From a325320c47660f24d22054a1ff3538a8542b1449 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Teppo=20J=C3=A4rvelin?= Date: Thu, 20 Feb 2020 10:09:28 +0200 Subject: [PATCH 1/8] Prepare for upcoming MbedTLS changes --- .../source/coap_security_handler.c | 25 +++++++++++++++++++ .../protocols/tls_sec_prot/tls_sec_prot_lib.c | 20 +++++++++++++++ features/netsocket/DTLSSocketWrapper.cpp | 6 +++++ features/netsocket/TLSSocketWrapper.cpp | 12 +++++++-- features/netsocket/TLSSocketWrapper.h | 3 +++ 5 files changed, 64 insertions(+), 2 deletions(-) diff --git a/features/nanostack/coap-service/source/coap_security_handler.c b/features/nanostack/coap-service/source/coap_security_handler.c index 1fbe3ffc866..bf6d8bb4b16 100644 --- a/features/nanostack/coap-service/source/coap_security_handler.c +++ b/features/nanostack/coap-service/source/coap_security_handler.c @@ -68,6 +68,7 @@ struct coap_security_s { }; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) const int ECJPAKE_SUITES[] = { MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8, @@ -75,12 +76,15 @@ const int ECJPAKE_SUITES[] = { }; #endif +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) static const int PSK_SUITES[] = { MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256, MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8, 0 }; +#endif /* defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) */ +#endif /* !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) */ #define TRACE_GROUP "CsSh" @@ -332,7 +336,9 @@ static int coap_security_handler_configure_keys(coap_security_t *sec, coap_secur if (0 != mbedtls_ssl_conf_psk(&sec->_conf, keys._priv_key, keys._priv_key_len, keys._cert, keys._cert_len)) { break; } +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) mbedtls_ssl_conf_ciphersuites(&sec->_conf, PSK_SUITES); +#endif /* !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) */ ret = 0; #endif break; @@ -342,7 +348,9 @@ static int coap_security_handler_configure_keys(coap_security_t *sec, coap_secur if (mbedtls_ssl_set_hs_ecjpake_password(&sec->_ssl, keys._key, keys._key_len) != 0) { return -1; } +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) mbedtls_ssl_conf_ciphersuites(&sec->_conf, ECJPAKE_SUITES); +#endif /* !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) */ //NOTE: If thread starts supporting PSK in other modes, then this will be needed! mbedtls_ssl_conf_export_keys_cb(&sec->_conf, @@ -394,11 +402,23 @@ int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_ser return -1; } + // Defines MBEDTLS_SSL_CONF_RECV/SEND/RECV_TIMEOUT define global functions which should be the same for all + // callers of mbedtls_ssl_set_bio_ctx and there should be only one ssl context. If these rules don't apply, + // these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) mbedtls_ssl_set_bio(&sec->_ssl, sec, f_send, f_recv, NULL); +#else + mbedtls_ssl_set_bio_ctx(&sec->_ssl, sec); +#endif /* !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) */ + // Defines MBEDTLS_SSL_CONF_SET_TIMER/GET_TIMER define global functions which should be the same for all + // callers of mbedtls_ssl_set_timer_cb and there should be only one ssl context. If these rules don't apply, + // these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) mbedtls_ssl_set_timer_cb(&sec->_ssl, sec, set_timer, get_timer); +#endif /* !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) //TODO: Figure out better way!!! @@ -420,8 +440,13 @@ int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_ser &sec->_cookie); #endif +#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) mbedtls_ssl_conf_min_version(&sec->_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3); +#endif /* !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) */ + +#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) mbedtls_ssl_conf_max_version(&sec->_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3); +#endif /* !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) */ sec->_is_started = true; diff --git a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c index 6f236bcf1f8..d7ee8951eed 100644 --- a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c +++ b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c @@ -340,9 +340,22 @@ int8_t tls_sec_prot_lib_connect(tls_security_t *sec, bool is_server, const sec_p return -1; } + // Defines MBEDTLS_SSL_CONF_RECV/SEND/RECV_TIMEOUT define global functions which should be the same for all + // callers of mbedtls_ssl_set_bio_ctx and there should be only one ssl context. If these rules don't apply, + // these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) // Set calbacks mbedtls_ssl_set_bio(&sec->ssl, sec, tls_sec_prot_lib_ssl_send, tls_sec_prot_lib_ssl_recv, NULL); +#else + mbedtls_ssl_set_bio_ctx(&sec->ssl, sec); +#endif /* !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) */ + +// Defines MBEDTLS_SSL_CONF_SET_TIMER/GET_TIMER define global functions which should be the same for all +// callers of mbedtls_ssl_set_timer_cb and there should be only one ssl context. If these rules don't apply, +// these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) mbedtls_ssl_set_timer_cb(&sec->ssl, sec, tls_sec_prot_lib_ssl_set_timer, tls_sec_prot_lib_ssl_get_timer); +#endif /* !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) */ // Configure certificates, keys and certificate revocation list if (tls_sec_prot_lib_configure_certificates(sec, certs) != 0) { @@ -350,6 +363,7 @@ int8_t tls_sec_prot_lib_connect(tls_security_t *sec, bool is_server, const sec_p return -1; } +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) // Configure ciphersuites static const int sec_suites[] = { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, @@ -358,6 +372,7 @@ int8_t tls_sec_prot_lib_connect(tls_security_t *sec, bool is_server, const sec_p 0 }; mbedtls_ssl_conf_ciphersuites(&sec->conf, sec_suites); +#endif /* !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) */ #ifdef TLS_SEC_PROT_LIB_TLS_DEBUG mbedtls_ssl_conf_dbg(&sec->conf, tls_sec_prot_lib_debug, sec); @@ -367,8 +382,13 @@ int8_t tls_sec_prot_lib_connect(tls_security_t *sec, bool is_server, const sec_p // Export keys callback mbedtls_ssl_conf_export_keys_ext_cb(&sec->conf, tls_sec_prot_lib_ssl_export_keys, sec); +#if !