[nrf fromtree] net: openthread: Add PSA implementation for PBDKF2 genkey #1472
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
According to PSA specification in case of `PSA_KEY_TYPE_ECC_KEY_PAIR` function `psa_import_key` takes private key from key pair as argument. This commit adds extraction of Private key from ECDSA key pair. Also removes not needed `otPlatCryptoEcdsaGetPublicKey`. Signed-off-by: Przemyslaw Bida <[email protected]> (cherry picked from commit a6184b9)
Add support for controlling whether the local controller should transcode, or whether it will be done by another module (e.g. the host). By default when using the macros, controller transcoding will be disabled. Signed-off-by: Emil Gydesen <[email protected]> (cherry picked from commit 1faa5a2) Signed-off-by: Jui-Chou Chung <[email protected]>
…a path BAP would always set up the ISO data path in both directions, even for unidirectional CIS. This meant that in the unconfigured direction, the data path configuration data would all be 0, which causes issues on some controllers. The new refactored approach implemented by this commit will always ensure that the data path is setup correctly, and that we only set the data path in one direction for unidirectional CIS. The unset path will use the default ISO path of HCI and transparant format, which should always be allowed by a controller. This is building on the requirement in BAP that all streams in a unicast group shall be QoS configured at the same time. This ensures that before any streams in the CIG has been connected, they have all been configured. Signed-off-by: Emil Gydesen <[email protected]> (cherry picked from commit aef39f6) Signed-off-by: Jui-Chou Chung <[email protected]>
In AP mode, this can be used to disconnect a connected station. Upstream PR: zephyrproject-rtos/zephyr#68007 Signed-off-by: Chaitanya Tata <[email protected]>
The shell commands can be used to disconnect a connected station in AP mode. Upstream PR: zephyrproject-rtos/zephyr#68007 Signed-off-by: Chaitanya Tata <[email protected]>
…ters The Zephyr's core ethernet code had to be adjusted to support setting T1S PLCA parameters from user Zephyr programs. Such approach allows more flexibility, as T1S network configuration; especially PLCA node numbers, can be assigned not only via device tree at compile time. For example user can read them from EEPROM and then configure the network accordingly. For now - the union in struct ethernet_t1s_param only consists of plca structure. This can change in the future, when other T1S OA parameters - like Receive/Transmit Cut-Through Enable (bits RXCTE/TXCTE in OA_CONFIG0 register) are made adjustable from user program. Signed-off-by: Lukasz Majewski <[email protected]> (cherry picked from commit 25addd0)
…hernet This set of changes brings in raw packet tx injection mode feature to ethernet and removes it from being a Wi-Fi only feature. It was earlier envisaged as Wi-Fi net management feature only. Signed-off-by: Vivekananda Uppunda <[email protected]> (cherry picked from commit db4bf8d)
Remove TX-Injection and Promiscuous mode setting from Wi-Fi mode shell command. These commands are being moved to ethernet l2 layer Signed-off-by: Vivekananda Uppunda <[email protected]> (cherry picked from commit 7eb0aa0)
…IE config" This reverts commit nrfconnect@1da00e0 Signed-off-by: Maciej Baczmanski <[email protected]>
- In `set_vendor_ie_header_lm`, case when `link_metrics_data_len == 0` has been ignored. This commit fixes that by setting `header_ie->length = 0` before returning. - current implementation of enh ACK header IE returns `-ENOTSUP` when `ack_ie.header_ie == NULL` or `ack_ie.header_ie->length == 0`. This commit fixes that by refactoring checks in `nrf5_configure`. Co-authored-by: Przemyslaw Bida <[email protected]> Signed-off-by: Maciej Baczmanski <[email protected]> (cherry picked from commit d76bcd3)
…4_config` `struct ieee802154_config config` is a struct containing an union. Members of `config` were accessed incorrectly in `otPlatRadioEnableCsl`. Fix by initializing `config` with `0` and accessing one member at a time. Signed-off-by: Maciej Baczmanski <[email protected]> (cherry picked from commit 36b7f44)
additionaly, implement `otPlatRadioResetCsl` functionality Signed-off-by: Maciej Baczmanski <[email protected]> (cherry picked from commit 0f1747e)
edmont
approved these changes
Jan 29, 2024
LuDuda
approved these changes
Jan 29, 2024
… check Don't dereference pointer until it is checked on NULL. Fixes: #66805 Coverity-CID: 338098 Signed-off-by: Pavel Vasilyev <[email protected]> (cherry picked from commit 27b1f4e) Signed-off-by: Håvard Reierstad <[email protected]>
Enable by default the access layer responses random delays. Commit also adapts all mesh models, samples and babblesim tests to use random delay functionality correctly. Signed-off-by: Aleksandr Khromykh <[email protected]> (cherry picked from commit 4e7d64b) Signed-off-by: Håvard Reierstad <[email protected]>
