* [PATCH v8 01/27] CI: Exclude MbedTLS subtree for CONFIG checks
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 1:52 ` Simon Glass
2024-10-03 21:50 ` [PATCH v8 02/27] mbedtls: add mbedtls into the build system Raymond Mao
` (27 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Ilias Apalodimas,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Leo Yu-Chi Liang,
Sean Anderson, Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Paul Barker, Marek Vasut,
Patrice Chotard, Jonas Karlman, Kongyang Liu, Greg Malysa,
Sughosh Ganu
Since MbedTLS is an external repo with its own coding style,
exclude it from Azure and gitlab CI CONFIG checks.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- None.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None.
.azure-pipelines.yml | 3 ++-
.gitlab-ci.yml | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml
index 93111eb6127..b66d49a62ba 100644
--- a/.azure-pipelines.yml
+++ b/.azure-pipelines.yml
@@ -76,7 +76,8 @@ stages:
# have no matches.
- script: git grep -E '^#[[:blank:]]*(define|undef)[[:blank:]]*CONFIG_'
:^doc/ :^arch/arm/dts/ :^scripts/kconfig/lkc.h
- :^include/linux/kconfig.h :^tools/ :^dts/upstream/ &&
+ :^include/linux/kconfig.h :^tools/ :^dts/upstream/
+ :^lib/mbedtls/external :^lib/mbedtls/mbedtls_def_config.h &&
exit 1 || exit 0
- job: docs
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 7d621031b85..2a52e15d0fe 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -159,7 +159,8 @@ check for new CONFIG symbols outside Kconfig:
# have no matches.
- git grep -E '^#[[:blank:]]*(define|undef)[[:blank:]]*CONFIG_'
:^doc/ :^arch/arm/dts/ :^scripts/kconfig/lkc.h
- :^include/linux/kconfig.h :^tools/ :^dts/upstream/ &&
+ :^include/linux/kconfig.h :^tools/ :^dts/upstream/
+ :^lib/mbedtls/external :^lib/mbedtls/mbedtls_def_config.h &&
exit 1 || exit 0
# build documentation
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 01/27] CI: Exclude MbedTLS subtree for CONFIG checks
2024-10-03 21:50 ` [PATCH v8 01/27] CI: Exclude MbedTLS subtree for CONFIG checks Raymond Mao
@ 2024-10-09 1:52 ` Simon Glass
0 siblings, 0 replies; 56+ messages in thread
From: Simon Glass @ 2024-10-09 1:52 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Ilias Apalodimas, Stefan Bosch,
Mario Six, Andy Shevchenko, Michal Simek, Tuomas Tynkkynen,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sumit Garg, Leo Yu-Chi Liang, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Paul Barker, Marek Vasut, Patrice Chotard,
Jonas Karlman, Kongyang Liu, Greg Malysa, Sughosh Ganu
On Thu, 3 Oct 2024 at 15:51, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Since MbedTLS is an external repo with its own coding style,
> exclude it from Azure and gitlab CI CONFIG checks.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> Reviewed-by: Tom Rini <trini@konsulko.com>
> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> ---
> Changes in v2
> - Initial patch.
> Changes in v3
> - None.
> Changes in v4
> - None.
> Changes in v5
> - None.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None.
>
> .azure-pipelines.yml | 3 ++-
> .gitlab-ci.yml | 3 ++-
> 2 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/.azure-pipelines.yml b/.azure-pipelines.yml
> index 93111eb6127..b66d49a62ba 100644
> --- a/.azure-pipelines.yml
> +++ b/.azure-pipelines.yml
> @@ -76,7 +76,8 @@ stages:
> # have no matches.
> - script: git grep -E '^#[[:blank:]]*(define|undef)[[:blank:]]*CONFIG_'
> :^doc/ :^arch/arm/dts/ :^scripts/kconfig/lkc.h
> - :^include/linux/kconfig.h :^tools/ :^dts/upstream/ &&
> + :^include/linux/kconfig.h :^tools/ :^dts/upstream/
> + :^lib/mbedtls/external :^lib/mbedtls/mbedtls_def_config.h &&
> exit 1 || exit 0
>
> - job: docs
> diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
> index 7d621031b85..2a52e15d0fe 100644
> --- a/.gitlab-ci.yml
> +++ b/.gitlab-ci.yml
> @@ -159,7 +159,8 @@ check for new CONFIG symbols outside Kconfig:
> # have no matches.
> - git grep -E '^#[[:blank:]]*(define|undef)[[:blank:]]*CONFIG_'
> :^doc/ :^arch/arm/dts/ :^scripts/kconfig/lkc.h
> - :^include/linux/kconfig.h :^tools/ :^dts/upstream/ &&
> + :^include/linux/kconfig.h :^tools/ :^dts/upstream/
> + :^lib/mbedtls/external :^lib/mbedtls/mbedtls_def_config.h &&
> exit 1 || exit 0
>
> # build documentation
> --
> 2.25.1
>
Reviewed-by: Simon Glass <sjg@chromium.org>
(since I queried this on an earlier revision)
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 02/27] mbedtls: add mbedtls into the build system
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
2024-10-03 21:50 ` [PATCH v8 01/27] CI: Exclude MbedTLS subtree for CONFIG checks Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 10:13 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS Raymond Mao
` (26 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Ilias Apalodimas,
Heinrich Schuchardt, Leo Yu-Chi Liang, Sean Anderson, Sumit Garg,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Greg Malysa, Kongyang Liu, Jonas Karlman, Sughosh Ganu,
Caleb Connolly, Eddie James
Port mbedtls with adapted libc header files.
Add mbedtls default config header file.
Optimize mbedtls default config by disabling unused features to
reduce the target size.
Add mbedtls kbuild makefile.
Add Kconfig skeleton and config submenu entry for selecting
crypto libraries between mbedtls and legacy ones.
Add the mbedtls include directories into the build system.
Port u-boot hash functions as MbedTLS crypto alternatives and set
it as default.
Subsequent patches will separate those Kconfigs into pairs of
_LEGACY and _MBEDTLS for controlling the implementations of legacy
crypto libraries and MbedTLS ones respectively.
The motivation of moving and adapting *INT* macros from kernel.h
to limits.h is to fullfill the MbedTLS building requirement.
The conditional compilation statements in MbedTLS expects the
*INT* macros as constant expressions, thus expressions like
`((int)(~0U >> 1))` will not work.
Prerequisite
------------
This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
$ git subtree add --prefix lib/mbedtls/external/mbedtls \
https://github.com/Mbed-TLS/mbedtls.git \
v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
$ git add --renormalize .
$ git commit
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Disabled unused MbedTLS features to optimize the target size.
Changes in v3
- Removed changes in stdio.h.
Changes in v4
- Move limits.h as a common header file that is included by kernel.h.
- Refactor the Kconfig to support legacy and MbedTLS options for each
algorithm.
- Refactor MbedTLS makefile and default config file to remove unused
config options and objects.
Changes in v5
- Merged patch #9 of v4 into this patch.
- Removed unused config MBEDTLS_LIB_TLS.
- Refactored MbedTLS Makefile and default config file.
Changes in v6
- Fixed UINT64_MAX.
- Removed copy right statement from limits.h
Changes in v7
- Fixed CI world build failures due to config dependencies.
- Fixed values of UINT_MAX and UINT32_MAX.
Changes in v8
- Port u-boot hash functions as MbedTLS crypto alternatives and set
it as default.
Makefile | 6 +++
include/limits.h | 25 ++++++++++
include/linux/kernel.h | 13 +----
include/stdlib.h | 1 +
lib/Kconfig | 4 ++
lib/Makefile | 2 +
lib/mbedtls/Kconfig | 56 +++++++++++++++++++++
lib/mbedtls/Makefile | 41 ++++++++++++++++
lib/mbedtls/mbedtls_def_config.h | 84 ++++++++++++++++++++++++++++++++
lib/mbedtls/port/assert.h | 12 +++++
lib/mbedtls/port/md5_alt.h | 57 ++++++++++++++++++++++
lib/mbedtls/port/sha1_alt.h | 57 ++++++++++++++++++++++
lib/mbedtls/port/sha256_alt.h | 64 ++++++++++++++++++++++++
lib/mbedtls/port/sha512_alt.h | 78 +++++++++++++++++++++++++++++
14 files changed, 488 insertions(+), 12 deletions(-)
create mode 100644 include/limits.h
create mode 100644 lib/mbedtls/Kconfig
create mode 100644 lib/mbedtls/Makefile
create mode 100644 lib/mbedtls/mbedtls_def_config.h
create mode 100644 lib/mbedtls/port/assert.h
create mode 100644 lib/mbedtls/port/md5_alt.h
create mode 100644 lib/mbedtls/port/sha1_alt.h
create mode 100644 lib/mbedtls/port/sha256_alt.h
create mode 100644 lib/mbedtls/port/sha512_alt.h
diff --git a/Makefile b/Makefile
index 525576f987d..f4659f9493a 100644
--- a/Makefile
+++ b/Makefile
@@ -829,6 +829,12 @@ KBUILD_HOSTCFLAGS += $(if $(CONFIG_TOOLS_DEBUG),-g)
UBOOTINCLUDE := \
-Iinclude \
$(if $(KBUILD_SRC), -I$(srctree)/include) \
+ $(if $(CONFIG_MBEDTLS_LIB), \
+ "-DMBEDTLS_CONFIG_FILE=\"mbedtls_def_config.h\"" \
+ -I$(srctree)/lib/mbedtls \
+ -I$(srctree)/lib/mbedtls/port \
+ -I$(srctree)/lib/mbedtls/external/mbedtls \
+ -I$(srctree)/lib/mbedtls/external/mbedtls/include) \
$(if $(CONFIG_$(SPL_)SYS_THUMB_BUILD), \
$(if $(CONFIG_HAS_THUMB2), \
$(if $(CONFIG_CPU_V7M), \
diff --git a/include/limits.h b/include/limits.h
new file mode 100644
index 00000000000..4700cc7a59f
--- /dev/null
+++ b/include/limits.h
@@ -0,0 +1,25 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+
+#ifndef _LIMITS_H
+#define _LIMITS_H
+
+#define INT_MAX 0x7fffffff
+#define UINT_MAX 0xffffffffU
+#define CHAR_BIT 8
+#define UINT32_MAX 0xffffffffU
+#define UINT64_MAX 0xffffffffffffffffULL
+
+#ifdef CONFIG_64BIT
+ #define UINTPTR_MAX UINT64_MAX
+#else
+ #define UINTPTR_MAX UINT32_MAX
+#endif
+
+#ifndef SIZE_MAX
+#define SIZE_MAX UINTPTR_MAX
+#endif
+#ifndef SSIZE_MAX
+#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
+#endif
+
+#endif /* _LIMITS_H */
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 939465f372b..9467edd65ab 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -3,25 +3,18 @@
#include <linux/types.h>
#include <linux/printk.h> /* for printf/pr_* utilities */
+#include <limits.h>
#define USHRT_MAX ((u16)(~0U))
#define SHRT_MAX ((s16)(USHRT_MAX>>1))
#define SHRT_MIN ((s16)(-SHRT_MAX - 1))
-#define INT_MAX ((int)(~0U>>1))
#define INT_MIN (-INT_MAX - 1)
-#define UINT_MAX (~0U)
#define LONG_MAX ((long)(~0UL>>1))
#define LONG_MIN (-LONG_MAX - 1)
#define ULONG_MAX (~0UL)
#define LLONG_MAX ((long long)(~0ULL>>1))
#define LLONG_MIN (-LLONG_MAX - 1)
#define ULLONG_MAX (~0ULL)
-#ifndef SIZE_MAX
-#define SIZE_MAX (~(size_t)0)
-#endif
-#ifndef SSIZE_MAX
-#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
-#endif
#define U8_MAX ((u8)~0U)
#define S8_MAX ((s8)(U8_MAX>>1))
@@ -36,10 +29,6 @@
#define S64_MAX ((s64)(U64_MAX>>1))
#define S64_MIN ((s64)(-S64_MAX - 1))
-/* Aliases defined by stdint.h */
-#define UINT32_MAX U32_MAX
-#define UINT64_MAX U64_MAX
-
#define INT32_MAX S32_MAX
#define STACK_MAGIC 0xdeadbeef
diff --git a/include/stdlib.h b/include/stdlib.h
index 9c175d4d74c..dedfd52a144 100644
--- a/include/stdlib.h
+++ b/include/stdlib.h
@@ -7,5 +7,6 @@
#define __STDLIB_H_
#include <malloc.h>
+#include <rand.h>
#endif /* __STDLIB_H_ */
diff --git a/lib/Kconfig b/lib/Kconfig
index 1dd4f271595..67a60160dac 100644
--- a/lib/Kconfig
+++ b/lib/Kconfig
@@ -419,6 +419,10 @@ config CIRCBUF
source "lib/dhry/Kconfig"
+menu "Alternative crypto libraries"
+source lib/mbedtls/Kconfig
+endmenu
+
menu "Security support"
config AES
diff --git a/lib/Makefile b/lib/Makefile
index d300249f57c..c4950b78a29 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -96,6 +96,8 @@ obj-$(CONFIG_LIBAVB) += libavb/
obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += libfdt/
obj-$(CONFIG_$(SPL_TPL_)OF_REAL) += fdtdec_common.o fdtdec.o
+obj-$(CONFIG_MBEDTLS_LIB) += mbedtls/
+
ifdef CONFIG_SPL_BUILD
obj-$(CONFIG_SPL_YMODEM_SUPPORT) += crc16-ccitt.o
obj-$(CONFIG_$(SPL_TPL_)HASH) += crc16-ccitt.o
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
new file mode 100644
index 00000000000..9d1a63c1ca6
--- /dev/null
+++ b/lib/mbedtls/Kconfig
@@ -0,0 +1,56 @@
+choice
+ prompt "Select crypto libraries"
+ default LEGACY_CRYPTO
+ help
+ Select crypto libraries.
+ LEGACY_CRYPTO for legacy crypto libraries,
+ MBEDTLS_LIB for MbedTLS libraries.
+
+config LEGACY_CRYPTO
+ bool "legacy crypto libraries"
+ select LEGACY_CRYPTO_BASIC
+ select LEGACY_CRYPTO_CERT
+
+config MBEDTLS_LIB
+ bool "MbedTLS libraries"
+ select MBEDTLS_LIB_X509
+endchoice
+
+if LEGACY_CRYPTO || MBEDTLS_LIB_CRYPTO_ALT
+
+config LEGACY_CRYPTO_BASIC
+ bool "legacy basic crypto libraries"
+ help
+ Enable legacy basic crypto libraries.
+
+config LEGACY_CRYPTO_CERT
+ bool "legacy certificate libraries"
+ help
+ Enable legacy certificate libraries.
+
+endif # LEGACY_CRYPTO
+
+if MBEDTLS_LIB
+
+config MBEDTLS_LIB_CRYPTO_ALT
+ bool "MbedTLS crypto alternatives"
+ depends on MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
+ select LEGACY_CRYPTO_BASIC
+ default y if MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
+ help
+ Enable MbedTLS crypto alternatives.
+ Mutually incompatible with MBEDTLS_LIB_CRYPTO.
+
+config MBEDTLS_LIB_CRYPTO
+ bool "MbedTLS crypto libraries"
+ help
+ Enable MbedTLS crypto libraries.
+ Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT.
+
+
+config MBEDTLS_LIB_X509
+ bool "MbedTLS certificate libraries"
+ help
+ Enable MbedTLS certificate libraries.
+
+endif # MBEDTLS_LIB
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
new file mode 100644
index 00000000000..0b6d6ca808f
--- /dev/null
+++ b/lib/mbedtls/Makefile
@@ -0,0 +1,41 @@
+# SPDX-License-Identifier: GPL-2.0+
+#
+# Copyright (c) 2024 Linaro Limited
+# Author: Raymond Mao <raymond.mao@linaro.org>
+
+MBEDTLS_LIB_DIR = external/mbedtls/library
+
+# MbedTLS crypto library
+obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
+mbedtls_lib_crypto-y := \
+ $(MBEDTLS_LIB_DIR)/platform_util.o \
+ $(MBEDTLS_LIB_DIR)/constant_time.o \
+ $(MBEDTLS_LIB_DIR)/md.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \
+ $(MBEDTLS_LIB_DIR)/sha256.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \
+ $(MBEDTLS_LIB_DIR)/sha512.o
+
+# MbedTLS X509 library
+obj-$(CONFIG_MBEDTLS_LIB_X509) += mbedtls_lib_x509.o
+mbedtls_lib_x509-y := $(MBEDTLS_LIB_DIR)/x509.o
+mbedtls_lib_x509-$(CONFIG_$(SPL_)ASN1_DECODER) += \
+ $(MBEDTLS_LIB_DIR)/asn1parse.o \
+ $(MBEDTLS_LIB_DIR)/asn1write.o \
+ $(MBEDTLS_LIB_DIR)/oid.o
+mbedtls_lib_x509-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += \
+ $(MBEDTLS_LIB_DIR)/bignum.o \
+ $(MBEDTLS_LIB_DIR)/bignum_core.o \
+ $(MBEDTLS_LIB_DIR)/rsa.o \
+ $(MBEDTLS_LIB_DIR)/rsa_alt_helpers.o
+mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += \
+ $(MBEDTLS_LIB_DIR)/pk.o \
+ $(MBEDTLS_LIB_DIR)/pk_wrap.o \
+ $(MBEDTLS_LIB_DIR)/pkparse.o
+mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += \
+ $(MBEDTLS_LIB_DIR)/x509_crl.o \
+ $(MBEDTLS_LIB_DIR)/x509_crt.o
+mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += \
+ $(MBEDTLS_LIB_DIR)/pkcs7.o
diff --git a/lib/mbedtls/mbedtls_def_config.h b/lib/mbedtls/mbedtls_def_config.h
new file mode 100644
index 00000000000..6fba053bd7c
--- /dev/null
+++ b/lib/mbedtls/mbedtls_def_config.h
@@ -0,0 +1,84 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * MbedTLS config file
+ *
+ * Derived from the MbedTLS internal config file,
+ * for more information about each build option,
+ * please refer to:
+ * external/mbedtls/include/mbedtls/mbedtls_config.h
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#if defined CONFIG_MBEDTLS_LIB
+
+#if CONFIG_IS_ENABLED(MD5)
+#define MBEDTLS_MD_C
+#define MBEDTLS_MD5_C
+#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
+#define MBEDTLS_MD5_ALT
+#endif
+#endif
+
+#if CONFIG_IS_ENABLED(SHA1)
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA1_C
+#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
+#define MBEDTLS_SHA1_ALT
+#endif
+#endif
+
+#if CONFIG_IS_ENABLED(SHA256)
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA256_C
+#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
+#define MBEDTLS_SHA256_ALT
+#endif
+#endif
+
+#if CONFIG_IS_ENABLED(SHA384)
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA384_C
+#endif
+
+#if CONFIG_IS_ENABLED(SHA512)
+#define MBEDTLS_MD_C
+#define MBEDTLS_SHA512_C
+#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
+#define MBEDTLS_SHA512_ALT
+#endif
+#endif
+
+#if defined CONFIG_MBEDTLS_LIB_X509
+
+#if CONFIG_IS_ENABLED(X509_CERTIFICATE_PARSER)
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+#define MBEDTLS_X509_CRL_PARSE_C
+#endif
+
+#if CONFIG_IS_ENABLED(ASYMMETRIC_PUBLIC_KEY_SUBTYPE)
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#endif
+
+#if CONFIG_IS_ENABLED(RSA_PUBLIC_KEY_PARSER)
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_RSA_C
+#define MBEDTLS_PKCS1_V15
+#endif
+
+#if CONFIG_IS_ENABLED(PKCS7_MESSAGE_PARSER)
+#define MBEDTLS_PKCS7_C
+#endif
+
+#if CONFIG_IS_ENABLED(ASN1_DECODER)
+#define MBEDTLS_OID_C
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+#endif
+
+#endif /* #if defined CONFIG_MBEDTLS_LIB_X509 */
+
+#endif /* #if defined CONFIG_MBEDTLS_LIB */
diff --git a/lib/mbedtls/port/assert.h b/lib/mbedtls/port/assert.h
new file mode 100644
index 00000000000..490701aa9d0
--- /dev/null
+++ b/lib/mbedtls/port/assert.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Dummy file to allow mbedtls linked with U-Boot to include assert.h
+ *
+ * Copyright (c) 2023 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#ifndef _MBEDTLS_ASSERT_H
+#define _MBEDTLS_ASSERT_H
+
+#endif /* _MBEDTLS_ASSERT_H */
diff --git a/lib/mbedtls/port/md5_alt.h b/lib/mbedtls/port/md5_alt.h
new file mode 100644
index 00000000000..c6e8eabf68a
--- /dev/null
+++ b/lib/mbedtls/port/md5_alt.h
@@ -0,0 +1,57 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef MD5_ALT_H
+#define MD5_ALT_H
+
+#include <image.h>
+#include <u-boot/md5.h>
+
+typedef MD5Context mbedtls_md5_context;
+
+static inline void mbedtls_md5_init(mbedtls_md5_context *ctx)
+{
+}
+
+static inline void mbedtls_md5_free(mbedtls_md5_context *ctx)
+{
+}
+
+static inline void
+mbedtls_md5_clone(mbedtls_md5_context *dst, const mbedtls_md5_context *src)
+{
+ *dst = *src;
+}
+
+static inline int mbedtls_md5_starts(mbedtls_md5_context *ctx)
+{
+ MD5Init(ctx);
+ return 0;
+}
+
+static inline int mbedtls_md5_update(mbedtls_md5_context *ctx,
+ const unsigned char *input,
+ size_t ilen)
+{
+ MD5Update(ctx, input, ilen);
+ return 0;
+}
+
+static inline int mbedtls_md5_finish(mbedtls_md5_context *ctx,
+ unsigned char output[16])
+{
+ MD5Final(output, ctx);
+ return 0;
+}
+
+static inline int mbedtls_md5(const unsigned char *input,
+ size_t ilen,
+ unsigned char output[16])
+{
+ md5_wd(input, ilen, output, CHUNKSZ_MD5);
+ return 0;
+}
+
+#endif /* md5_alt.h */
diff --git a/lib/mbedtls/port/sha1_alt.h b/lib/mbedtls/port/sha1_alt.h
new file mode 100644
index 00000000000..cbfe0ddc478
--- /dev/null
+++ b/lib/mbedtls/port/sha1_alt.h
@@ -0,0 +1,57 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef SHA1_ALT_H
+#define SHA1_ALT_H
+
+#include <image.h>
+#include <u-boot/sha1.h>
+
+typedef sha1_context mbedtls_sha1_context;
+
+static inline void mbedtls_sha1_init(mbedtls_sha1_context *ctx)
+{
+}
+
+static inline void mbedtls_sha1_free(mbedtls_sha1_context *ctx)
+{
+}
+
+static inline void mbedtls_sha1_clone(mbedtls_sha1_context *dst,
+ const mbedtls_sha1_context *src)
+{
+ *dst = *src;
+}
+
+static inline int mbedtls_sha1_starts(mbedtls_sha1_context *ctx)
+{
+ sha1_starts(ctx);
+ return 0;
+}
+
+static inline int mbedtls_sha1_update(mbedtls_sha1_context *ctx,
+ const unsigned char *input,
+ size_t ilen)
+{
+ sha1_update(ctx, input, ilen);
+ return 0;
+}
+
+static inline int mbedtls_sha1_finish(mbedtls_sha1_context *ctx,
+ unsigned char output[20])
+{
+ sha1_finish(ctx, output);
+ return 0;
+}
+
+static inline int mbedtls_sha1(const unsigned char *input,
+ size_t ilen,
+ unsigned char output[20])
+{
+ sha1_csum_wd(input, ilen, output, CHUNKSZ_SHA1);
+ return 0;
+}
+
+#endif /* sha1_alt.h */
diff --git a/lib/mbedtls/port/sha256_alt.h b/lib/mbedtls/port/sha256_alt.h
new file mode 100644
index 00000000000..80be94b0a06
--- /dev/null
+++ b/lib/mbedtls/port/sha256_alt.h
@@ -0,0 +1,64 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef SHA256_ALT_H
+#define SHA256_ALT_H
+
+#include <image.h>
+#include <u-boot/sha256.h>
+
+typedef sha256_context mbedtls_sha256_context;
+
+static inline void mbedtls_sha256_init(mbedtls_sha256_context *ctx)
+{
+}
+
+static inline void mbedtls_sha256_free(mbedtls_sha256_context *ctx)
+{
+}
+
+static inline void mbedtls_sha256_clone(mbedtls_sha256_context *dst,
+ const mbedtls_sha256_context *src)
+{
+ *dst = *src;
+}
+
+static inline int mbedtls_sha256_starts(mbedtls_sha256_context *ctx, int is224)
+{
+ if (is224)
+ return -EOPNOTSUPP;
+
+ sha256_starts(ctx);
+ return 0;
+}
+
+static inline int mbedtls_sha256_update(mbedtls_sha256_context *ctx,
+ const unsigned char *input,
+ size_t ilen)
+{
+ sha256_update(ctx, input, ilen);
+ return 0;
+}
+
+static inline int mbedtls_sha256_finish(mbedtls_sha256_context *ctx,
+ unsigned char *output)
+{
+ sha256_finish(ctx, output);
+ return 0;
+}
+
+static inline int mbedtls_sha256(const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is224)
+{
+ if (is224)
+ return -EOPNOTSUPP;
+
+ sha256_csum_wd(input, ilen, output, CHUNKSZ_SHA256);
+ return 0;
+}
+
+#endif /* sha256_alt.h */
diff --git a/lib/mbedtls/port/sha512_alt.h b/lib/mbedtls/port/sha512_alt.h
new file mode 100644
index 00000000000..596f17ae4da
--- /dev/null
+++ b/lib/mbedtls/port/sha512_alt.h
@@ -0,0 +1,78 @@
+/* SPDX-License-Identifier: GPL-2.0+ */
+/*
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef SHA512_ALT_H
+#define SHA512_ALT_H
+
+#include <image.h>
+#include <u-boot/sha512.h>
+
+typedef struct mbedtls_sha512_context {
+ sha512_context *ubctx;
+ bool is384;
+} mbedtls_sha512_context;
+
+static inline void mbedtls_sha512_init(mbedtls_sha512_context *ctx)
+{
+}
+
+static inline void mbedtls_sha512_free(mbedtls_sha512_context *ctx)
+{
+}
+
+static inline void mbedtls_sha512_clone(mbedtls_sha512_context *dst,
+ const mbedtls_sha512_context *src)
+{
+ *dst = *src;
+}
+
+static inline int mbedtls_sha512_starts(mbedtls_sha512_context *ctx, int is384)
+{
+ if (is384)
+ sha384_starts(ctx->ubctx);
+ else
+ sha512_starts(ctx->ubctx);
+
+ ctx->is384 = is384;
+ return 0;
+}
+
+static inline int mbedtls_sha512_update(mbedtls_sha512_context *ctx,
+ const unsigned char *input,
+ size_t ilen)
+{
+ if (ctx->is384)
+ sha384_update(ctx->ubctx, input, ilen);
+ else
+ sha512_update(ctx->ubctx, input, ilen);
+
+ return 0;
+}
+
+static inline int mbedtls_sha512_finish(mbedtls_sha512_context *ctx,
+ unsigned char *output)
+{
+ if (ctx->is384)
+ sha384_finish(ctx->ubctx, output);
+ else
+ sha512_finish(ctx->ubctx, output);
+
+ return 0;
+}
+
+static inline int mbedtls_sha512(const unsigned char *input,
+ size_t ilen,
+ unsigned char *output,
+ int is384)
+{
+ if (is384)
+ sha384_csum_wd(input, ilen, output, CHUNKSZ_SHA512);
+ else
+ sha512_csum_wd(input, ilen, output, CHUNKSZ_SHA512);
+
+ return 0;
+}
+
+#endif /* sha512_alt.h */
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 02/27] mbedtls: add mbedtls into the build system
2024-10-03 21:50 ` [PATCH v8 02/27] mbedtls: add mbedtls into the build system Raymond Mao
@ 2024-10-09 10:13 ` Ilias Apalodimas
2024-10-11 19:00 ` Raymond Mao
0 siblings, 1 reply; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 10:13 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sean Anderson, Sumit Garg, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Paul Barker, Marek Vasut, Greg Malysa,
Kongyang Liu, Jonas Karlman, Sughosh Ganu, Caleb Connolly,
Eddie James
Hi Raymond
On Fri, 4 Oct 2024 at 00:52, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Port mbedtls with adapted libc header files.
> Add mbedtls default config header file.
> Optimize mbedtls default config by disabling unused features to
> reduce the target size.
> Add mbedtls kbuild makefile.
> Add Kconfig skeleton and config submenu entry for selecting
> crypto libraries between mbedtls and legacy ones.
> Add the mbedtls include directories into the build system.
> Port u-boot hash functions as MbedTLS crypto alternatives and set
> it as default.
>
> Subsequent patches will separate those Kconfigs into pairs of
> _LEGACY and _MBEDTLS for controlling the implementations of legacy
> crypto libraries and MbedTLS ones respectively.
>
> The motivation of moving and adapting *INT* macros from kernel.h
> to limits.h is to fullfill the MbedTLS building requirement.
> The conditional compilation statements in MbedTLS expects the
> *INT* macros as constant expressions, thus expressions like
> `((int)(~0U >> 1))` will not work.
>
> Prerequisite
> ------------
>
> This patch series requires mbedtls git repo to be added as a
> subtree to the main U-Boot repo via:
>
> $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> https://github.com/Mbed-TLS/mbedtls.git \
> v3.6.0 --squash
>
> Moreover, due to the Windows-style files from mbedtls git repo,
> we need to convert the CRLF endings to LF and do a commit manually:
>
> $ git add --renormalize .
> $ git commit
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Disabled unused MbedTLS features to optimize the target size.
> Changes in v3
> - Removed changes in stdio.h.
> Changes in v4
> - Move limits.h as a common header file that is included by kernel.h.
> - Refactor the Kconfig to support legacy and MbedTLS options for each
> algorithm.
> - Refactor MbedTLS makefile and default config file to remove unused
> config options and objects.
> Changes in v5
> - Merged patch #9 of v4 into this patch.
> - Removed unused config MBEDTLS_LIB_TLS.
> - Refactored MbedTLS Makefile and default config file.
> Changes in v6
> - Fixed UINT64_MAX.
> - Removed copy right statement from limits.h
> Changes in v7
> - Fixed CI world build failures due to config dependencies.
> - Fixed values of UINT_MAX and UINT32_MAX.
> Changes in v8
> - Port u-boot hash functions as MbedTLS crypto alternatives and set
> it as default.
>
> Makefile | 6 +++
> include/limits.h | 25 ++++++++++
> include/linux/kernel.h | 13 +----
> include/stdlib.h | 1 +
> lib/Kconfig | 4 ++
> lib/Makefile | 2 +
> lib/mbedtls/Kconfig | 56 +++++++++++++++++++++
> lib/mbedtls/Makefile | 41 ++++++++++++++++
> lib/mbedtls/mbedtls_def_config.h | 84 ++++++++++++++++++++++++++++++++
> lib/mbedtls/port/assert.h | 12 +++++
> lib/mbedtls/port/md5_alt.h | 57 ++++++++++++++++++++++
> lib/mbedtls/port/sha1_alt.h | 57 ++++++++++++++++++++++
> lib/mbedtls/port/sha256_alt.h | 64 ++++++++++++++++++++++++
> lib/mbedtls/port/sha512_alt.h | 78 +++++++++++++++++++++++++++++
> 14 files changed, 488 insertions(+), 12 deletions(-)
> create mode 100644 include/limits.h
> create mode 100644 lib/mbedtls/Kconfig
> create mode 100644 lib/mbedtls/Makefile
> create mode 100644 lib/mbedtls/mbedtls_def_config.h
> create mode 100644 lib/mbedtls/port/assert.h
> create mode 100644 lib/mbedtls/port/md5_alt.h
> create mode 100644 lib/mbedtls/port/sha1_alt.h
> create mode 100644 lib/mbedtls/port/sha256_alt.h
> create mode 100644 lib/mbedtls/port/sha512_alt.h
>
> diff --git a/Makefile b/Makefile
> index 525576f987d..f4659f9493a 100644
> --- a/Makefile
> +++ b/Makefile
> @@ -829,6 +829,12 @@ KBUILD_HOSTCFLAGS += $(if $(CONFIG_TOOLS_DEBUG),-g)
> UBOOTINCLUDE := \
> -Iinclude \
> $(if $(KBUILD_SRC), -I$(srctree)/include) \
> + $(if $(CONFIG_MBEDTLS_LIB), \
> + "-DMBEDTLS_CONFIG_FILE=\"mbedtls_def_config.h\"" \
> + -I$(srctree)/lib/mbedtls \
> + -I$(srctree)/lib/mbedtls/port \
> + -I$(srctree)/lib/mbedtls/external/mbedtls \
> + -I$(srctree)/lib/mbedtls/external/mbedtls/include) \
> $(if $(CONFIG_$(SPL_)SYS_THUMB_BUILD), \
> $(if $(CONFIG_HAS_THUMB2), \
> $(if $(CONFIG_CPU_V7M), \
> diff --git a/include/limits.h b/include/limits.h
> new file mode 100644
> index 00000000000..4700cc7a59f
> --- /dev/null
> +++ b/include/limits.h
> @@ -0,0 +1,25 @@
> +/* SPDX-License-Identifier: GPL-2.0+ */
> +
> +#ifndef _LIMITS_H
> +#define _LIMITS_H
> +
> +#define INT_MAX 0x7fffffff
> +#define UINT_MAX 0xffffffffU
> +#define CHAR_BIT 8
> +#define UINT32_MAX 0xffffffffU
> +#define UINT64_MAX 0xffffffffffffffffULL
> +
> +#ifdef CONFIG_64BIT
> + #define UINTPTR_MAX UINT64_MAX
> +#else
> + #define UINTPTR_MAX UINT32_MAX
> +#endif
> +
> +#ifndef SIZE_MAX
> +#define SIZE_MAX UINTPTR_MAX
> +#endif
> +#ifndef SSIZE_MAX
> +#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
> +#endif
> +
> +#endif /* _LIMITS_H */
> diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> index 939465f372b..9467edd65ab 100644
> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h
> @@ -3,25 +3,18 @@
>
> #include <linux/types.h>
> #include <linux/printk.h> /* for printf/pr_* utilities */
> +#include <limits.h>
>
> #define USHRT_MAX ((u16)(~0U))
> #define SHRT_MAX ((s16)(USHRT_MAX>>1))
> #define SHRT_MIN ((s16)(-SHRT_MAX - 1))
> -#define INT_MAX ((int)(~0U>>1))
> #define INT_MIN (-INT_MAX - 1)
> -#define UINT_MAX (~0U)
> #define LONG_MAX ((long)(~0UL>>1))
> #define LONG_MIN (-LONG_MAX - 1)
> #define ULONG_MAX (~0UL)
> #define LLONG_MAX ((long long)(~0ULL>>1))
> #define LLONG_MIN (-LLONG_MAX - 1)
> #define ULLONG_MAX (~0ULL)
> -#ifndef SIZE_MAX
> -#define SIZE_MAX (~(size_t)0)
> -#endif
> -#ifndef SSIZE_MAX
> -#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
> -#endif
>
> #define U8_MAX ((u8)~0U)
> #define S8_MAX ((s8)(U8_MAX>>1))
> @@ -36,10 +29,6 @@
> #define S64_MAX ((s64)(U64_MAX>>1))
> #define S64_MIN ((s64)(-S64_MAX - 1))
>
> -/* Aliases defined by stdint.h */
> -#define UINT32_MAX U32_MAX
> -#define UINT64_MAX U64_MAX
> -
> #define INT32_MAX S32_MAX
>
> #define STACK_MAGIC 0xdeadbeef
> diff --git a/include/stdlib.h b/include/stdlib.h
> index 9c175d4d74c..dedfd52a144 100644
> --- a/include/stdlib.h
> +++ b/include/stdlib.h
> @@ -7,5 +7,6 @@
> #define __STDLIB_H_
>
> #include <malloc.h>
> +#include <rand.h>
>
> #endif /* __STDLIB_H_ */
> diff --git a/lib/Kconfig b/lib/Kconfig
> index 1dd4f271595..67a60160dac 100644
> --- a/lib/Kconfig
> +++ b/lib/Kconfig
> @@ -419,6 +419,10 @@ config CIRCBUF
>
> source "lib/dhry/Kconfig"
>
> +menu "Alternative crypto libraries"
> +source lib/mbedtls/Kconfig
> +endmenu
> +
> menu "Security support"
>
> config AES
> diff --git a/lib/Makefile b/lib/Makefile
> index d300249f57c..c4950b78a29 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -96,6 +96,8 @@ obj-$(CONFIG_LIBAVB) += libavb/
> obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += libfdt/
> obj-$(CONFIG_$(SPL_TPL_)OF_REAL) += fdtdec_common.o fdtdec.o
>
> +obj-$(CONFIG_MBEDTLS_LIB) += mbedtls/
> +
> ifdef CONFIG_SPL_BUILD
> obj-$(CONFIG_SPL_YMODEM_SUPPORT) += crc16-ccitt.o
> obj-$(CONFIG_$(SPL_TPL_)HASH) += crc16-ccitt.o
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> new file mode 100644
> index 00000000000..9d1a63c1ca6
> --- /dev/null
> +++ b/lib/mbedtls/Kconfig
> @@ -0,0 +1,56 @@
> +choice
> + prompt "Select crypto libraries"
> + default LEGACY_CRYPTO
> + help
> + Select crypto libraries.
> + LEGACY_CRYPTO for legacy crypto libraries,
> + MBEDTLS_LIB for MbedTLS libraries.
> +
> +config LEGACY_CRYPTO
> + bool "legacy crypto libraries"
> + select LEGACY_CRYPTO_BASIC
> + select LEGACY_CRYPTO_CERT
> +
This overall llooks ok, but the native mbedTLS hashing should depend
on !CONFIG_SHA_HW_ACCEL.
If everyone thinks the series is good enough to merge, I don't mind
this going on a followup commit
> +config MBEDTLS_LIB
> + bool "MbedTLS libraries"
> + select MBEDTLS_LIB_X509
> +endchoice
> +
> +if LEGACY_CRYPTO || MBEDTLS_LIB_CRYPTO_ALT
> +
> +config LEGACY_CRYPTO_BASIC
> + bool "legacy basic crypto libraries"
> + help
> + Enable legacy basic crypto libraries.
> +
> +config LEGACY_CRYPTO_CERT
> + bool "legacy certificate libraries"
> + help
> + Enable legacy certificate libraries.
> +
> +endif # LEGACY_CRYPTO
> +
> +if MBEDTLS_LIB
> +
> +config MBEDTLS_LIB_CRYPTO_ALT
> + bool "MbedTLS crypto alternatives"
> + depends on MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
> + select LEGACY_CRYPTO_BASIC
> + default y if MBEDTLS_LIB && !MBEDTLS_LIB_CRYPTO
> + help
> + Enable MbedTLS crypto alternatives.
> + Mutually incompatible with MBEDTLS_LIB_CRYPTO.
> +
> +config MBEDTLS_LIB_CRYPTO
> + bool "MbedTLS crypto libraries"
> + help
> + Enable MbedTLS crypto libraries.
> + Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT.
> +
> +
> +config MBEDTLS_LIB_X509
> + bool "MbedTLS certificate libraries"
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +
> +#if defined CONFIG_MBEDTLS_LIB
> +
> +#if CONFIG_IS_ENABLED(MD5)
> +#define MBEDTLS_MD_C
> +#define MBEDTLS_MD5_C
> +#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
> +#define MBEDTLS_MD5_ALT
> +#endif
> +#endif
> +
> +#if CONFIG_IS_ENABLED(SHA1)
> +#define MBEDTLS_MD_C
> +#define MBEDTLS_SHA1_C
> +#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
> +#define MBEDTLS_SHA1_ALT
> +#endif
> +#endif
> +
> +#if CONFIG_IS_ENABLED(SHA256)
> +#define MBEDTLS_MD_C
> +#define MBEDTLS_SHA256_C
> +#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
> +#define MBEDTLS_SHA256_ALT
> +#endif
> +#endif
> +
> +#if CONFIG_IS_ENABLED(SHA384)
> +#define MBEDTLS_MD_C
> +#define MBEDTLS_SHA384_C
> +#endif
> +
[...]
Thanks
/Ilias
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 02/27] mbedtls: add mbedtls into the build system
2024-10-09 10:13 ` Ilias Apalodimas
@ 2024-10-11 19:00 ` Raymond Mao
0 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-11 19:00 UTC (permalink / raw)
To: Ilias Apalodimas
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sean Anderson, Sumit Garg, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Paul Barker, Marek Vasut, Greg Malysa,
Kongyang Liu, Jonas Karlman, Sughosh Ganu, Caleb Connolly,
Eddie James
Hi Ilias,
On Wed, 9 Oct 2024 at 06:14, Ilias Apalodimas <ilias.apalodimas@linaro.org>
wrote:
> Hi Raymond
>
> On Fri, 4 Oct 2024 at 00:52, Raymond Mao <raymond.mao@linaro.org> wrote:
> >
> > Port mbedtls with adapted libc header files.
> > Add mbedtls default config header file.
> > Optimize mbedtls default config by disabling unused features to
> > reduce the target size.
> > Add mbedtls kbuild makefile.
> > Add Kconfig skeleton and config submenu entry for selecting
> > crypto libraries between mbedtls and legacy ones.
> > Add the mbedtls include directories into the build system.
> > Port u-boot hash functions as MbedTLS crypto alternatives and set
> > it as default.
> >
> > Subsequent patches will separate those Kconfigs into pairs of
> > _LEGACY and _MBEDTLS for controlling the implementations of legacy
> > crypto libraries and MbedTLS ones respectively.
> >
> > The motivation of moving and adapting *INT* macros from kernel.h
> > to limits.h is to fullfill the MbedTLS building requirement.
> > The conditional compilation statements in MbedTLS expects the
> > *INT* macros as constant expressions, thus expressions like
> > `((int)(~0U >> 1))` will not work.
> >
> > Prerequisite
> > ------------
> >
> > This patch series requires mbedtls git repo to be added as a
> > subtree to the main U-Boot repo via:
> >
> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > https://github.com/Mbed-TLS/mbedtls.git \
> > v3.6.0 --squash
> >
> > Moreover, due to the Windows-style files from mbedtls git repo,
> > we need to convert the CRLF endings to LF and do a commit manually:
> >
> > $ git add --renormalize .
> > $ git commit
> >
> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > ---
> > Changes in v2
> > - Disabled unused MbedTLS features to optimize the target size.
> > Changes in v3
> > - Removed changes in stdio.h.
> > Changes in v4
> > - Move limits.h as a common header file that is included by kernel.h.
> > - Refactor the Kconfig to support legacy and MbedTLS options for each
> > algorithm.
> > - Refactor MbedTLS makefile and default config file to remove unused
> > config options and objects.
> > Changes in v5
> > - Merged patch #9 of v4 into this patch.
> > - Removed unused config MBEDTLS_LIB_TLS.
> > - Refactored MbedTLS Makefile and default config file.
> > Changes in v6
> > - Fixed UINT64_MAX.
> > - Removed copy right statement from limits.h
> > Changes in v7
> > - Fixed CI world build failures due to config dependencies.
> > - Fixed values of UINT_MAX and UINT32_MAX.
> > Changes in v8
> > - Port u-boot hash functions as MbedTLS crypto alternatives and set
> > it as default.
