Update mbedtls 2.18.0 rc1 #10675
Update mbedtls 2.18.0 rc1 #10675
Conversation
Use Mbed Crypto implementations of crypto. For example, use aes.c from Mbed Crypto instead of the Mbed TLS copy.
When importing development releases of Mbed TLS into Mbed OS, it is useful to be able to know a the particular git commit hash that was imported. This change avoids ever creating a VERSION.txt for Mbed TLS containing only "development", which is fairly useless since one doesn't know where the development branch was at the time of import.
Do a git fetch of mbedtls instead of a pull. We don't need to checkout development, only the release specified.
When importing, after checking out the specified release, update any submodules present.
Update Mbed TLS to 2.18.0-rc1. Update Mbed Crypto to 1.1.0d0.
This reverts commit ff18a64. Use the official repository
|
CI started |
Test run: FAILEDSummary: 3 of 7 test jobs failed Failed test jobs:
|
|
@k-stachowiak is looking at the failures |
|
@0xc0170, thank you for your changes. |
Use new TLS macro
|
thanks to @orenc17 , found missing macro redefinition, locally the test passed. Restarting CI |
| @@ -1479,7 +1479,7 @@ static void psa_entropy_operation(void) | |||
| mbedtls_free(seed); | |||
| #else | |||
| status = PSA_ERROR_NOT_SUPPORTED; | |||
| #endif /* MBEDTLS_ENTROPY_NV_SEED && MBEDTLS_PSA_HAS_ITS_IO*/ | |||
| #endif /* MBEDTLS_PSA_INJECT_ENTROPY */ | |||
There was a problem hiding this comment.
I followed the change from this PR in another PSA file.
@Patater @k-stachowiak Is this correct?
There was a problem hiding this comment.
Matches a change in features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c
There was a problem hiding this comment.
It makes sense to align the macros guarding APIs use with the macros guarding its definition. I haven't been following the development of this feature, but to me, this change looks correct.
There was a problem hiding this comment.
I confirm that the compile-time guard for mbedtls_psa_inject_entropy has changed to MBEDTLS_PSA_INJECT_ENTROPY. I haven't reviewed the rest of the PR.
There was a problem hiding this comment.
It may be advisable to wait for @Patater 's confirmation, but based on his approval up to this point, I approve the most recent commit, and therefore the PR.
| @@ -1,4 +1,4 @@ | |||
| { | |||
| "name": "mbed-crypto", | |||
| "macros": ["MBEDTLS_PSA_HAS_ITS_IO"] | |||
| "macros": ["MBEDTLS_PSA_INJECT_ENTROPY"] | |||
There was a problem hiding this comment.
To build Mbed Crypto with the entropy injection feature, you need:
- Storage support in Mbed Crypto:
MBEDTLS_PSA_CRYPTO_STORAGE_Cmust be enabled. This requirement already existed in Mbed OS 5.12 (Mbed Crypto 2.17). - ITS storage backend support in Mbed Crypto. In Mbed OS 5.12, this required
MBEDTLS_PSA_HAS_ITS_IO. With Mbed Crypto 2.18, you don't need anything beyondMBEDTLS_PSA_CRYPTO_STORAGE_C, but you need to make sure thatMBEDTLS_PSA_ITS_FILE_Cis not enabled since Mbed OS comes with its own ITS storage implementation. - Entropy file support must be enabled, i.e.
MBEDTLS_ENTROPY_NV_SEEDmust be defined. This requirement was already present before. - Default entropy sources must be disabled, i.e.
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCESmust be defined. This requirement was already present before. MBEDTLS_PSA_INJECT_ENTROPYmust be defined. Before, the feature was automatically enabled if bothMBEDTLS_PSA_HAS_ITS_IOandMBEDTLS_ENTROPY_NV_SEEDwere enabled.
So I don't understand why it worked before. What caused MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES, MBEDTLS_ENTROPY_NV_SEED, and for that matter MBEDTLS_PSA_CRYPTO_STORAGE_C and ``MBEDTLS_PSA_CRYPTO_C` to be enabled? Any idea @k-stachowiak ?
