Merge pull request #12723 from AnttiKauppila/mbedtls_fixes5.15

Mbedtls fixes for 5.15.2

Author: 0xc0170

TESTS/mbedtls/multi/main.cpp

@@ -33,7 +33,7 @@
 using namespace utest::v1;
 
 #if defined(MBEDTLS_SHA256_C)
-/* Tests several call to mbedtls_sha256_update function that are not modulo 64 bytes */
+/* Tests several call to mbedtls_sha256_update_ret function that are not modulo 64 bytes */
 void test_case_sha256_split()
 {
     const unsigned char test_buf[] = {"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopqabcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"};
@@ -50,18 +50,18 @@ void test_case_sha256_split()
     mbedtls_sha256_context ctx;
     printf("test sha256\n");
     mbedtls_sha256_init(&ctx);
-    mbedtls_sha256_starts(&ctx, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx, 0);
 #if 0
     printf("test not splitted\n");
-    mbedtls_sha256_update(&ctx, test_buf, 168);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf, 168);
 #else
     printf("test splitted into 3 pieces\n");
-    mbedtls_sha256_update(&ctx, test_buf, 2);
-    mbedtls_sha256_update(&ctx, test_buf + 2, 66);
-    mbedtls_sha256_update(&ctx, test_buf + 68, 100);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf, 2);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf + 2, 66);
+    (void)mbedtls_sha256_update_ret(&ctx, test_buf + 68, 100);
 #endif
 
-    mbedtls_sha256_finish(&ctx, outsum);
+    (void)mbedtls_sha256_finish_ret(&ctx, outsum);
     mbedtls_sha256_free(&ctx);
 
     printf("\nreceived result : ");
@@ -113,29 +113,29 @@ void test_case_sha256_multi()
     mbedtls_sha256_init(&ctx2);
     mbedtls_sha256_init(&ctx3);
     //Start both contexts
-    mbedtls_sha256_starts(&ctx1, 0);
-    mbedtls_sha256_starts(&ctx2, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx1, 0);
+    (void)mbedtls_sha256_starts_ret(&ctx2, 0);
 
     printf("upd ctx1\n");
-    mbedtls_sha256_update(&ctx1, test_buf, 56);
+    (void)mbedtls_sha256_update_ret(&ctx1, test_buf, 56);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf, 66);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf, 66);
     printf("finish ctx1\n");
-    mbedtls_sha256_finish(&ctx1, outsum1);
+    (void)mbedtls_sha256_finish_ret(&ctx1, outsum1);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf + 66, 46);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 66, 46);
     printf("clone ctx2 in ctx3\n");
     mbedtls_sha256_clone(&ctx3, (const mbedtls_sha256_context *)&ctx2);
     printf("free ctx1\n");
     mbedtls_sha256_free(&ctx1);
     printf("upd ctx2\n");
-    mbedtls_sha256_update(&ctx2, test_buf + 112, 56);
+    (void)mbedtls_sha256_update_ret(&ctx2, test_buf + 112, 56);
     printf("upd ctx3 with different values than ctx2\n");
-    mbedtls_sha256_update(&ctx3, test_buf2, 56);
+    (void)mbedtls_sha256_update_ret(&ctx3, test_buf2, 56);
     printf("finish ctx2\n");
-    mbedtls_sha256_finish(&ctx2, outsum2);
+    (void)mbedtls_sha256_finish_ret(&ctx2, outsum2);
     printf("finish ctx3\n");
-    mbedtls_sha256_finish(&ctx3, outsum3);
+    (void)mbedtls_sha256_finish_ret(&ctx3, outsum3);
     printf("free ctx2\n");
     mbedtls_sha256_free(&ctx2);
     printf("free ctx3\n");

features/device_key/TESTS/device_key/functionality/main.cpp

@@ -72,10 +72,12 @@ void generate_derived_key_long_consistency_test()
     generate_derived_key_consistency_16_byte_key_long_consistency_test(key);
     strcpy(key, MSG_KEY_DEVICE_TEST_STEP2);
     generate_derived_key_consistency_16_byte_key_long_consistency_test(key);
+#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
     strcpy(key, MSG_KEY_DEVICE_TEST_STEP3);
     generate_derived_key_consistency_32_byte_key_long_consistency_test(key);
     strcpy(key, MSG_KEY_DEVICE_TEST_STEP4);
     generate_derived_key_consistency_32_byte_key_long_consistency_test(key);
+#endif
 
