[nrf noup] ED25519 Defaults for nrf54l15dk #2028
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
NordicBuilder
requested review from
anangl,
jaz1-nordic,
kl-cruz,
magp-nordic,
masz-nordic and
nika-nordic
de-nordic
force-pushed
the
x25519_enc
branch
2 times, most recently
from
1bf2b70 to
7f6704c
Compare
nordicjm
requested changes
Sep 24, 2024
|
|
||
| # Within sdk-nrf NRF security is default | ||
| config NRF_SECURITY | ||
| bool |
|
|
||
| # NRF_SECURITY enforces PSA crypt | ||
| config MBEDTLS | ||
| bool |
de-nordic
force-pushed
the
x25519_enc
branch
from
7f6704c to
19107b6
Compare
de-nordic
force-pushed
the
x25519_enc
branch
from
19107b6 to
7ab076d
Compare
nvlsianpu
approved these changes
Sep 27, 2024
nordicjm
approved these changes
Sep 27, 2024
…neric -This commit prevents legacy mbed TLS configurations from being in conflict with PSA Configurations while using nrf_security. -This [nrf noup] is reworked from an earlier cherry-pick of commit d8c96cf, but has the following changes: - Endif's relevant that is using our pattern for masking configs duplicated or in conflict in nrf_security (by using if !(NRF_SECURITY || NORDIC_SECURITY_BACKEND)) is made clearer by adding a comment at their corresponding endif (# !(NRF_SECURITY || NORDIC_SECURITY_BACKEND)) - Changes to zephyr_init.c for entropy_dev checking for CONFIG_NRF_CC3XX_PLATFORM is removed as the symbol entropy_dev doesn't exist in this file anymore ref: NCSDK-13503 Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This is a [nrf noup] because PSA_WANT_GENERATE_RANDOM is a Nordic configuration that is not found upstream. This was previously in commit 5cfe575 but has been split out Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This commit is a [nrf noup] because it removes configuration options for cryptographic algortihms available in Mbed TLS but which is not actively supported in nRF Connect SDK. The list of algorithms removed: - AES CFB - Cipher Feedback block cipher - AES OFB - Output Feedback block cipher - FFDH - RIPEMD160 - Aria - Camellia - DES The removal of these algorithms is based both on a wish to remove weaker cryptography and unsupported features in the products we have today. Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This is a [nrf noup] as this the upstream version of PSA crypto configs is generated by tooling, and there is no mechanisms to qualify that dependent configurations are enabled (by depends or select). -This adds dependency-mapping between configurations in the Kconfigs added for PSA crypto in upstream. Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This commit is a [nrf noup] because PSA crypto configs in upstream Zephyr doesn't have help-text in their configurations and we don't want to duplicate configurations to control the value -This adds warning for SHA-1 and MD5 usage Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This is a [nrf noup] because the upstream Zephyr is generated using a script and is not committed as-is as source-code. The relevant responsible person for this feature has received information about the missing configuration and this will be resolved upstream in Mbed TLS and will propagate down to zephyr. Once this has happened, this [nrf noup] can be dropped. -Add missing PSA_WANT_KEY_TYPE_RSA_KEY_DERIVE Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This commit contains all Nordic-specific configurations for PSA crypto These have been separated from Kconfig.psa, as this file is now auto-generated in the upstream project. This commit may be reworked later, in case more features are supported in Kconfig.psa -Add Kconfig.psa.nordic containing Nordics PSA crypto addition -Add reading this file from modules/mbedtls/Kconfig Signed-off-by: Frank Audun Kvamtrø <[email protected]>
-This commit is a [nrf noup] as Kconfig.psa is an auto-generated file. The changes reflected here has been reported to maintainers in upstream Zephyr. Change: Mbed TLS resolves PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC and PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT internally from the other types. Signed-off-by: Frank Audun Kvamtrø <[email protected]>
Rework PM handling to use pm_device_driver_init(). Shim is not using put and get internally as there is no api that disables or stops pwm so it is hard to determine when to put the device. There are cases when PWM peripheral is stopped but PWM is still active because duty cycle is 100% or 0% and pin is driven by GPIO and not PWM. If user want to use runtime PM with PWM it is possible and getting the device will initialize internal data and putting will suspend by forcing PWM stop if used and setting pins to sleep state. However, from power consumption perspective it is enough to set 0% or 100% duty cycle on all channels. Signed-off-by: Krzysztof Chruściński <[email protected]> (cherry picked from commit e11d050)
