crypto/mbedtls: add hardware entropy config hooks #2184
Conversation
| @@ -27,7 +27,7 @@ extern "C" { | |||
| #endif | |||
|
|
|||
| int da1469x_trng_init(struct os_dev *dev, void *arg); | |||
|
|
|||
| int mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ); | |||
There was a problem hiding this comment.
Guard with #ifdef MBEDTLS_ENTROPY_HARDWARE_ALT
nkaje
force-pushed
the
mbedtls_aes
branch
2 times, most recently
from
e67ce82
to
40360ab
Compare
| @@ -125,6 +125,9 @@ syscfg.defs: | |||
| MBEDTLS_ENTROPY_C: | |||
| value: 1 | |||
|
|
|||
| MBEDTLS_ENTROPY_HARDWARE_ALT: | |||
There was a problem hiding this comment.
by default 0, override from app's syscfg
|
|
||
| #ifdef MBEDTLS_ENTROPY_HARDWARE_ALT | ||
| int | ||
| mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { |
There was a problem hiding this comment.
Extra space in argument list
| trng = (struct trng_dev *)os_dev_lookup("trng"); | ||
| da1469x_trng_init((struct os_dev *)trng, NULL); | ||
| int ret = da1469x_trng_read(trng, output, len); | ||
| if ( ret == len ) |
There was a problem hiding this comment.
extra spaces and missing {}
| if ( ret == len ) | ||
| *olen = len; | ||
| else | ||
| olen = NULL; |
There was a problem hiding this comment.
olen = NULL dose not make sense here
|
|
||
| trng = (struct trng_dev *)os_dev_lookup("trng"); | ||
| da1469x_trng_init((struct os_dev *)trng, NULL); | ||
| int ret = da1469x_trng_read(trng, output, len); |
There was a problem hiding this comment.
in mynewt variable declaration are not placed in the middle of block
| @@ -27,6 +27,9 @@ extern "C" { | |||
| #endif | |||
|
|
|||
| int da1469x_trng_init(struct os_dev *dev, void *arg); | |||
| #ifdef MBEDTLS_ENTROPY_HARDWARE_ALT | |||
| int mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ); | |||
There was a problem hiding this comment.
this prototype actually exists in entorpy_poll.h so placing it here again seems strange
| @@ -125,6 +125,9 @@ syscfg.defs: | |||
| MBEDTLS_ENTROPY_C: | |||
| value: 1 | |||
|
|
|||
| MBEDTLS_ENTROPY_HARDWARE_ALT: | |||
| value: 0 | |||
There was a problem hiding this comment.
it would not hurt to provide description field, but since this file lack any descriptions I don't mind after consideration
nkaje
changed the title
|
The name "Enable AES and SECP256R1" has no relation with the changes... |
nkaje
changed the title
| *olen = len; | ||
| } else { | ||
| *olen = 0; | ||
| } |
There was a problem hiding this comment.
trng_read does not return errors, so this testing could be eliminated by simply doing *olen = trng_read(trng, output, len);
| struct trng_dev *trng; | ||
| int ret; | ||
|
|
||
| trng = (struct trng_dev *)os_dev_lookup("trng"); |
There was a problem hiding this comment.
Maybe addding
if (trng == NULL) {
return -1;
}
What do you think?
| #include <trng/trng.h> | ||
| #include "mbedtls/config_mynewt.h" | ||
|
|
||
| #ifdef MBEDTLS_ENTROPY_HARDWARE_ALT |
There was a problem hiding this comment.
I would avoid including mbedtls/config_mynewt.h and using instead #if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT) here.
| @@ -292,6 +293,10 @@ extern "C" { | |||
| #undef MBEDTLS_ENTROPY_C | |||
| #endif | |||
|
|
|||
| #if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT) == 0 | |||
There was a problem hiding this comment.
Though not used now, keeping this for completeness.
| @@ -292,6 +293,10 @@ extern "C" { | |||
| #undef MBEDTLS_ENTROPY_C | |||
| #endif | |||
|
|
|||
| #if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT) == 0 | |||
There was a problem hiding this comment.
Though not used now, keeping this for completeness.
| */ | ||
|
|
||
| #include <trng/trng.h> | ||
| #include "mbedtls/config_mynewt.h" |
There was a problem hiding this comment.
Is this still needed? Maybe you could just use "os/mynewt.h" now?
nkaje
force-pushed
the
mbedtls_aes
branch
2 times, most recently
from
5078c02
to
9f4981d
Compare
|
Looks good, If it passes CI I will merge. |
Hardware entropy config hooks added so that it can be enabled by the application. Signed-off-by: Naveen Kaje <naveen.kaje@juul.com>
Style check summaryNo suggestions at this time! |
No description provided.