Mirrors_Framework/nuttx
1
0
Fork 0
mirror of https://github.com/apache/nuttx.git synced 2026-05-11 07:48:59 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
Files
master
nuttx/crypto/Kconfig
T
karaketir16 b843d9192e crypto: decouple curve25519 and idgen from random pool 
This commit modularizes the curve25519 and idgen implementations in the
crypto subsystem.

Previously, curve25519.c and idgen.c were only compiled when
CONFIG_CRYPTO_RANDOM_POOL was enabled. However, cryptosoft.c (used by
software cipher support) has a direct dependency on curve25519 functions.
This caused linker errors (undefined reference to curve25519) when
software crypto was enabled but the random pool was disabled.

Changes:
- Introduce hidden Kconfig options CRYPTO_CURVE25519 and CRYPTO_IDGEN.
- Make CRYPTO_RANDOM_POOL select both CRYPTO_IDGEN and CRYPTO_CURVE25519.
- Make CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO/KEYMGMT select CRYPTO_CURVE25519.
- Update CMakeLists.txt and Makefile to use the new config flags.

This ensures that required algorithms are automatically included in the
build regardless of whether the entropy pool is enabled.

Signed-off-by: karaketir16 <osmankaraketir@gmail.com>
2026-04-07 09:33:34 +08:00

127 lines
2.9 KiB
Plaintext
Raw Permalink Blame History

#
# For a description of the syntax of this configuration file,
# see the file kconfig-language.txt in the NuttX tools repository.
#
config CRYPTO
bool "Crypto API support"
default n
---help---
Enable or disable Crypto API features
if CRYPTO
config CRYPTO_AES
bool "AES cypher support"
default n
config CRYPTO_ALGTEST
bool "Perform automatic crypto algorithms test on startup"
default n
if CRYPTO_ALGTEST
config CRYPTO_AES128_DISABLE
bool "Omit 128-bit AES tests"
default n
config CRYPTO_AES192_DISABLE
bool "Omit 192-bit AES tests"
default n
config CRYPTO_AES256_DISABLE
bool "Omit 256-bit AES tests"
default n
endif # CRYPTO_ALGTEST
config CRYPTO_CRYPTODEV
bool "cryptodev support"
depends on ALLOW_BSD_COMPONENTS
default n
config CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO
bool "cryptodev software cipher support"
depends on CRYPTO_CRYPTODEV && CRYPTO_SW_AES
select CRYPTO_CURVE25519
default n
config CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT
bool "cryptodev software key management support"
depends on CRYPTO_CRYPTODEV && !MTD_CONFIG_NONE
select CRYPTO_CURVE25519
default n
if CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT
config CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT_DEVICE
string "device of trusted storage"
default "/dev/nvs"
config CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT_NSLOTS
int "Maximum number of key in cache"
default 4
config CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT_BUFSIZE
int "Maximum size of key buffer in cache (bytes)"
default 64
config CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT_NKEYS
int "Maximum number of key in flash"
default 32
endif # CRYPTO_CRYPTODEV_SOFTWARE_KEYMGMT
config CRYPTO_CRYPTODEV_HARDWARE
bool "cryptodev hardware support"
depends on CRYPTO_CRYPTODEV
default n
config CRYPTO_SW_AES
bool "Software AES library"
depends on ALLOW_BSD_COMPONENTS
default n
---help---
Enable the software AES library as described in
include/nuttx/crypto/aes.h
TODO: Adapt interfaces so that they are consistent with H/W AES
implementations. This needs to support up_aesinitialize() and
aes_cypher() per include/nuttx/crypto/crypto.h.
config CRYPTO_RANDOM_POOL
bool "Entropy pool and strong random number generator"
select CRYPTO_IDGEN
select CRYPTO_CURVE25519
default n
---help---
Entropy pool gathers environmental noise from device drivers,
user-space, etc., and returns good random numbers, suitable
for cryptographic use. Based on entropy pool design from
*BSDs and uses BLAKE2Xs algorithm for CSPRNG output.
NOTE: May not actually be cyptographically secure, if
not enough entropy is made available to the entropy pool.
config CRYPTO_CURVE25519
bool
default n
config CRYPTO_IDGEN
bool
default n
if CRYPTO_RANDOM_POOL
config CRYPTO_RANDOM_POOL_COLLECT_IRQ_RANDOMNESS
bool "Use interrupts to feed timing randomness to entropy pool"
default y
---help---
Feed entropy pool with interrupt randomness from interrupt
dispatch function 'irq_dispatch'. This adds some overhead
for every interrupt handled.
endif # CRYPTO_RANDOM_POOL
endif # CRYPTO
Reference in New Issue View Git Blame Copy Permalink