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) mbedtls_ssl_conf_min_version(&sec->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3); +#endif /* !defined(MBEDTLS_SSL_CONF_MIN_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MIN_MAJOR_VER) */ + +#if !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) mbedtls_ssl_conf_max_version(&sec->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3); +#endif /* !defined(MBEDTLS_SSL_CONF_MAX_MINOR_VER) || !defined(MBEDTLS_SSL_CONF_MAX_MAJOR_VER) */ // Set certificate verify callback mbedtls_ssl_set_verify(&sec->ssl, tls_sec_prot_lib_x509_crt_verify, sec); diff --git a/features/netsocket/DTLSSocketWrapper.cpp b/features/netsocket/DTLSSocketWrapper.cpp index f567e31bbd7..2251fd1d244 100644 --- a/features/netsocket/DTLSSocketWrapper.cpp +++ b/features/netsocket/DTLSSocketWrapper.cpp @@ -30,7 +30,13 @@ DTLSSocketWrapper::DTLSSocketWrapper(Socket *transport, const char *hostname, co _timer_expired(false) { mbedtls_ssl_conf_transport(get_ssl_config(), MBEDTLS_SSL_TRANSPORT_DATAGRAM); + + // Defines MBEDTLS_SSL_CONF_SET_TIMER/GET_TIMER define global functions which should be the same for all + // callers of mbedtls_ssl_set_timer_cb and there should be only one ssl context. If these rules don't apply, + // these defines can't be used +#if !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) mbedtls_ssl_set_timer_cb(get_ssl_context(), this, timing_set_delay, timing_get_delay); +#endif /* !defined(MBEDTLS_SSL_CONF_SET_TIMER) && !defined(MBEDTLS_SSL_CONF_GET_TIMER) */ } void DTLSSocketWrapper::timing_set_delay(void *ctx, uint32_t int_ms, uint32_t fin_ms) diff --git a/features/netsocket/TLSSocketWrapper.cpp b/features/netsocket/TLSSocketWrapper.cpp index 68d24127b23..c8b46adf2d8 100644 --- a/features/netsocket/TLSSocketWrapper.cpp +++ b/features/netsocket/TLSSocketWrapper.cpp @@ -85,7 +85,7 @@ TLSSocketWrapper::~TLSSocketWrapper() void TLSSocketWrapper::set_hostname(const char *hostname) { -#ifdef MBEDTLS_X509_CRT_PARSE_C +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) mbedtls_ssl_set_hostname(&_ssl, hostname); #endif } @@ -207,7 +207,15 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) _transport->set_blocking(false); _transport->sigio(mbed::callback(this, &TLSSocketWrapper::event)); - mbedtls_ssl_set_bio(&_ssl, this, ssl_send, ssl_recv, NULL); + + // Defines MBEDTLS_SSL_CONF_RECV/SEND/RECV_TIMEOUT define global functions which should be the same for all + // callers of mbedtls_ssl_set_bio_ctx and there should be only one ssl context. If these rules don't apply, + // these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) + mbedtls_ssl_set_bio(&_ssl, this, ssl_send, ssl_recv, nullptr); +#else + mbedtls_ssl_set_bio_ctx(&_ssl, this); +#endif /* !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) */ _tls_initialized = true; diff --git a/features/netsocket/TLSSocketWrapper.h b/features/netsocket/TLSSocketWrapper.h index 2a3e03e567e..9b21b7c6921 100644 --- a/features/netsocket/TLSSocketWrapper.h +++ b/features/netsocket/TLSSocketWrapper.h @@ -66,6 +66,9 @@ class TLSSocketWrapper : public Socket { virtual ~TLSSocketWrapper(); /** Set hostname. + * + * @note Implementation is inside following defines: + * #if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) * * TLSSocket requires hostname used to verify the certificate. * If hostname is not given in constructor, this function must be used before From 163e5c90e3e120441c33d71c52056666b47d9876 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Teppo=20J=C3=A4rvelin?= Date: Thu, 20 Feb 2020 10:56:20 +0200 Subject: [PATCH 2/8] Added new global rng, needed for MbedTLS optimisations --- .../src/apps/altcp_tls/altcp_tls_mbedtls.c | 10 ++ features/mbedtls/platform/inc/shared_rng.h | 93 +++++++++++++++++++ features/mbedtls/platform/src/shared_rng.cpp | 75 +++++++++++++++ .../source/coap_security_handler.c | 2 + .../protocols/tls_sec_prot/tls_sec_prot_lib.c | 2 + features/netsocket/TLSSocketWrapper.cpp | 2 + 6 files changed, 184 insertions(+) create mode 100644 features/mbedtls/platform/inc/shared_rng.h create mode 100644 features/mbedtls/platform/src/shared_rng.cpp diff --git a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c index d642decb54f..93f458991bf 100644 --- a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c +++ b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c @@ -599,8 +599,15 @@ altcp_mbedtls_setup(void *conf, struct altcp_pcb *conn, struct altcp_pcb *inner_ altcp_mbedtls_free(conf, state); return ERR_MEM; } + // Defines MBEDTLS_SSL_CONF_RECV/SEND/RECV_TIMEOUT define global functions which should be the same for all + // callers of mbedtls_ssl_set_bio_ctx and there should be only one ssl context. If these rules don't apply, + // these defines can't be used. +#if !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) /* tell mbedtls about our I/O functions */ mbedtls_ssl_set_bio(&state->ssl_context, conn, altcp_mbedtls_bio_send, altcp_mbedtls_bio_recv, NULL); +#else + mbedtls_ssl_set_bio_ctx(&state->ssl_context, conn); +#endif /* !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) */ altcp_mbedtls_setup_callbacks(conn, inner_conn); conn->inner_conn = inner_conn; @@ -734,7 +741,10 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca } mbedtls_ssl_conf_authmode(&conf->conf, MBEDTLS_SSL_VERIFY_OPTIONAL); +#if !defined(MBEDTLS_SSL_CONF_RNG) mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &conf->ctr_drbg); +#endif + #if ALTCP_MBEDTLS_DEBUG != LWIP_DBG_OFF mbedtls_ssl_conf_dbg(&conf->conf, altcp_mbedtls_debug, stdout); #endif diff --git a/features/mbedtls/platform/inc/shared_rng.h b/features/mbedtls/platform/inc/shared_rng.h new file mode 100644 index 00000000000..154bdfa184a --- /dev/null +++ b/features/mbedtls/platform/inc/shared_rng.h @@ -0,0 +1,93 @@ +/* + * shared_rng.h + * + * Copyright (C) 2019, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#ifndef SHARED_RNG_H +#define SHARED_RNG_H + +#if !defined(MBEDTLS_CONFIG_FILE) +#include "config.h" +#else +#include MBEDTLS_CONFIG_FILE +#endif + +#if defined(MBEDTLS_SSL_CONF_RNG) + +#define MBED_SHARED_RNG_NOT_INITIALIZED -1 /**< init_global_rng not called before global_rng */ + +#ifdef __cplusplus +extern "C" { +#endif + +#include "mbedtls/hmac_drbg.h" +#include "mbedtls/entropy.h" + +/** + * \brief Initializes hmac ready for rng + * + * \return 0 if successful, or + * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or + * MBEDTLS_ERR_MD_ALLOC_FAILED, or + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED. + */ +int init_global_rng(); + +/** + * \brief Global HMAC_DRBG generate random + * + * \note Automatically reseeds if reseed_counter is reached or PR is enabled. + * \note init_global_rng function must be called + * before calling this function! + * + * \param ctx DRBG context + * \param dst Buffer to fill + * \param len Length of the buffer + * + * \return 0 if successful, or + * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or + * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG or + * MBED_SHARED_RNG_NOT_INITIALIZED + */ +int global_rng( void *ctx, unsigned char *dst, size_t len ); + +/** + * \brief Free allocated resources + */ +void free_global_rng(); + +/** + * \brief Getter function for global hmac context + * + * \return global hmac context + */ +mbedtls_hmac_drbg_context *get_global_hmac_drbg(); + +/** + * \brief Getter function for global entropy context + * + * \return global entropy context + */ +mbedtls_entropy_context *get_global_entropy(); + +#ifdef __cplusplus +} +#endif + +#endif // MBEDTLS_SSL_CONF_RNG +#endif // SHARED_RNG_H diff --git a/features/mbedtls/platform/src/shared_rng.cpp b/features/mbedtls/platform/src/shared_rng.cpp new file mode 100644 index 00000000000..373b1ad9d9d --- /dev/null +++ b/features/mbedtls/platform/src/shared_rng.cpp @@ -0,0 +1,75 @@ +/* + * shared_rng.cpp + * + * Copyright (C) 2019, Arm Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + */ + +#include "shared_rng.h" + +#if defined(MBEDTLS_SSL_CONF_RNG) + +#include "mbed_trace.h" + +mbedtls_hmac_drbg_context global_hmac_drbg; +mbedtls_entropy_context global_entropy; +static bool is_initialized = false; + +int init_global_rng() +{ + mbedtls_entropy_init(&global_entropy); + mbedtls_hmac_drbg_init(&global_hmac_drbg); + + int ret = mbedtls_hmac_drbg_seed(&global_hmac_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + mbedtls_entropy_func, &global_entropy, NULL, 0); + + if (ret != 0) { + tr_error(" init_global_rng failed! mbedtls_hmac_drbg_seed returned -0x%x", -ret); + free_global_rng(); + } else { + is_initialized = true; + } + + return ret; +This conversation was marked as resolved by jarvte +} + +void free_global_rng() +{ + mbedtls_entropy_free(&global_entropy); + mbedtls_hmac_drbg_free(&global_hmac_drbg); + is_initialized = false; +} + +int global_rng( void *ctx, unsigned char *dst, size_t len ) +{ + if (!is_initialized) { + return MBED_SHARED_RNG_NOT_INITIALIZED; + } + return mbedtls_hmac_drbg_random(&global_hmac_drbg, dst, len); +} + +mbedtls_hmac_drbg_context *get_global_hmac_drbg() +{ + return &global_hmac_drbg; +} + +mbedtls_entropy_context *get_global_entropy() +{ + return &global_entropy; +} + +#endif // MBEDTLS_SSL_CONF_RNG diff --git a/features/nanostack/coap-service/source/coap_security_handler.c b/features/nanostack/coap-service/source/coap_security_handler.c index bf6d8bb4b16..d56c494c86b 100644 --- a/features/nanostack/coap-service/source/coap_security_handler.c +++ b/features/nanostack/coap-service/source/coap_security_handler.c @@ -396,7 +396,9 @@ int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_ser mbedtls_ssl_conf_handshake_timeout(&sec->_conf, timeout_min, timeout_max); } +#if !defined(MBEDTLS_SSL_CONF_RNG) mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_ctr_drbg_random, &sec->_ctr_drbg); +#endif if ((mbedtls_ssl_setup(&sec->_ssl, &sec->_conf)) != 0) { return -1; diff --git a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c index d7ee8951eed..9c9ff8b72b4 100644 --- a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c +++ b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c @@ -327,8 +327,10 @@ int8_t tls_sec_prot_lib_connect(tls_security_t *sec, bool is_server, const sec_p return -1; } +#if !defined(MBEDTLS_SSL_CONF_RNG) // Configure random number generator mbedtls_ssl_conf_rng(&sec->conf, mbedtls_ctr_drbg_random, &sec->ctr_drbg); +#endif #ifdef MBEDTLS_ECP_RESTARTABLE // Set ECC calculation maximum operations (affects only client) diff --git a/features/netsocket/TLSSocketWrapper.cpp b/features/netsocket/TLSSocketWrapper.cpp index c8b46adf2d8..11379c29f3c 100644 --- a/features/netsocket/TLSSocketWrapper.cpp +++ b/features/netsocket/TLSSocketWrapper.cpp @@ -190,7 +190,9 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) return NSAPI_ERROR_AUTH_FAILURE; } +#if !defined(MBEDTLS_SSL_CONF_RNG) mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_ctr_drbg_random, &_ctr_drbg); +#endif #if MBED_CONF_TLS_SOCKET_DEBUG_LEVEL > 0 From c801caf7cf12f0ec9c1b789012c8b452804fa04b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Teppo=20J=C3=A4rvelin?= Date: Thu, 20 Feb 2020 11:07:01 +0200 Subject: [PATCH 3/8] fixed ssl hostname handling --- features/netsocket/TLSSocketWrapper.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/features/netsocket/TLSSocketWrapper.cpp b/features/netsocket/TLSSocketWrapper.cpp index 11379c29f3c..9b561048844 100644 --- a/features/netsocket/TLSSocketWrapper.cpp +++ b/features/netsocket/TLSSocketWrapper.cpp @@ -175,7 +175,7 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) return continue_handshake(); } -#ifdef MBEDTLS_X509_CRT_PARSE_C +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) tr_info("Starting TLS handshake with %s", _ssl.hostname); #else tr_info("Starting TLS handshake"); @@ -267,7 +267,7 @@ nsapi_error_t TLSSocketWrapper::continue_handshake() } } -#ifdef MBEDTLS_X509_CRT_PARSE_C +#if defined(MBEDTLS_X509_CRT_PARSE_C) && !defined(MBEDTLS_X509_REMOVE_HOSTNAME_VERIFICATION) /* It also means the handshake is done, time to print info */ tr_info("TLS connection to %s established", _ssl.hostname); #else From 377e36305912946ee59d987e8a2f432f21e106ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Teppo=20J=C3=A4rvelin?