Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Import/mbedtls 3.4.0 take3 #12

Merged
merged 22 commits into from
Oct 6, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
50c4aae
Import mbedtls-3.4.0
jenswi-linaro May 11, 2023
8d6ac62
mbedtls: remove default include/mbedtls/config.h
jenswi-linaro May 18, 2018
604749d
mbedtls: configure mbedtls to reach for config
jenswi-linaro May 7, 2018
8126a85
libmbedtls: make mbedtls_mpi_mont*() available
jenswi-linaro Nov 7, 2018
f0710df
libmbedtls: add mbedtls_mpi_init_mempool()
jenswi-linaro Nov 8, 2018
746d37b
libmedtls: mpi_miller_rabin: increase count limit
jenswi-linaro Nov 27, 2018
1cc78b4
libmbedtls: add interfaces in mbedtls for context memory operation
Dec 19, 2018
3f9633f
libmbedtls: fix no CRT issue
Summer-ARM Dec 15, 2017
4584d49
libmbedtls: mbedtls_mpi_exp_mod() initialize W
jenswi-linaro Apr 17, 2019
541faf2
libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage
jenswi-linaro May 21, 2019
4500ae4
libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage
jenswi-linaro May 27, 2019
00180c9
libmbedtls: add SM2 curve
jforissier Jan 22, 2021
7ee7b0e
libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()
jenswi-linaro Apr 1, 2022
1ab4cce
libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_veri…
jenswi-linaro Apr 1, 2022
aeda3f4
libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly
smo4201 Oct 26, 2022
ba434b1
libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode
jenswi-linaro May 12, 2023
13a454c
ta: pkcs11: update to mbedTLS 3.4.0 API
jenswi-linaro May 12, 2023
55fa266
core: LTC mpi_desc.c: update to mbedTLS 3.4.0 API
jenswi-linaro May 12, 2023
182ca5f
libutee: update to mbedTLS 3.4.0 API
jenswi-linaro May 11, 2023
9682137
libmedtls: core: update to mbedTLS 3.4.0 API
jenswi-linaro May 17, 2023
35c5995
core: ltc: configure internal SHA-1 and SHA-224
jenswi-linaro Jun 1, 2023
15058b7
core: ltc: configure internal MD5
jenswi-linaro Jun 1, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion core/crypto.mk
Original file line number Diff line number Diff line change
Expand Up @@ -234,7 +234,9 @@ _CFG_CORE_LTC_SHA384_DESC := $(CFG_CRYPTO_DSA)
_CFG_CORE_LTC_SHA512_DESC := $(CFG_CRYPTO_DSA)
_CFG_CORE_LTC_XTS := $(CFG_CRYPTO_XTS)
_CFG_CORE_LTC_CCM := $(CFG_CRYPTO_CCM)
_CFG_CORE_LTC_AES_DESC := $(call cfg-one-enabled, CFG_CRYPTO_XTS CFG_CRYPTO_CCM)
_CFG_CORE_LTC_AES := $(call cfg-one-enabled, CFG_CRYPTO_XTS CFG_CRYPTO_CCM \
CFG_CRYPTO_AES)
_CFG_CORE_LTC_AES_ACCEL := $(CFG_CORE_CRYPTO_AES_ACCEL)
_CFG_CORE_LTC_X25519 := $(CFG_CRYPTO_X25519)
_CFG_CORE_LTC_ED25519 := $(CFG_CRYPTO_ED25519)
_CFG_CORE_LTC_SHA3_224 := $(CFG_CRYPTO_SHA3_224)
Expand All @@ -249,6 +251,12 @@ endif
# libtomcrypt (LTC) specifics, phase #2
###############################################################