 }
 
@@ -476,12 +478,16 @@ Case cases[] = {
     Case("Device Key - long consistency test",               generate_derived_key_long_consistency_test,        greentea_failure_handler),
     Case("Device Key - inject value wrong size",             device_inject_root_of_trust_wrong_size_test,       greentea_failure_handler),
     Case("Device Key - inject value 16 byte size",           device_inject_root_of_trust_16_byte_size_test,     greentea_failure_handler),
+#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
     Case("Device Key - inject value 32 byte size",           device_inject_root_of_trust_32_byte_size_test,     greentea_failure_handler),
+#endif
     Case("Device Key - inject value several times",          device_inject_root_of_trust_several_times_test,    greentea_failure_handler),
     Case("Device Key - derived key consistency 16 byte key", generate_derived_key_consistency_16_byte_key_test, greentea_failure_handler),
     Case("Device Key - derived key consistency 32 byte key", generate_derived_key_consistency_32_byte_key_test, greentea_failure_handler),
     Case("Device Key - derived key key type 16",             generate_derived_key_key_type_16_test,             greentea_failure_handler),
+#ifndef MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
     Case("Device Key - derived key key type 32",             generate_derived_key_key_type_32_test,             greentea_failure_handler),
+#endif
     Case("Device Key - derived key wrong key type",          generate_derived_key_wrong_key_type_test,          greentea_failure_handler)
 };
 

features/lwipstack/lwip/src/apps/altcp_tls/altcp_tls_mbedtls.c

@@ -69,6 +69,7 @@
 /* @todo: which includes are really needed? */
 #include "mbedtls/entropy.h"
 #include "mbedtls/ctr_drbg.h"
+#include "mbedtls/hmac_drbg.h"
 #include "mbedtls/certs.h"
 #include "mbedtls/x509.h"
 #include "mbedtls/ssl.h"
@@ -98,7 +99,19 @@ extern const struct altcp_functions altcp_mbedtls_functions;
 struct altcp_tls_config {
   mbedtls_ssl_config conf;
   mbedtls_entropy_context entropy;
-  mbedtls_ctr_drbg_context ctr_drbg;
+#if defined(MBEDTLS_CTR_DRBG_C)
+    mbedtls_ctr_drbg_context    _drbg;
+#define DRBG_INIT mbedtls_ctr_drbg_init
+#define DRBG_SEED_ERROR "mbedtls_ctr_drbg_seed failed: %d\n"
+#define DRBG_RANDOM mbedtls_ctr_drbg_random
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    mbedtls_hmac_drbg_context   _drbg;
+#define DRBG_INIT mbedtls_hmac_drbg_init
+#define DRBG_SEED_ERROR "mbedtls_hmac_drbg_seed failed: %d\n"
+#define DRBG_RANDOM mbedtls_hmac_drbg_random
+#else
+#error "CTR or HMAC must be defined for altcp_tls_mbedtls!"
+#endif
   mbedtls_x509_crt *cert;
   mbedtls_pk_context *pkey;
   mbedtls_x509_crt *ca;
@@ -599,8 +612,15 @@ altcp_mbedtls_setup(void *conf, struct altcp_pcb *conn, struct altcp_pcb *inner_
     altcp_mbedtls_free(conf, state);
     return ERR_MEM;
   }
+  // Defines MBEDTLS_SSL_CONF_RECV/SEND/RECV_TIMEOUT define global functions which should be the same for all
+  // callers of mbedtls_ssl_set_bio_ctx and there should be only one ssl context. If these rules don't apply,
+  // these defines can't be used.
+#if !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT)
   /* tell mbedtls about our I/O functions */
   mbedtls_ssl_set_bio(&state->ssl_context, conn, altcp_mbedtls_bio_send, altcp_mbedtls_bio_recv, NULL);
+#else
+  mbedtls_ssl_set_bio_ctx(&state->ssl_context, conn);
+#endif /* !defined(MBEDTLS_SSL_CONF_RECV) && !defined(MBEDTLS_SSL_CONF_SEND) && !defined(MBEDTLS_SSL_CONF_RECV_TIMEOUT) */
 
   altcp_mbedtls_setup_callbacks(conn, inner_conn);
   conn->inner_conn = inner_conn;
@@ -714,12 +734,24 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca
 
   mbedtls_ssl_config_init(&conf->conf);
   mbedtls_entropy_init(&conf->entropy);
-  mbedtls_ctr_drbg_init(&conf->ctr_drbg);
+
+  DRBG_INIT(&conf->_drbg);
 
   /* Seed the RNG */
-  ret = mbedtls_ctr_drbg_seed(&conf->ctr_drbg, ALTCP_MBEDTLS_RNG_FN, &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN);
+#if defined(MBEDTLS_CTR_DRBG_C)
+    ret = mbedtls_ctr_drbg_seed(&conf->_drbg, ALTCP_MBEDTLS_RNG_FN,
+                                &conf->entropy, ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN);
+#elif defined(MBEDTLS_HMAC_DRBG_C)
+    ret = mbedtls_hmac_drbg_seed(&conf->_drbg, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+                                 ALTCP_MBEDTLS_RNG_FN, &conf->entropy,
+                                 ALTCP_MBEDTLS_ENTROPY_PTR, ALTCP_MBEDTLS_ENTROPY_LEN);
+#else
+#error "CTR or HMAC must be defined for altcp_tls_mbedtls!"
+#endif
+
   if (ret != 0) {
-    LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_ctr_drbg_seed failed: %d\n", ret));
+    LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, (DRBG_SEED_ERROR, ret));
+
     altcp_mbedtls_free_config(conf);
     return NULL;
   }
@@ -734,7 +766,10 @@ altcp_tls_create_config(int is_server, int have_cert, int have_pkey, int have_ca
   }
   mbedtls_ssl_conf_authmode(&conf->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
 