> >
> > Makefile | 6 +++
> > include/limits.h | 25 ++++++++++
> > include/linux/kernel.h | 13 +----
> > include/stdlib.h | 1 +
> > lib/Kconfig | 4 ++
> > lib/Makefile | 2 +
> > lib/mbedtls/Kconfig | 56 +++++++++++++++++++++
> > lib/mbedtls/Makefile | 41 ++++++++++++++++
> > lib/mbedtls/mbedtls_def_config.h | 84 ++++++++++++++++++++++++++++++++
> > lib/mbedtls/port/assert.h | 12 +++++
> > lib/mbedtls/port/md5_alt.h | 57 ++++++++++++++++++++++
> > lib/mbedtls/port/sha1_alt.h | 57 ++++++++++++++++++++++
> > lib/mbedtls/port/sha256_alt.h | 64 ++++++++++++++++++++++++
> > lib/mbedtls/port/sha512_alt.h | 78 +++++++++++++++++++++++++++++
> > 14 files changed, 488 insertions(+), 12 deletions(-)
> > create mode 100644 include/limits.h
> > create mode 100644 lib/mbedtls/Kconfig
> > create mode 100644 lib/mbedtls/Makefile
> > create mode 100644 lib/mbedtls/mbedtls_def_config.h
> > create mode 100644 lib/mbedtls/port/assert.h
> > create mode 100644 lib/mbedtls/port/md5_alt.h
> > create mode 100644 lib/mbedtls/port/sha1_alt.h
> > create mode 100644 lib/mbedtls/port/sha256_alt.h
> > create mode 100644 lib/mbedtls/port/sha512_alt.h
> >
> > diff --git a/Makefile b/Makefile
> > index 525576f987d..f4659f9493a 100644
> > --- a/Makefile
> > +++ b/Makefile
> > @@ -829,6 +829,12 @@ KBUILD_HOSTCFLAGS += $(if $(CONFIG_TOOLS_DEBUG),-g)
> > UBOOTINCLUDE := \
> > -Iinclude \
> > $(if $(KBUILD_SRC), -I$(srctree)/include) \
> > + $(if $(CONFIG_MBEDTLS_LIB), \
> > + "-DMBEDTLS_CONFIG_FILE=\"mbedtls_def_config.h\"" \
> > + -I$(srctree)/lib/mbedtls \
> > + -I$(srctree)/lib/mbedtls/port \
> > + -I$(srctree)/lib/mbedtls/external/mbedtls \
> > + -I$(srctree)/lib/mbedtls/external/mbedtls/include) \
> > $(if $(CONFIG_$(SPL_)SYS_THUMB_BUILD), \
> > $(if $(CONFIG_HAS_THUMB2), \
> > $(if $(CONFIG_CPU_V7M), \
> > diff --git a/include/limits.h b/include/limits.h
> > new file mode 100644
> > index 00000000000..4700cc7a59f
> > --- /dev/null
> > +++ b/include/limits.h
> > @@ -0,0 +1,25 @@
> > +/* SPDX-License-Identifier: GPL-2.0+ */
> > +
> > +#ifndef _LIMITS_H
> > +#define _LIMITS_H
> > +
> > +#define INT_MAX 0x7fffffff
> > +#define UINT_MAX 0xffffffffU
> > +#define CHAR_BIT 8
> > +#define UINT32_MAX 0xffffffffU
> > +#define UINT64_MAX 0xffffffffffffffffULL
> > +
> > +#ifdef CONFIG_64BIT
> > + #define UINTPTR_MAX UINT64_MAX
> > +#else
> > + #define UINTPTR_MAX UINT32_MAX
> > +#endif
> > +
> > +#ifndef SIZE_MAX
> > +#define SIZE_MAX UINTPTR_MAX
> > +#endif
> > +#ifndef SSIZE_MAX
> > +#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
> > +#endif
> > +
> > +#endif /* _LIMITS_H */
> > diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> > index 939465f372b..9467edd65ab 100644
> > --- a/include/linux/kernel.h
> > +++ b/include/linux/kernel.h
> > @@ -3,25 +3,18 @@
> >
> > #include <linux/types.h>
> > #include <linux/printk.h> /* for printf/pr_* utilities */
> > +#include <limits.h>
> >
> > #define USHRT_MAX ((u16)(~0U))
> > #define SHRT_MAX ((s16)(USHRT_MAX>>1))
> > #define SHRT_MIN ((s16)(-SHRT_MAX - 1))
> > -#define INT_MAX ((int)(~0U>>1))
> > #define INT_MIN (-INT_MAX - 1)
> > -#define UINT_MAX (~0U)
> > #define LONG_MAX ((long)(~0UL>>1))
> > #define LONG_MIN (-LONG_MAX - 1)
> > #define ULONG_MAX (~0UL)
> > #define LLONG_MAX ((long long)(~0ULL>>1))
> > #define LLONG_MIN (-LLONG_MAX - 1)
> > #define ULLONG_MAX (~0ULL)
> > -#ifndef SIZE_MAX
> > -#define SIZE_MAX (~(size_t)0)
> > -#endif
> > -#ifndef SSIZE_MAX
> > -#define SSIZE_MAX ((ssize_t)(SIZE_MAX >> 1))
> > -#endif
> >
> > #define U8_MAX ((u8)~0U)
> > #define S8_MAX ((s8)(U8_MAX>>1))
> > @@ -36,10 +29,6 @@
> > #define S64_MAX ((s64)(U64_MAX>>1))
> > #define S64_MIN ((s64)(-S64_MAX - 1))
> >
> > -/* Aliases defined by stdint.h */
> > -#define UINT32_MAX U32_MAX
> > -#define UINT64_MAX U64_MAX
> > -
> > #define INT32_MAX S32_MAX
> >
> > #define STACK_MAGIC 0xdeadbeef
> > diff --git a/include/stdlib.h b/include/stdlib.h
> > index 9c175d4d74c..dedfd52a144 100644
> > --- a/include/stdlib.h
> > +++ b/include/stdlib.h
> > @@ -7,5 +7,6 @@
> > #define __STDLIB_H_
> >
> > #include <malloc.h>
> > +#include <rand.h>
> >
> > #endif /* __STDLIB_H_ */
> > diff --git a/lib/Kconfig b/lib/Kconfig
> > index 1dd4f271595..67a60160dac 100644
> > --- a/lib/Kconfig
> > +++ b/lib/Kconfig
> > @@ -419,6 +419,10 @@ config CIRCBUF
> >
> > source "lib/dhry/Kconfig"
> >
> > +menu "Alternative crypto libraries"
> > +source lib/mbedtls/Kconfig
> > +endmenu
> > +
> > menu "Security support"
> >
> > config AES
> > diff --git a/lib/Makefile b/lib/Makefile
> > index d300249f57c..c4950b78a29 100644
> > --- a/lib/Makefile
> > +++ b/lib/Makefile
> > @@ -96,6 +96,8 @@ obj-$(CONFIG_LIBAVB) += libavb/
> > obj-$(CONFIG_$(SPL_TPL_)OF_LIBFDT) += libfdt/
> > obj-$(CONFIG_$(SPL_TPL_)OF_REAL) += fdtdec_common.o fdtdec.o
> >
> > +obj-$(CONFIG_MBEDTLS_LIB) += mbedtls/
> > +
> > ifdef CONFIG_SPL_BUILD
> > obj-$(CONFIG_SPL_YMODEM_SUPPORT) += crc16-ccitt.o
> > obj-$(CONFIG_$(SPL_TPL_)HASH) += crc16-ccitt.o
> > diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> > new file mode 100644
> > index 00000000000..9d1a63c1ca6
> > --- /dev/null
> > +++ b/lib/mbedtls/Kconfig
> > @@ -0,0 +1,56 @@
> > +choice
> > + prompt "Select crypto libraries"
> > + default LEGACY_CRYPTO
> > + help
> > + Select crypto libraries.
> > + LEGACY_CRYPTO for legacy crypto libraries,
> > + MBEDTLS_LIB for MbedTLS libraries.
> > +
> > +config LEGACY_CRYPTO
> > + bool "legacy crypto libraries"
> > + select LEGACY_CRYPTO_BASIC
> > + select LEGACY_CRYPTO_CERT
> > +
>
>
> This overall llooks ok, but the native mbedTLS hashing should depend
> on !CONFIG_SHA_HW_ACCEL.
> If everyone thinks the series is good enough to merge, I don't mind
> this going on a followup commit
>
> I will add this into v9 with other changes.
[snip]
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
2024-10-03 21:50 ` [PATCH v8 01/27] CI: Exclude MbedTLS subtree for CONFIG checks Raymond Mao
2024-10-03 21:50 ` [PATCH v8 02/27] mbedtls: add mbedtls into the build system Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 14:38 ` Tom Rini
2024-10-03 21:50 ` [PATCH v8 04/27] md5: Remove md5 non-watchdog API Raymond Mao
` (25 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg,
Sean Anderson, Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Greg Malysa, Kever Yang, Kongyang Liu, Linus Walleij,
Jonas Karlman, Sughosh Ganu
Adapt digest header files to support both original libs and MbedTLS
by switching on/off MBEDTLS_LIB_CRYPTO.
Introduce <alg>_LEGACY kconfig for legacy hash implementations.
sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
`IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
including <linux/kconfig.h> causes undefined reference on schedule()
with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
are defined in sandbox build,
Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- Remove the changes that were done in previous clean-up patch set.
Changes in v4
- Introduce <alg>_LEGACY kconfig for legacy hash implementations.
Changes in v5
- Correct header file include directories.
- Correct kconfig dependence.
Changes in v6
- Update commit message.
- Rebased on next branch.
Changes in v7
- Fixed the dependency between SUPPORT_EMMC_RPMB and SHA256.
Changes in v8
- None
drivers/mmc/Kconfig | 1 +
include/u-boot/md5.h | 7 ++++
include/u-boot/sha1.h | 21 +++++++++-
include/u-boot/sha256.h | 20 +++++++++
include/u-boot/sha512.h | 9 ++++
lib/Makefile | 11 ++---
lib/mbedtls/Kconfig | 91 +++++++++++++++++++++++++++++++++++++++++
7 files changed, 154 insertions(+), 6 deletions(-)
diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
index 982e84dc3bc..5d7fd904950 100644
--- a/drivers/mmc/Kconfig
+++ b/drivers/mmc/Kconfig
@@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
config SUPPORT_EMMC_RPMB
bool "Support eMMC replay protected memory block (RPMB)"
imply CMD_MMC_RPMB
+ select SHA256
help
Enable support for reading, writing and programming the
key for the Replay Protection Memory Block partition in eMMC.
diff --git a/include/u-boot/md5.h b/include/u-boot/md5.h
index c465925ea8d..69898fcbe49 100644
--- a/include/u-boot/md5.h
+++ b/include/u-boot/md5.h
@@ -6,10 +6,16 @@
#ifndef _MD5_H
#define _MD5_H
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+#include <mbedtls/md5.h>
+#endif
#include "compiler.h"
#define MD5_SUM_LEN 16
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+typedef mbedtls_md5_context MD5Context;
+#else
typedef struct MD5Context {
__u32 buf[4];
__u32 bits[2];
@@ -18,6 +24,7 @@ typedef struct MD5Context {
__u32 in32[16];
};
} MD5Context;
+#endif
void MD5Init(MD5Context *ctx);
void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len);
diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
index c1e9f67068d..ab88134fb98 100644
--- a/include/u-boot/sha1.h
+++ b/include/u-boot/sha1.h
@@ -16,6 +16,21 @@
#include <linux/types.h>
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+/*
+ * FIXME:
+ * MbedTLS define the members of "mbedtls_sha256_context" as private,
+ * but "state" needs to be access by arch/arm/cpu/armv8/sha1_ce_glue.
+ * MBEDTLS_ALLOW_PRIVATE_ACCESS needs to be enabled to allow the external
+ * access.
+ * Directly including <external/mbedtls/library/common.h> is not allowed,
+ * since this will include <malloc.h> and break the sandbox test.
+ */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#include <mbedtls/sha1.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -26,6 +41,9 @@ extern "C" {
extern const uint8_t sha1_der_prefix[];
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+typedef mbedtls_sha1_context sha1_context;
+#else
/**
* \brief SHA-1 context structure
*/
@@ -36,13 +54,14 @@ typedef struct
unsigned char buffer[64]; /*!< data block being processed */
}
sha1_context;
+#endif
/**
* \brief SHA-1 context setup
*
* \param ctx SHA-1 context to be initialized
*/
-void sha1_starts( sha1_context *ctx );
+void sha1_starts(sha1_context *ctx);
/**
* \brief SHA-1 process buffer
diff --git a/include/u-boot/sha256.h b/include/u-boot/sha256.h
index a4fe176c0b4..b58d5b58d39 100644
--- a/include/u-boot/sha256.h
+++ b/include/u-boot/sha256.h
@@ -3,6 +3,22 @@
#include <linux/types.h>
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+/*
+ * FIXME:
+ * MbedTLS define the members of "mbedtls_sha256_context" as private,
+ * but "state" needs to be access by arch/arm/cpu/armv8/sha256_ce_glue.
+ * MBEDTLS_ALLOW_PRIVATE_ACCESS needs to be enabled to allow the external
+ * access.
+ * Directly including <external/mbedtls/library/common.h> is not allowed,
+ * since this will include <malloc.h> and break the sandbox test.
+ */
+#define MBEDTLS_ALLOW_PRIVATE_ACCESS
+
+#include <mbedtls/sha256.h>
+#endif
+
+#define SHA224_SUM_LEN 28
#define SHA256_SUM_LEN 32
#define SHA256_DER_LEN 19
@@ -11,11 +27,15 @@ extern const uint8_t sha256_der_prefix[];
/* Reset watchdog each time we process this many bytes */
#define CHUNKSZ_SHA256 (64 * 1024)
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+typedef mbedtls_sha256_context sha256_context;
+#else
typedef struct {
uint32_t total[2];
uint32_t state[8];
uint8_t buffer[64];
} sha256_context;
+#endif
void sha256_starts(sha256_context * ctx);
void sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length);
diff --git a/include/u-boot/sha512.h b/include/u-boot/sha512.h
index 83c2119cd26..7e10f590a1d 100644
--- a/include/u-boot/sha512.h
+++ b/include/u-boot/sha512.h
@@ -3,6 +3,10 @@
#include <linux/types.h>
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+#include <mbedtls/sha512.h>
+#endif
+
#define SHA384_SUM_LEN 48
#define SHA384_DER_LEN 19
#define SHA512_SUM_LEN 64
@@ -12,11 +16,16 @@
#define CHUNKSZ_SHA384 (16 * 1024)
#define CHUNKSZ_SHA512 (16 * 1024)
+#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
+typedef mbedtls_sha512_context sha384_context;
+typedef mbedtls_sha512_context sha512_context;
+#else
typedef struct {
uint64_t state[SHA512_SUM_LEN / 8];
uint64_t count[2];
uint8_t buf[SHA512_BLOCK_SIZE];
} sha512_context;
+#endif
extern const uint8_t sha512_der_prefix[];
diff --git a/lib/Makefile b/lib/Makefile
index c4950b78a29..33755778283 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
obj-y += net_utils.o
obj-$(CONFIG_PHYSMEM) += physmem.o
obj-y += rc4.o
-obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
obj-$(CONFIG_RBTREE) += rbtree.o
obj-$(CONFIG_BITREVERSE) += bitrev.o
obj-y += list_sort.o
@@ -71,14 +70,16 @@ obj-$(CONFIG_$(SPL_TPL_)CRC16) += crc16.o
obj-y += crypto/
obj-$(CONFIG_$(SPL_TPL_)ACPI) += acpi/
-obj-$(CONFIG_$(SPL_)MD5) += md5.o
obj-$(CONFIG_ECDSA) += ecdsa/
obj-$(CONFIG_$(SPL_)RSA) += rsa/
obj-$(CONFIG_HASH) += hash-checksum.o
obj-$(CONFIG_BLAKE2) += blake2/blake2b.o
-obj-$(CONFIG_$(SPL_)SHA1) += sha1.o
-obj-$(CONFIG_$(SPL_)SHA256) += sha256.o
-obj-$(CONFIG_$(SPL_)SHA512) += sha512.o
+
+obj-$(CONFIG_$(SPL_)MD5_LEGACY) += md5.o
+obj-$(CONFIG_$(SPL_)SHA1_LEGACY) += sha1.o
+obj-$(CONFIG_$(SPL_)SHA256_LEGACY) += sha256.o
+obj-$(CONFIG_$(SPL_)SHA512_LEGACY) += sha512.o
+
obj-$(CONFIG_CRYPT_PW) += crypt/
obj-$(CONFIG_$(SPL_)ASN1_DECODER) += asn1_decoder.o
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index 9d1a63c1ca6..8a7b3a30c04 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -20,9 +20,100 @@ if LEGACY_CRYPTO || MBEDTLS_LIB_CRYPTO_ALT
config LEGACY_CRYPTO_BASIC
bool "legacy basic crypto libraries"
+ select MD5_LEGACY if MD5
+ select SHA1_LEGACY if SHA1
+ select SHA256_LEGACY if SHA256
+ select SHA512_LEGACY if SHA512
+ select SHA384_LEGACY if SHA384
+ select SPL_MD5_LEGACY if SPL_MD5
+ select SPL_SHA1_LEGACY if SPL_SHA1
+ select SPL_SHA256_LEGACY if SPL_SHA256
+ select SPL_SHA512_LEGACY if SPL_SHA512
+ select SPL_SHA384_LEGACY if SPL_SHA384
help
Enable legacy basic crypto libraries.
+if LEGACY_CRYPTO_BASIC
+
+config SHA1_LEGACY
+ bool "Enable SHA1 support with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SHA1
+ help
+ This option enables support of hashing using SHA1 algorithm
+ with legacy crypto library.
+
+config SHA256_LEGACY
+ bool "Enable SHA256 support with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SHA256
+ help
+ This option enables support of hashing using SHA256 algorithm
+ with legacy crypto library.
+
+config SHA512_LEGACY
+ bool "Enable SHA512 support with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SHA512
+ default y if TI_SECURE_DEVICE && FIT_SIGNATURE
+ help
+ This option enables support of hashing using SHA512 algorithm
+ with legacy crypto library.
+
+config SHA384_LEGACY
+ bool "Enable SHA384 support with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SHA384
+ select SHA512_LEGACY
+ help
+ This option enables support of hashing using SHA384 algorithm
+ with legacy crypto library.
+
+config MD5_LEGACY
+ bool "Enable MD5 support with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && MD5
+ help
+ This option enables support of hashing using MD5 algorithm
+ with legacy crypto library.
+
+if SPL
+
+config SPL_SHA1_LEGACY
+ bool "Enable SHA1 support in SPL with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SPL_SHA1
+ help
+ This option enables support of hashing using SHA1 algorithm
+ with legacy crypto library.
+
+config SPL_SHA256_LEGACY
+ bool "Enable SHA256 support in SPL with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SPL_SHA256
+ help
+ This option enables support of hashing using SHA256 algorithm
+ with legacy crypto library.
+
+config SPL_SHA512_LEGACY
+ bool "Enable SHA512 support in SPL with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SPL_SHA512
+ help
+ This option enables support of hashing using SHA512 algorithm
+ with legacy crypto library.
+
+config SPL_SHA384_LEGACY
+ bool "Enable SHA384 support in SPL with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SPL_SHA384
+ select SPL_SHA512_LEGACY
+ help
+ This option enables support of hashing using SHA384 algorithm
+ with legacy crypto library.
+
+config SPL_MD5_LEGACY
+ bool "Enable MD5 support in SPL with legacy crypto library"
+ depends on LEGACY_CRYPTO_BASIC && SPL_MD5
+ help
+ This option enables support of hashing using MD5 algorithm
+ with legacy crypto library.
+
+endif # SPL
+
+endif # LEGACY_CRYPTO_BASIC
+
config LEGACY_CRYPTO_CERT
bool "legacy certificate libraries"
help
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-03 21:50 ` [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS Raymond Mao
@ 2024-10-09 14:38 ` Tom Rini
2024-10-09 15:32 ` Raymond Mao
0 siblings, 1 reply; 56+ messages in thread
From: Tom Rini @ 2024-10-09 14:38 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Ilias Apalodimas, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
[-- Attachment #1: Type: text/plain, Size: 4601 bytes --]
On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> Adapt digest header files to support both original libs and MbedTLS
> by switching on/off MBEDTLS_LIB_CRYPTO.
> Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
> SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
>
> `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> including <linux/kconfig.h> causes undefined reference on schedule()
> with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
> which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
> are defined in sandbox build,
> Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
There's three platforms where we see something like:
arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text +5400.0
o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
function old new delta
hash_command 108 296 +188
sha1_finish - 156 +156
static.sha1_update - 114 +114
hash_algo - 112 +112
sha1_padding - 64 +64
hash_lookup_algo - 60 +60
sha1_starts - 52 +52
crc16_ccitt_wd_buf - 36 +36
sha256_csum_wd - 34 +34
sha1_csum_wd - 34 +34
hash_finish_sha256 - 34 +34
hash_finish_sha1 - 34 +34
crc32_wd_buf - 34 +34
hash_finish_crc32 - 28 +28
hash_finish_crc16_ccitt - 28 +28
hash_init_sha256 - 22 +22
hash_init_sha1 - 22 +22
hash_update_crc32 - 20 +20
hash_update_crc16_ccitt - 20 +20
hash_init_crc32 - 20 +20
hash_init_crc16_ccitt - 20 +20
hash_update_sha256 - 16 +16
hash_update_sha1 - 16 +16
sha1_update - 8 +8
This is because:
> diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> index 982e84dc3bc..5d7fd904950 100644
> --- a/drivers/mmc/Kconfig
> +++ b/drivers/mmc/Kconfig
> @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> config SUPPORT_EMMC_RPMB
> bool "Support eMMC replay protected memory block (RPMB)"
> imply CMD_MMC_RPMB
> + select SHA256
> help
> Enable support for reading, writing and programming the
> key for the Replay Protection Memory Block partition in eMMC.
Wasn't true / required before now, no hashing algorithms were enabled.
This was fine because:
[snip]
> diff --git a/lib/Makefile b/lib/Makefile
> index c4950b78a29..33755778283 100644
> --- a/lib/Makefile
> +++ b/lib/Makefile
> @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> obj-y += net_utils.o
> obj-$(CONFIG_PHYSMEM) += physmem.o
> obj-y += rc4.o
> -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> obj-$(CONFIG_RBTREE) += rbtree.o
> obj-$(CONFIG_BITREVERSE) += bitrev.o
> obj-y += list_sort.o
Got us the library access without bringing in everything else. And since
two of the platforms that are hitting this now are "nano" this is an
important thing to figure out how to continue to support. If there's
just no way around it, we can likely live with the size increase, but
I'd like to see this looked in to specifically first, thanks!
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 14:38 ` Tom Rini
@ 2024-10-09 15:32 ` Raymond Mao
2024-10-09 15:41 ` Tom Rini
2024-10-09 17:32 ` Ilias Apalodimas
0 siblings, 2 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-09 15:32 UTC (permalink / raw)
To: Tom Rini
Cc: u-boot, manish.pandey2, Ilias Apalodimas, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
Hi Tom,
On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
>
> > Adapt digest header files to support both original libs and MbedTLS
> > by switching on/off MBEDTLS_LIB_CRYPTO.
> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> > sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> >
> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > including <linux/kconfig.h> causes undefined reference on schedule()
> > with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no
> schedule()
> > are defined in sandbox build,
> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> >
> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
>
> There's three platforms where we see something like:
> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text
> +5400.0
> o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> function old new
> delta
> hash_command 108 296
> +188
> sha1_finish - 156
> +156
> static.sha1_update - 114
> +114
> hash_algo - 112
> +112
> sha1_padding - 64
> +64
> hash_lookup_algo - 60
> +60
> sha1_starts - 52
> +52
> crc16_ccitt_wd_buf - 36
> +36
> sha256_csum_wd - 34
> +34
> sha1_csum_wd - 34
> +34
> hash_finish_sha256 - 34
> +34
> hash_finish_sha1 - 34
> +34
> crc32_wd_buf - 34
> +34
> hash_finish_crc32 - 28
> +28
> hash_finish_crc16_ccitt - 28
> +28
> hash_init_sha256 - 22
> +22
> hash_init_sha1 - 22
> +22
> hash_update_crc32 - 20
> +20
> hash_update_crc16_ccitt - 20
> +20
> hash_init_crc32 - 20
> +20
> hash_init_crc16_ccitt - 20
> +20
> hash_update_sha256 - 16
> +16
> hash_update_sha1 - 16
> +16
> sha1_update - 8
> +8
>
> This is because:
> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > index 982e84dc3bc..5d7fd904950 100644
> > --- a/drivers/mmc/Kconfig
> > +++ b/drivers/mmc/Kconfig
> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> > config SUPPORT_EMMC_RPMB
> > bool "Support eMMC replay protected memory block (RPMB)"
> > imply CMD_MMC_RPMB
> > + select SHA256
> > help
> > Enable support for reading, writing and programming the
> > key for the Replay Protection Memory Block partition in eMMC.
>
> Wasn't true / required before now, no hashing algorithms were enabled.
> This was fine because:
> [snip]
> > diff --git a/lib/Makefile b/lib/Makefile
> > index c4950b78a29..33755778283 100644
> > --- a/lib/Makefile
> > +++ b/lib/Makefile
> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> > obj-y += net_utils.o
> > obj-$(CONFIG_PHYSMEM) += physmem.o
> > obj-y += rc4.o
> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> > obj-$(CONFIG_RBTREE) += rbtree.o
> > obj-$(CONFIG_BITREVERSE) += bitrev.o
> > obj-y += list_sort.o
>
> Got us the library access without bringing in everything else. And since
> two of the platforms that are hitting this now are "nano" this is an
> important thing to figure out how to continue to support. If there's
> just no way around it, we can likely live with the size increase, but
> I'd like to see this looked in to specifically first, thanks!
>
> To address this, I think there are two options.
1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
1) looks to be ugly, I prefer 2) if you agree.
Regards,
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 15:32 ` Raymond Mao
@ 2024-10-09 15:41 ` Tom Rini
2024-10-09 17:32 ` Ilias Apalodimas
1 sibling, 0 replies; 56+ messages in thread
From: Tom Rini @ 2024-10-09 15:41 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Ilias Apalodimas, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
[-- Attachment #1: Type: text/plain, Size: 5505 bytes --]
On Wed, Oct 09, 2024 at 11:32:29AM -0400, Raymond Mao wrote:
> Hi Tom,
>
> On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
>
> > On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> >
> > > Adapt digest header files to support both original libs and MbedTLS
> > > by switching on/off MBEDTLS_LIB_CRYPTO.
> > > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> > > sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
> > > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> > >
> > > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > > including <linux/kconfig.h> causes undefined reference on schedule()
> > > with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
> > > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no
> > schedule()
> > > are defined in sandbox build,
> > > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> > >
> > > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> >
> > There's three platforms where we see something like:
> > arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text
> > +5400.0
> > o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
> > u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> > function old new
> > delta
> > hash_command 108 296
> > +188
> > sha1_finish - 156
> > +156
> > static.sha1_update - 114
> > +114
> > hash_algo - 112
> > +112
> > sha1_padding - 64
> > +64
> > hash_lookup_algo - 60
> > +60
> > sha1_starts - 52
> > +52
> > crc16_ccitt_wd_buf - 36
> > +36
> > sha256_csum_wd - 34
> > +34
> > sha1_csum_wd - 34
> > +34
> > hash_finish_sha256 - 34
> > +34
> > hash_finish_sha1 - 34
> > +34
> > crc32_wd_buf - 34
> > +34
> > hash_finish_crc32 - 28
> > +28
> > hash_finish_crc16_ccitt - 28
> > +28
> > hash_init_sha256 - 22
> > +22
> > hash_init_sha1 - 22
> > +22
> > hash_update_crc32 - 20
> > +20
> > hash_update_crc16_ccitt - 20
> > +20
> > hash_init_crc32 - 20
> > +20
> > hash_init_crc16_ccitt - 20
> > +20
> > hash_update_sha256 - 16
> > +16
> > hash_update_sha1 - 16
> > +16
> > sha1_update - 8
> > +8
> >
> > This is because:
> > > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > > index 982e84dc3bc..5d7fd904950 100644
> > > --- a/drivers/mmc/Kconfig
> > > +++ b/drivers/mmc/Kconfig
> > > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> > > config SUPPORT_EMMC_RPMB
> > > bool "Support eMMC replay protected memory block (RPMB)"
> > > imply CMD_MMC_RPMB
> > > + select SHA256
> > > help
> > > Enable support for reading, writing and programming the
> > > key for the Replay Protection Memory Block partition in eMMC.
> >
> > Wasn't true / required before now, no hashing algorithms were enabled.
> > This was fine because:
> > [snip]
> > > diff --git a/lib/Makefile b/lib/Makefile
> > > index c4950b78a29..33755778283 100644
> > > --- a/lib/Makefile
> > > +++ b/lib/Makefile
> > > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> > > obj-y += net_utils.o
> > > obj-$(CONFIG_PHYSMEM) += physmem.o
> > > obj-y += rc4.o
> > > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> > > obj-$(CONFIG_RBTREE) += rbtree.o
> > > obj-$(CONFIG_BITREVERSE) += bitrev.o
> > > obj-y += list_sort.o
> >
> > Got us the library access without bringing in everything else. And since
> > two of the platforms that are hitting this now are "nano" this is an
> > important thing to figure out how to continue to support. If there's
> > just no way around it, we can likely live with the size increase, but
> > I'd like to see this looked in to specifically first, thanks!
> >
> To address this, I think there are two options.
> 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> 1) looks to be ugly, I prefer 2) if you agree.
Well, part of the size issue is that it looks like a number of other
algorithms are now being enabled too?
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 15:32 ` Raymond Mao
2024-10-09 15:41 ` Tom Rini
@ 2024-10-09 17:32 ` Ilias Apalodimas
2024-10-09 17:52 ` Tom Rini
1 sibling, 1 reply; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 17:32 UTC (permalink / raw)
To: Raymond Mao
Cc: Tom Rini, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
On Wed, 9 Oct 2024 at 18:32, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Hi Tom,
>
> On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
>>
>> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
>>
>> > Adapt digest header files to support both original libs and MbedTLS
>> > by switching on/off MBEDTLS_LIB_CRYPTO.
>> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
>> > sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
>> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
>> >
>> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
>> > including <linux/kconfig.h> causes undefined reference on schedule()
>> > with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
>> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
>> > are defined in sandbox build,
>> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
>> >
>> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
>> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
>>
>> There's three platforms where we see something like:
>> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text +5400.0
>> o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
>> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
>> function old new delta
>> hash_command 108 296 +188
>> sha1_finish - 156 +156
>> static.sha1_update - 114 +114
>> hash_algo - 112 +112
>> sha1_padding - 64 +64
>> hash_lookup_algo - 60 +60
>> sha1_starts - 52 +52
>> crc16_ccitt_wd_buf - 36 +36
>> sha256_csum_wd - 34 +34
>> sha1_csum_wd - 34 +34
>> hash_finish_sha256 - 34 +34
>> hash_finish_sha1 - 34 +34
>> crc32_wd_buf - 34 +34
>> hash_finish_crc32 - 28 +28
>> hash_finish_crc16_ccitt - 28 +28
>> hash_init_sha256 - 22 +22
>> hash_init_sha1 - 22 +22
>> hash_update_crc32 - 20 +20
>> hash_update_crc16_ccitt - 20 +20
>> hash_init_crc32 - 20 +20
>> hash_init_crc16_ccitt - 20 +20
>> hash_update_sha256 - 16 +16
>> hash_update_sha1 - 16 +16
>> sha1_update - 8 +8
>>
>> This is because:
>> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
>> > index 982e84dc3bc..5d7fd904950 100644
>> > --- a/drivers/mmc/Kconfig
>> > +++ b/drivers/mmc/Kconfig
>> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
>> > config SUPPORT_EMMC_RPMB
>> > bool "Support eMMC replay protected memory block (RPMB)"
>> > imply CMD_MMC_RPMB
>> > + select SHA256
>> > help
>> > Enable support for reading, writing and programming the
>> > key for the Replay Protection Memory Block partition in eMMC.
>>
>> Wasn't true / required before now, no hashing algorithms were enabled.
>> This was fine because:
>> [snip]
>> > diff --git a/lib/Makefile b/lib/Makefile
>> > index c4950b78a29..33755778283 100644
>> > --- a/lib/Makefile
>> > +++ b/lib/Makefile
>> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
>> > obj-y += net_utils.o
>> > obj-$(CONFIG_PHYSMEM) += physmem.o
>> > obj-y += rc4.o
>> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
>> > obj-$(CONFIG_RBTREE) += rbtree.o
>> > obj-$(CONFIG_BITREVERSE) += bitrev.o
>> > obj-y += list_sort.o
>>
>> Got us the library access without bringing in everything else. And since
>> two of the platforms that are hitting this now are "nano" this is an
>> important thing to figure out how to continue to support. If there's
>> just no way around it, we can likely live with the size increase, but
>> I'd like to see this looked in to specifically first, thanks!
>>
> To address this, I think there are two options.
> 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> 1) looks to be ugly, I prefer 2) if you agree.
2 is not a good idea either. We can't just drop RPMB support when
mbedTLS is enabled
Thanks
/Ilias
>
> Regards,
> Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 17:32 ` Ilias Apalodimas
@ 2024-10-09 17:52 ` Tom Rini
2024-10-10 6:47 ` Ilias Apalodimas
2024-10-11 18:25 ` Raymond Mao
0 siblings, 2 replies; 56+ messages in thread
From: Tom Rini @ 2024-10-09 17:52 UTC (permalink / raw)
To: Ilias Apalodimas
Cc: Raymond Mao, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
[-- Attachment #1: Type: text/plain, Size: 6192 bytes --]
On Wed, Oct 09, 2024 at 08:32:29PM +0300, Ilias Apalodimas wrote:
> On Wed, 9 Oct 2024 at 18:32, Raymond Mao <raymond.mao@linaro.org> wrote:
> >
> > Hi Tom,
> >
> > On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
> >>
> >> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> >>
> >> > Adapt digest header files to support both original libs and MbedTLS
> >> > by switching on/off MBEDTLS_LIB_CRYPTO.
> >> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> >> > sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
> >> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> >> >
> >> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> >> > including <linux/kconfig.h> causes undefined reference on schedule()
> >> > with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
> >> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
> >> > are defined in sandbox build,
> >> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> >> >
> >> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> >> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> >>
> >> There's three platforms where we see something like:
> >> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text +5400.0
> >> o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
> >> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> >> function old new delta
> >> hash_command 108 296 +188
> >> sha1_finish - 156 +156
> >> static.sha1_update - 114 +114
> >> hash_algo - 112 +112
> >> sha1_padding - 64 +64
> >> hash_lookup_algo - 60 +60
> >> sha1_starts - 52 +52
> >> crc16_ccitt_wd_buf - 36 +36
> >> sha256_csum_wd - 34 +34
> >> sha1_csum_wd - 34 +34
> >> hash_finish_sha256 - 34 +34
> >> hash_finish_sha1 - 34 +34
> >> crc32_wd_buf - 34 +34
> >> hash_finish_crc32 - 28 +28
> >> hash_finish_crc16_ccitt - 28 +28
> >> hash_init_sha256 - 22 +22
> >> hash_init_sha1 - 22 +22
> >> hash_update_crc32 - 20 +20
> >> hash_update_crc16_ccitt - 20 +20
> >> hash_init_crc32 - 20 +20
> >> hash_init_crc16_ccitt - 20 +20
> >> hash_update_sha256 - 16 +16
> >> hash_update_sha1 - 16 +16
> >> sha1_update - 8 +8
> >>
> >> This is because:
> >> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> >> > index 982e84dc3bc..5d7fd904950 100644
> >> > --- a/drivers/mmc/Kconfig
> >> > +++ b/drivers/mmc/Kconfig
> >> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> >> > config SUPPORT_EMMC_RPMB
> >> > bool "Support eMMC replay protected memory block (RPMB)"
> >> > imply CMD_MMC_RPMB
> >> > + select SHA256
> >> > help
> >> > Enable support for reading, writing and programming the
> >> > key for the Replay Protection Memory Block partition in eMMC.
> >>
> >> Wasn't true / required before now, no hashing algorithms were enabled.
> >> This was fine because:
> >> [snip]
> >> > diff --git a/lib/Makefile b/lib/Makefile
> >> > index c4950b78a29..33755778283 100644
> >> > --- a/lib/Makefile
> >> > +++ b/lib/Makefile
> >> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> >> > obj-y += net_utils.o
> >> > obj-$(CONFIG_PHYSMEM) += physmem.o
> >> > obj-y += rc4.o
> >> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> >> > obj-$(CONFIG_RBTREE) += rbtree.o
> >> > obj-$(CONFIG_BITREVERSE) += bitrev.o
> >> > obj-y += list_sort.o
> >>
> >> Got us the library access without bringing in everything else. And since
> >> two of the platforms that are hitting this now are "nano" this is an
> >> important thing to figure out how to continue to support. If there's
> >> just no way around it, we can likely live with the size increase, but
> >> I'd like to see this looked in to specifically first, thanks!
> >>
> > To address this, I think there are two options.
> > 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> > 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> > 1) looks to be ugly, I prefer 2) if you agree.
>
> 2 is not a good idea either. We can't just drop RPMB support when
> mbedTLS is enabled
To be clear, while I hope we can do something about this growth, I would
rather live with it (as it's not an unreasonable amount) than do 2, and
if 1 is too ugly, probably skip that as well. If it's not a matter of
loosening some select statements, or maybe introducing a library type
symbol we can see if anyone else more motivated has a better idea as
it's literally 3 platforms (ev-imx280-nano-x-mb is the other nano, and
then uniphier_v8 where it's arguably a missing feature anyhow) rather
than a large number of them. And not even other "mini" or "nano"
configs.
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 17:52 ` Tom Rini
@ 2024-10-10 6:47 ` Ilias Apalodimas
2024-10-11 18:25 ` Raymond Mao
1 sibling, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-10 6:47 UTC (permalink / raw)
To: Tom Rini
Cc: Raymond Mao, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
Hi Tom
On Wed, 9 Oct 2024 at 20:52, Tom Rini <trini@konsulko.com> wrote:
>
> On Wed, Oct 09, 2024 at 08:32:29PM +0300, Ilias Apalodimas wrote:
> > On Wed, 9 Oct 2024 at 18:32, Raymond Mao <raymond.mao@linaro.org> wrote:
> > >
> > > Hi Tom,
> > >
> > > On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
> > >>
> > >> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> > >>
> > >> > Adapt digest header files to support both original libs and MbedTLS
> > >> > by switching on/off MBEDTLS_LIB_CRYPTO.
> > >> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> > >> > sha256.o should depend on SHA256 kconfig only but not SUPPORT_EMMC_RPMB,
> > >> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> > >> >
> > >> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > >> > including <linux/kconfig.h> causes undefined reference on schedule()
> > >> > with sandbox build, as <linux/kconfig.h> includes <generated/autoconf.h>
> > >> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no schedule()
> > >> > are defined in sandbox build,
> > >> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> > >> >
> > >> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > >> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > >>
> > >> There's three platforms where we see something like:
> > >> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0 text +5400.0
> > >> o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
> > >> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> > >> function old new delta
> > >> hash_command 108 296 +188
> > >> sha1_finish - 156 +156
> > >> static.sha1_update - 114 +114
> > >> hash_algo - 112 +112
> > >> sha1_padding - 64 +64
> > >> hash_lookup_algo - 60 +60
> > >> sha1_starts - 52 +52
> > >> crc16_ccitt_wd_buf - 36 +36
> > >> sha256_csum_wd - 34 +34
> > >> sha1_csum_wd - 34 +34
> > >> hash_finish_sha256 - 34 +34
> > >> hash_finish_sha1 - 34 +34
> > >> crc32_wd_buf - 34 +34
> > >> hash_finish_crc32 - 28 +28
> > >> hash_finish_crc16_ccitt - 28 +28
> > >> hash_init_sha256 - 22 +22
> > >> hash_init_sha1 - 22 +22
> > >> hash_update_crc32 - 20 +20
> > >> hash_update_crc16_ccitt - 20 +20
> > >> hash_init_crc32 - 20 +20
> > >> hash_init_crc16_ccitt - 20 +20
> > >> hash_update_sha256 - 16 +16
> > >> hash_update_sha1 - 16 +16
> > >> sha1_update - 8 +8
> > >>
> > >> This is because:
> > >> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > >> > index 982e84dc3bc..5d7fd904950 100644
> > >> > --- a/drivers/mmc/Kconfig
> > >> > +++ b/drivers/mmc/Kconfig
> > >> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> > >> > config SUPPORT_EMMC_RPMB
> > >> > bool "Support eMMC replay protected memory block (RPMB)"
> > >> > imply CMD_MMC_RPMB
> > >> > + select SHA256
> > >> > help
> > >> > Enable support for reading, writing and programming the
> > >> > key for the Replay Protection Memory Block partition in eMMC.
> > >>
> > >> Wasn't true / required before now, no hashing algorithms were enabled.
> > >> This was fine because:
> > >> [snip]
> > >> > diff --git a/lib/Makefile b/lib/Makefile
> > >> > index c4950b78a29..33755778283 100644
> > >> > --- a/lib/Makefile
> > >> > +++ b/lib/Makefile
> > >> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> > >> > obj-y += net_utils.o
> > >> > obj-$(CONFIG_PHYSMEM) += physmem.o
> > >> > obj-y += rc4.o
> > >> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> > >> > obj-$(CONFIG_RBTREE) += rbtree.o
> > >> > obj-$(CONFIG_BITREVERSE) += bitrev.o
> > >> > obj-y += list_sort.o
> > >>
> > >> Got us the library access without bringing in everything else. And since
> > >> two of the platforms that are hitting this now are "nano" this is an
> > >> important thing to figure out how to continue to support. If there's
> > >> just no way around it, we can likely live with the size increase, but
> > >> I'd like to see this looked in to specifically first, thanks!
> > >>
> > > To address this, I think there are two options.
> > > 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> > > 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> > > 1) looks to be ugly, I prefer 2) if you agree.
> >
> > 2 is not a good idea either. We can't just drop RPMB support when
> > mbedTLS is enabled
>
> To be clear, while I hope we can do something about this growth, I would
> rather live with it (as it's not an unreasonable amount) than do 2, and
> if 1 is too ugly, probably skip that as well.
Yep, I agree. That was pretty clear from your first email as well. I
just pointed out that option 2 was just as bad
> If it's not a matter of
> loosening some select statements, or maybe introducing a library type
> symbol we can see if anyone else more motivated has a better idea as
> it's literally 3 platforms (ev-imx280-nano-x-mb is the other nano, and
> then uniphier_v8 where it's arguably a missing feature anyhow) rather
> than a large number of them. And not even other "mini" or "nano"
> configs.
>
> --
> Tom
Cheers
/Ilias
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-09 17:52 ` Tom Rini
2024-10-10 6:47 ` Ilias Apalodimas
@ 2024-10-11 18:25 ` Raymond Mao
2024-10-11 21:59 ` Tom Rini
1 sibling, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-11 18:25 UTC (permalink / raw)
To: Tom Rini
Cc: Ilias Apalodimas, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
Hi Tom,
On Wed, 9 Oct 2024 at 13:52, Tom Rini <trini@konsulko.com> wrote:
> On Wed, Oct 09, 2024 at 08:32:29PM +0300, Ilias Apalodimas wrote:
> > On Wed, 9 Oct 2024 at 18:32, Raymond Mao <raymond.mao@linaro.org> wrote:
> > >
> > > Hi Tom,
> > >
> > > On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
> > >>
> > >> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> > >>
> > >> > Adapt digest header files to support both original libs and MbedTLS
> > >> > by switching on/off MBEDTLS_LIB_CRYPTO.
> > >> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> > >> > sha256.o should depend on SHA256 kconfig only but not
> SUPPORT_EMMC_RPMB,
> > >> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> > >> >
> > >> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > >> > including <linux/kconfig.h> causes undefined reference on schedule()
> > >> > with sandbox build, as <linux/kconfig.h> includes
> <generated/autoconf.h>
> > >> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no
> schedule()
> > >> > are defined in sandbox build,
> > >> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> > >> >
> > >> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > >> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > >>
> > >> There's three platforms where we see something like:
> > >> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0
> text +5400.0
> > >> o4-imx6ull-nano: all +5651 data +112 rodata +139 text
> +5400
> > >> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> > >> function old
> new delta
> > >> hash_command 108
> 296 +188
> > >> sha1_finish -
> 156 +156
> > >> static.sha1_update -
> 114 +114
> > >> hash_algo -
> 112 +112
> > >> sha1_padding -
> 64 +64
> > >> hash_lookup_algo -
> 60 +60
> > >> sha1_starts -
> 52 +52
> > >> crc16_ccitt_wd_buf -
> 36 +36
> > >> sha256_csum_wd -
> 34 +34
> > >> sha1_csum_wd -
> 34 +34
> > >> hash_finish_sha256 -
> 34 +34
> > >> hash_finish_sha1 -
> 34 +34
> > >> crc32_wd_buf -
> 34 +34
> > >> hash_finish_crc32 -
> 28 +28
> > >> hash_finish_crc16_ccitt -
> 28 +28
> > >> hash_init_sha256 -
> 22 +22
> > >> hash_init_sha1 -
> 22 +22
> > >> hash_update_crc32 -
> 20 +20
> > >> hash_update_crc16_ccitt -
> 20 +20
> > >> hash_init_crc32 -
> 20 +20
> > >> hash_init_crc16_ccitt -
> 20 +20
> > >> hash_update_sha256 -
> 16 +16
> > >> hash_update_sha1 -
> 16 +16
> > >> sha1_update -
> 8 +8
> > >>
> > >> This is because:
> > >> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > >> > index 982e84dc3bc..5d7fd904950 100644
> > >> > --- a/drivers/mmc/Kconfig
> > >> > +++ b/drivers/mmc/Kconfig
> > >> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> > >> > config SUPPORT_EMMC_RPMB
> > >> > bool "Support eMMC replay protected memory block (RPMB)"
> > >> > imply CMD_MMC_RPMB
> > >> > + select SHA256
> > >> > help
> > >> > Enable support for reading, writing and programming the
> > >> > key for the Replay Protection Memory Block partition in
> eMMC.
