Skip to content

Commit

Permalink
Merge branch 'feature/mbedtls-3.1' into 'master'
Browse files Browse the repository at this point in the history 
Update to mbedtls-3.1

Closes IDF-3723

See merge request espressif/esp-idf!16656
  • Loading branch information
@mahavirj
mahavirj committed Mar 3, 2022
2 parents cdc0014 + 72f12a0 commit 035d7df
Show file tree
Hide file tree
Showing 93 changed files with 3,195 additions and 1,657 deletions.
8 changes: 4 additions & 4 deletions components/asio/port/mbedtls/include/mbedtls_engine.hpp
View file
@@ -1,5 +1,5 @@
//
// SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
// SPDX-FileCopyrightText: 2021-2022 Espressif Systems (Shanghai) CO LTD
//
// SPDX-License-Identifier: BSL-1.0
//
Expand Down Expand Up @@ -141,7 +141,7 @@ class engine {
int ret = 0;
mbedtls_ssl_set_bio(&impl_.ssl_, bio_.first.get(), bio_write, bio_read, nullptr);

while (impl_.ssl_.state != MBEDTLS_SSL_HANDSHAKE_OVER) {
while (impl_.ssl_.MBEDTLS_PRIVATE(state) != MBEDTLS_SSL_HANDSHAKE_OVER) {
ret = mbedtls_ssl_handshake_step(&impl_.ssl_);

if (ret != 0) {
Expand Down Expand Up @@ -189,7 +189,7 @@ class engine {

bool before_handshake() const
{
return ssl_.state == 0;
return ssl_.MBEDTLS_PRIVATE(state) == 0;
}

int write(const void *buffer, int len)
Expand Down Expand Up @@ -246,7 +246,7 @@ class engine {
return false;
}
ret = mbedtls_pk_parse_key(&pk_key_, ctx->data(container::PRIVKEY), ctx->size(container::PRIVKEY),
nullptr, 0);
nullptr, 0, mbedtls_ctr_drbg_random, &ctr_drbg_);
if (ret < 0) {
print_error("mbedtls_pk_parse_keyfile", ret);
return false;
Expand Down
6 changes: 3 additions & 3 deletions components/bootloader_support/src/idf/bootloader_sha.c
View file
Expand Up @@ -18,7 +18,7 @@ bootloader_sha256_handle_t bootloader_sha256_start(void)
return NULL;
}
mbedtls_sha256_init(ctx);
int ret = mbedtls_sha256_starts_ret(ctx, false);
int ret = mbedtls_sha256_starts(ctx, false);
if (ret != 0) {
return NULL;
}
Expand All @@ -29,7 +29,7 @@ void bootloader_sha256_data(bootloader_sha256_handle_t handle, const void *data,
{
assert(handle != NULL);
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
int ret = mbedtls_sha256_update_ret(ctx, data, data_len);
int ret = mbedtls_sha256_update(ctx, data, data_len);
assert(ret == 0);
(void)ret;
}
Expand All @@ -39,7 +39,7 @@ void bootloader_sha256_finish(bootloader_sha256_handle_t handle, uint8_t *digest
assert(handle != NULL);
mbedtls_sha256_context *ctx = (mbedtls_sha256_context *)handle;
if (digest != NULL) {
int ret = mbedtls_sha256_finish_ret(ctx, digest);
int ret = mbedtls_sha256_finish(ctx, digest);
assert(ret == 0);
(void)ret;
}
Expand Down
12 changes: 6 additions & 6 deletions components/bootloader_support/src/secure_boot_v1/secure_boot_signatures_app.c
View file
Expand Up @@ -102,20 +102,20 @@ esp_err_t esp_secure_boot_verify_ecdsa_signature_block(const esp_secure_boot_sig
mbedtls_ecdsa_context ecdsa_context;
mbedtls_ecdsa_init(&ecdsa_context);

mbedtls_ecp_group_load(&ecdsa_context.grp, MBEDTLS_ECP_DP_SECP256R1);
size_t plen = mbedtls_mpi_size(&ecdsa_context.grp.P);
mbedtls_ecp_group_load(&ecdsa_context.MBEDTLS_PRIVATE(grp), MBEDTLS_ECP_DP_SECP256R1);
size_t plen = mbedtls_mpi_size(&ecdsa_context.MBEDTLS_PRIVATE(grp).P);
if (keylen != 2 * plen) {
ESP_LOGE(TAG, "Incorrect ECDSA key length %d", keylen);
ret = ESP_FAIL;
goto cleanup;
}

