drivers/crypto: add Microchip RNG90 support, esp32c3-devkit enablement and documentation

Documentation/applications/examples/rng90/index.rst

@@ -0,0 +1,118 @@
+=============================
+``rng90`` RNG90 TRNG Example
+=============================
+
+The ``rng90`` example is a simple NuttX application that opens an RNG90 device
+node, reads random bytes, and prints them in hexadecimal format.
+
+RNG90 is a dedicated hardware random number generator IC from Microchip. It can
+be used as a companion device for microcontrollers that do not provide native
+true random number generation (TRNG).
+
+According to the Microchip RNG90 product page and linked validation artifacts,
+the device is presented as a FIPS 140-3 compliant random number generator with
+SP 800-90 A/B/C alignment, with references to NIST validation entries such as
+entropy certificate E194 and DRBG validation A3013.
+
+Microchip also positions this device for disposable/ecosystem-control
+applications, which makes it a practical choice for cost-sensitive designs.
+
+Configuration
+=============
+
+Enable this application in ``menuconfig``:
+
+- ``Application Configuration -> Examples -> Microchip RNG90 TRNG example``
+
+Required dependency:
+
+- Enable the driver in ``menuconfig``:
+  ``Device Drivers -> Cryptographic Device Drivers -> Enable Microchip RNG90 TRNG``
+  (``CONFIG_DEV_RNG90``)
+
+Application options:
+
+- ``CONFIG_EXAMPLES_RNG90``
+- ``CONFIG_EXAMPLES_RNG90_PROGNAME`` (default: ``"rng90"``)
+- ``CONFIG_EXAMPLES_RNG90_DEVPATH`` (default: ``"/dev/rng0"``)
+- ``CONFIG_EXAMPLES_RNG90_PRIORITY``
+- ``CONFIG_EXAMPLES_RNG90_STACKSIZE``
+
+Usage
+=====
+
+From NSH::
+
+  rng90 [<devpath>] [<count>]
+
+Arguments:
+
+- ``<devpath>``: RNG90 device path (default from
+  ``CONFIG_EXAMPLES_RNG90_DEVPATH``)
+- ``<count>``: number of random bytes to read (``1..32``, default ``32``)
+
+Examples::
+
+  rng90
+  rng90 /dev/rng0 16
+
+Expected output
+===============
+
+::
+
+  RNG90 example: device /dev/rng0
+  Read 16 random byte(s):
+  3f a1 7c ...
+
+Notes
+=====
+
+- Opening the device wakes up RNG90.
+- Closing the device puts RNG90 back to sleep.
+- If ``<count>`` is outside ``1..32``, the app clamps it to ``32``.
+
+Hardware validation log
+=======================
+
+The following session was executed on real hardware to validate this example.
+
+Test setup:
+
+- Host: macOS
+- Board: ``esp32c3-devkit``
+- Serial port: ``/dev/cu.wchusbserial140``
+- Serial settings: ``115200 8N1``
+
+Console transcript::
+
+  nsh> uname -a
+  NuttX 12.6.0-RC1 4130050287-dirty Jun  7 2026 22:11:21 risc-v esp32c3-devkit
+  nsh> ls /dev/rng0
+   /dev/rng0
+  nsh> rng90
+  RNG90 example: device /dev/rng0
+  Read 32 random byte(s):
+  0d b2 71 d1 40 1f 3c 50 52 3d c6 2c a9 74 ec 60
+  44 ab 67 bb c4 34 1b ac 48 62 fe b9 fd 95 c9 cb
+  nsh> rng90 /dev/rng0 16
+  RNG90 example: device /dev/rng0
+  Read 16 random byte(s):
+  ef 82 5f b7 41 f1 48 13 5a 41 16 3a 67 1b 90 f2
+  nsh> rng90 /dev/rng0 64
+  Invalid count 64, clamping to 32
+  RNG90 example: device /dev/rng0
+  Read 32 random byte(s):
+  bb be 2f 20 7f c8 33 8d 18 90 c8 fb 94 db bc e6
+  84 41 17 6f 5a be 5a 06 c3 7b f1 30 ac f2 a6 f5
+  nsh>
+
+References
+==========
+
+- Microchip product page:
+  https://www.microchip.com/en-us/product/RNG90
+- NIST CMVP entropy certificate E194:
+  https://csrc.nist.gov/projects/cryptographic-module-validation-program/entropy-validations/certificate/194
+- NIST CAVP DRBG validation A3013:
+  https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35623

