apps/mbedtls-alt: Provide system alternative implementation for mbedtls

crypto/mbedtls/CMakeLists.txt

@@ -70,13 +70,22 @@ if(CONFIG_CRYPTO_MBEDTLS)
 
   file(GLOB CSRCS ${MBEDTLS_DIR}/library/*.c)
 
+  if(CONFIG_MBEDTLS_ENTROPY_HARDWARE_ALT
+     OR CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
+    list(APPEND CSRCS ${CMAKE_CURRENT_LIST_DIR}/source/entropy_alt.c)
+  endif()
+
   if(CONFIG_MBEDTLS_ALT)
     list(APPEND CSRCS ${CMAKE_CURRENT_LIST_DIR}/source/dev_alt.c)
 
     if(CONFIG_MBEDTLS_AES_ALT)
       list(APPEND CSRCS ${CMAKE_CURRENT_LIST_DIR}/source/aes_alt.c)
     endif()
 
+    if(CONFIG_MBEDTLS_CMAC_ALT)
+      list(APPEND CSRCS ${CMAKE_CURRENT_LIST_DIR}/source/cmac_alt.c)
+    endif()
+
     if(CONFIG_MBEDTLS_MD5_ALT)
       list(APPEND CSRCS ${CMAKE_CURRENT_LIST_DIR}/source/md5_alt.c)
     endif()

crypto/mbedtls/Kconfig

@@ -331,6 +331,11 @@ config MBEDTLS_PK_RSA_ALT_SUPPORT
 	bool "Support external private RSA keys (eg from a HSM) in the PK layer."
 	default y
 
+config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+	bool "Make the PSA Crypto module use an external random generator provided by a driver, instead of Mbed TLS's entropy and DRBG modules."
+	depends on DEV_RANDOM
+	default n
+
 config MBEDTLS_SSL_CONTEXT_SERIALIZATION
 	bool "Enable serialization of the TLS context structures."
 	depends on MBEDTLS_GCM_C || MBEDTLS_CCM_C || MBEDTLS_CHACHAPOLY_C
@@ -562,6 +567,11 @@ config MBEDTLS_AES_ALT
 	select MBEDTLS_ALT
 	default n
 
+config MBEDTLS_CMAC_ALT
+	bool "Enable Mbedt TLS CMAC module alted by nuttx crypto"
+	select MBEDTLS_ALT
+	default n
+
 config MBEDTLS_MD5_ALT
 	bool "Enable Mbedt TLS MD5 module alted by nuttx crypto"
 	select MBEDTLS_ALT

crypto/mbedtls/Makefile

@@ -107,7 +107,7 @@ endif
 
 # Configuration alternative implementation
 
-ifeq ($(CONFIG_MBEDTLS_ENTROPY_HARDWARE_ALT),y)
+ifneq ($(CONFIG_MBEDTLS_ENTROPY_HARDWARE_ALT)$(CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG),)
 CSRCS += $(APPDIR)/crypto/mbedtls/source/entropy_alt.c
 endif
 
@@ -119,6 +119,10 @@ ifeq ($(CONFIG_MBEDTLS_AES_ALT),y)
 CSRCS += $(APPDIR)/crypto/mbedtls/source/aes_alt.c
 endif
 
+ifeq ($(CONFIG_MBEDTLS_CMAC_ALT),y)
+CSRCS += $(APPDIR)/crypto/mbedtls/source/cmac_alt.c
+endif
+
 ifeq ($(CONFIG_MBEDTLS_MD5_ALT),y)
 CSRCS += $(APPDIR)/crypto/mbedtls/source/md5_alt.c
 endif

crypto/mbedtls/include/cmac_alt.h

@@ -0,0 +1,40 @@
+/****************************************************************************
+ * apps/crypto/mbedtls/include/cmac_alt.h
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ ****************************************************************************/
+
+#ifndef __APPS_CRYPTO_MBEDTLS_INCLUDE_CMAC_ALT_H
+#define __APPS_CRYPTO_MBEDTLS_INCLUDE_CMAC_ALT_H
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include "dev_alt.h"
+
+#define CMAC_KEY_MAX_SIZE 32
+
+struct mbedtls_cmac_context_t
+{
+    cryptodev_context_t dev;
+    unsigned char key[CMAC_KEY_MAX_SIZE];
+    uint32_t keybits;
+    uint32_t cipher_type;
+    uint32_t mac_type;
+};
+
+#endif /* __APPS_CRYPTO_MBEDTLS_INCLUDE_CMAC_ALT_H */