For a Wi-Fi station the connect API supports both band and channel configuration, but for a shell command either channel or band makes sense, so, overload the channel field to support band. Rejig the band and channel validation to support all modes. Upstream PR: zephyrproject-rtos/zephyr#68174 Signed-off-by: Chaitanya Tata <[email protected]>
…t endpoint Since we always set up the ISO data path for endpoints in both directions (due to limitations in the ISO API), we can actually receive valid (empty) SDUs on a CIS in a direction that has not been configured. This is not the ideal solution, but prevents unncessary LOG_ERR. The ideal solution is to modify the ISO API to provide the flexibility that BAP needs w.r.t. ISO data paths, but that is a larger change for later. Signed-off-by: Emil Gydesen <[email protected]> (cherry picked from commit 13a357b) Signed-off-by: Alexander Svensen <[email protected]>
…res that are used by Matter and Thread Thread and Matter use PSA JPAKE and SPAKE2+ APIs underneath. Don't select `EXPERIMENTAL` flags in these cases. Signed-off-by: Maciej Baczmanski <[email protected]>
Provision of configurable parameter for generating unblock event ahead of TWT slot. Host application depending upon latencies can configure this to wakeup rpu ahead of the TWT slot. Signed-off-by: Ajay Parida <[email protected]> (cherry picked from commit fc959fc)
Added Kconfig assignment of qspi timeout. Per nrfx v3.2 addition of qspi timeout in config struct. Signed-off-by: Kelly Helmut Lord <[email protected]> (cherry picked from commit abafe9b)
With the introduction of nrfx 3.0.0, values of `nrf_gpio_pin_drive_t` constants may be defined differently, depending on the SoC family. Since the nrf-pinctrl.h file is included also from dts files, it is not possible to use there different definitions of `NRF_GPIO_PIN_*` values based on Kconfig symbols that indicate given SoC family (as Kconfig is processed after devicetree) so that those values could still match `nrf_gpio_pin_drive_t` constants. To solve this problem, the pinctrl_nrf driver now uses a lookup table for mapping `NRF_GPIO_PIN_*` indexes to drive configuration values required by the GPIO HAL. Signed-off-by: Andrzej Głąbek <[email protected]> (cherry picked from commit 7a9ff70)
… new WDT instances This commit is a part of introduction of new WTD instances. It adds new Kconfig symbols that can be used in WDT shim and nrfx driver. Signed-off-by: Adam Wojasinski <[email protected]> (cherry picked from commit 3873936)
Added GPIOTE0, GPIOTE1 instances for legacy devices, GPIOTE20, GPIOTE30 for Moonlight and GPIOTE130, GPIOTE131 instances for Haltium. Signed-off-by: Jakub Zymelka <[email protected]> (cherry picked from commit dfbcc89)
The new Oberon PSA core (1.2.0) uses new PSA_WANT symbols for the ECC and RSA keys. This adds these new Kconfigs without removing the old ones to avoid necessary changes in the configuration of an application. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
PSA_WANT_ALG_TLS12_PRF and PSA_WANT_ALG_TLS12_PSK_TO_MS rely on HMAC so They should have PSA_WANT_ALG_HMAC as dependency PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS uses SHA-256 so should have PSA_WANT_ALG_SHA_256 as dependency noup as these algorithms don't exist upstream Signed-off-by: Markus Swarowsky <[email protected]>
…neric fixup! [nrf noup] modules: mbedtls: Disable configurations in Kconfig.tls-generic Signed-off-by: Sebastian Bøe <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
This reverts commit 5bb619d. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
We moved the header files in sdk-mbedtls from the library folder to the include/library folder. This was done to avoid issues when building MbedTLS with the nrf_security module and the Oberon PSA core. The Oberon PSA core provides a subset of these header files and since they are included with quotes we cannot have them in the same directory. This change make the needed adaptions in CMake for the applications that don't use nrf_security. Signed-off-by: Georgios Vasilakis <[email protected]> Signed-off-by: Markus Swarowsky <[email protected]>
Add implementation of openthread pbkdf2 generate key using PSA functions. Co-authored-by: Joakim Andersson <[email protected]> Signed-off-by: Maciej Baczmanski <[email protected]> (cherry picked from commit 85bc24e)
maciejbaczmanski
force-pushed
the
psa_pbkdf2_ncs
branch
from
0bd4e43 to
5117f08
Compare
maciejbaczmanski
requested review from
anangl,
carlescufi,
gmarull,
jciupis,
jukkar,
de-nordic,
koffes,
alexsven,
erikrobstad,
rick1082,
gWacey,
lemrey and
a team
as code owners
|
This change has been already included in recent upmerge with temporary noup revert. I'll open new clean PR to correctly add the change |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add implementation of openthread pbkdf2 generate key using PSA functions.
Co-authored-by: Joakim Andersson [email protected]
Signed-off-by: Maciej Baczmanski [email protected]
(cherry picked from commit 85bc24eb0731cef2275529633c6f4a915ae8f6ed)