boards/risc-v/esp32c3/common/include/esp_board_rng90.h

@@ -0,0 +1,74 @@
+/****************************************************************************
+ * boards/risc-v/esp32c3/common/include/esp_board_rng90.h
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+#ifndef __BOARDS_RISCV_ESP32C3_COMMON_INCLUDE_ESP_BOARD_RNG90_H
+#define __BOARDS_RISCV_ESP32C3_COMMON_INCLUDE_ESP_BOARD_RNG90_H
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+/****************************************************************************
+ * Pre-processor Definitions
+ ****************************************************************************/
+
+#ifndef __ASSEMBLY__
+
+#undef EXTERN
+#if defined(__cplusplus)
+#define EXTERN extern "C"
+extern "C"
+{
+#else
+#define EXTERN extern
+#endif
+
+/****************************************************************************
+ * Public Function Prototypes
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: board_rng90_initialize
+ *
+ * Description:
+ *   Initialize and register the RNG90 True Random Number Generator driver.
+ *
+ * Input Parameters:
+ *   devno - The device number, used to build the device path as /dev/rngN
+ *
+ * Returned Value:
+ *   Zero (OK) on success; a negated errno value on failure.
+ ****************************************************************************/
+
+#ifdef CONFIG_DEV_RNG90
+int board_rng90_initialize(int devno);
+#endif /* CONFIG_DEV_RNG90 */
+
+#undef EXTERN
+#if defined(__cplusplus)
+}
+#endif
+
+#endif /* __ASSEMBLY__ */
+#endif /* __BOARDS_RISCV_ESP32C3_COMMON_INCLUDE_ESP_BOARD_RNG90_H */

boards/risc-v/esp32c3/common/src/CMakeLists.txt

@@ -76,6 +76,10 @@ if(CONFIG_ARCH_BOARD_COMMON)
     list(APPEND SRCS esp_board_bmp280.c)
   endif()
 
+  if(CONFIG_DEV_RNG90)
+    list(APPEND SRCS esp_board_rng90.c)
+  endif()
+
   if(CONFIG_MMCSD_SPI)
     list(APPEND SRCS esp_board_mmcsd.c)
   endif()

boards/risc-v/esp32c3/common/src/Make.defs

@@ -74,6 +74,10 @@ ifeq ($(CONFIG_SENSORS_BMP280),y)
   CSRCS += esp_board_bmp280.c
 endif
 
+ifeq ($(CONFIG_DEV_RNG90),y)
+  CSRCS += esp_board_rng90.c
+endif
+
 ifeq ($(CONFIG_MMCSD_SPI),y)
   CSRCS += esp_board_mmcsd.c
 endif

boards/risc-v/esp32c3/common/src/esp_board_rng90.c

@@ -0,0 +1,95 @@
+/****************************************************************************
+ * boards/risc-v/esp32c3/common/src/esp_board_rng90.c
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+#include <stdio.h>
+
+#include <nuttx/arch.h>
+#include <nuttx/crypto/rng90.h>
+#include <nuttx/debug.h>
+#include <nuttx/i2c/i2c_master.h>
+
+#ifndef CONFIG_ESPRESSIF_I2C_BITBANG
+#  include "espressif/esp_i2c.h"
+#else
+#  include "espressif/esp_i2c_bitbang.h"
+#endif
+
+#include "esp_board_rng90.h"
+
+/****************************************************************************
+ * Public Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: board_rng90_initialize
+ *
+ * Description:
+ *   Initialize and register the RNG90 True Random Number Generator driver.
+ *
+ * Input Parameters:
+ *   devno - The device number, used to build the device path as /dev/rngN
+ *
+ * Returned Value:
+ *   Zero (OK) on success; a negated errno value on failure.
+ ****************************************************************************/
+
+int board_rng90_initialize(int devno)
+{
+  struct i2c_master_s *i2c;
+  char devpath[16];
+  int ret;
+
+  sninfo("Initializing RNG90\n");
+
+  /* Initialize I2C */
+
+#ifndef CONFIG_ESPRESSIF_I2C_BITBANG
+  i2c = esp_i2cbus_initialize(ESPRESSIF_I2C0);
+#else
+  i2c = esp_i2cbus_bitbang_initialize();
+#endif
+
+  if (i2c == NULL)
+    {
+      snerr("ERROR: Failed to initialize I2C for RNG90\n");
+      return -ENODEV;
+    }
+
+  /* Register the RNG90 driver at "/dev/rngN" */
+
+  snprintf(devpath, sizeof(devpath), "/dev/rng%d", devno);
+  ret = rng90_register(devpath, i2c, RNG90_I2C_ADDR);
+  if (ret < 0)
+    {
+      snerr("ERROR: Failed to register RNG90 driver: %d\n", ret);
+      return ret;
+    }
+
+  return OK;
+}
+