/* Extract X and Y components from ECDSA public key */
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.Q.X, signature_verification_key_start, plen));
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.Q.Y, signature_verification_key_start + plen, plen));
MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ecdsa_context.Q.Z, 1));
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), signature_verification_key_start, plen));
MBEDTLS_MPI_CHK(mbedtls_mpi_read_binary(&ecdsa_context.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), signature_verification_key_start + plen, plen));
MBEDTLS_MPI_CHK(mbedtls_mpi_lset(&ecdsa_context.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 1));

ret = mbedtls_ecdsa_verify(&ecdsa_context.grp, image_digest, ESP_SECURE_BOOT_DIGEST_LEN, &ecdsa_context.Q, &r, &s);
ret = mbedtls_ecdsa_verify(&ecdsa_context.MBEDTLS_PRIVATE(grp), image_digest, ESP_SECURE_BOOT_DIGEST_LEN, &ecdsa_context.MBEDTLS_PRIVATE(Q), &r, &s);
ESP_LOGD(TAG, "Verification result %d", ret);

cleanup:
Expand Down
18 changes: 9 additions & 9 deletions components/bootloader_support/src/secure_boot_v2/secure_boot_signatures_app.c
View file
Expand Up @@ -222,15 +222,16 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa

ESP_LOGI(TAG, "Verifying with RSA-PSS...");

const mbedtls_mpi N = { .s = 1,
.n = sizeof(trusted_block->key.n)/sizeof(mbedtls_mpi_uint),
.p = (void *)trusted_block->key.n,
const mbedtls_mpi N = { .MBEDTLS_PRIVATE(s) = 1,
.MBEDTLS_PRIVATE(n) = sizeof(trusted_block->key.n)/sizeof(mbedtls_mpi_uint),
.MBEDTLS_PRIVATE(p) = (void *)trusted_block->key.n,
};
const mbedtls_mpi e = { .s = 1,
.n = sizeof(trusted_block->key.e)/sizeof(mbedtls_mpi_uint), // 1
.p = (void *)&trusted_block->key.e,
const mbedtls_mpi e = { .MBEDTLS_PRIVATE(s) = 1,
.MBEDTLS_PRIVATE(n) = sizeof(trusted_block->key.e)/sizeof(mbedtls_mpi_uint), // 1
.MBEDTLS_PRIVATE(p) = (void *)&trusted_block->key.e,
};
mbedtls_rsa_init(&pk, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
mbedtls_rsa_init(&pk);
mbedtls_rsa_set_padding(&pk,MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
ret = mbedtls_rsa_import(&pk, &N, NULL, NULL, NULL, &e);
if (ret != 0) {
ESP_LOGE(TAG, "Failed mbedtls_rsa_import, err: %d", ret);
Expand Down Expand Up @@ -260,8 +261,7 @@ esp_err_t esp_secure_boot_verify_rsa_signature_block(const ets_secure_boot_signa
goto exit_inner;
}

ret = mbedtls_rsa_rsassa_pss_verify( &pk, mbedtls_ctr_drbg_random, &ctr_drbg, MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA256, ESP_SECURE_BOOT_DIGEST_LEN,
image_digest, sig_be);
ret = mbedtls_rsa_rsassa_pss_verify( &pk, MBEDTLS_MD_SHA256, ESP_SECURE_BOOT_DIGEST_LEN, image_digest, sig_be);
if (ret != 0) {
ESP_LOGE(TAG, "Failed mbedtls_rsa_rsassa_pss_verify, err: %d", ret);
} else {
Expand Down
1 change: 1 addition & 0 deletions components/bt/common/api/include/api/esp_blufi_api.h
View file
Expand Up @@ -74,6 +74,7 @@ typedef enum {
ESP_BLUFI_READ_PARAM_ERROR,
ESP_BLUFI_MAKE_PUBLIC_ERROR,
ESP_BLUFI_DATA_FORMAT_ERROR,
ESP_BLUFI_CALC_MD5_ERROR,
} esp_blufi_error_state_t;

