From 72a88e7255757623151c62cd3fdf15e5fde6ed6e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:07:16 +0100 Subject: [PATCH 01/33] Remove MBEDTLS_MD5_PROCESS_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/md5.c | 3 --- 2 files changed, 4 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 0f1b54e226..a256c36211 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -387,7 +387,6 @@ * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ -//#define MBEDTLS_MD5_PROCESS_ALT //#define MBEDTLS_RIPEMD160_PROCESS_ALT //#define MBEDTLS_SHA1_PROCESS_ALT //#define MBEDTLS_SHA256_PROCESS_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/md5.c b/tf-psa-crypto/drivers/builtin/src/md5.c index e11e078095..98b8ee4e9c 100644 --- a/tf-psa-crypto/drivers/builtin/src/md5.c +++ b/tf-psa-crypto/drivers/builtin/src/md5.c @@ -58,7 +58,6 @@ int mbedtls_md5_starts(mbedtls_md5_context *ctx) return 0; } -#if !defined(MBEDTLS_MD5_PROCESS_ALT) int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[64]) { @@ -193,8 +192,6 @@ int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, return 0; } -#endif /* !MBEDTLS_MD5_PROCESS_ALT */ - /* * MD5 process buffer */ From 64988680c5521fc9f46fb69ce485b14986928c58 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:08:38 +0100 Subject: [PATCH 02/33] Remove MBEDTLS_RIPEMD160_PROCESS_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/ripemd160.c | 4 ---- 2 files changed, 5 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a256c36211..28f0a0056e 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -387,7 +387,6 @@ * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ -//#define MBEDTLS_RIPEMD160_PROCESS_ALT //#define MBEDTLS_SHA1_PROCESS_ALT //#define MBEDTLS_SHA256_PROCESS_ALT //#define MBEDTLS_SHA512_PROCESS_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/ripemd160.c b/tf-psa-crypto/drivers/builtin/src/ripemd160.c index 96b546654f..835df9528a 100644 --- a/tf-psa-crypto/drivers/builtin/src/ripemd160.c +++ b/tf-psa-crypto/drivers/builtin/src/ripemd160.c @@ -59,8 +59,6 @@ int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx) return 0; } - -#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT) /* * Process one block */ @@ -256,8 +254,6 @@ int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, return 0; } -#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */ - /* * RIPEMD-160 process buffer */ From 2106f79c493ecd63e19040262ab22f0e5e458378 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:10:58 +0100 Subject: [PATCH 03/33] Remove MBEDTLS_SHA1_PROCESS_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/sha1.c | 3 --- 2 files changed, 4 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 28f0a0056e..e43c12d7e5 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -387,7 +387,6 @@ * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). * */ -//#define MBEDTLS_SHA1_PROCESS_ALT //#define MBEDTLS_SHA256_PROCESS_ALT //#define MBEDTLS_SHA512_PROCESS_ALT //#define MBEDTLS_DES_SETKEY_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/sha1.c b/tf-psa-crypto/drivers/builtin/src/sha1.c index c8d2852d45..b13381d30a 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha1.c +++ b/tf-psa-crypto/drivers/builtin/src/sha1.c @@ -59,7 +59,6 @@ int mbedtls_sha1_starts(mbedtls_sha1_context *ctx) return 0; } -#if !defined(MBEDTLS_SHA1_PROCESS_ALT) int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[64]) { @@ -228,8 +227,6 @@ int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA1_PROCESS_ALT */ - /* * SHA-1 process buffer */ From 297b026d0a674d8684d979894dcc5f9018da5052 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:21:43 +0100 Subject: [PATCH 04/33] Remove MBEDTLS_SHA256_PROCESS_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 3 -- include/mbedtls/mbedtls_config.h | 38 ---------------------- tf-psa-crypto/drivers/builtin/src/sha256.c | 9 ++--- 3 files changed, 2 insertions(+), 48 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 26732293ee..090d0b4417 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -750,9 +750,6 @@ #if !defined(MBEDTLS_SHA256_C) #error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" #endif -#if defined(MBEDTLS_SHA256_PROCESS_ALT) -#error "MBEDTLS_SHA256_PROCESS_ALT can't be used with MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" -#endif #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index e43c12d7e5..add765d407 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,44 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -/** - * \def MBEDTLS_SHA256_PROCESS_ALT - * - * MBEDTLS__FUNCTION_NAME__ALT: Uncomment a macro to let Mbed TLS use you - * alternate core implementation of symmetric crypto or hash function. Keep in - * mind that function prototypes should remain the same. - * - * This replaces only one function. The header file from Mbed TLS is still - * used, in contrast to the MBEDTLS__MODULE_NAME__ALT flags. - * - * Example: In case you uncomment MBEDTLS_SHA256_PROCESS_ALT, Mbed TLS will - * no longer provide the mbedtls_sha1_process() function, but it will still provide - * the other function (using your mbedtls_sha1_process() function) and the definition - * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible - * with this definition. - * - * \note If you use the AES_xxx_ALT macros, then it is recommended to also set - * MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES - * tables. - * - * Uncomment a macro to enable alternate implementation of the corresponding - * function. - * - * \warning MD5, DES and SHA-1 are considered weak and their use - * constitutes a security risk. If possible, we recommend avoiding - * dependencies on them, and considering stronger message digests - * and ciphers instead. - * - * \warning If both MBEDTLS_ECDSA_SIGN_ALT and MBEDTLS_ECDSA_DETERMINISTIC are - * enabled, then the deterministic ECDH signature functions pass the - * the static HMAC-DRBG as RNG to mbedtls_ecdsa_sign(). Therefore - * alternative implementations should use the RNG only for generating - * the ephemeral key and nothing else. If this is not possible, then - * MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative - * implementation should be provided for mbedtls_ecdsa_sign_det_ext(). - * - */ -//#define MBEDTLS_SHA256_PROCESS_ALT //#define MBEDTLS_SHA512_PROCESS_ALT //#define MBEDTLS_DES_SETKEY_ALT //#define MBEDTLS_DES_CRYPT_ECB_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index ec1e9692e2..1bfb701bcf 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -291,7 +291,6 @@ int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224) return 0; } -#if !defined(MBEDTLS_SHA256_PROCESS_ALT) static const uint32_t K[] = { 0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, @@ -312,8 +311,6 @@ static const uint32_t K[] = 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2, }; -#endif - #if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) @@ -449,8 +446,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, #endif -#if !defined(MBEDTLS_SHA256_PROCESS_ALT) && \ - !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) #define SHR(x, n) (((x) & 0xFFFFFFFF) >> (n)) #define ROTR(x, n) (SHR(x, n) | ((x) << (32 - (n)))) @@ -570,8 +566,7 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_PROCESS_ALT && !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ - +#endif /* !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ #if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) From 3ab1b2d00b071fc2122289ed0304a916acb161d2 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:34:31 +0100 Subject: [PATCH 05/33] Remove MBEDTLS_SHA512_PROCESS_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 3 --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/sha512.c | 7 ++----- 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 090d0b4417..284b7c650b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -730,9 +730,6 @@ #if !defined(MBEDTLS_SHA512_C) #error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" #endif -#if defined(MBEDTLS_SHA512_PROCESS_ALT) -#error "MBEDTLS_SHA512_PROCESS_ALT can't be used with MBEDTLS_SHA512_USE_A64_CRYPTO_*" -#endif #endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index add765d407..473d09b171 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_SHA512_PROCESS_ALT //#define MBEDTLS_DES_SETKEY_ALT //#define MBEDTLS_DES_CRYPT_ECB_ALT //#define MBEDTLS_DES3_CRYPT_ECB_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index e7575ea776..52b4f62a9d 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -289,8 +289,6 @@ int mbedtls_sha512_starts(mbedtls_sha512_context *ctx, int is384) return 0; } -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) - /* * Round constants */ @@ -337,7 +335,6 @@ static const uint64_t K[80] = UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) }; -#endif #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) @@ -587,7 +584,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #endif -#if !defined(MBEDTLS_SHA512_PROCESS_ALT) && !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) #if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) /* @@ -688,7 +685,7 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_PROCESS_ALT && !