> > >>
> > >> Wasn't true / required before now, no hashing algorithms were enabled.
> > >> This was fine because:
> > >> [snip]
> > >> > diff --git a/lib/Makefile b/lib/Makefile
> > >> > index c4950b78a29..33755778283 100644
> > >> > --- a/lib/Makefile
> > >> > +++ b/lib/Makefile
> > >> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> > >> > obj-y += net_utils.o
> > >> > obj-$(CONFIG_PHYSMEM) += physmem.o
> > >> > obj-y += rc4.o
> > >> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> > >> > obj-$(CONFIG_RBTREE) += rbtree.o
> > >> > obj-$(CONFIG_BITREVERSE) += bitrev.o
> > >> > obj-y += list_sort.o
> > >>
> > >> Got us the library access without bringing in everything else. And
> since
> > >> two of the platforms that are hitting this now are "nano" this is an
> > >> important thing to figure out how to continue to support. If there's
> > >> just no way around it, we can likely live with the size increase, but
> > >> I'd like to see this looked in to specifically first, thanks!
> > >>
> > > To address this, I think there are two options.
> > > 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> > > 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> > > 1) looks to be ugly, I prefer 2) if you agree.
> >
> > 2 is not a good idea either. We can't just drop RPMB support when
> > mbedTLS is enabled
>
> To be clear, while I hope we can do something about this growth, I would
> rather live with it (as it's not an unreasonable amount) than do 2, and
> if 1 is too ugly, probably skip that as well. If it's not a matter of
> loosening some select statements, or maybe introducing a library type
> symbol we can see if anyone else more motivated has a better idea as
> it's literally 3 platforms (ev-imx280-nano-x-mb is the other nano, and
> then uniphier_v8 where it's arguably a missing feature anyhow) rather
> than a large number of them. And not even other "mini" or "nano"
> configs.
>
> Yes. I figured out what the problem is.
The "select SHA256" change doesn't matter, but size growth was introduced by
the inline function in sha1_alt.h I added in patch #2 of v8.
I already fixed this in my working branch:
aarch64: (for 1/1 boards) all +8502.0 data +224.0 rodata +218.0 text
+8060.0
uniphier_v8 : all +8502 data +224 rodata +218 text +8060
arm: (for 2/2 boards) all +5649.0 data +112.0 rodata +137.0 text
+5400.0
o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
ev-imx280-nano-x-mb: all +5647 data +112 rodata +135 text +5400
Now there is no "u-boot: add" any more on these three boards.
I will update v9 with this fix, and we don't need either 1) or 2) options
mentioned
in my previous reply.
Regards,
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread* Re: [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS
2024-10-11 18:25 ` Raymond Mao
@ 2024-10-11 21:59 ` Tom Rini
0 siblings, 0 replies; 56+ messages in thread
From: Tom Rini @ 2024-10-11 21:59 UTC (permalink / raw)
To: Raymond Mao
Cc: Ilias Apalodimas, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Kever Yang, Kongyang Liu, Linus Walleij, Jonas Karlman,
Sughosh Ganu
[-- Attachment #1: Type: text/plain, Size: 8844 bytes --]
On Fri, Oct 11, 2024 at 02:25:20PM -0400, Raymond Mao wrote:
> Hi Tom,
>
> On Wed, 9 Oct 2024 at 13:52, Tom Rini <trini@konsulko.com> wrote:
>
> > On Wed, Oct 09, 2024 at 08:32:29PM +0300, Ilias Apalodimas wrote:
> > > On Wed, 9 Oct 2024 at 18:32, Raymond Mao <raymond.mao@linaro.org> wrote:
> > > >
> > > > Hi Tom,
> > > >
> > > > On Wed, 9 Oct 2024 at 10:38, Tom Rini <trini@konsulko.com> wrote:
> > > >>
> > > >> On Thu, Oct 03, 2024 at 02:50:16PM -0700, Raymond Mao wrote:
> > > >>
> > > >> > Adapt digest header files to support both original libs and MbedTLS
> > > >> > by switching on/off MBEDTLS_LIB_CRYPTO.
> > > >> > Introduce <alg>_LEGACY kconfig for legacy hash implementations.
> > > >> > sha256.o should depend on SHA256 kconfig only but not
> > SUPPORT_EMMC_RPMB,
> > > >> > SHA256 should be selected when SUPPORT_EMMC_RPMB is enabled instead.
> > > >> >
> > > >> > `IS_ENABLED` or `CONFIG_IS_ENABLED` is not applicable here, since
> > > >> > including <linux/kconfig.h> causes undefined reference on schedule()
> > > >> > with sandbox build, as <linux/kconfig.h> includes
> > <generated/autoconf.h>
> > > >> > which enables `CONFIG_HW_WATCHDOG` and `CONFIG_WATCHDOG` but no
> > schedule()
> > > >> > are defined in sandbox build,
> > > >> > Thus we use `#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)` instead.
> > > >> >
> > > >> > Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> > > >> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > > >>
> > > >> There's three platforms where we see something like:
> > > >> arm: (for 1/1 boards) all +5651.0 data +112.0 rodata +139.0
> > text +5400.0
> > > >> o4-imx6ull-nano: all +5651 data +112 rodata +139 text
> > +5400
> > > >> u-boot: add: 23/0, grow: 1/0 bytes: 1172/0 (1172)
> > > >> function old
> > new delta
> > > >> hash_command 108
> > 296 +188
> > > >> sha1_finish -
> > 156 +156
> > > >> static.sha1_update -
> > 114 +114
> > > >> hash_algo -
> > 112 +112
> > > >> sha1_padding -
> > 64 +64
> > > >> hash_lookup_algo -
> > 60 +60
> > > >> sha1_starts -
> > 52 +52
> > > >> crc16_ccitt_wd_buf -
> > 36 +36
> > > >> sha256_csum_wd -
> > 34 +34
> > > >> sha1_csum_wd -
> > 34 +34
> > > >> hash_finish_sha256 -
> > 34 +34
> > > >> hash_finish_sha1 -
> > 34 +34
> > > >> crc32_wd_buf -
> > 34 +34
> > > >> hash_finish_crc32 -
> > 28 +28
> > > >> hash_finish_crc16_ccitt -
> > 28 +28
> > > >> hash_init_sha256 -
> > 22 +22
> > > >> hash_init_sha1 -
> > 22 +22
> > > >> hash_update_crc32 -
> > 20 +20
> > > >> hash_update_crc16_ccitt -
> > 20 +20
> > > >> hash_init_crc32 -
> > 20 +20
> > > >> hash_init_crc16_ccitt -
> > 20 +20
> > > >> hash_update_sha256 -
> > 16 +16
> > > >> hash_update_sha1 -
> > 16 +16
> > > >> sha1_update -
> > 8 +8
> > > >>
> > > >> This is because:
> > > >> > diff --git a/drivers/mmc/Kconfig b/drivers/mmc/Kconfig
> > > >> > index 982e84dc3bc..5d7fd904950 100644
> > > >> > --- a/drivers/mmc/Kconfig
> > > >> > +++ b/drivers/mmc/Kconfig
> > > >> > @@ -119,6 +119,7 @@ config MMC_HW_PARTITIONING
> > > >> > config SUPPORT_EMMC_RPMB
> > > >> > bool "Support eMMC replay protected memory block (RPMB)"
> > > >> > imply CMD_MMC_RPMB
> > > >> > + select SHA256
> > > >> > help
> > > >> > Enable support for reading, writing and programming the
> > > >> > key for the Replay Protection Memory Block partition in
> > eMMC.
> > > >>
> > > >> Wasn't true / required before now, no hashing algorithms were enabled.
> > > >> This was fine because:
> > > >> [snip]
> > > >> > diff --git a/lib/Makefile b/lib/Makefile
> > > >> > index c4950b78a29..33755778283 100644
> > > >> > --- a/lib/Makefile
> > > >> > +++ b/lib/Makefile
> > > >> > @@ -50,7 +50,6 @@ obj-$(CONFIG_XXHASH) += xxhash.o
> > > >> > obj-y += net_utils.o
> > > >> > obj-$(CONFIG_PHYSMEM) += physmem.o
> > > >> > obj-y += rc4.o
> > > >> > -obj-$(CONFIG_SUPPORT_EMMC_RPMB) += sha256.o
> > > >> > obj-$(CONFIG_RBTREE) += rbtree.o
> > > >> > obj-$(CONFIG_BITREVERSE) += bitrev.o
> > > >> > obj-y += list_sort.o
> > > >>
> > > >> Got us the library access without bringing in everything else. And
> > since
> > > >> two of the platforms that are hitting this now are "nano" this is an
> > > >> important thing to figure out how to continue to support. If there's
> > > >> just no way around it, we can likely live with the size increase, but
> > > >> I'd like to see this looked in to specifically first, thanks!
> > > >>
> > > > To address this, I think there are two options.
> > > > 1. Introduce SUPPORT_EMMC_RPMB into the MbedTLS sub makefile.
> > > > 2. Make MBEDTLS_LIB_CRYPTO depends on !SUPPORT_EMMC_RPMB.
> > > > 1) looks to be ugly, I prefer 2) if you agree.
> > >
> > > 2 is not a good idea either. We can't just drop RPMB support when
> > > mbedTLS is enabled
> >
> > To be clear, while I hope we can do something about this growth, I would
> > rather live with it (as it's not an unreasonable amount) than do 2, and
> > if 1 is too ugly, probably skip that as well. If it's not a matter of
> > loosening some select statements, or maybe introducing a library type
> > symbol we can see if anyone else more motivated has a better idea as
> > it's literally 3 platforms (ev-imx280-nano-x-mb is the other nano, and
> > then uniphier_v8 where it's arguably a missing feature anyhow) rather
> > than a large number of them. And not even other "mini" or "nano"
> > configs.
> >
> > Yes. I figured out what the problem is.
> The "select SHA256" change doesn't matter, but size growth was introduced by
> the inline function in sha1_alt.h I added in patch #2 of v8.
> I already fixed this in my working branch:
>
> aarch64: (for 1/1 boards) all +8502.0 data +224.0 rodata +218.0 text
> +8060.0
> uniphier_v8 : all +8502 data +224 rodata +218 text +8060
> arm: (for 2/2 boards) all +5649.0 data +112.0 rodata +137.0 text
> +5400.0
> o4-imx6ull-nano: all +5651 data +112 rodata +139 text +5400
> ev-imx280-nano-x-mb: all +5647 data +112 rodata +135 text +5400
>
> Now there is no "u-boot: add" any more on these three boards.
> I will update v9 with this fix, and we don't need either 1) or 2) options
> mentioned
> in my previous reply.
Erm, it looks like you just don't have the flag passed to show the
functions that changed? That's pretty close to the text change I saw.
For reference I do:
-----8>
#!/bin/bash
# Initial and constant buildman args
ARGS="-devl -PEWM"
ALL=0
KEEP=0
# Find our arguments
while test $# -ne 0; do
if [ "$1" == "--all" ]; then
ALL=1
shift 1
elif [ "$1" == "--branch" ]; then
BRANCH=$2
shift 2
elif [ "$1" == "--keep" ]; then
KEEP=1
ARGS="$ARGS -k"
shift 1
elif [ "$1" == "--board" ]; then
MACHINE="--board $2"
OUTDIR=/tmp/$2
shift 2
else
MACHINE=$1
shift 1
fi
done
OUTDIR=${OUTDIR:-/tmp/$MACHINE}
if [ -z "$MACHINE" ]; then
echo Usage: $0 MACHINE [--all] [--keep] [--branch BRANCH]
exit 1
fi
# If not all, then only first/last
if [ $ALL -ne 1 ]; then
ARGS="$ARGS --step 0"
fi
if [ ! -z $BRANCH ]; then
ARGS="$ARGS -b $BRANCH"
else
ARGS="$ARGS -b `git rev-parse --abbrev-ref HEAD`"
fi
mkdir -p ${OUTDIR}
export SOURCE_DATE_EPOCH=`date +%s`
./tools/buildman/buildman -o ${OUTDIR} $ARGS -SBC $MACHINE
./tools/buildman/buildman -o ${OUTDIR} $ARGS -SsB $MACHINE
[ $KEEP -eq 0 ] && rm -rf ${OUTDIR}
<----8
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 04/27] md5: Remove md5 non-watchdog API
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (2 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 03/27] lib: Adapt digest header files to MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 05/27] sha1: Remove sha1 " Raymond Mao
` (24 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Michal Simek,
Tom Rini, Stefan Bosch, Mario Six, Andy Shevchenko,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Leo Yu-Chi Liang, Sean Anderson,
Sumit Garg, Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Kongyang Liu, Oleksandr Suvorov, Jonas Karlman, Linus Walleij,
Greg Malysa, Sughosh Ganu, Eddie James
We don't need an API specially for non-watchdog since md5_wd supports
it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
Set 0x10000 as default chunk size for MD5.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Michal Simek <michal.simek@amd.com>
---
Changes in v3
- Initial patch.
Changes in v4
- Update commit message.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
board/friendlyarm/nanopi2/board.c | 3 ++-
board/intel/edison/edison.c | 3 ++-
board/xilinx/zynq/bootimg.c | 2 +-
include/u-boot/md5.h | 7 +------
lib/md5.c | 14 --------------
5 files changed, 6 insertions(+), 23 deletions(-)
diff --git a/board/friendlyarm/nanopi2/board.c b/board/friendlyarm/nanopi2/board.c
index b32dfc6b570..4dff32e10d6 100644
--- a/board/friendlyarm/nanopi2/board.c
+++ b/board/friendlyarm/nanopi2/board.c
@@ -264,7 +264,8 @@ static void make_ether_addr(u8 *addr)
hash[6] = readl(PHY_BASEADDR_ECID + 0x08);
hash[7] = readl(PHY_BASEADDR_ECID + 0x0c);
- md5((unsigned char *)&hash[4], 64, (unsigned char *)hash);
+ md5_wd((unsigned char *)&hash[4], 64, (unsigned char *)hash,
+ MD5_DEF_CHUNK_SZ);
hash[0] ^= hash[2];
hash[1] ^= hash[3];
diff --git a/board/intel/edison/edison.c b/board/intel/edison/edison.c
index 911ffda2fc7..27fda3fc1d2 100644
--- a/board/intel/edison/edison.c
+++ b/board/intel/edison/edison.c
@@ -32,7 +32,8 @@ static void assign_serial(void)
if (!mmc)
return;
- md5((unsigned char *)mmc->cid, sizeof(mmc->cid), ssn);
+ md5_wd((unsigned char *)mmc->cid, sizeof(mmc->cid), ssn,
+ MD5_DEF_CHUNK_SZ);
snprintf(usb0addr, sizeof(usb0addr), "02:00:86:%02x:%02x:%02x",
ssn[13], ssn[14], ssn[15]);
diff --git a/board/xilinx/zynq/bootimg.c b/board/xilinx/zynq/bootimg.c
index 79bec3a4cfb..9eb0735f55d 100644
--- a/board/xilinx/zynq/bootimg.c
+++ b/board/xilinx/zynq/bootimg.c
@@ -135,7 +135,7 @@ int zynq_validate_partition(u32 start_addr, u32 len, u32 chksum_off)
memcpy(&checksum[0], (u32 *)chksum_off, MD5_CHECKSUM_SIZE);
- md5_wd((u8 *)start_addr, len, &calchecksum[0], 0x10000);
+ md5_wd((u8 *)start_addr, len, &calchecksum[0], MD5_DEF_CHUNK_SZ);
if (!memcmp(checksum, calchecksum, MD5_CHECKSUM_SIZE))
return 0;
diff --git a/include/u-boot/md5.h b/include/u-boot/md5.h
index 69898fcbe49..c98b1a58088 100644
--- a/include/u-boot/md5.h
+++ b/include/u-boot/md5.h
@@ -12,6 +12,7 @@
#include "compiler.h"
#define MD5_SUM_LEN 16
+#define MD5_DEF_CHUNK_SZ 0x10000
#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
typedef mbedtls_md5_context MD5Context;
@@ -30,12 +31,6 @@ void MD5Init(MD5Context *ctx);
void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len);
void MD5Final(unsigned char digest[16], MD5Context *ctx);
-/*
- * Calculate and store in 'output' the MD5 digest of 'len' bytes at
- * 'input'. 'output' must have enough space to hold 16 bytes.
- */
-void md5 (unsigned char *input, int len, unsigned char output[16]);
-
/*
* Calculate and store in 'output' the MD5 digest of 'len' bytes at 'input'.
* 'output' must have enough space to hold 16 bytes. If 'chunk' Trigger the
diff --git a/lib/md5.c b/lib/md5.c
index 584463d55ca..2d8977b2e85 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -262,20 +262,6 @@ MD5Transform(__u32 buf[4], __u32 const in[16])
buf[3] += d;
}
-/*
- * Calculate and store in 'output' the MD5 digest of 'len' bytes at
- * 'input'. 'output' must have enough space to hold 16 bytes.
- */
-void
-md5 (unsigned char *input, int len, unsigned char output[16])
-{
- MD5Context context;
-
- MD5Init(&context);
- MD5Update(&context, input, len);
- MD5Final(output, &context);
-}
-
/*
* Calculate and store in 'output' the MD5 digest of 'len' bytes at 'input'.
* 'output' must have enough space to hold 16 bytes. If 'chunk' Trigger the
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 05/27] sha1: Remove sha1 non-watchdog API
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (3 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 04/27] md5: Remove md5 non-watchdog API Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-04 7:50 ` Rasmus Villemoes
2024-10-03 21:50 ` [PATCH v8 06/27] mbedtls: add digest shim layer for MbedTLS Raymond Mao
` (23 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang,
Sumit Garg, Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Paul Barker, Marek Vasut,
Oleksandr Suvorov, Greg Malysa, Kongyang Liu, Jonas Karlman,
Sughosh Ganu, Anand Moon
We don't need an API specially for non-watchdog since sha1_csum_wd
supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
Set 0x10000 as default chunk size for SHA1.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v4
- Initial patch.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
board/gdsys/a38x/hre.c | 2 +-
include/u-boot/sha1.h | 12 ++----------
lib/sha1.c | 13 -------------
lib/tpm-v1.c | 2 +-
4 files changed, 4 insertions(+), 25 deletions(-)
diff --git a/board/gdsys/a38x/hre.c b/board/gdsys/a38x/hre.c
index f303793b63b..06856ea36d3 100644
--- a/board/gdsys/a38x/hre.c
+++ b/board/gdsys/a38x/hre.c
@@ -166,7 +166,7 @@ static int find_key(struct udevice *tpm, const uint8_t auth[20],
return -1;
if (err)
continue;
- sha1_csum(buf, buf_len, digest);
+ sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ);
if (!memcmp(digest, pubkey_digest, 20)) {
*handle = key_handles[i];
return 0;
diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
index ab88134fb98..36c3db15e22 100644
--- a/include/u-boot/sha1.h
+++ b/include/u-boot/sha1.h
@@ -39,6 +39,8 @@ extern "C" {
#define SHA1_SUM_LEN 20
#define SHA1_DER_LEN 15
+#define SHA1_DEF_CHUNK_SZ 0x10000
+
extern const uint8_t sha1_der_prefix[];
#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
@@ -81,16 +83,6 @@ void sha1_update(sha1_context *ctx, const unsigned char *input,
*/
void sha1_finish( sha1_context *ctx, unsigned char output[20] );
-/**
- * \brief Output = SHA-1( input buffer )
- *
- * \param input buffer holding the data
- * \param ilen length of the input data
- * \param output SHA-1 checksum result
- */
-void sha1_csum(const unsigned char *input, unsigned int ilen,
- unsigned char *output);
-
/**
* \brief Output = SHA-1( input buffer ), with watchdog triggering
*
diff --git a/lib/sha1.c b/lib/sha1.c
index 7ef536f4b5d..81412283b49 100644
--- a/lib/sha1.c
+++ b/lib/sha1.c
@@ -304,19 +304,6 @@ void sha1_finish (sha1_context * ctx, unsigned char output[20])
PUT_UINT32_BE (ctx->state[4], output, 16);
}
-/*
- * Output = SHA-1( input buffer )
- */
-void sha1_csum(const unsigned char *input, unsigned int ilen,
- unsigned char *output)
-{
- sha1_context ctx;
-
- sha1_starts (&ctx);
- sha1_update (&ctx, input, ilen);
- sha1_finish (&ctx, output);
-}
-
/*
* Output = SHA-1( input buffer ). Trigger the watchdog every 'chunk_sz'
* bytes of input processed.
diff --git a/lib/tpm-v1.c b/lib/tpm-v1.c
index e66023da5e6..a6727c575fd 100644
--- a/lib/tpm-v1.c
+++ b/lib/tpm-v1.c
@@ -871,7 +871,7 @@ u32 tpm1_find_key_sha1(struct udevice *dev, const u8 auth[20],
return -1;
if (err)
continue;
- sha1_csum(buf, buf_len, digest);
+ sha1_csum_wd(buf, buf_len, digest, SHA1_DEF_CHUNK_SZ);
if (!memcmp(digest, pubkey_digest, 20)) {
*handle = key_handles[i];
return 0;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 05/27] sha1: Remove sha1 non-watchdog API
2024-10-03 21:50 ` [PATCH v8 05/27] sha1: Remove sha1 " Raymond Mao
@ 2024-10-04 7:50 ` Rasmus Villemoes
2024-10-04 15:24 ` Raymond Mao
0 siblings, 1 reply; 56+ messages in thread
From: Rasmus Villemoes @ 2024-10-04 7:50 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Ilias Apalodimas, Tom Rini, Stefan Bosch,
Mario Six, Andy Shevchenko, Michal Simek, Tuomas Tynkkynen,
Simon Glass, Peng Fan, Jaehoon Chung, Jiaxun Yang,
Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang, Sumit Garg,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Paul Barker, Marek Vasut, Oleksandr Suvorov,
Greg Malysa, Kongyang Liu, Jonas Karlman, Sughosh Ganu,
Anand Moon
Raymond Mao <raymond.mao@linaro.org> writes:
> We don't need an API specially for non-watchdog since sha1_csum_wd
> supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
> Set 0x10000 as default chunk size for SHA1.
>
I have to say I believe this is a step in the wrong direction. Having
everybody call a function with that _wd suffix is ugly, as is having
them all pass some pre-defined constant. Moreover, nowadays what happens
every chunksize bytes isn't restricted to watchdog handling.
So yes, we don't need an API specially for non-watchdog, but why not
just make sha1_csum() be the interface to call, and let the "maybe we
need to call schedule() once in a while" be an implementation detail of
sha1_csum().
The same as with our zlib implementaion; we don't have a separate _wd
set of routines, we've just hooked schedule() into the main loop of that
inflate algorithm.
Also, I think the IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)
guards are wrong and shouldn't be copy-pasted to new code. Preferably,
the code shouldn't even have any ifdefs, but just always be built as a
loop with the (possibly no-op) schedule() every xxx bytes.
I just sent a series which is the beginning of cleaning up the
CONFIG_HW_WATCHDOG/CONFIG_WATCHDOG/CONFIG_CYCLIC/when is schedule
defined and when should it be called.
Rasmus
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 05/27] sha1: Remove sha1 non-watchdog API
2024-10-04 7:50 ` Rasmus Villemoes
@ 2024-10-04 15:24 ` Raymond Mao
2024-10-09 2:09 ` Tom Rini
0 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-04 15:24 UTC (permalink / raw)
To: Rasmus Villemoes
Cc: u-boot, manish.pandey2, Ilias Apalodimas, Tom Rini, Stefan Bosch,
Mario Six, Andy Shevchenko, Michal Simek, Tuomas Tynkkynen,
Simon Glass, Peng Fan, Jaehoon Chung, Jiaxun Yang,
Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang, Sumit Garg,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Paul Barker, Marek Vasut, Oleksandr Suvorov,
Greg Malysa, Kongyang Liu, Jonas Karlman, Sughosh Ganu,
Anand Moon
Hi Rasmus,
On Fri, 4 Oct 2024 at 03:50, Rasmus Villemoes <rasmus.villemoes@prevas.dk>
wrote:
> Raymond Mao <raymond.mao@linaro.org> writes:
>
> > We don't need an API specially for non-watchdog since sha1_csum_wd
> > supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
> > Set 0x10000 as default chunk size for SHA1.
> >
>
> I have to say I believe this is a step in the wrong direction. Having
> everybody call a function with that _wd suffix is ugly, as is having
> them all pass some pre-defined constant. Moreover, nowadays what happens
> every chunksize bytes isn't restricted to watchdog handling.
>
> So yes, we don't need an API specially for non-watchdog, but why not
> just make sha1_csum() be the interface to call, and let the "maybe we
> need to call schedule() once in a while" be an implementation detail of
> sha1_csum().
>
> The same as with our zlib implementaion; we don't have a separate _wd
> set of routines, we've just hooked schedule() into the main loop of that
> inflate algorithm.
>
> The reason I keep the ` _csum_wd()` one is to align to other hash APIs
currently we have.
For MD5, SHA256, SHA512, we only have `_csum_wd()` but no `_csum()` - SHA1
is a
special one due to the historical problem I guess.
The minimum refactoring I did here is to unify the interface and make it
adaptable to the
MbedTLS library I introduced with this series.
Yes, I agree some optimizations or refactoring are needed for the hash APIs,
but I will prefer to do this in a new series other than increasing the
scope of this patch set.
[snip]
Regards,
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 05/27] sha1: Remove sha1 non-watchdog API
2024-10-04 15:24 ` Raymond Mao
@ 2024-10-09 2:09 ` Tom Rini
0 siblings, 0 replies; 56+ messages in thread
From: Tom Rini @ 2024-10-09 2:09 UTC (permalink / raw)
To: Raymond Mao
Cc: Rasmus Villemoes, u-boot, manish.pandey2, Ilias Apalodimas,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang,
Sumit Garg, Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Paul Barker, Marek Vasut, Oleksandr Suvorov,
Greg Malysa, Kongyang Liu, Jonas Karlman, Sughosh Ganu,
Anand Moon
[-- Attachment #1: Type: text/plain, Size: 1844 bytes --]
On Fri, Oct 04, 2024 at 11:24:28AM -0400, Raymond Mao wrote:
> Hi Rasmus,
>
> On Fri, 4 Oct 2024 at 03:50, Rasmus Villemoes <rasmus.villemoes@prevas.dk>
> wrote:
>
> > Raymond Mao <raymond.mao@linaro.org> writes:
> >
> > > We don't need an API specially for non-watchdog since sha1_csum_wd
> > > supports it by disabling CONFIG_HW_WATCHDOG and CONFIG_WATCHDOG.
> > > Set 0x10000 as default chunk size for SHA1.
> > >
> >
> > I have to say I believe this is a step in the wrong direction. Having
> > everybody call a function with that _wd suffix is ugly, as is having
> > them all pass some pre-defined constant. Moreover, nowadays what happens
> > every chunksize bytes isn't restricted to watchdog handling.
> >
> > So yes, we don't need an API specially for non-watchdog, but why not
> > just make sha1_csum() be the interface to call, and let the "maybe we
> > need to call schedule() once in a while" be an implementation detail of
> > sha1_csum().
> >
> > The same as with our zlib implementaion; we don't have a separate _wd
> > set of routines, we've just hooked schedule() into the main loop of that
> > inflate algorithm.
> >
> The reason I keep the ` _csum_wd()` one is to align to other hash APIs
> currently we have.
> For MD5, SHA256, SHA512, we only have `_csum_wd()` but no `_csum()` - SHA1
> is a
> special one due to the historical problem I guess.
> The minimum refactoring I did here is to unify the interface and make it
> adaptable to the
> MbedTLS library I introduced with this series.
> Yes, I agree some optimizations or refactoring are needed for the hash APIs,
> but I will prefer to do this in a new series other than increasing the
> scope of this patch set.
I agree this should be the target of near-future follow-up work rather
than gating for the series.
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 06/27] mbedtls: add digest shim layer for MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (4 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 05/27] sha1: Remove sha1 " Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:15 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 07/27] mbedtls: Enable smaller implementation for SHA256/512 Raymond Mao
` (22 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Ilias Apalodimas,
Heinrich Schuchardt, Sumit Garg, Sean Anderson, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Marek Vasut, Paul Barker, Kongyang Liu,
Jonas Karlman, Greg Malysa, Sughosh Ganu, Vincent Stehlé,
Anand Moon
Implement digest shim layer on top of MbedTLS crypto library.
Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Split the shim layer into separated files and use the original head
files instead of creating new ones.
Changes in v3
- Refactored sha1_hmac and removed non-watchdog md5 function.
Changes in v4
- Refactored hash _wd functions.
- Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations.
Changes in v5
- Correct kconfig dependence.
- Refactored MbedTLS makefile.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
include/u-boot/sha1.h | 4 ++
lib/mbedtls/Kconfig | 90 +++++++++++++++++++++++++++++++++++++++
lib/mbedtls/Makefile | 14 ++++--
lib/mbedtls/md5.c | 57 +++++++++++++++++++++++++
lib/mbedtls/sha1.c | 99 +++++++++++++++++++++++++++++++++++++++++++
lib/mbedtls/sha256.c | 62 +++++++++++++++++++++++++++
lib/mbedtls/sha512.c | 93 ++++++++++++++++++++++++++++++++++++++++
7 files changed, 415 insertions(+), 4 deletions(-)
create mode 100644 lib/mbedtls/md5.c
create mode 100644 lib/mbedtls/sha1.c
create mode 100644 lib/mbedtls/sha256.c
create mode 100644 lib/mbedtls/sha512.c
diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
index 36c3db15e22..2fca7f1be16 100644
--- a/include/u-boot/sha1.h
+++ b/include/u-boot/sha1.h
@@ -41,6 +41,10 @@ extern "C" {
#define SHA1_DEF_CHUNK_SZ 0x10000
+#define K_IPAD_VAL 0x36
+#define K_OPAD_VAL 0x5C
+#define K_PAD_LEN 64
+
extern const uint8_t sha1_der_prefix[];
#if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index 8a7b3a30c04..262abb2cec7 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -134,10 +134,100 @@ config MBEDTLS_LIB_CRYPTO_ALT
config MBEDTLS_LIB_CRYPTO
bool "MbedTLS crypto libraries"
+ select MD5_MBEDTLS if MD5
+ select SHA1_MBEDTLS if SHA1
+ select SHA256_MBEDTLS if SHA256
+ select SHA512_MBEDTLS if SHA512
+ select SHA384_MBEDTLS if SHA384
+ select SPL_MD5_MBEDTLS if SPL_MD5
+ select SPL_SHA1_MBEDTLS if SPL_SHA1
+ select SPL_SHA256_MBEDTLS if SPL_SHA256
+ select SPL_SHA512_MBEDTLS if SPL_SHA512
+ select SPL_SHA384_MBEDTLS if SPL_SHA384
help
Enable MbedTLS crypto libraries.
Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT.
+if MBEDTLS_LIB_CRYPTO
+
+config SHA1_MBEDTLS
+ bool "Enable SHA1 support with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SHA1
+ help
+ This option enables support of hashing using SHA1 algorithm
+ with MbedTLS crypto library.
+
+config SHA256_MBEDTLS
+ bool "Enable SHA256 support with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SHA256
+ help
+ This option enables support of hashing using SHA256 algorithm
+ with MbedTLS crypto library.
+
+config SHA512_MBEDTLS
+ bool "Enable SHA512 support with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SHA512
+ default y if TI_SECURE_DEVICE && FIT_SIGNATURE
+ help
+ This option enables support of hashing using SHA512 algorithm
+ with MbedTLS crypto library.
+
+config SHA384_MBEDTLS
+ bool "Enable SHA384 support with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SHA384
+ select SHA512_MBEDTLS
+ help
+ This option enables support of hashing using SHA384 algorithm
+ with MbedTLS crypto library.
+
+config MD5_MBEDTLS
+ bool "Enable MD5 support with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && MD5
+ help
+ This option enables support of hashing using MD5 algorithm
+ with MbedTLS crypto library.
+
+if SPL
+
+config SPL_SHA1_MBEDTLS
+ bool "Enable SHA1 support in SPL with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1
+ help
+ This option enables support of hashing using SHA1 algorithm
+ with MbedTLS crypto library.
+
+config SPL_SHA256_MBEDTLS
+ bool "Enable SHA256 support in SPL with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256
+ help
+ This option enables support of hashing using SHA256 algorithm
+ with MbedTLS crypto library.
+
+config SPL_SHA512_MBEDTLS
+ bool "Enable SHA512 support in SPL with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512
+ help
+ This option enables support of hashing using SHA512 algorithm
+ with MbedTLS crypto library.
+
+config SPL_SHA384_MBEDTLS
+ bool "Enable SHA384 support in SPL with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384
+ select SPL_SHA512
+ help
+ This option enables support of hashing using SHA384 algorithm
+ with MbedTLS crypto library.
+
+config SPL_MD5_MBEDTLS
+ bool "Enable MD5 support in SPL with MbedTLS crypto library"
+ depends on MBEDTLS_LIB_CRYPTO && SPL_MD5
+ help
+ This option enables support of hashing using MD5 algorithm
+ with MbedTLS crypto library.
+
+endif # SPL
+
+endif # MBEDTLS_LIB_CRYPTO
config MBEDTLS_LIB_X509
bool "MbedTLS certificate libraries"
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 0b6d6ca808f..eeb28ec1557 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -5,17 +5,23 @@
MBEDTLS_LIB_DIR = external/mbedtls/library
+# shim layer for hash
+obj-$(CONFIG_$(SPL_)MD5_MBEDTLS) += md5.o
+obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o
+obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o
+obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o
+
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
mbedtls_lib_crypto-y := \
$(MBEDTLS_LIB_DIR)/platform_util.o \
$(MBEDTLS_LIB_DIR)/constant_time.o \
$(MBEDTLS_LIB_DIR)/md.o
-mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o
-mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o
-mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5_MBEDTLS) += $(MBEDTLS_LIB_DIR)/md5.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += $(MBEDTLS_LIB_DIR)/sha1.o
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/sha256.o
-mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \
+mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/sha512.o
# MbedTLS X509 library
diff --git a/lib/mbedtls/md5.c b/lib/mbedtls/md5.c
new file mode 100644
index 00000000000..04388fce249
--- /dev/null
+++ b/lib/mbedtls/md5.c
@@ -0,0 +1,57 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Hash shim layer on MbedTLS Crypto library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#include "compiler.h"
+
+#ifndef USE_HOSTCC
+#include <watchdog.h>
+#endif /* USE_HOSTCC */
+#include <u-boot/md5.h>
+
+void MD5Init(MD5Context *ctx)
+{
+ mbedtls_md5_init(ctx);
+ mbedtls_md5_starts(ctx);
+}
+
+void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len)
+{
+ mbedtls_md5_update(ctx, buf, len);
+}
+
+void MD5Final(unsigned char digest[16], MD5Context *ctx)
+{
+ mbedtls_md5_finish(ctx, digest);
+ mbedtls_md5_free(ctx);
+}
+
+void md5_wd(const unsigned char *input, unsigned int len,
+ unsigned char output[16], unsigned int chunk_sz)
+{
+ MD5Context context;
+
+ MD5Init(&context);
+
+ if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
+ const unsigned char *curr = input;
+ const unsigned char *end = input + len;
+ int chunk;
+
+ while (curr < end) {
+ chunk = end - curr;
+ if (chunk > chunk_sz)
+ chunk = chunk_sz;
+ MD5Update(&context, curr, chunk);
+ curr += chunk;
+ schedule();
+ }
+ } else {
+ MD5Update(&context, input, len);
+ }
+
+ MD5Final(output, &context);
+}
diff --git a/lib/mbedtls/sha1.c b/lib/mbedtls/sha1.c
new file mode 100644
index 00000000000..2aee5037795
--- /dev/null
+++ b/lib/mbedtls/sha1.c
@@ -0,0 +1,99 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Hash shim layer on MbedTLS Crypto library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef USE_HOSTCC
+#include <cyclic.h>
+#endif /* USE_HOSTCC */
+#include <string.h>
+#include <u-boot/sha1.h>
+
+const u8 sha1_der_prefix[SHA1_DER_LEN] = {
+ 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,
+ 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14
+};
+
+void sha1_starts(sha1_context *ctx)
+{
+ mbedtls_sha1_init(ctx);
+ mbedtls_sha1_starts(ctx);
+}
+
+void sha1_update(sha1_context *ctx, const unsigned char *input,
+ unsigned int length)
+{
+ mbedtls_sha1_update(ctx, input, length);
+}
+
+void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN])
+{
+ mbedtls_sha1_finish(ctx, output);
+ mbedtls_sha1_free(ctx);
+}
+
+void sha1_csum_wd(const unsigned char *input, unsigned int ilen,
+ unsigned char *output, unsigned int chunk_sz)
+{
+ sha1_context ctx;
+
+ sha1_starts(&ctx);
+
+ if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
+ const unsigned char *curr = input;
+ const unsigned char *end = input + ilen;
+ int chunk;
+
+ while (curr < end) {
+ chunk = end - curr;
+ if (chunk > chunk_sz)
+ chunk = chunk_sz;
+ sha1_update(&ctx, curr, chunk);
+ curr += chunk;
+ schedule();
+ }
+ } else {
+ sha1_update(&ctx, input, ilen);
+ }
+
+ sha1_finish(&ctx, output);
+}
+
+void sha1_hmac(const unsigned char *key, int keylen,
+ const unsigned char *input, unsigned int ilen,
+ unsigned char *output)
+{
+ int i;
+ sha1_context ctx;
+ unsigned char k_ipad[K_PAD_LEN];
+ unsigned char k_opad[K_PAD_LEN];
+ unsigned char tmpbuf[20];
+
+ if (keylen > K_PAD_LEN)
+ return;
+
+ memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad));
+ memset(k_opad, K_OPAD_VAL, sizeof(k_opad));
+
+ for (i = 0; i < keylen; i++) {
+ k_ipad[i] ^= key[i];
+ k_opad[i] ^= key[i];
+ }
+
+ sha1_starts(&ctx);
+ sha1_update(&ctx, k_ipad, sizeof(k_ipad));
+ sha1_update(&ctx, input, ilen);
+ sha1_finish(&ctx, tmpbuf);
+
+ sha1_starts(&ctx);
+ sha1_update(&ctx, k_opad, sizeof(k_opad));
+ sha1_update(&ctx, tmpbuf, sizeof(tmpbuf));
+ sha1_finish(&ctx, output);
+
+ memset(k_ipad, 0, sizeof(k_ipad));
+ memset(k_opad, 0, sizeof(k_opad));
+ memset(tmpbuf, 0, sizeof(tmpbuf));
+ memset(&ctx, 0, sizeof(sha1_context));
+}
diff --git a/lib/mbedtls/sha256.c b/lib/mbedtls/sha256.c
new file mode 100644
index 00000000000..24aa58fa674
--- /dev/null
+++ b/lib/mbedtls/sha256.c
@@ -0,0 +1,62 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Hash shim layer on MbedTLS Crypto library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef USE_HOSTCC
+#include <cyclic.h>
+#endif /* USE_HOSTCC */
+#include <u-boot/sha256.h>
+
+const u8 sha256_der_prefix[SHA256_DER_LEN] = {
+ 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
+ 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
+ 0x00, 0x04, 0x20
+};
+
+void sha256_starts(sha256_context *ctx)
+{
+ mbedtls_sha256_init(ctx);
+ mbedtls_sha256_starts(ctx, 0);
+}
+
+void
+sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length)
+{
+ mbedtls_sha256_update(ctx, input, length);
+}
+
+void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN])
+{
+ mbedtls_sha256_finish(ctx, digest);
+ mbedtls_sha256_free(ctx);
+}
+
+void sha256_csum_wd(const unsigned char *input, unsigned int ilen,
+ unsigned char *output, unsigned int chunk_sz)
+{
+ sha256_context ctx;
+
+ sha256_starts(&ctx);
+
+ if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
+ const unsigned char *curr = input;
+ const unsigned char *end = input + ilen;
+ int chunk;
+
+ while (curr < end) {
+ chunk = end - curr;
+ if (chunk > chunk_sz)
+ chunk = chunk_sz;
+ sha256_update(&ctx, curr, chunk);
+ curr += chunk;
+ schedule();
+ }
+ } else {
+ sha256_update(&ctx, input, ilen);
+ }
+
+ sha256_finish(&ctx, output);
+}
diff --git a/lib/mbedtls/sha512.c b/lib/mbedtls/sha512.c
new file mode 100644
index 00000000000..5615248cb91
--- /dev/null
+++ b/lib/mbedtls/sha512.c
@@ -0,0 +1,93 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Hash shim layer on MbedTLS Crypto library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+#ifndef USE_HOSTCC
+#include <cyclic.h>
+#endif /* USE_HOSTCC */
+#include <compiler.h>
+#include <u-boot/sha512.h>
+
+const u8 sha384_der_prefix[SHA384_DER_LEN] = {
+ 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
+ 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05,
+ 0x00, 0x04, 0x30
+};
+
+const u8 sha512_der_prefix[SHA512_DER_LEN] = {
+ 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
+ 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05,
+ 0x00, 0x04, 0x40
+};
+
+void sha384_starts(sha512_context *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ mbedtls_sha512_starts(ctx, 1);
+}
+
+void
+sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length)
+{
+ mbedtls_sha512_update(ctx, input, length);
+}
+
+void sha384_finish(sha512_context *ctx, uint8_t digest[SHA384_SUM_LEN])
+{
+ mbedtls_sha512_finish(ctx, digest);
+ mbedtls_sha512_free(ctx);
+}
+
+void sha384_csum_wd(const unsigned char *input, unsigned int length,
+ unsigned char *output, unsigned int chunk_sz)
+{
+ mbedtls_sha512(input, length, output, 1);
+}
+
+void sha512_starts(sha512_context *ctx)
+{
+ mbedtls_sha512_init(ctx);
+ mbedtls_sha512_starts(ctx, 0);
+}
+
+void
+sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length)
+{
+ mbedtls_sha512_update(ctx, input, length);
+}
+
+void sha512_finish(sha512_context *ctx, uint8_t digest[SHA512_SUM_LEN])
+{
+ mbedtls_sha512_finish(ctx, digest);
+ mbedtls_sha512_free(ctx);
+}
+
+void sha512_csum_wd(const unsigned char *input, unsigned int ilen,
+ unsigned char *output, unsigned int chunk_sz)
+{
+ sha512_context ctx;
+
+ sha512_starts(&ctx);
+
+ if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
+ const unsigned char *curr = input;
+ const unsigned char *end = input + ilen;
+ int chunk;
+
+ while (curr < end) {
+ chunk = end - curr;
+ if (chunk > chunk_sz)
+ chunk = chunk_sz;
+ sha512_update(&ctx, curr, chunk);
+ curr += chunk;
+ schedule();
+ }
+ } else {
+ sha512_update(&ctx, input, ilen);
+ }
+
+ sha512_finish(&ctx, output);
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 06/27] mbedtls: add digest shim layer for MbedTLS
2024-10-03 21:50 ` [PATCH v8 06/27] mbedtls: add digest shim layer for MbedTLS Raymond Mao
@ 2024-10-09 9:15 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:15 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sumit Garg, Sean Anderson, Andrew Davis, Rasmus Villemoes,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Jonathan Humphreys, Mattijs Korpershoek,
Marek Vasut, Paul Barker, Kongyang Liu, Jonas Karlman,
Greg Malysa, Sughosh Ganu, Vincent Stehlé, Anand Moon
On Fri, 4 Oct 2024 at 00:54, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Implement digest shim layer on top of MbedTLS crypto library.
> Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Split the shim layer into separated files and use the original head
> files instead of creating new ones.
> Changes in v3
> - Refactored sha1_hmac and removed non-watchdog md5 function.
> Changes in v4
> - Refactored hash _wd functions.
> - Introduce <alg>_MBEDTLS kconfig for MbedTLS crypto implementations.
> Changes in v5
> - Correct kconfig dependence.
