Skip to content

Commit fbe9c0b

Browse files
donghengqazdonghengqaz
committed
Merge branch 'feature/add_faster_aes' into 'master'
Add faster AES for ESP8266 SoC See merge request sdk/ESP8266_RTOS_SDK!631
2 parents b133de1 + 1c835ba commit fbe9c0b

File tree

12 files changed

+1894
-1
lines changed

12 files changed

+1894
-1
lines changed

components/ssl/mbedtls/port/esp8266/include/aes_alt.h

Lines changed: 116 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,116 @@
1+
/**
2+
* \file aes_alt.h
3+
*
4+
* \brief AES block cipher
5+
*
6+
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
7+
* SPDX-License-Identifier: Apache-2.0
8+
*
9+
* Licensed under the Apache License, Version 2.0 (the "License"); you may
10+
* not use this file except in compliance with the License.
11+
* You may obtain a copy of the License at
12+
*
13+
* http://www.apache.org/licenses/LICENSE-2.0
14+
*
15+
* Unless required by applicable law or agreed to in writing, software
16+
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
17+
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18+
* See the License for the specific language governing permissions and
19+
* limitations under the License.
20+
*
21+
*
22+
*/
23+
#ifndef AES_ALT_H
24+
#define AES_ALT_H
25+
26+
#ifdef __cplusplus
27+
extern "C" {
28+
#endif
29+
30+
#if defined(MBEDTLS_AES_ALT)
31+
#include "esp_aes.h"
32+
33+
typedef esp_aes_t mbedtls_aes_context;
34+
35+
#define mbedtls_aes_init(_ctx) { }
36+
#define mbedtls_aes_free(_ctx) { }
37+
#define mbedtls_aes_setkey_enc(_ctx, _key, _keybits) esp_aes_set_encrypt_key(_ctx, _key, _keybits)
38+
#define mbedtls_aes_setkey_dec(_ctx, _key, _keybits) esp_aes_set_decrypt_key(_ctx, _key, _keybits)
39+
40+
#define mbedtls_aes_crypt_ecb(_ctx, _mode, _input, _output) \
41+
({ \
42+
int ret; \
43+
\
44+
if (_mode == MBEDTLS_AES_DECRYPT) \
45+
ret = esp_aes_decrypt_ecb(_ctx, _input, _output); \
46+
else if (_mode == MBEDTLS_AES_ENCRYPT) \
47+
ret = esp_aes_encrypt_ecb(_ctx, _input, _output); \
48+
else \
49+
ret = -1; \
50+
\
51+
ret; \
52+
})
53+
54+
#if defined(MBEDTLS_CIPHER_MODE_CBC)
55+
#define mbedtls_aes_crypt_cbc(_ctx, _mode, _length, _iv, _input, _output) \
56+
({ \
57+
int ret; \
58+
\
59+
if (_mode == MBEDTLS_AES_DECRYPT) \
60+
ret = esp_aes_decrypt_cbc(_ctx, _input, _length, _output, _length, _iv); \
61+
else if (_mode == MBEDTLS_AES_ENCRYPT) \
62+
ret = esp_aes_encrypt_cbc(_ctx, _input, _length, _output, _length, _iv); \
63+
else \
64+
ret = -1; \
65+
\
66+
ret; \
67+
})
68+
#endif
69+
70+
#if defined(MBEDTLS_CIPHER_MODE_CFB)
71+
#define mbedtls_aes_crypt_cfb128(_ctx, _mode, _length, _iv_off, _iv, _input, _output) \
72+
({ \
73+
int ret; \
74+
\
75+
if (_mode == MBEDTLS_AES_DECRYPT) \
76+
ret = esp_aes_decrypt_cfb128(_ctx, _input, _length, _output, _length, _iv, _iv_off); \
77+
else if (_mode == MBEDTLS_AES_ENCRYPT) \
78+
ret = esp_aes_encrypt_cfb128(_ctx, _input, _length, _output, _length, _iv, _iv_off); \
79+
else \
80+
ret = -1; \
81+
\
82+
ret; \
83+
})
84+
85+
#define mbedtls_aes_crypt_cfb8(_ctx, _mode, _length, _iv, _input, _output) \
86+
({ \
87+
int ret; \
88+
\
89+
if (_mode == MBEDTLS_AES_DECRYPT) \
90+
ret = esp_aes_decrypt_cfb8(_ctx, _input, _length, _output, _length, _iv); \
91+
else if (_mode == MBEDTLS_AES_ENCRYPT) \
92+
ret = esp_aes_encrypt_cfb8(_ctx, _input, _length, _output, _length, _iv); \
93+
else \
94+
ret = -1; \
95+
\
96+
ret; \
97+
})
98+
#endif
99+
100+
#if defined(MBEDTLS_CIPHER_MODE_CTR)
101+
#define mbedtls_aes_crypt_ctr(_ctx, _length, _nc_off, _nonce_counter, \
102+
_stream_block, _input _output \
103+
\
104+
esp_aes_encrypt_ctr(_ctx, _nc_off, _nonce_counter, _length, _input, \
105+
_length, _output, _length)
106+
#endif
107+
108+
#define mbedtls_internal_aes_encrypt(_ctx, _input, _output) esp_aes_encrypt(_ctx, _input, 16, _output, 16)
109+
#define mbedtls_internal_aes_decrypt(_ctx, _input, _output) esp_aes_decrypt(_ctx, _input, 16, _output, 16)
110+
#endif /* MBEDTLS_AES_ALT */
111+
112+
#ifdef __cplusplus
113+
}
114+
#endif
115+
116+
#endif