crypto/mbedtls/include/mbedtls/mbedtls_config.h

@@ -359,8 +359,11 @@
  * #define MBEDTLS_CCM_ALT
  * #define MBEDTLS_CHACHA20_ALT
  * #define MBEDTLS_CHACHAPOLY_ALT
- * #define MBEDTLS_CMAC_ALT
- * #define MBEDTLS_DES_ALT
+ */
+#ifdef CONFIG_MBEDTLS_CMAC_ALT
+#define MBEDTLS_CMAC_ALT
+#endif
+/* #define MBEDTLS_DES_ALT
  * #define MBEDTLS_DHM_ALT
  * #define MBEDTLS_ECJPAKE_ALT
  * #define MBEDTLS_GCM_ALT
@@ -1462,7 +1465,9 @@
  * \note This option is experimental and may be removed without notice.
  */
 
-/* #define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG */
+#ifdef CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
+#endif
 
 /**
  * \def MBEDTLS_PSA_CRYPTO_SPM

crypto/mbedtls/source/cmac_alt.c

@@ -0,0 +1,247 @@
+/****************************************************************************
+ * apps/crypto/mbedtls/source/cmac_alt.c
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.  The
+ * ASF licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the
+ * License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include "mbedtls/cmac.h"
+#include "mbedtls/platform_util.h"
+#include "mbedtls/error.h"
+#include "mbedtls/platform.h"
+
+#include <string.h>
+
+/****************************************************************************
+ * Public Functions
+ ****************************************************************************/
+
+int mbedtls_cipher_cmac_starts(FAR mbedtls_cipher_context_t *ctx,
+                               FAR const unsigned char *key,
+                               size_t keybits)
+{
+  FAR mbedtls_cmac_context_t *cmac_ctx;
+  uint32_t cipher_type;
+  uint32_t mac_type;
+  int retval;
+
+  if (ctx == NULL || ctx->cipher_info == NULL || key == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  switch (ctx->cipher_info->type)
+    {
+      case MBEDTLS_CIPHER_AES_128_ECB:
+          cipher_type = CRYPTO_AES_CMAC;
+          mac_type = CRYPTO_AES_128_CMAC;
+          break;
+      default:
+          return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  cmac_ctx = mbedtls_calloc(1, sizeof(mbedtls_cmac_context_t));
+  if (cmac_ctx == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+
+  retval = cryptodev_init(&cmac_ctx->dev);
+  if (retval != 0)
+    {
+      mbedtls_free(cmac_ctx);
+      return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+
+  cmac_ctx->cipher_type = cipher_type;
+  cmac_ctx->mac_type = mac_type;
+  cmac_ctx->keybits = keybits;
+  memcpy(cmac_ctx->key, key, keybits / 8);
+  cmac_ctx->dev.session.cipher = cipher_type;
+  cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
+  cmac_ctx->dev.session.keylen = keybits / 8;
+  cmac_ctx->dev.session.mac = mac_type;
+  cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
+  cmac_ctx->dev.session.mackeylen = keybits / 8;
+
+  retval = cryptodev_get_session(&cmac_ctx->dev);
+  if (retval != 0)
+    {
+      cryptodev_free(&cmac_ctx->dev);
+      mbedtls_free(cmac_ctx);
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  ctx->cmac_ctx = cmac_ctx;
+  return retval;
+}
+
+int mbedtls_cipher_cmac_update(FAR mbedtls_cipher_context_t *ctx,
+                               FAR const unsigned char *input,
+                               size_t ilen)
+{
+  if (ctx == NULL || ctx->cmac_ctx == NULL || input == NULL || ilen < 0)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  ctx->cmac_ctx->dev.crypt.op = COP_ENCRYPT;
+  ctx->cmac_ctx->dev.crypt.flags |= COP_FLAG_UPDATE;
+  ctx->cmac_ctx->dev.crypt.src = (caddr_t)input;
+  ctx->cmac_ctx->dev.crypt.len = ilen;
+  return cryptodev_crypt(&ctx->cmac_ctx->dev);
+}
+
+int mbedtls_cipher_cmac_finish(FAR mbedtls_cipher_context_t *ctx,