/**
Expand Down
2 changes: 1 addition & 1 deletion components/bt/host/nimble/nimble
Submodule nimble updated 1 files
+21 −7 nimble/host/src/ble_sm_alg.c
2 changes: 1 addition & 1 deletion components/esp-tls/esp-tls-crypto/esp_tls_crypto.c
View file
Expand Up @@ -25,7 +25,7 @@ static int esp_crypto_sha1_mbedtls( const unsigned char *input,
size_t ilen,
unsigned char output[20])
{
int ret = mbedtls_sha1_ret(input, ilen, output);
int ret = mbedtls_sha1(input, ilen, output);
if (ret != 0) {
ESP_LOGE(TAG, "Error in calculating sha1 sum , Returned 0x%02X", ret);
}
Expand Down
15 changes: 12 additions & 3 deletions components/esp-tls/esp_tls_mbedtls.c
View file
@@ -1,5 +1,5 @@
/*
* SPDX-FileCopyrightText: 2019-2021 Espressif Systems (Shanghai) CO LTD
* SPDX-FileCopyrightText: 2019-2022 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
Expand Down Expand Up @@ -114,6 +114,14 @@ esp_err_t esp_create_mbedtls_handle(const char *hostname, size_t hostlen, const
mbedtls_esp_enable_debug_log(&tls->conf, CONFIG_MBEDTLS_DEBUG_LEVEL);
#endif

#ifdef CONFIG_MBEDTLS_SSL_PROTO_TLS1_3
// NOTE: Mbed TLS currently supports only client-side config with TLS 1.3
if (tls->role != ESP_TLS_SERVER) {
mbedtls_ssl_conf_min_version(&tls->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4);
mbedtls_ssl_conf_max_version(&tls->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_4);
}
#endif

if ((ret = mbedtls_ssl_setup(&tls->ssl, &tls->conf)) != 0) {
ESP_LOGE(TAG, "mbedtls_ssl_setup returned -0x%04X", -ret);
mbedtls_print_error_msg(ret);
Expand Down Expand Up @@ -365,7 +373,8 @@ static esp_err_t set_pki_context(esp_tls_t *tls, const esp_tls_pki_t *pki)
#endif
if (pki->privkey_pem_buf != NULL) {
ret = mbedtls_pk_parse_key(pki->pk_key, pki->privkey_pem_buf, pki->privkey_pem_bytes,
pki->privkey_password, pki->privkey_password_len);
pki->privkey_password, pki->privkey_password_len,
mbedtls_ctr_drbg_random, &tls->ctr_drbg);
} else {
return ESP_ERR_INVALID_ARG;
}
Expand Down Expand Up @@ -906,7 +915,7 @@ static esp_err_t esp_mbedtls_init_pk_ctx_for_ds(const void *pki)
int ret = -1;
/* initialize the mbedtls pk context with rsa context */
mbedtls_rsa_context rsakey;
mbedtls_rsa_init(&rsakey, MBEDTLS_RSA_PKCS_V15, 0);
mbedtls_rsa_init(&rsakey);
if ((ret = mbedtls_pk_setup_rsa_alt(((const esp_tls_pki_t*)pki)->pk_key, &rsakey, NULL, esp_ds_rsa_sign,
esp_ds_get_keylen )) != 0) {
ESP_LOGE(TAG, "Error in mbedtls_pk_setup_rsa_alt, returned -0x%04X", -ret);
Expand Down
2 changes: 1 addition & 1 deletion components/esp_http_server/src/httpd_ws.c
View file
Expand Up @@ -143,7 +143,7 @@ esp_err_t httpd_ws_respond_server_handshake(httpd_req_t *req, const char *suppor

/* Generate SHA-1 first and then encode to Base64 */
size_t key_len = strlen(server_raw_text);
mbedtls_sha1_ret((uint8_t *)server_raw_text, key_len, server_key_hash);
mbedtls_sha1((uint8_t *)server_raw_text, key_len, server_key_hash);

size_t encoded_len = 0;
mbedtls_base64_encode((uint8_t *)server_key_encoded, sizeof(server_key_encoded), &encoded_len,
Expand Down
25 changes: 8 additions & 17 deletions components/espcoredump/src/core_dump_checksum.c
View file
@@ -1,17 +1,8 @@
// Copyright 2015-2020 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at

// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

/*
* SPDX-FileCopyrightText: 2015-2021 Espressif Systems (Shanghai) CO LTD
*
* SPDX-License-Identifier: Apache-2.0
*/
/**
* @file
* @brief Checksum interface implemetation
Expand Down Expand Up @@ -74,7 +65,7 @@ void esp_core_dump_checksum_init(core_dump_checksum_ctx** out_ctx)
s_checksum_context.crc = 0;
#elif CONFIG_ESP_COREDUMP_CHECKSUM_SHA256
mbedtls_sha256_init(&s_checksum_context.ctx);
(void)mbedtls_sha256_starts_ret(&s_checksum_context.ctx, 0);
(void)mbedtls_sha256_starts(&s_checksum_context.ctx, 0);
#endif
s_checksum_context.total_bytes_checksum = 0;

Expand All @@ -95,7 +86,7 @@ void esp_core_dump_checksum_update(core_dump_checksum_ctx* cks_ctx, void* data,
// set software mode of SHA calculation
cks_ctx->ctx.mode = ESP_MBEDTLS_SHA256_SOFTWARE;
#endif
(void)mbedtls_sha256_update_ret(&cks_ctx->ctx, data, data_len);
(void)mbedtls_sha256_update(&cks_ctx->ctx, data, data_len);
#endif
// keep counter of cashed bytes
cks_ctx->total_bytes_checksum += data_len;
Expand All @@ -120,7 +111,7 @@ uint32_t esp_core_dump_checksum_finish(core_dump_checksum_ctx* cks_ctx, core_dum

#elif CONFIG_ESP_COREDUMP_CHECKSUM_SHA256
if (chs_ptr != NULL) {
(void)mbedtls_sha256_finish_ret(&cks_ctx->ctx, (uint8_t*)&cks_ctx->sha_output);
(void)mbedtls_sha256_finish(&cks_ctx->ctx, (uint8_t*)&cks_ctx->sha_output);
*chs_ptr = &cks_ctx->sha_output[0];
mbedtls_sha256_free(&cks_ctx->ctx);
}
Expand Down
6 changes: 4 additions & 2 deletions components/mbedtls/CMakeLists.txt
View file
Expand Up @@ -8,11 +8,12 @@ if(NOT BOOTLOADER_BUILD)
endif()

idf_component_register(SRCS "esp_crt_bundle/esp_crt_bundle.c"
INCLUDE_DIRS "port/include" "mbedtls/include" "esp_crt_bundle/include"
INCLUDE_DIRS "port/include" "mbedtls/include" "esp_crt_bundle/include" "./mbedtls/library"
REQUIRES lwip
PRIV_REQUIRES "${priv_requires}"
)


if(CONFIG_MBEDTLS_CERTIFICATE_BUNDLE)
set(bundle_name "x509_crt_bundle")
set(DEFAULT_CRT_DIR ${COMPONENT_DIR}/esp_crt_bundle)
Expand Down Expand Up @@ -88,7 +89,8 @@ endif()
set(mbedtls_targets mbedtls mbedcrypto mbedx509)

set(mbedtls_target_sources "${COMPONENT_DIR}/port/mbedtls_debug.c"
"${COMPONENT_DIR}/port/net_sockets.c")
"${COMPONENT_DIR}/port/net_sockets.c"
"${COMPONENT_DIR}/port/certs.c")

if(CONFIG_MBEDTLS_DYNAMIC_BUFFER)
set(mbedtls_target_sources ${mbedtls_target_sources}
Expand Down
60 changes: 15 additions & 45 deletions components/mbedtls/Kconfig
View file
Expand Up @@ -114,13 +114,6 @@ menu "mbedTLS"
"MBEDTLS_SSL_IN_CONTENT_LEN", so to save more heap, users can set
the options to be an appropriate value.

config MBEDTLS_DYNAMIC_FREE_PEER_CERT
bool "Free SSL peer certificate after its usage"
default n
depends on MBEDTLS_DYNAMIC_BUFFER
help
Free peer certificate after its usage in handshake process.