_CFG_CORE_LTC_MD5_DESC := $(call cfg-one-enabled, _CFG_CORE_LTC_MD5_DESC \
_CFG_CORE_LTC_MD5)
_CFG_CORE_LTC_SHA1_DESC := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA1_DESC \
_CFG_CORE_LTC_SHA1)
_CFG_CORE_LTC_SHA224_DESC := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA224_DESC \
_CFG_CORE_LTC_SHA224)
_CFG_CORE_LTC_SHA256_DESC := $(call cfg-one-enabled, _CFG_CORE_LTC_SHA256_DESC \
_CFG_CORE_LTC_SHA224 \
_CFG_CORE_LTC_SHA256)
Expand Down
4 changes: 2 additions & 2 deletions core/lib/libtomcrypt/mpi_desc.c
Original file line number Diff line number Diff line change
Expand Up @@ -602,9 +602,9 @@ static int rng_read(void *ignored __unused, unsigned char *buf, size_t blen)
return 0;
}

static int isprime(void *a, int b __unused, int *c)
static int isprime(void *a, int b, int *c)
{
int res = mbedtls_mpi_is_prime(a, rng_read, NULL);
int res = mbedtls_mpi_is_prime_ext(a, b, rng_read, NULL);

if (res == MBEDTLS_ERR_MPI_ALLOC_FAILED)
return CRYPT_MEM;
Expand Down
12 changes: 6 additions & 6 deletions core/lib/libtomcrypt/rsa.c
Original file line number Diff line number Diff line change
Expand Up @@ -29,42 +29,42 @@
static TEE_Result tee_algo_to_ltc_hashindex(uint32_t algo, int *ltc_hashindex)
{
switch (algo) {
#if defined(_CFG_CORE_LTC_SHA1)
#if defined(_CFG_CORE_LTC_SHA1_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA1:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA1:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1:
*ltc_hashindex = find_hash("sha1");
break;
#endif
#if defined(_CFG_CORE_LTC_MD5)
#if defined(_CFG_CORE_LTC_MD5_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_MD5:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_MD5:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_MD5:
*ltc_hashindex = find_hash("md5");
break;
#endif
#if defined(_CFG_CORE_LTC_SHA224)
#if defined(_CFG_CORE_LTC_SHA224_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA224:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA224:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA224:
*ltc_hashindex = find_hash("sha224");
break;
#endif
#if defined(_CFG_CORE_LTC_SHA256)
#if defined(_CFG_CORE_LTC_SHA256_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA256:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA256:
*ltc_hashindex = find_hash("sha256");
break;
#endif
#if defined(_CFG_CORE_LTC_SHA384)
#if defined(_CFG_CORE_LTC_SHA384_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA384:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA384:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA384:
*ltc_hashindex = find_hash("sha384");
break;
#endif
#if defined(_CFG_CORE_LTC_SHA512)
#if defined(_CFG_CORE_LTC_SHA512_DESC)
case TEE_ALG_RSASSA_PKCS1_V1_5_SHA512:
case TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA512:
case TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA512:
Expand Down
2 changes: 1 addition & 1 deletion core/lib/libtomcrypt/src/hashes/sha2/sub.mk
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
srcs-$(_CFG_CORE_LTC_SHA224) += sha224.c
srcs-$(_CFG_CORE_LTC_SHA224_DESC) += sha224.c

ifneq ($(_CFG_CORE_LTC_SHA256_ACCEL),y)
srcs-$(_CFG_CORE_LTC_SHA256_DESC) += sha256.c
Expand Down
4 changes: 2 additions & 2 deletions core/lib/libtomcrypt/src/hashes/sub.mk
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
srcs-$(_CFG_CORE_LTC_MD5) += md5.c
srcs-$(_CFG_CORE_LTC_MD5_DESC) += md5.c

ifeq ($(_CFG_CORE_LTC_SHA1),y)
ifeq ($(_CFG_CORE_LTC_SHA1_DESC),y)
ifneq ($(_CFG_CORE_LTC_SHA1_ACCEL),y)
srcs-y += sha1.c
endif
Expand Down
7 changes: 4 additions & 3 deletions core/lib/libtomcrypt/sub.mk
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,13 @@ endif

cppflags-lib-y += -DLTC_NO_HASHES

ifeq ($(_CFG_CORE_LTC_MD5),y)
ifeq ($(_CFG_CORE_LTC_MD5_DESC),y)
cppflags-lib-y += -DLTC_MD5
endif
ifeq ($(_CFG_CORE_LTC_SHA1),y)
ifeq ($(_CFG_CORE_LTC_SHA1_DESC),y)
cppflags-lib-y += -DLTC_SHA1
endif
ifeq ($(_CFG_CORE_LTC_SHA224),y)
ifeq ($(_CFG_CORE_LTC_SHA224_DESC),y)
cppflags-lib-y += -DLTC_SHA224
endif
ifeq ($(_CFG_CORE_LTC_SHA256_DESC),y)
Expand Down Expand Up @@ -148,6 +148,7 @@ srcs-$(_CFG_CORE_LTC_X25519) += x25519.c
srcs-$(_CFG_CORE_LTC_ED25519) += ed25519.c
ifeq ($(_CFG_CORE_LTC_ACIPHER),y)
srcs-y += mpi_desc.c
cppflags-mpi_desc.c-y += -DMBEDTLS_ALLOW_PRIVATE_ACCESS
endif