components/ssl/mbedtls/port/esp8266/include/mbedtls/esp_config.h

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,6 @@
275275
* digests and ciphers instead.
276276
*
277277
*/
278-
//#define MBEDTLS_AES_ALT
279278
//#define MBEDTLS_ARC4_ALT
280279
//#define MBEDTLS_BLOWFISH_ALT
281280
//#define MBEDTLS_CAMELLIA_ALT
@@ -292,6 +291,10 @@
292291
//#define MBEDTLS_RSA_ALT
293292
//#define MBEDTLS_XTEA_ALT
294293

294+
#ifdef CONFIG_ESP_AES
295+
#define MBEDTLS_AES_ALT
296+
#endif
297+
295298
#ifdef CONFIG_ESP_SHA
296299
#define MBEDTLS_SHA1_ALT
297300
#define MBEDTLS_SHA256_ALT

components/util/Kconfig

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,4 +12,19 @@ config ESP_SHA
1212

1313
Disabling the "assert" function at menuconfig can speed up the calculation.
1414

15+
config ESP_AES
16+
bool "Enable Espressif AES"
17+
default y
18+
help
19+
Enable Espressif AES ECB, CBC, CFB128, CFB8 & CRT for other components to
20+
speed up process speed and save code size.
21+
22+
ESP8285 is like ESP8266 + 1MB flash, but its internal I/O connection from CPU
23+
core to flash is DIO not QIO, which makes it read flash data slower.
24+
So the function will speed up ESP8285 obviously.
25+
26+
The calculation uses "ibus_data" to speed up load data from instruction bus.
27+
28+
Disabling the "assert" function at menuconfig can speed up the calculation.
29+
1530
endmenu # Util