config MBEDTLS_DYNAMIC_FREE_CONFIG_DATA
bool "Free private key and DHM data after its usage"
default n
Expand Down Expand Up @@ -178,7 +171,18 @@ menu "mbedTLS"
default 3 if MBEDTLS_DEBUG_LEVEL_DEBUG
default 4 if MBEDTLS_DEBUG_LEVEL_VERBOSE

menu "mbedTLS v2.28.x related"
menu "mbedTLS v3.x related"

config MBEDTLS_SSL_PROTO_TLS1_3
bool "Support TLS 1.3 protocol"
depends on MBEDTLS_TLS_ENABLED
select MBEDTLS_HKDF_C
default n

config MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
bool "Enable TLS 1.3 middlebox compatibility mode"
depends on MBEDTLS_SSL_PROTO_TLS1_3
default y

config MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
bool "Variable SSL buffer length"
Expand All @@ -189,7 +193,7 @@ menu "mbedTLS"

config MBEDTLS_ECDH_LEGACY_CONTEXT
bool "Use a backward compatible ECDH context (Experimental)"
default y
default n
depends on MBEDTLS_ECDH_C && MBEDTLS_ECP_RESTARTABLE
help
Use the legacy ECDH context format.
Expand Down Expand Up @@ -327,6 +331,7 @@ menu "mbedTLS"

config MBEDTLS_ECP_RESTARTABLE
bool "Enable mbedTLS ecp restartable"
select MBEDTLS_ECDH_LEGACY_CONTEXT
default n
help
Enable "non-blocking" ECC operations that can return early and be resumed.
Expand Down Expand Up @@ -629,24 +634,6 @@ menu "mbedTLS"
If you don't need renegotiation, disabling it will save code size and
reduce the possibility of abuse/vulnerability.

config MBEDTLS_SSL_PROTO_SSL3
bool "Legacy SSL 3.0 support"
depends on MBEDTLS_TLS_ENABLED
default n
help
Support the legacy SSL 3.0 protocol. Most servers will speak a newer
TLS protocol these days.

config MBEDTLS_SSL_PROTO_TLS1
bool "Support TLS 1.0 protocol"
depends on MBEDTLS_TLS_ENABLED
default y

config MBEDTLS_SSL_PROTO_TLS1_1
bool "Support TLS 1.1 protocol"
depends on MBEDTLS_TLS_ENABLED
default y

config MBEDTLS_SSL_PROTO_TLS1_2
bool "Support TLS 1.2 protocol"
depends on MBEDTLS_TLS_ENABLED
Expand All @@ -662,9 +649,8 @@ menu "mbedTLS"
config MBEDTLS_SSL_PROTO_DTLS
bool "Support DTLS protocol (all versions)"
default n
depends on MBEDTLS_SSL_PROTO_TLS1_1 || MBEDTLS_SSL_PROTO_TLS1_2
depends on MBEDTLS_SSL_PROTO_TLS1_2
help
Requires TLS 1.1 to be enabled for DTLS 1.0
Requires TLS 1.2 to be enabled for DTLS 1.2

config MBEDTLS_SSL_ALPN
Expand All @@ -682,22 +668,6 @@ menu "mbedTLS"
Client support for RFC 5077 session tickets. See mbedTLS documentation for more details.
Disabling this option will save some code size.

config MBEDTLS_X509_CHECK_KEY_USAGE
bool "Enable verification of the keyUsage extension"
default y
depends on MBEDTLS_TLS_ENABLED
help
Disabling this avoids problems with mis-issued and/or misused (intermediate) CA and leaf certificates.
Depending on your PKI use, disabling this can be a security risk.

config MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
bool "Enable verification of the extendedKeyUsage extension"
default y
depends on MBEDTLS_TLS_ENABLED
help
Disabling this avoids problems with mis-issued and/or misused certificates.
Depending on your PKI use, disabling this can be a security risk.

config MBEDTLS_SERVER_SSL_SESSION_TICKETS
bool "TLS: Server Support for RFC 5077 SSL session tickets"
default y
Expand Down

0 comments on commit 035d7df

Please sign in to comment.