There was a problem hiding this comment.
I found that MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled conditionally in features/mbedtls/platform/inc/platform_mbed.h. In this file, #define MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C is now obsolete, but harmless.
MBEDTLS_PSA_INJECT_ENTROPY should not be enabled by default for Mbed Crypto. It should only be enabled on targets that use this feature. In 5.12, it was automatically enabled on targets where TARGET_PSA and MBEDTLS_ENTROPY_NV_SEED were both enabled. It would have failed if such a target didn't also define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES, so I must still be missing something, because I can't see any place where this gets defined.
Now MBEDTLS_PSA_INJECT_ENTROPY needs to be enabled explicitly on the targets that want this feature. I don't know which targets want it. This has to be a subset of the targets where it works.
To make this more backward compatible with 5.12, it would be possible to enable the feature where it's supported by modifying the configuration at the end of features/mbedtls/platform/inc/platform_mbed.h:
/* Enable entropy injection if it is supported. */
#if defined(MBEDTLS_ENTROPY_NV_SEED) && \
defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) && \
defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
#define MBEDTLS_PSA_INJECT_ENTROPY
#endif
But I don't think this is desirable, because this feature adds a few hundred bytes of code and increases the attack surface and the risk of misconfiguration that could lead to bricking a device.
There was a problem hiding this comment.
I don't know the history of the aforementioned options beyond the fact that I have seen them being switched on and off in the past. However, based on this
MBEDTLS_PSA_INJECT_ENTROPY should not be enabled by default for Mbed Crypto
which makes sense to me, why don't we just remove the macro we are now commenting on?
Right now I'm testing that approach locally.
There was a problem hiding this comment.
It builds with the feature switched off, but as far as I know, we actually need it in. Unfortunately, I don't know a simple way of enabling it without causing the trouble other than doing it for particular targets, as Gilles has mentioned earlier.
There was a problem hiding this comment.
I've come up with a short term fix in enabling the entropy injection API on PSA targets if the user or applications has chosen to enable NV Seed, only on PSA targets. This is compatible with Mbed OS 5.12.
Longer term, we need to implement entropy mixing in Mbed Crypto to support using both TRNG and NV Seed at the same time.
There was a problem hiding this comment.
I've tested on NUCLEO_F429ZI, K64F, and CY8CKIT_062_WIFI_BT.
|
If any new development, let me know. I can grant you access to my fork to keep this up to date (currently @k-stachowiak has it can push). |
be696bb to
473b4ce
Compare
|
CI started |
|
Rebased to remove enabling PSA Entropy Injection unconditionally. Added commits to remove stale configuration options and to conditionally enable MBEDTLS_PSA_INJECT_ENTROPY for PSA targets if MBEDTLS_ENTROPY_NV_SEED is set. |
473b4ce to
84e0b12
Compare
Test run: FAILEDSummary: 3 of 11 test jobs failed Failed test jobs:
|
|
CI restarted |
|
Rebased to re-add the ITS configuration option (by dropping c044804), which PAL was depending on. Mbed Crypto no longer uses that option, and it shouldn't be necessary to depend on that option even if PAL needs to use ITS: PAL can assume if the target is PSA, that ITS is available. |
84e0b12 to
948d437
Compare
|
CI restarted |
Test run: FAILEDSummary: 6 of 7 test jobs failed Failed test jobs:
|
Test run: FAILEDSummary: 1 of 11 test jobs failed Failed test jobs:
|
|
CI was unable to get a license when building one of the files (ecdh.c) during the exporter test. This made it look like an error from Mbed Crypto at first glance, but we also see the following in the log, which caused the build of that file to fail. |
|
CI job restarted: |
|
Ready for integration |
Description
Same as #10642, one additional revert to fix CI issue.
cc @Patater
Pull request type
Reviewers
Release Notes