diff --git a/drivers/crypto/CMakeLists.txt b/drivers/crypto/CMakeLists.txt index a84a191642b..652f0416c4c 100644 --- a/drivers/crypto/CMakeLists.txt +++ b/drivers/crypto/CMakeLists.txt @@ -1,7 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 zephyr_library() -zephyr_library_sources_ifdef(CONFIG_CRYPTO_TINYCRYPT_SHIM crypto_tc_shim.c) zephyr_library_sources_ifdef(CONFIG_CRYPTO_ATAES132A crypto_ataes132a.c) zephyr_library_sources_ifdef(CONFIG_CRYPTO_MBEDTLS_SHIM crypto_mtls_shim.c) zephyr_library_sources_ifdef(CONFIG_CRYPTO_STM32 crypto_stm32.c) diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig index 0a609e3fce5..0c10e492ba5 100644 --- a/drivers/crypto/Kconfig +++ b/drivers/crypto/Kconfig @@ -21,33 +21,6 @@ module = CRYPTO module-str = CRYPTO source "subsys/logging/Kconfig.template.log_config" -config CRYPTO_TINYCRYPT_SHIM - bool "TinyCrypt shim driver [DEPRECATED]" - select TINYCRYPT - select TINYCRYPT_AES - select TINYCRYPT_AES_CBC - select TINYCRYPT_AES_CTR - select TINYCRYPT_AES_CCM - select TINYCRYPT_AES_CMAC - select DEPRECATED - help - Enable TinyCrypt shim layer compliant with crypto APIs. - -config CRYPTO_TINYCRYPT_SHIM_MAX_SESSION - int "Maximum of sessions TinyCrypt shim driver can handle" - default 2 - depends on CRYPTO_TINYCRYPT_SHIM - help - This can be used to tweak the amount of sessions the driver - can handle in parallel. - -config CRYPTO_TINYCRYPT_SHIM_DRV_NAME - string "Device name for TinyCrypt Pseudo device" - default "CRYPTO_TC" - depends on CRYPTO_TINYCRYPT_SHIM - help - Device name for TinyCrypt Pseudo device. - config CRYPTO_MBEDTLS_SHIM bool "MbedTLS shim driver [EXPERIMENTAL]" select MBEDTLS diff --git a/drivers/crypto/crypto_tc_shim.c b/drivers/crypto/crypto_tc_shim.c deleted file mode 100644 index 7733a96f070..00000000000 --- a/drivers/crypto/crypto_tc_shim.c +++ /dev/null @@ -1,327 +0,0 @@ -/* - * Copyright (c) 2016 Intel Corporation. - * - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @file Shim layer for TinyCrypt, making it complaint to crypto API. - */ - -#include -#include -#include -#include -#include -#include -#include -#include "crypto_tc_shim_priv.h" - -#define LOG_LEVEL CONFIG_CRYPTO_LOG_LEVEL -#include -LOG_MODULE_REGISTER(tinycrypt); - -#define CRYPTO_MAX_SESSION CONFIG_CRYPTO_TINYCRYPT_SHIM_MAX_SESSION - -static struct tc_shim_drv_state tc_driver_state[CRYPTO_MAX_SESSION]; - -static int do_cbc_encrypt(struct cipher_ctx *ctx, struct cipher_pkt *op, - uint8_t *iv) -{ - struct tc_shim_drv_state *data = ctx->drv_sessn_state; - - if (tc_cbc_mode_encrypt(op->out_buf, - op->out_buf_max, - op->in_buf, op->in_len, - iv, - &data->session_key) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CBC encryption"); - return -EIO; - } - - /* out_len is the same as in_len in CBC mode */ - op->out_len = op->in_len; - - return 0; -} - -static int do_cbc_decrypt(struct cipher_ctx *ctx, struct cipher_pkt *op, - uint8_t *iv) -{ - struct tc_shim_drv_state *data = ctx->drv_sessn_state; - - /* TinyCrypt expects the IV and cipher text to be in a contiguous - * buffer for efficiency - */ - if (iv != op->in_buf) { - LOG_ERR("TC needs contiguous iv and ciphertext"); - return -EIO; - } - - if (tc_cbc_mode_decrypt(op->out_buf, - op->out_buf_max, - op->in_buf + TC_AES_BLOCK_SIZE, - op->in_len - TC_AES_BLOCK_SIZE, - op->in_buf, &data->session_key) == TC_CRYPTO_FAIL) { - LOG_ERR("Func TC internal error during CBC decryption"); - return -EIO; - } - - /* out_len is the same as in_len in CBC mode */ - op->out_len = op->in_len; - - return 0; -} - -static int do_ctr_op(struct cipher_ctx *ctx, struct cipher_pkt *op, - uint8_t *iv) -{ - struct tc_shim_drv_state *data = ctx->drv_sessn_state; - uint8_t ctr[16] = {0}; /* CTR mode Counter = iv:ctr */ - int ivlen = ctx->keylen - (ctx->mode_params.ctr_info.ctr_len >> 3); - - /* Tinycrypt takes the last 4 bytes of the counter parameter as the - * true counter start. IV forms the first 12 bytes of the split counter. - */ - memcpy(ctr, iv, ivlen); - - if (tc_ctr_mode(op->out_buf, op->out_buf_max, op->in_buf, - op->in_len, ctr, - &data->session_key) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CTR OP"); - return -EIO; - } - - /* out_len is the same as in_len in CTR mode */ - op->out_len = op->in_len; - - return 0; -} - -static int do_ccm_encrypt_mac(struct cipher_ctx *ctx, - struct cipher_aead_pkt *aead_op, uint8_t *nonce) -{ - struct tc_ccm_mode_struct ccm; - struct tc_shim_drv_state *data = ctx->drv_sessn_state; - struct ccm_params *ccm_param = &ctx->mode_params.ccm_info; - struct cipher_pkt *op = aead_op->pkt; - - if (tc_ccm_config(&ccm, &data->session_key, nonce, - ccm_param->nonce_len, - ccm_param->tag_len) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CCM encryption config"); - return -EIO; - } - - if (tc_ccm_generation_encryption(op->out_buf, op->out_buf_max, - aead_op->ad, aead_op->ad_len, op->in_buf, - op->in_len, &ccm) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CCM Encryption OP"); - return -EIO; - } - - /* Looks like TinyCrypt appends the MAC to the end of out_buf as it - * does not give a separate hash parameter. The user needs to be aware - * of this and provide sufficient buffer space in output buffer to hold - * both encrypted output and hash - */ - if (aead_op->tag) { - memcpy(aead_op->tag, op->out_buf + op->in_len, ccm.mlen); - } - - /* Before returning TC_CRYPTO_SUCCESS, tc_ccm_generation_encryption() - * will advance the output buffer pointer by op->in_len bytes, - * and then increment it ccm.mlen times (while writing to it). - */ - op->out_len = op->in_len + ccm.mlen; - - return 0; -} - -static int do_ccm_decrypt_auth(struct cipher_ctx *ctx, - struct cipher_aead_pkt *aead_op, uint8_t *nonce) -{ - struct tc_ccm_mode_struct ccm; - struct tc_shim_drv_state *data = ctx->drv_sessn_state; - struct ccm_params *ccm_param = &ctx->mode_params.ccm_info; - struct cipher_pkt *op = aead_op->pkt; - - if (tc_ccm_config(&ccm, &data->session_key, nonce, - ccm_param->nonce_len, - ccm_param->tag_len) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CCM decryption config"); - return -EIO; - } - - /* TinyCrypt expects the hash/MAC to be present at the end of in_buf - * as it doesnt take a separate hash parameter. Ideally this should - * be moved to a ctx.flag check during session_setup, later. - */ - if (aead_op->tag != op->in_buf + op->in_len) { - LOG_ERR("TC needs contiguous hash at the end of inbuf"); - return -EIO; - } - - if (tc_ccm_decryption_verification(op->out_buf, op->out_buf_max, - aead_op->ad, aead_op->ad_len, - op->in_buf, - op->in_len + ccm_param->tag_len, - &ccm) == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error during CCM decryption OP"); - return -EIO; - } - - op->out_len = op->in_len + ccm_param->tag_len; - - return 0; -} - -static int get_unused_session(void) -{ - int i; - - for (i = 0; i < CRYPTO_MAX_SESSION; i++) { - if (tc_driver_state[i].in_use == 0) { - tc_driver_state[i].in_use = 1; - break; - } - } - - return i; -} - -static int tc_session_setup(const struct device *dev, struct cipher_ctx *ctx, - enum cipher_algo algo, enum cipher_mode mode, - enum cipher_op op_type) -{ - struct tc_shim_drv_state *data; - int idx; - - ARG_UNUSED(dev); - - /* The shim currently supports only CBC or CTR mode for AES */ - if (algo != CRYPTO_CIPHER_ALGO_AES) { - LOG_ERR("TC Shim Unsupported algo"); - return -EINVAL; - } - - /* TinyCrypt being a software library, only synchronous operations - * make sense. - */ - if (!