feat(bignum): Add initial bignum hardware acceleration

Libs need to be rebuilt: - cargo +stable xtask compile - cargo +stable xtask bindings Signed-off-by: Anthony Grondin <=>
esp-rs · Dec 12, 2023 · ec60d0f · ec60d0f
1 parent fcc50ea
commit ec60d0f
Show file tree

Hide file tree

Showing 19 changed files with 1,147 additions and 166 deletions.
diff --git a/.gitmodules b/.gitmodules
@@ -1,3 +1,3 @@
 [submodule "mbedtls"]
 	path = mbedtls
-	url = https://github.com/Mbed-TLS/mbedtls
+	url = https://github.com/espressif/mbedtls
diff --git a/Cargo.toml b/Cargo.toml
@@ -72,7 +72,9 @@ static_cell = { version = "=1.2", features = ["nightly"] }
 
 esp-mbedtls = { path = "./esp-mbedtls" }
 
-[target.xtensa-esp32s3-none-elf.dependencies]
+[[example]]
+name              = "crypto_self_test"
+required-features = ["esp-wifi/wifi-logs"]
 
 [[example]]
 name = "async_client"

diff --git a/esp-mbedtls-sys/headers/esp32c3/config.h b/esp-mbedtls-sys/headers/esp32c3/config.h
@@ -3609,6 +3609,8 @@
 /* MPI / BIGNUM options */
 //#define MBEDTLS_MPI_WINDOW_SIZE            2 /**< Maximum window size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+#define MBEDTLS_MPI_EXP_MOD_ALT
+// #define MBEDTLS_MPI_MUL_MPI_ALT
 
 /* CTR_DRBG options */
 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */

diff --git a/esp-mbedtls-sys/headers/esp32s3/config.h b/esp-mbedtls-sys/headers/esp32s3/config.h
@@ -3609,6 +3609,9 @@
 /* MPI / BIGNUM options */
 //#define MBEDTLS_MPI_WINDOW_SIZE            2 /**< Maximum window size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+// #define MBEDTLS_BIGNUM_ALT
+#define MBEDTLS_MPI_EXP_MOD_ALT
+#define MBEDTLS_MPI_MUL_MPI_ALT
 
 /* CTR_DRBG options */
 //#define MBEDTLS_CTR_DRBG_ENTROPY_LEN               48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */

diff --git a/esp-mbedtls-sys/src/include/esp32.rs b/esp-mbedtls-sys/src/include/esp32.rs
@@ -4808,6 +4808,7 @@ extern "C" {
     ///                      buffer of length \p blen Bytes. It may be \c NULL if
     ///                      \p blen is zero.
     /// \param blen          The length of \p buf in Bytes.
+    /// \param md_alg        The hash algorithm used to hash the original data.
     /// \param f_rng_blind   The RNG function used for blinding. This must not be
     ///                      \c NULL.
     /// \param p_rng_blind   The RNG context to be passed to \p f_rng. This may be

diff --git a/esp-mbedtls-sys/src/include/esp32c3.rs b/esp-mbedtls-sys/src/include/esp32c3.rs
@@ -4810,6 +4810,7 @@ extern "C" {
     ///                      buffer of length \p blen Bytes. It may be \c NULL if
     ///                      \p blen is zero.
     /// \param blen          The length of \p buf in Bytes.
+    /// \param md_alg        The hash algorithm used to hash the original data.
     /// \param f_rng_blind   The RNG function used for blinding. This must not be
     ///                      \c NULL.
     /// \param p_rng_blind   The RNG context to be passed to \p f_rng. This may be

diff --git a/esp-mbedtls-sys/src/include/esp32s2.rs b/esp-mbedtls-sys/src/include/esp32s2.rs
@@ -4808,6 +4808,7 @@ extern "C" {
     ///                      buffer of length \p blen Bytes. It may be \c NULL if
     ///                      \p blen is zero.
     /// \param blen          The length of \p buf in Bytes.
+    /// \param md_alg        The hash algorithm used to hash the original data.
     /// \param f_rng_blind   The RNG function used for blinding. This must not be
     ///                      \c NULL.
     /// \param p_rng_blind   The RNG context to be passed to \p f_rng. This may be

