, 0xa4, 0xe0, 0x40, 0x38, 0x5e, 0x2e, 0x23,
0x98, 0x63, 0x03, 0xea, 0x10, 0x23, 0x92, 0x11,
0xaf, 0x90, 0x7f, 0xcb, 0xb8, 0x35, 0x78, 0xb3,
0xe4, 0x17, 0xcb, 0x71, 0xce, 0x64, 0x6e, 0xfd,
0x08, 0x19, 0xdd, 0x8c, 0x08, 0x8d, 0xe1, 0xbd
};
psa_hash_operation_t operation = PSA_HASH_OPERATION_INIT;
psa_status_t psa_status = psa_hash_setup(&operation, PSA_ALG_SHA_384);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&operation, (const uint8_t *)test3_input, 5); // "hello"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_hash_operation_t clone = PSA_HASH_OPERATION_INIT;
psa_status = psa_hash_clone(&operation, &clone);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
psa_status = psa_hash_update(&clone, (const uint8_t *)(test3_input + 5), 6); // " world"
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
unsigned char psa_output[48];
size_t psa_output_len;
psa_status = psa_hash_finish(&clone, psa_output, sizeof(psa_output), &psa_output_len);
TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_status);
TEST_ASSERT_EQUAL(48, psa_output_len);
TEST_ASSERT_EQUAL_HEX8_ARRAY(test3_expected, psa_output, 48);
ESP_LOGI(TAG, "✓ PSA SHA-384(\"hello world\") with original PASSED");
}
#endif
#endif // SOC_SHA_SUPPORTED && CONFIG_MBEDTLS_HARDWARE_SHA
components/mbedtls/test_apps/pytest_mbedtls_ut.py
+13
View File
@@ -78,6 +78,19 @@ def test_mbedtls_psram_all_ext_flash_enc(dut: Dut) -> None:
dut.run_all_single_board_cases(timeout=180)
@pytest.mark.flash_encryption_f4r8
@pytest.mark.parametrize(
'config',
[
'psram_all_ext_flash_enc_f4r8',
],
indirect=True,
)
@idf_parametrize('target', ['esp32s3'], indirect=['target'])
def test_mbedtls_psram_all_ext_flash_enc_s3_f4r8(dut: Dut) -> None:
dut.run_all_single_board_cases(timeout=180)
@pytest.mark.ecdsa_efuse
@pytest.mark.parametrize(
'config',
components/mbedtls/test_apps/sdkconfig.ci.psram_all_ext_flash_enc_f4r8
+20
View File
@@ -0,0 +1,20 @@
CONFIG_SPIRAM=y
CONFIG_ESP_INT_WDT_TIMEOUT_MS=800
CONFIG_FREERTOS_TASK_CREATE_ALLOW_EXT_MEM=y
CONFIG_SPIRAM_MALLOC_ALWAYSINTERNAL=0
# Default settings for testing this example in CI.
# This configuration is not secure, don't use it in production!
# See Flash Encryption API Guide for more details.
CONFIG_SECURE_FLASH_ENC_ENABLED=y
CONFIG_SECURE_FLASH_ENCRYPTION_MODE_DEVELOPMENT=y
CONFIG_SECURE_BOOT_ALLOW_ROM_BASIC=y
CONFIG_SECURE_BOOT_ALLOW_JTAG=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_ENC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_DEC=y
CONFIG_SECURE_FLASH_UART_BOOTLOADER_ALLOW_CACHE=y
CONFIG_SECURE_FLASH_REQUIRE_ALREADY_ENABLED=y
CONFIG_SPIRAM_MODE_OCT=y
CONFIG_SPIRAM_TYPE_AUTO=y
docs/en/security/security.rst
+1 -1
View File
@@ -157,7 +157,7 @@ Flash Encryption Best Practices
* - High
- 72.4 %
.. [#] The above performance numbers have been calculated using the AES performance test of the mbedtls test application :component_file:`test_aes_perf.c <mbedtls/test_apps/main/test_aes_perf.c>`.
.. [#] The above performance numbers have been calculated using the AES performance test of the mbedtls test application :component_file:`test_psa_aes_perf.c <mbedtls/test_apps/main/test_psa_aes_perf.c>`.
Considering the above performance impact, ESP-IDF by-default does not enable the pseudo-round function to avoid any performance-related degrade. But it is recommended to enable the pseudo-round function for better security.
docs/zh_CN/security/security.rst
+1 -1
View File
@@ -157,7 +157,7 @@ flash 加密最佳实践
* - 高
- 72.4 %
.. [#] 上述性能数据通过 mbedtls 测试应用中的 AES 性能测试 :component_file:`test_aes_perf.c <mbedtls/test_apps/main/test_aes_perf.c>` 计算得出。
.. [#] 上述性能数据通过 mbedtls 测试应用中的 AES 性能测试 :component_file:`test_psa_aes_perf.c <mbedtls/test_apps/main/test_psa_aes_perf.c>` 计算得出。
考虑到上述性能影响,ESP-IDF 默认关闭伪轮次功能,避免对相关性能造成影响。但如果需要更高的安全性,仍然建议启用。