= Date: Thu, 20 Feb 2020 12:08:57 +0200 Subject: [PATCH 4/8] Added missing optimizations based on mbedtls/baremetal.h config --- TESTS/mbedtls/multi/main.cpp | 34 ++++++++-------- .../TESTS/device_key/functionality/main.cpp | 6 +++ .../src/apps/altcp_tls/altcp_tls_mbedtls.c | 28 ++++++++++--- features/mbedtls/platform/src/shared_rng.cpp | 6 +-- .../source/coap_security_handler.c | 40 ++++++++++++++++--- .../coap-service/unittest/stub/mbedtls_stub.c | 32 +++++++++++++++ .../coap-service/unittest/stub/mbedtls_stub.h | 2 + .../sal-stack-nanostack/nanostack/ns_sha256.h | 16 ++++---- features/netsocket/TLSSocketWrapper.cpp | 33 ++++++++++++--- features/netsocket/TLSSocketWrapper.h | 11 ++++- 10 files changed, 162 insertions(+), 46 deletions(-) diff --git a/TESTS/mbedtls/multi/main.cpp b/TESTS/mbedtls/multi/main.cpp index e6a03f450b9..1e8420c8750 100644 --- a/TESTS/mbedtls/multi/main.cpp +++ b/TESTS/mbedtls/multi/main.cpp @@ -33,7 +33,7 @@ using namespace utest::v1; #if defined(MBEDTLS_SHA256_C) -/* Tests several call to mbedtls_sha256_update function that are not modulo 64 bytes */ +/* Tests several call to mbedtls_sha256_update_ret function that are not modulo 64 bytes */ void test_case_sha256_split() { const unsigned char test_buf[] = {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"}; @@ -50,18 +50,18 @@ void test_case_sha256_split() mbedtls_sha256_context ctx; printf("test sha256\n"); mbedtls_sha256_init(&ctx); - mbedtls_sha256_starts(&ctx, 0); + (void)mbedtls_sha256_starts_ret(&ctx, 0); #if 0 printf("test not splitted\n"); - mbedtls_sha256_update(&ctx, test_buf, 168); + (void)mbedtls_sha256_update_ret(&ctx, test_buf, 168); #else printf("test splitted into 3 pieces\n"); - mbedtls_sha256_update(&ctx, test_buf, 2); - mbedtls_sha256_update(&ctx, test_buf + 2, 66); - mbedtls_sha256_update(&ctx, test_buf + 68, 100); + (void)mbedtls_sha256_update_ret(&ctx, test_buf, 2); + (void)mbedtls_sha256_update_ret(&ctx, test_buf + 2, 66); + (void)mbedtls_sha256_update_ret(&ctx, test_buf + 68, 100); #endif - mbedtls_sha256_finish(&ctx, outsum); + (void)mbedtls_sha256_finish_ret(&ctx, outsum); mbedtls_sha256_free(&ctx); printf("\nreceived result : "); @@ -113,29 +113,29 @@ void test_case_sha256_multi() mbedtls_sha256_init(&ctx2); mbedtls_sha256_init(&ctx3); //Start both contexts - mbedtls_sha256_starts(&ctx1, 0); - mbedtls_sha256_starts(&ctx2, 0); + (void)mbedtls_sha256_starts_ret(&ctx1, 0); + (void)mbedtls_sha256_starts_ret(&ctx2, 0); printf("upd ctx1\n"); - mbedtls_sha256_update(&ctx1, test_buf, 56); + (void)mbedtls_sha256_update_ret(&ctx1, test_buf, 56); printf("upd ctx2\n"); - mbedtls_sha256_update(&ctx2, test_buf, 66); + (void)mbedtls_sha256_update_ret(&ctx2, test_buf, 66); printf("finish ctx1\n"); - mbedtls_sha256_finish(&ctx1, outsum1); + (void)mbedtls_sha256_finish_ret(&ctx1, outsum1); printf("upd ctx2\n"); - mbedtls_sha256_update(&ctx2, test_buf + 66, 46); + (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 66, 46); printf("clone ctx2 in ctx3\n"); mbedtls_sha256_clone(&ctx3, (const mbedtls_sha256_context *)&ctx2); printf("free ctx1\n"); mbedtls_sha256_free(&ctx1); printf("upd ctx2\n"); - mbedtls_sha256_update(&ctx2, test_buf + 112, 56); + (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 112, 56); printf("upd ctx3 with different values than ctx2\n"); - mbedtls_sha256_update(&ctx3, test_buf2, 56); + (void)mbedtls_sha256_update_ret(&ctx3, test_buf2, 56); printf("finish ctx2\n"); - mbedtls_sha256_finish(&ctx2, outsum2); + (void)mbedtls_sha256_finish_ret(&ctx2, outsum2); printf("finish ctx3\n"); - mbedtls_sha256_finish(&ctx3, outsum3); + (void)mbedtls_sha256_finish_ret(&ctx3, outsum3); printf("free ctx2\n"); mbedtls_sha256_free(&ctx2); printf("free ctx3\n"); diff --git a/features/device_key/TESTS/device_key/functionality/main.cpp b/features/device_key/TESTS/device_key/functionality/main.cpp index 22bd47d41d3..3e9f4710786 100644 --- a/features/device_key/TESTS/device_key/functionality/main.cpp +++ b/features/device_key/TESTS/device_key/functionality/main.cpp @@ -72,10 +72,12 @@ void generate_derived_key_long_consistency_test() generate_derived_key_consistency_16_byte_key_long_consistency_test(key); strcpy(key, MSG_KEY_DEVICE_TEST_STEP2); generate_derived_key_consistency_16_byte_key_long_consistency_test(key); +#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH strcpy(key, MSG_KEY_DEVICE_TEST_STEP3); generate_derived_key_consistency_32_byte_key_long_consistency_test(key); strcpy(key, MSG_KEY_DEVICE_TEST_STEP4); generate_derived_key_consistency_32_byte_key_long_consistency_test(key); +#endif } @@ -476,12 +478,16 @@ Case cases[] = { Case("Device Key - long consistency test", generate_derived_key_long_consistency_test, greentea_failure_handler), Case("Device Key - inject value wrong size", device_inject_root_of_trust_wrong_size_test, greentea_failure_handler), Case("Device Key - inject value 16 byte size", device_inject_root_of_trust_16_byte_size_test, greentea_failure_handler), +#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Case("Device Key - inject value 32 byte size", device_inject_root_of_trust_32_byte_size_test, greentea_failure_handler), +#endif Case("Device Key - inject value several times", device_inject_root_of_trust_several_times_test, greentea_failure_handler), Case("Device Key - derived key consistency 16 byte key", generate_derived_key_consistency_16_byte_key_test, greentea_failure_handler), Case("Device Key - derived key consistency 32 byte key", generate_derived_key_consistency_32_byte_key_test, greentea_failure_handler), Case("Device Key - derived key key type 16", generate_derived_key_key_type_16_test, greentea_failure_handler), +#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH Case("Device Key - derived key key type 32", generate_derived_key_key_type_32_test, greentea_failure_handler), +#endif Case("Device Key - derived key wrong key type", generate_derived_key_wrong_key_type_test, greentea_failure_handler) }; diff --git a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c