-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define "MD light" subset of MD #7120
Conversation
It was already marked as internal use only, and no longer used internally. Also, it won't work when we dispatch to PSA. Remove it before the MD_LIGHT split to avoid a corner case: it's technically a hashing function, no HMAC or extra metadata, but we still don't want it in MD_LIGHT really. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
See docs/architecture/psa-migration/md-cipher-dispatch.md Regarding testing, the no_md component was never very useful, as that's not something people are likely to want to do: it was mostly useful as executable documentation of what depends on MD. It's going to be even less useful when more and more modules auto-enable MD_LIGHT or even MD_C. So, recycle it to test the build with only MD_LIGHT, which is something that might happen in practice, and is necessary to ensure that the division is consistent. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The CI is green except for the ABI-API checker pointing out that removing |
We had a discussion on slack and there seems to be consensus that removing |
include/mbedtls/mbedtls_config.h
Outdated
* meta-data. | ||
* | ||
* This is automatically enabled whenever MBEDTLS_MD_C is enabled, but it is | ||
* possible to enable this with MBEDTLS_MD_C if support for HMAC or extra |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* possible to enable this with MBEDTLS_MD_C if support for HMAC or extra | |
* possible to enable this without MBEDTLS_MD_C if support for HMAC or extra |
@@ -2643,7 +2643,7 @@ | |||
/** | |||
* \def MBEDTLS_MD_C | |||
* | |||
* Enable the generic message digest layer. | |||
* Enable the generic layer for message digest (hashing) and HMAC. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* Enable the generic layer for message digest (hashing) and HMAC. | |
* Enable the generic layer for message digest (hashing) and HMAC. | |
* This will automatically enable `MBEDTLS_MD_LIGHT`. |
include/mbedtls/mbedtls_config.h
Outdated
* | ||
* Uncomment to enabled the "light" subsect of MD. | ||
*/ | ||
#define MBEDTLS_MD_LIGHT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't this be named MBEDTLS_MD_LIGHT_C
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know, I think both make sense. There's no file md_light.c
which is why I went without _C
. OTOH, we have names with _C
for things that don't correspond to the name of a file, like SHA224_C
and SHA384_C
- but there I think it's for uniformity with the other SHAxxx_C
. Here it's a bit of a special case: unlike the various SHAxxx_C
that are now independent of each other, here MD_LIGHT
is explicitly a subset of MD_C
and the later auto-enables the former.
Unless you and/or the other reviewer feel strongly about this, I'm inclined to keep the current name just to avoid changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The historical convention is _C
for features that are implemented by a separate .c
file. But that doesn't make a lot of sense since the fact that the implementation is a separate .c
file is irrelevant to the programming interface. And so MBEDTLS_SHA224_C
and MBEDTLS_SHA384_C
departed from this historical convention because as an interface, it makes sense to make them similar to the other hashes.
PSA and TLS have been deviating from this convention since we refactored the code to split it into more files, but didn't make an API change just for that. {md,pk,cipher}_wrap.c
also deviate: they don't have their own enablement macro because they aren't useful on their own.
Usually MBEDTLS_XXX_YYY
is a subset of MBEDTLS_XXX_C
which either has no effect if MBEDTLS_XXX_C
is disabled, or requires MBEDTLS_XXX_C
to be enabled. This is an interface consideration which MBEDTLS_MD_LIGHT
would deviate from. We have at least one precedent: MBEDTLS_PSA_CRYPTO_CLIENT
is a subset of MBEDTLS_PSA_CRYPTO_C
.
When looking at md alone, MBEDTLS_MD_LIGHT
seems right to me. When looking at the bigger picture, MBEDTLS_MD_LIGHT_C
(considering it to be a separate module, which MBEDTLS_MD_C
happens to require) is more uniform. But MBEDTLS_MD_LIGHT
is essentially an internal symbol, so I don't think interface uniformity matters much.
In fact, should we even expose MBEDTLS_MD_LIGHT
in mbedtls_config.h
, as opposed to just automatically enabling it when other modules need it? Do we really want to promise this as a stable interface?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In fact, should we even expose
MBEDTLS_MD_LIGHT
inmbedtls_config.h
, as opposed to just automatically enabling it when other modules need it? Do we really want to promise this as a stable interface?
Indeed initially I was planning on keeping it internal (that's what I did in the prototype). Then I thought it might be useful for people who just need hashing but not HMAC, they can save a bit of code size this way. (Actually you can use all of X.509, as well as AEAD ciphersuites for TLS 1.2 without HMAC, so that might be a number of users.)
