Convert older DT_INST_ macro use in STM32 drivers to the new
include/devicetree.h DT_INST macro APIs.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Add CAP_NO_IV_PREFIX capability support to the STM32 CRYP crypto driver,
so the initialization vector does not have to be prefixed to the
plaintext/ciphertext buffer.
Signed-off-by: Markus Fuchs <markus.fuchs@de.sauter-bc.com>
mtls_session_setup checks early if the given mode is valid and return
an error if not. CRYPTO_CIPHER_MODE_CTR is not a valid one so there is
no needed to have it in the switch.
CID: 20600
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
I think people might be reading differences into 'if' and 'depends on'
that aren't there, like maybe 'if' being needed to "hide" a symbol,
while 'depends on' just adds a dependency.
There are no differences between 'if' and 'depends on'. 'if' is just a
shorthand for 'depends on'. They work the same when it comes to creating
implicit menus too.
The way symbols get "hidden" is through their dependencies not being
satisfied ('if'/'depends on' get copied up as a dependency on the
prompt).
Since 'if' and 'depends on' are the same, an 'if' with just a single
symbol in it can be replaced with a 'depends on'. IMO, it's best to
avoid 'if' there as a style choice too, because it confuses people into
thinking there's deep Kconfig magic going on that requires 'if'.
Going for 'depends on' can also remove some nested 'if's, which
generates nicer symbol information and docs, because nested 'if's really
are so simple/dumb that they just add the dependencies from both 'if's
to all symbols within.
Replace a bunch of single-symbol 'if's with 'depends on' to despam the
Kconfig files a bit and make it clearer how things work. Also do some
other minor related dependency refactoring.
The replacement isn't complete. Will fix up the rest later. Splitting it
a bit to make it more manageable.
(Everything above is true for choices, menus, and comments as well.)
Detected by tweaking the Kconfiglib parsing code. It's impossible to
detect after parsing, because 'if' turns into 'depends on'.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This patch adds crypto driver support for all STM32F4 devices providing
a CRYP peripheral.
This driver implements the AES ECB, CBC and CTR modes of operation.
It has been tested on a STM32F437 SoC running the Zephyr crypto driver
sample.
Signed-off-by: Markus Fuchs <markus.fuchs@de.sauter-bc.com>
Add support for `CAP_NO_IV_PREFIX` in mbedTLS_shim and advertise this as
one of its capabilities. When this flag is active, the IV passed is
preserved to allow applications to reuse the IV buffer.
Signed-off-by: Siddharth Chandrasekaran <siddharth@embedjournal.com>
The conversion of struct cipher_ctx * to mtls_aes_context * happens in
a bunch of places. Add a macro MTLS_GET_CTX() to simplify this.
Signed-off-by: Siddharth Chandrasekaran <siddharth@embedjournal.com>
Add support for AES CBC mode of operation in mbedTLS shim driver.
Refactor mtls_session_setup() to allow multiple cipher modes to
co-exist.
Signed-off-by: Siddharth Chandrasekaran <siddharth@embedjournal.com>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
move misc/util.h to sys/util.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
move i2c.h to drivers/i2c.h and
create a shim for backward-compatibility.
No functional changes to the headers.
A warning in the shim can be controlled with CONFIG_COMPAT_INCLUDES.
Related to #16539
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Found a few annoying typos and figured I better run script and
fix anything it can find, here are the results...
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Libraries that use mbedTLS have been invoking
zephyr_link_interface(mbedTLS). It is not clear what the intent of
this code has been, but it is redundant with the mbedTLS build
scripts, so it can be safely removed.
In addition to being redundant, it causes problems as it introduces an
ordering dependency, with this code mbedTLS must be declared before
users of mbedTLS are declared. Since this code is redundant, this
ordering dependency is also unnecessary.
This code is believed to have been added early on by accident and
copied through cargo-cult programming since.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
unify the API of CCM alogrithm's implemation for TinyCrypt,
mbedTLS and cc2520 crypto device to make users easy to use.