index 93f458991bf..90cd5e07450 100644 --- a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c +++ b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c @@ -69,6 +69,7 @@ /* @todo: which includes are really needed? */ #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/hmac_drbg.h" #include "mbedtls/certs.h" #include "mbedtls/x509.h" #include "mbedtls/ssl.h" @@ -98,7 +99,21 @@ extern const struct altcp_functions altcp_mbedtls_functions; struct altcp_tls_config { mbedtls_ssl_config conf; mbedtls_entropy_context entropy; - mbedtls_ctr_drbg_context ctr_drbg; +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_context _drbg; +#define DRBG_INIT mbedtls_ctr_drbg_init +#define DRBG_SEED mbedtls_ctr_drbg_seed +#define DRBG_SEED_ERROR "mbedtls_ctr_drbg_seed failed: %d\n" +#define DRBG_RANDOM mbedtls_ctr_drbg_random +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_context _drbg; +#define DRBG_INIT mbedtls_hmac_drbg_init +#define DRBG_SEED mbedtls_hmac_drbg_seed +#define DRBG_SEED_ERROR "mbedtls_hmac_drbg_seed failed: %d\n" +#define DRBG_RANDOM mbedtls_hmac_drbg_random +#else +#error "CTR or HMAC must be defined for coap_security_handler!" +#endif mbedtls_x509_crt *cert; mbedtls_pk_context *pkey; mbedtls_x509_crt *ca; @@ -721,12 +736,15 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca mbedtls_ssl_config_init(&conf->conf); mbedtls_entropy_init(&conf->entropy); - mbedtls_ctr_drbg_init(&conf->ctr_drbg); + + DRBG_INIT(&conf->_drbg); /* Seed the RNG */ - ret = mbedtls_ctr_drbg_seed(&conf->ctr_drbg, ALTCP_MBEDTLS_RNG_FN, &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN); + ret = DRBG_SEED(&conf->_drbg, ALTCP_MBEDTLS_RNG_FN, &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN); + if (ret != 0) { - LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_ctr_drbg_seed failed: %d\n", ret)); + LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, (DRBG_SEED_ERROR, ret)); + altcp_mbedtls_free_config(conf); return NULL; } @@ -742,7 +760,7 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca mbedtls_ssl_conf_authmode(&conf->conf, MBEDTLS_SSL_VERIFY_OPTIONAL); #if !defined(MBEDTLS_SSL_CONF_RNG) - mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &conf->ctr_drbg); + mbedtls_ssl_conf_rng(&conf->conf, DRBG_RANDOM, &conf->ctr_drbg); #endif #if ALTCP_MBEDTLS_DEBUG != LWIP_DBG_OFF diff --git a/features/mbedtls/platform/src/shared_rng.cpp b/features/mbedtls/platform/src/shared_rng.cpp index 373b1ad9d9d..970e3de71fb 100644 --- a/features/mbedtls/platform/src/shared_rng.cpp +++ b/features/mbedtls/platform/src/shared_rng.cpp @@ -33,8 +33,9 @@ int init_global_rng() mbedtls_entropy_init(&global_entropy); mbedtls_hmac_drbg_init(&global_hmac_drbg); - int ret = mbedtls_hmac_drbg_seed(&global_hmac_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), - mbedtls_entropy_func, &global_entropy, NULL, 0); + int ret = mbedtls_hmac_drbg_seed(&global_hmac_drbg, + mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + mbedtls_entropy_func, &global_entropy, NULL, 0); if (ret != 0) { tr_error(" init_global_rng failed! mbedtls_hmac_drbg_seed returned -0x%x", -ret); @@ -44,7 +45,6 @@ int init_global_rng() } return ret; -This conversation was marked as resolved by jarvte } void free_global_rng() diff --git a/features/nanostack/coap-service/source/coap_security_handler.c b/features/nanostack/coap-service/source/coap_security_handler.c index d56c494c86b..99be31e24e1 100644 --- a/features/nanostack/coap-service/source/coap_security_handler.c +++ b/features/nanostack/coap-service/source/coap_security_handler.c @@ -30,6 +30,7 @@ #include "mbedtls/entropy.h" #include "mbedtls/entropy_poll.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/hmac_drbg.h" #include "mbedtls/ssl_ciphersuites.h" #include "ns_trace.h" @@ -41,7 +42,14 @@ struct coap_security_s { mbedtls_ssl_config _conf; mbedtls_ssl_context _ssl; - mbedtls_ctr_drbg_context _ctr_drbg; +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_context _drbg; +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_context _drbg; +#else +#error "CTR or HMAC must be defined for coap_security_handler!" +#endif + mbedtls_entropy_context _entropy; bool _is_started; simple_cookie_t _cookie; @@ -114,7 +122,11 @@ static int coap_security_handler_init(coap_security_t *sec) mbedtls_ssl_init(&sec->_ssl); mbedtls_ssl_config_init(&sec->_conf); - mbedtls_ctr_drbg_init(&sec->_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_init(&sec->_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_init(&sec->_drbg); +#endif mbedtls_entropy_init(&sec->_entropy); #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -132,12 +144,20 @@ static int coap_security_handler_init(coap_security_t *sec) 128, entropy_source_type) < 0) { return -1; } - - if ((mbedtls_ctr_drbg_seed(&sec->_ctr_drbg, mbedtls_entropy_func, &sec->_entropy, +#if defined(MBEDTLS_CTR_DRBG_C) + if ((mbedtls_ctr_drbg_seed(&sec->_drbg, mbedtls_entropy_func, &sec->_entropy, + (const unsigned char *) pers, + strlen(pers))) != 0) { + return -1; + } +#elif defined(MBEDTLS_HMAC_DRBG_C) + if ((mbedtls_hmac_drbg_seed(&sec->_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + mbedtls_entropy_func, &sec->_entropy, (const unsigned char *) pers, strlen(pers))) != 0) { return -1; } +#endif return 0; } @@ -160,7 +180,11 @@ static void coap_security_handler_reset(coap_security_t *sec) #endif mbedtls_entropy_free(&sec->_entropy); - mbedtls_ctr_drbg_free(&sec->_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_free(&sec->_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_free(&sec->_drbg); +#endif mbedtls_ssl_config_free(&sec->_conf); mbedtls_ssl_free(&sec->_ssl); #if defined(MBEDTLS_PLATFORM_C) @@ -397,7 +421,11 @@ int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_ser } #if !defined(MBEDTLS_SSL_CONF_RNG) - mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_ctr_drbg_random, &sec->_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_ctr_drbg_random, &sec->_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_hmac_drbg_random, &sec->_drbg); +#endif #endif if ((mbedtls_ssl_setup(&sec->_ssl, &sec->_conf)) != 0) { diff --git