diff --git a/drivers/Kconfig b/drivers/Kconfig index 2eb2e54cbe..ec390b98a3 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -22,78 +22,7 @@ config DEV_ZERO bool "Enable /dev/zero" default n -config ARCH_HAVE_RNG - bool - -config DEV_RANDOM - bool "Enable /dev/random" - default y - depends on ARCH_HAVE_RNG - ---help--- - Enable support for /dev/urandom provided by a hardware TRNG. - -config DEV_URANDOM - bool "Enable /dev/urandom" - default n - ---help--- - Enable support for /dev/urandom provided by either a hardware TRNG or - by a software PRNG implementation. - - NOTE: This option may not be cryptographially secure and should not - be enabled if you are concerned about cyptographically secure - pseudo-random numbers (CPRNG) and do not know the characteristics - of the software PRNG implementation! - -if DEV_URANDOM - -choice - prompt "/dev/urandom algorithm" - default DEV_URANDOM_ARCH if ARCH_HAVE_RNG - default DEV_URANDOM_XORSHIFT128 if !ARCH_HAVE_RNG - -config DEV_URANDOM_XORSHIFT128 - bool "xorshift128" - ---help--- - xorshift128 is a pseudorandom number generator that is simple, - portable, and can also be used on 8-bit and 16-bit MCUs. - - NOTE: Not cyptographically secure - -config DEV_URANDOM_CONGRUENTIAL - bool "Congruential" - ---help--- - Use the same congruential general used with srand(). This algorithm - is computationally more intense and uses double precision floating - point. NOTE: Good randomness from the congruential generator also - requires that you also select CONFIG_LIB_RAND_ORDER > 2 - - NOTE: Not cyptographically secure - -config DEV_URANDOM_RANDOM_POOL - bool "Entropy pool" - depends on CRYPTO_RANDOM_POOL - ---help--- - Use the entropy pool CPRNG output for urandom algorithm. - - NOTE: May or may not be cyptographically secure, depending upon the - quality entropy available to entropy pool. - -config DEV_URANDOM_ARCH - bool "Architecture-specific" - depends on ARCH_HAVE_RNG - ---help--- - The implementation of /dev/urandom is provided in archtecture- - specific logic using hardware TRNG logic. architecture-specific - logic must provide the whole implementation in this case, including - the function devurandom_register(). In this case, /dev/urandom may - refer to the same driver as /dev/random. - - NOTE: May or may not be cyptographically secure, depending upon the - implementation. - -endchoice # /dev/urandom algorithm -endif # DEV_URANDOM - +source drivers/crypto/Kconfig source drivers/loop/Kconfig menu "Buffering" diff --git a/drivers/Makefile b/drivers/Makefile index 540b58b0ea..fcccabbd0c 100644 --- a/drivers/Makefile +++ b/drivers/Makefile @@ -53,6 +53,7 @@ include analog$(DELIM)Make.defs include audio$(DELIM)Make.defs include bch$(DELIM)Make.defs include can$(DELIM)Make.defs +include crypto$(DELIM)Make.defs include i2c$(DELIM)Make.defs include input$(DELIM)Make.defs include ioexpander$(DELIM)Make.defs @@ -98,11 +99,6 @@ ifeq ($(CONFIG_PWM),y) CSRCS += pwm.c endif -ifeq ($(CONFIG_DEV_URANDOM),y) -ifneq ($(CONFIG_DEV_URANDOM_ARCH),y) - CSRCS += dev_urandom.c -endif -endif endif # CONFIG_NFILE_DESCRIPTORS != 0 AOBJS = $(ASRCS:.S=$(OBJEXT)) diff --git a/drivers/README.txt b/drivers/README.txt index b5df427b9c..efbc10a7d4 100644 --- a/drivers/README.txt +++ b/drivers/README.txt @@ -60,6 +60,9 @@ contactless/ communication devices with other similar peers, but couplers/interfaces to contactless cards and tags. +crypto/ + Contains crypto drivers and support logic. + eeprom/ An EEPROM is a form of Memory Technology Device (see drivers/mtd). EEPROMs are non-volatile memory like FLASH, but differ in underlying diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig new file mode 100644 index 0000000000..570066d78d --- /dev/null +++ b/drivers/crypto/Kconfig @@ -0,0 +1,76 @@ +# +# For a description of the syntax of this configuration file, +# see the file kconfig-language.txt