+                               FAR unsigned char *output)
+{
+  int ret;
+
+  if (ctx == NULL || ctx->cmac_ctx == NULL || output == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  ctx->cmac_ctx->dev.crypt.flags = 0;
+  ctx->cmac_ctx->dev.crypt.mac = (caddr_t)output;
+  ret = cryptodev_crypt(&ctx->cmac_ctx->dev);
+  cryptodev_free_session(&ctx->cmac_ctx->dev);
+  cryptodev_free(&ctx->cmac_ctx->dev);
+  return ret;
+}
+
+int mbedtls_cipher_cmac_reset(FAR mbedtls_cipher_context_t *ctx)
+{
+  FAR mbedtls_cmac_context_t *cmac_ctx;
+  int ret;
+
+  if (ctx == NULL || ctx->cmac_ctx == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  cmac_ctx = ctx->cmac_ctx;
+  ret = cryptodev_init(&cmac_ctx->dev);
+  if (ret != 0)
+    {
+      return MBEDTLS_ERR_CIPHER_ALLOC_FAILED;
+    }
+
+  cmac_ctx->dev.session.cipher = cmac_ctx->cipher_type;
+  cmac_ctx->dev.session.key = (caddr_t)cmac_ctx->key;
+  cmac_ctx->dev.session.keylen = cmac_ctx->keybits / 8;
+  cmac_ctx->dev.session.mac = cmac_ctx->mac_type;
+  cmac_ctx->dev.session.mackey = (caddr_t)cmac_ctx->key;
+  cmac_ctx->dev.session.mackeylen = cmac_ctx->keybits / 8;
+
+  ret = cryptodev_get_session(&cmac_ctx->dev);
+  if (ret != 0)
+    {
+      cryptodev_free(&cmac_ctx->dev);
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  return ret;
+}
+
+int mbedtls_cipher_cmac(FAR const mbedtls_cipher_info_t *cipher_info,
+                        FAR const unsigned char *key, size_t keylen,
+                        FAR const unsigned char *input, size_t ilen,
+                        FAR unsigned char *output)
+{
+  FAR mbedtls_cipher_context_t ctx;
+  int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+
+  if (cipher_info == NULL || key == NULL || input == NULL || output == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  mbedtls_cipher_init(&ctx);
+
+  if ((ret = mbedtls_cipher_setup(&ctx, cipher_info)) != 0)
+    {
+      goto exit;
+    }
+
+  ret = mbedtls_cipher_cmac_starts(&ctx, key, keylen);
+  if (ret != 0)
+    {
+      goto exit;
+    }
+
+  ret = mbedtls_cipher_cmac_update(&ctx, input, ilen);
+  if (ret != 0)
+    {
+      goto exit;
+    }
+
+  ret = mbedtls_cipher_cmac_finish(&ctx, output);
+
+exit:
+  mbedtls_cipher_free(&ctx);
+  return ret;
+}
+
+#if defined(MBEDTLS_AES_C)
+int mbedtls_aes_cmac_prf_128(FAR const unsigned char *key, size_t key_length,
+                             FAR const unsigned char *input, size_t in_len,
+                             unsigned char output[16])
+{
+  int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+  FAR const mbedtls_cipher_info_t *cipher_info;
+  unsigned char zero_key[MBEDTLS_AES_BLOCK_SIZE];
+  unsigned char int_key[MBEDTLS_AES_BLOCK_SIZE];
+
+  if (key == NULL || input == NULL || output == NULL)
+    {
+      return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA;
+    }
+
+  cipher_info = mbedtls_cipher_info_from_type(MBEDTLS_CIPHER_AES_128_ECB);
+  if (cipher_info == NULL)
+    {
+      ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
+      goto exit;
+    }
+
+  if (key_length == MBEDTLS_AES_BLOCK_SIZE)
+    {
+      memcpy(int_key, key, MBEDTLS_AES_BLOCK_SIZE);
+    }
+  else
+    {
+      memset(zero_key, 0, MBEDTLS_AES_BLOCK_SIZE);
+
+      ret = mbedtls_cipher_cmac(cipher_info, zero_key, 128, key,
+                                key_length, int_key);
+      if (ret != 0)
+        {
+          goto exit;
+        }
+    }
+
+  ret = mbedtls_cipher_cmac(cipher_info, int_key, 128, input, in_len,
+                            output);
+
+exit:
+  mbedtls_platform_zeroize(int_key, sizeof(int_key));
+  return ret;
+}
+#endif /* MBEDTLS_AES_C */