• State Verified Answer
  • Replies 6 replies
  • Subscribers 85 subscribers
  • Views 4537 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 222527
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Is there an example of how to use hardware cc310 on nrf52840 for sha-1

denis

I'm trying to get the code below to compile.  One question is how to fill in the nrf_crypto_hash_info_t structure.  Another issue is that the nrf crypto includes don't compile using Crossworks gcc because malloc.h can't be found (I don't think malloc.h is a standard c include).  Anyone have a working example?

void fd_sha1(fd_sha1_source_t source, uint32_t address, uint32_t length, uint8_t *hash) {
    nrf_crypto_hash_context_t hash_context;
    nrf_crypto_hash_info_t info = {
        .init_fn        = ?,
        .update_fn      = ?,
        .finalize_fn    = ?,
        .digest_size    = NRF_CRYPTO_HASH_SIZE_SHA1,
        .context_size   = sizeof(nrf_crypto_backend_hash_sha1_context_t),
        .hash_mode      = NRF_CRYPTO_HASH_MODE_SHA1
    };
    ret_code_t ret = nrf_crypto_hash_init(&hash_context, &info);
    fd_log_assert(ret == NRF_SUCCESS);
    sha1_byte data[FD_SHA_BLOCK_SIZE];
    uint32_t remaining = length;
    while (remaining > 0) {
        uint32_t n = FD_SHA_BLOCK_SIZE;
        if (remaining < n) {
            n = remaining;
        }
        (*source)(address, data, n);
        ret = nrf_crypto_hash_update(&hash_context, data, n);
        fd_log_assert(ret == NRF_SUCCESS);
        remaining -= n;
        address += n;
    }
    ret = nrf_crypto_hash_finalize(&hash_context, hash, FD_SHA_HASH_SIZE);
    fd_log_assert(ret == NRF_SUCCESS);
}
Parents
  • 0

    Hi,

    Unfortunately, SHA-1 hash is not supported in the nrf_crypto library, only SHA-256 and SHA-512 is supported. SHA-1 is old and not as secure as SHA-2, limiting its number of use-cases.

    If you want to do SHA-1, you need to use the CC310 API directly. See CryptoCell HASH APIs and CryptoCell Integration Tests examples.

    Best regards,
    Jørgen

  • 0 in reply to Jørgen Holmefjord

    Thanks for that info.  I've updated my code to use the CrypoCell API and it compiles now.  However, when including those headers it still seems to want to include the nrf_crypto apis and ends up with an error trying to include malloc.h.  Any ideas on how to not include that?

    void fd_sha_initialize(void) {
    SA_SilibRetCode_t ret = SaSi_LibInit();
    fd_log_assert(ret == SA_SILIB_RET_OK);
}

void fd_sha1(fd_sha1_source_t source, uint32_t address, uint32_t length, uint8_t *hash) {
    CRYS_HASHUserContext_t context;
    CRYSError_t ret = CRYS_HASH_Init(&context, CRYS_HASH_SHA1_mode);
    fd_log_assert(ret == CRYS_OK);
    uint8_t data[FD_SHA_BLOCK_SIZE];
    uint32_t remaining = length;
    while (remaining > 0) {
        uint32_t n = FD_SHA_BLOCK_SIZE;
        if (remaining < n) {
            n = remaining;
        }
        (*source)(address, data, n);
        ret = CRYS_HASH_Update(&context, data, n);
        fd_log_assert(ret == CRYS_OK);
        remaining -= n;
        address += n;
    }
    CRYS_HASH_Result_t result;
    ret = CRYS_HASH_Finish(&context, result);
    fd_log_assert(ret == CRYS_OK);
    memcpy(hash, result, FD_SHA_HASH_SIZE);
}
Reply
  • 0 in reply to Jørgen Holmefjord

    Thanks for that info.  I've updated my code to use the CrypoCell API and it compiles now.  However, when including those headers it still seems to want to include the nrf_crypto apis and ends up with an error trying to include malloc.h.  Any ideas on how to not include that?

    void fd_sha_initialize(void) {
    SA_SilibRetCode_t ret = SaSi_LibInit();
    fd_log_assert(ret == SA_SILIB_RET_OK);
}

void fd_sha1(fd_sha1_source_t source, uint32_t address, uint32_t length, uint8_t *hash) {
    CRYS_HASHUserContext_t context;
    CRYSError_t ret = CRYS_HASH_Init(&context, CRYS_HASH_SHA1_mode);
    fd_log_assert(ret == CRYS_OK);
    uint8_t data[FD_SHA_BLOCK_SIZE];
    uint32_t remaining = length;
    while (remaining > 0) {
        uint32_t n = FD_SHA_BLOCK_SIZE;
        if (remaining < n) {
            n = remaining;
        }
        (*source)(address, data, n);
        ret = CRYS_HASH_Update(&context, data, n);
        fd_log_assert(ret == CRYS_OK);
        remaining -= n;
        address += n;
    }
    CRYS_HASH_Result_t result;
    ret = CRYS_HASH_Finish(&context, result);
    fd_log_assert(ret == CRYS_OK);
    memcpy(hash, result, FD_SHA_HASH_SIZE);
}
Children
Related
Terms of service