> - Refactored MbedTLS makefile.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> include/u-boot/sha1.h | 4 ++
> lib/mbedtls/Kconfig | 90 +++++++++++++++++++++++++++++++++++++++
> lib/mbedtls/Makefile | 14 ++++--
> lib/mbedtls/md5.c | 57 +++++++++++++++++++++++++
> lib/mbedtls/sha1.c | 99 +++++++++++++++++++++++++++++++++++++++++++
> lib/mbedtls/sha256.c | 62 +++++++++++++++++++++++++++
> lib/mbedtls/sha512.c | 93 ++++++++++++++++++++++++++++++++++++++++
> 7 files changed, 415 insertions(+), 4 deletions(-)
> create mode 100644 lib/mbedtls/md5.c
> create mode 100644 lib/mbedtls/sha1.c
> create mode 100644 lib/mbedtls/sha256.c
> create mode 100644 lib/mbedtls/sha512.c
>
> diff --git a/include/u-boot/sha1.h b/include/u-boot/sha1.h
> index 36c3db15e22..2fca7f1be16 100644
> --- a/include/u-boot/sha1.h
> +++ b/include/u-boot/sha1.h
> @@ -41,6 +41,10 @@ extern "C" {
>
> #define SHA1_DEF_CHUNK_SZ 0x10000
>
> +#define K_IPAD_VAL 0x36
> +#define K_OPAD_VAL 0x5C
> +#define K_PAD_LEN 64
> +
> extern const uint8_t sha1_der_prefix[];
>
> #if defined(CONFIG_MBEDTLS_LIB_CRYPTO)
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index 8a7b3a30c04..262abb2cec7 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -134,10 +134,100 @@ config MBEDTLS_LIB_CRYPTO_ALT
>
> config MBEDTLS_LIB_CRYPTO
> bool "MbedTLS crypto libraries"
> + select MD5_MBEDTLS if MD5
> + select SHA1_MBEDTLS if SHA1
> + select SHA256_MBEDTLS if SHA256
> + select SHA512_MBEDTLS if SHA512
> + select SHA384_MBEDTLS if SHA384
> + select SPL_MD5_MBEDTLS if SPL_MD5
> + select SPL_SHA1_MBEDTLS if SPL_SHA1
> + select SPL_SHA256_MBEDTLS if SPL_SHA256
> + select SPL_SHA512_MBEDTLS if SPL_SHA512
> + select SPL_SHA384_MBEDTLS if SPL_SHA384
> help
> Enable MbedTLS crypto libraries.
> Mutually incompatible with MBEDTLS_LIB_CRYPTO_ALT.
>
> +if MBEDTLS_LIB_CRYPTO
> +
> +config SHA1_MBEDTLS
> + bool "Enable SHA1 support with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SHA1
> + help
> + This option enables support of hashing using SHA1 algorithm
> + with MbedTLS crypto library.
> +
> +config SHA256_MBEDTLS
> + bool "Enable SHA256 support with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SHA256
> + help
> + This option enables support of hashing using SHA256 algorithm
> + with MbedTLS crypto library.
> +
> +config SHA512_MBEDTLS
> + bool "Enable SHA512 support with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SHA512
> + default y if TI_SECURE_DEVICE && FIT_SIGNATURE
> + help
> + This option enables support of hashing using SHA512 algorithm
> + with MbedTLS crypto library.
> +
> +config SHA384_MBEDTLS
> + bool "Enable SHA384 support with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SHA384
> + select SHA512_MBEDTLS
> + help
> + This option enables support of hashing using SHA384 algorithm
> + with MbedTLS crypto library.
> +
> +config MD5_MBEDTLS
> + bool "Enable MD5 support with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && MD5
> + help
> + This option enables support of hashing using MD5 algorithm
> + with MbedTLS crypto library.
> +
> +if SPL
> +
> +config SPL_SHA1_MBEDTLS
> + bool "Enable SHA1 support in SPL with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA1
> + help
> + This option enables support of hashing using SHA1 algorithm
> + with MbedTLS crypto library.
> +
> +config SPL_SHA256_MBEDTLS
> + bool "Enable SHA256 support in SPL with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA256
> + help
> + This option enables support of hashing using SHA256 algorithm
> + with MbedTLS crypto library.
> +
> +config SPL_SHA512_MBEDTLS
> + bool "Enable SHA512 support in SPL with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA512
> + help
> + This option enables support of hashing using SHA512 algorithm
> + with MbedTLS crypto library.
> +
> +config SPL_SHA384_MBEDTLS
> + bool "Enable SHA384 support in SPL with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SPL_SHA384
> + select SPL_SHA512
> + help
> + This option enables support of hashing using SHA384 algorithm
> + with MbedTLS crypto library.
> +
> +config SPL_MD5_MBEDTLS
> + bool "Enable MD5 support in SPL with MbedTLS crypto library"
> + depends on MBEDTLS_LIB_CRYPTO && SPL_MD5
> + help
> + This option enables support of hashing using MD5 algorithm
> + with MbedTLS crypto library.
> +
> +endif # SPL
> +
> +endif # MBEDTLS_LIB_CRYPTO
>
> config MBEDTLS_LIB_X509
> bool "MbedTLS certificate libraries"
> diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
> index 0b6d6ca808f..eeb28ec1557 100644
> --- a/lib/mbedtls/Makefile
> +++ b/lib/mbedtls/Makefile
> @@ -5,17 +5,23 @@
>
> MBEDTLS_LIB_DIR = external/mbedtls/library
>
> +# shim layer for hash
> +obj-$(CONFIG_$(SPL_)MD5_MBEDTLS) += md5.o
> +obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o
> +obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o
> +obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o
> +
> # MbedTLS crypto library
> obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
> mbedtls_lib_crypto-y := \
> $(MBEDTLS_LIB_DIR)/platform_util.o \
> $(MBEDTLS_LIB_DIR)/constant_time.o \
> $(MBEDTLS_LIB_DIR)/md.o
> -mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5) += $(MBEDTLS_LIB_DIR)/md5.o
> -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1) += $(MBEDTLS_LIB_DIR)/sha1.o
> -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256) += \
> +mbedtls_lib_crypto-$(CONFIG_$(SPL_)MD5_MBEDTLS) += $(MBEDTLS_LIB_DIR)/md5.o
> +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += $(MBEDTLS_LIB_DIR)/sha1.o
> +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/sha256.o
> -mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512) += \
> +mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/sha512.o
>
> # MbedTLS X509 library
> diff --git a/lib/mbedtls/md5.c b/lib/mbedtls/md5.c
> new file mode 100644
> index 00000000000..04388fce249
> --- /dev/null
> +++ b/lib/mbedtls/md5.c
> @@ -0,0 +1,57 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Hash shim layer on MbedTLS Crypto library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +#include "compiler.h"
> +
> +#ifndef USE_HOSTCC
> +#include <watchdog.h>
> +#endif /* USE_HOSTCC */
> +#include <u-boot/md5.h>
> +
> +void MD5Init(MD5Context *ctx)
> +{
> + mbedtls_md5_init(ctx);
> + mbedtls_md5_starts(ctx);
> +}
> +
> +void MD5Update(MD5Context *ctx, unsigned char const *buf, unsigned int len)
> +{
> + mbedtls_md5_update(ctx, buf, len);
> +}
> +
> +void MD5Final(unsigned char digest[16], MD5Context *ctx)
> +{
> + mbedtls_md5_finish(ctx, digest);
> + mbedtls_md5_free(ctx);
> +}
> +
> +void md5_wd(const unsigned char *input, unsigned int len,
> + unsigned char output[16], unsigned int chunk_sz)
> +{
> + MD5Context context;
> +
> + MD5Init(&context);
> +
> + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
> + const unsigned char *curr = input;
> + const unsigned char *end = input + len;
> + int chunk;
> +
> + while (curr < end) {
> + chunk = end - curr;
> + if (chunk > chunk_sz)
> + chunk = chunk_sz;
> + MD5Update(&context, curr, chunk);
> + curr += chunk;
> + schedule();
> + }
> + } else {
> + MD5Update(&context, input, len);
> + }
> +
> + MD5Final(output, &context);
> +}
> diff --git a/lib/mbedtls/sha1.c b/lib/mbedtls/sha1.c
> new file mode 100644
> index 00000000000..2aee5037795
> --- /dev/null
> +++ b/lib/mbedtls/sha1.c
> @@ -0,0 +1,99 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Hash shim layer on MbedTLS Crypto library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +#ifndef USE_HOSTCC
> +#include <cyclic.h>
> +#endif /* USE_HOSTCC */
> +#include <string.h>
> +#include <u-boot/sha1.h>
> +
> +const u8 sha1_der_prefix[SHA1_DER_LEN] = {
> + 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e,
> + 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14
> +};
> +
> +void sha1_starts(sha1_context *ctx)
> +{
> + mbedtls_sha1_init(ctx);
> + mbedtls_sha1_starts(ctx);
> +}
> +
> +void sha1_update(sha1_context *ctx, const unsigned char *input,
> + unsigned int length)
> +{
> + mbedtls_sha1_update(ctx, input, length);
> +}
> +
> +void sha1_finish(sha1_context *ctx, unsigned char output[SHA1_SUM_LEN])
> +{
> + mbedtls_sha1_finish(ctx, output);
> + mbedtls_sha1_free(ctx);
> +}
> +
> +void sha1_csum_wd(const unsigned char *input, unsigned int ilen,
> + unsigned char *output, unsigned int chunk_sz)
> +{
> + sha1_context ctx;
> +
> + sha1_starts(&ctx);
> +
> + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
> + const unsigned char *curr = input;
> + const unsigned char *end = input + ilen;
> + int chunk;
> +
> + while (curr < end) {
> + chunk = end - curr;
> + if (chunk > chunk_sz)
> + chunk = chunk_sz;
> + sha1_update(&ctx, curr, chunk);
> + curr += chunk;
> + schedule();
> + }
> + } else {
> + sha1_update(&ctx, input, ilen);
> + }
> +
> + sha1_finish(&ctx, output);
> +}
> +
> +void sha1_hmac(const unsigned char *key, int keylen,
> + const unsigned char *input, unsigned int ilen,
> + unsigned char *output)
> +{
> + int i;
> + sha1_context ctx;
> + unsigned char k_ipad[K_PAD_LEN];
> + unsigned char k_opad[K_PAD_LEN];
> + unsigned char tmpbuf[20];
> +
> + if (keylen > K_PAD_LEN)
> + return;
> +
> + memset(k_ipad, K_IPAD_VAL, sizeof(k_ipad));
> + memset(k_opad, K_OPAD_VAL, sizeof(k_opad));
> +
> + for (i = 0; i < keylen; i++) {
> + k_ipad[i] ^= key[i];
> + k_opad[i] ^= key[i];
> + }
> +
> + sha1_starts(&ctx);
> + sha1_update(&ctx, k_ipad, sizeof(k_ipad));
> + sha1_update(&ctx, input, ilen);
> + sha1_finish(&ctx, tmpbuf);
> +
> + sha1_starts(&ctx);
> + sha1_update(&ctx, k_opad, sizeof(k_opad));
> + sha1_update(&ctx, tmpbuf, sizeof(tmpbuf));
> + sha1_finish(&ctx, output);
> +
> + memset(k_ipad, 0, sizeof(k_ipad));
> + memset(k_opad, 0, sizeof(k_opad));
> + memset(tmpbuf, 0, sizeof(tmpbuf));
> + memset(&ctx, 0, sizeof(sha1_context));
> +}
> diff --git a/lib/mbedtls/sha256.c b/lib/mbedtls/sha256.c
> new file mode 100644
> index 00000000000..24aa58fa674
> --- /dev/null
> +++ b/lib/mbedtls/sha256.c
> @@ -0,0 +1,62 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Hash shim layer on MbedTLS Crypto library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +#ifndef USE_HOSTCC
> +#include <cyclic.h>
> +#endif /* USE_HOSTCC */
> +#include <u-boot/sha256.h>
> +
> +const u8 sha256_der_prefix[SHA256_DER_LEN] = {
> + 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
> + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05,
> + 0x00, 0x04, 0x20
> +};
> +
> +void sha256_starts(sha256_context *ctx)
> +{
> + mbedtls_sha256_init(ctx);
> + mbedtls_sha256_starts(ctx, 0);
> +}
> +
> +void
> +sha256_update(sha256_context *ctx, const uint8_t *input, uint32_t length)
> +{
> + mbedtls_sha256_update(ctx, input, length);
> +}
> +
> +void sha256_finish(sha256_context *ctx, uint8_t digest[SHA256_SUM_LEN])
> +{
> + mbedtls_sha256_finish(ctx, digest);
> + mbedtls_sha256_free(ctx);
> +}
> +
> +void sha256_csum_wd(const unsigned char *input, unsigned int ilen,
> + unsigned char *output, unsigned int chunk_sz)
> +{
> + sha256_context ctx;
> +
> + sha256_starts(&ctx);
> +
> + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
> + const unsigned char *curr = input;
> + const unsigned char *end = input + ilen;
> + int chunk;
> +
> + while (curr < end) {
> + chunk = end - curr;
> + if (chunk > chunk_sz)
> + chunk = chunk_sz;
> + sha256_update(&ctx, curr, chunk);
> + curr += chunk;
> + schedule();
> + }
> + } else {
> + sha256_update(&ctx, input, ilen);
> + }
> +
> + sha256_finish(&ctx, output);
> +}
> diff --git a/lib/mbedtls/sha512.c b/lib/mbedtls/sha512.c
> new file mode 100644
> index 00000000000..5615248cb91
> --- /dev/null
> +++ b/lib/mbedtls/sha512.c
> @@ -0,0 +1,93 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Hash shim layer on MbedTLS Crypto library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +#ifndef USE_HOSTCC
> +#include <cyclic.h>
> +#endif /* USE_HOSTCC */
> +#include <compiler.h>
> +#include <u-boot/sha512.h>
> +
> +const u8 sha384_der_prefix[SHA384_DER_LEN] = {
> + 0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
> + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05,
> + 0x00, 0x04, 0x30
> +};
> +
> +const u8 sha512_der_prefix[SHA512_DER_LEN] = {
> + 0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86,
> + 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05,
> + 0x00, 0x04, 0x40
> +};
> +
> +void sha384_starts(sha512_context *ctx)
> +{
> + mbedtls_sha512_init(ctx);
> + mbedtls_sha512_starts(ctx, 1);
> +}
> +
> +void
> +sha384_update(sha512_context *ctx, const uint8_t *input, uint32_t length)
> +{
> + mbedtls_sha512_update(ctx, input, length);
> +}
> +
> +void sha384_finish(sha512_context *ctx, uint8_t digest[SHA384_SUM_LEN])
> +{
> + mbedtls_sha512_finish(ctx, digest);
> + mbedtls_sha512_free(ctx);
> +}
> +
> +void sha384_csum_wd(const unsigned char *input, unsigned int length,
> + unsigned char *output, unsigned int chunk_sz)
> +{
> + mbedtls_sha512(input, length, output, 1);
> +}
> +
> +void sha512_starts(sha512_context *ctx)
> +{
> + mbedtls_sha512_init(ctx);
> + mbedtls_sha512_starts(ctx, 0);
> +}
> +
> +void
> +sha512_update(sha512_context *ctx, const uint8_t *input, uint32_t length)
> +{
> + mbedtls_sha512_update(ctx, input, length);
> +}
> +
> +void sha512_finish(sha512_context *ctx, uint8_t digest[SHA512_SUM_LEN])
> +{
> + mbedtls_sha512_finish(ctx, digest);
> + mbedtls_sha512_free(ctx);
> +}
> +
> +void sha512_csum_wd(const unsigned char *input, unsigned int ilen,
> + unsigned char *output, unsigned int chunk_sz)
> +{
> + sha512_context ctx;
> +
> + sha512_starts(&ctx);
> +
> + if (IS_ENABLED(CONFIG_HW_WATCHDOG) || IS_ENABLED(CONFIG_WATCHDOG)) {
> + const unsigned char *curr = input;
> + const unsigned char *end = input + ilen;
> + int chunk;
> +
> + while (curr < end) {
> + chunk = end - curr;
> + if (chunk > chunk_sz)
> + chunk = chunk_sz;
> + sha512_update(&ctx, curr, chunk);
> + curr += chunk;
> + schedule();
> + }
> + } else {
> + sha512_update(&ctx, input, ilen);
> + }
> +
> + sha512_finish(&ctx, output);
> +}
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 07/27] mbedtls: Enable smaller implementation for SHA256/512
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (5 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 06/27] mbedtls: add digest shim layer for MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-14 18:01 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 08/27] mbedtls/external: support Microsoft Authentication Code Raymond Mao
` (21 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Ilias Apalodimas,
Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Marek Vasut, Paul Barker,
Oleksandr Suvorov, Linus Walleij, Jonas Karlman, Greg Malysa,
Kongyang Liu, Sughosh Ganu, Eddie James
Smaller implementation for SHA256 and SHA512 helps to reduce the
ROM footprint though it has a certain impact on performance.
As a trade-off, enable it as a default config when MbedTLS is
enabled can reduce the target size significantly with acceptable
performace loss.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v6
- Initial patch
Changes in v7
- Fixed the config dependencies.
Changes in v8
- None
lib/mbedtls/Kconfig | 24 ++++++++++++++++++++++++
lib/mbedtls/mbedtls_def_config.h | 6 ++++++
2 files changed, 30 insertions(+)
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index 262abb2cec7..8e3a94c6f2b 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -164,6 +164,18 @@ config SHA256_MBEDTLS
This option enables support of hashing using SHA256 algorithm
with MbedTLS crypto library.
+if SHA256_MBEDTLS
+
+config SHA256_SMALLER
+ bool "Enable SHA256 smaller implementation with MbedTLS crypto library"
+ depends on SHA256_MBEDTLS
+ default y if SHA256_MBEDTLS
+ help
+ This option enables support of hashing using SHA256 algorithm
+ smaller implementation with MbedTLS crypto library.
+
+endif
+
config SHA512_MBEDTLS
bool "Enable SHA512 support with MbedTLS crypto library"
depends on MBEDTLS_LIB_CRYPTO && SHA512
@@ -172,6 +184,18 @@ config SHA512_MBEDTLS
This option enables support of hashing using SHA512 algorithm
with MbedTLS crypto library.
+if SHA512_MBEDTLS
+
+config SHA512_SMALLER
+ bool "Enable SHA512 smaller implementation with MbedTLS crypto library"
+ depends on SHA512_MBEDTLS
+ default y if SHA512_MBEDTLS
+ help
+ This option enables support of hashing using SHA512 algorithm
+ smaller implementation with MbedTLS crypto library.
+
+endif
+
config SHA384_MBEDTLS
bool "Enable SHA384 support with MbedTLS crypto library"
depends on MBEDTLS_LIB_CRYPTO && SHA384
diff --git a/lib/mbedtls/mbedtls_def_config.h b/lib/mbedtls/mbedtls_def_config.h
index 6fba053bd7c..1af911c2003 100644
--- a/lib/mbedtls/mbedtls_def_config.h
+++ b/lib/mbedtls/mbedtls_def_config.h
@@ -35,6 +35,9 @@
#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
#define MBEDTLS_SHA256_ALT
#endif
+#if CONFIG_IS_ENABLED(SHA256_SMALLER)
+#define MBEDTLS_SHA256_SMALLER
+#endif
#endif
#if CONFIG_IS_ENABLED(SHA384)
@@ -48,6 +51,9 @@
#if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
#define MBEDTLS_SHA512_ALT
#endif
+#if CONFIG_IS_ENABLED(SHA512_SMALLER)
+#define MBEDTLS_SHA512_SMALLER
+#endif
#endif
#if defined CONFIG_MBEDTLS_LIB_X509
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 07/27] mbedtls: Enable smaller implementation for SHA256/512
2024-10-03 21:50 ` [PATCH v8 07/27] mbedtls: Enable smaller implementation for SHA256/512 Raymond Mao
@ 2024-10-14 18:01 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-14 18:01 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Jonathan Humphreys,
Mattijs Korpershoek, Marek Vasut, Paul Barker, Oleksandr Suvorov,
Linus Walleij, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Eddie James
On Fri, 4 Oct 2024 at 00:55, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Smaller implementation for SHA256 and SHA512 helps to reduce the
> ROM footprint though it has a certain impact on performance.
> As a trade-off, enable it as a default config when MbedTLS is
> enabled can reduce the target size significantly with acceptable
> performace loss.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v6
> - Initial patch
> Changes in v7
> - Fixed the config dependencies.
> Changes in v8
> - None
>
> lib/mbedtls/Kconfig | 24 ++++++++++++++++++++++++
> lib/mbedtls/mbedtls_def_config.h | 6 ++++++
> 2 files changed, 30 insertions(+)
>
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index 262abb2cec7..8e3a94c6f2b 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -164,6 +164,18 @@ config SHA256_MBEDTLS
> This option enables support of hashing using SHA256 algorithm
> with MbedTLS crypto library.
>
> +if SHA256_MBEDTLS
> +
> +config SHA256_SMALLER
> + bool "Enable SHA256 smaller implementation with MbedTLS crypto library"
> + depends on SHA256_MBEDTLS
> + default y if SHA256_MBEDTLS
> + help
> + This option enables support of hashing using SHA256 algorithm
> + smaller implementation with MbedTLS crypto library.
> +
> +endif
> +
> config SHA512_MBEDTLS
> bool "Enable SHA512 support with MbedTLS crypto library"
> depends on MBEDTLS_LIB_CRYPTO && SHA512
> @@ -172,6 +184,18 @@ config SHA512_MBEDTLS
> This option enables support of hashing using SHA512 algorithm
> with MbedTLS crypto library.
>
> +if SHA512_MBEDTLS
> +
> +config SHA512_SMALLER
> + bool "Enable SHA512 smaller implementation with MbedTLS crypto library"
> + depends on SHA512_MBEDTLS
> + default y if SHA512_MBEDTLS
> + help
> + This option enables support of hashing using SHA512 algorithm
> + smaller implementation with MbedTLS crypto library.
> +
> +endif
> +
> config SHA384_MBEDTLS
> bool "Enable SHA384 support with MbedTLS crypto library"
> depends on MBEDTLS_LIB_CRYPTO && SHA384
> diff --git a/lib/mbedtls/mbedtls_def_config.h b/lib/mbedtls/mbedtls_def_config.h
> index 6fba053bd7c..1af911c2003 100644
> --- a/lib/mbedtls/mbedtls_def_config.h
> +++ b/lib/mbedtls/mbedtls_def_config.h
> @@ -35,6 +35,9 @@
> #if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
> #define MBEDTLS_SHA256_ALT
> #endif
> +#if CONFIG_IS_ENABLED(SHA256_SMALLER)
> +#define MBEDTLS_SHA256_SMALLER
> +#endif
> #endif
>
> #if CONFIG_IS_ENABLED(SHA384)
> @@ -48,6 +51,9 @@
> #if defined CONFIG_MBEDTLS_LIB_CRYPTO_ALT
> #define MBEDTLS_SHA512_ALT
> #endif
> +#if CONFIG_IS_ENABLED(SHA512_SMALLER)
> +#define MBEDTLS_SHA512_SMALLER
> +#endif
> #endif
>
> #if defined CONFIG_MBEDTLS_LIB_X509
> --
> 2.25.1
>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 08/27] mbedtls/external: support Microsoft Authentication Code
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (6 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 07/27] mbedtls: Enable smaller implementation for SHA256/512 Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 09/27] mbedtls/external: support PKCS9 Authenticate Attributes Raymond Mao
` (20 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Paul Barker, Marek Vasut,
Linus Walleij, Greg Malysa, Kongyang Liu, Jonas Karlman,
Sughosh Ganu, Vincent Stehlé, Eddie James
Populate Microsoft Authentication Code from the content data
into PKCS7 decoding context if it exists in a PKCS7 message.
Add OIDs for describing objects using for Microsoft Authentication
Code.
The PR for this patch is at:
https://github.com/Mbed-TLS/mbedtls/pull/9001
For enabling EFI loader PKCS7 features with MbedTLS build,
we need this patch on top of MbedTLS v3.6.0 before it is merged into
the next MbedTLS LTS release.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- None.
Changes in v3
- Update commit message.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
.../external/mbedtls/include/mbedtls/oid.h | 30 ++++++++++
.../external/mbedtls/include/mbedtls/pkcs7.h | 10 ++++
lib/mbedtls/external/mbedtls/library/pkcs7.c | 60 +++++++++++++++----
3 files changed, 90 insertions(+), 10 deletions(-)
diff --git a/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h b/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
index fdc25ebf885..2ee982808fa 100644
--- a/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
+++ b/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
@@ -352,6 +352,36 @@
#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
#define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC MBEDTLS_OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
+/*
+ * MicroSoft Authenticate Code OIDs
+ */
+#define MBEDTLS_OID_PRIVATE_ENTERPRISE MBEDTLS_OID_INTERNET "\x04\x01" /* {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) */
+#define MBEDTLS_OID_MICROSOFT "\x82\x37" /* {microsoft(311)} */
+/*
+ * OID_msIndirectData: (1.3.6.1.4.1.311.2.1.4)
+ * {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 2(2) 1(1) 4(4)}
+ */
+#define MBEDTLS_OID_MICROSOFT_INDIRECTDATA MBEDTLS_OID_PRIVATE_ENTERPRISE MBEDTLS_OID_MICROSOFT \
+ "\x02\x01\x04"
+/*
+ * OID_msStatementType: (1.3.6.1.4.1.311.2.1.11)
+ * {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 2(2) 1(1) 11(11)}
+ */
+#define MBEDTLS_OID_MICROSOFT_STATETYPE MBEDTLS_OID_PRIVATE_ENTERPRISE MBEDTLS_OID_MICROSOFT \
+ "\x02\x01\x0b"
+/*
+ * OID_msSpOpusInfo: (1.3.6.1.4.1.311.2.1.12)
+ * {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 2(2) 1(1) 12(12)}
+ */
+#define MBEDTLS_OID_MICROSOFT_SPOPUSINFO MBEDTLS_OID_PRIVATE_ENTERPRISE MBEDTLS_OID_MICROSOFT \
+ "\x02\x01\x0b"
+/*
+ * OID_msPeImageDataObjId: (1.3.6.1.4.1.311.2.1.15)
+ * {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311) 2(2) 1(1) 15(15)}
+ */
+#define MBEDTLS_OID_MICROSOFT_PEIMAGEDATA MBEDTLS_OID_PRIVATE_ENTERPRISE MBEDTLS_OID_MICROSOFT \
+ "\x02\x01\x0f"
+
/*
* EC key algorithms from RFC 5480
*/
diff --git a/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h b/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
index e9b482208e6..9e29b74af70 100644
--- a/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
+++ b/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
@@ -132,12 +132,22 @@ typedef struct mbedtls_pkcs7_signed_data {
}
mbedtls_pkcs7_signed_data;
+/* Content Data for MicroSoft Authentication Code using in U-Boot Secure Boot */
+typedef struct mbedtls_pkcs7_conten_data {
+ int data_type; /* Type of Data */
+ size_t data_len; /* Length of Data */
+ size_t data_hdrlen; /* Length of Data ASN.1 header */
+ void *data; /* Content Data */
+}
+mbedtls_pkcs7_conten_data;
+
/**
* Structure holding PKCS #7 structure, only signed data for now
*/
typedef struct mbedtls_pkcs7 {
mbedtls_pkcs7_buf MBEDTLS_PRIVATE(raw);
mbedtls_pkcs7_signed_data MBEDTLS_PRIVATE(signed_data);
+ mbedtls_pkcs7_conten_data content_data;
}
mbedtls_pkcs7;
diff --git a/lib/mbedtls/external/mbedtls/library/pkcs7.c b/lib/mbedtls/external/mbedtls/library/pkcs7.c
index 3aac662ba69..0c2436b56b7 100644
--- a/lib/mbedtls/external/mbedtls/library/pkcs7.c
+++ b/lib/mbedtls/external/mbedtls/library/pkcs7.c
@@ -29,6 +29,13 @@
#include <time.h>
#endif
+enum OID {
+ /* PKCS#7 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-7(7)} */
+ MBEDTLS_OID_DATA = 13, /* 1.2.840.113549.1.7.1 */
+ /* Microsoft Authenticode & Software Publishing */
+ MBEDTLS_OID_MS_INDIRECTDATA = 24, /* 1.3.6.1.4.1.311.2.1.4 */
+};
+
/**
* Initializes the mbedtls_pkcs7 structure.
*/
@@ -449,7 +456,7 @@ cleanup:
* signerInfos SignerInfos }
*/
static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen,
- mbedtls_pkcs7_signed_data *signed_data)
+ mbedtls_pkcs7 *pkcs7)
{
unsigned char *p = buf;
unsigned char *end = buf + buflen;
@@ -457,6 +464,7 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen,
size_t len = 0;
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_md_type_t md_alg;
+ mbedtls_pkcs7_signed_data *signed_data = &pkcs7->signed_data;
ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
| MBEDTLS_ASN1_SEQUENCE);
@@ -493,25 +501,57 @@ static int pkcs7_get_signed_data(unsigned char *buf, size_t buflen,
if (ret != 0) {
return ret;
}
- if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &content_type)) {
+
+ /*
+ * We should only support 1.2.840.113549.1.7.1 (PKCS7 DATA) and
+ * 1.3.6.1.4.1.311.2.1.4 (MicroSoft Authentication Code) that is for
+ * U-Boot Secure Boot
+ */
+ if (!MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &content_type)) {
+ pkcs7->content_data.data_type = MBEDTLS_OID_DATA;
+ } else if (!MBEDTLS_OID_CMP(MBEDTLS_OID_MICROSOFT_INDIRECTDATA,
+ &content_type)) {
+ pkcs7->content_data.data_type = MBEDTLS_OID_MS_INDIRECTDATA;
+ } else {
return MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO;
}
if (p != end_content_info) {
+ unsigned char *tmp_p = p;
+
/* Determine if valid content is present */
ret = mbedtls_asn1_get_tag(&p,
end_content_info,
&len,
- MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC);
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC);
+ if (ret != 0 || p + len != end_content_info) {
+ return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO,
+ ret);
+ }
+
+ /*
+ * U-Boot Secure Boot needs to calculate the digest of MicroSoft
+ * Authentication Code during verifying an EFI image.
+ * Thus we need to save the context of Content Data.
+ */
+ pkcs7->content_data.data_hdrlen = p - tmp_p;
+ /* Parse the content data from a sequence */
+ ret = mbedtls_asn1_get_tag(&p, end_content_info, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
if (ret != 0) {
- return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
+ /* TODO: Other Content Data formats are not supported at the moment */
+ return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
+ } else if (p + len != end_content_info) {
+ return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO,
+ ret);
}
+
+ pkcs7->content_data.data = p;
+ pkcs7->content_data.data_len = len;
+
p += len;
- if (p != end_content_info) {
- return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO, ret);
- }
- /* Valid content is present - this is not supported */
- return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
}
/* Look for certificates, there may or may not be any */
@@ -624,7 +664,7 @@ int mbedtls_pkcs7_parse_der(mbedtls_pkcs7 *pkcs7, const unsigned char *buf,
}
try_data:
- ret = pkcs7_get_signed_data(p, len, &pkcs7->signed_data);
+ ret = pkcs7_get_signed_data(p, len, pkcs7);
if (ret != 0) {
goto out;
}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 09/27] mbedtls/external: support PKCS9 Authenticate Attributes
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (7 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 08/27] mbedtls/external: support Microsoft Authentication Code Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 10/27] mbedtls/external: support decoding multiple signer's cert Raymond Mao
` (19 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Sean Anderson,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Marek Vasut, Paul Barker,
Nathan Barrett-Morrison, Greg Malysa, Kongyang Liu, Jonas Karlman,
Sughosh Ganu, Anand Moon
Populate PKCS9 Authenticate Attributes from signer info if it exists
in a PKCS7 message.
Add OIDs for describing objects using for Authenticate Attributes.
The PR for this patch is at:
https://github.com/Mbed-TLS/mbedtls/pull/9001
For enabling EFI loader PKCS7 features with MbedTLS build,
we need this patch on top of MbedTLS v3.6.0 before it is merged into
the next MbedTLS LTS release.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- None.
Changes in v3
- Update commit message.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
.../external/mbedtls/include/mbedtls/oid.h | 5 +++++
.../external/mbedtls/include/mbedtls/pkcs7.h | 11 +++++++++++
lib/mbedtls/external/mbedtls/library/pkcs7.c | 19 ++++++++++++++++++-
3 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h b/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
index 2ee982808fa..43cef99f1e3 100644
--- a/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
+++ b/lib/mbedtls/external/mbedtls/include/mbedtls/oid.h
@@ -238,6 +238,11 @@
#define MBEDTLS_OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
#define MBEDTLS_OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
+#define MBEDTLS_OID_PKCS9_CONTENTTYPE MBEDTLS_OID_PKCS9 "\x03" /**< contentType AttributeType ::= { pkcs-9 3 } */
+#define MBEDTLS_OID_PKCS9_MESSAGEDIGEST MBEDTLS_OID_PKCS9 "\x04" /**< messageDigest AttributeType ::= { pkcs-9 4 } */
+#define MBEDTLS_OID_PKCS9_SIGNINGTIME MBEDTLS_OID_PKCS9 "\x05" /**< signingTime AttributeType ::= { pkcs-9 5 } */
+#define MBEDTLS_OID_PKCS9_SMIMECAP MBEDTLS_OID_PKCS9 "\x0f" /**< smimeCapabilites AttributeType ::= { pkcs-9 15 } */
+#define MBEDTLS_OID_PKCS9_SMIMEAA MBEDTLS_OID_PKCS9 "\x10\x02\x0b" /**< smimeCapabilites AttributeType ::= { pkcs-9 16 2 11} */
/* RFC 4055 */
#define MBEDTLS_OID_RSASSA_PSS MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
diff --git a/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h b/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
index 9e29b74af70..a88a5e858fc 100644
--- a/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
+++ b/lib/mbedtls/external/mbedtls/include/mbedtls/pkcs7.h
@@ -102,6 +102,16 @@ typedef enum {
}
mbedtls_pkcs7_type;
+/*
+ * Authenticate Attributes for MicroSoft Authentication Code using in U-Boot
+ * Secure Boot
+ */
+typedef struct mbedtls_pkcs7_authattrs {
+ size_t data_len;
+ void *data;
+}
+mbedtls_pkcs7_authattrs;
+
/**
* Structure holding PKCS #7 signer info
*/
@@ -113,6 +123,7 @@ typedef struct mbedtls_pkcs7_signer_info {
mbedtls_x509_buf MBEDTLS_PRIVATE(alg_identifier);
mbedtls_x509_buf MBEDTLS_PRIVATE(sig_alg_identifier);
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
+ mbedtls_pkcs7_authattrs authattrs;
struct mbedtls_pkcs7_signer_info *MBEDTLS_PRIVATE(next);
}
mbedtls_pkcs7_signer_info;
diff --git a/lib/mbedtls/external/mbedtls/library/pkcs7.c b/lib/mbedtls/external/mbedtls/library/pkcs7.c
index 0c2436b56b7..da73fb341d6 100644
--- a/lib/mbedtls/external/mbedtls/library/pkcs7.c
+++ b/lib/mbedtls/external/mbedtls/library/pkcs7.c
@@ -288,6 +288,7 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end,
unsigned char *end_signer, *end_issuer_and_sn;
int asn1_ret = 0, ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
size_t len = 0;
+ unsigned char *tmp_p;
asn1_ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
| MBEDTLS_ASN1_SEQUENCE);
@@ -349,7 +350,23 @@ static int pkcs7_get_signer_info(unsigned char **p, unsigned char *end,
goto out;
}
- /* Assume authenticatedAttributes is nonexistent */
+ /* Save authenticatedAttributes if present */
+ if (*p < end_signer &&
+ **p == (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0)) {
+ tmp_p = *p;
+
+ ret = mbedtls_asn1_get_tag(p, end_signer, &len,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED | 0);
+ if (ret != 0) {
+ goto out;
+ }
+
+ signer->authattrs.data = tmp_p;
+ signer->authattrs.data_len = len + *p - tmp_p;
+ *p += len;
+ }
+
ret = pkcs7_get_digest_algorithm(p, end_signer, &signer->sig_alg_identifier);
if (ret != 0) {
goto out;
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 10/27] mbedtls/external: support decoding multiple signer's cert
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (8 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 09/27] mbedtls/external: support PKCS9 Authenticate Attributes Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:15 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 11/27] mbedtls/external: update MbedTLS PKCS7 test suites Raymond Mao
` (18 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang,
Heinrich Schuchardt, Sean Anderson, Sumit Garg, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Greg Malysa,
Linus Walleij, Kongyang Liu, Jonas Karlman, Sughosh Ganu,
Anand Moon, Eddie James
Support decoding multiple signer's cert in the signed data within
a PKCS7 message.
The PR for this patch is at:
https://github.com/Mbed-TLS/mbedtls/pull/9001
For enabling EFI loader PKCS7 features with MbedTLS build,
we need this patch on top of MbedTLS v3.6.0 before it is merged into
the next MbedTLS LTS release.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- None.
Changes in v3
- Update commit message.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/external/mbedtls/library/pkcs7.c | 75 ++++++++++++--------
1 file changed, 47 insertions(+), 28 deletions(-)
diff --git a/lib/mbedtls/external/mbedtls/library/pkcs7.c b/lib/mbedtls/external/mbedtls/library/pkcs7.c
index da73fb341d6..01105227d7a 100644
--- a/lib/mbedtls/external/mbedtls/library/pkcs7.c
+++ b/lib/mbedtls/external/mbedtls/library/pkcs7.c
@@ -61,6 +61,36 @@ static int pkcs7_get_next_content_len(unsigned char **p, unsigned char *end,
return ret;
}
+/**
+ * Get and decode one cert from a sequence.
+ * Return 0 for success,
+ * Return negative error code for failure.
+ **/
+static int pkcs7_get_one_cert(unsigned char **p, unsigned char *end,
+ mbedtls_x509_crt *certs)
+{
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ size_t len = 0;
+ unsigned char *start = *p;
+ unsigned char *end_cert;
+
+ ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
+ | MBEDTLS_ASN1_SEQUENCE);
+ if (ret != 0) {
+ return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CERT, ret);
+ }
+
+ end_cert = *p + len;
+
+ if ((ret = mbedtls_x509_crt_parse_der(certs, start, end_cert - start)) < 0) {
+ return MBEDTLS_ERR_PKCS7_INVALID_CERT;
+ }
+
+ *p = end_cert;
+
+ return 0;
+}
+
/**
* version Version
* Version ::= INTEGER
@@ -178,11 +208,12 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end,
mbedtls_x509_crt *certs)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- size_t len1 = 0;
- size_t len2 = 0;
- unsigned char *end_set, *end_cert, *start;
+ size_t len = 0;
+ unsigned char *end_set;
+ int num_of_certs = 0;
- ret = mbedtls_asn1_get_tag(p, end, &len1, MBEDTLS_ASN1_CONSTRUCTED
+ /* Get the set of certs */
+ ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
| MBEDTLS_ASN1_CONTEXT_SPECIFIC);
if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
return 0;
@@ -190,38 +221,26 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end,
if (ret != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret);
}
- start = *p;
- end_set = *p + len1;
+ end_set = *p + len;
- ret = mbedtls_asn1_get_tag(p, end_set, &len2, MBEDTLS_ASN1_CONSTRUCTED
- | MBEDTLS_ASN1_SEQUENCE);
+ ret = pkcs7_get_one_cert(p, end_set, certs);
if (ret != 0) {
- return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CERT, ret);
+ return ret;
}
- end_cert = *p + len2;
+ num_of_certs++;
- /*
- * This is to verify that there is only one signer certificate. It seems it is
- * not easy to differentiate between the chain vs different signer's certificate.
- * So, we support only the root certificate and the single signer.
- * The behaviour would be improved with addition of multiple signer support.
- */
- if (end_cert != end_set) {
- return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
- }
-
- if ((ret = mbedtls_x509_crt_parse_der(certs, start, len1)) < 0) {
- return MBEDTLS_ERR_PKCS7_INVALID_CERT;
+ while (*p != end_set) {
+ ret = pkcs7_get_one_cert(p, end_set, certs);
+ if (ret != 0) {
+ return ret;
+ }
+ num_of_certs++;
}
- *p = end_cert;
+ *p = end_set;
- /*
- * Since in this version we strictly support single certificate, and reaching
- * here implies we have parsed successfully, we return 1.
- */
- return 1;
+ return num_of_certs;
}
/**
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 10/27] mbedtls/external: support decoding multiple signer's cert
2024-10-03 21:50 ` [PATCH v8 10/27] mbedtls/external: support decoding multiple signer's cert Raymond Mao
@ 2024-10-09 9:15 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:15 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Andrew Davis, Rasmus Villemoes,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Marek Vasut, Paul Barker, Greg Malysa, Linus Walleij,
Kongyang Liu, Jonas Karlman, Sughosh Ganu, Anand Moon,
Eddie James
On Fri, 4 Oct 2024 at 00:56, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Support decoding multiple signer's cert in the signed data within
> a PKCS7 message.
>
> The PR for this patch is at:
> https://github.com/Mbed-TLS/mbedtls/pull/9001
>
> For enabling EFI loader PKCS7 features with MbedTLS build,
> we need this patch on top of MbedTLS v3.6.0 before it is merged into
> the next MbedTLS LTS release.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - None.
> Changes in v3
> - Update commit message.
> Changes in v4
> - None.
> Changes in v5
> - None.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> lib/mbedtls/external/mbedtls/library/pkcs7.c | 75 ++++++++++++--------
> 1 file changed, 47 insertions(+), 28 deletions(-)
>
> diff --git a/lib/mbedtls/external/mbedtls/library/pkcs7.c b/lib/mbedtls/external/mbedtls/library/pkcs7.c
> index da73fb341d6..01105227d7a 100644
> --- a/lib/mbedtls/external/mbedtls/library/pkcs7.c
> +++ b/lib/mbedtls/external/mbedtls/library/pkcs7.c
> @@ -61,6 +61,36 @@ static int pkcs7_get_next_content_len(unsigned char **p, unsigned char *end,
> return ret;
> }
>
> +/**
> + * Get and decode one cert from a sequence.
> + * Return 0 for success,
> + * Return negative error code for failure.
> + **/
> +static int pkcs7_get_one_cert(unsigned char **p, unsigned char *end,
> + mbedtls_x509_crt *certs)
> +{
> + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
> + size_t len = 0;
> + unsigned char *start = *p;
> + unsigned char *end_cert;
> +
> + ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
> + | MBEDTLS_ASN1_SEQUENCE);
> + if (ret != 0) {
> + return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CERT, ret);
> + }
> +
> + end_cert = *p + len;
> +
> + if ((ret = mbedtls_x509_crt_parse_der(certs, start, end_cert - start)) < 0) {
> + return MBEDTLS_ERR_PKCS7_INVALID_CERT;
> + }
> +
> + *p = end_cert;
> +
> + return 0;
> +}
> +
> /**
> * version Version
> * Version ::= INTEGER
> @@ -178,11 +208,12 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end,
> mbedtls_x509_crt *certs)
> {
> int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
> - size_t len1 = 0;
> - size_t len2 = 0;
> - unsigned char *end_set, *end_cert, *start;
> + size_t len = 0;
> + unsigned char *end_set;
> + int num_of_certs = 0;
>
> - ret = mbedtls_asn1_get_tag(p, end, &len1, MBEDTLS_ASN1_CONSTRUCTED
> + /* Get the set of certs */
> + ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED
> | MBEDTLS_ASN1_CONTEXT_SPECIFIC);
> if (ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG) {
> return 0;
> @@ -190,38 +221,26 @@ static int pkcs7_get_certificates(unsigned char **p, unsigned char *end,
> if (ret != 0) {
> return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_FORMAT, ret);
> }
> - start = *p;
> - end_set = *p + len1;
> + end_set = *p + len;
>
> - ret = mbedtls_asn1_get_tag(p, end_set, &len2, MBEDTLS_ASN1_CONSTRUCTED
> - | MBEDTLS_ASN1_SEQUENCE);
> + ret = pkcs7_get_one_cert(p, end_set, certs);
> if (ret != 0) {
> - return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PKCS7_INVALID_CERT, ret);
> + return ret;
> }
>
> - end_cert = *p + len2;
> + num_of_certs++;
>
> - /*
> - * This is to verify that there is only one signer certificate. It seems it is
> - * not easy to differentiate between the chain vs different signer's certificate.
> - * So, we support only the root certificate and the single signer.
> - * The behaviour would be improved with addition of multiple signer support.
> - */
> - if (end_cert != end_set) {
> - return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
> - }
> -
> - if ((ret = mbedtls_x509_crt_parse_der(certs, start, len1)) < 0) {
> - return MBEDTLS_ERR_PKCS7_INVALID_CERT;
> + while (*p != end_set) {
> + ret = pkcs7_get_one_cert(p, end_set, certs);
> + if (ret != 0) {
> + return ret;
> + }
> + num_of_certs++;
> }
>
> - *p = end_cert;
> + *p = end_set;
>
> - /*
> - * Since in this version we strictly support single certificate, and reaching
> - * here implies we have parsed successfully, we return 1.
> - */
> - return 1;
> + return num_of_certs;
> }
>
> /**
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 11/27] mbedtls/external: update MbedTLS PKCS7 test suites
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (9 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 10/27] mbedtls/external: support decoding multiple signer's cert Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 12/27] public_key: move common functions to public key helper Raymond Mao
` (17 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg,
Sean Anderson, Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Marek Vasut, Paul Barker,
Linus Walleij, Neil Armstrong, Oleksandr Suvorov, Jonas Karlman,
Greg Malysa, Kongyang Liu, Sughosh Ganu
Update the PKCS7 test suites for multiple certs.