components/util/include/esp_aes.h

Lines changed: 230 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,230 @@
1+
// Copyright 2019-2020 Espressif Systems (Shanghai) PTE LTD
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
#pragma once
16+
17+
#include <stdint.h>
18+
#include <stddef.h>
19+
20+
#ifdef __cplusplus
21+
extern "C" {
22+
#endif
23+
24+
typedef struct esp_aes {
25+
int32_t nr; /*!< The number of AES key bits */
26+
uint32_t *rk; /*!< The AES AES key */
27+
uint32_t buf[68]; /*!< The AES calculation cache */
28+
} esp_aes_t;
29+
30+
31+
/**
32+
* @brief Set AES encrypt key
33+
*
34+
* @param aes AES contex pointer
35+
* @param p_key AES key data buffer
36+
* @param keybits number of AES key bits
37+
*
38+
* @return 0 if success or fail
39+
*/
40+
int esp_aes_set_encrypt_key(esp_aes_t *aes, const void *p_key, size_t keybits);
41+
42+
/**
43+
* @brief Set AES decrypt key
44+
*
45+
* @param aes AES contex pointer
46+
* @param p_key AES key data buffer
47+
* @param keybits number of AES key bits
48+
*
49+
* @return 0 if success or fail
50+
*/
51+
int esp_aes_set_decrypt_key(esp_aes_t *aes, const void *key, size_t keybits);
52+
53+
/**
54+
* @brief AES normal encrypt calculation
55+
*
56+
* @param aes AES contex pointer
57+
* @param p_src input data buffer
58+
* @param slen input data length by bytes
59+
* @param p_dst output data buffer
60+
* @param dlen output data length by bytes
61+
*
62+
* @return 0 if success or fail
63+
*/
64+
int esp_aes_encrypt(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen);
65+
66+
/**
67+
* @brief AES normal decrypt calculation
68+
*
69+
* @param aes AES contex pointer
70+
* @param p_src input data buffer
71+
* @param slen input data length by bytes
72+
* @param p_dst output data buffer
73+
* @param dlen output data length by bytes
74+
*
75+
* @return 0 if success or fail
76+
*/
77+
int esp_aes_decrypt(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen);
78+
79+
/**
80+
* @brief AES-ECB encrypt calculation
81+
*
82+
* @param aes AES contex pointer
83+
* @param p_src input data buffer
84+
* @param p_dst output data buffer
85+
*
86+
* @return 0 if success or fail
87+
*/
88+
static inline int esp_aes_encrypt_ecb(esp_aes_t *aes, const void *p_src, void *p_dst)
89+
{
90+
return esp_aes_encrypt(aes, p_src, 16, p_dst, 16);
91+
}
92+
93+
/**
94+
* @brief AES-ECB decrypt calculation
95+
*
96+
* @param aes AES contex pointer
97+
* @param p_src input data buffer
98+
* @param p_dst output data buffer
99+
*
100+
* @return 0 if success or fail
101+
*/
102+
static inline int esp_aes_decrypt_ecb(esp_aes_t *aes, const void *p_src, void *p_dst)
103+
{
104+
return esp_aes_decrypt(aes, p_src, 16, p_dst, 16);
105+
}
106+
107+
/**
108+
* @brief AES-CBC encrypt calculation
109+
*
110+
* @param aes AES contex pointer
111+
* @param p_src input data buffer
112+
* @param slen input data length by bytes
113+
* @param p_dst output data buffer
114+
* @param dlen output data length by bytes
115+
* @param p_iv initialization vector buffer
116+
*
117+
* @return 0 if success or fail
118+
*/
119+
int esp_aes_encrypt_cbc(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv);
120+
121+
/**
122+
* @brief AES-CBC decrypt calculation
123+
*
124+
* @param aes AES contex pointer
125+
* @param p_src input data buffer
126+
* @param slen input data length by bytes
127+
* @param p_dst output data buffer
128+
* @param dlen output data length by bytes
129+
* @param p_iv initialization vector buffer
130+
*
131+
* @return 0 if success or fail
132+
*/
133+
int esp_aes_decrypt_cbc(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv);
134+
135+
/**
136+
* @brief AES-CFB128 encrypt calculation
137+
*
138+
* @param aes AES contex pointer
139+
* @param p_src input data buffer
140+
* @param slen input data length by bytes
141+
* @param p_dst output data buffer
142+
* @param dlen output data length by bytes
143+
* @param p_iv initialization vector buffer
144+
* @param iv_off initialization vector offset
145+
*
146+
* @return 0 if success or fail
147+
*/
148+
int esp_aes_encrypt_cfb128(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv, size_t *iv_off);
149+
150+
/**
151+
* @brief AES-CFB128 decrypt calculation
152+
*
153+
* @param aes AES contex pointer
154+
* @param p_src input data buffer
155+
* @param slen input data length by bytes
156+
* @param p_dst output data buffer
157+
* @param dlen output data length by bytes
158+
* @param p_iv initialization vector buffer
159+
* @param iv_off initialization vector offset
160+
*
161+
* @return 0 if success or fail
162+
*/
163+
int esp_aes_decrypt_cfb128(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv, size_t *iv_off);
164+
165+
/**
166+
* @brief AES-CFB8 encrypt calculation
167+
*
168+
* @param aes AES contex pointer
169+
* @param p_src input data buffer
170+
* @param slen input data length by bytes
171+
* @param p_dst output data buffer
172+
* @param dlen output data length by bytes
173+
* @param p_iv initialization vector buffer
174+
*
175+
* @return 0 if success or fail
176+
*/
177+
int esp_aes_encrypt_cfb8(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv);
178+
179+
/**
180+
* @brief AES-CFB8 decrypt calculation
181+
*
182+
* @param aes AES contex pointer
183+
* @param p_src input data buffer
184+
* @param slen input data length by bytes
185+
* @param p_dst output data buffer
186+
* @param dlen output data length by bytes
187+
* @param p_iv initialization vector buffer
188+
*
189+
* @return 0 if success or fail
190+
*/
191+
int esp_aes_decrypt_cfb8(esp_aes_t *aes, const void *p_src, size_t slen, void *p_dst, size_t dlen, void *p_iv);
192+
193+
/**
194+
* @brief AES-CTR encrypt calculation
195+
*
196+
* @param aes AES contex pointer
197+
* @param nc_off offset in the current stream block
198+
* @param p_nonce_counter 128-bit nonce and counter buffer
199+
* @param p_stream_block current stream block buffer
200+
* @param p_src input data buffer
201+
* @param slen input data length by bytes
202+
* @param p_dst output data buffer
203+
* @param dlen output data length by bytes
204+
*
205+
* @return 0 if success or fail
206+
*/
207+
int esp_aes_encrypt_ctr(esp_aes_t *aes, size_t *nc_off, void *p_nonce_counter, void *p_stream_block, const void *p_src, size_t slen, void *p_dst, size_t dlen);
208+
209+
/**
210+
* @brief AES-CTR decrypt calculation
211+
*
212+
* @param aes AES contex pointer
213+
* @param nc_off offset in the current stream block
214+
* @param p_nonce_counter 128-bit nonce and counter buffer
215+
* @param p_stream_block current stream block buffer
216+
* @param p_src input data buffer
217+
* @param slen input data length by bytes
218+
* @param p_dst output data buffer
219+
* @param dlen output data length by bytes
220+
*
221+
* @return 0 if success or fail
222+
*/
223+
static inline int esp_aes_decrypt_ctr(esp_aes_t *aes, size_t *nc_off, void *p_nonce_counter, void *p_stream_block, const void *p_src, size_t slen, void *p_dst, size_t dlen)
224+
{
225+
return esp_aes_encrypt_ctr(aes, nc_off, p_nonce_counter, p_stream_block, p_src, slen, p_dst, dlen);
226+
}
227+
228+
#ifdef __cplusplus
229+
}
230+
#endif

0 commit comments

Comments
 (0)