-  mbedtls_ssl_conf_rng(&conf->conf, mbedtls_ctr_drbg_random, &conf->ctr_drbg);
+#if !defined(MBEDTLS_SSL_CONF_RNG)
+  mbedtls_ssl_conf_rng(&conf->conf, DRBG_RANDOM, &conf->ctr_drbg);
+#endif
+
 #if ALTCP_MBEDTLS_DEBUG != LWIP_DBG_OFF
   mbedtls_ssl_conf_dbg(&conf->conf, altcp_mbedtls_debug, stdout);
 #endif

features/mbedtls/platform/inc/shared_rng.h

@@ -0,0 +1,93 @@
+/*
+ *  shared_rng.h
+ *
+ *  Copyright (C) 2019-2020, Arm Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+#ifndef SHARED_RNG_H
+#define SHARED_RNG_H
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_SSL_CONF_RNG)
+
+#define MBED_SHARED_RNG_NOT_INITIALIZED -1  /**< init_global_rng not called before global_rng */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "mbedtls/hmac_drbg.h"
+#include "mbedtls/entropy.h"
+
+/**
+ * \brief       Initializes hmac ready for rng
+ *
+ * \return      0 if successful, or
+ *              MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
+ *              MBEDTLS_ERR_MD_ALLOC_FAILED, or
+ *              MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED.
+ */
+int init_global_rng();
+
+/**
+ * \brief       Global HMAC_DRBG generate random
+ *
+ * \note        Automatically reseeds if reseed_counter is reached or PR is enabled.
+ * \note        init_global_rng function must be called
+ *              before calling this function!
+ *
+ * \param ctx   DRBG context
+ * \param dst   Buffer to fill
+ * \param len   Length of the buffer
+ *
+ * \return      0 if successful, or
+ *              MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
+ *              MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG or
+ *              MBED_SHARED_RNG_NOT_INITIALIZED
+ */
+int global_rng( void *ctx, unsigned char *dst, size_t len );
+
+/**
+ * \brief       Free allocated resources
+ */
+void free_global_rng();
+
+/**
+ * \brief       Getter function for global hmac context
+ *
+ * \return      global hmac context
+ */
+mbedtls_hmac_drbg_context *get_global_hmac_drbg();
+
+/**
+ * \brief       Getter function for global entropy context
+ *
+ * \return      global entropy context
+ */
+mbedtls_entropy_context *get_global_entropy();
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // MBEDTLS_SSL_CONF_RNG
+#endif // SHARED_RNG_H

features/mbedtls/platform/src/shared_rng.cpp

@@ -0,0 +1,77 @@
+/*
+ *  shared_rng.cpp
+ *
+ *  Copyright (C) 2019-2020, Arm Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+
+#include "shared_rng.h"
+
+#if defined(MBEDTLS_SSL_CONF_RNG)
+
+#include "mbed_trace.h"
+
+#define TRACE_GROUP "SRNG"
+
+mbedtls_hmac_drbg_context global_hmac_drbg;
+mbedtls_entropy_context global_entropy;
+static bool is_initialized = false;
+
+int init_global_rng()
+{
+    mbedtls_entropy_init(&global_entropy);
+    mbedtls_hmac_drbg_init(&global_hmac_drbg);
+
+    int ret = mbedtls_hmac_drbg_seed(&global_hmac_drbg,
+                                     mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+                                     mbedtls_entropy_func, &global_entropy, NULL, 0);
+
+    if (ret != 0) {
+        tr_error(" init_global_rng failed! mbedtls_hmac_drbg_seed returned -0x%x", -ret);
+        free_global_rng();
+    } else {
+        is_initialized = true;
+    }
+
+    return ret;
+}
+
+void free_global_rng()
+{
+    mbedtls_entropy_free(&global_entropy);
+    mbedtls_hmac_drbg_free(&global_hmac_drbg);
+    is_initialized = false;
+}
+
+int global_rng( void *ctx, unsigned char *dst, size_t len )
+{
+    if (!is_initialized) {
+        return MBED_SHARED_RNG_NOT_INITIALIZED;
+    }
+    return mbedtls_hmac_drbg_random(&global_hmac_drbg, dst, len);
+}
+
+mbedtls_hmac_drbg_context *get_global_hmac_drbg()
+{
+    return &global_hmac_drbg;
+}
+
+mbedtls_entropy_context *get_global_entropy()
+{
+    return &global_entropy;
+}
+
+#endif // MBEDTLS_SSL_CONF_RNG