The PR for this patch is at:
https://github.com/Mbed-TLS/mbedtls/pull/9001
For enabling EFI loader PKCS7 features with MbedTLS build,
we need this patch on top of MbedTLS v3.6.0 before it is merged into
the next MbedTLS LTS release.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- None.
Changes in v3
- Update commit message.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
.../external/mbedtls/tests/suites/test_suite_pkcs7.data | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/mbedtls/external/mbedtls/tests/suites/test_suite_pkcs7.data b/lib/mbedtls/external/mbedtls/tests/suites/test_suite_pkcs7.data
index d3b83cdf0aa..2dd1c56109f 100644
--- a/lib/mbedtls/external/mbedtls/tests/suites/test_suite_pkcs7.data
+++ b/lib/mbedtls/external/mbedtls/tests/suites/test_suite_pkcs7.data
@@ -14,9 +14,9 @@ PKCS7 Signed Data Parse with zero signers
depends_on:MBEDTLS_MD_CAN_SHA256
pkcs7_parse:"data_files/pkcs7_data_no_signers.der":MBEDTLS_PKCS7_SIGNED_DATA
-PKCS7 Signed Data Parse Fail with multiple certs #4
+PKCS7 Signed Data Parse Pass with multiple certs #4
depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
-pkcs7_parse:"data_files/pkcs7_data_multiple_certs_signed.der":MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE
+pkcs7_parse:"data_files/pkcs7_data_multiple_certs_signed.der":MBEDTLS_PKCS7_SIGNED_DATA
PKCS7 Signed Data Parse Fail with corrupted cert #5.0
depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_RSA_C
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 12/27] public_key: move common functions to public key helper
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (10 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 11/27] mbedtls/external: update MbedTLS PKCS7 test suites Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 13/27] x509: move common functions to x509 helper Raymond Mao
` (16 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Ian Roberts, Jonas Karlman, Oleksandr Suvorov, Linus Walleij,
Greg Malysa, Kongyang Liu, Sughosh Ganu, Eddie James
Move public_key_free and public_key_signature_free as helper
functions that can be shared by legacy crypto lib and MbedTLS
implementation.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v4
- Initial patch.
Changes in v5
- Removed authorship.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/crypto/Makefile | 4 +++-
lib/crypto/public_key.c | 31 ---------------------------
lib/crypto/public_key_helper.c | 39 ++++++++++++++++++++++++++++++++++
3 files changed, 42 insertions(+), 32 deletions(-)
create mode 100644 lib/crypto/public_key_helper.c
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index bec1bc95a65..4ad1849040d 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -7,7 +7,9 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
asymmetric_keys-y := asymmetric_type.o
-obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key.o
+obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += \
+ public_key_helper.o \
+ public_key.o
#
# RSA public key parser
diff --git a/lib/crypto/public_key.c b/lib/crypto/public_key.c
index 6efe951c057..408742907f1 100644
--- a/lib/crypto/public_key.c
+++ b/lib/crypto/public_key.c
@@ -51,38 +51,7 @@ static void public_key_describe(const struct key *asymmetric_key,
}
#endif
-/*
- * Destroy a public key algorithm key.
- */
-void public_key_free(struct public_key *key)
-{
- if (key) {
- kfree(key->key);
- kfree(key->params);
- kfree(key);
- }
-}
-EXPORT_SYMBOL_GPL(public_key_free);
-
#ifdef __UBOOT__
-/*
- * from <linux>/crypto/asymmetric_keys/signature.c
- *
- * Destroy a public key signature.
- */
-void public_key_signature_free(struct public_key_signature *sig)
-{
- int i;
-
- if (sig) {
- for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
- free(sig->auth_ids[i]);
- free(sig->s);
- free(sig->digest);
- free(sig);
- }
-}
-EXPORT_SYMBOL_GPL(public_key_signature_free);
/**
* public_key_verify_signature - Verify a signature using a public key.
diff --git a/lib/crypto/public_key_helper.c b/lib/crypto/public_key_helper.c
new file mode 100644
index 00000000000..2c55922bdcb
--- /dev/null
+++ b/lib/crypto/public_key_helper.c
@@ -0,0 +1,39 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * X509 helper functions
+ *
+ * Copyright (c) 2012 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+#include <linux/compat.h>
+#include <crypto/public_key.h>
+
+/*
+ * Destroy a public key algorithm key.
+ */
+void public_key_free(struct public_key *key)
+{
+ if (key) {
+ kfree(key->key);
+ kfree(key->params);
+ kfree(key);
+ }
+}
+
+/*
+ * from <linux>/crypto/asymmetric_keys/signature.c
+ *
+ * Destroy a public key signature.
+ */
+void public_key_signature_free(struct public_key_signature *sig)
+{
+ int i;
+
+ if (sig) {
+ for (i = 0; i < ARRAY_SIZE(sig->auth_ids); i++)
+ kfree(sig->auth_ids[i]);
+ kfree(sig->s);
+ kfree(sig->digest);
+ kfree(sig);
+ }
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 13/27] x509: move common functions to x509 helper
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (11 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 12/27] public_key: move common functions to public key helper Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 14/27] pkcs7: move common functions to PKCS7 helper Raymond Mao
` (15 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Sumit Garg,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Oleksandr Suvorov, Linus Walleij, Jonas Karlman, Kongyang Liu,
Greg Malysa, Sughosh Ganu, Caleb Connolly
Move x509_check_for_self_signed as a common helper function
that can be shared by legacy crypto lib and MbedTLS implementation.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v4
- Initial patch.
Changes in v5
- Removed authorship.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/crypto/Makefile | 1 +
lib/crypto/x509_helper.c | 64 ++++++++++++++++++++++++++++++++++++
lib/crypto/x509_public_key.c | 56 +------------------------------
3 files changed, 66 insertions(+), 55 deletions(-)
create mode 100644 lib/crypto/x509_helper.c
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 4ad1849040d..946cc3a7b59 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -37,6 +37,7 @@ x509_key_parser-y := \
x509.asn1.o \
x509_akid.asn1.o \
x509_cert_parser.o \
+ x509_helper.o \
x509_public_key.o
$(obj)/x509_cert_parser.o: \
diff --git a/lib/crypto/x509_helper.c b/lib/crypto/x509_helper.c
new file mode 100644
index 00000000000..87e8ff67ae1
--- /dev/null
+++ b/lib/crypto/x509_helper.c
@@ -0,0 +1,64 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * X509 helper functions
+ *
+ * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+#include <linux/err.h>
+#include <crypto/public_key.h>
+#include <crypto/x509_parser.h>
+
+/*
+ * Check for self-signedness in an X.509 cert and if found, check the signature
+ * immediately if we can.
+ */
+int x509_check_for_self_signed(struct x509_certificate *cert)
+{
+ int ret = 0;
+
+ if (cert->raw_subject_size != cert->raw_issuer_size ||
+ memcmp(cert->raw_subject, cert->raw_issuer,
+ cert->raw_issuer_size))
+ goto not_self_signed;
+
+ if (cert->sig->auth_ids[0] || cert->sig->auth_ids[1]) {
+ /*
+ * If the AKID is present it may have one or two parts. If
+ * both are supplied, both must match.
+ */
+ bool a = asymmetric_key_id_same(cert->skid,
+ cert->sig->auth_ids[1]);
+ bool b = asymmetric_key_id_same(cert->id,
+ cert->sig->auth_ids[0]);
+
+ if (!a && !b)
+ goto not_self_signed;
+
+ ret = -EKEYREJECTED;
+ if (((a && !b) || (b && !a)) &&
+ cert->sig->auth_ids[0] && cert->sig->auth_ids[1])
+ goto out;
+ }
+
+ ret = -EKEYREJECTED;
+ if (strcmp(cert->pub->pkey_algo, cert->sig->pkey_algo))
+ goto out;
+
+ ret = public_key_verify_signature(cert->pub, cert->sig);
+ if (ret == -ENOPKG) {
+ cert->unsupported_sig = true;
+ goto not_self_signed;
+ }
+ if (ret < 0)
+ goto out;
+
+ pr_devel("Cert Self-signature verified");
+ cert->self_signed = true;
+
+out:
+ return ret;
+
+not_self_signed:
+ return 0;
+}
diff --git a/lib/crypto/x509_public_key.c b/lib/crypto/x509_public_key.c
index a10145a7cdc..4ba13c1adc3 100644
--- a/lib/crypto/x509_public_key.c
+++ b/lib/crypto/x509_public_key.c
@@ -139,61 +139,7 @@ error:
return ret;
}
-/*
- * Check for self-signedness in an X.509 cert and if found, check the signature
- * immediately if we can.
- */
-int x509_check_for_self_signed(struct x509_certificate *cert)
-{
- int ret = 0;
-
- pr_devel("==>%s()\n", __func__);
-
- if (cert->raw_subject_size != cert->raw_issuer_size ||
- memcmp(cert->raw_subject, cert->raw_issuer,
- cert->raw_issuer_size) != 0)
- goto not_self_signed;
-
- if (cert->sig->auth_ids[0] || cert->sig->auth_ids[1]) {
- /* If the AKID is present it may have one or two parts. If
- * both are supplied, both must match.
- */
- bool a = asymmetric_key_id_same(cert->skid, cert->sig->auth_ids[1]);
- bool b = asymmetric_key_id_same(cert->id, cert->sig->auth_ids[0]);
-
- if (!a && !b)
- goto not_self_signed;
-
- ret = -EKEYREJECTED;
- if (((a && !b) || (b && !a)) &&
- cert->sig->auth_ids[0] && cert->sig->auth_ids[1])
- goto out;
- }
-
- ret = -EKEYREJECTED;
- if (strcmp(cert->pub->pkey_algo, cert->sig->pkey_algo) != 0)
- goto out;
-
- ret = public_key_verify_signature(cert->pub, cert->sig);
- if (ret < 0) {
- if (ret == -ENOPKG) {
- cert->unsupported_sig = true;
- ret = 0;
- }
- goto out;
- }
-
- pr_devel("Cert Self-signature verified");
- cert->self_signed = true;
-
-out:
- pr_devel("<==%s() = %d\n", __func__, ret);
- return ret;
-
-not_self_signed:
- pr_devel("<==%s() = 0 [not]\n", __func__);
- return 0;
-}
+#endif /* !CONFIG_IS_ENABLED(MBEDTLS_LIB_X509) */
#ifndef __UBOOT__
/*
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 14/27] pkcs7: move common functions to PKCS7 helper
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (12 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 13/27] x509: move common functions to x509 helper Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 15/27] mbedtls: add public key porting layer Raymond Mao
` (14 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Sean Anderson,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Jonas Karlman, Greg Malysa, Kongyang Liu, Sughosh Ganu,
Anand Moon, Vincent Stehlé
Move pkcs7_get_content_data as a helper function that can be
shared by legacy crypto lib and MbedTLS implementation.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v4
- Initial patch.
Changes in v5
- Remove authorship.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/crypto/Makefile | 1 +
lib/crypto/pkcs7_helper.c | 37 +++++++++++++++++++++++++++++++++++++
lib/crypto/pkcs7_parser.c | 28 ----------------------------
3 files changed, 38 insertions(+), 28 deletions(-)
create mode 100644 lib/crypto/pkcs7_helper.c
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 946cc3a7b59..16059088f26 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -53,6 +53,7 @@ $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h
obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o
pkcs7_message-y := \
pkcs7.asn1.o \
+ pkcs7_helper.o \
pkcs7_parser.o
obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
diff --git a/lib/crypto/pkcs7_helper.c b/lib/crypto/pkcs7_helper.c
new file mode 100644
index 00000000000..bb3b9d1354f
--- /dev/null
+++ b/lib/crypto/pkcs7_helper.c
@@ -0,0 +1,37 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * PKCS7 helper functions
+ *
+ * Copyright (c) 2012 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+#include <linux/kernel.h>
+#include <linux/err.h>
+#include <crypto/pkcs7_parser.h>
+
+/**
+ * pkcs7_get_content_data - Get access to the PKCS#7 content
+ * @pkcs7: The preparsed PKCS#7 message to access
+ * @_data: Place to return a pointer to the data
+ * @_data_len: Place to return the data length
+ * @_headerlen: Size of ASN.1 header not included in _data
+ *
+ * Get access to the data content of the PKCS#7 message. The size of the
+ * header of the ASN.1 object that contains it is also provided and can be used
+ * to adjust *_data and *_data_len to get the entire object.
+ *
+ * Returns -ENODATA if the data object was missing from the message.
+ */
+int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
+ const void **_data, size_t *_data_len,
+ size_t *_headerlen)
+{
+ if (!pkcs7->data)
+ return -ENODATA;
+
+ *_data = pkcs7->data;
+ *_data_len = pkcs7->data_len;
+ if (_headerlen)
+ *_headerlen = pkcs7->data_hdrlen;
+ return 0;
+}
diff --git a/lib/crypto/pkcs7_parser.c b/lib/crypto/pkcs7_parser.c
index d5efa828d6a..c849dc0d92d 100644
--- a/lib/crypto/pkcs7_parser.c
+++ b/lib/crypto/pkcs7_parser.c
@@ -182,34 +182,6 @@ out_no_ctx:
}
EXPORT_SYMBOL_GPL(pkcs7_parse_message);
-/**
- * pkcs7_get_content_data - Get access to the PKCS#7 content
- * @pkcs7: The preparsed PKCS#7 message to access
- * @_data: Place to return a pointer to the data
- * @_data_len: Place to return the data length
- * @_headerlen: Size of ASN.1 header not included in _data
- *
- * Get access to the data content of the PKCS#7 message. The size of the
- * header of the ASN.1 object that contains it is also provided and can be used
- * to adjust *_data and *_data_len to get the entire object.
- *
- * Returns -ENODATA if the data object was missing from the message.
- */
-int pkcs7_get_content_data(const struct pkcs7_message *pkcs7,
- const void **_data, size_t *_data_len,
- size_t *_headerlen)
-{
- if (!pkcs7->data)
- return -ENODATA;
-
- *_data = pkcs7->data;
- *_data_len = pkcs7->data_len;
- if (_headerlen)
- *_headerlen = pkcs7->data_hdrlen;
- return 0;
-}
-EXPORT_SYMBOL_GPL(pkcs7_get_content_data);
-
/*
* Note an OID when we find one for later processing when we know how
* to interpret it.
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 15/27] mbedtls: add public key porting layer
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (13 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 14/27] pkcs7: move common functions to PKCS7 helper Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 16/27] lib/crypto: Adapt public_key header with MbedTLS Raymond Mao
` (13 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sumit Garg, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Neil Armstrong, Leo Yu-Chi Liang, Jonas Karlman, Greg Malysa,
Kongyang Liu, Sughosh Ganu, Anand Moon, Caleb Connolly
Add porting layer for public key on top of MbedTLS X509 library.
Introduce _LEGACY and _MBEDTLS kconfigs for public key legacy and
MbedTLS implementations respectively.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for public key legacy and
MbedTLS implementations respectively.
- Move common functions to helper.
Changes in v5
- Correct kconfig dependence.
- Kconfig rename.
- Refactored MbedTLS makefile.
- Adjust a few inline comments.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/Kconfig | 52 +++++++++++++++++++++++++
lib/mbedtls/Makefile | 6 ++-
lib/mbedtls/public_key.c | 82 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 139 insertions(+), 1 deletion(-)
create mode 100644 lib/mbedtls/public_key.c
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index 8e3a94c6f2b..e81d14505ff 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -116,9 +116,35 @@ endif # LEGACY_CRYPTO_BASIC
config LEGACY_CRYPTO_CERT
bool "legacy certificate libraries"
+ select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
+ ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
+ SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
Enable legacy certificate libraries.
+if LEGACY_CRYPTO_CERT
+
+config ASYMMETRIC_PUBLIC_KEY_LEGACY
+ bool "Asymmetric public key crypto with legacy certificate library"
+ depends on LEGACY_CRYPTO_CERT && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ help
+ This option chooses legacy certificate library for asymmetric public
+ key crypto algorithm.
+
+if SPL
+
+config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
+ bool "Asymmetric public key crypto with legacy certificate library in SPL"
+ depends on LEGACY_CRYPTO_CERT && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ help
+ This option chooses legacy certificate library for asymmetric public
+ key crypto algorithm in SPL.
+
+endif # SPL
+
+endif # LEGACY_CRYPTO_CERT
+
endif # LEGACY_CRYPTO
if MBEDTLS_LIB
@@ -255,7 +281,33 @@ endif # MBEDTLS_LIB_CRYPTO
config MBEDTLS_LIB_X509
bool "MbedTLS certificate libraries"
+ select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
+ ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
+ SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
Enable MbedTLS certificate libraries.
+if MBEDTLS_LIB_X509
+
+config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
+ bool "Asymmetric public key crypto with MbedTLS certificate library"
+ depends on MBEDTLS_LIB_X509 && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ help
+ This option chooses MbedTLS certificate library for asymmetric public
+ key crypto algorithm.
+
+if SPL
+
+config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
+ bool "Asymmetric public key crypto with MbedTLS certificate library in SPL"
+ depends on MBEDTLS_LIB_X509 && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ help
+ This option chooses MbedTLS certificate library for asymmetric public
+ key crypto algorithm in SPL.
+
+endif # SPL
+
+endif # MBEDTLS_LIB_X509
+
endif # MBEDTLS_LIB
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index eeb28ec1557..d3f566d0c91 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -11,6 +11,10 @@ obj-$(CONFIG_$(SPL_)SHA1_MBEDTLS) += sha1.o
obj-$(CONFIG_$(SPL_)SHA256_MBEDTLS) += sha256.o
obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o
+# x509 libraries
+obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
+ public_key.o
+
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
mbedtls_lib_crypto-y := \
@@ -36,7 +40,7 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += \
$(MBEDTLS_LIB_DIR)/bignum_core.o \
$(MBEDTLS_LIB_DIR)/rsa.o \
$(MBEDTLS_LIB_DIR)/rsa_alt_helpers.o
-mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += \
+mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/pk.o \
$(MBEDTLS_LIB_DIR)/pk_wrap.o \
$(MBEDTLS_LIB_DIR)/pkparse.o
diff --git a/lib/mbedtls/public_key.c b/lib/mbedtls/public_key.c
new file mode 100644
index 00000000000..5f73b99d4f2
--- /dev/null
+++ b/lib/mbedtls/public_key.c
@@ -0,0 +1,82 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * Public key helper functions using MbedTLS X509 library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#include <linux/compat.h>
+#include <crypto/public_key.h>
+
+int public_key_verify_signature(const struct public_key *pkey,
+ const struct public_key_signature *sig)
+{
+ mbedtls_md_type_t mb_hash_algo;
+ mbedtls_pk_context pk_ctx;
+ int ret;
+
+ if (!pkey || !sig || pkey->key_is_private)
+ return -EINVAL;
+
+ /*
+ * ECRDSA (Elliptic Curve Russian Digital Signature Algorithm) is not
+ * supported by MbedTLS.
+ */
+ if (strcmp(pkey->pkey_algo, "rsa")) {
+ pr_err("Encryption is not RSA: %s\n", sig->pkey_algo);
+ return -EINVAL;
+ }
+
+ /*
+ * Can be pkcs1 or raw, but pkcs1 is expected.
+ * This is just for argument checking, not necessarily passed to MbedTLS,
+ * For RSA signatures, MbedTLS typically supports the PKCS#1 v1.5
+ * (aka. pkcs1) encoding by default.
+ * The library internally handles the details of decoding and verifying
+ * the signature according to the expected encoding for the specified algorithm.
+ */
+ if (strcmp(sig->encoding, "pkcs1")) {
+ pr_err("Encoding %s is not supported, only supports pkcs1\n",
+ sig->encoding);
+ return -EINVAL;
+ }
+
+ if (!strcmp(sig->hash_algo, "sha1"))
+ mb_hash_algo = MBEDTLS_MD_SHA1;
+ else if (!strcmp(sig->hash_algo, "sha224"))
+ mb_hash_algo = MBEDTLS_MD_SHA224;
+ else if (!strcmp(sig->hash_algo, "sha256"))
+ mb_hash_algo = MBEDTLS_MD_SHA256;
+ else if (!strcmp(sig->hash_algo, "sha384"))
+ mb_hash_algo = MBEDTLS_MD_SHA384;
+ else if (!strcmp(sig->hash_algo, "sha512"))
+ mb_hash_algo = MBEDTLS_MD_SHA512;
+ else /* Unknown or unsupported hash algorithm */
+ return -EINVAL;
+ /* Initialize the mbedtls_pk_context with RSA key type */
+ mbedtls_pk_init(&pk_ctx);
+
+ /* Parse the DER-encoded public key */
+ ret = mbedtls_pk_parse_public_key(&pk_ctx, pkey->key, pkey->keylen);
+ if (ret) {
+ pr_err("Failed to parse public key, ret:-0x%04x\n", -ret);
+ ret = -EINVAL;
+ goto err_key;
+ }
+
+ /* Ensure that it is a RSA key */
+ if (mbedtls_pk_get_type(&pk_ctx) != MBEDTLS_PK_RSA) {
+ pr_err("Only RSA keys are supported\n");
+ ret = -EKEYREJECTED;
+ goto err_key;
+ }
+
+ /* Verify the hash */
+ ret = mbedtls_pk_verify(&pk_ctx, mb_hash_algo, sig->digest,
+ sig->digest_size, sig->s, sig->s_size);
+
+err_key:
+ mbedtls_pk_free(&pk_ctx);
+ return ret;
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 16/27] lib/crypto: Adapt public_key header with MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (14 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 15/27] mbedtls: add public key porting layer Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:19 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 17/27] mbedtls: add X509 cert parser porting layer Raymond Mao
` (12 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg,
Sean Anderson, Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Jonas Karlman, Kongyang Liu, Greg Malysa, Oleksandr Suvorov,
Sughosh Ganu
Previous patch has introduced MbedTLS porting layer for public key,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- Update commit message.
Changes in v4
- Control building legacy library via '_LEGACY' Kconfig.
Changes in v5
- Correct header file include directories.
- Kconfig rename.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
include/crypto/public_key.h | 6 ++++++
lib/crypto/Makefile | 5 ++---
lib/crypto/asymmetric_type.c | 2 +-
3 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
index 3ba90fcc348..25cfb68adce 100644
--- a/include/crypto/public_key.h
+++ b/include/crypto/public_key.h
@@ -12,6 +12,12 @@
#ifdef __UBOOT__
#include <linux/types.h>
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+#include <library/common.h>
+#include <mbedtls/pk.h>
+#include <mbedtls/x509_crt.h>
+#include <mbedtls/md.h>
+#endif
#else
#include <linux/keyctl.h>
#endif
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 16059088f26..7e877214aa8 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -7,9 +7,8 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
asymmetric_keys-y := asymmetric_type.o
-obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += \
- public_key_helper.o \
- public_key.o
+obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_helper.o
+obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_LEGACY) += public_key.o
#
# RSA public key parser
diff --git a/lib/crypto/asymmetric_type.c b/lib/crypto/asymmetric_type.c
index 24c2d15ef97..95b82cd8e84 100644
--- a/lib/crypto/asymmetric_type.c
+++ b/lib/crypto/asymmetric_type.c
@@ -12,7 +12,6 @@
#include <keys/asymmetric-subtype.h>
#include <keys/asymmetric-parser.h>
#endif
-#include <crypto/public_key.h>
#ifdef __UBOOT__
#include <linux/bug.h>
#include <linux/compat.h>
@@ -26,6 +25,7 @@
#include <linux/slab.h>
#include <linux/ctype.h>
#endif
+#include <crypto/public_key.h>
#ifdef __UBOOT__
#include <keys/asymmetric-type.h>
#else
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 16/27] lib/crypto: Adapt public_key header with MbedTLS
2024-10-03 21:50 ` [PATCH v8 16/27] lib/crypto: Adapt public_key header with MbedTLS Raymond Mao
@ 2024-10-09 9:19 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:19 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Paul Barker, Marek Vasut, Jonas Karlman,
Kongyang Liu, Greg Malysa, Oleksandr Suvorov, Sughosh Ganu
On Fri, 4 Oct 2024 at 00:59, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Previous patch has introduced MbedTLS porting layer for public key,
> here to adjust the header and makefiles accordingly.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> Changes in v3
> - Update commit message.
> Changes in v4
> - Control building legacy library via '_LEGACY' Kconfig.
> Changes in v5
> - Correct header file include directories.
> - Kconfig rename.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> include/crypto/public_key.h | 6 ++++++
> lib/crypto/Makefile | 5 ++---
> lib/crypto/asymmetric_type.c | 2 +-
> 3 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/include/crypto/public_key.h b/include/crypto/public_key.h
> index 3ba90fcc348..25cfb68adce 100644
> --- a/include/crypto/public_key.h
> +++ b/include/crypto/public_key.h
> @@ -12,6 +12,12 @@
>
> #ifdef __UBOOT__
> #include <linux/types.h>
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> +#include <library/common.h>
> +#include <mbedtls/pk.h>
> +#include <mbedtls/x509_crt.h>
> +#include <mbedtls/md.h>
> +#endif
> #else
> #include <linux/keyctl.h>
> #endif
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index 16059088f26..7e877214aa8 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -7,9 +7,8 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_KEY_TYPE) += asymmetric_keys.o
>
> asymmetric_keys-y := asymmetric_type.o
>
> -obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += \
> - public_key_helper.o \
> - public_key.o
> +obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_SUBTYPE) += public_key_helper.o
> +obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_LEGACY) += public_key.o
>
> #
> # RSA public key parser
> diff --git a/lib/crypto/asymmetric_type.c b/lib/crypto/asymmetric_type.c
> index 24c2d15ef97..95b82cd8e84 100644
> --- a/lib/crypto/asymmetric_type.c
> +++ b/lib/crypto/asymmetric_type.c
> @@ -12,7 +12,6 @@
> #include <keys/asymmetric-subtype.h>
> #include <keys/asymmetric-parser.h>
> #endif
> -#include <crypto/public_key.h>
> #ifdef __UBOOT__
> #include <linux/bug.h>
> #include <linux/compat.h>
> @@ -26,6 +25,7 @@
> #include <linux/slab.h>
> #include <linux/ctype.h>
> #endif
> +#include <crypto/public_key.h>
> #ifdef __UBOOT__
> #include <keys/asymmetric-type.h>
> #else
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 17/27] mbedtls: add X509 cert parser porting layer
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (15 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 16/27] lib/crypto: Adapt public_key header with MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:16 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 18/27] lib/crypto: Adapt x509_cert_parser to MbedTLS Raymond Mao
` (11 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Ilias Apalodimas,
Heinrich Schuchardt, Sumit Garg, Leo Yu-Chi Liang, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Neil Armstrong, Oleksandr Suvorov, Greg Malysa, Kongyang Liu,
Jonas Karlman, Sughosh Ganu, Caleb Connolly
Add porting layer for X509 cert parser on top of MbedTLS X509
library.
Introduce _LEGACY and _MBEDTLS kconfigs for X509 cert parser legacy
and MbedTLS implementations respectively.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for X509 cert parser legacy
and MbedTLS implementations respectively.
- Move common functions to helper.
Changes in v5
- Kconfig rename.
- Adjust a few inline comments.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/Kconfig | 18 ++
lib/mbedtls/Makefile | 4 +-
lib/mbedtls/x509_cert_parser.c | 447 +++++++++++++++++++++++++++++++++
3 files changed, 468 insertions(+), 1 deletion(-)
create mode 100644 lib/mbedtls/x509_cert_parser.c
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index e81d14505ff..abdafd04e89 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -118,6 +118,7 @@ config LEGACY_CRYPTO_CERT
bool "legacy certificate libraries"
select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -132,6 +133,14 @@ config ASYMMETRIC_PUBLIC_KEY_LEGACY
This option chooses legacy certificate library for asymmetric public
key crypto algorithm.
+config X509_CERTIFICATE_PARSER_LEGACY
+ bool "X.509 certificate parser with legacy certificate library"
+ depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
+ select ASN1_DECODER_LEGACY
+ help
+ This option chooses legacy certificate library for X509 certificate
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
@@ -283,6 +292,7 @@ config MBEDTLS_LIB_X509
bool "MbedTLS certificate libraries"
select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -297,6 +307,14 @@ config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
This option chooses MbedTLS certificate library for asymmetric public
key crypto algorithm.
+config X509_CERTIFICATE_PARSER_MBEDTLS
+ bool "X.509 certificate parser with MbedTLS certificate library"
+ depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
+ select ASN1_DECODER_MBEDTLS
+ help
+ This option chooses MbedTLS certificate library for X509 certificate
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index d3f566d0c91..29653323279 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -14,6 +14,8 @@ obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o
# x509 libraries
obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
public_key.o
+obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
+ x509_cert_parser.o
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
@@ -44,7 +46,7 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/pk.o \
$(MBEDTLS_LIB_DIR)/pk_wrap.o \
$(MBEDTLS_LIB_DIR)/pkparse.o
-mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += \
+mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/x509_crl.o \
$(MBEDTLS_LIB_DIR)/x509_crt.o
mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += \
diff --git a/lib/mbedtls/x509_cert_parser.c b/lib/mbedtls/x509_cert_parser.c
new file mode 100644
index 00000000000..cb42018695c
--- /dev/null
+++ b/lib/mbedtls/x509_cert_parser.c
@@ -0,0 +1,447 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * X509 cert parser using MbedTLS X509 library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#include <linux/err.h>
+#include <crypto/public_key.h>
+#include <crypto/x509_parser.h>
+
+static void x509_free_mbedtls_ctx(struct x509_cert_mbedtls_ctx *ctx)
+{
+ if (!ctx)
+ return;
+
+ kfree(ctx->tbs);
+ kfree(ctx->raw_serial);
+ kfree(ctx->raw_issuer);
+ kfree(ctx->raw_subject);
+ kfree(ctx->raw_skid);
+ kfree(ctx);
+}
+
+static int x509_set_cert_flags(struct x509_certificate *cert)
+{
+ struct public_key_signature *sig = cert->sig;
+
+ if (!sig || !cert->pub) {
+ pr_err("Signature or public key is not initialized\n");
+ return -ENOPKG;
+ }
+
+ if (!cert->pub->pkey_algo)
+ cert->unsupported_key = true;
+
+ if (!sig->pkey_algo)
+ cert->unsupported_sig = true;
+
+ if (!sig->hash_algo)
+ cert->unsupported_sig = true;
+
+ /* TODO: is_hash_blacklisted()? */
+
+ /* Detect self-signed certificates and set self_signed flag */
+ return x509_check_for_self_signed(cert);
+}
+
+time64_t x509_get_timestamp(const mbedtls_x509_time *x509_time)
+{
+ unsigned int year, mon, day, hour, min, sec;
+
+ /* Adjust for year since 1900 */
+ year = x509_time->year - 1900;
+ /* Adjust for 0-based month */
+ mon = x509_time->mon - 1;
+ day = x509_time->day;
+ hour = x509_time->hour;
+ min = x509_time->min;
+ sec = x509_time->sec;
+
+ return (time64_t)mktime64(year, mon, day, hour, min, sec);
+}
+
+static char *x509_populate_dn_name_string(const mbedtls_x509_name *name)
+{
+ size_t len = 256;
+ size_t wb;
+ char *name_str;
+
+ do {
+ name_str = kzalloc(len, GFP_KERNEL);
+ if (!name_str)
+ return NULL;
+
+ wb = mbedtls_x509_dn_gets(name_str, len, name);
+ if (wb < 0) {
+ pr_err("Get DN string failed, ret:-0x%04x\n",
+ (unsigned int)-wb);
+ kfree(name_str);
+ len = len * 2; /* Try with a bigger buffer */
+ }
+ } while (wb < 0);
+
+ name_str[wb] = '\0'; /* add the terminator */
+
+ return name_str;
+}
+
+static int x509_populate_signature_params(const mbedtls_x509_crt *cert,
+ struct public_key_signature **sig)
+{
+ struct public_key_signature *s;
+ struct image_region region;
+ size_t akid_len;
+ unsigned char *akid_data;
+ int ret;
+
+ /* Check if signed data exist */
+ if (!cert->tbs.p || !cert->tbs.len)
+ return -EINVAL;
+
+ region.data = cert->tbs.p;
+ region.size = cert->tbs.len;
+
+ s = kzalloc(sizeof(*s), GFP_KERNEL);
+ if (!s)
+ return -ENOMEM;
+
+ /*
+ * Get the public key algorithm.
+ * Note:
+ * ECRDSA (Elliptic Curve Russian Digital Signature Algorithm) is not
+ * supported by MbedTLS.
+ */
+ switch (cert->sig_pk) {
+ case MBEDTLS_PK_RSA:
+ s->pkey_algo = "rsa";
+ break;
+ default:
+ ret = -EINVAL;
+ goto error_sig;
+ }
+
+ /* Get the hash algorithm */
+ switch (cert->sig_md) {
+ case MBEDTLS_MD_SHA1:
+ s->hash_algo = "sha1";
+ s->digest_size = SHA1_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA256:
+ s->hash_algo = "sha256";
+ s->digest_size = SHA256_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA384:
+ s->hash_algo = "sha384";
+ s->digest_size = SHA384_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA512:
+ s->hash_algo = "sha512";
+ s->digest_size = SHA512_SUM_LEN;
+ break;
+ /* Unsupported algo */
+ case MBEDTLS_MD_MD5:
+ case MBEDTLS_MD_SHA224:
+ default:
+ ret = -EINVAL;
+ goto error_sig;
+ }
+
+ /*
+ * Optional attributes:
+ * auth_ids holds AuthorityKeyIdentifier (information of issuer),
+ * aka akid, which is used to match with a cert's id or skid to
+ * indicate that is the issuer when we lookup a cert chain.
+ *
+ * auth_ids[0]:
+ * [PKCS#7 or CMS ver 1] - generated from "Issuer + Serial number"
+ * [CMS ver 3] - generated from skid (subjectKeyId)
+ * auth_ids[1]: generated from skid (subjectKeyId)
+ *
+ * Assume that we are using PKCS#7 (msg->version=1),
+ * not CMS ver 3 (msg->version=3).
+ */
+ akid_len = cert->authority_key_id.authorityCertSerialNumber.len;
+ akid_data = cert->authority_key_id.authorityCertSerialNumber.p;
+
+ /* Check if serial number exists */
+ if (akid_len && akid_data) {
+ s->auth_ids[0] = asymmetric_key_generate_id(akid_data,
+ akid_len,
+ cert->issuer_raw.p,
+ cert->issuer_raw.len);
+ if (!s->auth_ids[0]) {
+ ret = -ENOMEM;
+ goto error_sig;
+ }
+ }
+
+ akid_len = cert->authority_key_id.keyIdentifier.len;
+ akid_data = cert->authority_key_id.keyIdentifier.p;
+
+ /* Check if subjectKeyId exists */
+ if (akid_len && akid_data) {
+ s->auth_ids[1] = asymmetric_key_generate_id(akid_data,
+ akid_len,
+ "", 0);
+ if (!s->auth_ids[1]) {
+ ret = -ENOMEM;
+ goto error_sig;
+ }
+ }
+
+ /*
+ * Encoding can be pkcs1 or raw, but only pkcs1 is supported.
+ * Set the encoding explicitly to pkcs1.
+ */
+ s->encoding = "pkcs1";
+
+ /* Copy the signature data */
+ s->s = kmemdup(cert->sig.p, cert->sig.len, GFP_KERNEL);
+ if (!s->s) {
+ ret = -ENOMEM;
+ goto error_sig;
+ }
+ s->s_size = cert->sig.len;
+
+ /* Calculate the digest of signed data (tbs) */
+ s->digest = kzalloc(s->digest_size, GFP_KERNEL);
+ if (!s->digest) {
+ ret = -ENOMEM;
+ goto error_sig;
+ }
+
+ ret = hash_calculate(s->hash_algo, ®ion, 1, s->digest);
+ if (!ret)
+ *sig = s;
+
+ return ret;
+
+error_sig:
+ public_key_signature_free(s);
+ return ret;
+}
+
+static int x509_save_mbedtls_ctx(const mbedtls_x509_crt *cert,
+ struct x509_cert_mbedtls_ctx **pctx)
+{
+ struct x509_cert_mbedtls_ctx *ctx;
+
+ ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
+ if (!ctx)
+ return -ENOMEM;
+
+ /* Signed data (tbs - The part that is To Be Signed)*/
+ ctx->tbs = kmemdup(cert->tbs.p, cert->tbs.len,
+ GFP_KERNEL);
+ if (!ctx->tbs)
+ goto error_ctx;
+
+ /* Raw serial number */
+ ctx->raw_serial = kmemdup(cert->serial.p,
+ cert->serial.len, GFP_KERNEL);
+ if (!ctx->raw_serial)
+ goto error_ctx;
+
+ /* Raw issuer */
+ ctx->raw_issuer = kmemdup(cert->issuer_raw.p,
+ cert->issuer_raw.len, GFP_KERNEL);
+ if (!ctx->raw_issuer)
+ goto error_ctx;
+
+ /* Raw subject */
+ ctx->raw_subject = kmemdup(cert->subject_raw.p,
+ cert->subject_raw.len, GFP_KERNEL);
+ if (!ctx->raw_subject)
+ goto error_ctx;
+
+ /* Raw subjectKeyId */
+ ctx->raw_skid = kmemdup(cert->subject_key_id.p,
+ cert->subject_key_id.len, GFP_KERNEL);
+ if (!ctx->raw_skid)
+ goto error_ctx;
+
+ *pctx = ctx;
+
+ return 0;
+
+error_ctx:
+ x509_free_mbedtls_ctx(ctx);
+ return -ENOMEM;
+}
+
+/*
+ * Free an X.509 certificate
+ */
+void x509_free_certificate(struct x509_certificate *cert)
+{
+ if (cert) {
+ public_key_free(cert->pub);
+ public_key_signature_free(cert->sig);
+ kfree(cert->issuer);
+ kfree(cert->subject);
+ kfree(cert->id);
+ kfree(cert->skid);
+ x509_free_mbedtls_ctx(cert->mbedtls_ctx);
+ kfree(cert);
+ }
+}
+
+int x509_populate_pubkey(mbedtls_x509_crt *cert, struct public_key **pub_key)
+{
+ struct public_key *pk;
+
+ pk = kzalloc(sizeof(*pk), GFP_KERNEL);
+ if (!pk)
+ return -ENOMEM;
+
+ pk->key = kzalloc(cert->pk_raw.len, GFP_KERNEL);
+ if (!pk->key) {
+ kfree(pk);
+ return -ENOMEM;
+ }
+ memcpy(pk->key, cert->pk_raw.p, cert->pk_raw.len);
+ pk->keylen = cert->pk_raw.len;
+
+ /*
+ * For ECC keys, params field might include information about the curve used,
+ * the generator point, or other algorithm-specific parameters.
+ * For RSA keys, it's common for the params field to be NULL.
+ * FIXME: Assume that we just support RSA keys with id_type X509.
+ */
+ pk->params = NULL;
+ pk->paramlen = 0;
+
+ pk->key_is_private = false;
+ pk->id_type = "X509";
+ pk->pkey_algo = "rsa";
+ pk->algo = OID_rsaEncryption;
+
+ *pub_key = pk;
+
+ return 0;
+}
+
+int x509_populate_cert(mbedtls_x509_crt *mbedtls_cert,
+ struct x509_certificate **pcert)
+{
+ struct x509_certificate *cert;
+ struct asymmetric_key_id *kid;
+ struct asymmetric_key_id *skid;
+ int ret;
+
+ cert = kzalloc(sizeof(*cert), GFP_KERNEL);
+ if (!cert)
+ return -ENOMEM;
+
+ /* Public key details */
+ ret = x509_populate_pubkey(mbedtls_cert, &cert->pub);
+ if (ret)
+ goto error_cert_pop;
+
+ /* Signature parameters */
+ ret = x509_populate_signature_params(mbedtls_cert, &cert->sig);
+ if (ret)
+ goto error_cert_pop;
+
+ ret = -ENOMEM;
+
+ /* Name of certificate issuer */
+ cert->issuer = x509_populate_dn_name_string(&mbedtls_cert->issuer);
+ if (!cert->issuer)
+ goto error_cert_pop;
+
+ /* Name of certificate subject */
+ cert->subject = x509_populate_dn_name_string(&mbedtls_cert->subject);
+ if (!cert->subject)
+ goto error_cert_pop;
+
+ /* Certificate validity */
+ cert->valid_from = x509_get_timestamp(&mbedtls_cert->valid_from);
+ cert->valid_to = x509_get_timestamp(&mbedtls_cert->valid_to);
+
+ /* Save mbedtls context we need */
+ ret = x509_save_mbedtls_ctx(mbedtls_cert, &cert->mbedtls_ctx);
+ if (ret)
+ goto error_cert_pop;
+
+ /* Signed data (tbs - The part that is To Be Signed)*/
+ cert->tbs = cert->mbedtls_ctx->tbs;
+ cert->tbs_size = mbedtls_cert->tbs.len;
+
+ /* Raw serial number */
+ cert->raw_serial = cert->mbedtls_ctx->raw_serial;
+ cert->raw_serial_size = mbedtls_cert->serial.len;
+
+ /* Raw issuer */
+ cert->raw_issuer = cert->mbedtls_ctx->raw_issuer;
+ cert->raw_issuer_size = mbedtls_cert->issuer_raw.len;
+
+ /* Raw subject */
+ cert->raw_subject = cert->mbedtls_ctx->raw_subject;
+ cert->raw_subject_size = mbedtls_cert->subject_raw.len;
+
+ /* Raw subjectKeyId */
+ cert->raw_skid = cert->mbedtls_ctx->raw_skid;
+ cert->raw_skid_size = mbedtls_cert->subject_key_id.len;
+
+ /* Generate cert issuer + serial number key ID */
+ kid = asymmetric_key_generate_id(cert->raw_serial,
+ cert->raw_serial_size,
+ cert->raw_issuer,
+ cert->raw_issuer_size);
+ if (IS_ERR(kid)) {
+ ret = PTR_ERR(kid);
+ goto error_cert_pop;
+ }
+ cert->id = kid;
+
+ /* Generate subject + subjectKeyId */
+ skid = asymmetric_key_generate_id(cert->raw_skid, cert->raw_skid_size, "", 0);
+ if (IS_ERR(skid)) {
+ ret = PTR_ERR(skid);
+ goto error_cert_pop;
+ }
+ cert->skid = skid;
+
+ /*
+ * Set the certificate flags:
+ * self_signed, unsupported_key, unsupported_sig, blacklisted
+ */
+ ret = x509_set_cert_flags(cert);
+ if (!ret) {
+ *pcert = cert;
+ return 0;
+ }
+
+error_cert_pop:
+ x509_free_certificate(cert);
+ return ret;
+}
+
+struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
+{
+ mbedtls_x509_crt mbedtls_cert;
+ struct x509_certificate *cert = NULL;
+ long ret;
+
+ /* Parse DER encoded certificate */
+ mbedtls_x509_crt_init(&mbedtls_cert);
+ ret = mbedtls_x509_crt_parse_der(&mbedtls_cert, data, datalen);
+ if (ret)
+ goto clean_up_ctx;
+
+ /* Populate x509_certificate from mbedtls_x509_crt */
+ ret = x509_populate_cert(&mbedtls_cert, &cert);
+ if (ret)
+ goto clean_up_ctx;
+
+clean_up_ctx:
+ mbedtls_x509_crt_free(&mbedtls_cert);
+ if (!ret)
+ return cert;
+
+ return ERR_PTR(ret);
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 17/27] mbedtls: add X509 cert parser porting layer
2024-10-03 21:50 ` [PATCH v8 17/27] mbedtls: add X509 cert parser porting layer Raymond Mao
@ 2024-10-09 9:16 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:16 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sumit Garg, Leo Yu-Chi Liang, Sean Anderson, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Neil Armstrong,
Oleksandr Suvorov, Greg Malysa, Kongyang Liu, Jonas Karlman,
Sughosh Ganu, Caleb Connolly
On Fri, 4 Oct 2024 at 01:00, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Add porting layer for X509 cert parser on top of MbedTLS X509
> library.
> Introduce _LEGACY and _MBEDTLS kconfigs for X509 cert parser legacy
> and MbedTLS implementations respectively.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> Changes in v3
> - None.
> Changes in v4
> - Introduce _LEGACY and _MBEDTLS kconfigs for X509 cert parser legacy
> and MbedTLS implementations respectively.
> - Move common functions to helper.
> Changes in v5
> - Kconfig rename.
