-
Notifications
You must be signed in to change notification settings - Fork 364
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/mbedtls: add hardware entropy config hooks #2184
Conversation
@@ -27,7 +27,7 @@ extern "C" { | |||
#endif | |||
|
|||
int da1469x_trng_init(struct os_dev *dev, void *arg); | |||
|
|||
int mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Guard with #ifdef MBEDTLS_ENTROPY_HARDWARE_ALT
e67ce82
to
40360ab
Compare
@@ -125,6 +125,9 @@ syscfg.defs: | |||
MBEDTLS_ENTROPY_C: | |||
value: 1 | |||
|
|||
MBEDTLS_ENTROPY_HARDWARE_ALT: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
by default 0, override from app's syscfg
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
added comment.
|
||
#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT | ||
int | ||
mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Extra space in argument list
trng = (struct trng_dev *)os_dev_lookup("trng"); | ||
da1469x_trng_init((struct os_dev *)trng, NULL); | ||
int ret = da1469x_trng_read(trng, output, len); | ||
if ( ret == len ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extra spaces and missing {}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will fix
if ( ret == len ) | ||
*olen = len; | ||
else | ||
olen = NULL; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
olen = NULL dose not make sense here
|
||
trng = (struct trng_dev *)os_dev_lookup("trng"); | ||
da1469x_trng_init((struct os_dev *)trng, NULL); | ||
int ret = da1469x_trng_read(trng, output, len); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in mynewt variable declaration are not placed in the middle of block
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will change it
@@ -27,6 +27,9 @@ extern "C" { | |||
#endif | |||
|
|||
int da1469x_trng_init(struct os_dev *dev, void *arg); | |||
#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT | |||
int mbedtls_hardware_poll( void *data, unsigned char *output, size_t len, size_t *olen ); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this prototype actually exists in entorpy_poll.h so placing it here again seems strange
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll check on that
@@ -125,6 +125,9 @@ syscfg.defs: | |||
MBEDTLS_ENTROPY_C: | |||
value: 1 | |||
|
|||
MBEDTLS_ENTROPY_HARDWARE_ALT: | |||
value: 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it would not hurt to provide description field, but since this file lack any descriptions I don't mind after consideration
The name "Enable AES and SECP256R1" has no relation with the changes... |
*olen = len; | ||
} else { | ||
*olen = 0; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
trng_read
does not return errors, so this testing could be eliminated by simply doing *olen = trng_read(trng, output, len);
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done.
struct trng_dev *trng; | ||
int ret; | ||
|
||
trng = (struct trng_dev *)os_dev_lookup("trng"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe addding
if (trng == NULL) {
return -1;
}
What do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will add.
#include <trng/trng.h> | ||
#include "mbedtls/config_mynewt.h" | ||
|
||
#ifdef MBEDTLS_ENTROPY_HARDWARE_ALT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would avoid including mbedtls/config_mynewt.h
and using instead #if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT)
here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah thats a good point
@@ -292,6 +293,10 @@ extern "C" { | |||
#undef MBEDTLS_ENTROPY_C | |||
#endif | |||
|
|||
#if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT) == 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Though not used now, keeping this for completeness.
@@ -292,6 +293,10 @@ extern "C" { | |||
#undef MBEDTLS_ENTROPY_C | |||
#endif | |||
|
|||
#if MYNEWT_VAL(MBEDTLS_ENTROPY_HARDWARE_ALT) == 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Though not used now, keeping this for completeness.
*/ | ||
|
||
#include <trng/trng.h> | ||
#include "mbedtls/config_mynewt.h" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this still needed? Maybe you could just use "os/mynewt.h" now?
5078c02
to
9f4981d
Compare
Looks good, If it passes CI I will merge. |
Hardware entropy config hooks added so that it can be enabled by the application. Signed-off-by: Naveen Kaje <naveen.kaje@juul.com>
Style check summaryNo suggestions at this time! |
No description provided.