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ +#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ #if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) From 43874e0a848eb5a054c60fb3776e16cc5df7e461 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:45:52 +0100 Subject: [PATCH 06/33] Remove MBEDTLS_DES_SETKEY_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - .../drivers/builtin/include/mbedtls/des.h | 15 --------------- tf-psa-crypto/drivers/builtin/src/des.c | 7 ++++--- 3 files changed, 4 insertions(+), 19 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 473d09b171..df6bf55ef5 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_DES_SETKEY_ALT //#define MBEDTLS_DES_CRYPT_ECB_ALT //#define MBEDTLS_DES3_CRYPT_ECB_ALT //#define MBEDTLS_AES_SETKEY_ENC_ALT diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h index c2d910cbfa..dbe12edc9e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h @@ -344,21 +344,6 @@ int mbedtls_des3_crypt_cbc(mbedtls_des3_context *ctx, unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CBC */ -/** - * \brief Internal function for key expansion. - * (Only exposed to allow overriding it, - * see MBEDTLS_DES_SETKEY_ALT) - * - * \param SK Round keys - * \param key Base key - * - * \warning DES/3DES are considered weak ciphers and their use constitutes a - * security risk. We recommend considering stronger ciphers - * instead. - */ -void mbedtls_des_setkey(uint32_t SK[32], - const unsigned char key[MBEDTLS_DES_KEY_SIZE]); - #if defined(MBEDTLS_SELF_TEST) /** diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index 5410bd39be..7fd71002a4 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -389,8 +389,10 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) return 0; } -#if !defined(MBEDTLS_DES_SETKEY_ALT) -void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) +/* + * Internal function for key expansion. + */ +static void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; uint32_t X, Y, T; @@ -454,7 +456,6 @@ void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); } } -#endif /* !MBEDTLS_DES_SETKEY_ALT */ /* * DES key schedule (56-bit, encryption) From 29561ec65801f9235e158ce70fdcef65d2543ffd Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:50:21 +0100 Subject: [PATCH 07/33] Remove MBEDTLS_DES_CRYPT_ECB_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/des.c | 2 -- 2 files changed, 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index df6bf55ef5..1bb0b1735d 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_DES_CRYPT_ECB_ALT //#define MBEDTLS_DES3_CRYPT_ECB_ALT //#define MBEDTLS_AES_SETKEY_ENC_ALT //#define MBEDTLS_AES_SETKEY_DEC_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index 7fd71002a4..b281757c51 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -589,7 +589,6 @@ int mbedtls_des3_set3key_dec(mbedtls_des3_context *ctx, /* * DES-ECB block encryption/decryption */ -#if !defined(MBEDTLS_DES_CRYPT_ECB_ALT) int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, const unsigned char input[8], unsigned char output[8]) @@ -616,7 +615,6 @@ int mbedtls_des_crypt_ecb(mbedtls_des_context *ctx, return 0; } -#endif /* !MBEDTLS_DES_CRYPT_ECB_ALT */ #if defined(MBEDTLS_CIPHER_MODE_CBC) /* From 2bcf80528412662f86033a9803a4cbc754c1d6d9 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 16 Jul 2024 17:51:53 +0100 Subject: [PATCH 08/33] Remove MBEDTLS_DES3_CRYPT_ECB_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/des.c | 2 -- 2 files changed, 3 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 1bb0b1735d..e86334c658 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_DES3_CRYPT_ECB_ALT //#define MBEDTLS_AES_SETKEY_ENC_ALT //#define MBEDTLS_AES_SETKEY_DEC_ALT //#define MBEDTLS_AES_ENCRYPT_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index b281757c51..73afb0454f 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -675,7 +675,6 @@ exit: /* * 3DES-ECB block encryption/decryption */ -#if !defined(MBEDTLS_DES3_CRYPT_ECB_ALT) int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, const unsigned char input[8], unsigned char output[8]) @@ -712,7 +711,6 @@ int mbedtls_des3_crypt_ecb(mbedtls_des3_context *ctx, return 0; } -#endif /* !MBEDTLS_DES3_CRYPT_ECB_ALT */ #if defined(MBEDTLS_CIPHER_MODE_CBC) /* From 742a2e361932056193742583b790bb97d33b5e94 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 10:54:33 +0100 Subject: [PATCH 09/33] Remove MBEDTLS_AES_SETKEY_ENC_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tests/include/test/psa_crypto_helpers.h | 3 +- .../components-configuration-crypto.sh | 4 +-- tf-psa-crypto/drivers/builtin/src/aes.c | 28 ++----------------- 4 files changed, 5 insertions(+), 31 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index e86334c658..b8e6065f36 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_AES_SETKEY_ENC_ALT //#define MBEDTLS_AES_SETKEY_DEC_ALT //#define MBEDTLS_AES_ENCRYPT_ALT //#define MBEDTLS_AES_DECRYPT_ALT diff --git a/tests/include/test/psa_crypto_helpers.h b/tests/include/test/psa_crypto_helpers.h index ea6e8c52dc..2ac749ec45 100644 --- a/tests/include/test/psa_crypto_helpers.h +++ b/tests/include/test/psa_crypto_helpers.h @@ -251,8 +251,7 @@ uint64_t mbedtls_test_parse_binary_string(data_t *bin_string); * \param key_type Key type * \param key_bits Key length in number of bits. */ -#if defined(MBEDTLS_AES_SETKEY_ENC_ALT) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES) #define MBEDTLS_TEST_HAVE_ALT_AES 1 #else #define MBEDTLS_TEST_HAVE_ALT_AES 0 diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 049e817869..98e6bf1700 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -2242,7 +2242,7 @@ component_build_aes_variations () { msg "build: aes.o for all combinations of relevant config options" build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ - "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ + "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" @@ -2259,7 +2259,7 @@ component_build_aes_variations () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ - "MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \ + "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 67fa2d5841..40a1c244ba 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -541,7 +541,6 @@ MBEDTLS_MAYBE_UNUSED static unsigned mbedtls_aes_rk_offset(uint32_t *buf) /* * AES key schedule (encryption) */ -#if !defined(MBEDTLS_AES_SETKEY_ENC_ALT) int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -647,7 +646,6 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, return 0; #endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ } -#endif /* !MBEDTLS_AES_SETKEY_ENC_ALT */ /* * AES key schedule (decryption) @@ -1858,12 +1856,6 @@ int mbedtls_aes_self_test(int verbose) aes_tests = aes_test_ecb_enc[u]; } - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e when - * MBEDTLS_AES_SETKEY_ENC_ALT or MBEDTLS_AES_SETKEY_DEC_ALT - * are defined. - */ if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { mbedtls_printf("skipped\n"); continue; @@ -1923,12 +1915,6 @@ int mbedtls_aes_self_test(int verbose) aes_tests = aes_test_cbc_enc[u]; } - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e when - * MBEDTLS_AES_SETKEY_ENC_ALT or MBEDTLS_AES_SETKEY_DEC_ALT - * are defined. - */ if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { mbedtls_printf("skipped\n"); continue; @@ -1991,12 +1977,7 @@ int mbedtls_aes_self_test(int verbose) offset = 0; ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e when - * MBEDTLS_AES_SETKEY_ENC_ALT or MBEDTLS_AES_SETKEY_DEC_ALT - * are defined. - */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { mbedtls_printf("skipped\n"); continue; @@ -2056,12 +2037,7 @@ int mbedtls_aes_self_test(int verbose) offset = 0; ret = mbedtls_aes_setkey_enc(&ctx, key, keybits); - /* - * AES-192 is an optional feature that may be unavailable when - * there is an alternative underlying implementation i.e when - * MBEDTLS_AES_SETKEY_ENC_ALT or MBEDTLS_AES_SETKEY_DEC_ALT - * are defined. - */ + if (ret == MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED && keybits == 192) { mbedtls_printf("skipped\n"); continue; From 955ce581427887ed9396cdf6ce5b3f3665eadd23 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 11:05:42 +0100 Subject: [PATCH 10/33] Remove MBEDTLS_AES_SETKEY_DEC_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tests/scripts/components-configuration-crypto.sh | 4 ++-- tf-psa-crypto/drivers/builtin/src/aes.c | 9 ++++----- 3 files changed, 6 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b8e6065f36..1642d8dc69 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_AES_SETKEY_DEC_ALT //#define MBEDTLS_AES_ENCRYPT_ALT //#define MBEDTLS_AES_DECRYPT_ALT //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 98e6bf1700..f4db664fb8 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -2243,7 +2243,7 @@ component_build_aes_variations () { build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ "MBEDTLS_AES_DECRYPT_ALT" \ - "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ + "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" @@ -2260,7 +2260,7 @@ component_build_aes_variations () { scripts/config.py unset MBEDTLS_NIST_KW_C build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ "MBEDTLS_AES_DECRYPT_ALT" \ - "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \ + "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" } diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 40a1c244ba..f7d6a617a5 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -44,9 +44,8 @@ * This is a convenience shorthand macro to check if we need reverse S-box and * reverse tables. It's private and only defined in this file. */ -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || \ - (!defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_AES_USE_HARDWARE_ONLY))) && \ - !