a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c index e607acd4d3f..615bae7530c 100644 --- a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c +++ b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c @@ -248,6 +248,38 @@ int mbedtls_ctr_drbg_random(void *p_rng, return mbedtls_stub.crt_expected_int; } +// from hmac_drbg.h +void mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx ) +{ + +} + +void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) +{ + +} + +int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, + mbedtls_md_handle_t md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ) +{ + return mbedtls_stub.crt_expected_int; +} + +int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) +{ + return mbedtls_stub.crt_expected_int; +} + +// from md.h +mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +{ + return 0; +} + //From x509_crt.h void mbedtls_x509_crt_init(mbedtls_x509_crt *a) { diff --git a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.h b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.h index 2ad72cb9398..1910f9c5f2d 100644 --- a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.h +++ b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.h @@ -24,11 +24,13 @@ #include "mbedtls/platform.h" #include "mbedtls/ssl.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/hmac_drbg.h" #include "mbedtls/x509_crt.h" #include "mbedtls/sha256.h" #include "mbedtls/entropy.h" #include "mbedtls/pk.h" #include "mbedtls/platform.h" +#include "mbedtls/md.h" #define HANDSHAKE_FINISHED_VALUE 8888 diff --git a/features/nanostack/sal-stack-nanostack/nanostack/ns_sha256.h b/features/nanostack/sal-stack-nanostack/nanostack/ns_sha256.h index 6aafd780460..d0881886085 100644 --- a/features/nanostack/sal-stack-nanostack/nanostack/ns_sha256.h +++ b/features/nanostack/sal-stack-nanostack/nanostack/ns_sha256.h @@ -61,23 +61,23 @@ static inline void ns_sha256_clone(ns_sha256_context *dst, static inline void ns_sha256_starts(ns_sha256_context *ctx) { - mbedtls_sha256_starts(ctx, 0); + (void)mbedtls_sha256_starts_ret(ctx, 0); } static inline void ns_sha256_update(ns_sha256_context *ctx, const void *input, size_t ilen) { - mbedtls_sha256_update(ctx, input, ilen); + (void)mbedtls_sha256_update_ret(ctx, input, ilen); } static inline void ns_sha256_finish(ns_sha256_context *ctx, void *output) { - mbedtls_sha256_finish(ctx, output); + (void)mbedtls_sha256_finish_ret(ctx, output); } static inline void ns_sha256(const void *input, size_t ilen, void *output) { - mbedtls_sha256(input, ilen, output, 0); + (void)mbedtls_sha256_ret(input, ilen, output, 0); } /* Extensions to standard mbed TLS - output the first bits of a hash only */ @@ -85,10 +85,10 @@ static inline void ns_sha256(const void *input, size_t ilen, void *output) static inline void ns_sha256_finish_nbits(ns_sha256_context *ctx, void *output, unsigned obits) { if (obits == 256) { - mbedtls_sha256_finish(ctx, output); + (void)mbedtls_sha256_finish_ret(ctx, output); } else { uint8_t sha256[32]; - mbedtls_sha256_finish(ctx, sha256); + (void)mbedtls_sha256_finish_ret(ctx, sha256); memcpy(output, sha256, obits / 8); } } @@ -96,10 +96,10 @@ static inline void ns_sha256_finish_nbits(ns_sha256_context *ctx, void *output, static inline void ns_sha256_nbits(const void *input, size_t ilen, void *output, unsigned obits) { if (obits == 256) { - mbedtls_sha256(input, ilen, output, 0); + (void)mbedtls_sha256_ret(input, ilen, output, 0); } else { uint8_t sha256[32]; - mbedtls_sha256(input, ilen, sha256, 0); + (void)mbedtls_sha256_ret(input, ilen, sha256, 0); memcpy(output, sha256, obits / 8); } } diff --git a/features/netsocket/TLSSocketWrapper.cpp b/features/netsocket/TLSSocketWrapper.cpp index 9b561048844..d01959f09fc 100644 --- a/features/netsocket/TLSSocketWrapper.cpp +++ b/features/netsocket/TLSSocketWrapper.cpp @@ -53,7 +53,12 @@ TLSSocketWrapper::TLSSocketWrapper(Socket *transport, const char *hostname, cont } #endif /* MBEDTLS_PLATFORM_C */ mbedtls_entropy_init(&_entropy); - mbedtls_ctr_drbg_init(&_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_init(&_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_init(&_drbg); +#endif + mbedtls_ssl_init(&_ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_pk_init(&_pkctx); @@ -70,7 +75,11 @@ TLSSocketWrapper::~TLSSocketWrapper() close(); } mbedtls_entropy_free(&_entropy); - mbedtls_ctr_drbg_free(&_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_free(&_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_free(&_drbg); +#endif mbedtls_ssl_free(&_ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_pk_free(&_pkctx); @@ -183,15 +192,29 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) /* * Initialize TLS-related stuf. */ - if ((ret = mbedtls_ctr_drbg_seed(&_ctr_drbg, mbedtls_entropy_func, &_entropy, +#if defined(MBEDTLS_CTR_DRBG_C) + if ((ret = mbedtls_ctr_drbg_seed(&_drbg, mbedtls_entropy_func, &_entropy, (const unsigned char *) DRBG_PERS, sizeof(DRBG_PERS))) != 0) { print_mbedtls_error("mbedtls_crt_drbg_init", ret); return NSAPI_ERROR_AUTH_FAILURE; } +#elif defined(MBEDTLS_HMAC_DRBG_C) + if ((ret = mbedtls_hmac_drbg_seed(&_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + mbedtls_entropy_func, &_entropy, + (const unsigned char *) DRBG_PERS, + sizeof(DRBG_PERS))) != 0) { + print_mbedtls_error("mbedtls_hmac_drbg_seed", ret); + return NSAPI_ERROR_AUTH_FAILURE; + } +#endif #if !defined(MBEDTLS_SSL_CONF_RNG) - mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_ctr_drbg_random, &_ctr_drbg); +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_ctr_drbg_random, &_drbg); +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_hmac_drbg_random, &_drbg); +#endif #endif @@ -274,7 +297,7 @@ nsapi_error_t TLSSocketWrapper::continue_handshake() tr_info("TLS connection established"); #endif -#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(FEA_TRACE_SUPPORT) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && defined(FEA_TRACE_SUPPORT) && !defined(MBEDTLS_X509_REMOVE_INFO) /* Prints the server certificate and verify it. */ const size_t buf_size = 1024; char *buf = new char[buf_size]; diff --git a/features/netsocket/TLSSocketWrapper.h b/features/netsocket/TLSSocketWrapper.h index 9b21b7c6921..aff4be53e16 100644 --- a/features/netsocket/TLSSocketWrapper.h +++ b/features/netsocket/TLSSocketWrapper.h @@ -29,6 +29,7 @@ #include "mbedtls/ssl.