diff --git a/esp-mbedtls-sys/src/include/esp32s3.rs b/esp-mbedtls-sys/src/include/esp32s3.rs
@@ -206,125 +206,7 @@ pub const PSA_WANT_KEY_TYPE_DERIVE: u32 = 1;
 pub const PSA_WANT_KEY_TYPE_PASSWORD: u32 = 1;
 pub const PSA_WANT_KEY_TYPE_PASSWORD_HASH: u32 = 1;
 pub const PSA_WANT_KEY_TYPE_RAW_DATA: u32 = 1;
-pub const _LIBC_LIMITS_H_: u32 = 1;
-pub const __NEWLIB_H__: u32 = 1;
-pub const _NEWLIB_VERSION_H__: u32 = 1;
-pub const _NEWLIB_VERSION: &[u8; 6] = b"3.3.0\0";
-pub const __NEWLIB__: u32 = 3;
-pub const __NEWLIB_MINOR__: u32 = 3;
-pub const __NEWLIB_PATCHLEVEL__: u32 = 0;
-pub const _WANT_IO_C99_FORMATS: u32 = 1;
-pub const _WANT_IO_LONG_LONG: u32 = 1;
-pub const _WANT_IO_POS_ARGS: u32 = 1;
-pub const _WANT_REENT_SMALL: u32 = 1;
-pub const _REENT_CHECK_VERIFY: u32 = 1;
-pub const _MB_LEN_MAX: u32 = 1;
-pub const _ICONV_ENABLED: u32 = 1;
-pub const HAVE_INITFINI_ARRAY: u32 = 1;
-pub const _ATEXIT_DYNAMIC_ALLOC: u32 = 1;
-pub const _HAVE_LONG_DOUBLE: u32 = 1;
-pub const _HAVE_CC_INHIBIT_LOOP_TO_LIBCALL: u32 = 1;
-pub const _LDBL_EQ_DBL: u32 = 1;
-pub const _FVWRITE_IN_STREAMIO: u32 = 1;
-pub const _FSEEK_OPTIMIZATION: u32 = 1;
-pub const _UNBUF_STREAM_OPT: u32 = 1;
-pub const _RETARGETABLE_LOCKING: u32 = 1;
-pub const _WANT_USE_LONG_TIME_T: u32 = 1;
-pub const _DEFAULT_SOURCE: u32 = 1;
-pub const _POSIX_SOURCE: u32 = 1;
-pub const _POSIX_C_SOURCE: u32 = 200809;
-pub const _ATFILE_SOURCE: u32 = 1;
-pub const __ATFILE_VISIBLE: u32 = 1;
-pub const __BSD_VISIBLE: u32 = 1;
-pub const __GNU_VISIBLE: u32 = 0;
-pub const __ISO_C_VISIBLE: u32 = 2011;
-pub const __LARGEFILE_VISIBLE: u32 = 0;
-pub const __MISC_VISIBLE: u32 = 1;
-pub const __POSIX_VISIBLE: u32 = 200809;
-pub const __SVID_VISIBLE: u32 = 1;
-pub const __XSI_VISIBLE: u32 = 0;
-pub const __SSP_FORTIFY_LEVEL: u32 = 0;
-pub const _POSIX_THREADS: u32 = 1;
-pub const _POSIX_TIMEOUTS: u32 = 1;
-pub const _POSIX_TIMERS: u32 = 1;
-pub const _POSIX_MONOTONIC_CLOCK: u32 = 200112;
-pub const _POSIX_CLOCK_SELECTION: u32 = 200112;
-pub const _UNIX98_THREAD_MUTEX_ATTRIBUTES: u32 = 1;
-pub const __have_longlong64: u32 = 1;
-pub const __have_long32: u32 = 1;
-pub const ___int8_t_defined: u32 = 1;
-pub const ___int16_t_defined: u32 = 1;
-pub const ___int32_t_defined: u32 = 1;
-pub const ___int64_t_defined: u32 = 1;
-pub const ___int_least8_t_defined: u32 = 1;
-pub const ___int_least16_t_defined: u32 = 1;
-pub const ___int_least32_t_defined: u32 = 1;
-pub const ___int_least64_t_defined: u32 = 1;
-pub const __GNUCLIKE_ASM: u32 = 3;
-pub const __GNUCLIKE___TYPEOF: u32 = 1;
-pub const __GNUCLIKE___OFFSETOF: u32 = 1;
-pub const __GNUCLIKE___SECTION: u32 = 1;
-pub const __GNUCLIKE_CTOR_SECTION_HANDLING: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_CONSTANT_P: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_VARARGS: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_STDARG: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_VAALIST: u32 = 1;
-pub const __GNUC_VA_LIST_COMPATIBILITY: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_NEXT_ARG: u32 = 1;
-pub const __GNUCLIKE_BUILTIN_MEMCPY: u32 = 1;
-pub const __CC_SUPPORTS_INLINE: u32 = 1;
-pub const __CC_SUPPORTS___INLINE: u32 = 1;