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) \ + && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) #define MBEDTLS_AES_NEED_REVERSE_TABLES #endif @@ -650,7 +649,7 @@ int mbedtls_aes_setkey_enc(mbedtls_aes_context *ctx, const unsigned char *key, /* * AES key schedule (decryption) */ -#if !defined(MBEDTLS_AES_SETKEY_DEC_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) int mbedtls_aes_setkey_dec(mbedtls_aes_context *ctx, const unsigned char *key, unsigned int keybits) { @@ -719,7 +718,7 @@ exit: return ret; } -#endif /* !MBEDTLS_AES_SETKEY_DEC_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ #if defined(MBEDTLS_CIPHER_MODE_XTS) static int mbedtls_aes_xts_decode_keys(const unsigned char *key, From 6cf05f9322e79ef1c44021cf871bfabc20eba87e Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 11:30:22 +0100 Subject: [PATCH 11/33] Remove MBEDTLS_AES_ENCRYPT_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - tests/scripts/components-configuration-crypto.sh | 4 ++-- .../drivers/builtin/include/mbedtls/aes.h | 16 ---------------- tf-psa-crypto/drivers/builtin/src/aes.c | 11 ++++++----- 4 files changed, 8 insertions(+), 24 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 1642d8dc69..530bc4fe16 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_AES_ENCRYPT_ALT //#define MBEDTLS_AES_DECRYPT_ALT //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index f4db664fb8..2f4b55b8f4 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -2243,7 +2243,7 @@ component_build_aes_variations () { build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ "MBEDTLS_AES_DECRYPT_ALT" \ - "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" \ + "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" @@ -2260,7 +2260,7 @@ component_build_aes_variations () { scripts/config.py unset MBEDTLS_NIST_KW_C build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ "MBEDTLS_AES_DECRYPT_ALT" \ - "MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" \ + "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" } diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h index 559e1d84e2..09ce873278 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h @@ -566,22 +566,6 @@ int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ -/** - * \brief Internal AES block encryption function. This is only - * exposed to allow overriding it using - * \c MBEDTLS_AES_ENCRYPT_ALT. - * - * \param ctx The AES context to use for encryption. - * \param input The plaintext block. - * \param output The output (ciphertext) block. - * - * \return \c 0 on success. - */ -MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16]); - #if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /** * \brief Internal AES block decryption function. This is only diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index f7d6a617a5..4b7a1e9344 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -842,13 +842,14 @@ int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, AES_RT3(MBEDTLS_BYTE_3(Y0)); \ } while (0) +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * AES-ECB block encryption */ -#if !defined(MBEDTLS_AES_ENCRYPT_ALT) -int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16]) +MBEDTLS_CHECK_RETURN_TYPICAL +static int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->buf + ctx->rk_offset; @@ -902,7 +903,7 @@ int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, return 0; } -#endif /* !MBEDTLS_AES_ENCRYPT_ALT */ +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ /* * AES-ECB block decryption From 7c0b4adfa2589dafb9c0286fe4edd7dbd7eded45 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 11:58:50 +0100 Subject: [PATCH 12/33] Remove MBEDTLS_AES_DECRYPT_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 1 - .../scripts/components-configuration-crypto.sh | 2 -- .../drivers/builtin/include/mbedtls/aes.h | 18 ------------------ tf-psa-crypto/drivers/builtin/src/aes.c | 16 ++++++++-------- 4 files changed, 8 insertions(+), 29 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 530bc4fe16..dd390ff221 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_AES_DECRYPT_ALT //#define MBEDTLS_ECDH_GEN_PUBLIC_ALT //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT //#define MBEDTLS_ECDSA_VERIFY_ALT diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 2f4b55b8f4..f4744a8f1f 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -2242,7 +2242,6 @@ component_build_aes_variations () { msg "build: aes.o for all combinations of relevant config options" build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ - "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" @@ -2259,7 +2258,6 @@ component_build_aes_variations () { scripts/config.py unset MBEDTLS_DES_C scripts/config.py unset MBEDTLS_NIST_KW_C build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \ - "MBEDTLS_AES_DECRYPT_ALT" \ "MBEDTLS_AES_ROM_TABLES" \ "MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \ "MBEDTLS_AESNI_C" "MBEDTLS_AESCE_C" "MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h index 09ce873278..aa4d99c22a 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h @@ -566,24 +566,6 @@ int mbedtls_aes_crypt_ctr(mbedtls_aes_context *ctx, unsigned char *output); #endif /* MBEDTLS_CIPHER_MODE_CTR */ -#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) -/** - * \brief Internal AES block decryption function. This is only - * exposed to allow overriding it using see - * \c MBEDTLS_AES_DECRYPT_ALT. - * - * \param ctx The AES context to use for decryption. - * \param input The ciphertext block. - * \param output The output (plaintext) block. - * - * \return \c 0 on success. - */ -MBEDTLS_CHECK_RETURN_TYPICAL -int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16]); -#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ - #if defined(MBEDTLS_SELF_TEST) /** * \brief Checkup routine. diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 4b7a1e9344..651282b0d9 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -44,8 +44,7 @@ * This is a convenience shorthand macro to check if we need reverse S-box and * reverse tables. It's private and only defined in this file. */ -#if (!defined(MBEDTLS_AES_DECRYPT_ALT) || !defined(MBEDTLS_AES_USE_HARDWARE_ONLY)) \ - && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) #define MBEDTLS_AES_NEED_REVERSE_TABLES #endif @@ -903,15 +902,15 @@ static int mbedtls_internal_aes_encrypt(mbedtls_aes_context *ctx, return 0; } -#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) /* * AES-ECB block decryption */ -#if !defined(MBEDTLS_AES_DECRYPT_ALT) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) -int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, - const unsigned char input[16], - unsigned char output[16]) +MBEDTLS_CHECK_RETURN_TYPICAL +static int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, + const unsigned char input[16], + unsigned char output[16]) { int i; uint32_t *RK = ctx->buf + ctx->rk_offset; @@ -965,7 +964,8 @@ int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, return 0; } -#endif /* !MBEDTLS_AES_DECRYPT_ALT && !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ +#endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ /* * Our intrinsics-based implementation of AESNI requires the round keys to be From 51b90fb6b1d82f6ce23442e53ac72dfe55e89695 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 12:07:16 +0100 Subject: [PATCH 13/33] Remove MBEDTLS_ECDH_GEN_PUBLIC_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 1 - include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/ecdh.c | 2 -- 3 files changed, 4 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 284b7c650b..0c9f5e9634 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -186,7 +186,6 @@ #if defined(MBEDTLS_ECP_RESTARTABLE) && \ ( defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \ - defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) || \ defined(MBEDTLS_ECDSA_SIGN_ALT) || \ defined(MBEDTLS_ECDSA_VERIFY_ALT) || \ defined(MBEDTLS_ECDSA_GENKEY_ALT) ) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index dd390ff221..3349d4e555 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_ECDH_GEN_PUBLIC_ALT //#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT //#define MBEDTLS_ECDSA_VERIFY_ALT //#define MBEDTLS_ECDSA_SIGN_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/ecdh.c b/tf-psa-crypto/drivers/builtin/src/ecdh.c index b276c6adad..1a327a0e9e 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdh.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdh.c @@ -43,7 +43,6 @@ int mbedtls_ecdh_can_do(mbedtls_ecp_group_id gid) return 1; } -#if !defined(MBEDTLS_ECDH_GEN_PUBLIC_ALT) /* * Generate public key (restartable version) * @@ -84,7 +83,6 @@ int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_ { return ecdh_gen_public_restartable(grp, d, Q, f_rng, p_rng, NULL); } -#endif /* !MBEDTLS_ECDH_GEN_PUBLIC_ALT */ #if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) /* From ce5ed8555c69bf252ecc6eb26de036be6688cc7c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 12:13:09 +0100 Subject: [PATCH 14/33] Remove MBEDTLS_ECDH_COMPUTE_SHARED_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 3 +-- include/mbedtls/mbedtls_config.h | 1 - tf-psa-crypto/drivers/builtin/src/ecdh.c | 2 -- 3 files changed, 1 insertion(+), 5 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0c9f5e9634..a26076102c 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -185,8 +185,7 @@ #endif #if defined(MBEDTLS_ECP_RESTARTABLE) && \ - ( defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) || \ - defined(MBEDTLS_ECDSA_SIGN_ALT) || \ + ( defined(MBEDTLS_ECDSA_SIGN_ALT) || \ defined(MBEDTLS_ECDSA_VERIFY_ALT) || \ defined(MBEDTLS_ECDSA_GENKEY_ALT) ) #error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation" diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3349d4e555..a675f317fa 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_ECDH_COMPUTE_SHARED_ALT //#define MBEDTLS_ECDSA_VERIFY_ALT //#define MBEDTLS_ECDSA_SIGN_ALT //#define MBEDTLS_ECDSA_GENKEY_ALT diff --git a/tf-psa-crypto/drivers/builtin/src/ecdh.c b/tf-psa-crypto/drivers/builtin/src/ecdh.c index 1a327a0e9e..28fe757eab 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdh.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdh.c @@ -84,7 +84,6 @@ int mbedtls_ecdh_gen_public(mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_ return ecdh_gen_public_restartable(grp, d, Q, f_rng, p_rng, NULL); } -#if !defined(MBEDTLS_ECDH_COMPUTE_SHARED_ALT) /* * Compute shared secret (SEC1 3.3.1) */ @@ -127,7 +126,6 @@ int mbedtls_ecdh_compute_shared(mbedtls_ecp_group *grp, mbedtls_mpi *z, return ecdh_compute_shared_restartable(grp, z, Q, d, f_rng, p_rng, NULL); } -#endif /* !MBEDTLS_ECDH_COMPUTE_SHARED_ALT */ static void ecdh_init_internal(mbedtls_ecdh_context_mbed *ctx) { From e3013da240d7dbea86c765af236b34a803894586 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 12:26:26 +0100 Subject: [PATCH 15/33] Remove MBEDTLS_ECDSA_VERIFY_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 1 - include/mbedtls/mbedtls_config.h | 1 - .../drivers/builtin/include/mbedtls/ecdsa.h | 3 --- tf-psa-crypto/drivers/builtin/src/ecdsa.c | 15 ++------------- 4 files changed, 2 insertions(+), 18 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index a26076102c..f8197e44e2 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -186,7 +186,6 @@ #if defined(MBEDTLS_ECP_RESTARTABLE) && \ ( defined(MBEDTLS_ECDSA_SIGN_ALT) || \ - defined(MBEDTLS_ECDSA_VERIFY_ALT) || \ defined(MBEDTLS_ECDSA_GENKEY_ALT) ) #error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation" #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index a675f317fa..dd047e98d6 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_ECDSA_VERIFY_ALT //#define MBEDTLS_ECDSA_SIGN_ALT //#define MBEDTLS_ECDSA_GENKEY_ALT diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h index 2ecf349115..557f02b462 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h @@ -375,7 +375,6 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s); -#if !defined(MBEDTLS_ECDSA_VERIFY_ALT) /** * \brief This function verifies the ECDSA signature of a * previously-hashed message, in a restartable manner @@ -418,8 +417,6 @@ int mbedtls_ecdsa_verify_restartable(mbedtls_ecp_group *grp, const mbedtls_mpi *s, mbedtls_ecdsa_restart_ctx *rs_ctx); -#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ - /** * \brief This function computes the ECDSA signature and writes it * to a buffer, serialized as defined in RFC-4492: diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c index 2f7a996a7e..da4c9e8dad 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c @@ -194,8 +194,7 @@ static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) #endif /* MBEDTLS_ECP_RESTARTABLE */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \ - !defined(MBEDTLS_ECDSA_SIGN_ALT) || \ - !defined(MBEDTLS_ECDSA_VERIFY_ALT) + !defined(MBEDTLS_ECDSA_SIGN_ALT) /* * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 @@ -220,7 +219,7 @@ static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, cleanup: return ret; } -#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT || !ECDSA_VERIFY_ALT */ +#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT */ int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) { @@ -480,7 +479,6 @@ int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, } #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if !defined(MBEDTLS_ECDSA_VERIFY_ALT) /* * Verify ECDSA signature of hashed message (SEC1 4.1.4) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) @@ -601,7 +599,6 @@ int mbedtls_ecdsa_verify(mbedtls_ecp_group *grp, { return mbedtls_ecdsa_verify_restartable(grp, buf, blen, Q, r, s, NULL); } -#endif /* !MBEDTLS_ECDSA_VERIFY_ALT */ /* * Convert a signature (given by context) to ASN.1 @@ -741,19 +738,11 @@ int mbedtls_ecdsa_read_signature_restartable(mbedtls_ecdsa_context *ctx, ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA; goto cleanup; } -#if defined(MBEDTLS_ECDSA_VERIFY_ALT) - (void) rs_ctx; - if ((ret = mbedtls_ecdsa_verify(&ctx->grp, hash, hlen, - &ctx->Q, &r, &s)) != 0) { - goto cleanup; - } -#else if ((ret = mbedtls_ecdsa_verify_restartable(&ctx->grp, hash, hlen, &ctx->Q, &r, &s, rs_ctx)) != 0) { goto cleanup; } -#endif /* MBEDTLS_ECDSA_VERIFY_ALT */ /* At this point we know that the buffer starts with a valid signature. * Return 0 if the buffer just contains the signature, and a specific From 4864424fea8df6d16fd02addd9c623f01341a424 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 12:36:49 +0100 Subject: [PATCH 16/33] Remove MBEDTLS_ECDSA_SIGN_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 4 +--- include/mbedtls/mbedtls_config.h | 1 - .../drivers/builtin/include/mbedtls/ecdsa.h | 3 --- tf-psa-crypto/drivers/builtin/src/ecdsa.c | 19 ------------------- 4 files changed, 1 insertion(+), 26 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index f8197e44e2..561432e26d 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -184,9 +184,7 @@ #error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_RESTARTABLE) && \ - ( defined(MBEDTLS_ECDSA_SIGN_ALT) || \ - defined(MBEDTLS_ECDSA_GENKEY_ALT) ) +#if defined(MBEDTLS_ECP_RESTARTABLE) && defined(MBEDTLS_ECDSA_GENKEY_ALT) #error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation" #endif diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index dd047e98d6..b2441113bc 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,7 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_ECDSA_SIGN_ALT //#define MBEDTLS_ECDSA_GENKEY_ALT /** diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h index 557f02b462..fcb46e2a43 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h @@ -211,7 +211,6 @@ int mbedtls_ecdsa_sign_det_ext(mbedtls_ecp_group *grp, mbedtls_mpi *r, void *p_rng_blind); #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ -#if !defined(MBEDTLS_ECDSA_SIGN_ALT) /** * \brief This function computes the ECDSA signature of a * previously-hashed message, in a restartable way. @@ -277,8 +276,6 @@ int mbedtls_ecdsa_sign_restartable( void *p_rng_blind, mbedtls_ecdsa_restart_ctx *rs_ctx); -#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ - #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /** diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c index da4c9e8dad..f4e14a3f1a 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c @@ -193,8 +193,6 @@ static void ecdsa_restart_det_free(mbedtls_ecdsa_restart_det_ctx *ctx) #endif /* MBEDTLS_ECP_RESTARTABLE */ -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) || \ - !defined(MBEDTLS_ECDSA_SIGN_ALT) /* * Derive a suitable integer for group grp from a buffer of length len * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 @@ -219,7 +217,6 @@ static int derive_mpi(const mbedtls_ecp_group *grp, mbedtls_mpi *x, cleanup: return ret; } -#endif /* ECDSA_DETERMINISTIC || !ECDSA_SIGN_ALT */ int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) { @@ -234,7 +231,6 @@ int mbedtls_ecdsa_can_do(mbedtls_ecp_group_id gid) } } -#if !defined(MBEDTLS_ECDSA_SIGN_ALT) /* * Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) @@ -384,7 +380,6 @@ int mbedtls_ecdsa_sign(mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s, return mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, f_rng, p_rng, f_rng, p_rng, NULL); } -#endif /* !MBEDTLS_ECDSA_SIGN_ALT */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) /* @@ -443,16 +438,9 @@ int mbedtls_ecdsa_sign_det_restartable(mbedtls_ecp_group *grp, sign: #endif -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - (void) f_rng_blind; - (void) p_rng_blind; - ret = mbedtls_ecdsa_sign(grp, r, s, d, buf, blen, - mbedtls_hmac_drbg_random, p_rng); -#else ret = mbedtls_ecdsa_sign_restartable(grp, r, s, d, buf, blen, mbedtls_hmac_drbg_random, p_rng, f_rng_blind, p_rng_blind, rs_ctx); -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ cleanup: mbedtls_hmac_drbg_free(&rng_ctx); @@ -657,17 +645,10 @@ int mbedtls_ecdsa_write_signature_restartable(mbedtls_ecdsa_context *ctx, #else (void) md_alg; -#if defined(MBEDTLS_ECDSA_SIGN_ALT) - (void) rs_ctx; - - MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign(&ctx->grp, &r, &s, &ctx->d, - hash, hlen, f_rng, p_rng)); -#else /* Use the same RNG for both blinding and ephemeral key generation */ MBEDTLS_MPI_CHK(mbedtls_ecdsa_sign_restartable(&ctx->grp, &r, &s, &ctx->d, hash, hlen, f_rng, p_rng, f_rng, p_rng, rs_ctx)); -#endif /* MBEDTLS_ECDSA_SIGN_ALT */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */ MBEDTLS_MPI_CHK(ecdsa_signature_to_asn1(&r, &s, sig, sig_size, slen)); From 28647d86696ea85ff8c131e7175e1556f0fc8ad3 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 18 Jul 2024 12:51:10 +0100 Subject: [PATCH 17/33] Remove MBEDTLS_ECDSA_GENKEY_ALT Signed-off-by: Thomas Daubney --- include/mbedtls/check_config.h | 4 ---- include/mbedtls/mbedtls_config.h | 2 -- tf-psa-crypto/drivers/builtin/src/ecdsa.c | 2 -- 3 files changed, 8 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 561432e26d..c664c354b1 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -184,10 +184,6 @@ #error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_ECP_RESTARTABLE) && defined(MBEDTLS_ECDSA_GENKEY_ALT) -#error "MBEDTLS_ECP_RESTARTABLE defined, but it cannot coexist with an alternative ECP implementation" -#endif - #if defined(MBEDTLS_ECP_RESTARTABLE) && \ !defined(MBEDTLS_ECP_C) #error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites" diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index b2441113bc..3881dbb114 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -350,8 +350,6 @@ */ //#define MBEDTLS_TIMING_ALT -//#define MBEDTLS_ECDSA_GENKEY_ALT - /** * \def MBEDTLS_ENTROPY_HARDWARE_ALT * diff --git a/tf-psa-crypto/drivers/builtin/src/ecdsa.c b/tf-psa-crypto/drivers/builtin/src/ecdsa.c index f4e14a3f1a..57d52fee2d 100644 --- a/tf-psa-crypto/drivers/builtin/src/ecdsa.c +++ b/tf-psa-crypto/drivers/builtin/src/ecdsa.c @@ -739,7 +739,6 @@ cleanup: return ret; } -#if !defined(MBEDTLS_ECDSA_GENKEY_ALT) /* * Generate key pair */ @@ -755,7 +754,6 @@ int mbedtls_ecdsa_genkey(mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid, return mbedtls_ecp_gen_keypair(&ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng); } -#endif /* !MBEDTLS_ECDSA_GENKEY_ALT */ /* * Set context from an mbedtls_ecp_keypair From ebcd49b961b344ea1ce8828e368daeb653378ad4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 23 Jul 2024 12:08:31 +0100 Subject: [PATCH 18/33] Remove outdated documentation Signed-off-by: Thomas Daubney --- .../alternative-implementations.md | 91 ------------------- 1 file changed, 91 deletions(-) delete mode 100644 docs/architecture/alternative-implementations.md diff --git a/docs/architecture/alternative-implementations.md b/docs/architecture/alternative-implementations.md deleted file mode 100644 index 549d47c956..0000000000 --- a/docs/architecture/alternative-implementations.md +++ /dev/null @@ -1,91 +0,0 @@ -Alternative implementations of Mbed TLS functionality -===================================================== - -This document describes how parts of the Mbed TLS functionality can be replaced at compile time to integrate the library on a platform. - -This document is an overview. It is not exhaustive. Please consult the documentation of individual modules and read the library header files for more details. - -## Platform integration - -Mbed TLS works out of the box on Unix/Linux/POSIX-like systems and on Windows. On embedded platforms, you may need to customize some aspects of how Mbed TLS interacts with the underlying platform. This section discusses the main areas that can be configured. - -The platform module (`include/mbedtls/platform.h`) controls how Mbed TLS accesses standard library features such as memory management (`calloc`, `free`), `printf`, `exit`. You can define custom functions instead of the ones from the C standard library through `MBEDTLS_PLATFORM_XXX` options in the configuration file. Many options have two mechanisms: either define `MBEDTLS_PLATFORM_XXX_MACRO` to the name of a function to call instead of the standard function `xxx`, or define `MBEDTLS_PLATFORM_XXX_ALT` and [register an alternative implementation during the platform setup](#alternative-implementations-of-platform-functions). - -The storage of the non-volatile seed for random generation, enabled with `MBEDTLS_ENTROPY_NV_SEED`, is also controlled via the platform module. - -For timing functions, you can [declare an alternative implementation of the timing module](#module-alternative-implementations). - -On multithreaded platforms, [declare an alternative implementation of the threading module](#module-alternative-implementations). - -To configure entropy sources (hardware random generators), see the `MBEDTLS_ENTROPY_XXX` options in the configuration file. - -For networking, the `net_sockets` module does not currently support alternative implementations. If this module does not work on your platform, disable `MBEDTLS_NET_C` and use custom functions for TLS. - -If your platform has a cryptographic accelerator, you can use it via a [PSA driver](#psa-cryptography-drivers) or declare an [alternative implementation of the corresponding module(s)](#module-alternative-implementations) or [of specific functions](#function-alternative-implementations). PSA drivers will ultimately replace the alternative implementation mechanism, but alternative implementation will remain supported in at least all Mbed TLS versions of the form 3.x. The interface of PSA drivers is currently still experimental and subject to change. - -## PSA cryptography drivers - -On platforms where a hardware cryptographic engine is present, you can implement a driver for this engine in the PSA interface. Drivers are supported for cryptographic operations with transparent keys (keys available in cleartext), for cryptographic operations with opaque keys (keys that are only available inside the cryptographic engine), and for random generation. Calls to `psa_xxx` functions that perform cryptographic operations are directed to drivers instead of the built-in code as applicable. See the [PSA cryptography driver interface specification](docs/proposed/psa-driver-interface.md), the [Mbed TLS PSA driver developer guide](docs/proposed/psa-driver-developer-guide.md) and the [Mbed TLS PSA driver integration guide](docs/proposed/psa-driver-integration-guide.md) for more information. - -As of Mbed TLS 3.0, this interface is still experimental and subject to change, and not all operations support drivers yet. The configuration option `MBEDTLS_USE_PSA_CRYPTO` causes parts of the `mbedtls_xxx` API to use PSA crypto and therefore to support drivers, however it is not yet compatible with all drivers. - -## Module alternative implementations - -You can replace the code of some modules of Mbed TLS at compile time by a custom implementation. This is possible for low-level cryptography modules (symmetric algorithms, DHM, RSA, ECP, ECJPAKE) and for some platform-related modules (threading, timing). Such custom implementations are called “alternative implementations”, or “ALT implementations” for short. - -The general principle of an alternative implementation is: -* Enable `MBEDTLS_XXX_ALT` in the compile-time configuration where XXX is the module name. For example, `MBEDTLS_AES_ALT` for an implementation of the AES module. This is in addition to enabling `MBEDTLS_XXX_C`. -* Create a header file `xxx_alt.h` that defines the context type(s) used by the module. For example, `mbedtls_aes_context` for AES. -* Implement all the functions from the module, i.e. the functions declared in `include/mbedtls/xxx.h`. - -See https://mbed-tls.readthedocs.io/en/latest/kb/development/hw_acc_guidelines for a more detailed guide. - -### Constraints on context types - -Generally, alternative implementations can define their context types to any C type except incomplete and array types (although they would normally be `struct` types). This section lists some known limitations where the context type needs to be a structure with certain fields. - -Where a context type needs to have a certain field, the field must have the same type and semantics as in the built-in implementation, but does not need to be at the same position in the structure. Furthermore, unless otherwise indicated, only read access is necessary: the field can be `const`, and modifications to it do not need to be supported. For example, if an alternative implementation of asymmetric cryptography uses a different representation of large integers, it is sufficient to provide a read-only copy of the fields listed here of type `mbedtls_mpi`. - -* AES: if `MBEDTLS_AESNI_C` is enabled, `mbedtls_aes_context` must have the fields `nr` and `rk`. -* DHM: if `MBEDTLS_DEBUG_C` is enabled, `mbedtls_dhm_context` must have the fields `P`, `Q`, `G`, `GX`, `GY` and `K`. -* ECP: `mbedtls_ecp_group` must have the fields `id`, `P`, `A`, `B`, `G`, `N`, `pbits` and `nbits`. - * If `MBEDTLS_PK_PARSE_EC_EXTENDED` is enabled, those fields must be writable, and `mbedtls_ecp_point_read_binary()` must support a group structure where only `P`, `pbits`, `A` and `B` are set. - -It must be possible to move a context object in memory (except during the execution of a library function that takes this context as an argument). (This is necessary, for example, to support applications that populate a context on the stack of an inner function and then copy the context upwards through the call chain, or applications written in a language with automatic memory management that can move objects on the heap.) That is, call sequences like the following must work: -``` -mbedtls_xxx_context ctx1, ctx2; -mbedtls_xxx_init(&ctx1); -mbedtls_xxx_setup(&ctx1, …); -ctx2 = ctx1; -memset(&ctx1, 0, sizeof(ctx1)); -mbedtls_xxx_do_stuff(&ctx2, …); -mbedtls_xxx_free(&ctx2); -``` -In practice, this means that a pointer to a context or to a part of a context does not remain valid across function calls. Alternative implementations do not need to support copying of contexts: contexts can only be cloned through explicit `clone()` functions. - -## Function alternative implementations - -In some cases, it is possible to replace a single function or a small set of functions instead of [providing an alternative implementation of the whole module](#module-alternative-implementations). - -### Alternative implementations of cryptographic functions - -Options to replace individual functions of cryptographic modules generally have a name obtained by upper-casing the function name and appending `_ALT`. If the function name contains `_internal`, `_ext` or `_ret`, this is removed in the `_ALT` symbol. When the corresponding option is enabled, the built-in implementation of the function will not be compiled, and you must provide an alternative implementation at link time. - -For example, enable `MBEDTLS_AES_ENCRYPT_ALT` at compile time and provide your own implementation of `mbedtls_aes_encrypt()` to provide an accelerated implementation of AES encryption that is compatible with the built-in key schedule. If you wish to implement key schedule differently, you can also enable `MBEDTLS_AES_SETKEY_ENC_ALT` and implement `mbedtls_aes_setkey_enc()`. - -Another example: enable `MBEDTLS_SHA256_PROCESS_ALT` and implement `mbedtls_internal_sha256_process()` to provide an accelerated implementation of SHA-256 and SHA-224. - -Note that since alternative implementations of individual functions cooperate with the built-in implementation of other functions, you must use the same layout for context objects as the