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" +#include "mbedtls/hmac_drbg.h" #include "mbedtls/error.h" // This class requires Mbed TLS SSL/TLS client code @@ -241,7 +242,7 @@ class TLSSocketWrapper : public Socket { * @retval NSAPI_ERROR_IN_PROGRESS if the first call did not complete the request. * @retval NSAPI_ERROR_NO_SOCKET in case the transport socket was not created correctly. * @retval NSAPI_ERROR_AUTH_FAILURE in case of tls-related authentication errors. - * See @ref mbedtls_ctr_drbg_seed, @ref mbedtls_ssl_setup. @ref mbedtls_ssl_handshake. + * See @ref mbedtls_ctr_drbg_seed or @ref mbedtls_hmac_drbg_seed, @ref mbedtls_ssl_setup. @ref mbedtls_ssl_handshake. */ nsapi_error_t start_handshake(bool first_call); @@ -290,7 +291,13 @@ class TLSSocketWrapper : public Socket { #ifdef MBEDTLS_X509_CRT_PARSE_C mbedtls_pk_context _pkctx; #endif - mbedtls_ctr_drbg_context _ctr_drbg; + +#if defined(MBEDTLS_CTR_DRBG_C) + mbedtls_ctr_drbg_context _drbg; +#elif defined(MBEDTLS_HMAC_DRBG_C) + mbedtls_hmac_drbg_context _drbg; +#endif + mbedtls_entropy_context _entropy; rtos::EventFlags _event_flag; From af12d0642bbb7ef91ab8964c6a90250e200de84b Mon Sep 17 00:00:00 2001 From: Antti Kauppila Date: Mon, 24 Feb 2020 14:01:42 +0200 Subject: [PATCH 5/8] trace group defiined for shared_rng Unittests fixed 2 mbedtls functions were updated to reflect the api --- features/mbedtls/platform/src/shared_rng.cpp | 2 ++ .../test/coap-service/unittest/stub/mbedtls_stub.c | 12 ++++++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/features/mbedtls/platform/src/shared_rng.cpp b/features/mbedtls/platform/src/shared_rng.cpp index 970e3de71fb..e64844cf360 100644 --- a/features/mbedtls/platform/src/shared_rng.cpp +++ b/features/mbedtls/platform/src/shared_rng.cpp @@ -24,6 +24,8 @@ #include "mbed_trace.h" +#define TRACE_GROUP "SRNG" + mbedtls_hmac_drbg_context global_hmac_drbg; mbedtls_entropy_context global_entropy; static bool is_initialized = false; diff --git a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c index 615bae7530c..de419181a77 100644 --- a/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c +++ b/features/nanostack/coap-service/test/coap-service/unittest/stub/mbedtls_stub.c @@ -260,11 +260,11 @@ void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx ) } int mbedtls_hmac_drbg_seed( mbedtls_hmac_drbg_context *ctx, - mbedtls_md_handle_t md_info, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ) + const mbedtls_md_info_t * md_info, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ) { return mbedtls_stub.crt_expected_int; } @@ -275,7 +275,7 @@ int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len } // from md.h -mbedtls_md_handle_t mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) +const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type ) { return 0; } From 3dbe97b8cb5e5900ffd1cf142a1e72881cc5cb20 Mon Sep 17 00:00:00 2001 From: Antti Kauppila Date: Mon, 30 Mar 2020 18:29:23 +0300 Subject: [PATCH 6/8] MBEDTLS_SSL_EXPORT_KEYS added to Nanostack's tls_sec_prot_lib --- .../source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c index 9c9ff8b72b4..da52a27cefe 100644 --- a/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c +++ b/features/nanostack/sal-stack-nanostack/source/Security/protocols/tls_sec_prot/tls_sec_prot_lib.c @@ -24,7 +24,7 @@ #include MBEDTLS_CONFIG_FILE #endif -#if defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_TLS_C) && defined(MBEDTLS_X509_CRT_PARSE_C) && defined(MBEDTLS_SSL_EXPORT_KEYS) /* EXPORT_KEYS not supported by mbedtls baremetal yet */ #define WS_MBEDTLS_SECURITY_ENABLED #endif From 5bdc7314f471b93fc50c7eaf6fe80687215db8f1 Mon Sep 17 00:00:00 2001 From: Antti Kauppila Date: Tue, 31 Mar 2020 15:59:56 +0300 Subject: [PATCH 7/8] more error handling added for ctr and hmac --- .../src/apps/altcp_tls/altcp_tls_mbedtls.c | 15 +++++++--- .../source/coap_security_handler.c | 28 +++++++++---------- features/netsocket/TLSSocketWrapper.cpp | 22 +++++---------- features/netsocket/TLSSocketWrapper.h | 20 +++++++++---- 4 files changed, 46 insertions(+), 39 deletions(-) diff --git a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c index 90cd5e07450..d101604cda6 100644 --- a/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c +++ b/features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c @@ -102,17 +102,15 @@ struct altcp_tls_config { #if defined(MBEDTLS_CTR_DRBG_C) mbedtls_ctr_drbg_context _drbg; #define DRBG_INIT mbedtls_ctr_drbg_init -#define DRBG_SEED mbedtls_ctr_drbg_seed #define DRBG_SEED_ERROR "mbedtls_ctr_drbg_seed failed: %d\n" #define DRBG_RANDOM mbedtls_ctr_drbg_random #elif defined(MBEDTLS_HMAC_DRBG_C) mbedtls_hmac_drbg_context _drbg; #define DRBG_INIT mbedtls_hmac_drbg_init -#define DRBG_SEED mbedtls_hmac_drbg_seed #define DRBG_SEED_ERROR "mbedtls_hmac_drbg_seed failed: %d\n" #define DRBG_RANDOM mbedtls_hmac_drbg_random #else -#error "CTR or HMAC must be defined for coap_security_handler!" +#error "CTR or HMAC must be defined for altcp_tls_mbedtls!" #endif mbedtls_x509_crt *cert; mbedtls_pk_context *pkey; @@ -740,7 +738,16 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca DRBG_INIT(&conf->_drbg); /* Seed the RNG */ - ret = DRBG_SEED(&conf->_drbg, ALTCP_MBEDTLS_RNG_FN, &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN); +#if defined(MBEDTLS_CTR_DRBG_C) + ret = mbedtls_ctr_drbg_seed(&conf->_drbg, ALTCP_MBEDTLS_RNG_FN, + &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN); +#elif defined(MBEDTLS_HMAC_DRBG_C) + ret = mbedtls_hmac_drbg_seed(&conf->_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), + ALTCP_MBEDTLS_RNG_FN, &conf->entropy, + ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN); +#else +#error "CTR or HMAC must be defined for altcp_tls_mbedtls!" +#endif if (ret != 0) { LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, (DRBG_SEED_ERROR, ret)); diff --git a/features/nanostack/coap-service/source/coap_security_handler.c