-pub const __CC_SUPPORTS___INLINE__: u32 = 1;
-pub const __CC_SUPPORTS___FUNC__: u32 = 1;
-pub const __CC_SUPPORTS_WARNING: u32 = 1;
-pub const __CC_SUPPORTS_VARADIC_XXX: u32 = 1;
-pub const __CC_SUPPORTS_DYNAMIC_ARRAY_INIT: u32 = 1;
-pub const ARG_MAX: u32 = 4096;
-pub const CHILD_MAX: u32 = 40;
-pub const LINK_MAX: u32 = 32767;
-pub const MAX_CANON: u32 = 255;
-pub const MAX_INPUT: u32 = 255;
-pub const NAME_MAX: u32 = 255;
-pub const NGROUPS_MAX: u32 = 16;
-pub const OPEN_MAX: u32 = 64;
-pub const PATH_MAX: u32 = 1024;
-pub const PIPE_BUF: u32 = 512;
-pub const IOV_MAX: u32 = 1024;
-pub const BC_BASE_MAX: u32 = 99;
-pub const BC_DIM_MAX: u32 = 2048;
-pub const BC_SCALE_MAX: u32 = 99;
-pub const BC_STRING_MAX: u32 = 1000;
-pub const COLL_WEIGHTS_MAX: u32 = 0;
-pub const EXPR_NEST_MAX: u32 = 32;
-pub const LINE_MAX: u32 = 2048;
-pub const RE_DUP_MAX: u32 = 255;
 pub const MB_LEN_MAX: u32 = 1;
-pub const NL_ARGMAX: u32 = 32;
-pub const _POSIX2_RE_DUP_MAX: u32 = 255;
-pub const __int20: u32 = 2;
-pub const __int20__: u32 = 2;
-pub const __INT8: &[u8; 3] = b"hh\0";
-pub const __INT16: &[u8; 2] = b"h\0";
-pub const __INT64: &[u8; 3] = b"ll\0";
-pub const __FAST8: &[u8; 3] = b"hh\0";
-pub const __FAST16: &[u8; 2] = b"h\0";
-pub const __FAST64: &[u8; 3] = b"ll\0";
-pub const __LEAST8: &[u8; 3] = b"hh\0";
-pub const __LEAST16: &[u8; 2] = b"h\0";
-pub const __LEAST64: &[u8; 3] = b"ll\0";
-pub const __int8_t_defined: u32 = 1;
-pub const __int16_t_defined: u32 = 1;
-pub const __int32_t_defined: u32 = 1;
-pub const __int64_t_defined: u32 = 1;
-pub const __int_least8_t_defined: u32 = 1;
-pub const __int_least16_t_defined: u32 = 1;
-pub const __int_least32_t_defined: u32 = 1;
-pub const __int_least64_t_defined: u32 = 1;
-pub const __int_fast8_t_defined: u32 = 1;
-pub const __int_fast16_t_defined: u32 = 1;
-pub const __int_fast32_t_defined: u32 = 1;
-pub const __int_fast64_t_defined: u32 = 1;
-pub const WINT_MIN: u32 = 0;
 pub const MBEDTLS_ERR_MPI_FILE_IO_ERROR: i32 = -2;
 pub const MBEDTLS_ERR_MPI_BAD_INPUT_DATA: i32 = -4;
 pub const MBEDTLS_ERR_MPI_INVALID_CHARACTER: i32 = -6;
@@ -1067,52 +949,32 @@ pub const MBEDTLS_CTR_DRBG_MAX_SEED_INPUT: u32 = 384;
 pub const MBEDTLS_CTR_DRBG_PR_OFF: u32 = 0;
 pub const MBEDTLS_CTR_DRBG_PR_ON: u32 = 1;
 pub const MBEDTLS_CTR_DRBG_ENTROPY_NONCE_LEN: u32 = 0;
-pub type __int8_t = crate::c_types::c_schar;
-pub type __uint8_t = crate::c_types::c_uchar;
-pub type __int16_t = crate::c_types::c_short;
-pub type __uint16_t = crate::c_types::c_ushort;
-pub type __int32_t = crate::c_types::c_int;
-pub type __uint32_t = crate::c_types::c_uint;
-pub type __int64_t = crate::c_types::c_longlong;
-pub type __uint64_t = crate::c_types::c_ulonglong;
-pub type __int_least8_t = crate::c_types::c_schar;
-pub type __uint_least8_t = crate::c_types::c_uchar;
-pub type __int_least16_t = crate::c_types::c_short;
-pub type __uint_least16_t = crate::c_types::c_ushort;
-pub type __int_least32_t = crate::c_types::c_int;
-pub type __uint_least32_t = crate::c_types::c_uint;
-pub type __int_least64_t = crate::c_types::c_longlong;
-pub type __uint_least64_t = crate::c_types::c_ulonglong;
-pub type __intmax_t = crate::c_types::c_longlong;