Fixes#8339.
Signed-off-by: Wentong Wu <wentong.wu@intel.com>
The logical NOT operator has a higher precedence than bitwise
AND operator. Therefore to make the test in if statement
correct, add parenthesis around the operands of bitwise
AND operator.
Found using Coccinelle.
Semantic Patch Language (SmPL) used:
<smpl>
@@
expression x;
constant C;
@@
- !x & C
+ !(x & C)
</smpl>
Signed-off-by: Himanshu Jha <himanshujha199640@gmail.com>
Any word started with underscore followed by and uppercase letter or a
second underscore is a reserved word according with C99.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
The return of memset is never checked. This patch explicitly ignore
the return to avoid MISRA-C violations.
The only directory excluded directory was ext/* since it contains
only imported code.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
do_cbc_decrypt() was not accounting IV's size in the input buffer.
Note that tinycrypt expects that IV and cipher text to be contiguous,
but input length must consider only the cipher text.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though, and is
inconsistent.
This will make the auto-generated Kconfig documentation have "No
defaults. Implicitly defaults to n." as well, which is clearer than
'default n if ...'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
In the code we had an if defined based on
CONFIG_ATAES132A_I2C_SPEED_STANDARD that should be
CONFIG_CRYPTO_ATAES132A_I2C_SPEED_STANDARD.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Leading/trailing whitespace in prompts requires ugly workarounds in
genrest.py, as e.g. *prompt * is invalid RST. strip() all prompts in
Kconfiglib and get rid of the genrest.py workarounds. Add a warning too.
The Kconfiglib update has some unrelated cleanups and fixes (that won't
affect Zephyr).
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Selecting a choice symbol is always a no-op, and the latest version of
Kconfiglib prints a warning. This commit removes all selects of choice
symbols, which might make the Kconfig files a bit clearer and gets rid
of the warnings.
This is just a dumb removal. I did not try to guess the intent of each
select.
Fixes#6849
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
Fix TinyCrypt shim driver Kconfig dependencies.
Limit the scope of crypto_driver_api functions to driver file only.
Remove dead code from crypto_tc_shim_priv.h
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
There are several issues with the dev_config union used as a
convenience when calling the i2c_configure api. One, the union is well
name spaced protected and doesn't convey use with just i2c. Second
there are assumptions of how the bits might get packed by the union
which can't be guaranteed. Since the API takes a u32_t lets change in
tree uses to using the macros to setup a u32_t and make the union as
deprecated.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
This exposes the CCM operations through generic Crypto API.
Change-Id: I09346e77bf8821c208305a7aa2805cf49cb42d71
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Change the common "init with 0" + "give" idiom to "init with 1". This
won't change the behavior or performance, but should decrease the size
ever so slightly.
This change has been performed mechanically with the following
Coccinelle script:
@@
expression SEM;
expression LIMIT;
expression TIMEOUT;
@@
- k_sem_init(SEM, 0, LIMIT);
- k_sem_give(SEM);
+ k_sem_init(SEM, 1, LIMIT);
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
fix misspelling in Kconfig files that would show up in configuration
documentation and screens.
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
If setting up crypto context fails enough times, the sessions will all
end up "in use" though they will not. This will lock tc shim driver
altogether and no crypto context will be possible to run on it.
Change-Id: I72346854e52294f96afc32f30ac5bfd0c368812b
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Thus it is possible to reduce or raise such amount relevantly if
required.
Change-Id: Ib53131e10e69fcbf1bcd9d844703d5b8832ee224
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
All existing log entries add a line break, so let's just use the sys_log
way.
Change-Id: Ia94efa593700e9590e16b51262f0b5a2fe10ffa2
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
As everywhere else in drivers, domain of driver should be used as name
prefix.
Change-Id: I1bb2284495c7a6b2648395b757a5f912e4410b15
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Maciej Fabia