This commit modularizes the curve25519 and idgen implementations in the
crypto subsystem.
Previously, curve25519.c and idgen.c were only compiled when
CONFIG_CRYPTO_RANDOM_POOL was enabled. However, cryptosoft.c (used by
software cipher support) has a direct dependency on curve25519 functions.
This caused linker errors (undefined reference to curve25519) when
software crypto was enabled but the random pool was disabled.
Changes:
- Introduce hidden Kconfig options CRYPTO_CURVE25519 and CRYPTO_IDGEN.
- Make CRYPTO_RANDOM_POOL select both CRYPTO_IDGEN and CRYPTO_CURVE25519.
- Make CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO/KEYMGMT select CRYPTO_CURVE25519.
- Update CMakeLists.txt and Makefile to use the new config flags.
This ensures that required algorithms are automatically included in the
build regardless of whether the entropy pool is enabled.
Signed-off-by: karaketir16 <osmankaraketir@gmail.com>
This patch adds support for managing cryptographic keys using MTD storage.
It enables the persistence of keys across reboots using a software-based key management system.
Includes fixes for compilation warnings and validation logic.
Signed-off-by: makejian <makejian@xiaomi.com>
to fix the following linker error:
/usr/bin/ld: nuttx.rel: in function `aes_encrypt_xform':
/github/workspace/sources/nuttx/crypto/xform.c:509: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_decrypt_xform':
/github/workspace/sources/nuttx/crypto/xform.c:514: undefined reference to `aes_decrypt'
/usr/bin/ld: nuttx.rel: in function `aes_setkey_xform':
/github/workspace/sources/nuttx/crypto/xform.c:519: undefined reference to `aes_setkey'
/usr/bin/ld: nuttx.rel: in function `aes_ctr_crypt':
/github/workspace/sources/nuttx/crypto/xform.c:566: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_ctr_setkey':
/github/workspace/sources/nuttx/crypto/xform.c:585: undefined reference to `aes_setkey'
/usr/bin/ld: nuttx.rel: in function `aes_ofb_encrypt':
/github/workspace/sources/nuttx/crypto/xform.c:694: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_ofb_setkey':
/github/workspace/sources/nuttx/crypto/xform.c:706: undefined reference to `aes_setkey'
/usr/bin/ld: nuttx.rel: in function `aes_cfb8_encrypt':
/github/workspace/sources/nuttx/crypto/xform.c:733: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_cfb8_decrypt':
/github/workspace/sources/nuttx/crypto/xform.c:751: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_cfb128_encrypt':
/github/workspace/sources/nuttx/crypto/xform.c:765: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_cfb128_decrypt':
/github/workspace/sources/nuttx/crypto/xform.c:781: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_gmac_setkey':
/github/workspace/sources/nuttx/crypto/gmac.c:135: undefined reference to `aes_setkey'
/usr/bin/ld: /github/workspace/sources/nuttx/crypto/gmac.c:143: undefined reference to `aes_encrypt'
/usr/bin/ld: nuttx.rel: in function `aes_gmac_final':
/github/workspace/sources/nuttx/crypto/gmac.c:195: undefined reference to `aes_encrypt'
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
Entropy pool gathers environmental noise from device drivers, user-space, etc., and returns good random numbers, suitable for cryptographic use. Based on entropy pool design from *BSDs and uses BLAKE2Xs algorithm for CSPRNG output.
Patch also adds /dev/urandom support for using entropy pool RNG and new 'getrandom' system call for getting randomness without file-descriptor usage (thus avoiding file-descriptor exhaustion attacks). The 'getrandom' interface is similar as 'getentropy' and 'getrandom' available on OpenBSD and Linux respectively.
karaketir16
makejian
Florian Castellane
Xiang Xiao
anjiahao
Juha Niskanen
Alin Jerpelea
Jussi Kivilinna
Gregory Nutt