srcs-y += tomcrypt.c
Expand Down
6 changes: 3 additions & 3 deletions core/lib/libtomcrypt/tomcrypt.c
Original file line number Diff line number Diff line change
Expand Up @@ -99,13 +99,13 @@ static void tee_ltc_reg_algs(void)
register_cipher(&des_desc);
register_cipher(&des3_desc);
#endif
#if defined(_CFG_CORE_LTC_MD5)
#if defined(_CFG_CORE_LTC_MD5_DESC)
register_hash(&md5_desc);
#endif
#if defined(_CFG_CORE_LTC_SHA1)
#if defined(_CFG_CORE_LTC_SHA1) || defined(_CFG_CORE_LTC_SHA1_DESC)
register_hash(&sha1_desc);
#endif
#if defined(_CFG_CORE_LTC_SHA224)
#if defined(_CFG_CORE_LTC_SHA224) || defined(_CFG_CORE_LTC_SHA224_DESC)
register_hash(&sha224_desc);
#endif
#if defined(_CFG_CORE_LTC_SHA256) || defined(_CFG_CORE_LTC_SHA256_DESC)
Expand Down
44 changes: 0 additions & 44 deletions lib/libmbedtls/core/aes.c
Original file line number Diff line number Diff line change
Expand Up @@ -13,50 +13,6 @@
#include <mbedtls/platform_util.h>
#include <string.h>

TEE_Result crypto_aes_expand_enc_key(const void *key, size_t key_len,
void *enc_key, size_t enc_keylen,
unsigned int *rounds)
{
#if defined(MBEDTLS_AES_ALT)
return crypto_accel_aes_expand_keys(key, key_len, enc_key, NULL,
enc_keylen, rounds);
#else
mbedtls_aes_context ctx;

memset(&ctx, 0, sizeof(ctx));
mbedtls_aes_init(&ctx);
if (mbedtls_aes_setkey_enc(&ctx, key, key_len * 8) != 0)
return TEE_ERROR_BAD_PARAMETERS;

if (enc_keylen > sizeof(ctx.buf))
return TEE_ERROR_BAD_PARAMETERS;
memcpy(enc_key, ctx.buf, enc_keylen);
*rounds = ctx.nr;
mbedtls_aes_free(&ctx);
return TEE_SUCCESS;
#endif
}

void crypto_aes_enc_block(const void *enc_key, size_t enc_keylen __maybe_unused,
unsigned int rounds, const void *src, void *dst)
{
#if defined(MBEDTLS_AES_ALT)
crypto_accel_aes_ecb_enc(dst, src, enc_key, rounds, 1);
#else
mbedtls_aes_context ctx;

memset(&ctx, 0, sizeof(ctx));
mbedtls_aes_init(&ctx);
if (enc_keylen > sizeof(ctx.buf))
panic();
memcpy(ctx.buf, enc_key, enc_keylen);
ctx.rk = ctx.buf;
ctx.nr = rounds;
mbedtls_aes_encrypt(&ctx, src, dst);
mbedtls_aes_free(&ctx);
#endif
}

#if defined(MBEDTLS_AES_ALT)
void mbedtls_aes_init(mbedtls_aes_context *ctx)
{
Expand Down
18 changes: 10 additions & 8 deletions lib/libmbedtls/core/dh.c
Original file line number Diff line number Diff line change
Expand Up @@ -51,31 +51,32 @@ TEE_Result crypto_acipher_gen_dh_key(struct dh_keypair *key,
mbedtls_dhm_context dhm;
unsigned char *buf = NULL;
size_t xbytes = 0;
size_t len = 0;

memset(&dhm, 0, sizeof(dhm));
mbedtls_dhm_init(&dhm);

dhm.G = *(mbedtls_mpi *)key->g;
dhm.P = *(mbedtls_mpi *)key->p;

