sys/psa_crypto: sha3 support

features.yaml

@@ -839,6 +839,12 @@ groups:
  help: SHA-512/224 hardware acceleration present.
  - name: periph_hash_sha_512_256
  help: SHA-512/256 hardware acceleration present.
+ - name: periph_hash_sha3_256
+ help: SHA-3/256 hardware acceleration present.
+ - name: periph_hash_sha3_384
+ help: SHA-3/384 hardware acceleration present.
+ - name: periph_hash_sha3_512
+ help: SHA-3/512 hardware acceleration present.
  - name: periph_hmac_sha_256
  help: HMAC SHA-256 hardware acceleration present.
  - name: periph_hwrng

makefiles/features_existing.inc.mk

@@ -180,6 +180,9 @@ FEATURES_EXISTING := \
  periph_gpio_ll_switch_dir \
  periph_gpio_tamper_wake \
  periph_hash_md5 \
+ periph_hash_sha3_256 \
+ periph_hash_sha3_384 \
+ periph_hash_sha3_512 \
  periph_hash_sha_1 \
  periph_hash_sha_224 \
  periph_hash_sha_256 \

makefiles/features_modules.inc.mk

@@ -27,6 +27,9 @@ PERIPH_IGNORE_MODULES := \
  periph_gpio_ll% \
  periph_gpio_mux \
  periph_hash_sha_1 \
+ periph_hash_sha3_256 \
+ periph_hash_sha3_384 \
+ periph_hash_sha3_512 \
  periph_hash_sha_224 \
  periph_hash_sha_256 \
  periph_hash_sha_384 \

makefiles/pseudomodules.inc.mk

@@ -363,6 +363,9 @@ PSEUDOMODULES += psa_riot_hashes_sha_224
 PSEUDOMODULES += psa_riot_hashes_sha_256
 PSEUDOMODULES += psa_riot_hashes_sha_384
 PSEUDOMODULES += psa_riot_hashes_sha_512
+PSEUDOMODULES += psa_riot_hashes_sha3_256
+PSEUDOMODULES += psa_riot_hashes_sha3_384
+PSEUDOMODULES += psa_riot_hashes_sha3_512
 PSEUDOMODULES += psa_riot_hashes_sha_512_224
 PSEUDOMODULES += psa_riot_hashes_sha_512_256
 PSEUDOMODULES += psa_riot_hashes_hmac_sha256

sys/hashes/psa_riot_hashes/sha3_256.c

@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2024 TU Dresden
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup sys_psa_crypto
+ * @{
+ *
+ * @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
+ *
+ * @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
+ *
+ * @}
+ */
+#include "psa/crypto.h"
+#include "hashes/psa/riot_hashes.h"
+
+psa_status_t psa_hashes_sha3_256_update(psa_hashes_sha3_ctx_t *ctx,
+ const uint8_t *input,
+ size_t input_length)
+{
+ sha3_update((keccak_state_t *)ctx, input, input_length);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_256_setup(psa_hashes_sha3_ctx_t *ctx)
+{
+ sha3_256_init((keccak_state_t *)ctx);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_256_finish(psa_hashes_sha3_ctx_t *ctx,
+ uint8_t *hash)
+{
+ sha3_256_final((keccak_state_t *)ctx, hash);
+ return PSA_SUCCESS;
+}

sys/hashes/psa_riot_hashes/sha3_384.c

@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2024 TU Dresden
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup sys_psa_crypto
+ * @{
+ *
+ * @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
+ *
+ * @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
+ *
+ * @}
+ */
+#include "psa/crypto.h"
+#include "hashes/psa/riot_hashes.h"
+
+psa_status_t psa_hashes_sha3_384_update(psa_hashes_sha3_ctx_t *ctx,
+ const uint8_t *input,
+ size_t input_length)
+{
+ sha3_update((keccak_state_t *)ctx, input, input_length);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_384_setup(psa_hashes_sha3_ctx_t *ctx)
+{
+ sha3_384_init((keccak_state_t *)ctx);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_384_finish(psa_hashes_sha3_ctx_t *ctx,
+ uint8_t *hash)
+{
+ sha3_384_final((keccak_state_t *)ctx, hash);
+ return PSA_SUCCESS;
+}

sys/hashes/psa_riot_hashes/sha3_512.c

@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2024 TU Dresden
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup sys_psa_crypto
+ * @{
+ *
+ * @brief Glue code translating between PSA Crypto and the RIOT SHA3 Hash module
+ *
+ * @author Lennard Melling <lennard.melling@msx.tu-dresden.de>
+ *
+ * @}
+ */
+#include "psa/crypto.h"
+#include "hashes/psa/riot_hashes.h"
+
+psa_status_t psa_hashes_sha3_512_update(psa_hashes_sha3_ctx_t *ctx,
+ const uint8_t *input,
+ size_t input_length)
+{
+ sha3_update((keccak_state_t *)ctx, input, input_length);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_512_setup(psa_hashes_sha3_ctx_t *ctx)
+{
+ sha3_512_init((keccak_state_t *)ctx);
+ return PSA_SUCCESS;
+}
+
+psa_status_t psa_hashes_sha3_512_finish(psa_hashes_sha3_ctx_t *ctx,
+ uint8_t *hash)
+{
+ sha3_512_final((keccak_state_t *)ctx, hash);
+ return PSA_SUCCESS;
+}