b/features/nanostack/coap-service/source/coap_security_handler.c index 99be31e24e1..b2ec1b69d5d 100644 --- a/features/nanostack/coap-service/source/coap_security_handler.c +++ b/features/nanostack/coap-service/source/coap_security_handler.c @@ -44,8 +44,14 @@ struct coap_security_s { #if defined(MBEDTLS_CTR_DRBG_C) mbedtls_ctr_drbg_context _drbg; +#define DRBG_INIT mbedtls_ctr_drbg_init +#define DRBG_RANDOM mbedtls_ctr_drbg_random +#define DRBG_FREE mbedtls_ctr_drbg_free #elif defined(MBEDTLS_HMAC_DRBG_C) mbedtls_hmac_drbg_context _drbg; +#define DRBG_INIT mbedtls_hmac_drbg_init +#define DRBG_RANDOM mbedtls_hmac_drbg_random +#define DRBG_FREE mbedtls_hmac_drbg_free #else #error "CTR or HMAC must be defined for coap_security_handler!" #endif @@ -122,11 +128,7 @@ static int coap_security_handler_init(coap_security_t *sec) mbedtls_ssl_init(&sec->_ssl); mbedtls_ssl_config_init(&sec->_conf); -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init(&sec->_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init(&sec->_drbg); -#endif + DRBG_INIT(&sec->_drbg); mbedtls_entropy_init(&sec->_entropy); #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -157,6 +159,8 @@ static int coap_security_handler_init(coap_security_t *sec) strlen(pers))) != 0) { return -1; } +#else +#error "CTR or HMAC must be defined for coap_security_handler!" #endif return 0; } @@ -180,11 +184,9 @@ static void coap_security_handler_reset(coap_security_t *sec) #endif mbedtls_entropy_free(&sec->_entropy); -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free(&sec->_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free(&sec->_drbg); -#endif + + DRBG_FREE(&sec->_drbg); + mbedtls_ssl_config_free(&sec->_conf); mbedtls_ssl_free(&sec->_ssl); #if defined(MBEDTLS_PLATFORM_C) @@ -421,11 +423,7 @@ int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_ser } #if !defined(MBEDTLS_SSL_CONF_RNG) -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_ctr_drbg_random, &sec->_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_ssl_conf_rng(&sec->_conf, mbedtls_hmac_drbg_random, &sec->_drbg); -#endif + mbedtls_ssl_conf_rng(&sec->_conf, DRBG_RANDOM, &sec->_drbg); #endif if ((mbedtls_ssl_setup(&sec->_ssl, &sec->_conf)) != 0) { diff --git a/features/netsocket/TLSSocketWrapper.cpp b/features/netsocket/TLSSocketWrapper.cpp index d01959f09fc..2659518a103 100644 --- a/features/netsocket/TLSSocketWrapper.cpp +++ b/features/netsocket/TLSSocketWrapper.cpp @@ -53,11 +53,7 @@ TLSSocketWrapper::TLSSocketWrapper(Socket *transport, const char *hostname, cont } #endif /* MBEDTLS_PLATFORM_C */ mbedtls_entropy_init(&_entropy); -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_init(&_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_init(&_drbg); -#endif + DRBG_INIT(&_drbg); mbedtls_ssl_init(&_ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) @@ -75,11 +71,9 @@ TLSSocketWrapper::~TLSSocketWrapper() close(); } mbedtls_entropy_free(&_entropy); -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_free(&_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_free(&_drbg); -#endif + + DRBG_FREE(&_drbg); + mbedtls_ssl_free(&_ssl); #if defined(MBEDTLS_X509_CRT_PARSE_C) mbedtls_pk_free(&_pkctx); @@ -207,14 +201,12 @@ nsapi_error_t TLSSocketWrapper::start_handshake(bool first_call) print_mbedtls_error("mbedtls_hmac_drbg_seed", ret); return NSAPI_ERROR_AUTH_FAILURE; } +#else +#error "CTR or HMAC must be defined for TLSSocketWrapper!" #endif #if !defined(MBEDTLS_SSL_CONF_RNG) -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_ctr_drbg_random, &_drbg); -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_ssl_conf_rng(get_ssl_config(), mbedtls_hmac_drbg_random, &_drbg); -#endif + mbedtls_ssl_conf_rng(get_ssl_config(), DRBG_RANDOM, &_drbg); #endif diff --git a/features/netsocket/TLSSocketWrapper.h b/features/netsocket/TLSSocketWrapper.h index aff4be53e16..f4cbfe0c4ee 100644 --- a/features/netsocket/TLSSocketWrapper.h +++ b/features/netsocket/TLSSocketWrapper.h @@ -35,6 +35,20 @@ // This class requires Mbed TLS SSL/TLS client code #if defined(MBEDTLS_SSL_CLI_C) || defined(DOXYGEN_ONLY) +#if defined(MBEDTLS_CTR_DRBG_C) +#define DRBG_CTX mbedtls_ctr_drbg_context +#define DRBG_INIT mbedtls_ctr_drbg_init +#define DRBG_RANDOM mbedtls_ctr_drbg_random +#define DRBG_FREE mbedtls_ctr_drbg_free +#elif defined(MBEDTLS_HMAC_DRBG_C) +#define DRBG_CTX mbedtls_hmac_drbg_context +#define DRBG_INIT mbedtls_hmac_drbg_init +#define DRBG_RANDOM mbedtls_hmac_drbg_random +#define DRBG_FREE mbedtls_hmac_drbg_free +#else +#error "CTR or HMAC must be defined for TLSSocketWrapper!" +#endif + /** * TLSSocket is a wrapper around Socket for interacting with TLS servers. * @@ -292,11 +306,7 @@ class TLSSocketWrapper : public Socket { mbedtls_pk_context _pkctx; #endif -#if defined(MBEDTLS_CTR_DRBG_C) - mbedtls_ctr_drbg_context _drbg; -#elif defined(MBEDTLS_HMAC_DRBG_C) - mbedtls_hmac_drbg_context _drbg; -#endif + DRBG_CTX _drbg; mbedtls_entropy_context _entropy; From 9c328114c54ed33f7b517cdf79060ea35b51fee6 Mon Sep 17 00:00:00 2001 From: Antti Kauppila Date: Tue, 31 Mar 2020 16:15:44 +0300 Subject: [PATCH 8/8] Licence updated --- features/mbedtls/platform/inc/shared_rng.h | 2 +- features/mbedtls/platform/src/shared_rng.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/features/mbedtls/platform/inc/shared_rng.h b/features/mbedtls/platform/inc/shared_rng.h index 154bdfa184a..76fc60739db 100644 --- a/features/mbedtls/platform/inc/shared_rng.h +++ b/features/mbedtls/platform/inc/shared_rng.h @@ -1,7 +1,7 @@ /* * shared_rng.h * - * Copyright (C) 2019, Arm Limited, All Rights Reserved + * Copyright (C) 2019-2020, Arm Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may diff --git a/features/mbedtls/platform/src/shared_rng.cpp b/features/mbedtls/platform/src/shared_rng.cpp index e64844cf360..65600f5deab 100644 --- a/features/mbedtls/platform/src/shared_rng.cpp +++ b/features/mbedtls/platform/src/shared_rng.cpp @@ -1,7 +1,7 @@ /* * shared_rng.cpp * - * Copyright (C) 2019, Arm Limited, All Rights Reserved + * Copyright (C) 2019-2020, Arm Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may