nrf_security: drivers: cracen: adding support for ed25519 without sicrypto #19812
+455
−129
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…rypto Adding support directly using silexpk/sxsymcrypt files for ed25519 This bypasses sicrypto, which saves on flash usage Primarily intended for bootloader usecase Signed-off-by: Dag Erik Gjørvad <[email protected]>
github-actions
bot
added
the
changelog-entry-required
degjorva
removed
the
changelog-entry-required
CI InformationTo view the history of this post, clich the 'edited' button above Inputs:Sources:sdk-nrf: PR head: 26c4896cb0337a6bffdd0274d36c192cc24840c4 more detailssdk-nrf:
Github labels
List of changed files detected by CI (6)Outputs:ToolchainVersion: Test Spec & Results: ✅ Success; ❌ Failure; 🟠 Queued; 🟡 Progress; ◻️ Skipped;
|
|
You can find the documentation preview for this PR at this link. It will be updated about 10 minutes after the documentation build succeeds. Note: This comment is automatically posted by the Documentation Publish GitHub Action. |
degjorva
force-pushed
the
no-sicrypto-ED25519
branch
from
0c0a5d5 to
933f5a8
Compare
github-actions
bot
added
the
changelog-entry-required
degjorva
force-pushed
the
no-sicrypto-ED25519
branch
3 times, most recently
from
21feb07 to
e54e7e5
Compare
nordicjm
reviewed
Jan 13, 2025
| @@ -400,3 +400,10 @@ config PSA_WANT_KEY_TYPE_SRP_PUBLIC_KEY | |||
| bool "SRP public key support" if !MBEDTLS_PROMPTLESS | |||
| help | |||
| SRP public key support. | |||
|
|
|||
| comment "Nordic added alternative cracen driver" | |||
There was a problem hiding this comment.
why does this need a comment and why is it using comment?
There was a problem hiding this comment.
It does not, which is why it has been removed? That is an old commit that will be squashed before pull, but lives there since it the old commit might have a bootloader usecase
nordicjm
requested changes
Jan 13, 2025
Comment on lines
365
to
371
| const uint8_t *message); | ||
|
|
||
| int ed25519_verify(const uint8_t *pubkey, const char *message, | ||
| size_t message_length, const char *signature); | ||
|
|
||
| int create_ed25519_pubkey(const uint8_t *ed25519, | ||
| uint8_t *pubkey); |
There was a problem hiding this comment.
the secondary lines of these seem indented to odd lengths, plus the line length is 100 so why are these being chopped into 2 lines even when combined they don't reach 100 characters?
Comment on lines
15
to
17
| char workmem[160]; | ||
| struct sxhash hashopctx; | ||
| char pointr_buffer[64]; |
Comment on lines
47
to
63
| r = sx_hash_feed(&hashopctx, workmem+32, 32); | ||
| if (r != 0) { | ||
| return r; | ||
| } | ||
| r = sx_hash_feed(&hashopctx, message, 100); | ||
| if (r != 0) { | ||
| return r; | ||
| } | ||
| r = sx_hash_digest(&hashopctx, workmem+96); | ||
| if (r != 0) { | ||
| return r; | ||
| } | ||
|
|
||
| /* Perform point multiplication R = [r]B. This is the encoded point R, | ||
| * which is the first part of the signature. | ||
| */ | ||
| r = sx_ed25519_ptmult((const struct sx_ed25519_dgst *)(workmem + 96), |
There was a problem hiding this comment.
magic numbers everywhere, get rid of them
| if (r != 0) { | ||
| return r; | ||
| } | ||
| r = sx_hash_feed(&hashopctx, workmem+32, 32); |
There was a problem hiding this comment.
x + x with spaces like below
Comment on lines
30
to
31
| #if CONFIG_PSA_NEED_NO_SI_CRYPTO_ED25519 | ||
| #else |
There was a problem hiding this comment.
first this is a define, secondly, if !defined(x) ?
| @@ -605,8 +608,10 @@ static psa_status_t export_ecc_public_key_from_keypair(const psa_key_attributes_ | |||
| int si_status = 0; | |||
| psa_algorithm_t key_alg = psa_get_key_algorithm(attributes); | |||
| const struct sx_pk_ecurve *sx_curve; | |||
| #if CONFIG_PSA_NEED_NO_SI_CRYPTO_ED25519 | |||
|
|
||
| #if CONFIG_PSA_NEED_NO_SI_CRYPTO_ED25519 | ||
| si_status = create_ed25519_pubkey(key_buffer, data); | ||
| *data_length = 32; |
| const struct sx_pk_ecurve *sx_curve; | ||
| #if CONFIG_PSA_NEED_NO_SI_CRYPTO_ED25519 | ||
| #else | ||
|
|
There was a problem hiding this comment.
you just added these in the previous commit... squash changes
degjorva
force-pushed
the
no-sicrypto-ED25519
branch
5 times, most recently
from
1b7981b to
719961c
Compare
Update the removes the sicrypto drivers when using ed25519 with cracen. Adds the functionality to cracenpsa Also does the same for ed25519ph, as their dependencies were interwoven Signed-off-by: Dag Erik Gjørvad <[email protected]>
degjorva
force-pushed
the
no-sicrypto-ED25519
branch
from
719961c to
26c4896
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Removing the sicrypto implementation of ed25519 and ed25519ph.
Added implementation in cracenpsa of ed25519 and ed25519ph
Updated cracenpsa to support new implementation and
remove references to old