built-in implementation. If you want to use different context types, you need to [provide an alternative implementation of the whole module](#module-alternative-implementations). - -### Alternative implementations of platform functions - -Several platform functions can be reconfigured dynamically by following the process described here. To reconfigure how Mbed TLS calls the standard library function `xxx()`: - -* Define the symbol `MBEDTLS_PLATFORM_XXX_ALT` at compile time. -* During the initialization of your application, set the global variable `mbedtls_xxx` to an alternative implementation of `xxx()`. - -For example, to provide a custom `printf` function at run time, enable `MBEDTLS_PLATFORM_PRINTF_ALT` at compile time and assign to `mbedtls_printf` during the initialization of your application. - -Merely enabling `MBEDTLS_PLATFORM_XXX_ALT` does not change the behavior: by default, `mbedtls_xxx` points to the standard function `xxx`. - -Note that there are variations on the naming pattern. For example, some configurable functions are activated in pairs, such as `mbedtls_calloc` and `mbedtls_free` via `MBEDTLS_PLATFORM_MEMORY`. Consult the documentation of individual configuration options and of the platform module for details. From 5db9027d3feb309ae9d9d02ed9bc363351e32c1f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 24 Jul 2024 18:03:03 +0100 Subject: [PATCH 19/33] Add ChangeLog entry Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-crypto-alt-interface.txt | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 ChangeLog.d/remove-crypto-alt-interface.txt diff --git a/ChangeLog.d/remove-crypto-alt-interface.txt b/ChangeLog.d/remove-crypto-alt-interface.txt new file mode 100644 index 0000000000..b551e17d1e --- /dev/null +++ b/ChangeLog.d/remove-crypto-alt-interface.txt @@ -0,0 +1,5 @@ +Removals + * Drop support for crypto alt interface. Removes MBEDTLS_XXX_ALT options + at the module and function level for crypto mechanisms only. The remaining + alt interfaces for platform, threading and timing are unchanged. + Fixes #8149. \ No newline at end of file From 2dd830d3c236e24f0f9446d566085bedda98d838 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 24 Jul 2024 18:04:21 +0100 Subject: [PATCH 20/33] Remove superflous comment Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/des.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/des.c b/tf-psa-crypto/drivers/builtin/src/des.c index 73afb0454f..4bb354af77 100644 --- a/tf-psa-crypto/drivers/builtin/src/des.c +++ b/tf-psa-crypto/drivers/builtin/src/des.c @@ -389,9 +389,6 @@ int mbedtls_des_key_check_weak(const unsigned char key[MBEDTLS_DES_KEY_SIZE]) return 0; } -/* - * Internal function for key expansion. - */ static void mbedtls_des_setkey(uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE]) { int i; From b59c0ba81bb80f7f127d72241a9be238b3293a7f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 24 Jul 2024 18:10:24 +0100 Subject: [PATCH 21/33] Alter guarding in aes.c Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/aes.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 651282b0d9..40370c29fc 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -44,7 +44,7 @@ * This is a convenience shorthand macro to check if we need reverse S-box and * reverse tables. It's private and only defined in this file. */ -#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) && !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if !defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) #define MBEDTLS_AES_NEED_REVERSE_TABLES #endif From c65eefa9abd6aa41a2f8f1a6d5c11b48a027762f Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 25 Jul 2024 10:20:41 +0100 Subject: [PATCH 22/33] Remove superfluous guard Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/aes.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 40370c29fc..0f96db0b32 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -841,7 +841,6 @@ int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, AES_RT3(MBEDTLS_BYTE_3(Y0)); \ } while (0) -#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * AES-ECB block encryption */ @@ -965,7 +964,6 @@ static int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, return 0; } #endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ -#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ /* * Our intrinsics-based implementation of AESNI requires the round keys to be From 2f1bebd5518139e1d4e80ff6334528503e1c821c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 25 Jul 2024 10:21:28 +0100 Subject: [PATCH 23/33] Add newline to ChangeLog entry Signed-off-by: Thomas Daubney --- ChangeLog.d/remove-crypto-alt-interface.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog.d/remove-crypto-alt-interface.txt b/ChangeLog.d/remove-crypto-alt-interface.txt index b551e17d1e..f9ab4c221c 100644 --- a/ChangeLog.d/remove-crypto-alt-interface.txt +++ b/ChangeLog.d/remove-crypto-alt-interface.txt @@ -2,4 +2,4 @@ Removals * Drop support for crypto alt interface. Removes MBEDTLS_XXX_ALT options at the module and function level for crypto mechanisms only. The remaining alt interfaces for platform, threading and timing are unchanged. - Fixes #8149. \ No newline at end of file + Fixes #8149. From 3e0273f41a0994fb1bb444622cebd1f9268205b9 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 25 Jul 2024 10:39:47 +0100 Subject: [PATCH 24/33] Internalise functions flagged as internal Signed-off-by: Thomas Daubney --- .../drivers/builtin/include/mbedtls/md5.h | 16 ---------------- .../builtin/include/mbedtls/ripemd160.h | 11 ----------- .../drivers/builtin/include/mbedtls/sha1.h | 18 ------------------ .../drivers/builtin/include/mbedtls/sha256.h | 15 --------------- .../drivers/builtin/include/mbedtls/sha512.h | 15 --------------- tf-psa-crypto/drivers/builtin/src/md5.c | 2 +- tf-psa-crypto/drivers/builtin/src/ripemd160.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha1.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha256.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha512.c | 2 +- 10 files changed, 5 insertions(+), 80 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h index 826cca7a55..ee39bc8251 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h @@ -125,22 +125,6 @@ int mbedtls_md5_update(mbedtls_md5_context *ctx, int mbedtls_md5_finish(mbedtls_md5_context *ctx, unsigned char output[16]); -/** - * \brief MD5 process data block (internal use only) - * - * \param ctx MD5 context - * \param data buffer holding one block of data - * - * \return 0 if successful - * - * \warning MD5 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - */ -int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, - const unsigned char data[64]); - /** * \brief Output = MD5( input buffer ) * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h index 570ab2e441..42f29730d3 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h @@ -86,17 +86,6 @@ int mbedtls_ripemd160_update(mbedtls_ripemd160_context *ctx, int mbedtls_ripemd160_finish(mbedtls_ripemd160_context *ctx, unsigned char output[20]); -/** - * \brief RIPEMD-160 process data block (internal use only) - * - * \param ctx RIPEMD-160 context - * \param data buffer holding one block of data - * - * \return 0 if successful - */ -int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, - const unsigned char data[64]); - /** * \brief Output = RIPEMD-160( input buffer ) * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h index 4b31c02504..dd47d34bce 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h @@ -142,24 +142,6 @@ int mbedtls_sha1_update(mbedtls_sha1_context *ctx, int mbedtls_sha1_finish(mbedtls_sha1_context *ctx, unsigned char output[20]); -/** - * \brief SHA-1 process data block (internal use only). - * - * \warning SHA-1 is considered a weak message digest and its use - * constitutes a security risk. We recommend considering - * stronger message digests instead. - * - * \param ctx The SHA-1 context to use. This must be initialized. - * \param data The data block being processed. This must be a - * readable buffer of length \c 64 Bytes. - * - * \return \c 0 on success. - * \return A negative error code on failure. - * - */ -int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, - const unsigned char data[64]); - /** * \brief This function calculates the SHA-1 checksum of a buffer. * diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h index 0253f7dc5d..05040ded86 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h @@ -119,21 +119,6 @@ int mbedtls_sha256_update(mbedtls_sha256_context *ctx, int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, unsigned char *output); -/** - * \brief This function processes a single data block within - * the ongoing SHA-256 computation. This function is for - * internal use only. - * - * \param ctx The SHA-256 context. This must be initialized. - * \param data The buffer holding one block of data. This must - * be a readable buffer of length \c 64 Bytes. - * - * \return \c 0 on success. - * \return A negative error code on failure. - */ -int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, - const unsigned char data[64]); - /** * \brief This function calculates the SHA-224 or SHA-256 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h index 002fe9d935..9d0191870d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h @@ -120,21 +120,6 @@ int mbedtls_sha512_update(mbedtls_sha512_context *ctx, int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, unsigned char *output); -/** - * \brief This function processes a single data block within - * the ongoing SHA-512 computation. - * This function is for internal use only. - * - * \param ctx The SHA-512 context. This must be initialized. - * \param