sys/include/hashes/psa/riot_hashes.h

@@ -77,6 +77,14 @@ typedef sha512_256_context_t psa_hashes_sha512_256_ctx_t;
 #include "hashes/sha256.h"
 #endif
 
+#if (IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_256) \
+|| IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_384) \
+|| IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_512))
+#include "hashes/sha3.h"
+
+typedef keccak_state_t psa_hashes_sha3_ctx_t;
+#endif
+
 #ifdef __cplusplus
 }
 #endif

sys/include/psa_crypto/psa/crypto_contexts.h

@@ -28,7 +28,7 @@
 
 #include "psa/crypto_includes.h"
 
 
 #if IS_USED(MODULE_PSA_HASH)
 /**
  * @brief Structure containing the hash contexts needed by the application.
@@ -52,6 +52,10 @@
 #if IS_USED(MODULE_PSA_HASH_SHA_512) || defined(DOXYGEN)
  psa_hashes_sha512_ctx_t sha512; /**< SHA-512 context */
 #endif
+#if IS_USED(MODULE_PSA_HASH_SHA3_256) || IS_USED(MODULE_PSA_HASH_SHA3_384) \
+|| IS_USED(MODULE_PSA_HASH_SHA3_512) || defined(DOXYGEN)
+ psa_hashes_sha3_ctx_t sha3; /**< SHA-3 context */
+#endif
 #if IS_USED(MODULE_PSA_HASH_SHA_512_224) || defined(DOXYGEN)
  psa_hashes_sha512_224_ctx_t sha512_224; /**< SHA-512/224 context */
 #endif

sys/include/psa_crypto/psa/crypto_includes.h

@@ -33,7 +33,8 @@ extern "C" {
  IS_USED(MODULE_PSA_RIOT_HASHES_SHA_1) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_224) || \
  IS_USED(MODULE_PSA_RIOT_HASHES_SHA_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_384) || \
  IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_224) || \
- IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256)
+ IS_USED(MODULE_PSA_RIOT_HASHES_SHA_512_256) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_256) || \
+ IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_384) || IS_USED(MODULE_PSA_RIOT_HASHES_SHA3_512)
 #include "hashes/psa/riot_hashes.h"
 #endif
 

sys/psa_crypto/Makefile.dep

@@ -324,6 +324,78 @@ ifneq (,$(filter psa_hash_sha_512_256_backend_riot,$(USEMODULE)))
  USEMODULE += psa_riot_hashes_sha_512_256
 endif
 
+## SHA-3/256
+ifneq (,$(filter psa_hash_sha3_256,$(USEMODULE)))
+ ifeq (,$(filter psa_hash_sha3_256_custom_backend,$(USEMODULE)))
+ FEATURES_OPTIONAL += periph_hash_sha3_256
+ include $(RIOTMAKE)/features_check.inc.mk
+ # HACK: Due to kconfig migration, may cause problems
+ ifneq (,$(filter periph_hash_sha3_256,$(FEATURES_USED)))
+ USEMODULE += psa_hash_sha3_256_backend_periph
+ else
+ USEMODULE += psa_hash_sha3_256_backend_riot
+ endif
+ endif
+endif
+
+ifneq (,$(filter psa_hash_sha3_256_backend_periph,$(USEMODULE)))
+ FEATURES_REQUIRED += periph_hash_sha3_256
+endif
+
+ifneq (,$(filter psa_hash_sha3_256_backend_riot,$(USEMODULE)))
+ USEMODULE += hashes
+ USEMODULE += psa_riot_hashes
+ USEMODULE += psa_riot_hashes_sha3_256
+endif
+
+## SHA-3/384
+ifneq (,$(filter psa_hash_sha3_384,$(USEMODULE)))
+ ifeq (,$(filter psa_hash_sha3_384_custom_backend,$(USEMODULE)))
+ FEATURES_OPTIONAL += periph_hash_sha3_384
+ include $(RIOTMAKE)/features_check.inc.mk
+ # HACK: Due to kconfig migration, may cause problems
+ ifneq (,$(filter periph_hash_sha3_384,$(FEATURES_USED)))
+ USEMODULE += psa_hash_sha3_384_backend_periph
+ else
+ USEMODULE += psa_hash_sha3_384_backend_riot
+ endif
+ endif
+endif
+
+ifneq (,$(filter psa_hash_sha3_384_backend_periph,$(USEMODULE)))
+ FEATURES_REQUIRED += periph_hash_sha3_384
+endif
+
+ifneq (,$(filter psa_hash_sha3_384_backend_riot,$(USEMODULE)))
+ USEMODULE += hashes
+ USEMODULE += psa_riot_hashes
+ USEMODULE += psa_riot_hashes_sha3_384
+endif
+
+## SHA-3/512
+ifneq (,$(filter psa_hash_sha3_512,$(USEMODULE)))
+ ifeq (,$(filter psa_hash_sha3_512_custom_backend,$(USEMODULE)))
+ FEATURES_OPTIONAL += periph_hash_sha3_512
+ include $(RIOTMAKE)/features_check.inc.mk
+ # HACK: Due to kconfig migration, may cause problems
+ ifneq (,$(filter periph_hash_sha3_512,$(FEATURES_USED)))
+ USEMODULE += psa_hash_sha3_512_backend_periph
+ else
+ USEMODULE += psa_hash_sha3_512_backend_riot
+ endif
+ endif
+endif
+
+ifneq (,$(filter psa_hash_sha3_512_backend_periph,$(USEMODULE)))
+ FEATURES_REQUIRED += periph_hash_sha3_512
+endif
+
+ifneq (,$(filter psa_hash_sha3_512_backend_riot,$(USEMODULE)))
+ USEMODULE += hashes
+ USEMODULE += psa_riot_hashes
+ USEMODULE += psa_riot_hashes_sha3_512
+endif
+
 # Key Management
 ifneq (,$(filter psa_key_management,$(USEMODULE)))
  USEMODULE += psa_key_slot_mgmt