(ctx->flags & CAP_SYNC_OPS)) { - LOG_ERR("Async not supported by this driver"); - return -EINVAL; - } - - if (ctx->keylen != TC_AES_KEY_SIZE) { - /* TinyCrypt supports only 128 bits */ - LOG_ERR("TC Shim Unsupported key size"); - return -EINVAL; - } - - if (op_type == CRYPTO_CIPHER_OP_ENCRYPT) { - switch (mode) { - case CRYPTO_CIPHER_MODE_CBC: - ctx->ops.cbc_crypt_hndlr = do_cbc_encrypt; - break; - case CRYPTO_CIPHER_MODE_CTR: - if (ctx->mode_params.ctr_info.ctr_len != 32U) { - LOG_ERR("Tinycrypt supports only 32 bit " - "counter"); - return -EINVAL; - } - ctx->ops.ctr_crypt_hndlr = do_ctr_op; - break; - case CRYPTO_CIPHER_MODE_CCM: - ctx->ops.ccm_crypt_hndlr = do_ccm_encrypt_mac; - break; - default: - LOG_ERR("TC Shim Unsupported mode"); - return -EINVAL; - } - } else { - switch (mode) { - case CRYPTO_CIPHER_MODE_CBC: - ctx->ops.cbc_crypt_hndlr = do_cbc_decrypt; - break; - case CRYPTO_CIPHER_MODE_CTR: - /* Maybe validate CTR length */ - if (ctx->mode_params.ctr_info.ctr_len != 32U) { - LOG_ERR("Tinycrypt supports only 32 bit " - "counter"); - return -EINVAL; - } - ctx->ops.ctr_crypt_hndlr = do_ctr_op; - break; - case CRYPTO_CIPHER_MODE_CCM: - ctx->ops.ccm_crypt_hndlr = do_ccm_decrypt_auth; - break; - default: - LOG_ERR("TC Shim Unsupported mode"); - return -EINVAL; - } - - } - - ctx->ops.cipher_mode = mode; - - idx = get_unused_session(); - if (idx == CRYPTO_MAX_SESSION) { - LOG_ERR("Max sessions in progress"); - return -ENOSPC; - } - - data = &tc_driver_state[idx]; - - if (tc_aes128_set_encrypt_key(&data->session_key, ctx->key.bit_stream) - == TC_CRYPTO_FAIL) { - LOG_ERR("TC internal error in setting key"); - tc_driver_state[idx].in_use = 0; - - return -EIO; - } - - ctx->drv_sessn_state = data; - - return 0; -} - -static int tc_query_caps(const struct device *dev) -{ - return (CAP_RAW_KEY | CAP_SEPARATE_IO_BUFS | CAP_SYNC_OPS); -} - -static int tc_session_free(const struct device *dev, struct cipher_ctx *sessn) -{ - struct tc_shim_drv_state *data = sessn->drv_sessn_state; - - ARG_UNUSED(dev); - (void)memset(data, 0, sizeof(struct tc_shim_drv_state)); - data->in_use = 0; - - return 0; -} - -static int tc_shim_init(const struct device *dev) -{ - int i; - - ARG_UNUSED(dev); - for (i = 0; i < CRYPTO_MAX_SESSION; i++) { - tc_driver_state[i].in_use = 0; - } - - return 0; -} - -static DEVICE_API(crypto, crypto_enc_funcs) = { - .cipher_begin_session = tc_session_setup, - .cipher_free_session = tc_session_free, - .cipher_async_callback_set = NULL, - .query_hw_caps = tc_query_caps, -}; - -DEVICE_DEFINE(crypto_tinycrypt, CONFIG_CRYPTO_TINYCRYPT_SHIM_DRV_NAME, - &tc_shim_init, NULL, NULL, NULL, - POST_KERNEL, CONFIG_CRYPTO_INIT_PRIORITY, - (void *)&crypto_enc_funcs); diff --git a/drivers/crypto/crypto_tc_shim_priv.h b/drivers/crypto/crypto_tc_shim_priv.h deleted file mode 100644 index 9ca0958e68d..00000000000 --- a/drivers/crypto/crypto_tc_shim_priv.