data The buffer holding one block of data. This - * must be a readable buffer of length \c 128 Bytes. - * - * \return \c 0 on success. - * \return A negative error code on failure. - */ -int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, - const unsigned char data[128]); - /** * \brief This function calculates the SHA-512 or SHA-384 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/src/md5.c b/tf-psa-crypto/drivers/builtin/src/md5.c index 98b8ee4e9c..519be43f79 100644 --- a/tf-psa-crypto/drivers/builtin/src/md5.c +++ b/tf-psa-crypto/drivers/builtin/src/md5.c @@ -58,7 +58,7 @@ int mbedtls_md5_starts(mbedtls_md5_context *ctx) return 0; } -int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, +static int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, const unsigned char data[64]) { struct { diff --git a/tf-psa-crypto/drivers/builtin/src/ripemd160.c b/tf-psa-crypto/drivers/builtin/src/ripemd160.c index 835df9528a..e1275fbd95 100644 --- a/tf-psa-crypto/drivers/builtin/src/ripemd160.c +++ b/tf-psa-crypto/drivers/builtin/src/ripemd160.c @@ -62,7 +62,7 @@ int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx) /* * Process one block */ -int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, +static int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, const unsigned char data[64]) { struct { diff --git a/tf-psa-crypto/drivers/builtin/src/sha1.c b/tf-psa-crypto/drivers/builtin/src/sha1.c index b13381d30a..6c252f6218 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha1.c +++ b/tf-psa-crypto/drivers/builtin/src/sha1.c @@ -59,7 +59,7 @@ int mbedtls_sha1_starts(mbedtls_sha1_context *ctx) return 0; } -int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, +static int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, const unsigned char data[64]) { struct { diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 1bfb701bcf..6566d5fdca 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -617,7 +617,7 @@ static size_t mbedtls_internal_sha256_process_many(mbedtls_sha256_context *ctx, } } -int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, +static int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha256_has_support()) { diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 52b4f62a9d..25ac70bdf6 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -737,7 +737,7 @@ static size_t mbedtls_internal_sha512_process_many(mbedtls_sha512_context *ctx, } } -int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, +static int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha512_has_support()) { From ae5f8cc2537ec7330be7eea4b01448f7b4b7ee37 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 26 Jul 2024 08:20:04 +0100 Subject: [PATCH 25/33] Restore SHA256 & SHA512 prototypes Signed-off-by: Thomas Daubney --- .../drivers/builtin/include/mbedtls/sha256.h | 14 ++++++++++++++ .../drivers/builtin/include/mbedtls/sha512.h | 15 +++++++++++++++ tf-psa-crypto/drivers/builtin/src/sha256.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha512.c | 2 +- 4 files changed, 31 insertions(+), 2 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h index 05040ded86..307f0ec123 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h @@ -119,6 +119,20 @@ int mbedtls_sha256_update(mbedtls_sha256_context *ctx, int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, unsigned char *output); +/** + * \brief This function processes a single data block within + * the ongoing SHA-256 computation. This function is for + * internal use only. + * + * \param ctx The SHA-256 context. This must be initialized. + * \param data The buffer holding one block of data. This must + * be a readable buffer of length \c 64 Bytes. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, + const unsigned char data[64]); /** * \brief This function calculates the SHA-224 or SHA-256 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h index 9d0191870d..002fe9d935 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h @@ -120,6 +120,21 @@ int mbedtls_sha512_update(mbedtls_sha512_context *ctx, int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, unsigned char *output); +/** + * \brief This function processes a single data block within + * the ongoing SHA-512 computation. + * This function is for internal use only. + * + * \param ctx The SHA-512 context. This must be initialized. + * \param data The buffer holding one block of data. This + * must be a readable buffer of length \c 128 Bytes. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, + const unsigned char data[128]); + /** * \brief This function calculates the SHA-512 or SHA-384 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 6566d5fdca..1bfb701bcf 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -617,7 +617,7 @@ static size_t mbedtls_internal_sha256_process_many(mbedtls_sha256_context *ctx, } } -static int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, +int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha256_has_support()) { diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 25ac70bdf6..52b4f62a9d 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -737,7 +737,7 @@ static size_t mbedtls_internal_sha512_process_many(mbedtls_sha512_context *ctx, } } -static int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, +int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha512_has_support()) { From 8ac215e4823dde21c4cee66cafe9d31c8e55ac75 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Fri, 26 Jul 2024 14:20:53 +0100 Subject: [PATCH 26/33] Correct code style Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/md5.c | 2 +- tf-psa-crypto/drivers/builtin/src/ripemd160.c | 2 +- tf-psa-crypto/drivers/builtin/src/sha1.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/md5.c b/tf-psa-crypto/drivers/builtin/src/md5.c index 519be43f79..fd9a8e960b 100644 --- a/tf-psa-crypto/drivers/builtin/src/md5.c +++ b/tf-psa-crypto/drivers/builtin/src/md5.c @@ -59,7 +59,7 @@ int mbedtls_md5_starts(mbedtls_md5_context *ctx) } static int mbedtls_internal_md5_process(mbedtls_md5_context *ctx, - const unsigned char data[64]) + const unsigned char data[64]) { struct { uint32_t X[16], A, B, C, D; diff --git a/tf-psa-crypto/drivers/builtin/src/ripemd160.c b/tf-psa-crypto/drivers/builtin/src/ripemd160.c index e1275fbd95..0845fe821f 100644 --- a/tf-psa-crypto/drivers/builtin/src/ripemd160.c +++ b/tf-psa-crypto/drivers/builtin/src/ripemd160.c @@ -63,7 +63,7 @@ int mbedtls_ripemd160_starts(mbedtls_ripemd160_context *ctx) * Process one block */ static int mbedtls_internal_ripemd160_process(mbedtls_ripemd160_context *ctx, - const unsigned char data[64]) + const unsigned char data[64]) { struct { uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16]; diff --git a/tf-psa-crypto/drivers/builtin/src/sha1.c b/tf-psa-crypto/drivers/builtin/src/sha1.c index 6c252f6218..bd1b6301fd 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha1.c +++ b/tf-psa-crypto/drivers/builtin/src/sha1.c @@ -60,7 +60,7 @@ int mbedtls_sha1_starts(mbedtls_sha1_context *ctx) } static int mbedtls_internal_sha1_process(mbedtls_sha1_context *ctx, - const unsigned char data[64]) + const unsigned char data[64]) { struct { uint32_t temp, W[16], A, B, C, D, E; From d4c886e57ba9e637369c521fdfa3962aab088486 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Tue, 30 Jul 2024 10:17:01 +0100 Subject: [PATCH 27/33] Revert to original guarding for mbedtls_internal_aes_encrypt/decrypt Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/aes.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tf-psa-crypto/drivers/builtin/src/aes.c b/tf-psa-crypto/drivers/builtin/src/aes.c index 0f96db0b32..b9145eaff3 100644 --- a/tf-psa-crypto/drivers/builtin/src/aes.c +++ b/tf-psa-crypto/drivers/builtin/src/aes.c @@ -841,6 +841,7 @@ int mbedtls_aes_xts_setkey_dec(mbedtls_aes_xts_context *ctx, AES_RT3(MBEDTLS_BYTE_3(Y0)); \ } while (0) +#if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) /* * AES-ECB block encryption */ @@ -964,7 +965,7 @@ static int mbedtls_internal_aes_decrypt(mbedtls_aes_context *ctx, return 0; } #endif /* !MBEDTLS_BLOCK_CIPHER_NO_DECRYPT */ - +#endif /* !MBEDTLS_AES_USE_HARDWARE_ONLY */ /* * Our intrinsics-based implementation of AESNI requires the round keys to be * aligned on a 16-byte boundary. We take care of this before creating them, From bfe1b67ec546b3b36d22c4ba3100ab2e0f20add4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 31 Jul 2024 15:11:00 +0100 Subject: [PATCH 28/33] Make mbedtls_internal_sha256_process static Signed-off-by: Thomas Daubney --- .../drivers/builtin/include/mbedtls/sha256.h | 14 -------------- tf-psa-crypto/drivers/builtin/src/sha256.c | 16 +--------------- 2 files changed, 1 insertion(+), 29 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h index 307f0ec123..05040ded86 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h @@ -119,20 +119,6 @@ int mbedtls_sha256_update(mbedtls_sha256_context *ctx, int mbedtls_sha256_finish(mbedtls_sha256_context *ctx, unsigned char *output); -/** - * \brief This function processes a single data block within - * the ongoing SHA-256 computation. This function is for - * internal use only. - * - * \param ctx The SHA-256 context. This must be initialized. - * \param data The buffer holding one block of data. This must - * be a readable buffer of length \c 64 Bytes. - * - * \return \c 0 on success. - * \return A negative error code on failure. - */ -int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, - const unsigned char data[64]); /** * \brief This function calculates the SHA-224 or SHA-256 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 1bfb701bcf..339fa84422 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -414,13 +414,6 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) -/* - * This