in the NuttX tools repository. +# + +config ARCH_HAVE_RNG + bool + +config DEV_RANDOM + bool "Enable /dev/random" + default y + depends on ARCH_HAVE_RNG + ---help--- + Enable support for /dev/random provided by a hardware TRNG. + +config DEV_URANDOM + bool "Enable /dev/urandom" + default n + ---help--- + Enable support for /dev/urandom provided by either a hardware TRNG or + by a software PRNG implementation. + + NOTE: This option may not be cryptographially secure and should not + be enabled if you are concerned about cyptographically secure + pseudo-random numbers (CPRNG) and do not know the characteristics + of the software PRNG implementation! + +if DEV_URANDOM + +choice + prompt "/dev/urandom algorithm" + default DEV_URANDOM_ARCH if ARCH_HAVE_RNG + default DEV_URANDOM_XORSHIFT128 if !ARCH_HAVE_RNG + +config DEV_URANDOM_XORSHIFT128 + bool "xorshift128" + ---help--- + xorshift128 is a pseudorandom number generator that is simple, + portable, and can also be used on 8-bit and 16-bit MCUs. + + NOTE: Not cyptographically secure + +config DEV_URANDOM_CONGRUENTIAL + bool "Congruential" + ---help--- + Use the same congruential general used with srand(). This algorithm + is computationally more intense and uses double precision floating + point. NOTE: Good randomness from the congruential generator also + requires that you also select CONFIG_LIB_RAND_ORDER > 2 + + NOTE: Not cyptographically secure + +config DEV_URANDOM_RANDOM_POOL + bool "Entropy pool" + depends on CRYPTO_RANDOM_POOL + ---help--- + Use the entropy pool CPRNG output for urandom algorithm. + + NOTE: May or may not be cyptographically secure, depending upon the + quality entropy available to entropy pool. + +config DEV_URANDOM_ARCH + bool "Architecture-specific" + depends on ARCH_HAVE_RNG + ---help--- + The implementation of /dev/urandom is provided in archtecture- + specific logic using hardware TRNG logic. architecture-specific + logic must provide the whole implementation in this case, including + the function devurandom_register(). In this case, /dev/urandom may + refer to the same driver as /dev/random. + + NOTE: May or may not be cyptographically secure, depending upon the + implementation. + +endchoice # /dev/urandom algorithm +endif # DEV_URANDOM diff --git a/drivers/crypto/Make.defs b/drivers/crypto/Make.defs new file mode 100644 index 0000000000..135f27183b --- /dev/null +++ b/drivers/crypto/Make.defs @@ -0,0 +1,46 @@ +############################################################################ +# drivers/crypto/Make.defs +# +# Copyright (C) 2017 Pinecone Inc. All rights reserved. +# Author: Xiang Xiao +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in +# the documentation and/or other materials provided with the +# distribution. +# 3. Neither the name NuttX nor the names of its contributors may be +# used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS +# OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN +# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# +############################################################################ + +ifeq ($(CONFIG_DEV_URANDOM),y) +ifneq ($(CONFIG_DEV_URANDOM_ARCH),y) + CSRCS += dev_urandom.c +endif +endif + +# Include crypto device driver build support + +DEPPATH += --dep-path crypto +VPATH += :crypto +CFLAGS += ${shell $(INCDIR) $(INCDIROPT) "$(CC)" $(TOPDIR)$(DELIM)drivers$(DELIM)crypto} diff --git a/drivers/dev_urandom.c b/drivers/crypto/dev_urandom.c similarity index 99% rename from drivers/dev_urandom.c rename to drivers/crypto/dev_urandom.c index 6deb994949..1ee6fc1345 100644 --- a/drivers/dev_urandom.c +++ b/drivers/crypto/dev_urandom.c @@ -1,5 +1,5 @@ /**************************************************************************** - * drivers/dev_urandom.c + * drivers/crypto/dev_urandom.c * * Copyright (C) 2016 Gregory Nutt. All rights reserved. * Author: David S. Alessio