boards/risc-v/esp32c3/esp32c3-devkit/configs/rng90/defconfig

@@ -0,0 +1,51 @@
+#
+# This file is autogenerated: PLEASE DO NOT EDIT IT.
+#
+# You can use "make menuconfig" to make any modifications to the installed .config file.
+# You can then do "make savedefconfig" to generate a new defconfig file that includes your
+# modifications.
+#
+# CONFIG_NSH_ARGCAT is not set
+# CONFIG_NSH_CMDOPT_HEXDUMP is not set
+CONFIG_ARCH="risc-v"
+CONFIG_ARCH_BOARD="esp32c3-devkit"
+CONFIG_ARCH_BOARD_COMMON=y
+CONFIG_ARCH_BOARD_ESP32C3_DEVKIT=y
+CONFIG_ARCH_CHIP="esp32c3"
+CONFIG_ARCH_CHIP_ESP32C3=y
+CONFIG_ARCH_INTERRUPTSTACK=1536
+CONFIG_ARCH_IRQ_TO_NDX=y
+CONFIG_ARCH_MINIMAL_VECTORTABLE_DYNAMIC=y
+CONFIG_ARCH_NUSER_INTERRUPTS=17
+CONFIG_ARCH_RISCV=y
+CONFIG_ARCH_STACKDUMP=y
+CONFIG_BOARDCTL_RESET=y
+CONFIG_BOARD_LOOPSPERMSEC=15000
+CONFIG_BUILTIN=y
+CONFIG_CRYPTO=y
+CONFIG_DEV_RNG90=y
+CONFIG_ESPRESSIF_I2C0=y
+CONFIG_EXAMPLES_RNG90=y
+CONFIG_FS_PROCFS=y
+CONFIG_IDLETHREAD_STACKSIZE=2048
+CONFIG_INIT_ENTRYPOINT="nsh_main"
+CONFIG_INTELHEX_BINARY=y
+CONFIG_LIBC_PERROR_STDOUT=y
+CONFIG_LIBC_STRERROR=y
+CONFIG_NFILE_DESCRIPTORS_PER_BLOCK=6
+CONFIG_NSH_BUILTIN_APPS=y
+CONFIG_NSH_FILEIOSIZE=512
+CONFIG_NSH_READLINE=y
+CONFIG_NSH_STRERROR=y
+CONFIG_PREALLOC_TIMERS=0
+CONFIG_RR_INTERVAL=200
+CONFIG_SCHED_BACKTRACE=y
+CONFIG_SCHED_WAITPID=y
+CONFIG_START_DAY=29
+CONFIG_START_MONTH=11
+CONFIG_START_YEAR=2019
+CONFIG_SYSTEM_DUMPSTACK=y
+CONFIG_SYSTEM_NSH=y
+CONFIG_TESTING_GETPRIME=y
+CONFIG_TESTING_OSTEST=y
+CONFIG_UART0_SERIAL_CONSOLE=y

boards/risc-v/esp32c3/esp32c3-devkit/src/esp32c3_bringup.c

@@ -41,6 +41,10 @@
 #include "esp_board_i2c.h"
 #include "esp_board_bmp180.h"
 
+#ifdef CONFIG_DEV_RNG90
+#  include "esp_board_rng90.h"
+#endif
+
 #include "espressif/esp_start.h"
 
 #ifdef CONFIG_ESPRESSIF_ADC
@@ -404,6 +408,15 @@ int esp_bringup(void)
     }
 #endif
 
+#ifdef CONFIG_DEV_RNG90
+  ret = board_rng90_initialize(0);
+
+  if (ret < 0)
+    {
+      syslog(LOG_ERR, "Failed to initialize RNG90 driver: %d\n", ret);
+    }
+#endif
+
 #ifdef CONFIG_ESP_SDM
   struct esp_sdm_chan_config_s config =
   {

drivers/crypto/CMakeLists.txt

@@ -23,3 +23,7 @@
 if(CONFIG_DEV_URANDOM AND NOT CONFIG_DEV_URANDOM_ARCH)
   target_sources(drivers PRIVATE dev_urandom.c)
 endif()
+
+if(CONFIG_DEV_RNG90)
+  target_sources(drivers PRIVATE rng90.c)
+endif()