Like in all other legacy boards, hw-flow-control should not be enabled for console UART. With hw-flow-control sample stuck during printing some initial information and sample appears to be not working correctly unless com port is opened. Signed-off-by: Krzysztof Chruściński <[email protected]> (cherry picked from commit 01f2740)
Change regex for no_multithreading test version for nRF54L15 platform. This needs to be changed because LOG is running in MINIMAL mode. Signed-off-by: Jakub Zymelka <[email protected]> (cherry picked from commit df201e4)
Adds HCI support for LE CS subevent result continue event and the reassembly logic for the partial results. When subevent results are completed or the subevent is aborted, the user callback is invoked with a buffer pointing to the HCI event buffer, so no copy is done. When subevent results are incomplete, then a reassembly buffer is allocated from a fixed sized pool. This buffer is used for the reassembling of the subevent result containing all of the step data, which is then passed to the user via the callback. kconfigs have been added to set the size and the count of the reassembly buffer. Signed-off-by: Burak Gorduk <[email protected]> (cherry picked from commit c5a126c)
… types Modifies the CS bitfields that are used for accessing HCI event data to take platform endiannes into consideration. Signed-off-by: Burak Gorduk <[email protected]> (cherry picked from commit bfe3c43)
…TX power The values were swapped, leading to the opposite of the intended behavior Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit 51a0e94)
These options are in microseconds but not fully configurable, document what options are allowed in 6.0 Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit 5d03664)
These are signed 16-bit integers by spec Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit b1f34a1)
… and RSSI Add some defines for packet quality and rssi for RTT, these are useful for filtering out steps where the RTT exchange was unsuccessful Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit 6c95478)
…p_data_parse() This function can be used to parse HCI-formatted subevent results regardless of whether they come from CS Test or not Signed-off-by: Olivier Lesage <[email protected]> (cherry picked from commit 60a2d7d)
Adds HCI support for: - LE CS Security Enable - LE CS Procedure Enable - LE CS Set Procedure Parameters - LE CS Set Channel Classification - LE CS Read Local Supported Capabilities - LE CS Write Cached Remote Supported Capabilities - LE CS Write Cached Remote FAE Table Signed-off-by: Adam Cavender <[email protected]> (cherry picked from commit 18f5081)
Add runtime PM to the driver. Signed-off-by: Krzysztof Chruściński <[email protected]> (cherry picked from commit b773306)
… nrf54l Add common overlay for nrf54l15pdk targets. Signed-off-by: Krzysztof Chruściński <[email protected]> (cherry picked from commit 7fc7361)
…uration Add configuration to the test which is using runtime PM on qdec. Signed-off-by: Krzysztof Chruściński <[email protected]> (cherry picked from commit 5371eff)
…dec.pm_runtime Test was failing because after re-enabling QDEC there is an interrupt REPORTRDY coming after some time. Test had k_msleep(100) added to accomodate for that but it was added after sensor_sample_fetch and should be added before so that sample with data from REPORTRDY event is fetched so that next read is empty as expected. Upstream PR: zephyrproject-rtos/zephyr#80051 Signed-off-by: Krzysztof Chruściński <[email protected]>
…LY for non-flash mem" This reverts commit 30f066a. Signed-off-by: Andrzej Puzdrowski <[email protected]>
…mentation Moved MCUboot trailer's status erase ahead any write operation, which is step which helps with addition of support for devices don't require explicit pager erase. For these kind of devices flattening of mcuboot image status in the trailer was introduced. Signed-off-by: Andrzej Puzdrowski <[email protected]> (cherry picked from commit 17c15e3)
nordicjm
requested changes
Oct 23, 2024
Kconfig defaults required for ED25519 on nrf54l15. Signed-off-by: Dominik Ermel <[email protected]>
de-nordic
changed the title
| # Within sdk-nrf NRF security is default | ||
| config NRF_SECURITY | ||
| default y | ||
| select NRF_OBERON |
There was a problem hiding this comment.
Why do we need to use SW crypto? Why can't we use CRACEN? Does ED25519 require something that CRACEN cannot process?
There was a problem hiding this comment.
No, that is mistake.
rlubos
requested review from
a team,
carlescufi and
nordic-krch
as code owners
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
62 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Kconfig defaults required for ED25519 on nrf54l15.