Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: Remove PSA Crypto API from targets without entropy #9710

Merged
merged 1 commit into from Feb 15, 2019

Conversation

Projects
None yet
7 participants
@Patater
Copy link
Contributor

commented Feb 13, 2019

Description

An entropy source is required in order to use the PSA Crypto API. The
only devices Mbed OS knows are guaranteed by default to have an entropy
source are those devices with a TRNG. Don't enable the PSA Crypto API by
default for devices that Mbed OS can't know have an entropy source. This
avoids run-time errors when an entropy source is not present on these
targets.

Applications can add their own entropy source by place entropy into
their systems, implementing their own NV Seed read and write callbacks,
and then enabling the MBEDTLS_ENTROPY_NV_SEED configuration option to
notify the PSA Crypto implementation that an entropy source is present
and how to use it.

See https://os.mbed.com/docs/mbed-os/v5.11/porting/entropy-sources.html
for the background on why entropy is fundamental to system security and
how to inject entropy into systems that lack an on-board source of
entropy.

This is a follow up PR to #9605 which inadvertently turned on the PSA Crypto API by default. The NUCLEO_F411RE board requires a source of entropy that isn't available by default. Not all Mbed OS applications our users have written for the F411RE require the PSA Crypto API nor are guaranteed to have injected the necessary entropy in order to use the PSA Crypto API. #9605 broke compatibility with existing applications on the F411RE. This PR is a fix to restore functionality to existing applications.

Pull request type

[x] Fix
[ ] Refactor
[ ] Target update
[ ] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

Reviewers

@teetak01 @orenc17

crypto: Remove PSA Crypto API from targets without entropy
An entropy source is required in order to use the PSA Crypto API. The
only devices Mbed OS knows are guaranteed by default to have an entropy
source are those devices with a TRNG. Don't enable the PSA Crypto API by
default for devices that Mbed OS can't know have an entropy source. This
avoids run-time errors when an entropy source is not present on these
targets.

Applications can add their own entropy source by place entropy into
their systems, implementing their own NV Seed read and write callbacks,
and then enabling the MBEDTLS_ENTROPY_NV_SEED configuration option to
notify the PSA Crypto implementation that an entropy source is present
and how to use it.

See https://os.mbed.com/docs/mbed-os/v5.11/porting/entropy-sources.html
for the background on why entropy is fundamental to system security and
how to inject entropy into systems that lack an on-board source of
entropy.
@Patater

This comment has been minimized.

Copy link
Contributor Author

commented Feb 13, 2019

We might want to consider additionally removing "PSA" from extra_labels_add for this target, depending on if other PSA requirements are met or not (e.g. ITS with such small flash space available).

@ciarmcom

This comment has been minimized.

Copy link
Member

commented Feb 13, 2019

@Patater, thank you for your changes.
@teetak01 @orenc17 @ARMmbed/mbed-os-maintainers please review.

@ciarmcom ciarmcom requested review from orenc17, teetak01 and ARMmbed/mbed-os-maintainers Feb 13, 2019

@cmonr

cmonr approved these changes Feb 13, 2019

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 14, 2019

This PR is a fix to restore functionality to existing applications.

Based on this and other information, I marked PRs #9605, #9677 and this one for 5.11.5 (as fixes, backward compatible).

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 14, 2019

@teetak01 Will this fix it , please confirm

@cmonr cmonr added needs: review and removed needs: CI labels Feb 14, 2019

@0xc0170 0xc0170 added needs: CI and removed needs: review labels Feb 15, 2019

@0xc0170

This comment has been minimized.

Copy link
Member

commented Feb 15, 2019

CI started

@mbed-ci

This comment has been minimized.

Copy link

commented Feb 15, 2019

Test run: SUCCESS

Summary: 12 of 12 test jobs passed
Build number : 1
Build artifacts

@cmonr cmonr merged commit 31be2a3 into ARMmbed:master Feb 15, 2019

27 checks passed

continuous-integration/jenkins/pr-head This commit looks good
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/build-ARM Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/build-ARMC6 Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/build-GCC_ARM Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/build-IAR Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/cloud-client-test Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/dynamic-memory-usage RTOS ROM(+0 bytes) RAM(+0 bytes)
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/exporter Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/greentea-test Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/mbed2-build-ARM Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/mbed2-build-GCC_ARM Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/mbed2-build-IAR Success
Details
jenkins-ci/ARMmbed/mbed-os/mbed-os-ci/PR-9710/unittests Success
Details
travis-ci/astyle Local astyle testing has passed
Details
travis-ci/docs Local docs testing has passed
Details
travis-ci/doxy-spellcheck Local doxy-spellcheck testing has passed
Details
travis-ci/events Passed, runtime is 10410 cycles (+1065 cycles)
Details
travis-ci/gitattributestest Local gitattributestest testing has passed
Details
travis-ci/include_check Local include_check testing has passed
Details
travis-ci/licence_check Local licence_check testing has passed
Details
travis-ci/littlefs Passed, code size is 8408B (+0.00%)
Details
travis-ci/psa-autogen Local psa-autogen testing has passed
Details
travis-ci/tools-py2.7 Local tools-py2.7 testing has passed
Details
travis-ci/tools-py3.5 Local tools-py3.5 testing has passed
Details
travis-ci/tools-py3.6 Local tools-py3.6 testing has passed
Details
travis-ci/tools-py3.7 Local tools-py3.7 testing has passed
Details

@cmonr cmonr removed the ready for merge label Feb 15, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.