Define "MD light" subset of MD #7120
Conversation
It was already marked as internal use only, and no longer used internally. Also, it won't work when we dispatch to PSA. Remove it before the MD_LIGHT split to avoid a corner case: it's technically a hashing function, no HMAC or extra metadata, but we still don't want it in MD_LIGHT really. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
See docs/architecture/psa-migration/md-cipher-dispatch.md Regarding testing, the no_md component was never very useful, as that's not something people are likely to want to do: it was mostly useful as executable documentation of what depends on MD. It's going to be even less useful when more and more modules auto-enable MD_LIGHT or even MD_C. So, recycle it to test the build with only MD_LIGHT, which is something that might happen in practice, and is necessary to ensure that the division is consistent. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added
enhancement
needs-review
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
|
The CI is green except for the ABI-API checker pointing out that removing |
|
We had a discussion on slack and there seems to be consensus that removing |
include/mbedtls/mbedtls_config.h
Outdated
| * meta-data. | ||
| * | ||
| * This is automatically enabled whenever MBEDTLS_MD_C is enabled, but it is | ||
| * possible to enable this with MBEDTLS_MD_C if support for HMAC or extra |
There was a problem hiding this comment.
| * possible to enable this with MBEDTLS_MD_C if support for HMAC or extra | |
| * possible to enable this without MBEDTLS_MD_C if support for HMAC or extra |
| @@ -2643,7 +2643,7 @@ | |||
| /** | |||
| * \def MBEDTLS_MD_C | |||
| * | |||
| * Enable the generic message digest layer. | |||
| * Enable the generic layer for message digest (hashing) and HMAC. | |||
There was a problem hiding this comment.
| * Enable the generic layer for message digest (hashing) and HMAC. | |
| * Enable the generic layer for message digest (hashing) and HMAC. | |
| * This will automatically enable `MBEDTLS_MD_LIGHT`. |
include/mbedtls/mbedtls_config.h
Outdated
| * | ||
| * Uncomment to enabled the "light" subsect of MD. | ||
| */ | ||
| #define MBEDTLS_MD_LIGHT |
There was a problem hiding this comment.
Shouldn't this be named MBEDTLS_MD_LIGHT_C?
There was a problem hiding this comment.
I don't know, I think both make sense. There's no file md_light.c which is why I went without _C. OTOH, we have names with _C for things that don't correspond to the name of a file, like SHA224_C and SHA384_C - but there I think it's for uniformity with the other SHAxxx_C. Here it's a bit of a special case: unlike the various SHAxxx_C that are now independent of each other, here MD_LIGHT is explicitly a subset of MD_C and the later auto-enables the former.
Unless you and/or the other reviewer feel strongly about this, I'm inclined to keep the current name just to avoid changes.
There was a problem hiding this comment.
The historical convention is _C for features that are implemented by a separate .c file. But that doesn't make a lot of sense since the fact that the implementation is a separate .c file is irrelevant to the programming interface. And so MBEDTLS_SHA224_C and MBEDTLS_SHA384_C departed from this historical convention because as an interface, it makes sense to make them similar to the other hashes.
PSA and TLS have been deviating from this convention since we refactored the code to split it into more files, but didn't make an API change just for that. {md,pk,cipher}_wrap.c also deviate: they don't have their own enablement macro because they aren't useful on their own.
Usually MBEDTLS_XXX_YYY is a subset of MBEDTLS_XXX_C which either has no effect if MBEDTLS_XXX_C is disabled, or requires MBEDTLS_XXX_C to be enabled. This is an interface consideration which MBEDTLS_MD_LIGHT would deviate from. We have at least one precedent: MBEDTLS_PSA_CRYPTO_CLIENT is a subset of MBEDTLS_PSA_CRYPTO_C.
When looking at md alone, MBEDTLS_MD_LIGHT seems right to me. When looking at the bigger picture, MBEDTLS_MD_LIGHT_C (considering it to be a separate module, which MBEDTLS_MD_C happens to require) is more uniform. But MBEDTLS_MD_LIGHT is essentially an internal symbol, so I don't think interface uniformity matters much.
In fact, should we even expose MBEDTLS_MD_LIGHT in mbedtls_config.h, as opposed to just automatically enabling it when other modules need it? Do we really want to promise this as a stable interface?
There was a problem hiding this comment.
In fact, should we even expose
MBEDTLS_MD_LIGHTinmbedtls_config.h, as opposed to just automatically enabling it when other modules need it? Do we really want to promise this as a stable interface?
Indeed initially I was planning on keeping it internal (that's what I did in the prototype). Then I thought it might be useful for people who just need hashing but not HMAC, they can save a bit of code size this way. (Actually you can use all of X.509, as well as AEAD ciphersuites for TLS 1.2 without HMAC, so that might be a number of users.)