> - Adjust a few inline comments.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> lib/mbedtls/Kconfig | 18 ++
> lib/mbedtls/Makefile | 4 +-
> lib/mbedtls/x509_cert_parser.c | 447 +++++++++++++++++++++++++++++++++
> 3 files changed, 468 insertions(+), 1 deletion(-)
> create mode 100644 lib/mbedtls/x509_cert_parser.c
>
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index e81d14505ff..abdafd04e89 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -118,6 +118,7 @@ config LEGACY_CRYPTO_CERT
> bool "legacy certificate libraries"
> select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
> ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> + select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
> select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
> SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> help
> @@ -132,6 +133,14 @@ config ASYMMETRIC_PUBLIC_KEY_LEGACY
> This option chooses legacy certificate library for asymmetric public
> key crypto algorithm.
>
> +config X509_CERTIFICATE_PARSER_LEGACY
> + bool "X.509 certificate parser with legacy certificate library"
> + depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
> + select ASN1_DECODER_LEGACY
> + help
> + This option chooses legacy certificate library for X509 certificate
> + parser.
> +
> if SPL
>
> config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
> @@ -283,6 +292,7 @@ config MBEDTLS_LIB_X509
> bool "MbedTLS certificate libraries"
> select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
> ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> + select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
> select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
> SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> help
> @@ -297,6 +307,14 @@ config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
> This option chooses MbedTLS certificate library for asymmetric public
> key crypto algorithm.
>
> +config X509_CERTIFICATE_PARSER_MBEDTLS
> + bool "X.509 certificate parser with MbedTLS certificate library"
> + depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
> + select ASN1_DECODER_MBEDTLS
> + help
> + This option chooses MbedTLS certificate library for X509 certificate
> + parser.
> +
> if SPL
>
> config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
> diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
> index d3f566d0c91..29653323279 100644
> --- a/lib/mbedtls/Makefile
> +++ b/lib/mbedtls/Makefile
> @@ -14,6 +14,8 @@ obj-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += sha512.o
> # x509 libraries
> obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
> public_key.o
> +obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
> + x509_cert_parser.o
>
> # MbedTLS crypto library
> obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
> @@ -44,7 +46,7 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/pk.o \
> $(MBEDTLS_LIB_DIR)/pk_wrap.o \
> $(MBEDTLS_LIB_DIR)/pkparse.o
> -mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += \
> +mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/x509_crl.o \
> $(MBEDTLS_LIB_DIR)/x509_crt.o
> mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += \
> diff --git a/lib/mbedtls/x509_cert_parser.c b/lib/mbedtls/x509_cert_parser.c
> new file mode 100644
> index 00000000000..cb42018695c
> --- /dev/null
> +++ b/lib/mbedtls/x509_cert_parser.c
> @@ -0,0 +1,447 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * X509 cert parser using MbedTLS X509 library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +
> +#include <linux/err.h>
> +#include <crypto/public_key.h>
> +#include <crypto/x509_parser.h>
> +
> +static void x509_free_mbedtls_ctx(struct x509_cert_mbedtls_ctx *ctx)
> +{
> + if (!ctx)
> + return;
> +
> + kfree(ctx->tbs);
> + kfree(ctx->raw_serial);
> + kfree(ctx->raw_issuer);
> + kfree(ctx->raw_subject);
> + kfree(ctx->raw_skid);
> + kfree(ctx);
> +}
> +
> +static int x509_set_cert_flags(struct x509_certificate *cert)
> +{
> + struct public_key_signature *sig = cert->sig;
> +
> + if (!sig || !cert->pub) {
> + pr_err("Signature or public key is not initialized\n");
> + return -ENOPKG;
> + }
> +
> + if (!cert->pub->pkey_algo)
> + cert->unsupported_key = true;
> +
> + if (!sig->pkey_algo)
> + cert->unsupported_sig = true;
> +
> + if (!sig->hash_algo)
> + cert->unsupported_sig = true;
> +
> + /* TODO: is_hash_blacklisted()? */
> +
> + /* Detect self-signed certificates and set self_signed flag */
> + return x509_check_for_self_signed(cert);
> +}
> +
> +time64_t x509_get_timestamp(const mbedtls_x509_time *x509_time)
> +{
> + unsigned int year, mon, day, hour, min, sec;
> +
> + /* Adjust for year since 1900 */
> + year = x509_time->year - 1900;
> + /* Adjust for 0-based month */
> + mon = x509_time->mon - 1;
> + day = x509_time->day;
> + hour = x509_time->hour;
> + min = x509_time->min;
> + sec = x509_time->sec;
> +
> + return (time64_t)mktime64(year, mon, day, hour, min, sec);
> +}
> +
> +static char *x509_populate_dn_name_string(const mbedtls_x509_name *name)
> +{
> + size_t len = 256;
> + size_t wb;
> + char *name_str;
> +
> + do {
> + name_str = kzalloc(len, GFP_KERNEL);
> + if (!name_str)
> + return NULL;
> +
> + wb = mbedtls_x509_dn_gets(name_str, len, name);
> + if (wb < 0) {
> + pr_err("Get DN string failed, ret:-0x%04x\n",
> + (unsigned int)-wb);
> + kfree(name_str);
> + len = len * 2; /* Try with a bigger buffer */
> + }
> + } while (wb < 0);
> +
> + name_str[wb] = '\0'; /* add the terminator */
> +
> + return name_str;
> +}
> +
> +static int x509_populate_signature_params(const mbedtls_x509_crt *cert,
> + struct public_key_signature **sig)
> +{
> + struct public_key_signature *s;
> + struct image_region region;
> + size_t akid_len;
> + unsigned char *akid_data;
> + int ret;
> +
> + /* Check if signed data exist */
> + if (!cert->tbs.p || !cert->tbs.len)
> + return -EINVAL;
> +
> + region.data = cert->tbs.p;
> + region.size = cert->tbs.len;
> +
> + s = kzalloc(sizeof(*s), GFP_KERNEL);
> + if (!s)
> + return -ENOMEM;
> +
> + /*
> + * Get the public key algorithm.
> + * Note:
> + * ECRDSA (Elliptic Curve Russian Digital Signature Algorithm) is not
> + * supported by MbedTLS.
> + */
> + switch (cert->sig_pk) {
> + case MBEDTLS_PK_RSA:
> + s->pkey_algo = "rsa";
> + break;
> + default:
> + ret = -EINVAL;
> + goto error_sig;
> + }
> +
> + /* Get the hash algorithm */
> + switch (cert->sig_md) {
> + case MBEDTLS_MD_SHA1:
> + s->hash_algo = "sha1";
> + s->digest_size = SHA1_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA256:
> + s->hash_algo = "sha256";
> + s->digest_size = SHA256_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA384:
> + s->hash_algo = "sha384";
> + s->digest_size = SHA384_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA512:
> + s->hash_algo = "sha512";
> + s->digest_size = SHA512_SUM_LEN;
> + break;
> + /* Unsupported algo */
> + case MBEDTLS_MD_MD5:
> + case MBEDTLS_MD_SHA224:
> + default:
> + ret = -EINVAL;
> + goto error_sig;
> + }
> +
> + /*
> + * Optional attributes:
> + * auth_ids holds AuthorityKeyIdentifier (information of issuer),
> + * aka akid, which is used to match with a cert's id or skid to
> + * indicate that is the issuer when we lookup a cert chain.
> + *
> + * auth_ids[0]:
> + * [PKCS#7 or CMS ver 1] - generated from "Issuer + Serial number"
> + * [CMS ver 3] - generated from skid (subjectKeyId)
> + * auth_ids[1]: generated from skid (subjectKeyId)
> + *
> + * Assume that we are using PKCS#7 (msg->version=1),
> + * not CMS ver 3 (msg->version=3).
> + */
> + akid_len = cert->authority_key_id.authorityCertSerialNumber.len;
> + akid_data = cert->authority_key_id.authorityCertSerialNumber.p;
> +
> + /* Check if serial number exists */
> + if (akid_len && akid_data) {
> + s->auth_ids[0] = asymmetric_key_generate_id(akid_data,
> + akid_len,
> + cert->issuer_raw.p,
> + cert->issuer_raw.len);
> + if (!s->auth_ids[0]) {
> + ret = -ENOMEM;
> + goto error_sig;
> + }
> + }
> +
> + akid_len = cert->authority_key_id.keyIdentifier.len;
> + akid_data = cert->authority_key_id.keyIdentifier.p;
> +
> + /* Check if subjectKeyId exists */
> + if (akid_len && akid_data) {
> + s->auth_ids[1] = asymmetric_key_generate_id(akid_data,
> + akid_len,
> + "", 0);
> + if (!s->auth_ids[1]) {
> + ret = -ENOMEM;
> + goto error_sig;
> + }
> + }
> +
> + /*
> + * Encoding can be pkcs1 or raw, but only pkcs1 is supported.
> + * Set the encoding explicitly to pkcs1.
> + */
> + s->encoding = "pkcs1";
> +
> + /* Copy the signature data */
> + s->s = kmemdup(cert->sig.p, cert->sig.len, GFP_KERNEL);
> + if (!s->s) {
> + ret = -ENOMEM;
> + goto error_sig;
> + }
> + s->s_size = cert->sig.len;
> +
> + /* Calculate the digest of signed data (tbs) */
> + s->digest = kzalloc(s->digest_size, GFP_KERNEL);
> + if (!s->digest) {
> + ret = -ENOMEM;
> + goto error_sig;
> + }
> +
> + ret = hash_calculate(s->hash_algo, ®ion, 1, s->digest);
> + if (!ret)
> + *sig = s;
> +
> + return ret;
> +
> +error_sig:
> + public_key_signature_free(s);
> + return ret;
> +}
> +
> +static int x509_save_mbedtls_ctx(const mbedtls_x509_crt *cert,
> + struct x509_cert_mbedtls_ctx **pctx)
> +{
> + struct x509_cert_mbedtls_ctx *ctx;
> +
> + ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
> + if (!ctx)
> + return -ENOMEM;
> +
> + /* Signed data (tbs - The part that is To Be Signed)*/
> + ctx->tbs = kmemdup(cert->tbs.p, cert->tbs.len,
> + GFP_KERNEL);
> + if (!ctx->tbs)
> + goto error_ctx;
> +
> + /* Raw serial number */
> + ctx->raw_serial = kmemdup(cert->serial.p,
> + cert->serial.len, GFP_KERNEL);
> + if (!ctx->raw_serial)
> + goto error_ctx;
> +
> + /* Raw issuer */
> + ctx->raw_issuer = kmemdup(cert->issuer_raw.p,
> + cert->issuer_raw.len, GFP_KERNEL);
> + if (!ctx->raw_issuer)
> + goto error_ctx;
> +
> + /* Raw subject */
> + ctx->raw_subject = kmemdup(cert->subject_raw.p,
> + cert->subject_raw.len, GFP_KERNEL);
> + if (!ctx->raw_subject)
> + goto error_ctx;
> +
> + /* Raw subjectKeyId */
> + ctx->raw_skid = kmemdup(cert->subject_key_id.p,
> + cert->subject_key_id.len, GFP_KERNEL);
> + if (!ctx->raw_skid)
> + goto error_ctx;
> +
> + *pctx = ctx;
> +
> + return 0;
> +
> +error_ctx:
> + x509_free_mbedtls_ctx(ctx);
> + return -ENOMEM;
> +}
> +
> +/*
> + * Free an X.509 certificate
> + */
> +void x509_free_certificate(struct x509_certificate *cert)
> +{
> + if (cert) {
> + public_key_free(cert->pub);
> + public_key_signature_free(cert->sig);
> + kfree(cert->issuer);
> + kfree(cert->subject);
> + kfree(cert->id);
> + kfree(cert->skid);
> + x509_free_mbedtls_ctx(cert->mbedtls_ctx);
> + kfree(cert);
> + }
> +}
> +
> +int x509_populate_pubkey(mbedtls_x509_crt *cert, struct public_key **pub_key)
> +{
> + struct public_key *pk;
> +
> + pk = kzalloc(sizeof(*pk), GFP_KERNEL);
> + if (!pk)
> + return -ENOMEM;
> +
> + pk->key = kzalloc(cert->pk_raw.len, GFP_KERNEL);
> + if (!pk->key) {
> + kfree(pk);
> + return -ENOMEM;
> + }
> + memcpy(pk->key, cert->pk_raw.p, cert->pk_raw.len);
> + pk->keylen = cert->pk_raw.len;
> +
> + /*
> + * For ECC keys, params field might include information about the curve used,
> + * the generator point, or other algorithm-specific parameters.
> + * For RSA keys, it's common for the params field to be NULL.
> + * FIXME: Assume that we just support RSA keys with id_type X509.
> + */
> + pk->params = NULL;
> + pk->paramlen = 0;
> +
> + pk->key_is_private = false;
> + pk->id_type = "X509";
> + pk->pkey_algo = "rsa";
> + pk->algo = OID_rsaEncryption;
> +
> + *pub_key = pk;
> +
> + return 0;
> +}
> +
> +int x509_populate_cert(mbedtls_x509_crt *mbedtls_cert,
> + struct x509_certificate **pcert)
> +{
> + struct x509_certificate *cert;
> + struct asymmetric_key_id *kid;
> + struct asymmetric_key_id *skid;
> + int ret;
> +
> + cert = kzalloc(sizeof(*cert), GFP_KERNEL);
> + if (!cert)
> + return -ENOMEM;
> +
> + /* Public key details */
> + ret = x509_populate_pubkey(mbedtls_cert, &cert->pub);
> + if (ret)
> + goto error_cert_pop;
> +
> + /* Signature parameters */
> + ret = x509_populate_signature_params(mbedtls_cert, &cert->sig);
> + if (ret)
> + goto error_cert_pop;
> +
> + ret = -ENOMEM;
> +
> + /* Name of certificate issuer */
> + cert->issuer = x509_populate_dn_name_string(&mbedtls_cert->issuer);
> + if (!cert->issuer)
> + goto error_cert_pop;
> +
> + /* Name of certificate subject */
> + cert->subject = x509_populate_dn_name_string(&mbedtls_cert->subject);
> + if (!cert->subject)
> + goto error_cert_pop;
> +
> + /* Certificate validity */
> + cert->valid_from = x509_get_timestamp(&mbedtls_cert->valid_from);
> + cert->valid_to = x509_get_timestamp(&mbedtls_cert->valid_to);
> +
> + /* Save mbedtls context we need */
> + ret = x509_save_mbedtls_ctx(mbedtls_cert, &cert->mbedtls_ctx);
> + if (ret)
> + goto error_cert_pop;
> +
> + /* Signed data (tbs - The part that is To Be Signed)*/
> + cert->tbs = cert->mbedtls_ctx->tbs;
> + cert->tbs_size = mbedtls_cert->tbs.len;
> +
> + /* Raw serial number */
> + cert->raw_serial = cert->mbedtls_ctx->raw_serial;
> + cert->raw_serial_size = mbedtls_cert->serial.len;
> +
> + /* Raw issuer */
> + cert->raw_issuer = cert->mbedtls_ctx->raw_issuer;
> + cert->raw_issuer_size = mbedtls_cert->issuer_raw.len;
> +
> + /* Raw subject */
> + cert->raw_subject = cert->mbedtls_ctx->raw_subject;
> + cert->raw_subject_size = mbedtls_cert->subject_raw.len;
> +
> + /* Raw subjectKeyId */
> + cert->raw_skid = cert->mbedtls_ctx->raw_skid;
> + cert->raw_skid_size = mbedtls_cert->subject_key_id.len;
> +
> + /* Generate cert issuer + serial number key ID */
> + kid = asymmetric_key_generate_id(cert->raw_serial,
> + cert->raw_serial_size,
> + cert->raw_issuer,
> + cert->raw_issuer_size);
> + if (IS_ERR(kid)) {
> + ret = PTR_ERR(kid);
> + goto error_cert_pop;
> + }
> + cert->id = kid;
> +
> + /* Generate subject + subjectKeyId */
> + skid = asymmetric_key_generate_id(cert->raw_skid, cert->raw_skid_size, "", 0);
> + if (IS_ERR(skid)) {
> + ret = PTR_ERR(skid);
> + goto error_cert_pop;
> + }
> + cert->skid = skid;
> +
> + /*
> + * Set the certificate flags:
> + * self_signed, unsupported_key, unsupported_sig, blacklisted
> + */
> + ret = x509_set_cert_flags(cert);
> + if (!ret) {
> + *pcert = cert;
> + return 0;
> + }
> +
> +error_cert_pop:
> + x509_free_certificate(cert);
> + return ret;
> +}
> +
> +struct x509_certificate *x509_cert_parse(const void *data, size_t datalen)
> +{
> + mbedtls_x509_crt mbedtls_cert;
> + struct x509_certificate *cert = NULL;
> + long ret;
> +
> + /* Parse DER encoded certificate */
> + mbedtls_x509_crt_init(&mbedtls_cert);
> + ret = mbedtls_x509_crt_parse_der(&mbedtls_cert, data, datalen);
> + if (ret)
> + goto clean_up_ctx;
> +
> + /* Populate x509_certificate from mbedtls_x509_crt */
> + ret = x509_populate_cert(&mbedtls_cert, &cert);
> + if (ret)
> + goto clean_up_ctx;
> +
> +clean_up_ctx:
> + mbedtls_x509_crt_free(&mbedtls_cert);
> + if (!ret)
> + return cert;
> +
> + return ERR_PTR(ret);
> +}
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 18/27] lib/crypto: Adapt x509_cert_parser to MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (16 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 17/27] mbedtls: add X509 cert parser porting layer Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 19/27] mbedtls: add PKCS7 parser porting layer Raymond Mao
` (10 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang,
Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang, Sumit Garg,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Nathan Barrett-Morrison, Ian Roberts, Linus Walleij, Kongyang Liu,
Oleksandr Suvorov, Greg Malysa, Jonas Karlman, Sughosh Ganu,
Vincent Stehlé, Eddie James
Previous patch has introduced MbedTLS porting layer for x509 cert parser,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- Update commit message.
Changes in v4
- Control building legacy library via '_LEGACY' Kconfig.
- Add function comments for the new APIs.
Changes in v5
- Correct kconfig dependence.
- Correct header file include directories.
- Adjust a few inline comments.
Changes in v6
- None.
Changes in v7
- Drop the changes in kconfig.
Changes in v8
- None
include/crypto/x509_parser.h | 55 ++++++++++++++++++++++++++++++++++++
lib/crypto/Makefile | 4 +--
lib/crypto/x509_public_key.c | 2 ++
3 files changed, 59 insertions(+), 2 deletions(-)
diff --git a/include/crypto/x509_parser.h b/include/crypto/x509_parser.h
index 4cbdc1d6612..0e22e33f66b 100644
--- a/include/crypto/x509_parser.h
+++ b/include/crypto/x509_parser.h
@@ -11,8 +11,35 @@
#include <linux/time.h>
#include <crypto/public_key.h>
#include <keys/asymmetric-type.h>
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+#include <image.h>
+#include <mbedtls/error.h>
+#include <mbedtls/asn1.h>
+#endif
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+struct x509_cert_mbedtls_ctx {
+ void *tbs; /* Signed data */
+ void *raw_serial; /* Raw serial number in ASN.1 */
+ void *raw_issuer; /* Raw issuer name in ASN.1 */
+ void *raw_subject; /* Raw subject name in ASN.1 */
+ void *raw_skid; /* Raw subjectKeyId in ASN.1 */
+};
+#endif
+
+/*
+ * MbedTLS integration Notes:
+ *
+ * Fields we don't need to populate from MbedTLS context:
+ * 'raw_sig' and 'raw_sig_size' are buffer for x509_parse_context,
+ * not needed for MbedTLS.
+ * 'signer' and 'seen' are used internally by pkcs7_verify.
+ * 'verified' is not in use.
+ */
struct x509_certificate {
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+ struct x509_cert_mbedtls_ctx *mbedtls_ctx;
+#endif
struct x509_certificate *next;
struct x509_certificate *signer; /* Certificate that signed this one */
struct public_key *pub; /* Public key details */
@@ -48,6 +75,32 @@ struct x509_certificate {
* x509_cert_parser.c
*/
extern void x509_free_certificate(struct x509_certificate *cert);
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+/**
+ * x509_populate_pubkey() - Populate public key from MbedTLS context
+ *
+ * @cert: Pointer to MbedTLS X509 cert
+ * @pub_key: Pointer to the populated public key handle
+ * Return: 0 on succcess, error code on failure
+ */
+int x509_populate_pubkey(mbedtls_x509_crt *cert, struct public_key **pub_key);
+/**
+ * x509_populate_cert() - Populate X509 cert from MbedTLS context
+ *
+ * @mbedtls_cert: Pointer to MbedTLS X509 cert
+ * @pcert: Pointer to the populated X509 cert handle
+ * Return: 0 on succcess, error code on failure
+ */
+int x509_populate_cert(mbedtls_x509_crt *mbedtls_cert,
+ struct x509_certificate **pcert);
+/**
+ * x509_get_timestamp() - Translate timestamp from MbedTLS context
+ *
+ * @x509_time: Pointer to MbedTLS time
+ * Return: Time in time64_t format
+ */
+time64_t x509_get_timestamp(const mbedtls_x509_time *x509_time);
+#endif
extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen);
extern int x509_decode_time(time64_t *_t, size_t hdrlen,
unsigned char tag,
@@ -56,6 +109,8 @@ extern int x509_decode_time(time64_t *_t, size_t hdrlen,
/*
* x509_public_key.c
*/
+#if !CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
extern int x509_get_sig_params(struct x509_certificate *cert);
+#endif
extern int x509_check_for_self_signed(struct x509_certificate *cert);
#endif /* _X509_PARSER_H */
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 7e877214aa8..4302f197297 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -32,11 +32,11 @@ endif
# X.509 Certificate handling
#
obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER) += x509_key_parser.o
-x509_key_parser-y := \
+x509_key_parser-y := x509_helper.o
+x509_key_parser-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_LEGACY) += \
x509.asn1.o \
x509_akid.asn1.o \
x509_cert_parser.o \
- x509_helper.o \
x509_public_key.o
$(obj)/x509_cert_parser.o: \
diff --git a/lib/crypto/x509_public_key.c b/lib/crypto/x509_public_key.c
index 4ba13c1adc3..310edbd21be 100644
--- a/lib/crypto/x509_public_key.c
+++ b/lib/crypto/x509_public_key.c
@@ -30,6 +30,8 @@
#include "x509_parser.h"
#endif
+#if !CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+
/*
* Set up the signature parameters in an X.509 certificate. This involves
* digesting the signed data and extracting the signature.
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 19/27] mbedtls: add PKCS7 parser porting layer
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (17 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 18/27] lib/crypto: Adapt x509_cert_parser to MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-14 18:06 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 20/27] lib/crypto: Adapt PKCS7 parser to MbedTLS Raymond Mao
` (9 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang,
Heinrich Schuchardt, Sumit Garg, Sean Anderson, Rasmus Villemoes,
Andrew Davis, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Paul Barker, Marek Vasut, Oleksandr Suvorov,
Patrice Chotard, Kongyang Liu, Greg Malysa, Jonas Karlman,
Sughosh Ganu, Anand Moon, Eddie James
Add porting layer for PKCS7 parser on top of MbedTLS PKCS7 library.
Introduce _LEGACY and _MBEDTLS kconfigs for PKCS7 parser legacy and
MbedTLS implementations respectively.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
- Fix EFI Capsule CI test failures.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for PKCS7 parser legacy and
MbedTLS implementations respectively.
- Move common functions to helper.
- Fix an unnecessary pointer casting.
Changes in v5
- Refactored MbedTLS makefile.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/Kconfig | 18 ++
lib/mbedtls/Makefile | 3 +-
lib/mbedtls/pkcs7_parser.c | 506 +++++++++++++++++++++++++++++++++++++
3 files changed, 526 insertions(+), 1 deletion(-)
create mode 100644 lib/mbedtls/pkcs7_parser.c
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index abdafd04e89..189bb3186b6 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -119,6 +119,7 @@ config LEGACY_CRYPTO_CERT
select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
+ select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -141,6 +142,14 @@ config X509_CERTIFICATE_PARSER_LEGACY
This option chooses legacy certificate library for X509 certificate
parser.
+config PKCS7_MESSAGE_PARSER_LEGACY
+ bool "PKCS#7 message parser with legacy certificate library"
+ depends on X509_CERTIFICATE_PARSER_LEGACY
+ select ASN1_DECODER_LEGACY
+ help
+ This option chooses legacy certificate library for PKCS7 message
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
@@ -293,6 +302,7 @@ config MBEDTLS_LIB_X509
select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
+ select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -315,6 +325,14 @@ config X509_CERTIFICATE_PARSER_MBEDTLS
This option chooses MbedTLS certificate library for X509 certificate
parser.
+config PKCS7_MESSAGE_PARSER_MBEDTLS
+ bool "PKCS#7 message parser with MbedTLS certificate library"
+ depends on X509_CERTIFICATE_PARSER_MBEDTLS
+ select ASN1_DECODER_MBEDTLS
+ help
+ This option chooses MbedTLS certificate library for PKCS7 message
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 29653323279..128a29c512f 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -16,6 +16,7 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
public_key.o
obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
x509_cert_parser.o
+obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += pkcs7_parser.o
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
@@ -49,5 +50,5 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/x509_crl.o \
$(MBEDTLS_LIB_DIR)/x509_crt.o
-mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += \
+mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/pkcs7.o
diff --git a/lib/mbedtls/pkcs7_parser.c b/lib/mbedtls/pkcs7_parser.c
new file mode 100644
index 00000000000..69ca784858e
--- /dev/null
+++ b/lib/mbedtls/pkcs7_parser.c
@@ -0,0 +1,506 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * PKCS#7 parser using MbedTLS PKCS#7 library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#include <log.h>
+#include <linux/kernel.h>
+#include <linux/err.h>
+#include <crypto/public_key.h>
+#include <crypto/pkcs7_parser.h>
+
+static void pkcs7_free_mbedtls_ctx(struct pkcs7_mbedtls_ctx *ctx)
+{
+ if (ctx) {
+ kfree(ctx->content_data);
+ kfree(ctx);
+ }
+}
+
+static void pkcs7_free_sinfo_mbedtls_ctx(struct pkcs7_sinfo_mbedtls_ctx *ctx)
+{
+ if (ctx) {
+ kfree(ctx->authattrs_data);
+ kfree(ctx->content_data_digest);
+ kfree(ctx);
+ }
+}
+
+/*
+ * Parse Authenticate Attributes
+ * TODO: Shall we consider to integrate decoding of authenticate attribute into
+ * MbedTLS library?
+ *
+ * There are two kinds of structure for the Authenticate Attributes being used
+ * in U-Boot.
+ *
+ * Type 1 - contains in a PE/COFF EFI image:
+ *
+ * [C.P.0] {
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.3 (OID_contentType)
+ * U.P.SET {
+ * U.P.OBJECTIDENTIFIER 1.3.6.1.4.1.311.2.1.4 (OID_msIndirectData)
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.5 (OID_signingTime)
+ * U.P.SET {
+ * U.P.UTCTime '<siging_time>'
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.4 (OID_messageDigest)
+ * U.P.SET {
+ * U.P.OCTETSTRING <digest>
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.15 (OID_smimeCapabilites)
+ * U.P.SET {
+ * U.P.SEQUENCE {
+ * <...>
+ * }
+ * }
+ * }
+ * }
+ *
+ * Type 2 - contains in an EFI Capsule:
+ *
+ * [C.P.0] {
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.3 (OID_contentType)
+ * U.P.SET {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.7.1 (OID_data)
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.5 (OID_signingTime)
+ * U.P.SET {
+ * U.P.UTCTime '<siging_time>'
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.4 (OID_messageDigest)
+ * U.P.SET {
+ * U.P.OCTETSTRING <digest>
+ * }
+ * }
+ *}
+ *
+ * Note:
+ * They have different Content Type (OID_msIndirectData or OID_data).
+ * OID_smimeCapabilites only exists in a PE/COFF EFI image.
+ */
+static int authattrs_parse(struct pkcs7_message *msg, void *aa, size_t aa_len,
+ struct pkcs7_signed_info *sinfo)
+{
+ unsigned char *p = aa;
+ unsigned char *end = (unsigned char *)aa + aa_len;
+ size_t len = 0;
+ int ret;
+ unsigned char *inner_p;
+ size_t seq_len = 0;
+
+ ret = mbedtls_asn1_get_tag(&p, end, &seq_len,
+ MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ MBEDTLS_ASN1_CONSTRUCTED);
+ if (ret)
+ return ret;
+
+ while (!mbedtls_asn1_get_tag(&p, end, &seq_len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE)) {
+ inner_p = p;
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_OID);
+ if (ret)
+ return ret;
+
+ if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_CONTENTTYPE, inner_p, len)) {
+ inner_p += len;
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SET);
+ if (ret)
+ return ret;
+
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_OID);
+ if (ret)
+ return ret;
+
+ /*
+ * We should only support 1.2.840.113549.1.7.1 (OID_data)
+ * for PKCS7 DATA that is used in EFI Capsule and
+ * 1.3.6.1.4.1.311.2.1.4 (OID_msIndirectData) for
+ * MicroSoft Authentication Code that is used in EFI
+ * Secure Boot.
+ */
+ if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_INDIRECTDATA,
+ inner_p, len) &&
+ MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DATA,
+ inner_p, len))
+ return -EINVAL;
+
+ if (__test_and_set_bit(sinfo_has_content_type, &sinfo->aa_set))
+ return -EINVAL;
+ } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_MESSAGEDIGEST, inner_p,
+ len)) {
+ inner_p += len;
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SET);
+ if (ret)
+ return ret;
+
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_OCTET_STRING);
+ if (ret)
+ return ret;
+
+ sinfo->msgdigest = inner_p;
+ sinfo->msgdigest_len = len;
+
+ if (__test_and_set_bit(sinfo_has_message_digest, &sinfo->aa_set))
+ return -EINVAL;
+ } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_SIGNINGTIME, inner_p,
+ len)) {
+ mbedtls_x509_time st;
+
+ inner_p += len;
+ ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SET);
+ if (ret)
+ return ret;
+
+ ret = mbedtls_x509_get_time(&inner_p, p + seq_len, &st);
+ if (ret)
+ return ret;
+ sinfo->signing_time = x509_get_timestamp(&st);
+
+ if (__test_and_set_bit(sinfo_has_signing_time, &sinfo->aa_set))
+ return -EINVAL;
+ } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_SMIMECAP, inner_p,
+ len)) {
+ if (__test_and_set_bit(sinfo_has_smime_caps, &sinfo->aa_set))
+ return -EINVAL;
+
+ if (msg->data_type != OID_msIndirectData &&
+ msg->data_type != OID_data)
+ return -EINVAL;
+ } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_SPOPUSINFO, inner_p,
+ len)) {
+ if (__test_and_set_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))
+ return -EINVAL;
+ } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_STATETYPE, inner_p,
+ len)) {
+ if (__test_and_set_bit(sinfo_has_ms_statement_type, &sinfo->aa_set))
+ return -EINVAL;
+ }
+
+ p += seq_len;
+ }
+
+ if (ret && ret != MBEDTLS_ERR_ASN1_OUT_OF_DATA)
+ return ret;
+
+ msg->have_authattrs = true;
+
+ /*
+ * Skip the leading tag byte (MBEDTLS_ASN1_CONTEXT_SPECIFIC |
+ * MBEDTLS_ASN1_CONSTRUCTED) to satisfy pkcs7_digest() when calculating
+ * the digest of authattrs.
+ */
+ sinfo->authattrs = aa + 1;
+ sinfo->authattrs_len = aa_len - 1;
+
+ return 0;
+}
+
+static int x509_populate_content_data(struct pkcs7_message *msg,
+ mbedtls_pkcs7 *pkcs7_ctx)
+{
+ struct pkcs7_mbedtls_ctx *mctx;
+
+ if (!pkcs7_ctx->content_data.data ||
+ !pkcs7_ctx->content_data.data_len)
+ return 0;
+
+ mctx = kzalloc(sizeof(*mctx), GFP_KERNEL);
+ if (!mctx)
+ return -ENOMEM;
+
+ mctx->content_data = kmemdup(pkcs7_ctx->content_data.data,
+ pkcs7_ctx->content_data.data_len,
+ GFP_KERNEL);
+ if (!mctx->content_data) {
+ pkcs7_free_mbedtls_ctx(mctx);
+ return -ENOMEM;
+ }
+
+ msg->data = mctx->content_data;
+ msg->data_len = pkcs7_ctx->content_data.data_len;
+ msg->data_hdrlen = pkcs7_ctx->content_data.data_hdrlen;
+ msg->data_type = pkcs7_ctx->content_data.data_type;
+
+ msg->mbedtls_ctx = mctx;
+ return 0;
+}
+
+static int x509_populate_sinfo(struct pkcs7_message *msg,
+ mbedtls_pkcs7_signer_info *mb_sinfo,
+ struct pkcs7_signed_info **sinfo)
+{
+ struct pkcs7_signed_info *signed_info;
+ struct public_key_signature *s;
+ mbedtls_md_type_t md_alg;
+ struct pkcs7_sinfo_mbedtls_ctx *mctx;
+ int ret;
+
+ signed_info = kzalloc(sizeof(*signed_info), GFP_KERNEL);
+ if (!signed_info)
+ return -ENOMEM;
+
+ s = kzalloc(sizeof(*s), GFP_KERNEL);
+ if (!s) {
+ ret = -ENOMEM;
+ goto out_no_sig;
+ }
+
+ mctx = kzalloc(sizeof(*mctx), GFP_KERNEL);
+ if (!mctx) {
+ ret = -ENOMEM;
+ goto out_no_mctx;
+ }
+
+ /*
+ * Hash algorithm:
+ *
+ * alg_identifier = digestAlgorithm (DigestAlgorithmIdentifier)
+ * MbedTLS internally checks this field to ensure
+ * it is the same as digest_alg_identifiers.
+ * sig_alg_identifier = digestEncryptionAlgorithm
+ * (DigestEncryptionAlgorithmIdentifier)
+ * MbedTLS just saves this field without any actions.
+ * See function pkcs7_get_signer_info() for reference.
+ *
+ * Public key algorithm:
+ * No information related to public key algorithm under MbedTLS signer
+ * info. Assume that we are using RSA.
+ */
+ ret = mbedtls_oid_get_md_alg(&mb_sinfo->alg_identifier, &md_alg);
+ if (ret)
+ goto out_err_sinfo;
+ s->pkey_algo = "rsa";
+
+ /* Translate the hash algorithm */
+ switch (md_alg) {
+ case MBEDTLS_MD_SHA1:
+ s->hash_algo = "sha1";
+ s->digest_size = SHA1_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA256:
+ s->hash_algo = "sha256";
+ s->digest_size = SHA256_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA384:
+ s->hash_algo = "sha384";
+ s->digest_size = SHA384_SUM_LEN;
+ break;
+ case MBEDTLS_MD_SHA512:
+ s->hash_algo = "sha512";
+ s->digest_size = SHA512_SUM_LEN;
+ break;
+ /* Unsupported algo */
+ case MBEDTLS_MD_MD5:
+ case MBEDTLS_MD_SHA224:
+ default:
+ ret = -EINVAL;
+ goto out_err_sinfo;
+ }
+
+ /*
+ * auth_ids holds AuthorityKeyIdentifier, aka akid
+ * auth_ids[0]:
+ * [PKCS#7 or CMS ver 1] - generated from "Issuer + Serial number"
+ * [CMS ver 3] - generated from skid (subjectKeyId)
+ * auth_ids[1]: generated from skid (subjectKeyId)
+ *
+ * Assume that we are using PKCS#7 (msg->version=1),
+ * not CMS ver 3 (msg->version=3).
+ */
+ s->auth_ids[0] = asymmetric_key_generate_id(mb_sinfo->serial.p,
+ mb_sinfo->serial.len,
+ mb_sinfo->issuer_raw.p,
+ mb_sinfo->issuer_raw.len);
+ if (!s->auth_ids[0]) {
+ ret = -ENOMEM;
+ goto out_err_sinfo;
+ }
+
+ /* skip s->auth_ids[1], no subjectKeyId in MbedTLS signer info ctx */
+
+ /*
+ * Encoding can be pkcs1 or raw, but only pkcs1 is supported.
+ * Set the encoding explicitly to pkcs1.
+ */
+ s->encoding = "pkcs1";
+
+ /* Copy the signature data */
+ s->s = kmemdup(mb_sinfo->sig.p, mb_sinfo->sig.len, GFP_KERNEL);
+ if (!s->s) {
+ ret = -ENOMEM;
+ goto out_err_sinfo;
+ }
+ s->s_size = mb_sinfo->sig.len;
+ signed_info->sig = s;
+
+ /* Save the Authenticate Attributes data if exists */
+ if (!mb_sinfo->authattrs.data || !mb_sinfo->authattrs.data_len)
+ goto no_authattrs;
+
+ mctx->authattrs_data = kmemdup(mb_sinfo->authattrs.data,
+ mb_sinfo->authattrs.data_len,
+ GFP_KERNEL);
+ if (!mctx->authattrs_data) {
+ ret = -ENOMEM;
+ goto out_err_sinfo;
+ }
+ signed_info->mbedtls_ctx = mctx;
+
+ /* If authattrs exists, decode it and parse msgdigest from it */
+ ret = authattrs_parse(msg, mctx->authattrs_data,
+ mb_sinfo->authattrs.data_len,
+ signed_info);
+ if (ret)
+ goto out_err_sinfo;
+
+no_authattrs:
+ *sinfo = signed_info;
+ return 0;
+
+out_err_sinfo:
+ pkcs7_free_sinfo_mbedtls_ctx(mctx);
+out_no_mctx:
+ public_key_signature_free(s);
+out_no_sig:
+ kfree(signed_info);
+ return ret;
+}
+
+/*
+ * Free a signed information block.
+ */
+static void pkcs7_free_signed_info(struct pkcs7_signed_info *sinfo)
+{
+ if (sinfo) {
+ public_key_signature_free(sinfo->sig);
+ pkcs7_free_sinfo_mbedtls_ctx(sinfo->mbedtls_ctx);
+ kfree(sinfo);
+ }
+}
+
+/**
+ * pkcs7_free_message - Free a PKCS#7 message
+ * @pkcs7: The PKCS#7 message to free
+ */
+void pkcs7_free_message(struct pkcs7_message *pkcs7)
+{
+ struct x509_certificate *cert;
+ struct pkcs7_signed_info *sinfo;
+
+ if (pkcs7) {
+ while (pkcs7->certs) {
+ cert = pkcs7->certs;
+ pkcs7->certs = cert->next;
+ x509_free_certificate(cert);
+ }
+ while (pkcs7->crl) {
+ cert = pkcs7->crl;
+ pkcs7->crl = cert->next;
+ x509_free_certificate(cert);
+ }
+ while (pkcs7->signed_infos) {
+ sinfo = pkcs7->signed_infos;
+ pkcs7->signed_infos = sinfo->next;
+ pkcs7_free_signed_info(sinfo);
+ }
+ pkcs7_free_mbedtls_ctx(pkcs7->mbedtls_ctx);
+ kfree(pkcs7);
+ }
+}
+
+struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
+{
+ int i;
+ int ret;
+ mbedtls_pkcs7 pkcs7_ctx;
+ mbedtls_pkcs7_signer_info *mb_sinfos;
+ mbedtls_x509_crt *mb_certs;
+ struct pkcs7_message *msg;
+ struct x509_certificate **cert;
+ struct pkcs7_signed_info **sinfos;
+
+ msg = kzalloc(sizeof(*msg), GFP_KERNEL);
+ if (!msg) {
+ ret = -ENOMEM;
+ goto out_no_msg;
+ }
+
+ /* Parse the DER encoded PKCS#7 message using MbedTLS */
+ mbedtls_pkcs7_init(&pkcs7_ctx);
+ ret = mbedtls_pkcs7_parse_der(&pkcs7_ctx, data, datalen);
+ /* Check if it is a PKCS#7 message with signed data */
+ if (ret != MBEDTLS_PKCS7_SIGNED_DATA)
+ goto parse_fail;
+
+ /* Assume that we are using PKCS#7, not CMS ver 3 */
+ msg->version = 1; /* 1 for [PKCS#7 or CMS ver 1] */
+
+ /* Populate the certs to msg->certs */
+ for (i = 0, cert = &msg->certs, mb_certs = &pkcs7_ctx.signed_data.certs;
+ i < pkcs7_ctx.signed_data.no_of_certs && mb_certs;
+ i++, cert = &(*cert)->next, mb_certs = mb_certs->next) {
+ ret = x509_populate_cert(mb_certs, cert);
+ if (ret)
+ goto parse_fail;
+
+ (*cert)->index = i + 1;
+ }
+
+ /*
+ * Skip populating crl, that is not currently in-use.
+ */
+
+ /* Populate content data */
+ ret = x509_populate_content_data(msg, &pkcs7_ctx);
+ if (ret)
+ goto parse_fail;
+
+ /* Populate signed info to msg->signed_infos */
+ for (i = 0, sinfos = &msg->signed_infos,
+ mb_sinfos = &pkcs7_ctx.signed_data.signers;
+ i < pkcs7_ctx.signed_data.no_of_signers && mb_sinfos;
+ i++, sinfos = &(*sinfos)->next, mb_sinfos = mb_sinfos->next) {
+ ret = x509_populate_sinfo(msg, mb_sinfos, sinfos);
+ if (ret)
+ goto parse_fail;
+
+ (*sinfos)->index = i + 1;
+ }
+
+ mbedtls_pkcs7_free(&pkcs7_ctx);
+ return msg;
+
+parse_fail:
+ mbedtls_pkcs7_free(&pkcs7_ctx);
+ pkcs7_free_message(msg);
+out_no_msg:
+ msg = ERR_PTR(ret);
+ return msg;
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 19/27] mbedtls: add PKCS7 parser porting layer
2024-10-03 21:50 ` [PATCH v8 19/27] mbedtls: add PKCS7 parser porting layer Raymond Mao
@ 2024-10-14 18:06 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-14 18:06 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sumit Garg, Sean Anderson, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Oleksandr Suvorov, Patrice Chotard,
Kongyang Liu, Greg Malysa, Jonas Karlman, Sughosh Ganu,
Anand Moon, Eddie James
On Fri, 4 Oct 2024 at 01:01, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Add porting layer for PKCS7 parser on top of MbedTLS PKCS7 library.
> Introduce _LEGACY and _MBEDTLS kconfigs for PKCS7 parser legacy and
> MbedTLS implementations respectively.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> - Fix EFI Capsule CI test failures.
> Changes in v3
> - None.
> Changes in v4
> - Introduce _LEGACY and _MBEDTLS kconfigs for PKCS7 parser legacy and
> MbedTLS implementations respectively.
> - Move common functions to helper.
> - Fix an unnecessary pointer casting.
> Changes in v5
> - Refactored MbedTLS makefile.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> lib/mbedtls/Kconfig | 18 ++
> lib/mbedtls/Makefile | 3 +-
> lib/mbedtls/pkcs7_parser.c | 506 +++++++++++++++++++++++++++++++++++++
> 3 files changed, 526 insertions(+), 1 deletion(-)
> create mode 100644 lib/mbedtls/pkcs7_parser.c
>
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index abdafd04e89..189bb3186b6 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -119,6 +119,7 @@ config LEGACY_CRYPTO_CERT
> select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
> ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
> + select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
> select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
> SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> help
> @@ -141,6 +142,14 @@ config X509_CERTIFICATE_PARSER_LEGACY
> This option chooses legacy certificate library for X509 certificate
> parser.
>
> +config PKCS7_MESSAGE_PARSER_LEGACY
> + bool "PKCS#7 message parser with legacy certificate library"
> + depends on X509_CERTIFICATE_PARSER_LEGACY
> + select ASN1_DECODER_LEGACY
> + help
> + This option chooses legacy certificate library for PKCS7 message
> + parser.
> +
> if SPL
>
> config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
> @@ -293,6 +302,7 @@ config MBEDTLS_LIB_X509
> select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
> ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
> + select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
> select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
> SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> help
> @@ -315,6 +325,14 @@ config X509_CERTIFICATE_PARSER_MBEDTLS
> This option chooses MbedTLS certificate library for X509 certificate
> parser.
>
> +config PKCS7_MESSAGE_PARSER_MBEDTLS
> + bool "PKCS#7 message parser with MbedTLS certificate library"
> + depends on X509_CERTIFICATE_PARSER_MBEDTLS
> + select ASN1_DECODER_MBEDTLS
> + help
> + This option chooses MbedTLS certificate library for PKCS7 message
> + parser.
