pkg/driver_cryptocell_310: allow data to be in ROM on hash update

examples/advanced/psa_crypto/example_hash.c

@@ -22,10 +22,8 @@
 
 #include "psa/crypto.h"
 
-/* certain PSA backends require the data to be in RAM rather than ROM
- * so these values cannot be `const` */
-static uint8_t msg[] = "Hello World!";
-static size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
+static const uint8_t msg[] = "Hello World!";
+static const size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
 
 static const uint8_t hash_sha224[] = {
     0x45, 0x75, 0xbb, 0x4e, 0xc1, 0x29, 0xdf, 0x63, 0x80, 0xce, 0xdd, 0xe6, 0xd7,
@@ -90,12 +88,12 @@
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_512_224, msg, msg_len, hash_sha512_224, sizeof(hash_sha512_224));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_512_256, msg, msg_len, hash_sha512_256, sizeof(hash_sha512_256));
     if (status != PSA_SUCCESS) {
         return status;
     }

pkg/driver_cryptocell_310/psa_cryptocell_310/hashes_common.c

@@ -40,19 +40,14 @@
     return PSA_SUCCESS;
 }
 
-psa_status_t cryptocell_310_common_hash_update(CRYS_HASHUserContext_t *ctx,
+static psa_status_t _hash_update_from_ram(CRYS_HASHUserContext_t *ctx,
                                 const uint8_t *input,
                                 size_t input_length)
 {
     CRYSError_t ret = 0;
     size_t offset = 0;
     size_t size;
 
-    if (!cryptocell_310_data_within_ram(input)) {
-        DEBUG("%s : cryptocell_310 data required to be in RAM.\n", RIOT_FILE_RELATIVE);
-        return PSA_ERROR_DATA_INVALID;
-    }
-
     do {
         if (input_length > CC310_MAX_HASH_INPUT_BLOCK) {
             size = CC310_MAX_HASH_INPUT_BLOCK;
@@ -70,6 +65,40 @@
         offset += size;
     } while ((input_length > 0) && (ret == CRYS_OK));
 
+    return ret;
+}
+
+psa_status_t cryptocell_310_common_hash_update(CRYS_HASHUserContext_t *ctx,
+                                const uint8_t *input,
+                                size_t input_length)
+{
+    CRYSError_t ret = 0;
+    if (!cryptocell_310_data_within_ram(input)) {
+        /* copy input chuckwise into RAM until the end of input is reached */
+        uint8_t input_buf[PSA_HASH_MAX_SIZE];
+        size_t buf_size;
+        size_t offset = 0;
+
+        do {
+
+            memset(&input_buf, 0, PSA_HASH_MAX_SIZE);
+
+            buf_size = input_length - offset;
+            buf_size = buf_size < PSA_HASH_MAX_SIZE ? buf_size : PSA_HASH_MAX_SIZE;
+
+            memcpy(&input_buf, input + offset, buf_size);
+
+            ret = _hash_update_from_ram(ctx, input_buf, buf_size);
+
+            offset += PSA_HASH_MAX_SIZE;
+
+        } while ((offset < input_length) && (ret == CRYS_OK));
+
+    }
+    else {
+        ret = _hash_update_from_ram(ctx, input, input_length);
+    }
+
     if (ret != CRYS_OK) {
         DEBUG("CRYS_HASH_Update failed with %s\n", cryptocell310_status_to_humanly_readable(ret));
         return CRYS_to_psa_error(ret);
@@ -77,7 +106,7 @@
     return PSA_SUCCESS;
 }
 
 psa_status_t cryptocell_310_common_hash_finish(CRYS_HASHUserContext_t *ctx, uint8_t *hash, size_t hash_size,
                                 size_t *hash_length)
 {
     cryptocell_310_enable();

tests/sys/psa_crypto_hashes/example_hash.c

@@ -25,10 +25,8 @@
 
 #include "psa/crypto.h"
 
-/* certain PSA backends require the data to be in RAM rather than ROM
- * so these values cannot be `const` */
-static uint8_t msg[] = "Hello World!";
-static size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
+static const uint8_t msg[] = "Hello World!";
+static const size_t msg_len = sizeof(msg)-1; // exclude NULL-byte
 
 static const uint8_t hash_sha224[] = {
     0x45, 0x75, 0xbb, 0x4e, 0xc1, 0x29, 0xdf, 0x63, 0x80, 0xce, 0xdd, 0xe6, 0xd7,
@@ -63,7 +61,7 @@
     0x72, 0x3a, 0x26, 0x71, 0x0e, 0x46, 0x76, 0x13, 0x01, 0xc8, 0xb5, 0x4c, 0x56,
     0xfa, 0x72, 0x22, 0x67, 0x58, 0x1a};
 
-static uint8_t msg_long[] = {
+static const uint8_t msg_long[] = {
     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
     0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa,
@@ -116,7 +114,7 @@
     0x63, 0x52, 0x68, 0x81, 0x4a, 0xce
 };
 
 
 /**
  * @brief   Example function to use different hash algorithms
  *          with the PSA Crypto API.
@@ -147,32 +145,32 @@
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_512_224, msg, msg_len, hash_sha512_224, sizeof(hash_sha512_224));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_512_256, msg, msg_len, hash_sha512_256, sizeof(hash_sha512_256));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_224, msg_long, sizeof(msg_long), hash_long_sha224, sizeof(hash_long_sha224));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_256, msg_long, sizeof(msg_long), hash_long_sha256, sizeof(hash_long_sha256));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_384, msg_long, sizeof(msg_long), hash_long_sha384, sizeof(hash_long_sha384));
     if (status != PSA_SUCCESS) {
         return status;
     }
 
     status = psa_hash_compare(PSA_ALG_SHA_512, msg_long, sizeof(msg_long), hash_long_sha512, sizeof(hash_long_sha512));
     if (status != PSA_SUCCESS) {
         return status;
     }