For the CCM mode, increase slightly the output buffer size because
the cc23x0 directly fills this buffer with 16-byte blocks.
This prevents from doing unnecessary memcpy that would have an
impact on the driver's performance.
Signed-off-by: Julien Panis <jpanis@baylibre.com>
Without this, check_compliance.py suggests to run clang-format on the
changed code lines.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
This change extends what e1e19732bc
(samples: drivers: crypto: Aligned AES key) has started: For certain
architectures (i.e. Si32), the alignment of the used buffers is
important as the AES HW engine uses DMA and inherits its restrictions.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
Commit e1e19732bc (samples: drivers:
crypto: Aligned AES key) introduced the alignment for the key. According
to the commit message, the intention was to align the variable at 32 bit
boundaries. For this reason, passing 32 to __aligned seems like an
error, as its argument is denoted in byte and not bits.
Signed-off-by: Reto Schneider <reto.schneider@husqvarnagroup.com>
As both C and C++ standards require applications running under an OS to
return 'int', adapt that for Zephyr to align with those standard. This also
eliminates errors when building with clang when not using -ffreestanding,
and reduces the need for compiler flags to silence warnings for both clang
and gcc.
Most of these changes were automated using coccinelle with the following
script:
@@
@@
- void
+ int
main(...) {
...
- return;
+ return 0;
...
}
Approximately 40 files had to be edited by hand as coccinelle was unable to
fix them.
Signed-off-by: Keith Packard <keithp@keithp.com>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Many device pointers are initialized at compile and never changed. This
means that the device pointer can be constified (immutable).
Automated using:
```
perl -i -pe 's/const struct device \*(?!const)(.*)= DEVICE/const struct
device *const $1= DEVICE/g' **/*.c
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Update sample to use DEVICE_DT_GET_ONE to remove usage of
device_get_binding if the device is devicetree based.
Signed-off-by: Kumar Gala <galak@kernel.org>
In order to bring consistency in-tree, migrate all samples to the use
the new prefix <zephyr/...>. Note that the conversion has been scripted:
```python
from pathlib import Path
import re
EXTENSIONS = ("c", "h", "cpp", "rst")
for p in Path(".").glob("samples/**/*"):
if not p.is_file() or p.suffix and p.suffix[1:] not in EXTENSIONS:
continue
content = ""
with open(p) as f:
for line in f:
m = re.match(r"^(.*)#include <(.*)>(.*)$", line)
if (m and
not m.group(2).startswith("zephyr/") and
(Path(".") / "include" / "zephyr" / m.group(2)).exists()):
content += (
m.group(1) +
"#include <zephyr/" + m.group(2) +">" +
m.group(3) + "\n"
)
else:
content += line
with open(p, "w") as f:
f.write(content)
```
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
This file defines the crypto driver API, cipher is supposed to be just
one type of capability (other can be hash) of these drivers, just
change the file name to be consistent with it.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Convert the driver so that it creates its instance basing on DT.
Remove no longer needed Kconfig option CRYPTO_NRF_ECB_NAME.
Also update accordingly the crypto sample.
Signed-off-by: Andrzej Głąbek <andrzej.glabek@nordicsemi.no>
Now that device_api attribute is unmodified at runtime, as well as all
the other attributes, it is possible to switch all device driver
instance to be constant.
A coccinelle rule is used for this:
@r_const_dev_1
disable optional_qualifier
@
@@
-struct device *
+const struct device *
@r_const_dev_2
disable optional_qualifier
@
@@
-struct device * const
+const struct device *
Fixes#27399
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Add sample for AES Galois/Counter Mode (GCM) of operation with a MACsec
GCM-AES test vector.
Also improve existing code by declaring expected ciphertext arrays as
constant.
Signed-off-by: Markus Fuchs <markus.fuchs@de.sauter-bc.com>
Add STM32 CRYP driver support and a corresponding build-only test to
the crypto sample project.
Signed-off-by: Markus Fuchs <markus.fuchs@de.sauter-bc.com>
Rename global variable ciphertext used in cbc_mode() to
cbc_ciphertext and move it closer to cbc_mode(). Also, move
global variable iv into cbc_mode() to be consistent with
other *_mode() methods.
Signed-off-by: Siddharth Chandrasekaran <siddharth@embedjournal.com>
Find the device and query its capabilities just once at boot, then
go through a list of tests to perform.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Printing the output length for all encryption/decryption operation will
make it easier to know if a particular crypto driver shim provides this
information. TinyCript and mbedTLS were not providing this, making the
out_len field useless.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
When testing whether the CTR mode decrypted the payload properly, a
comparison of `decrypt.out_buf` with the known plain text `plaintext`
is performed, but the buffer comparison that is printed uses
`plaintext` and `encrypt.out_buf` instead.
Coverity-CID: 181847
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Normalizing variables names and make sure tag handling behavior, which
might be different among backends, does not make the test failing.
Also, improving debug logs in case of error.
Change-Id: Ic317948aab459bfa75c9a72ac48cb2d12a0d0706
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
If the encryption/decryption failed there is no need to procceed
further.
Change-Id: If450e40ed6fd601b698b74c56ae21fc7f903d087
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Sys log already break a line after each line, by default, so removing
the '\n' on log messages.
Enabling support for sys log colors.
Change-Id: Ica3a601aba0bbbd2d9438b41fb7bca0aad9c05f4
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Don't return without freeing the session when relevant.
Change-Id: I9e5903791f8eb54026c4bb2ddda9f1fe9f3f7bb3
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Convert code to use u{8,16,32,64}_t and s{8,16,32,64}_t instead of C99
integer types.
Jira: ZEP-2051
Change-Id: I08c682bfc0b80dfa88de859e90a011bcd2db2762
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Some files made it through review process with full license header.
Change-Id: I2722b127c40b4b19500042c12e4fde85a165bae9
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
A sample application to illustrate the usage of crypto APIs.
This shows the usage of AES - CTR, CBC and CCM based encryption
and decryption.
origin: original
Change-Id: I17e4d966a70169b71a754c9cdc3f713a5d0c3ac0
Signed-off-by: Jithu Joseph <jithu.joseph@intel.com>