Also, it feels a bit simpler for all build options to be in mbedtls_config.h (though that's already not the case for some options, like those related to driver testing).
Wdyt?
There was a problem hiding this comment.
I'm a bit wary of introducing a new interface and declaring it as stable straight away. In this case, it's constrained to be a subset of the existing MD interface, and we've already pretty much reduced it to the minimum, so we're unlikely to make incompatible changes. But maybe we'll want to make some optimizations that break the API, e.g. changing the behavior on invalid arguments?
There was a problem hiding this comment.
Ah, good point. Should we add a warning that it's experimental (the scope of the subset may vary, as well as the behaviour of the functions), or just make it internal for now to avoid the issue?
There was a problem hiding this comment.
I'd prefer to make it internal to start with, if only to reduce the potential testing burden. Then once the dust has settled, maybe expose it — depending partly on whether the dust does settle quickly.
There was a problem hiding this comment.
Sounds like a plan. Let's do that.
include/mbedtls/md.h
Outdated
| * feature macros: | ||
| * - MBEDTLS_MD_C enables the whole module; | ||
| * - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing | ||
| * some hash metadata; is it automatically set whenever MBEDTLS_MD_C |
There was a problem hiding this comment.
some hash metadata is pretty broad. How do we know what metadata is accessible, and what isn't?
include/mbedtls/md.h
Outdated
| * Availability of function in this modules is controled by two | ||
| * feature macros: | ||
| * - MBEDTLS_MD_C enables the whole module; | ||
| * - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing |
There was a problem hiding this comment.
| * - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing | |
| * - MBEDTLS_MD_LIGHT enables only functions for hashing and accessing |
include/mbedtls/md.h
Outdated
| @@ -130,6 +139,7 @@ const int *mbedtls_md_list(void); | |||
| * \return NULL if the associated message-digest information is not found. | |||
| */ | |||
| const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); | |||
| #endif /* MBEDTLS_MD_C */ | |||
There was a problem hiding this comment.
Suggestion: Maybe we could group functions that need MBEDTLS_MD_C in one place?
| @@ -107,6 +115,7 @@ typedef struct mbedtls_md_context_t { | |||
| void *MBEDTLS_PRIVATE(hmac_ctx); | |||
| } mbedtls_md_context_t; | |||
|
|
|||
There was a problem hiding this comment.
Unrelated to this line, but rather about this file:
Don't we want to guard the function declarations with MBEDTLS_MD_LIGHT?
There was a problem hiding this comment.
We usually don't guard function declarations in header files with the corresponding implementation macro. For example, before this PR they were not guarded with MBEDTLS_MD_C. Technically, the guards I'm adding wouldn't be necessary, but I think they're helpful to document what's part of MD-light and what's not.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
tests/scripts/all.sh
Outdated
| if [ "$DRIVER_ONLY" -eq 1 ]; then | ||
| scripts/config.py unset MBEDTLS_MD_C | ||
| scripts/config.py unset MBEDTLS_MD_LIGHT |
There was a problem hiding this comment.
this will probably fail, since there's no MBEDTLS_MD_LIGHT define in the config now.
There was a problem hiding this comment.
this will probably fail, since there's no MBEDTLS_MD_LIGHT define in the config now.
I tested it and config.py doesn't complain if there's a call to unset a define that doesn't exist, only set complains. Still, there's no MBEDTLS_MD_LIGHT in the config file anymore.
There was a problem hiding this comment.
config.py unset FOO doesn't require FOO to exist (originally for backward compatibility with config.pl; I don't know if our test scripts currently depend on it).
If we want to ensure that a particular build does not enable MBEDTLS_MD_LIGHT, we can grep for an mbedtls_md_xxx symbol in libmbedcrypto.a.
There was a problem hiding this comment.
Agreed, even if config.py happens not to complain, this command is confusing, I'll remove it. (I was planning to but apparently forgot at some point.)
If we want to ensure that a particular build does not enable
MBEDTLS_MD_LIGHT, we can grep for anmbedtls_md_xxxsymbol inlibmbedcrypto.a.
Yes, that's what we're doing in this component (which is temporary, we're going to have MD_LIGHT enabled there at some point in the future).
It turns out config.py wouldn't complain, but it's still confusing. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
daverodgman
added
approved
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
daverodgman
dismissed stale reviews from valeriosetti and AndrzejKurek
via
45cef61
|
Manually fixed a trivial merge conflict in build_info.h |
daverodgman
added
needs-review
mpg
added
approved
Resolves #6988
Note: this PR only takes care of the functional part. A potential code size optimization is left for later: #7119
Also, currently there are no users of MD light, this will happen as part of #6989
Gatekeeper checklist