sys/psa_crypto/Makefile.include

@@ -158,6 +158,42 @@ ifneq (,$(filter psa_hash_sha_512,$(USEMODULE)))
  endif
 endif
 
+PSEUDOMODULES += psa_hash_sha3_256
+PSEUDOMODULES += psa_hash_sha3_256_backend_periph
+PSEUDOMODULES += psa_hash_sha3_256_backend_riot
+PSEUDOMODULES += psa_hash_sha3_256_custom_backend
+
+# check that one and only one backend has been selected
+ifneq (,$(filter psa_hash_sha3_256,$(USEMODULE)))
+ ifneq (1,$(call backends,psa_hash_sha3_256))
+ $(error "One (and only one) backend should be selected for psa_hash_sha3_256")
+ endif
+endif
+
+PSEUDOMODULES += psa_hash_sha3_384
+PSEUDOMODULES += psa_hash_sha3_384_backend_periph
+PSEUDOMODULES += psa_hash_sha3_384_backend_riot
+PSEUDOMODULES += psa_hash_sha3_384_custom_backend
+
+# check that one and only one backend has been selected
+ifneq (,$(filter psa_hash_sha3_384,$(USEMODULE)))
+ ifneq (1,$(call backends,psa_hash_sha3_384))
+ $(error "One (and only one) backend should be selected for psa_hash_sha3_384")
+ endif
+endif
+
+PSEUDOMODULES += psa_hash_sha3_512
+PSEUDOMODULES += psa_hash_sha3_512_backend_periph
+PSEUDOMODULES += psa_hash_sha3_512_backend_riot
+PSEUDOMODULES += psa_hash_sha3_512_custom_backend
+
+# check that one and only one backend has been selected
+ifneq (,$(filter psa_hash_sha3_512,$(USEMODULE)))
+ ifneq (1,$(call backends,psa_hash_sha3_512))
+ $(error "One (and only one) backend should be selected for psa_hash_sha3_512")
+ endif
+endif
+
 PSEUDOMODULES += psa_hash_sha_512_224
 PSEUDOMODULES += psa_hash_sha_512_224_backend_periph
 PSEUDOMODULES += psa_hash_sha_512_224_backend_riot

sys/psa_crypto/doc.txt

@@ -336,6 +336,24 @@
  * - psa_hash_sha_512_256_custom_backend
  * - psa_hash_sha_512_256_backend_riot
  *
+ * #### SHA 3/256
+ * - psa_hash_sha3_256
+ * - psa_hash_sha3_256_backend_periph
+ * - psa_hash_sha3_256_custom_backend
+ * - psa_hash_sha3_256_backend_riot
+ *
+ * #### SHA 3/384
+ * - psa_hash_sha3_384
+ * - psa_hash_sha3_384_backend_periph
+ * - psa_hash_sha3_384_custom_backend
+ * - psa_hash_sha3_384_backend_riot
+ *
+ * #### SHA 3/512
+ * - psa_hash_sha3_512
+ * - psa_hash_sha3_512_backend_periph
+ * - psa_hash_sha3_512_custom_backend
+ * - psa_hash_sha3_512_backend_riot
+ *
  * ### MAC
  * - Base: psa_mac
  *