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2016 Intel Corporation. - * - * SPDX-License-Identifier: Apache-2.0 - */ - -/** - * @file - * @brief tinycrypt driver context info - * - * The file defines the structure which is used to store per session context - * by the driver. Placed in common location so that crypto applications - * can allocate memory for the required number of sessions, to free driver - * from dynamic memory allocation. - */ - -#ifndef ZEPHYR_DRIVERS_CRYPTO_CRYPTO_TC_SHIM_PRIV_H_ -#define ZEPHYR_DRIVERS_CRYPTO_CRYPTO_TC_SHIM_PRIV_H_ - -#include - -struct tc_shim_drv_state { - int in_use; - struct tc_aes_key_sched_struct session_key; -}; - -#endif /* ZEPHYR_DRIVERS_CRYPTO_CRYPTO_TC_SHIM_PRIV_H_ */ diff --git a/samples/drivers/crypto/prj_tinycrypt_shim.conf b/samples/drivers/crypto/prj_tinycrypt_shim.conf deleted file mode 100644 index 752c33a9cfc..00000000000 --- a/samples/drivers/crypto/prj_tinycrypt_shim.conf +++ /dev/null @@ -1,6 +0,0 @@ -CONFIG_TINYCRYPT=y -CONFIG_TINYCRYPT_AES=y -CONFIG_TINYCRYPT_AES_CBC=y -CONFIG_TINYCRYPT_AES_CTR=y -CONFIG_TINYCRYPT_AES_CCM=y -CONFIG_CRYPTO_TINYCRYPT_SHIM=y diff --git a/samples/drivers/crypto/sample.yaml b/samples/drivers/crypto/sample.yaml index b1dcdc8f194..febbb35ccf1 100644 --- a/samples/drivers/crypto/sample.yaml +++ b/samples/drivers/crypto/sample.yaml @@ -7,20 +7,6 @@ common: min_ram: 20 arch_exclude: xtensa tests: - sample.drivers.crypto.tinycrypt: - min_flash: 34 - harness: console - extra_args: EXTRA_CONF_FILE=prj_tinycrypt_shim.conf - integration_platforms: - - native_sim - harness_config: - type: multi_line - regex: - - ".*: Cipher Sample" - - ".*: CBC Mode" - - ".*: CTR Mode" - - ".*: CCM Mode" - - ".*: GCM Mode" sample.drivers.crypto.mbedtls: min_flash: 34 harness: console diff --git a/samples/drivers/crypto/src/main.c b/samples/drivers/crypto/src/main.c index a5a2fe01fab..dbc280b4654 100644 --- a/samples/drivers/crypto/src/main.c +++ b/samples/drivers/crypto/src/main.c @@ -4,8 +4,7 @@ * SPDX-License-Identifier: Apache-2.0 */ -/* Sample to illustrate the usage of crypto APIs. The sample plaintext - * and ciphertexts used for crosschecking are from TinyCrypt. +/* Sample to illustrate the usage of crypto APIs. */ #include @@ -17,9 +16,7 @@ #include LOG_MODULE_REGISTER(main); -#ifdef CONFIG_CRYPTO_TINYCRYPT_SHIM -#define CRYPTO_DRV_NAME CONFIG_CRYPTO_TINYCRYPT_SHIM_DRV_NAME -#elif CONFIG_CRYPTO_MBEDTLS_SHIM +#ifdef CONFIG_CRYPTO_MBEDTLS_SHIM #define CRYPTO_DRV_NAME CONFIG_CRYPTO_MBEDTLS_SHIM_DRV_NAME #elif DT_HAS_COMPAT_STATUS_OKAY(st_stm32_cryp) #define CRYPTO_DEV_COMPAT st_stm32_cryp @@ -265,7 +262,6 @@ void cbc_mode(const struct device *dev) return; } - /* TinyCrypt keeps IV at the start of encrypted buffer */ if (cipher_cbc_op(&ini, &decrypt, encrypted)) { LOG_ERR("CBC mode DECRYPT - Failed"); goto out; @@ -418,12 +414,6 @@ void ccm_mode(const struct device *dev) .ad = ccm_hdr, .ad_len = sizeof(ccm_hdr), .pkt = &encrypt, - /* TinyCrypt always puts the tag at the end of the ciphered - * text, but other library such as mbedtls might be more - * flexible and can take a different buffer for it. So to - * make sure test passes on all backends: enforcing the tag - * buffer to be after the ciphered text. - */ .tag = encrypted + sizeof(ccm_data), }; struct cipher_pkt decrypt = { @@ -530,12 +520,6 @@ void gcm_mode(const struct device *dev) .ad = gcm_hdr, .ad_len = sizeof(gcm_hdr), .pkt = &encrypt, - /* TinyCrypt always puts the tag at the end of the ciphered - * text, but other library such as mbedtls might be more - * flexible and can take a different buffer for it. So to - * make sure test passes on all