Factorize nifs for OTP crypto module

Move implementation from ESP32's platform_nifs.c to otp_crypto.c and make it available to all platforms using mbedtls. Alter Pico's mbedtls configuration to handle the ciphers we support. Signed-off-by: Paul Guyot <[email protected]>
pguyot · Nov 9, 2023 · 17c1ce4 · 17c1ce4
1 parent 8b3dee0
commit 17c1ce4
Show file tree

Hide file tree

Showing 17 changed files with 771 additions and 617 deletions.
diff --git a/.github/workflows/build-and-test-other.yaml b/.github/workflows/build-and-test-other.yaml
@@ -148,7 +148,7 @@ jobs:
             ${{ matrix.install_deps }}
         else
             apt update &&
-            apt install -y file gcc g++ binutils cmake make doxygen gperf zlib1g-dev libssl-dev
+            apt install -y file gcc g++ binutils cmake make doxygen gperf zlib1g-dev libssl-dev libmbedtls-dev
         fi &&
         file /bin/bash &&
         uname -a &&

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Fixed STM32 not aborting when `AVM_ABORT()` is used
 - Fixed a bug that would leave the STM32 trapped in a loop on hard faults, rather than aborting
 
+### Changed
+
+- Crypto functions on generic_unix platform now rely on MbedTLS instead of OpenSSL
+
 ### Added
 
 - Added support for the OTP `socket` interface.
@@ -23,6 +27,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added suppoprt for PicoW extra gpio pins (led) to the gpio driver.
 - Added support for `net:getaddrinfo/1,2`
 - Added minimal support for the OTP `ssl` interface.
+- Added support for `crypto:one_time/4,5` on Unix and Pico as well as for `crypto:hash/2` on Pico
 
 ## [0.6.0-alpha.1] - 2023-10-09
 

diff --git a/src/libAtomVM/otp_crypto.c b/src/libAtomVM/otp_crypto.c
diff --git a/src/libAtomVM/otp_crypto.h b/src/libAtomVM/otp_crypto.h
@@ -0,0 +1,36 @@
+/*
+ * This file is part of AtomVM.
+ *
+ * Copyright 2023 Paul Guyot <[email protected]>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0 OR LGPL-2.1-or-later
+ */
+
+#ifndef _OTP_CRYPTO_H_
+#define _OTP_CRYPTO_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <nifs.h>
+
+const struct Nif *otp_crypto_nif_get_nif(const char *nifname);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/src/platforms/esp32/components/avm_builtins/CMakeLists.txt b/src/platforms/esp32/components/avm_builtins/CMakeLists.txt
@@ -28,6 +28,7 @@ set(AVM_BUILTIN_COMPONENT_SRCS
     "socket_driver.c"
     "spi_driver.c"
     "uart_driver.c"
+    "otp_crypto_platform.c"
     "otp_net_platform.c"
     "otp_socket_platform.c"
     "otp_ssl_platform.c"
@@ -39,7 +40,7 @@ else()
     set(ADDITIONAL_PRIV_REQUIRES "")
 endif()
 
-if(CONFIG_AVM_ENABLE_OTP_SSL_NIFS)
+if(CONFIG_AVM_ENABLE_OTP_SSL_NIFS OR CONFIG_AVM_ENABLE_OTP_CRYPTO_NIFS)
    set(ADDITIONAL_PRIV_REQUIRES ${ADDITIONAL_PRIV_REQUIRES} "mbedtls")
 endif()
 

diff --git a/src/platforms/esp32/components/avm_builtins/Kconfig b/src/platforms/esp32/components/avm_builtins/Kconfig
@@ -66,6 +66,10 @@ config AVM_ENABLE_UART_PORT_DRIVER
     bool "Enable UART port driver"
     default y
 
+config AVM_ENABLE_OTP_CRYPTO_NIFS
+    bool "Enable OTP Crypto NIFs"
+    default y
+
 config AVM_ENABLE_OTP_SOCKET_NIFS
     bool "Enable OTP Socket NIFs"
     default y

diff --git a/src/platforms/esp32/components/avm_builtins/otp_crypto_platform.c b/src/platforms/esp32/components/avm_builtins/otp_crypto_platform.c
@@ -0,0 +1,30 @@
+/*
+ * This file is part of AtomVM.
+ *
+ * Copyright 2023 by Paul Guyot <[email protected]>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0 OR LGPL-2.1-or-later
+ */
+
+#include <esp32_sys.h>
+#include <nifs.h>
+#include <otp_crypto.h>
+#include <sdkconfig.h>
+
+#ifdef CONFIG_AVM_ENABLE_OTP_CRYPTO_NIFS
+
+REGISTER_NIF_COLLECTION(otp_crypto, NULL, NULL, otp_crypto_nif_get_nif)
+
+#endif
diff --git a/src/platforms/esp32/components/avm_sys/CMakeLists.txt b/src/platforms/esp32/components/avm_sys/CMakeLists.txt
@@ -26,6 +26,7 @@ set(AVM_SYS_COMPONENT_SRCS
     "platform_nifs.c"
     "platform_defaultatoms.c"
     "../../../../libAtomVM/inet.c"
+    "../../../../libAtomVM/otp_crypto.c"
     "../../../../libAtomVM/otp_net.c"
     "../../../../libAtomVM/otp_socket.c"
     "../../../../libAtomVM/otp_ssl.c"