> +
> if SPL
>
> config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
> diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
> index 29653323279..128a29c512f 100644
> --- a/lib/mbedtls/Makefile
> +++ b/lib/mbedtls/Makefile
> @@ -16,6 +16,7 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
> public_key.o
> obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
> x509_cert_parser.o
> +obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += pkcs7_parser.o
>
> # MbedTLS crypto library
> obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
> @@ -49,5 +50,5 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
> mbedtls_lib_x509-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/x509_crl.o \
> $(MBEDTLS_LIB_DIR)/x509_crt.o
> -mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += \
> +mbedtls_lib_x509-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += \
> $(MBEDTLS_LIB_DIR)/pkcs7.o
> diff --git a/lib/mbedtls/pkcs7_parser.c b/lib/mbedtls/pkcs7_parser.c
> new file mode 100644
> index 00000000000..69ca784858e
> --- /dev/null
> +++ b/lib/mbedtls/pkcs7_parser.c
> @@ -0,0 +1,506 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * PKCS#7 parser using MbedTLS PKCS#7 library
> + *
> + * Copyright (c) 2024 Linaro Limited
> + * Author: Raymond Mao <raymond.mao@linaro.org>
> + */
> +
> +#include <log.h>
> +#include <linux/kernel.h>
> +#include <linux/err.h>
> +#include <crypto/public_key.h>
> +#include <crypto/pkcs7_parser.h>
> +
> +static void pkcs7_free_mbedtls_ctx(struct pkcs7_mbedtls_ctx *ctx)
> +{
> + if (ctx) {
> + kfree(ctx->content_data);
> + kfree(ctx);
> + }
> +}
> +
> +static void pkcs7_free_sinfo_mbedtls_ctx(struct pkcs7_sinfo_mbedtls_ctx *ctx)
> +{
> + if (ctx) {
> + kfree(ctx->authattrs_data);
> + kfree(ctx->content_data_digest);
> + kfree(ctx);
> + }
> +}
> +
> +/*
> + * Parse Authenticate Attributes
> + * TODO: Shall we consider to integrate decoding of authenticate attribute into
> + * MbedTLS library?
> + *
> + * There are two kinds of structure for the Authenticate Attributes being used
> + * in U-Boot.
> + *
> + * Type 1 - contains in a PE/COFF EFI image:
> + *
> + * [C.P.0] {
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.3 (OID_contentType)
> + * U.P.SET {
> + * U.P.OBJECTIDENTIFIER 1.3.6.1.4.1.311.2.1.4 (OID_msIndirectData)
> + * }
> + * }
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.5 (OID_signingTime)
> + * U.P.SET {
> + * U.P.UTCTime '<siging_time>'
> + * }
> + * }
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.4 (OID_messageDigest)
> + * U.P.SET {
> + * U.P.OCTETSTRING <digest>
> + * }
> + * }
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.15 (OID_smimeCapabilites)
> + * U.P.SET {
> + * U.P.SEQUENCE {
> + * <...>
> + * }
> + * }
> + * }
> + * }
> + *
> + * Type 2 - contains in an EFI Capsule:
> + *
> + * [C.P.0] {
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.3 (OID_contentType)
> + * U.P.SET {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.7.1 (OID_data)
> + * }
> + * }
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.5 (OID_signingTime)
> + * U.P.SET {
> + * U.P.UTCTime '<siging_time>'
> + * }
> + * }
> + * U.P.SEQUENCE {
> + * U.P.OBJECTIDENTIFIER 1.2.840.113549.1.9.4 (OID_messageDigest)
> + * U.P.SET {
> + * U.P.OCTETSTRING <digest>
> + * }
> + * }
> + *}
> + *
> + * Note:
> + * They have different Content Type (OID_msIndirectData or OID_data).
> + * OID_smimeCapabilites only exists in a PE/COFF EFI image.
> + */
> +static int authattrs_parse(struct pkcs7_message *msg, void *aa, size_t aa_len,
> + struct pkcs7_signed_info *sinfo)
> +{
> + unsigned char *p = aa;
> + unsigned char *end = (unsigned char *)aa + aa_len;
> + size_t len = 0;
> + int ret;
> + unsigned char *inner_p;
> + size_t seq_len = 0;
> +
> + ret = mbedtls_asn1_get_tag(&p, end, &seq_len,
> + MBEDTLS_ASN1_CONTEXT_SPECIFIC |
> + MBEDTLS_ASN1_CONSTRUCTED);
> + if (ret)
> + return ret;
> +
> + while (!mbedtls_asn1_get_tag(&p, end, &seq_len,
> + MBEDTLS_ASN1_CONSTRUCTED |
> + MBEDTLS_ASN1_SEQUENCE)) {
> + inner_p = p;
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_OID);
> + if (ret)
> + return ret;
> +
> + if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_CONTENTTYPE, inner_p, len)) {
> + inner_p += len;
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_CONSTRUCTED |
> + MBEDTLS_ASN1_SET);
> + if (ret)
> + return ret;
> +
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_OID);
> + if (ret)
> + return ret;
> +
> + /*
> + * We should only support 1.2.840.113549.1.7.1 (OID_data)
> + * for PKCS7 DATA that is used in EFI Capsule and
> + * 1.3.6.1.4.1.311.2.1.4 (OID_msIndirectData) for
> + * MicroSoft Authentication Code that is used in EFI
> + * Secure Boot.
> + */
> + if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_INDIRECTDATA,
> + inner_p, len) &&
> + MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS7_DATA,
> + inner_p, len))
> + return -EINVAL;
> +
> + if (__test_and_set_bit(sinfo_has_content_type, &sinfo->aa_set))
> + return -EINVAL;
> + } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_MESSAGEDIGEST, inner_p,
> + len)) {
> + inner_p += len;
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_CONSTRUCTED |
> + MBEDTLS_ASN1_SET);
> + if (ret)
> + return ret;
> +
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_OCTET_STRING);
> + if (ret)
> + return ret;
> +
> + sinfo->msgdigest = inner_p;
> + sinfo->msgdigest_len = len;
> +
> + if (__test_and_set_bit(sinfo_has_message_digest, &sinfo->aa_set))
> + return -EINVAL;
> + } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_SIGNINGTIME, inner_p,
> + len)) {
> + mbedtls_x509_time st;
> +
> + inner_p += len;
> + ret = mbedtls_asn1_get_tag(&inner_p, p + seq_len, &len,
> + MBEDTLS_ASN1_CONSTRUCTED |
> + MBEDTLS_ASN1_SET);
> + if (ret)
> + return ret;
> +
> + ret = mbedtls_x509_get_time(&inner_p, p + seq_len, &st);
> + if (ret)
> + return ret;
> + sinfo->signing_time = x509_get_timestamp(&st);
> +
> + if (__test_and_set_bit(sinfo_has_signing_time, &sinfo->aa_set))
> + return -EINVAL;
> + } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_PKCS9_SMIMECAP, inner_p,
> + len)) {
> + if (__test_and_set_bit(sinfo_has_smime_caps, &sinfo->aa_set))
> + return -EINVAL;
> +
> + if (msg->data_type != OID_msIndirectData &&
> + msg->data_type != OID_data)
> + return -EINVAL;
> + } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_SPOPUSINFO, inner_p,
> + len)) {
> + if (__test_and_set_bit(sinfo_has_ms_opus_info, &sinfo->aa_set))
> + return -EINVAL;
> + } else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_STATETYPE, inner_p,
> + len)) {
> + if (__test_and_set_bit(sinfo_has_ms_statement_type, &sinfo->aa_set))
> + return -EINVAL;
> + }
> +
> + p += seq_len;
> + }
> +
> + if (ret && ret != MBEDTLS_ERR_ASN1_OUT_OF_DATA)
> + return ret;
> +
> + msg->have_authattrs = true;
> +
> + /*
> + * Skip the leading tag byte (MBEDTLS_ASN1_CONTEXT_SPECIFIC |
> + * MBEDTLS_ASN1_CONSTRUCTED) to satisfy pkcs7_digest() when calculating
> + * the digest of authattrs.
> + */
> + sinfo->authattrs = aa + 1;
> + sinfo->authattrs_len = aa_len - 1;
> +
> + return 0;
> +}
> +
> +static int x509_populate_content_data(struct pkcs7_message *msg,
> + mbedtls_pkcs7 *pkcs7_ctx)
> +{
> + struct pkcs7_mbedtls_ctx *mctx;
> +
> + if (!pkcs7_ctx->content_data.data ||
> + !pkcs7_ctx->content_data.data_len)
> + return 0;
> +
> + mctx = kzalloc(sizeof(*mctx), GFP_KERNEL);
> + if (!mctx)
> + return -ENOMEM;
> +
> + mctx->content_data = kmemdup(pkcs7_ctx->content_data.data,
> + pkcs7_ctx->content_data.data_len,
> + GFP_KERNEL);
> + if (!mctx->content_data) {
> + pkcs7_free_mbedtls_ctx(mctx);
> + return -ENOMEM;
> + }
> +
> + msg->data = mctx->content_data;
> + msg->data_len = pkcs7_ctx->content_data.data_len;
> + msg->data_hdrlen = pkcs7_ctx->content_data.data_hdrlen;
> + msg->data_type = pkcs7_ctx->content_data.data_type;
> +
> + msg->mbedtls_ctx = mctx;
> + return 0;
> +}
> +
> +static int x509_populate_sinfo(struct pkcs7_message *msg,
> + mbedtls_pkcs7_signer_info *mb_sinfo,
> + struct pkcs7_signed_info **sinfo)
> +{
> + struct pkcs7_signed_info *signed_info;
> + struct public_key_signature *s;
> + mbedtls_md_type_t md_alg;
> + struct pkcs7_sinfo_mbedtls_ctx *mctx;
> + int ret;
> +
> + signed_info = kzalloc(sizeof(*signed_info), GFP_KERNEL);
> + if (!signed_info)
> + return -ENOMEM;
> +
> + s = kzalloc(sizeof(*s), GFP_KERNEL);
> + if (!s) {
> + ret = -ENOMEM;
> + goto out_no_sig;
> + }
> +
> + mctx = kzalloc(sizeof(*mctx), GFP_KERNEL);
> + if (!mctx) {
> + ret = -ENOMEM;
> + goto out_no_mctx;
> + }
> +
> + /*
> + * Hash algorithm:
> + *
> + * alg_identifier = digestAlgorithm (DigestAlgorithmIdentifier)
> + * MbedTLS internally checks this field to ensure
> + * it is the same as digest_alg_identifiers.
> + * sig_alg_identifier = digestEncryptionAlgorithm
> + * (DigestEncryptionAlgorithmIdentifier)
> + * MbedTLS just saves this field without any actions.
> + * See function pkcs7_get_signer_info() for reference.
> + *
> + * Public key algorithm:
> + * No information related to public key algorithm under MbedTLS signer
> + * info. Assume that we are using RSA.
> + */
> + ret = mbedtls_oid_get_md_alg(&mb_sinfo->alg_identifier, &md_alg);
> + if (ret)
> + goto out_err_sinfo;
> + s->pkey_algo = "rsa";
> +
> + /* Translate the hash algorithm */
> + switch (md_alg) {
> + case MBEDTLS_MD_SHA1:
> + s->hash_algo = "sha1";
> + s->digest_size = SHA1_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA256:
> + s->hash_algo = "sha256";
> + s->digest_size = SHA256_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA384:
> + s->hash_algo = "sha384";
> + s->digest_size = SHA384_SUM_LEN;
> + break;
> + case MBEDTLS_MD_SHA512:
> + s->hash_algo = "sha512";
> + s->digest_size = SHA512_SUM_LEN;
> + break;
> + /* Unsupported algo */
> + case MBEDTLS_MD_MD5:
> + case MBEDTLS_MD_SHA224:
> + default:
> + ret = -EINVAL;
> + goto out_err_sinfo;
> + }
> +
> + /*
> + * auth_ids holds AuthorityKeyIdentifier, aka akid
> + * auth_ids[0]:
> + * [PKCS#7 or CMS ver 1] - generated from "Issuer + Serial number"
> + * [CMS ver 3] - generated from skid (subjectKeyId)
> + * auth_ids[1]: generated from skid (subjectKeyId)
> + *
> + * Assume that we are using PKCS#7 (msg->version=1),
> + * not CMS ver 3 (msg->version=3).
> + */
> + s->auth_ids[0] = asymmetric_key_generate_id(mb_sinfo->serial.p,
> + mb_sinfo->serial.len,
> + mb_sinfo->issuer_raw.p,
> + mb_sinfo->issuer_raw.len);
> + if (!s->auth_ids[0]) {
> + ret = -ENOMEM;
> + goto out_err_sinfo;
> + }
> +
> + /* skip s->auth_ids[1], no subjectKeyId in MbedTLS signer info ctx */
> +
> + /*
> + * Encoding can be pkcs1 or raw, but only pkcs1 is supported.
> + * Set the encoding explicitly to pkcs1.
> + */
> + s->encoding = "pkcs1";
> +
> + /* Copy the signature data */
> + s->s = kmemdup(mb_sinfo->sig.p, mb_sinfo->sig.len, GFP_KERNEL);
> + if (!s->s) {
> + ret = -ENOMEM;
> + goto out_err_sinfo;
> + }
> + s->s_size = mb_sinfo->sig.len;
> + signed_info->sig = s;
> +
> + /* Save the Authenticate Attributes data if exists */
> + if (!mb_sinfo->authattrs.data || !mb_sinfo->authattrs.data_len)
> + goto no_authattrs;
> +
> + mctx->authattrs_data = kmemdup(mb_sinfo->authattrs.data,
> + mb_sinfo->authattrs.data_len,
> + GFP_KERNEL);
> + if (!mctx->authattrs_data) {
> + ret = -ENOMEM;
> + goto out_err_sinfo;
> + }
> + signed_info->mbedtls_ctx = mctx;
> +
> + /* If authattrs exists, decode it and parse msgdigest from it */
> + ret = authattrs_parse(msg, mctx->authattrs_data,
> + mb_sinfo->authattrs.data_len,
> + signed_info);
> + if (ret)
> + goto out_err_sinfo;
> +
> +no_authattrs:
> + *sinfo = signed_info;
> + return 0;
> +
> +out_err_sinfo:
> + pkcs7_free_sinfo_mbedtls_ctx(mctx);
> +out_no_mctx:
> + public_key_signature_free(s);
> +out_no_sig:
> + kfree(signed_info);
> + return ret;
> +}
> +
> +/*
> + * Free a signed information block.
> + */
> +static void pkcs7_free_signed_info(struct pkcs7_signed_info *sinfo)
> +{
> + if (sinfo) {
> + public_key_signature_free(sinfo->sig);
> + pkcs7_free_sinfo_mbedtls_ctx(sinfo->mbedtls_ctx);
> + kfree(sinfo);
> + }
> +}
> +
> +/**
> + * pkcs7_free_message - Free a PKCS#7 message
> + * @pkcs7: The PKCS#7 message to free
> + */
> +void pkcs7_free_message(struct pkcs7_message *pkcs7)
> +{
> + struct x509_certificate *cert;
> + struct pkcs7_signed_info *sinfo;
> +
> + if (pkcs7) {
> + while (pkcs7->certs) {
> + cert = pkcs7->certs;
> + pkcs7->certs = cert->next;
> + x509_free_certificate(cert);
> + }
> + while (pkcs7->crl) {
> + cert = pkcs7->crl;
> + pkcs7->crl = cert->next;
> + x509_free_certificate(cert);
> + }
> + while (pkcs7->signed_infos) {
> + sinfo = pkcs7->signed_infos;
> + pkcs7->signed_infos = sinfo->next;
> + pkcs7_free_signed_info(sinfo);
> + }
> + pkcs7_free_mbedtls_ctx(pkcs7->mbedtls_ctx);
> + kfree(pkcs7);
> + }
> +}
> +
> +struct pkcs7_message *pkcs7_parse_message(const void *data, size_t datalen)
> +{
> + int i;
> + int ret;
> + mbedtls_pkcs7 pkcs7_ctx;
> + mbedtls_pkcs7_signer_info *mb_sinfos;
> + mbedtls_x509_crt *mb_certs;
> + struct pkcs7_message *msg;
> + struct x509_certificate **cert;
> + struct pkcs7_signed_info **sinfos;
> +
> + msg = kzalloc(sizeof(*msg), GFP_KERNEL);
> + if (!msg) {
> + ret = -ENOMEM;
> + goto out_no_msg;
> + }
> +
> + /* Parse the DER encoded PKCS#7 message using MbedTLS */
> + mbedtls_pkcs7_init(&pkcs7_ctx);
> + ret = mbedtls_pkcs7_parse_der(&pkcs7_ctx, data, datalen);
> + /* Check if it is a PKCS#7 message with signed data */
> + if (ret != MBEDTLS_PKCS7_SIGNED_DATA)
> + goto parse_fail;
> +
> + /* Assume that we are using PKCS#7, not CMS ver 3 */
> + msg->version = 1; /* 1 for [PKCS#7 or CMS ver 1] */
> +
> + /* Populate the certs to msg->certs */
> + for (i = 0, cert = &msg->certs, mb_certs = &pkcs7_ctx.signed_data.certs;
> + i < pkcs7_ctx.signed_data.no_of_certs && mb_certs;
> + i++, cert = &(*cert)->next, mb_certs = mb_certs->next) {
> + ret = x509_populate_cert(mb_certs, cert);
> + if (ret)
> + goto parse_fail;
> +
> + (*cert)->index = i + 1;
> + }
> +
> + /*
> + * Skip populating crl, that is not currently in-use.
> + */
> +
> + /* Populate content data */
> + ret = x509_populate_content_data(msg, &pkcs7_ctx);
> + if (ret)
> + goto parse_fail;
> +
> + /* Populate signed info to msg->signed_infos */
> + for (i = 0, sinfos = &msg->signed_infos,
> + mb_sinfos = &pkcs7_ctx.signed_data.signers;
> + i < pkcs7_ctx.signed_data.no_of_signers && mb_sinfos;
> + i++, sinfos = &(*sinfos)->next, mb_sinfos = mb_sinfos->next) {
> + ret = x509_populate_sinfo(msg, mb_sinfos, sinfos);
> + if (ret)
> + goto parse_fail;
> +
> + (*sinfos)->index = i + 1;
> + }
> +
> + mbedtls_pkcs7_free(&pkcs7_ctx);
> + return msg;
> +
> +parse_fail:
> + mbedtls_pkcs7_free(&pkcs7_ctx);
> + pkcs7_free_message(msg);
> +out_no_msg:
> + msg = ERR_PTR(ret);
> + return msg;
> +}
> --
> 2.25.1
>
I don't know if it would be easier to try and merge this with the
existing pkcs7 parser. It's unlikely since it has too much mbedTLS
specific structs, but we might look into it in the future. In any case
these are mutually exclusive so FWIW
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 20/27] lib/crypto: Adapt PKCS7 parser to MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (18 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 19/27] mbedtls: add PKCS7 parser porting layer Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:19 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 21/27] mbedtls: add MSCode parser porting layer Raymond Mao
` (8 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang,
Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg, Sean Anderson,
Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Neil Armstrong, Ferass El Hafidi, Greg Malysa, Jonas Karlman,
Kongyang Liu, Sughosh Ganu, Eddie James
Previous patch has introduced MbedTLS porting layer for PKCS7 parser,
here to adjust the header and makefiles accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- Update commit message.
Changes in v4
- Control building legacy library via '_LEGACY' Kconfig.
Changes in v5
- Correct header file include directories.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
include/crypto/pkcs7_parser.h | 56 +++++++++++++++++++++++++++++++++++
lib/crypto/Makefile | 7 +++--
2 files changed, 60 insertions(+), 3 deletions(-)
diff --git a/include/crypto/pkcs7_parser.h b/include/crypto/pkcs7_parser.h
index 2c45cce5234..469c2711fa6 100644
--- a/include/crypto/pkcs7_parser.h
+++ b/include/crypto/pkcs7_parser.h
@@ -11,6 +11,12 @@
#include <linux/oid_registry.h>
#include <crypto/pkcs7.h>
#include <crypto/x509_parser.h>
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+#include <mbedtls/pkcs7.h>
+#include <library/x509_internal.h>
+#include <mbedtls/asn1.h>
+#include <mbedtls/oid.h>
+#endif
#include <linux/printk.h>
#define kenter(FMT, ...) \
@@ -18,7 +24,54 @@
#define kleave(FMT, ...) \
pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__)
+/* Backup the parsed MedTLS context that we need */
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+struct pkcs7_mbedtls_ctx {
+ void *content_data;
+};
+
+struct pkcs7_sinfo_mbedtls_ctx {
+ void *authattrs_data;
+ void *content_data_digest;
+};
+#endif
+
+/*
+ * MbedTLS integration Notes:
+ *
+ * MbedTLS PKCS#7 library does not originally support parsing MicroSoft
+ * Authentication Code which is used for verifying the PE image digest.
+ *
+ * 1. Authenticated Attributes (authenticatedAttributes)
+ * MbedTLS assumes unauthenticatedAttributes and authenticatedAttributes
+ * fields not exist.
+ * See MbedTLS function 'pkcs7_get_signer_info' for details.
+ *
+ * 2. MicroSoft Authentication Code (mscode)
+ * MbedTLS only supports Content Data type defined as 1.2.840.113549.1.7.1
+ * (MBEDTLS_OID_PKCS7_DATA, aka OID_data).
+ * 1.3.6.1.4.1.311.2.1.4 (MicroSoft Authentication Code, aka
+ * OID_msIndirectData) is not supported.
+ * See MbedTLS function 'pkcs7_get_content_info_type' for details.
+ *
+ * But the EFI loader assumes that a PKCS#7 message with an EFI image always
+ * contains MicroSoft Authentication Code as Content Data (msg->data is NOT
+ * NULL), see function 'efi_signature_verify'.
+ *
+ * MbedTLS patch "0002-support-MicroSoft-authentication-code-in-PKCS7-lib.patch"
+ * is to support both above features by parsing the Content Data and
+ * Authenticate Attributes from a given PKCS#7 message.
+ *
+ * Other fields we don't need to populate from MbedTLS, which are used
+ * internally by pkcs7_verify:
+ * 'signer', 'unsupported_crypto', 'blacklisted'
+ * 'sig->digest' is used internally by pkcs7_digest to calculate the hash of
+ * Content Data or Authenticate Attributes.
+ */
struct pkcs7_signed_info {
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+ struct pkcs7_sinfo_mbedtls_ctx *mbedtls_ctx;
+#endif
struct pkcs7_signed_info *next;
struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
unsigned index;
@@ -55,6 +108,9 @@ struct pkcs7_signed_info {
};
struct pkcs7_message {
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+ struct pkcs7_mbedtls_ctx *mbedtls_ctx;
+#endif
struct x509_certificate *certs; /* Certificate list */
struct x509_certificate *crl; /* Revocation list */
struct pkcs7_signed_info *signed_infos;
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 4302f197297..7129315393f 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -50,15 +50,16 @@ $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h
# PKCS#7 message handling
#
obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o
-pkcs7_message-y := \
+pkcs7_message-y := pkcs7_helper.o
+pkcs7_message-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_LEGACY) += \
pkcs7.asn1.o \
- pkcs7_helper.o \
pkcs7_parser.o
-obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
$(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h
$(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h
+obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
+
#
# Signed PE binary-wrapped key handling
#
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 20/27] lib/crypto: Adapt PKCS7 parser to MbedTLS
2024-10-03 21:50 ` [PATCH v8 20/27] lib/crypto: Adapt PKCS7 parser to MbedTLS Raymond Mao
@ 2024-10-09 9:19 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:19 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Leo Yu-Chi Liang, Sumit Garg, Sean Anderson, Andrew Davis,
Rasmus Villemoes, Bryan Brattlof, Leon M. Busch-George,
AKASHI Takahiro, Alexander Gendin, Mattijs Korpershoek,
Jonathan Humphreys, Marek Vasut, Paul Barker, Neil Armstrong,
Ferass El Hafidi, Greg Malysa, Jonas Karlman, Kongyang Liu,
Sughosh Ganu, Eddie James
On Fri, 4 Oct 2024 at 01:02, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Previous patch has introduced MbedTLS porting layer for PKCS7 parser,
> here to adjust the header and makefiles accordingly.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> Changes in v3
> - Update commit message.
> Changes in v4
> - Control building legacy library via '_LEGACY' Kconfig.
> Changes in v5
> - Correct header file include directories.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> include/crypto/pkcs7_parser.h | 56 +++++++++++++++++++++++++++++++++++
> lib/crypto/Makefile | 7 +++--
> 2 files changed, 60 insertions(+), 3 deletions(-)
>
> diff --git a/include/crypto/pkcs7_parser.h b/include/crypto/pkcs7_parser.h
> index 2c45cce5234..469c2711fa6 100644
> --- a/include/crypto/pkcs7_parser.h
> +++ b/include/crypto/pkcs7_parser.h
> @@ -11,6 +11,12 @@
> #include <linux/oid_registry.h>
> #include <crypto/pkcs7.h>
> #include <crypto/x509_parser.h>
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> +#include <mbedtls/pkcs7.h>
> +#include <library/x509_internal.h>
> +#include <mbedtls/asn1.h>
> +#include <mbedtls/oid.h>
> +#endif
> #include <linux/printk.h>
>
> #define kenter(FMT, ...) \
> @@ -18,7 +24,54 @@
> #define kleave(FMT, ...) \
> pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__)
>
> +/* Backup the parsed MedTLS context that we need */
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> +struct pkcs7_mbedtls_ctx {
> + void *content_data;
> +};
> +
> +struct pkcs7_sinfo_mbedtls_ctx {
> + void *authattrs_data;
> + void *content_data_digest;
> +};
> +#endif
> +
> +/*
> + * MbedTLS integration Notes:
> + *
> + * MbedTLS PKCS#7 library does not originally support parsing MicroSoft
> + * Authentication Code which is used for verifying the PE image digest.
> + *
> + * 1. Authenticated Attributes (authenticatedAttributes)
> + * MbedTLS assumes unauthenticatedAttributes and authenticatedAttributes
> + * fields not exist.
> + * See MbedTLS function 'pkcs7_get_signer_info' for details.
> + *
> + * 2. MicroSoft Authentication Code (mscode)
> + * MbedTLS only supports Content Data type defined as 1.2.840.113549.1.7.1
> + * (MBEDTLS_OID_PKCS7_DATA, aka OID_data).
> + * 1.3.6.1.4.1.311.2.1.4 (MicroSoft Authentication Code, aka
> + * OID_msIndirectData) is not supported.
> + * See MbedTLS function 'pkcs7_get_content_info_type' for details.
> + *
> + * But the EFI loader assumes that a PKCS#7 message with an EFI image always
> + * contains MicroSoft Authentication Code as Content Data (msg->data is NOT
> + * NULL), see function 'efi_signature_verify'.
> + *
> + * MbedTLS patch "0002-support-MicroSoft-authentication-code-in-PKCS7-lib.patch"
> + * is to support both above features by parsing the Content Data and
> + * Authenticate Attributes from a given PKCS#7 message.
> + *
> + * Other fields we don't need to populate from MbedTLS, which are used
> + * internally by pkcs7_verify:
> + * 'signer', 'unsupported_crypto', 'blacklisted'
> + * 'sig->digest' is used internally by pkcs7_digest to calculate the hash of
> + * Content Data or Authenticate Attributes.
> + */
> struct pkcs7_signed_info {
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> + struct pkcs7_sinfo_mbedtls_ctx *mbedtls_ctx;
> +#endif
> struct pkcs7_signed_info *next;
> struct x509_certificate *signer; /* Signing certificate (in msg->certs) */
> unsigned index;
> @@ -55,6 +108,9 @@ struct pkcs7_signed_info {
> };
>
> struct pkcs7_message {
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> + struct pkcs7_mbedtls_ctx *mbedtls_ctx;
> +#endif
> struct x509_certificate *certs; /* Certificate list */
> struct x509_certificate *crl; /* Revocation list */
> struct pkcs7_signed_info *signed_infos;
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index 4302f197297..7129315393f 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -50,15 +50,16 @@ $(obj)/x509_akid.asn1.o: $(obj)/x509_akid.asn1.c $(obj)/x509_akid.asn1.h
> # PKCS#7 message handling
> #
> obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER) += pkcs7_message.o
> -pkcs7_message-y := \
> +pkcs7_message-y := pkcs7_helper.o
> +pkcs7_message-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_LEGACY) += \
> pkcs7.asn1.o \
> - pkcs7_helper.o \
> pkcs7_parser.o
> -obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
>
> $(obj)/pkcs7_parser.o: $(obj)/pkcs7.asn1.h
> $(obj)/pkcs7.asn1.o: $(obj)/pkcs7.asn1.c $(obj)/pkcs7.asn1.h
>
> +obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
> +
> #
> # Signed PE binary-wrapped key handling
> #
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 21/27] mbedtls: add MSCode parser porting layer
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (19 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 20/27] lib/crypto: Adapt PKCS7 parser to MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS Raymond Mao
` (7 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Sumit Garg,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Paul Barker, Marek Vasut,
Oleksandr Suvorov, Linus Walleij, Kongyang Liu, Greg Malysa,
Jonas Karlman, Sughosh Ganu, Vincent Stehlé, Caleb Connolly,
Eddie James
Add porting layer for MSCode on top of MbedTLS ASN1 library.
Introduce _MBEDTLS kconfigs for MSCode MbedTLS implementation.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for MSCode legacy and
MbedTLS implementations respectively.
- Fix a few code style.
Changes in v5
- Correct kconfig dependence.
- Refactored MbedTLS makefile.
- Move mscode legacy kconfig to the next patch.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/Kconfig | 9 +++
lib/mbedtls/Makefile | 1 +
lib/mbedtls/mscode_parser.c | 123 ++++++++++++++++++++++++++++++++++++
3 files changed, 133 insertions(+)
create mode 100644 lib/mbedtls/mscode_parser.c
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index 189bb3186b6..fd7263f9616 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -303,6 +303,7 @@ config MBEDTLS_LIB_X509
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
+ select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -333,6 +334,14 @@ config PKCS7_MESSAGE_PARSER_MBEDTLS
This option chooses MbedTLS certificate library for PKCS7 message
parser.
+config MSCODE_PARSER_MBEDTLS
+ bool "MS authenticode parser with MbedTLS certificate library"
+ depends on MBEDTLS_LIB_X509 && MSCODE_PARSER
+ select ASN1_DECODER_MBEDTLS
+ help
+ This option chooses MbedTLS certificate library for MS authenticode
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 128a29c512f..488b66402b3 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -17,6 +17,7 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_MBEDTLS) += \
obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
x509_cert_parser.o
obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += pkcs7_parser.o
+obj-$(CONFIG_$(SPL_)MSCODE_PARSER_MBEDTLS) += mscode_parser.o
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
diff --git a/lib/mbedtls/mscode_parser.c b/lib/mbedtls/mscode_parser.c
new file mode 100644
index 00000000000..c3805c6503c
--- /dev/null
+++ b/lib/mbedtls/mscode_parser.c
@@ -0,0 +1,123 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * MSCode parser using MbedTLS ASN1 library
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#include <linux/kernel.h>
+#include <linux/err.h>
+#include <crypto/pkcs7.h>
+#include <crypto/mscode.h>
+
+/*
+ * Parse a Microsoft Individual Code Signing blob
+ *
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER 1.3.6.1.4.1.311.2.1.15 (SPC_PE_IMAGE_DATA_OBJID)
+ * U.P.SEQUENCE {
+ * U.P.BITSTRING NaN : 0 unused bit(s);
+ * [C.P.0] {
+ * [C.P.2] {
+ * [C.P.0] <arbitrary string>
+ * }
+ * }
+ * }
+ * }
+ * U.P.SEQUENCE {
+ * U.P.SEQUENCE {
+ * U.P.OBJECTIDENTIFIER <digest algorithm OID>
+ * U.P.NULL
+ * }
+ * U.P.OCTETSTRING <PE image digest>
+ * }
+ *
+ * @ctx: PE file context.
+ * @content_data: content data pointer.
+ * @data_len: content data length.
+ * @asn1hdrlen: ASN1 header length.
+ */
+int mscode_parse(void *ctx, const void *content_data, size_t data_len,
+ size_t asn1hdrlen)
+{
+ struct pefile_context *_ctx = ctx;
+ unsigned char *p = (unsigned char *)content_data;
+ unsigned char *end = (unsigned char *)content_data + data_len;
+ size_t len = 0;
+ int ret;
+ unsigned char *inner_p;
+ size_t seq_len = 0;
+
+ ret = mbedtls_asn1_get_tag(&p, end, &seq_len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (ret)
+ return ret;
+
+ inner_p = p;
+ ret = mbedtls_asn1_get_tag(&inner_p, inner_p + seq_len, &len,
+ MBEDTLS_ASN1_OID);
+ if (ret)
+ return ret;
+
+ /* Sanity check on the PE Image Data OID (1.3.6.1.4.1.311.2.1.15) */
+ if (MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_MICROSOFT_PEIMAGEDATA, inner_p,
+ len))
+ return -EINVAL;
+
+ p += seq_len;
+ ret = mbedtls_asn1_get_tag(&p, end, &seq_len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (ret)
+ return ret;
+
+ ret = mbedtls_asn1_get_tag(&p, p + seq_len, &seq_len,
+ MBEDTLS_ASN1_CONSTRUCTED |
+ MBEDTLS_ASN1_SEQUENCE);
+ if (ret)
+ return ret;
+
+ inner_p = p;
+
+ /*
+ * Check if the inner sequence contains a supported hash
+ * algorithm OID
+ */
+ ret = mbedtls_asn1_get_tag(&inner_p, inner_p + seq_len, &len,
+ MBEDTLS_ASN1_OID);
+ if (ret)
+ return ret;
+
+ if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_MD5, inner_p, len))
+ _ctx->digest_algo = "md5";
+ else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_SHA1, inner_p,
+ len))
+ _ctx->digest_algo = "sha1";
+ else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_SHA224, inner_p,
+ len))
+ _ctx->digest_algo = "sha224";
+ else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_SHA256, inner_p,
+ len))
+ _ctx->digest_algo = "sha256";
+ else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_SHA384, inner_p,
+ len))
+ _ctx->digest_algo = "sha384";
+ else if (!MBEDTLS_OID_CMP_RAW(MBEDTLS_OID_DIGEST_ALG_SHA512, inner_p,
+ len))
+ _ctx->digest_algo = "sha512";
+
+ if (!_ctx->digest_algo)
+ return -EINVAL;
+
+ p += seq_len;
+ ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
+ if (ret)
+ return ret;
+
+ _ctx->digest = p;
+ _ctx->digest_len = len;
+
+ return 0;
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (20 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 21/27] mbedtls: add MSCode parser porting layer Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 9:18 ` Ilias Apalodimas
2024-10-03 21:50 ` [PATCH v8 23/27] mbedtls: add RSA helper layer on MbedTLS Raymond Mao
` (6 subsequent siblings)
28 siblings, 1 reply; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang,
Heinrich Schuchardt, Sean Anderson, Andrew Davis,
Rasmus Villemoes, Sumit Garg, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Nathan Barrett-Morrison, Greg Malysa, Kongyang Liu, Jonas Karlman,
Sughosh Ganu, Eddie James
Previous patch has introduced MbedTLS porting layer for mscode parser,
here to adjust the header and makefiles accordingly.
Adding _LEGACY Kconfig for legacy mscode implementation.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
---
Changes in v2
- Move the porting layer to MbedTLS dir.
Changes in v3
- Update commit message.
Changes in v4
- Control building legacy library via '_LEGACY' Kconfig.
Changes in v5
- Add kconfig for legacy mscode parser.
- Correct header file include directories.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
include/crypto/mscode.h | 4 ++++
lib/crypto/Makefile | 2 +-
lib/mbedtls/Kconfig | 9 +++++++++
3 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/include/crypto/mscode.h b/include/crypto/mscode.h
index 551058b96e6..678e69001b9 100644
--- a/include/crypto/mscode.h
+++ b/include/crypto/mscode.h
@@ -9,6 +9,10 @@
#ifndef __UBOOT__
#include <crypto/hash_info.h>
#endif
+#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
+#include <mbedtls/asn1.h>
+#include <mbedtls/oid.h>
+#endif
struct pefile_context {
#ifndef __UBOOT__
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 7129315393f..3caa45dc2a8 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -63,7 +63,7 @@ obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
#
# Signed PE binary-wrapped key handling
#
-obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o
+obj-$(CONFIG_$(SPL_)MSCODE_PARSER_LEGACY) += mscode.o
mscode-y := \
mscode_parser.o \
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index fd7263f9616..efeaed50385 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -120,6 +120,7 @@ config LEGACY_CRYPTO_CERT
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
+ select MSCODE_PARSER_LEGACY if MSCODE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
help
@@ -150,6 +151,14 @@ config PKCS7_MESSAGE_PARSER_LEGACY
This option chooses legacy certificate library for PKCS7 message
parser.
+config MSCODE_PARSER_LEGACY
+ bool "MS authenticode parser with legacy certificate library"
+ depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER
+ select ASN1_DECODER_LEGACY
+ help
+ This option chooses legacy certificate library for MS authenticode
+ parser.
+
if SPL
config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS
2024-10-03 21:50 ` [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS Raymond Mao
@ 2024-10-09 9:18 ` Ilias Apalodimas
0 siblings, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:18 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Andrew Davis, Rasmus Villemoes, Sumit Garg,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Marek Vasut, Paul Barker, Nathan Barrett-Morrison, Greg Malysa,
Kongyang Liu, Jonas Karlman, Sughosh Ganu, Eddie James
On Fri, 4 Oct 2024 at 01:03, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Previous patch has introduced MbedTLS porting layer for mscode parser,
> here to adjust the header and makefiles accordingly.
> Adding _LEGACY Kconfig for legacy mscode implementation.
>
> Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
> ---
> Changes in v2
> - Move the porting layer to MbedTLS dir.
> Changes in v3
> - Update commit message.
> Changes in v4
> - Control building legacy library via '_LEGACY' Kconfig.
> Changes in v5
> - Add kconfig for legacy mscode parser.
> - Correct header file include directories.
> Changes in v6
> - None.
> Changes in v7
> - None.
> Changes in v8
> - None
>
> include/crypto/mscode.h | 4 ++++
> lib/crypto/Makefile | 2 +-
> lib/mbedtls/Kconfig | 9 +++++++++
> 3 files changed, 14 insertions(+), 1 deletion(-)
>
> diff --git a/include/crypto/mscode.h b/include/crypto/mscode.h
> index 551058b96e6..678e69001b9 100644
> --- a/include/crypto/mscode.h
> +++ b/include/crypto/mscode.h
> @@ -9,6 +9,10 @@
> #ifndef __UBOOT__
> #include <crypto/hash_info.h>
> #endif
> +#if CONFIG_IS_ENABLED(MBEDTLS_LIB_X509)
> +#include <mbedtls/asn1.h>
> +#include <mbedtls/oid.h>
> +#endif
>
> struct pefile_context {
> #ifndef __UBOOT__
> diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
> index 7129315393f..3caa45dc2a8 100644
> --- a/lib/crypto/Makefile
> +++ b/lib/crypto/Makefile
> @@ -63,7 +63,7 @@ obj-$(CONFIG_$(SPL_)PKCS7_VERIFY) += pkcs7_verify.o
> #
> # Signed PE binary-wrapped key handling
> #
> -obj-$(CONFIG_$(SPL_)MSCODE_PARSER) += mscode.o
> +obj-$(CONFIG_$(SPL_)MSCODE_PARSER_LEGACY) += mscode.o
>
> mscode-y := \
> mscode_parser.o \
> diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
> index fd7263f9616..efeaed50385 100644
> --- a/lib/mbedtls/Kconfig
> +++ b/lib/mbedtls/Kconfig
> @@ -120,6 +120,7 @@ config LEGACY_CRYPTO_CERT
> ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
> select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
> + select MSCODE_PARSER_LEGACY if MSCODE_PARSER
> select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
> SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> help
> @@ -150,6 +151,14 @@ config PKCS7_MESSAGE_PARSER_LEGACY
> This option chooses legacy certificate library for PKCS7 message
> parser.
>
> +config MSCODE_PARSER_LEGACY
> + bool "MS authenticode parser with legacy certificate library"
> + depends on LEGACY_CRYPTO_CERT && MSCODE_PARSER
> + select ASN1_DECODER_LEGACY
> + help
> + This option chooses legacy certificate library for MS authenticode
> + parser.
> +
> if SPL
>
> config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
> --
> 2.25.1
>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
^ permalink raw reply [flat|nested] 56+ messages in thread
* [PATCH v8 23/27] mbedtls: add RSA helper layer on MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (21 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 22/27] lib/crypto: Adapt mscode_parser to MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 24/27] lib/rypto: Adapt rsa_helper to MbedTLS Raymond Mao
` (5 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Sumit Garg,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Marek Vasut, Paul Barker,
Patrice Chotard, Kongyang Liu, Jonas Karlman, Greg Malysa,
Sughosh Ganu, Caleb Connolly, Eddie James
Add RSA helper layer on top on MbedTLS PK and RSA library.
Introduce _LEGACY and _MBEDTLS kconfigs for RSA helper legacy and
MbedTLS implementations respectively.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for RSA helper legacy and
MbedTLS implementations respectively.
- Remove unnecessary type casting.
Changes in v5
- Correct header file include directories.
- Correct kconfig dependence.
- Kconfig rename.
- Refactored MbedTLS makefile.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/mbedtls/Kconfig | 36 +++++++++++++++
lib/mbedtls/Makefile | 3 +-
lib/mbedtls/rsa_helper.c | 95 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 133 insertions(+), 1 deletion(-)
create mode 100644 lib/mbedtls/rsa_helper.c
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index efeaed50385..ab50ad4ebe9 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -118,11 +118,13 @@ config LEGACY_CRYPTO_CERT
bool "legacy certificate libraries"
select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select RSA_PUBLIC_KEY_PARSER_LEGACY if RSA_PUBLIC_KEY_PARSER
select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
select MSCODE_PARSER_LEGACY if MSCODE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select SPL_RSA_PUBLIC_KEY_PARSER_LEGACY if SPL_RSA_PUBLIC_KEY_PARSER
help
Enable legacy certificate libraries.
@@ -135,6 +137,14 @@ config ASYMMETRIC_PUBLIC_KEY_LEGACY
This option chooses legacy certificate library for asymmetric public
key crypto algorithm.
+config RSA_PUBLIC_KEY_PARSER_LEGACY
+ bool "RSA public key parser with legacy certificate library"
+ depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
+ select ASN1_DECODER_LEGACY
+ help
+ This option chooses legacy certificate library for RSA public key
+ parser.
+
config X509_CERTIFICATE_PARSER_LEGACY
bool "X.509 certificate parser with legacy certificate library"
depends on ASYMMETRIC_PUBLIC_KEY_LEGACY
@@ -168,6 +178,14 @@ config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
This option chooses legacy certificate library for asymmetric public
key crypto algorithm in SPL.
+config SPL_RSA_PUBLIC_KEY_PARSER_LEGACY
+ bool "RSA public key parser with legacy certificate library in SPL"
+ depends on SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
+ select SPL_ASN1_DECODER_LEGACY
+ help
+ This option chooses legacy certificate library for RSA public key
+ parser in SPL.
+
endif # SPL
endif # LEGACY_CRYPTO_CERT
@@ -310,11 +328,13 @@ config MBEDTLS_LIB_X509
bool "MbedTLS certificate libraries"
select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select RSA_PUBLIC_KEY_PARSER_MBEDTLS if RSA_PUBLIC_KEY_PARSER
select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER
select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
+ select SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS if SPL_RSA_PUBLIC_KEY_PARSER
help
Enable MbedTLS certificate libraries.
@@ -327,6 +347,14 @@ config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
This option chooses MbedTLS certificate library for asymmetric public
key crypto algorithm.
+config RSA_PUBLIC_KEY_PARSER_MBEDTLS
+ bool "RSA public key parser with MbedTLS certificate library"
+ depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
+ select ASN1_DECODER_MBEDTLS
+ help
+ This option chooses MbedTLS certificate library for RSA public key
+ parser.
+
config X509_CERTIFICATE_PARSER_MBEDTLS
bool "X.509 certificate parser with MbedTLS certificate library"
depends on ASYMMETRIC_PUBLIC_KEY_MBEDTLS
@@ -360,6 +388,14 @@ config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
This option chooses MbedTLS certificate library for asymmetric public
key crypto algorithm in SPL.
+config SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS
+ bool "RSA public key parser with MbedTLS certificate library in SPL"
+ depends on SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
+ select SPL_ASN1_DECODER_MBEDTLS
+ help
+ This option chooses MbedTLS certificate library for RSA public key
+ parser in SPL.
