As part of ongoing work to move away from TinyCrypt and towards PSA
(#43712), introduce a PSA option and remove the TinyCrypt one for the
SHA-256 implementation.
The Mbed TLS implementation is modified to use `mbedtls_sha256`
directly for smaller code size.
As of now the implementation defaults to PSA only if TF-M is enabled
because a dependency loop happens if using `PSA_CRYPTO_CLIENT` as a
condition in `FLASH_AREA_CHECK_INTEGRITY_BACKEND`.
A test case is added for the PSA implementation, and an NS platform is
added to the base test case to verify the compilation on a TF-M-enabled
platform.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Remove the `_MAC` part because those Kconfig options enable only hash
algorithms, nothing MAC-related, and the `_ENABLED` part to align the
naming to the Mbed TLS defines (plus we don't need such a part).
As a bonus, enabling SHA-256 does not automatically enable SHA-224
anymore.
See the migration guide entries for more details on the practical
changes.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Add the labels from the device tree fixed flash partitions
as a column to the flash_map list shell command.
Signed-off-by: Maurits Fassaert <maurits.fassaert@sensorfy.ai>
Currently choice for FLASH_AREA_CHECK_INTEGRITY does not have a
denomination. Without that it is not possible select a default
backend hash backend for integrity check at project configuration.
This add a name to allow select flash area check integrity backend.
Signed-off-by: Gerson Fernando Budke <gerson.budke@ossystems.com.br>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Add SHA-256 flash integrity method. It reads flash data from a
device giving an offset creating a SHA-256 hash to be compared
with a reference. On sucess match, zero is returned, otherwise
a negative errno value.
Signed-off-by: Gerson Fernando Budke <nandojve@gmail.com>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Remove some 'default ""' properties on string symbols too.
Also make definitions more consistent by converting some
config FOO
<type>
prompt "foo"
definitions to a shorter form:
config FOO
<type> "foo"
This shorthand works for int/hex/string symbols too, not just for bool
symbols.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
It was possible to have enable flash module while no flash driver
implementation was enabled. This cause coverity issues and unnecessary
initialization call.
This pat introduce FLASH_HAS_DRIVER_ENABLED Kconfig keyword which is
selected once any flash driver is enabled. flash_map switch its
dependency to this keyword.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Introduce flas_map module is abstraction over flash memory and its
driver for using flash memories along with description of
available flash areas.
Module provides simple API for write/read/erase and so one.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>