dhm.len = crypto_bignum_num_bytes(key->p);
if (key_size != 8 * dhm.len) {
len = mbedtls_dhm_get_len(&dhm);
if (key_size != 8 * len) {
res = TEE_ERROR_BAD_PARAMETERS;
goto out;
}

if (xbits == 0)
xbytes = dhm.len;
xbytes = len;
else
xbytes = xbits / 8;

buf = malloc(dhm.len);
buf = malloc(len);
if (!buf) {
res = TEE_ERROR_OUT_OF_MEMORY;
goto out;
}
lmd_res = mbedtls_dhm_make_public(&dhm, (int)xbytes, buf,
dhm.len, mbd_rand, NULL);
len, mbd_rand, NULL);
if (lmd_res != 0) {
FMSG("mbedtls_dhm_make_public err, return is 0x%x", -lmd_res);
res = TEE_ERROR_BAD_PARAMETERS;
Expand All @@ -102,6 +103,7 @@ TEE_Result crypto_acipher_dh_shared_secret(struct dh_keypair *private_key,
mbedtls_dhm_context dhm;
unsigned char *buf = NULL;
size_t olen = 0;
size_t len = 0;

memset(&dhm, 0, sizeof(dhm));
mbedtls_dhm_init(&dhm);
Expand All @@ -112,15 +114,15 @@ TEE_Result crypto_acipher_dh_shared_secret(struct dh_keypair *private_key,
dhm.X = *(mbedtls_mpi *)private_key->x;
dhm.GY = *(mbedtls_mpi *)public_key;

dhm.len = crypto_bignum_num_bytes(private_key->p);
len = mbedtls_dhm_get_len(&dhm);

buf = malloc(dhm.len);
buf = malloc(len);
if (!buf) {
res = TEE_ERROR_OUT_OF_MEMORY;
goto out;
}

lmd_res = mbedtls_dhm_calc_secret(&dhm, buf, dhm.len,
lmd_res = mbedtls_dhm_calc_secret(&dhm, buf, len,
&olen, mbd_rand, NULL);
if (lmd_res != 0) {
FMSG("mbedtls_dhm_calc_secret failed, ret is 0x%x", -lmd_res);
Expand Down
34 changes: 9 additions & 25 deletions lib/libmbedtls/core/ecc.c
Original file line number Diff line number Diff line change
Expand Up @@ -84,22 +84,6 @@ static TEE_Result ecc_get_keysize(uint32_t curve, uint32_t algo,
return TEE_SUCCESS;
}

/*
* Clear some memory that was used to prepare the context
*/
static void ecc_clear_precomputed(mbedtls_ecp_group *grp)
{
size_t i = 0;

if (grp->T) {
for (i = 0; i < grp->T_size; i++)
mbedtls_ecp_point_free(&grp->T[i]);
free(grp->T);
}
grp->T = NULL;
grp->T_size = 0;
}

static mbedtls_ecp_group_id curve_to_group_id(uint32_t curve)
{
switch (curve) {
Expand Down Expand Up @@ -149,7 +133,6 @@ static TEE_Result ecc_generate_keypair(struct ecc_keypair *key, size_t key_size)
FMSG("mbedtls_ecdsa_genkey failed.");
goto exit;
}
ecc_clear_precomputed(&ecdsa.grp);

/* check the size of the keys */
if ((mbedtls_mpi_bitlen(&ecdsa.Q.X) > key_size_bits) ||
Expand Down Expand Up @@ -341,16 +324,17 @@ static TEE_Result ecc_shared_secret(struct ecc_keypair *private_key,
memset(&gid, 0, sizeof(gid));
mbedtls_ecdh_init(&ecdh);
gid = curve_to_group_id(private_key->curve);
lmd_res = mbedtls_ecp_group_load(&ecdh.grp, gid);
lmd_res = mbedtls_ecdh_setup(&ecdh, gid);
if (lmd_res != 0) {
res = TEE_ERROR_NOT_SUPPORTED;
goto out;
}

