In an effort to shave off code size, remove out-of-the-box
enabling of crypto features (except SHA-256).
Configurations are adjusted to enable what they need.
Bonuses:
- When enabled, AES now defaults to using a smaller version
(`CONFIG_MBEDTLS_AES_ROM_TABLES` isn't default enabled anymore,
and if enabled, `CONFIG_MBEDTLS_AES_FEWER_TABLES` defaults to y).
- Conditions around Mbed TLS Kconfig options have been improved
to reflect the reality of the dependencies.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
This commit should fix the followings:
1. Suppress compiler warnings
2. Cryptographic mode should first be exercised before
applying the secure key
3. In-memory word swap operations should be omitted as
the key should reside in the flash memory and so any
write access should raise a busfault exception
Signed-off-by: Ioannis Karachalios <ioannis.karachalios.px@renesas.com>
Remove the `_MAC` part because those Kconfig options enable only hash
algorithms, nothing MAC-related, and the `_ENABLED` part to align the
naming to the Mbed TLS defines (plus we don't need such a part).
As a bonus, enabling SHA-256 does not automatically enable SHA-224
anymore.
See the migration guide entries for more details on the practical
changes.
Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
This commit should add all the functionality needed for the crypto
driver to work when PM is enabled.
Signed-off-by: Ioannis Karachalios <ioannis.karachalios.px@renesas.com>
The passed key does not have to be modifiable. Adapting the signature to
reflect this.
This allows the following commit to change cipher_ctx:🔑:bit_stream
to be pointing to an immutable key.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Added IS_ALIGNED macro to check if a pointer is aligned to
a given alignment. Additionally, removed a macro with a
conflicting name in drivers/crypto_intel.
Signed-off-by: Yonatan Schachter <yonatan.schachter@gmail.com>
The commit fixes the SHA driver because the ROM API has the following
changes from ES to QS chip:
1. base addres: from 0x13c -> 0x148
2. required SHA context buffer size : from 228 -> 240 bytes
This change also adds a check for the pre-allocated buffer size of the
SHA context when the driver initiliazes.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
STM32WB MCUs have two AES peripherals: AES1 for application use and AES2
dedicated for network stack. This patch modifies stm32 crypto driver to
use AES1 peripheral when building for STM32WB.
Signed-off-by: Lukasz Hawrylko <lukasz@hawrylko.pl>
The pre-alloacted size of the buffer for the SHA ROM API code increases
in npcx4 chip. This commit adds a new property context-buffer-size to
sha0 DT node in npcx9 and npcx4 separately. The driver can pre-allocate
buffer with the correct size based on the property.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
NOCACHE_MEMORY depends on ARCH_HAS_NOCACHE_MEMORY_SUPPORT, so
don't try to select the symbol if not supported.
Signed-off-by: Manuel Argüelles <manuel.arguelles@nxp.com>
In case asserts are deactivated, no check is done on buffers length.
Remove asserts and return an error when lengths are not correct.
Check error in case length is set by API user.
Signed-off-by: Erwan Gouriou <erwan.gouriou@st.com>
Fix a build error:
crypto_it8xxx2_sha.c:99:26: warning: declaration of 'i' shadows a
previous local [-Wshadow]
99 | for (int i = 0; i < ARRAY_SIZE(sha256_k); i++) {
| ^ crypto_it8xxx2_sha.c:88:13: note:
shadowed declaration is here
88 | int i;
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Define only once the CRYP_DATATYPE_8B for the stm32h5 serie
This macro is in modules/hal/stm32/stm32cube/stm32h5xx/d
rivers/include/stm32h5xx_hal_cryp.h
Signed-off-by: Francois Ramu <francois.ramu@st.com>
Add SHA256 accelerator support for it8xxx2 series.
This driver passes the following test:
tests/crypto/crypto_hash/
Signed-off-by: Dino Li <Dino.Li@ite.com.tw>
Remove all init functions that do nothing, and provide a `NULL` to
*DEVICE*DEFINE* macros.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Unify the drivers/*/Kconfig menuconfig title strings to the format
"<class> [(acronym)] [bus] drivers".
Including both the full name of the driver class and an acronym makes
menuconfig more user friendly as some of the acronyms are less well-known
than others. It also improves Kconfig search, both via menuconfig and via
the generated Kconfig documentation.
Signed-off-by: Henrik Brix Andersen <hebad@vestas.com>
It should never be intended to return an uninitialized
variable from a function.
Remove the use of the uninitialized variable to fix the bug.
Signed-off-by: Chao Song <chao.song@linux.intel.com>
NPCX9 series chips include a SHA hardware accelerator, which supports
SHA256/SHA384/SHA512 hashing and a library (APIs) in the on-chip ROM.
This commit adds the driver support by wrapping the on-chip ROM APIs.
Signed-off-by: Jun Lin <CHLin56@nuvoton.com>
Support multiple DTS instances in the C code, also
just initialize devices that are not disabled.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Many device pointers are initialized at compile and never changed. This
means that the device pointer can be constified (immutable).
Automated using:
```
perl -i -pe 's/const struct device \*(?!const)(.*)= DEVICE/const struct
device *const $1= DEVICE/g' **/*.c
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Updates the API and types to match updated I2C terminology. Replaces master
with controller and slave with target.
Updates all drivers to match the changed macros, types, and API signatures.
Signed-off-by: Tom Burdick <thomas.burdick@intel.com>
In order to bring consistency in-tree, migrate all drivers to the new
prefix <zephyr/...>. Note that the conversion has been scripted, refer
to #45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Instead of selecting appropriate HAS_HW_NRF_* options for particular
nRF SoCs (and simulated nRF52 target), set their values basing on
information from devicetree.
Correct also semantics of those options so that they are set only when
a corresponding DT node is enabled. This allows using them directly in
Kconfig dependencies of Zephyr drivers for nRF peripherals. Update
appropriately these dependencies.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
According to Kconfig guidelines, boolean prompts must not start with
"Enable...". The following command has been used to automate the changes
in this patch:
sed -i "s/bool \"[Ee]nables\? \(\w\)/bool \"\U\1/g" **/Kconfig*
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Add a new API to support multipart hash calculation. The API allows
split the data input to be split in small chunks.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The API to set a callback has the namespace cipher but the driver
function pointer was using the namespace crypto. As this API belongs
to the cipher subgroup, just rename the function pointer in the driver
to be consistent.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This file defines the crypto driver API, cipher is supposed to be just
one type of capability (other can be hash) of these drivers, just
change the file name to be consistent with it.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Add 'cipher' namespace in some in the driver API since these
operations are for cipher.
Set a namespace to make it clear that these are cipher operations,
this allow further functionalities, like hash, to be added in this
driver API.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The crypto driver API is 6 years old, has 5 different implementations,
and is widely used.
Remove the EXPERIMENTAL marking from the API. Each implementation may
still choose to mark itself as EXPERIMENTAL.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
With the introduction of `EXPERIMENTAL` and `WARN_EXPERIMENTAL` in
Zephyr all drivers settings having `[EXPERIMENTAL]` in their
prompt has has been updated to include `select EXPERIMENTAL` so that
developers can enable warnings when experimental features are enabled.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
