2 Replies Latest reply on Jun 11, 2020 11:12 PM by GauravS_31

    enable internal sha256


      Hi all,

      I want to use internal uECC library, which I have enabled by including in the MakeFile : ota2_bootloader.mk, by adding: GLOBAL_INCLUDES  += ..\..\..\WICED\security\BESL\mbedtls_open\include\mbedtls.

      I want to know how to enable the internal SHA256 library to be able to use the files: sha256.h and sha256.c. (location: 43xxx_Wi-Fi/WICED/security/BESL/mbedtls_open/include/mbedtls)



        • 1. Re: enable internal sha256

          To enable uECC, the macro WICED_CONFIG_ENABLE_MBEDTLS_ECC_ALT should be defined in mbedtls/config.h. This will allow mbedTLS to invoke uECC functions as they are used.


          By default, CYW54907 uses dedicated hwcrypto engine to perform SHA256 operations using functions defined in sha256_alt.c. Whereas, sha256.c performs the SHA256 operations in software. If you want to use sha256.c, you can go to BCM4390x.mk and change GLOBAL_DEFINES +=  PLATFORM_HAS_HW_CRYPTO_SUPPORT to GLOBAL_DEFINES +=  WICED_CONFIG_DONOT_USE_HW_CRYPTO.

          • 2. Re: enable internal sha256

            I have tested the following crypto functions in wiced_ota2_image.c in WICED version Wiced_006.002.001.0002 using the build statement waf.ota2_bootloader-CYW954907AEVAL1F-NoOS-NoNS download run:


                    mbedtls_sha256_init( &ctx );

                        mbedtls_sha256_starts( &ctx, 0 );

                        mbedtls_sha256_update( &ctx, MESSAGE, n );

                        mbedtls_sha256_finish( &ctx, hash );

                        mbedtls_sha256_free( &ctx );


            No makefile changes were required and no additional header file was included. I do not see any build error. I would suggest you to make a separate clean installation of WICED 6.2.1 and only write the 5 mbedtls sha256 functions in wiced_ota2_image.c and build the ota2_bootloader project.

            1 of 1 people found this helpful