-pub type __uintmax_t = crate::c_types::c_ulonglong;
-pub type __intptr_t = crate::c_types::c_int;
-pub type __uintptr_t = crate::c_types::c_uint;
-pub type wchar_t = crate::c_types::c_uchar;
+pub type int_least64_t = i64;
+pub type uint_least64_t = u64;
+pub type int_fast64_t = i64;
+pub type uint_fast64_t = u64;
+pub type int_least32_t = i32;
+pub type uint_least32_t = u32;
+pub type int_fast32_t = i32;
+pub type uint_fast32_t = u32;
+pub type int_least16_t = i16;
+pub type uint_least16_t = u16;
+pub type int_fast16_t = i16;
+pub type uint_fast16_t = u16;
+pub type int_least8_t = i8;
+pub type uint_least8_t = u8;
+pub type int_fast8_t = i8;
+pub type uint_fast8_t = u8;
+pub type intmax_t = crate::c_types::c_longlong;
+pub type uintmax_t = crate::c_types::c_ulonglong;
+pub type mbedtls_iso_c_forbids_empty_translation_units = crate::c_types::c_int;
+pub type wchar_t = crate::c_types::c_int;
 #[repr(C)]
 #[derive(Copy, Clone)]
 pub struct max_align_t {
     pub __clang_max_align_nonce1: crate::c_types::c_longlong,
     pub __clang_max_align_nonce2: f64,
 }
-pub type intmax_t = __intmax_t;
-pub type uintmax_t = __uintmax_t;
-pub type int_least8_t = __int_least8_t;
-pub type uint_least8_t = __uint_least8_t;
-pub type int_least16_t = __int_least16_t;
-pub type uint_least16_t = __uint_least16_t;
-pub type int_least32_t = __int_least32_t;
-pub type uint_least32_t = __uint_least32_t;
-pub type int_least64_t = __int_least64_t;
-pub type uint_least64_t = __uint_least64_t;
-pub type int_fast8_t = crate::c_types::c_schar;
-pub type uint_fast8_t = crate::c_types::c_uchar;
-pub type int_fast16_t = crate::c_types::c_short;
-pub type uint_fast16_t = crate::c_types::c_ushort;
-pub type int_fast32_t = crate::c_types::c_int;
-pub type uint_fast32_t = crate::c_types::c_uint;
-pub type int_fast64_t = crate::c_types::c_longlong;
-pub type uint_fast64_t = crate::c_types::c_ulonglong;
-pub type mbedtls_iso_c_forbids_empty_translation_units = crate::c_types::c_int;
 extern "C" {
     /// \brief       Securely zeroize a buffer
     ///
@@ -4808,6 +4670,7 @@ extern "C" {
     ///                      buffer of length \p blen Bytes. It may be \c NULL if
     ///                      \p blen is zero.
     /// \param blen          The length of \p buf in Bytes.
+    /// \param md_alg        The hash algorithm used to hash the original data.
     /// \param f_rng_blind   The RNG function used for blinding. This must not be
     ///                      \c NULL.
     /// \param p_rng_blind   The RNG context to be passed to \p f_rng. This may be

diff --git a/esp-mbedtls/Cargo.toml b/esp-mbedtls/Cargo.toml
@@ -8,10 +8,12 @@ esp-mbedtls-sys = { path = "../esp-mbedtls-sys" }
 log = "0.4.17"
 embedded-io = { version = "0.6.1" }
 embedded-io-async = { version = "0.6.0", optional = true }
+crypto-bigint = { version = "0.5.3", default-features = false, features = ["extra-sizes"] }
 esp32-hal = { version = "0.16.0", optional = true }
 esp32c3-hal = { version = "0.13.0", optional = true }
 esp32s2-hal = { version = "0.13.0", optional = true }
 esp32s3-hal = { version = "0.13.0", optional = true }
+cfg-if = "1.0.0"
 
 [features]
 async = ["dep:embedded-io-async"]