Also, it feels a bit simpler for all build options to be in mbedtls_config.h
(though that's already not the case for some options, like those related to driver testing).
Wdyt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a bit wary of introducing a new interface and declaring it as stable straight away. In this case, it's constrained to be a subset of the existing MD interface, and we've already pretty much reduced it to the minimum, so we're unlikely to make incompatible changes. But maybe we'll want to make some optimizations that break the API, e.g. changing the behavior on invalid arguments?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, good point. Should we add a warning that it's experimental (the scope of the subset may vary, as well as the behaviour of the functions), or just make it internal for now to avoid the issue?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd prefer to make it internal to start with, if only to reduce the potential testing burden. Then once the dust has settled, maybe expose it — depending partly on whether the dust does settle quickly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds like a plan. Let's do that.
include/mbedtls/md.h
Outdated
* feature macros: | ||
* - MBEDTLS_MD_C enables the whole module; | ||
* - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing | ||
* some hash metadata; is it automatically set whenever MBEDTLS_MD_C |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some hash metadata
is pretty broad. How do we know what metadata is accessible, and what isn't?
include/mbedtls/md.h
Outdated
* Availability of function in this modules is controled by two | ||
* feature macros: | ||
* - MBEDTLS_MD_C enables the whole module; | ||
* - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* - MBEDTLS_MD_LIGHT enables only functions for hashing an accessing | |
* - MBEDTLS_MD_LIGHT enables only functions for hashing and accessing |
include/mbedtls/md.h
Outdated
@@ -130,6 +139,7 @@ const int *mbedtls_md_list(void); | |||
* \return NULL if the associated message-digest information is not found. | |||
*/ | |||
const mbedtls_md_info_t *mbedtls_md_info_from_string(const char *md_name); | |||
#endif /* MBEDTLS_MD_C */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggestion: Maybe we could group functions that need MBEDTLS_MD_C
in one place?
@@ -107,6 +115,7 @@ typedef struct mbedtls_md_context_t { | |||
void *MBEDTLS_PRIVATE(hmac_ctx); | |||
} mbedtls_md_context_t; | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unrelated to this line, but rather about this file:
Don't we want to guard the function declarations with MBEDTLS_MD_LIGHT
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We usually don't guard function declarations in header files with the corresponding implementation macro. For example, before this PR they were not guarded with MBEDTLS_MD_C
. Technically, the guards I'm adding wouldn't be necessary, but I think they're helpful to document what's part of MD-light and what's not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, only minor points raised and questions asked.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
tests/scripts/all.sh
Outdated
if [ "$DRIVER_ONLY" -eq 1 ]; then | ||
scripts/config.py unset MBEDTLS_MD_C | ||
scripts/config.py unset MBEDTLS_MD_LIGHT |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will probably fail, since there's no MBEDTLS_MD_LIGHT define in the config now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this will probably fail, since there's no MBEDTLS_MD_LIGHT define in the config now.
I tested it and config.py
doesn't complain if there's a call to unset a define that doesn't exist, only set complains. Still, there's no MBEDTLS_MD_LIGHT
in the config file anymore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
config.py unset FOO
doesn't require FOO
to exist (originally for backward compatibility with config.pl
; I don't know if our test scripts currently depend on it).
If we want to ensure that a particular build does not enable MBEDTLS_MD_LIGHT
, we can grep for an mbedtls_md_xxx
symbol in libmbedcrypto.a
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, even if config.py
happens not to complain, this command is confusing, I'll remove it. (I was planning to but apparently forgot at some point.)
If we want to ensure that a particular build does not enable
MBEDTLS_MD_LIGHT
, we can grep for anmbedtls_md_xxx
symbol inlibmbedcrypto.a
.
Yes, that's what we're doing in this component (which is temporary, we're going to have MD_LIGHT
enabled there at some point in the future).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably one issue in the all.sh
tests. It would be also great to group functions in md.c
in a similar way to md.h
to use one #if defined(MBEDTLS_MD_C)
instead of separate ones for each function (but that's just a minor).
It turns out config.py wouldn't complain, but it's still confusing. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
45cef61
Manually fixed a trivial merge conflict in build_info.h |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Resolves #6988
Note: this PR only takes care of the functional part. A potential code size optimization is left for later: #7119
Also, currently there are no users of MD light, this will happen as part of #6989
Gatekeeper checklist