function is for internal use only if we are building both C and Armv8-A - * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() - */ -static -#endif int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { @@ -474,13 +467,6 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) -/* - * This function is for internal use only if we are building both C and Armv8 - * versions, otherwise it is renamed to be the public mbedtls_internal_sha256_process() - */ -static -#endif int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { @@ -617,7 +603,7 @@ static size_t mbedtls_internal_sha256_process_many(mbedtls_sha256_context *ctx, } } -int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, +static int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha256_has_support()) { From 7070d26fa02ef931e677cc8c8a581bf532b04dd5 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 31 Jul 2024 15:29:33 +0100 Subject: [PATCH 29/33] Make mbedtls_internal_sha512_process static Signed-off-by: Thomas Daubney --- .../drivers/builtin/include/mbedtls/sha512.h | 15 --------------- tf-psa-crypto/drivers/builtin/src/sha512.c | 16 +--------------- 2 files changed, 1 insertion(+), 30 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h index 002fe9d935..9d0191870d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h @@ -120,21 +120,6 @@ int mbedtls_sha512_update(mbedtls_sha512_context *ctx, int mbedtls_sha512_finish(mbedtls_sha512_context *ctx, unsigned char *output); -/** - * \brief This function processes a single data block within - * the ongoing SHA-512 computation. - * This function is for internal use only. - * - * \param ctx The SHA-512 context. This must be initialized. - * \param data The buffer holding one block of data. This - * must be a readable buffer of length \c 128 Bytes. - * - * \return \c 0 on success. - * \return A negative error code on failure. - */ -int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, - const unsigned char data[128]); - /** * \brief This function calculates the SHA-512 or SHA-384 * checksum of a buffer. diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 52b4f62a9d..a5ed782799 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -551,13 +551,6 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) -/* - * This function is for internal use only if we are building both C and A64 - * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() - */ -static -#endif int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { @@ -586,13 +579,6 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) -/* - * This function is for internal use only if we are building both C and A64 - * versions, otherwise it is renamed to be the public mbedtls_internal_sha512_process() - */ -static -#endif int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { @@ -737,7 +723,7 @@ static size_t mbedtls_internal_sha512_process_many(mbedtls_sha512_context *ctx, } } -int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, +static int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha512_has_support()) { From 38e64fbce0b24587cbd8b8412bded66e8ed53bb1 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 31 Jul 2024 15:32:15 +0100 Subject: [PATCH 30/33] Merge if blocks in SHA256/512 code Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/sha256.c | 4 ---- tf-psa-crypto/drivers/builtin/src/sha512.c | 5 ----- 2 files changed, 9 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 339fa84422..aff626fb5b 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -552,10 +552,6 @@ int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY */ - -#if !defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) - static size_t mbedtls_internal_sha256_process_many_c( mbedtls_sha256_context *ctx, const uint8_t *data, size_t len) { diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index a5ed782799..c1d5e59991 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -671,11 +671,6 @@ int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, return 0; } -#endif /* !MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ - - -#if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) - static size_t mbedtls_internal_sha512_process_many_c( mbedtls_sha512_context *ctx, const uint8_t *data, size_t len) { From eb97f2a50fef1ca28266a6e945d2e31aeeca34f4 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 1 Aug 2024 12:19:31 +0100 Subject: [PATCH 31/33] Make missed SHA internal functions static Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/sha256.c | 4 ++-- tf-psa-crypto/drivers/builtin/src/sha512.c | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index aff626fb5b..95bcf69f23 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -414,7 +414,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( return processed; } -int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, +static int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { return (mbedtls_internal_sha256_process_many_a64_crypto(ctx, data, @@ -467,7 +467,7 @@ int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, (d) += local.temp1; (h) = local.temp1 + local.temp2; \ } while (0) -int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, +static int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, const unsigned char data[SHA256_BLOCK_SIZE]) { struct { diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index c1d5e59991..27c7cf2a8a 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -551,7 +551,7 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( return processed; } -int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, +static int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { return (mbedtls_internal_sha512_process_many_a64_crypto(ctx, data, @@ -579,7 +579,7 @@ int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, #if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, +static int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, const unsigned char data[SHA512_BLOCK_SIZE]) { int i; From 15129195a697178eb22c5ab5deb93e813e96611c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Thu, 1 Aug 2024 13:06:01 +0100 Subject: [PATCH 32/33] Fix code stlye Signed-off-by: Thomas Daubney --- tf-psa-crypto/drivers/builtin/src/sha256.c | 6 +++--- tf-psa-crypto/drivers/builtin/src/sha512.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/tf-psa-crypto/drivers/builtin/src/sha256.c b/tf-psa-crypto/drivers/builtin/src/sha256.c index 95bcf69f23..49d98c327b 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha256.c +++ b/tf-psa-crypto/drivers/builtin/src/sha256.c @@ -415,7 +415,7 @@ static size_t mbedtls_internal_sha256_process_many_a64_crypto( } static int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ctx, - const unsigned char data[SHA256_BLOCK_SIZE]) + const unsigned char data[SHA256_BLOCK_SIZE]) { return (mbedtls_internal_sha256_process_many_a64_crypto(ctx, data, SHA256_BLOCK_SIZE) == @@ -468,7 +468,7 @@ static int mbedtls_internal_sha256_process_a64_crypto(mbedtls_sha256_context *ct } while (0) static int mbedtls_internal_sha256_process_c(mbedtls_sha256_context *ctx, - const unsigned char data[SHA256_BLOCK_SIZE]) + const unsigned char data[SHA256_BLOCK_SIZE]) { struct { uint32_t temp1, temp2, W[64]; @@ -600,7 +600,7 @@ static size_t mbedtls_internal_sha256_process_many(mbedtls_sha256_context *ctx, } static int mbedtls_internal_sha256_process(mbedtls_sha256_context *ctx, - const unsigned char data[SHA256_BLOCK_SIZE]) + const unsigned char data[SHA256_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha256_has_support()) { return mbedtls_internal_sha256_process_a64_crypto(ctx, data); diff --git a/tf-psa-crypto/drivers/builtin/src/sha512.c b/tf-psa-crypto/drivers/builtin/src/sha512.c index 27c7cf2a8a..9d8cffbc68 100644 --- a/tf-psa-crypto/drivers/builtin/src/sha512.c +++ b/tf-psa-crypto/drivers/builtin/src/sha512.c @@ -552,7 +552,7 @@ static size_t mbedtls_internal_sha512_process_many_a64_crypto( } static int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ctx, - const unsigned char data[SHA512_BLOCK_SIZE]) + const unsigned char data[SHA512_BLOCK_SIZE]) { return (mbedtls_internal_sha512_process_many_a64_crypto(ctx, data, SHA512_BLOCK_SIZE) == @@ -580,7 +580,7 @@ static int mbedtls_internal_sha512_process_a64_crypto(mbedtls_sha512_context *ct #if !defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) static int mbedtls_internal_sha512_process_c(mbedtls_sha512_context *ctx, - const unsigned char data[SHA512_BLOCK_SIZE]) + const unsigned char data[SHA512_BLOCK_SIZE]) { int i; struct { @@ -719,7 +719,7 @@ static size_t mbedtls_internal_sha512_process_many(mbedtls_sha512_context *ctx, } static int mbedtls_internal_sha512_process(mbedtls_sha512_context *ctx, - const unsigned char data[SHA512_BLOCK_SIZE]) + const unsigned char data[SHA512_BLOCK_SIZE]) { if (mbedtls_a64_crypto_sha512_has_support()) { return mbedtls_internal_sha512_process_a64_crypto(ctx, data); From a0cdde3588065df1990f01f902cbe3b3d0414a7c Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 7 Aug 2024 17:07:49 +0100 Subject: [PATCH 33/33] Remove outdated documentation Signed-off-by: Thomas Daubney --- include/mbedtls/mbedtls_config.h | 4 ---- 1 file changed, 4 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index 3881dbb114..3722c32a44 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -650,10 +650,6 @@ * PSA, and are not restartable. These are temporary limitations that * should be lifted in the future. * - * \note This option only works with the default software implementation of - * elliptic curve functionality. It is incompatible with - * MBEDTLS_ECDH_XXX_ALT, MBEDTLS_ECDSA_XXX_ALT. - * * Requires: MBEDTLS_ECP_C * * Uncomment this macro to enable restartable ECC computations.