+
endif # SPL
endif # MBEDTLS_LIB_X509
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 488b66402b3..04d450afd82 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -18,6 +18,7 @@ obj-$(CONFIG_$(SPL_)X509_CERTIFICATE_PARSER_MBEDTLS) += \
x509_cert_parser.o
obj-$(CONFIG_$(SPL_)PKCS7_MESSAGE_PARSER_MBEDTLS) += pkcs7_parser.o
obj-$(CONFIG_$(SPL_)MSCODE_PARSER_MBEDTLS) += mscode_parser.o
+obj-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER_MBEDTLS) += rsa_helper.o
# MbedTLS crypto library
obj-$(CONFIG_MBEDTLS_LIB) += mbedtls_lib_crypto.o
@@ -39,7 +40,7 @@ mbedtls_lib_x509-$(CONFIG_$(SPL_)ASN1_DECODER) += \
$(MBEDTLS_LIB_DIR)/asn1parse.o \
$(MBEDTLS_LIB_DIR)/asn1write.o \
$(MBEDTLS_LIB_DIR)/oid.o
-mbedtls_lib_x509-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += \
+mbedtls_lib_x509-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/bignum.o \
$(MBEDTLS_LIB_DIR)/bignum_core.o \
$(MBEDTLS_LIB_DIR)/rsa.o \
diff --git a/lib/mbedtls/rsa_helper.c b/lib/mbedtls/rsa_helper.c
new file mode 100644
index 00000000000..3d94eee9954
--- /dev/null
+++ b/lib/mbedtls/rsa_helper.c
@@ -0,0 +1,95 @@
+// SPDX-License-Identifier: GPL-2.0+
+/*
+ * RSA helper functions using MbedTLS
+ *
+ * Copyright (c) 2024 Linaro Limited
+ * Author: Raymond Mao <raymond.mao@linaro.org>
+ */
+
+#include <linux/err.h>
+#include <crypto/internal/rsa.h>
+#include <library/common.h>
+#include <mbedtls/pk.h>
+#include <mbedtls/rsa.h>
+#include <mbedtls/asn1.h>
+
+/**
+ * rsa_parse_pub_key() - decodes the BER encoded buffer and stores in the
+ * provided struct rsa_key, pointers to the raw key as is,
+ * so that the caller can copy it or MPI parse it, etc.
+ *
+ * @rsa_key: struct rsa_key key representation
+ * @key: key in BER format
+ * @key_len: length of key
+ *
+ * Return: 0 on success or error code in case of error
+ */
+int rsa_parse_pub_key(struct rsa_key *rsa_key, const void *key,
+ unsigned int key_len)
+{
+ int ret = 0;
+ mbedtls_pk_context pk;
+ mbedtls_rsa_context *rsa;
+
+ mbedtls_pk_init(&pk);
+
+ ret = mbedtls_pk_parse_public_key(&pk, (const unsigned char *)key,
+ key_len);
+ if (ret) {
+ pr_err("Failed to parse public key, ret:-0x%04x\n", -ret);
+ ret = -EINVAL;
+ goto clean_pubkey;
+ }
+
+ /* Ensure that it is a RSA key */
+ if (mbedtls_pk_get_type(&pk) != MBEDTLS_PK_RSA) {
+ pr_err("Non-RSA keys are not supported\n");
+ ret = -EKEYREJECTED;
+ goto clean_pubkey;
+ }
+
+ /* Get RSA key context */
+ rsa = mbedtls_pk_rsa(pk);
+ if (!rsa) {
+ pr_err("Failed to get RSA key context, ret:-0x%04x\n", -ret);
+ ret = -EINVAL;
+ goto clean_pubkey;
+ }
+
+ /* Parse modulus (n) */
+ rsa_key->n_sz = mbedtls_mpi_size(&rsa->N);
+ rsa_key->n = kzalloc(rsa_key->n_sz, GFP_KERNEL);
+ if (!rsa_key->n) {
+ ret = -ENOMEM;
+ goto clean_pubkey;
+ }
+ ret = mbedtls_mpi_write_binary(&rsa->N, (unsigned char *)rsa_key->n,
+ rsa_key->n_sz);
+ if (ret) {
+ pr_err("Failed to parse modulus (n), ret:-0x%04x\n", -ret);
+ ret = -EINVAL;
+ goto clean_modulus;
+ }
+
+ /* Parse public exponent (e) */
+ rsa_key->e_sz = mbedtls_mpi_size(&rsa->E);
+ rsa_key->e = kzalloc(rsa_key->e_sz, GFP_KERNEL);
+ if (!rsa_key->e) {
+ ret = -ENOMEM;
+ goto clean_modulus;
+ }
+ ret = mbedtls_mpi_write_binary(&rsa->E, (unsigned char *)rsa_key->e,
+ rsa_key->e_sz);
+ if (!ret)
+ return 0;
+
+ pr_err("Failed to parse public exponent (e), ret:-0x%04x\n", -ret);
+ ret = -EINVAL;
+
+ kfree(rsa_key->e);
+clean_modulus:
+ kfree(rsa_key->n);
+clean_pubkey:
+ mbedtls_pk_free(&pk);
+ return ret;
+}
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 24/27] lib/rypto: Adapt rsa_helper to MbedTLS
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (22 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 23/27] mbedtls: add RSA helper layer on MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 25/27] asn1_decoder: add build options for ASN1 decoder Raymond Mao
` (4 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Leo Yu-Chi Liang,
Sumit Garg, Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Marek Vasut, Paul Barker,
Patrice Chotard, Kongyang Liu, Greg Malysa, Jonas Karlman,
Sughosh Ganu, Anand Moon, Eddie James
Previous patch has introduced MbedTLS porting layer for RSA helper,
here to adjust the makefile accordingly.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- Update commit message.
Changes in v4
- Control building legacy library via '_LEGACY' Kconfig.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/crypto/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile
index 3caa45dc2a8..72b413d85a9 100644
--- a/lib/crypto/Makefile
+++ b/lib/crypto/Makefile
@@ -13,7 +13,7 @@ obj-$(CONFIG_$(SPL_)ASYMMETRIC_PUBLIC_KEY_LEGACY) += public_key.o
#
# RSA public key parser
#
-obj-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER) += rsa_public_key.o
+obj-$(CONFIG_$(SPL_)RSA_PUBLIC_KEY_PARSER_LEGACY) += rsa_public_key.o
rsa_public_key-y := \
rsapubkey.asn1.o \
rsa_helper.o
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 25/27] asn1_decoder: add build options for ASN1 decoder
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (23 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 24/27] lib/rypto: Adapt rsa_helper to MbedTLS Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 26/27] test: Remove ASN1 library test Raymond Mao
` (3 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Sumit Garg,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Greg Malysa, Jonas Karlman, Kongyang Liu, Oleksandr Suvorov,
Sughosh Ganu, Vincent Stehlé, Caleb Connolly, Eddie James
When building with MbedTLS, we are using MbedTLS to decode ASN1 data
for x509, pkcs7 and mscode.
Introduce _LEGACY and _MBEDTLS kconfigs for ASN1 decoder legacy and
MbedTLS implementations respectively.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- None.
Changes in v4
- Introduce _LEGACY and _MBEDTLS kconfigs for ASN1 decoder legacy and
MbedTLS implementations respectively.
- Update the commit subject.
Changes in v5
- Correct kconfig dependence.
- Refactored MbedTLS makefile.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
lib/Makefile | 2 +-
lib/mbedtls/Kconfig | 30 ++++++++++++++++++++++++++++++
lib/mbedtls/Makefile | 2 +-
3 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/lib/Makefile b/lib/Makefile
index 33755778283..561e0d44a16 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -81,7 +81,7 @@ obj-$(CONFIG_$(SPL_)SHA256_LEGACY) += sha256.o
obj-$(CONFIG_$(SPL_)SHA512_LEGACY) += sha512.o
obj-$(CONFIG_CRYPT_PW) += crypt/
-obj-$(CONFIG_$(SPL_)ASN1_DECODER) += asn1_decoder.o
+obj-$(CONFIG_$(SPL_)ASN1_DECODER_LEGACY) += asn1_decoder.o
obj-$(CONFIG_$(SPL_)ZLIB) += zlib/
obj-$(CONFIG_$(SPL_)ZSTD) += zstd/
diff --git a/lib/mbedtls/Kconfig b/lib/mbedtls/Kconfig
index ab50ad4ebe9..d71adc3648a 100644
--- a/lib/mbedtls/Kconfig
+++ b/lib/mbedtls/Kconfig
@@ -116,12 +116,14 @@ endif # LEGACY_CRYPTO_BASIC
config LEGACY_CRYPTO_CERT
bool "legacy certificate libraries"
+ select ASN1_DECODER_LEGACY if ASN1_DECODER
select ASYMMETRIC_PUBLIC_KEY_LEGACY if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select RSA_PUBLIC_KEY_PARSER_LEGACY if RSA_PUBLIC_KEY_PARSER
select X509_CERTIFICATE_PARSER_LEGACY if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_LEGACY if PKCS7_MESSAGE_PARSER
select MSCODE_PARSER_LEGACY if MSCODE_PARSER
+ select SPL_ASN1_DECODER_LEGACY if SPL_ASN1_DECODER
select SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select SPL_RSA_PUBLIC_KEY_PARSER_LEGACY if SPL_RSA_PUBLIC_KEY_PARSER
@@ -130,6 +132,12 @@ config LEGACY_CRYPTO_CERT
if LEGACY_CRYPTO_CERT
+config ASN1_DECODER_LEGACY
+ bool "ASN1 decoder with legacy certificate library"
+ depends on LEGACY_CRYPTO_CERT && ASN1_DECODER
+ help
+ This option chooses legacy certificate library for ASN1 decoder.
+
config ASYMMETRIC_PUBLIC_KEY_LEGACY
bool "Asymmetric public key crypto with legacy certificate library"
depends on LEGACY_CRYPTO_CERT && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
@@ -171,6 +179,13 @@ config MSCODE_PARSER_LEGACY
if SPL
+config SPL_ASN1_DECODER_LEGACY
+ bool "ASN1 decoder with legacy certificate library in SPL"
+ depends on LEGACY_CRYPTO_CERT && SPL_ASN1_DECODER
+ help
+ This option chooses legacy certificate library for ASN1 decoder in
+ SPL.
+
config SPL_ASYMMETRIC_PUBLIC_KEY_LEGACY
bool "Asymmetric public key crypto with legacy certificate library in SPL"
depends on LEGACY_CRYPTO_CERT && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
@@ -326,12 +341,14 @@ endif # MBEDTLS_LIB_CRYPTO
config MBEDTLS_LIB_X509
bool "MbedTLS certificate libraries"
+ select ASN1_DECODER_MBEDTLS if ASN1_DECODER
select ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select RSA_PUBLIC_KEY_PARSER_MBEDTLS if RSA_PUBLIC_KEY_PARSER
select X509_CERTIFICATE_PARSER_MBEDTLS if X509_CERTIFICATE_PARSER
select PKCS7_MESSAGE_PARSER_MBEDTLS if PKCS7_MESSAGE_PARSER
select MSCODE_PARSER_MBEDTLS if MSCODE_PARSER
+ select SPL_ASN1_DECODER_MBEDTLS if SPL_ASN1_DECODER
select SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS if \
SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
select SPL_RSA_PUBLIC_KEY_PARSER_MBEDTLS if SPL_RSA_PUBLIC_KEY_PARSER
@@ -340,6 +357,12 @@ config MBEDTLS_LIB_X509
if MBEDTLS_LIB_X509
+config ASN1_DECODER_MBEDTLS
+ bool "ASN1 decoder with MbedTLS certificate library"
+ depends on MBEDTLS_LIB_X509 && ASN1_DECODER
+ help
+ This option chooses MbedTLS certificate library for ASN1 decoder.
+
config ASYMMETRIC_PUBLIC_KEY_MBEDTLS
bool "Asymmetric public key crypto with MbedTLS certificate library"
depends on MBEDTLS_LIB_X509 && ASYMMETRIC_PUBLIC_KEY_SUBTYPE
@@ -381,6 +404,13 @@ config MSCODE_PARSER_MBEDTLS
if SPL
+config SPL_ASN1_DECODER_MBEDTLS
+ bool "ASN1 decoder with MbedTLS certificate library in SPL"
+ depends on MBEDTLS_LIB_X509 && SPL_ASN1_DECODER
+ help
+ This option chooses MbedTLS certificate library for ASN1 decoder in
+ SPL.
+
config SPL_ASYMMETRIC_PUBLIC_KEY_MBEDTLS
bool "Asymmetric public key crypto with MbedTLS certificate library in SPL"
depends on MBEDTLS_LIB_X509 && SPL_ASYMMETRIC_PUBLIC_KEY_SUBTYPE
diff --git a/lib/mbedtls/Makefile b/lib/mbedtls/Makefile
index 04d450afd82..83cb3c2fa70 100644
--- a/lib/mbedtls/Makefile
+++ b/lib/mbedtls/Makefile
@@ -36,7 +36,7 @@ mbedtls_lib_crypto-$(CONFIG_$(SPL_)SHA512_MBEDTLS) += \
# MbedTLS X509 library
obj-$(CONFIG_MBEDTLS_LIB_X509) += mbedtls_lib_x509.o
mbedtls_lib_x509-y := $(MBEDTLS_LIB_DIR)/x509.o
-mbedtls_lib_x509-$(CONFIG_$(SPL_)ASN1_DECODER) += \
+mbedtls_lib_x509-$(CONFIG_$(SPL_)ASN1_DECODER_MBEDTLS) += \
$(MBEDTLS_LIB_DIR)/asn1parse.o \
$(MBEDTLS_LIB_DIR)/asn1write.o \
$(MBEDTLS_LIB_DIR)/oid.o
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 26/27] test: Remove ASN1 library test
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (24 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 25/27] asn1_decoder: add build options for ASN1 decoder Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-03 21:50 ` [PATCH v8 27/27] configs: enable MbedTLS as default setting Raymond Mao
` (2 subsequent siblings)
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Sean Anderson, Sumit Garg,
Rasmus Villemoes, Andrew Davis, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Jonathan Humphreys, Mattijs Korpershoek, Marek Vasut, Paul Barker,
Patrice Chotard, Jonas Karlman, Kongyang Liu, Greg Malysa,
Sughosh Ganu, Eddie James
With MBEDTLS_LIB_X509 enabled, we don't build the original ASN1 lib,
So remove it from test.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- Initial patch.
Changes in v3
- None.
Changes in v4
- None.
Changes in v5
- None.
Changes in v6
- None.
Changes in v7
- None.
Changes in v8
- None
test/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/Kconfig b/test/Kconfig
index e2ec0994a2e..558a9cd49b4 100644
--- a/test/Kconfig
+++ b/test/Kconfig
@@ -32,7 +32,7 @@ if UT_LIB
config UT_LIB_ASN1
bool "Unit test for asn1 compiler and decoder function"
- depends on SANDBOX
+ depends on SANDBOX && !MBEDTLS_LIB_X509
default y
imply ASYMMETRIC_KEY_TYPE
imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* [PATCH v8 27/27] configs: enable MbedTLS as default setting
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (25 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 26/27] test: Remove ASN1 library test Raymond Mao
@ 2024-10-03 21:50 ` Raymond Mao
2024-10-09 1:52 ` [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Simon Glass
2024-10-15 4:30 ` Tom Rini
28 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-03 21:50 UTC (permalink / raw)
To: u-boot
Cc: manish.pandey2, Raymond Mao, Ilias Apalodimas, Tom Rini,
Stefan Bosch, Mario Six, Andy Shevchenko, Michal Simek,
Tuomas Tynkkynen, Simon Glass, Peng Fan, Jaehoon Chung,
Jiaxun Yang, Heinrich Schuchardt, Leo Yu-Chi Liang, Sumit Garg,
Sean Anderson, Andrew Davis, Rasmus Villemoes, Bryan Brattlof,
Leon M. Busch-George, AKASHI Takahiro, Alexander Gendin,
Mattijs Korpershoek, Jonathan Humphreys, Paul Barker, Marek Vasut,
Linus Walleij, Kongyang Liu, Greg Malysa, Jonas Karlman,
Sughosh Ganu, Anand Moon
Enable MbedTLS as default setting for qemu arm64 and sandbox.
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
---
Changes in v2
- None.
Changes in v3
- None.
Changes in v4
- None.
Changes in v5
- Remove unused config MBEDTLS_LIB_TLS.
- Remove EFI_SECURE_BOOT from the default config.
Changes in v6
- Remove MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509.
Changes in v7
- None.
Changes in v8
- None
configs/qemu_arm64_defconfig | 1 +
configs/sandbox_defconfig | 1 +
2 files changed, 2 insertions(+)
diff --git a/configs/qemu_arm64_defconfig b/configs/qemu_arm64_defconfig
index 088ba39f18e..6d18a8571ca 100644
--- a/configs/qemu_arm64_defconfig
+++ b/configs/qemu_arm64_defconfig
@@ -68,5 +68,6 @@ CONFIG_TPM2_MMIO=y
CONFIG_USB_EHCI_HCD=y
CONFIG_USB_EHCI_PCI=y
CONFIG_SEMIHOSTING=y
+CONFIG_MBEDTLS_LIB=y
CONFIG_TPM=y
CONFIG_EFI_HTTP_BOOT=y
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index a50fbce8d06..0ecdeebb45f 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -345,6 +345,7 @@ CONFIG_FS_CBFS=y
CONFIG_FS_CRAMFS=y
CONFIG_ADDR_MAP=y
CONFIG_CMD_DHRYSTONE=y
+CONFIG_MBEDTLS_LIB=y
CONFIG_ECDSA=y
CONFIG_ECDSA_VERIFY=y
CONFIG_TPM=y
--
2.25.1
^ permalink raw reply related [flat|nested] 56+ messages in thread* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (26 preceding siblings ...)
2024-10-03 21:50 ` [PATCH v8 27/27] configs: enable MbedTLS as default setting Raymond Mao
@ 2024-10-09 1:52 ` Simon Glass
2024-10-09 9:49 ` Ilias Apalodimas
2024-10-15 4:30 ` Tom Rini
28 siblings, 1 reply; 56+ messages in thread
From: Simon Glass @ 2024-10-09 1:52 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Tom Rini, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Peng Fan,
Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
On Thu, 3 Oct 2024 at 15:51, Raymond Mao <raymond.mao@linaro.org> wrote:
>
> Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
>
> Motivations:
> ------------
>
> 1. MbedTLS is well maintained with LTS versions.
> 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> 3. MbedTLS recently switched license back to GPLv2.
>
> Prerequisite:
> -------------
>
> This patch series requires mbedtls git repo to be added as a
> subtree to the main U-Boot repo via:
> $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> https://github.com/Mbed-TLS/mbedtls.git \
> v3.6.0 --squash
> Moreover, due to the Windows-style files from mbedtls git repo,
> we need to convert the CRLF endings to LF and do a commit manually:
> $ git add --renormalize .
> $ git commit
>
> New Kconfig options:
> --------------------
>
> `MBEDTLS_LIB` is for MbedTLS general switch.
> `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
> MbedTLS.
> `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> MbedTLS crypto alternatives.
> `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> and Pubkey parser with MbedTLS.
> By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> when `MBEDTLS_LIB` is enabled.
> `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
> `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> introduced.
>
> In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> for testing purpose.
>
> Patches for external MbedTLS project:
> -------------------------------------
>
> Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> executables which is not supported by MbedTLS at the moment,
> addtional patches for MbedTLS are created to adapt with the EFI loader:
> 1. Decoding of Microsoft Authentication Code.
> 2. Decoding of PKCS#9 Authenticate Attributes.
> 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
> 4. MbedTLS native test suites for PKCS#7 signer's info.
>
> All above 4 patches (tagged with `mbedtls/external`) are submitted to
> MbedTLS project and being reviewed, eventually they should be part of
> MbedTLS LTS release.
> But before that, please merge them into U-Boot, otherwise the building
> will be broken when MBEDTLS_LIB_X509 is enabled.
>
> See below PR link for the reference:
> https://github.com/Mbed-TLS/mbedtls/pull/9001
>
> Miscellaneous:
> --------------
>
> Optimized MbedTLS library size by tailoring the config file
> and disabling all unnecessary features for EFI loader.
> From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
> sha512) are completely replaced when MbedTLS is enabled.
> From v3, the size-growth is slightly reduced by refactoring Hash functions.
> From v6, smaller implementations for SHA256 and SHA512 are enabled and
> target size reduce significantly.
> Target(QEMU arm64) size-growth when enabling MbedTLS:
> v1: 6.03%
> v2: 4.66%
> v3 - v5: 4.55%
> v6: 2.90%
>
> Please see the latest output from buildman for size-growth on QEMU arm64,
> Sandbox and Nanopi A64. [1]
>
> Tests done:
> -----------
>
> EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
> verifying and booting) via U-Boot console.
> EFI Secure Boot and Capsule sandbox test passed.
>
> Known issues:
> -------------
>
> None.
>
> [1]: buildman output for size comparison (With both `MBEDTLS_LIB` and
> `MBEDTLS_LIB_CRYPTO` selected)
> (qemu_arm64, sandbox and nanopi_a64)
> ```
> aarch64: (for 2/2 boards) all -1568.0 bss -8.0 data -64.0 rodata +200.0 text -1696.0
> qemu_arm64 : all +4472 bss -16 data -64 rodata +200 text +4352
> u-boot: add: 29/-14, grow: 6/-13 bytes: 12812/-8084 (4728)
> function old new delta
> mbedtls_internal_sha1_process - 4540 +4540
I am not going to review this version as others are on top of this. It
looks reasonable to me. We do need to tidy up the hashing in
common/hash.c at some point but this series doesn't add to the pain
there.
I do worry about the size growth, though. Do we want/need the mbed
algorithms? Why are they so large?
Regards,
Simon
^ permalink raw reply [flat|nested] 56+ messages in thread* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-09 1:52 ` [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Simon Glass
@ 2024-10-09 9:49 ` Ilias Apalodimas
2024-10-09 15:08 ` Raymond Mao
0 siblings, 1 reply; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-09 9:49 UTC (permalink / raw)
To: Simon Glass
Cc: Raymond Mao, u-boot, manish.pandey2, Tom Rini, Stefan Bosch,
Mario Six, Andy Shevchenko, Michal Simek, Tuomas Tynkkynen,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
Hi Simon,
On Wed, 9 Oct 2024 at 04:52, Simon Glass <sjg@chromium.org> wrote:
>
> On Thu, 3 Oct 2024 at 15:51, Raymond Mao <raymond.mao@linaro.org> wrote:
> >
> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
> >
> > Motivations:
> > ------------
> >
> > 1. MbedTLS is well maintained with LTS versions.
> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> > 3. MbedTLS recently switched license back to GPLv2.
> >
> > Prerequisite:
> > -------------
> >
> > This patch series requires mbedtls git repo to be added as a
> > subtree to the main U-Boot repo via:
> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > https://github.com/Mbed-TLS/mbedtls.git \
> > v3.6.0 --squash
> > Moreover, due to the Windows-style files from mbedtls git repo,
> > we need to convert the CRLF endings to LF and do a commit manually:
> > $ git add --renormalize .
> > $ git commit
> >
> > New Kconfig options:
> > --------------------
> >
> > `MBEDTLS_LIB` is for MbedTLS general switch.
> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
> > MbedTLS.
> > `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> > MbedTLS crypto alternatives.
> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> > and Pubkey parser with MbedTLS.
> > By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> > when `MBEDTLS_LIB` is enabled.
> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> > introduced.
> >
> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> > for testing purpose.
> >
> > Patches for external MbedTLS project:
> > -------------------------------------
> >
> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> > executables which is not supported by MbedTLS at the moment,
> > addtional patches for MbedTLS are created to adapt with the EFI loader:
> > 1. Decoding of Microsoft Authentication Code.
> > 2. Decoding of PKCS#9 Authenticate Attributes.
> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
> > 4. MbedTLS native test suites for PKCS#7 signer's info.
> >
> > All above 4 patches (tagged with `mbedtls/external`) are submitted to
> > MbedTLS project and being reviewed, eventually they should be part of
> > MbedTLS LTS release.
> > But before that, please merge them into U-Boot, otherwise the building
> > will be broken when MBEDTLS_LIB_X509 is enabled.
> >
> > See below PR link for the reference:
> > https://github.com/Mbed-TLS/mbedtls/pull/9001
> >
> > Miscellaneous:
> > --------------
> >
> > Optimized MbedTLS library size by tailoring the config file
> > and disabling all unnecessary features for EFI loader.
> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
> > sha512) are completely replaced when MbedTLS is enabled.
> > From v3, the size-growth is slightly reduced by refactoring Hash functions.
> > From v6, smaller implementations for SHA256 and SHA512 are enabled and
> > target size reduce significantly.
> > Target(QEMU arm64) size-growth when enabling MbedTLS:
> > v1: 6.03%
> > v2: 4.66%
> > v3 - v5: 4.55%
> > v6: 2.90%
> >
> > Please see the latest output from buildman for size-growth on QEMU arm64,
> > Sandbox and Nanopi A64. [1]
> >
> > Tests done:
> > -----------
> >
> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
> > verifying and booting) via U-Boot console.
> > EFI Secure Boot and Capsule sandbox test passed.
> >
> > Known issues:
> > -------------
> >
> > None.
> >
> > [1]: buildman output for size comparison (With both `MBEDTLS_LIB` and
> > `MBEDTLS_LIB_CRYPTO` selected)
> > (qemu_arm64, sandbox and nanopi_a64)
> > ```
> > aarch64: (for 2/2 boards) all -1568.0 bss -8.0 data -64.0 rodata +200.0 text -1696.0
> > qemu_arm64 : all +4472 bss -16 data -64 rodata +200 text +4352
> > u-boot: add: 29/-14, grow: 6/-13 bytes: 12812/-8084 (4728)
> > function old new delta
> > mbedtls_internal_sha1_process - 4540 +4540
>
> I am not going to review this version as others are on top of this. It
> looks reasonable to me. We do need to tidy up the hashing in
> common/hash.c at some point but this series doesn't add to the pain
> there.
I don't have time to review those things in depth. OTOH we have enough
testing on the CI to make sure cryptography is working and I do like
the state of the patches as well.
The current code leave mbedTLS hashing algorithms as a choice, but set
the existing hashing algos as the default, since they are smaller and
work with offloading. Since using new algorithms from mbedTLS might
have valid use cases, I suggest we pull this and clean up the hash
subsystem, to include all 4 options
- mbedTLS in sw
- U-Boot hashes in sw
- Mix of mbedTLS & hardware offloading
- Mix of U-Boot hashing & hardware offloading (already works)
Thanks
/Ilias
>
> I do worry about the size growth, though. Do we want/need the mbed
> algorithms? Why are they so large?
>
> Regards,
> Simon
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-09 9:49 ` Ilias Apalodimas
@ 2024-10-09 15:08 ` Raymond Mao
0 siblings, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-09 15:08 UTC (permalink / raw)
To: Ilias Apalodimas
Cc: Simon Glass, u-boot, manish.pandey2, Tom Rini, Stefan Bosch,
Mario Six, Andy Shevchenko, Michal Simek, Tuomas Tynkkynen,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
Hi Ilias,
On Wed, 9 Oct 2024 at 05:50, Ilias Apalodimas <ilias.apalodimas@linaro.org>
wrote:
> Hi Simon,
>
> On Wed, 9 Oct 2024 at 04:52, Simon Glass <sjg@chromium.org> wrote:
> >
> > On Thu, 3 Oct 2024 at 15:51, Raymond Mao <raymond.mao@linaro.org> wrote:
> > >
> > > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
> > >
> > > Motivations:
> > > ------------
> > >
> > > 1. MbedTLS is well maintained with LTS versions.
> > > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> > > 3. MbedTLS recently switched license back to GPLv2.
> > >
> > > Prerequisite:
> > > -------------
> > >
> > > This patch series requires mbedtls git repo to be added as a
> > > subtree to the main U-Boot repo via:
> > > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > > https://github.com/Mbed-TLS/mbedtls.git \
> > > v3.6.0 --squash
> > > Moreover, due to the Windows-style files from mbedtls git repo,
> > > we need to convert the CRLF endings to LF and do a commit manually:
> > > $ git add --renormalize .
> > > $ git commit
> > >
> > > New Kconfig options:
> > > --------------------
> > >
> > > `MBEDTLS_LIB` is for MbedTLS general switch.
> > > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs
> with
> > > MbedTLS.
> > > `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> > > MbedTLS crypto alternatives.
> > > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> > > and Pubkey parser with MbedTLS.
> > > By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> > > when `MBEDTLS_LIB` is enabled.
> > > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto
> library.
> > > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> > > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> > > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> > > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> > > introduced.
> > >
> > > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> > > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> > > for testing purpose.
> > >
> > > Patches for external MbedTLS project:
> > > -------------------------------------
> > >
> > > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> > > executables which is not supported by MbedTLS at the moment,
> > > addtional patches for MbedTLS are created to adapt with the EFI loader:
> > > 1. Decoding of Microsoft Authentication Code.
> > > 2. Decoding of PKCS#9 Authenticate Attributes.
> > > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's
> certificates.
> > > 4. MbedTLS native test suites for PKCS#7 signer's info.
> > >
> > > All above 4 patches (tagged with `mbedtls/external`) are submitted to
> > > MbedTLS project and being reviewed, eventually they should be part of
> > > MbedTLS LTS release.
> > > But before that, please merge them into U-Boot, otherwise the building
> > > will be broken when MBEDTLS_LIB_X509 is enabled.
> > >
> > > See below PR link for the reference:
> > > https://github.com/Mbed-TLS/mbedtls/pull/9001
> > >
> > > Miscellaneous:
> > > --------------
> > >
> > > Optimized MbedTLS library size by tailoring the config file
> > > and disabling all unnecessary features for EFI loader.
> > > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1,
> sha256,
> > > sha512) are completely replaced when MbedTLS is enabled.
> > > From v3, the size-growth is slightly reduced by refactoring Hash
> functions.
> > > From v6, smaller implementations for SHA256 and SHA512 are enabled and
> > > target size reduce significantly.
> > > Target(QEMU arm64) size-growth when enabling MbedTLS:
> > > v1: 6.03%
> > > v2: 4.66%
> > > v3 - v5: 4.55%
> > > v6: 2.90%
> > >
> > > Please see the latest output from buildman for size-growth on QEMU
> arm64,
> > > Sandbox and Nanopi A64. [1]
> > >
> > > Tests done:
> > > -----------
> > >
> > > EFI Secure Boot test (EFI variables loading and verifying, EFI signed
> image
> > > verifying and booting) via U-Boot console.
> > > EFI Secure Boot and Capsule sandbox test passed.
> > >
> > > Known issues:
> > > -------------
> > >
> > > None.
> > >
> > > [1]: buildman output for size comparison (With both `MBEDTLS_LIB` and
> > > `MBEDTLS_LIB_CRYPTO` selected)
> > > (qemu_arm64, sandbox and nanopi_a64)
> > > ```
> > > aarch64: (for 2/2 boards) all -1568.0 bss -8.0 data -64.0 rodata
> +200.0 text -1696.0
> > > qemu_arm64 : all +4472 bss -16 data -64 rodata +200
> text +4352
> > > u-boot: add: 29/-14, grow: 6/-13 bytes: 12812/-8084
> (4728)
> > > function old
> new delta
> > > mbedtls_internal_sha1_process -
> 4540 +4540
> >
> > I am not going to review this version as others are on top of this. It
> > looks reasonable to me. We do need to tidy up the hashing in
> > common/hash.c at some point but this series doesn't add to the pain
> > there.
>
> I don't have time to review those things in depth. OTOH we have enough
> testing on the CI to make sure cryptography is working and I do like
> the state of the patches as well.
>
> The current code leave mbedTLS hashing algorithms as a choice, but set
> the existing hashing algos as the default, since they are smaller and
> work with offloading. Since using new algorithms from mbedTLS might
> have valid use cases, I suggest we pull this and clean up the hash
> subsystem, to include all 4 options
> - mbedTLS in sw
> - U-Boot hashes in sw
> - Mix of mbedTLS & hardware offloading
> - Mix of U-Boot hashing & hardware offloading (already works)
>
>
The patch set has these already with combinations of kconfigs:
- mbedTLS in sw (set CONFIG_MBEDTLS_LIB=y && MBEDTLS_LIB_CRYPTO=y,
tested via github CI)
- U-Boot hashes in sw (default when setting CONFIG_MBEDTLS_LIB=y only,
tested via github CI)
- Mix of mbedTLS & hardware offloading (I didn't test this but it should
work as
it was when SHA_HW_ACCEL=y)
Regards,
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-03 21:50 [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Raymond Mao
` (27 preceding siblings ...)
2024-10-09 1:52 ` [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot Simon Glass
@ 2024-10-15 4:30 ` Tom Rini
2024-10-15 5:22 ` Ilias Apalodimas
2024-10-15 14:08 ` Raymond Mao
28 siblings, 2 replies; 56+ messages in thread
From: Tom Rini @ 2024-10-15 4:30 UTC (permalink / raw)
To: Raymond Mao
Cc: u-boot, manish.pandey2, Stefan Bosch, Mario Six, Andy Shevchenko,
Michal Simek, Tuomas Tynkkynen, Simon Glass, Peng Fan,
Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
[-- Attachment #1: Type: text/plain, Size: 3918 bytes --]
On Thu, Oct 03, 2024 at 02:50:13PM -0700, Raymond Mao wrote:
> Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
>
> Motivations:
> ------------
>
> 1. MbedTLS is well maintained with LTS versions.
> 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> 3. MbedTLS recently switched license back to GPLv2.
>
> Prerequisite:
> -------------
>
> This patch series requires mbedtls git repo to be added as a
> subtree to the main U-Boot repo via:
> $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> https://github.com/Mbed-TLS/mbedtls.git \
> v3.6.0 --squash
> Moreover, due to the Windows-style files from mbedtls git repo,
> we need to convert the CRLF endings to LF and do a commit manually:
> $ git add --renormalize .
> $ git commit
>
> New Kconfig options:
> --------------------
>
> `MBEDTLS_LIB` is for MbedTLS general switch.
> `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
> MbedTLS.
> `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> MbedTLS crypto alternatives.
> `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> and Pubkey parser with MbedTLS.
> By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> when `MBEDTLS_LIB` is enabled.
> `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
> `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> introduced.
>
> In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> for testing purpose.
>
> Patches for external MbedTLS project:
> -------------------------------------
>
> Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> executables which is not supported by MbedTLS at the moment,
> addtional patches for MbedTLS are created to adapt with the EFI loader:
> 1. Decoding of Microsoft Authentication Code.
> 2. Decoding of PKCS#9 Authenticate Attributes.
> 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
> 4. MbedTLS native test suites for PKCS#7 signer's info.
>
> All above 4 patches (tagged with `mbedtls/external`) are submitted to
> MbedTLS project and being reviewed, eventually they should be part of
> MbedTLS LTS release.
> But before that, please merge them into U-Boot, otherwise the building
> will be broken when MBEDTLS_LIB_X509 is enabled.
>
> See below PR link for the reference:
> https://github.com/Mbed-TLS/mbedtls/pull/9001
>
> Miscellaneous:
> --------------
>
> Optimized MbedTLS library size by tailoring the config file
> and disabling all unnecessary features for EFI loader.
> From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
> sha512) are completely replaced when MbedTLS is enabled.
> From v3, the size-growth is slightly reduced by refactoring Hash functions.
> From v6, smaller implementations for SHA256 and SHA512 are enabled and
> target size reduce significantly.
> Target(QEMU arm64) size-growth when enabling MbedTLS:
> v1: 6.03%
> v2: 4.66%
> v3 - v5: 4.55%
> v6: 2.90%
>
> Please see the latest output from buildman for size-growth on QEMU arm64,
> Sandbox and Nanopi A64. [1]
>
> Tests done:
> -----------
>
> EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
> verifying and booting) via U-Boot console.
> EFI Secure Boot and Capsule sandbox test passed.
>
> Known issues:
> -------------
>
> None.
For the whole series, applied to u-boot/master. Thanks again for all the
hard work here.
--
Tom
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 659 bytes --]
^ permalink raw reply [flat|nested] 56+ messages in thread* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-15 4:30 ` Tom Rini
@ 2024-10-15 5:22 ` Ilias Apalodimas
2024-10-15 14:08 ` Raymond Mao
1 sibling, 0 replies; 56+ messages in thread
From: Ilias Apalodimas @ 2024-10-15 5:22 UTC (permalink / raw)
To: Tom Rini
Cc: Raymond Mao, u-boot, manish.pandey2, Stefan Bosch, Mario Six,
Andy Shevchenko, Michal Simek, Tuomas Tynkkynen, Simon Glass,
Peng Fan, Jaehoon Chung, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
Hi Tom,
On Tue, 15 Oct 2024 at 07:30, Tom Rini <trini@konsulko.com> wrote:
>
> On Thu, Oct 03, 2024 at 02:50:13PM -0700, Raymond Mao wrote:
>
> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
> >
> > Motivations:
> > ------------
> >
> > 1. MbedTLS is well maintained with LTS versions.
> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> > 3. MbedTLS recently switched license back to GPLv2.
> >
> > Prerequisite:
> > -------------
> >
> > This patch series requires mbedtls git repo to be added as a
> > subtree to the main U-Boot repo via:
> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > https://github.com/Mbed-TLS/mbedtls.git \
> > v3.6.0 --squash
> > Moreover, due to the Windows-style files from mbedtls git repo,
> > we need to convert the CRLF endings to LF and do a commit manually:
> > $ git add --renormalize .
> > $ git commit
> >
> > New Kconfig options:
> > --------------------
> >
> > `MBEDTLS_LIB` is for MbedTLS general switch.
> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
> > MbedTLS.
> > `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> > MbedTLS crypto alternatives.
> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> > and Pubkey parser with MbedTLS.
> > By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> > when `MBEDTLS_LIB` is enabled.
> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> > introduced.
> >
> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> > for testing purpose.
> >
> > Patches for external MbedTLS project:
> > -------------------------------------
> >
> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> > executables which is not supported by MbedTLS at the moment,
> > addtional patches for MbedTLS are created to adapt with the EFI loader:
> > 1. Decoding of Microsoft Authentication Code.
> > 2. Decoding of PKCS#9 Authenticate Attributes.
> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
> > 4. MbedTLS native test suites for PKCS#7 signer's info.
> >
> > All above 4 patches (tagged with `mbedtls/external`) are submitted to
> > MbedTLS project and being reviewed, eventually they should be part of
> > MbedTLS LTS release.
> > But before that, please merge them into U-Boot, otherwise the building
> > will be broken when MBEDTLS_LIB_X509 is enabled.
> >
> > See below PR link for the reference:
> > https://github.com/Mbed-TLS/mbedtls/pull/9001
> >
> > Miscellaneous:
> > --------------
> >
> > Optimized MbedTLS library size by tailoring the config file
> > and disabling all unnecessary features for EFI loader.
> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
> > sha512) are completely replaced when MbedTLS is enabled.
> > From v3, the size-growth is slightly reduced by refactoring Hash functions.
> > From v6, smaller implementations for SHA256 and SHA512 are enabled and
> > target size reduce significantly.
> > Target(QEMU arm64) size-growth when enabling MbedTLS:
> > v1: 6.03%
> > v2: 4.66%
> > v3 - v5: 4.55%
> > v6: 2.90%
> >
> > Please see the latest output from buildman for size-growth on QEMU arm64,
> > Sandbox and Nanopi A64. [1]
> >
> > Tests done:
> > -----------
> >
> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
> > verifying and booting) via U-Boot console.
> > EFI Secure Boot and Capsule sandbox test passed.
> >
> > Known issues:
> > -------------
> >
> > None.
>
> For the whole series, applied to u-boot/master. Thanks again for all the
> hard work here.
Likewise, thanks for the patience and testing!
Regards
/Ilias
>
> --
> Tom
^ permalink raw reply [flat|nested] 56+ messages in thread
* Re: [PATCH v8 00/27] Integrate MbedTLS v3.6 LTS with U-Boot
2024-10-15 4:30 ` Tom Rini
2024-10-15 5:22 ` Ilias Apalodimas
@ 2024-10-15 14:08 ` Raymond Mao
1 sibling, 0 replies; 56+ messages in thread
From: Raymond Mao @ 2024-10-15 14:08 UTC (permalink / raw)
To: Tom Rini
Cc: u-boot, manish.pandey2, Stefan Bosch, Mario Six, Andy Shevchenko,
Michal Simek, Tuomas Tynkkynen, Simon Glass, Peng Fan,
Jaehoon Chung, Ilias Apalodimas, Jiaxun Yang, Heinrich Schuchardt,
Sean Anderson, Sumit Garg, Rasmus Villemoes, Andrew Davis,
Bryan Brattlof, Leon M. Busch-George, AKASHI Takahiro,
Alexander Gendin, Mattijs Korpershoek, Jonathan Humphreys,
Paul Barker, Marek Vasut, Linus Walleij, Ian Roberts,
Oleksandr Suvorov, Jonas Karlman, Greg Malysa, Kongyang Liu,
Sughosh Ganu, Caleb Connolly, Eddie James
Hi Tom,
On Tue, 15 Oct 2024 at 00:30, Tom Rini <trini@konsulko.com> wrote:
> On Thu, Oct 03, 2024 at 02:50:13PM -0700, Raymond Mao wrote:
>
> > Integrate MbedTLS v3.6 LTS (currently v3.6.0) with U-Boot.
> >
> > Motivations:
> > ------------
> >
> > 1. MbedTLS is well maintained with LTS versions.
> > 2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
> > 3. MbedTLS recently switched license back to GPLv2.
> >
> > Prerequisite:
> > -------------
> >
> > This patch series requires mbedtls git repo to be added as a
> > subtree to the main U-Boot repo via:
> > $ git subtree add --prefix lib/mbedtls/external/mbedtls \
> > https://github.com/Mbed-TLS/mbedtls.git \
> > v3.6.0 --squash
> > Moreover, due to the Windows-style files from mbedtls git repo,
> > we need to convert the CRLF endings to LF and do a commit manually:
> > $ git add --renormalize .
> > $ git commit
> >
> > New Kconfig options:
> > --------------------
> >
> > `MBEDTLS_LIB` is for MbedTLS general switch.
> > `MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs
> with
> > MbedTLS.
> > `MBEDTLS_LIB_CRYPTO_ALT` is for using original U-Boot crypto libs as
> > MbedTLS crypto alternatives.
> > `MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
> > and Pubkey parser with MbedTLS.
> > By default `MBEDTLS_LIB_CRYPTO_ALT` and `MBEDTLS_LIB_X509` are selected
> > when `MBEDTLS_LIB` is enabled.
> > `LEGACY_CRYPTO` is introduced as a main switch for legacy crypto library.
> > `LEGACY_CRYPTO_BASIC` is for the basic crypto functionalities and
> > `LEGACY_CRYPTO_CERT` is for the certificate related functionalities.
> > For each of the algorithm, a pair of `<alg>_LEGACY` and `<alg>_MBEDTLS`
> > Kconfig options are introduced. Meanwhile, `SPL_` Kconfig options are
> > introduced.
> >
> > In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
> > are by default enabled in qemu_arm64_defconfig and sandbox_defconfig
> > for testing purpose.
> >
> > Patches for external MbedTLS project:
> > -------------------------------------
> >
> > Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
> > executables which is not supported by MbedTLS at the moment,
> > addtional patches for MbedTLS are created to adapt with the EFI loader:
> > 1. Decoding of Microsoft Authentication Code.
> > 2. Decoding of PKCS#9 Authenticate Attributes.
> > 3. Extending MbedTLS PKCS#7 lib to support multiple signer's
> certificates.
> > 4. MbedTLS native test suites for PKCS#7 signer's info.
> >
> > All above 4 patches (tagged with `mbedtls/external`) are submitted to
> > MbedTLS project and being reviewed, eventually they should be part of
> > MbedTLS LTS release.
> > But before that, please merge them into U-Boot, otherwise the building
> > will be broken when MBEDTLS_LIB_X509 is enabled.
> >
> > See below PR link for the reference:
> > https://github.com/Mbed-TLS/mbedtls/pull/9001
> >
> > Miscellaneous:
> > --------------
> >
> > Optimized MbedTLS library size by tailoring the config file
> > and disabling all unnecessary features for EFI loader.
> > From v2, original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256,
> > sha512) are completely replaced when MbedTLS is enabled.
> > From v3, the size-growth is slightly reduced by refactoring Hash
> functions.
> > From v6, smaller implementations for SHA256 and SHA512 are enabled and
> > target size reduce significantly.
> > Target(QEMU arm64) size-growth when enabling MbedTLS:
> > v1: 6.03%
> > v2: 4.66%
> > v3 - v5: 4.55%
> > v6: 2.90%
> >
> > Please see the latest output from buildman for size-growth on QEMU arm64,
> > Sandbox and Nanopi A64. [1]
> >
> > Tests done:
> > -----------
> >
> > EFI Secure Boot test (EFI variables loading and verifying, EFI signed
> image
> > verifying and booting) via U-Boot console.
> > EFI Secure Boot and Capsule sandbox test passed.
> >
> > Known issues:
> > -------------
> >
> > None.
>
> For the whole series, applied to u-boot/master. Thanks again for all the
> hard work here.
>
> Thanks a lot for the time spent on reviewing, testing and all the
suggestions.
Raymond
^ permalink raw reply [flat|nested] 56+ messages in thread