ecdh.d = *(mbedtls_mpi *)private_key->d;
ecdh.Qp.X = *(mbedtls_mpi *)public_key->x;
ecdh.Qp.Y = *(mbedtls_mpi *)public_key->y;
mbedtls_mpi_read_binary(&ecdh.Qp.Z, one, sizeof(one));
assert(ecdh.var == MBEDTLS_ECDH_VARIANT_MBEDTLS_2_0);
ecdh.ctx.mbed_ecdh.d = *(mbedtls_mpi *)private_key->d;
ecdh.ctx.mbed_ecdh.Qp.X = *(mbedtls_mpi *)public_key->x;
ecdh.ctx.mbed_ecdh.Qp.Y = *(mbedtls_mpi *)public_key->y;
mbedtls_mpi_read_binary(&ecdh.ctx.mbed_ecdh.Qp.Z, one, sizeof(one));

lmd_res = mbedtls_ecdh_calc_secret(&ecdh, &out_len, secret,
*secret_len, mbd_rand, NULL);
Expand All @@ -361,9 +345,9 @@ static TEE_Result ecc_shared_secret(struct ecc_keypair *private_key,
*secret_len = out_len;
out:
/* Reset mpi to skip freeing here, those mpis will be freed with key */
mbedtls_mpi_init(&ecdh.d);
mbedtls_mpi_init(&ecdh.Qp.X);
mbedtls_mpi_init(&ecdh.Qp.Y);
mbedtls_mpi_init(&ecdh.ctx.mbed_ecdh.d);
mbedtls_mpi_init(&ecdh.ctx.mbed_ecdh.Qp.X);
mbedtls_mpi_init(&ecdh.ctx.mbed_ecdh.Qp.Y);
mbedtls_ecdh_free(&ecdh);
return res;
}
Expand Down
3 changes: 2 additions & 1 deletion lib/libmbedtls/core/hash.c
Original file line number Diff line number Diff line change
Expand Up @@ -57,13 +57,14 @@ static TEE_Result mbed_hash_final(struct crypto_hash_ctx *ctx, uint8_t *digest,
size_t len)
{
struct mbed_hash_ctx *hc = to_hash_ctx(ctx);
size_t hash_size = mbedtls_md_get_size(hc->md_ctx.md_info);
uint8_t block_digest[TEE_MAX_HASH_SIZE] = { 0 };
uint8_t *tmp_digest = NULL;
size_t hash_size = 0;

if (len == 0)
return TEE_ERROR_BAD_PARAMETERS;

hash_size = mbedtls_md_get_size(mbedtls_md_info_from_ctx(&hc->md_ctx));
if (hash_size > len) {
if (hash_size > sizeof(block_digest))
return TEE_ERROR_BAD_STATE;
Expand Down
3 changes: 2 additions & 1 deletion lib/libmbedtls/core/hmac.c
Original file line number Diff line number Diff line change
Expand Up @@ -52,13 +52,14 @@ static TEE_Result mbed_hmac_final(struct crypto_mac_ctx *ctx, uint8_t *digest,
size_t len)
{
struct mbed_hmac_ctx *c = to_hmac_ctx(ctx);
size_t hmac_size = mbedtls_md_get_size(c->md_ctx.md_info);
uint8_t block_digest[TEE_MAX_HASH_SIZE] = { 0 };
uint8_t *tmp_digest = NULL;
size_t hmac_size = 0;

if (len == 0)
return TEE_ERROR_BAD_PARAMETERS;

hmac_size = mbedtls_md_get_size(mbedtls_md_info_from_ctx(&c->md_ctx));
if (hmac_size > len) {
if (hmac_size > sizeof(block_digest))
return TEE_ERROR_BAD_STATE;
Expand Down
11 changes: 0 additions & 11 deletions lib/libmbedtls/core/mbed_helpers.h
Original file line number Diff line number Diff line change
Expand Up @@ -25,17 +25,6 @@ static inline void mbed_copy_mbedtls_aes_context(mbedtls_aes_context *dst,
mbedtls_aes_context *src)
{
*dst = *src;
#if !defined(MBEDTLS_AES_ALT)
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
/*
* This build configuration should not occur, but just in case error out
* here. It needs special handling of the rk pointer, see
* mbedtls_aes_setkey_enc().
*/
#error Do not know how to copy mbedtls_aes_context::rk
#endif
dst->rk = dst->buf;
#endif
}

TEE_Result mbed_gen_random_upto(mbedtls_mpi *n, mbedtls_mpi *max);
Expand Down
Loading
Loading