backends: enforcing the tag - * buffer to be after the ciphered text. - */ .tag = encrypted + sizeof(gcm_data), }; struct cipher_pkt decrypt = { diff --git a/tests/crypto/secp256r1/src/main.c b/tests/crypto/secp256r1/src/main.c index 6994bd9fcc2..b34cfbcb901 100644 --- a/tests/crypto/secp256r1/src/main.c +++ b/tests/crypto/secp256r1/src/main.c @@ -5,8 +5,8 @@ */ /* - * Simple test to show support for secp256r1 curve with either MbedTLS and - * TinyCrypt. Operations are pretty simple: + * Simple test to show support for secp256r1 curve with MbedTLS Operations + * are pretty simple: * - generate 2 keys * - perform key agreement. * The idea is to provide a way to compare memory footprint for the very @@ -15,20 +15,12 @@ #include -#if defined(CONFIG_MBEDTLS) #if defined(CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW) #include "p256-m.h" #else /* CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW */ #include "psa/crypto.h" #endif /* CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW */ -#else /* CONFIG_MBEDTLS */ -#include "zephyr/random/random.h" -#include "tinycrypt/constants.h" -#include "tinycrypt/ecc.h" -#include "tinycrypt/ecc_dh.h" -#endif /* CONFIG_MBEDTLS */ -#if defined(CONFIG_MBEDTLS) #if defined(CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW) ZTEST_USER(test_fn, test_mbedtls) { @@ -78,31 +70,5 @@ ZTEST_USER(test_fn, test_mbedtls) zassert_equal(status, PSA_SUCCESS, "Unable to compute shared secret (%d)", status); } #endif /* CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW */ -#else /* CONFIG_MBEDTLS */ -ZTEST_USER(test_fn, test_tinycrypt) -{ - uint8_t public_key_1[64], public_key_2[64]; - uint8_t private_key_1[32], private_key_2[32]; - uint8_t secret[32]; - int ret; - - ret = uECC_make_key(public_key_1, private_key_1, &curve_secp256r1); - zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to generate 1st EC key (%d)", ret); - - ret = uECC_make_key(public_key_2, private_key_2, &curve_secp256r1); - zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to generate 2nd EC key (%d)", ret); - - ret = uECC_valid_public_key(public_key_2, &curve_secp256r1); - zassert_equal(ret, 0, "Invalid public key (%d)", ret); - - ret = uECC_shared_secret(public_key_2, private_key_1, secret, &curve_secp256r1); - zassert_equal(ret, TC_CRYPTO_SUCCESS, "Unable to compute the shared secret (%d)", ret); -} - -int default_CSPRNG(uint8_t *dst, unsigned int len) -{ - return (sys_csrand_get(dst, len) == 0); -} -#endif /* CONFIG_MBEDTLS */ ZTEST_SUITE(test_fn, NULL, NULL, NULL, NULL, NULL); diff --git a/tests/crypto/secp256r1/testcase.yaml b/tests/crypto/secp256r1/testcase.yaml index 0e21e0d86b5..c6f58f9881e 100644 --- a/tests/crypto/secp256r1/testcase.yaml +++ b/tests/crypto/secp256r1/testcase.yaml @@ -3,15 +3,12 @@ common: CONFIG_CSPRNG_ENABLED and CONFIG_HARDWARE_DEVICE_CS_GENERATOR and not CONFIG_BUILD_WITH_TFM and - not (CONFIG_MBEDTLS and CONFIG_TINYCRYPT) + CONFIG_MBEDTLS tags: - mbedtls - - tinycrypt - p256-m tests: crypto.secp256r1.mbedtls: extra_args: EXTRA_CONF_FILE=mbedtls.conf crypto.secp256r1.p256-m_raw: extra_args: EXTRA_CONF_FILE=p256-m_raw.conf - crypto.secp256r1.tinycrypt: - extra_args: EXTRA_CONF_FILE=tinycrypt.conf diff --git a/tests/crypto/secp256r1/tinycrypt.conf b/tests/crypto/secp256r1/tinycrypt.conf deleted file mode 100644 index 1686bae35c1..00000000000 --- a/tests/crypto/secp256r1/tinycrypt.conf +++ /dev/null @@ -1,3 +0,0 @@ -CONFIG_TINYCRYPT=y -CONFIG_TINYCRYPT_ECC_DH=y -CONFIG_TINYCRYPT_ECC_DSA=y