project-chip · thekuwayama · Jul 1, 2023 · Jul 1, 2023
diff --git a/matter/Cargo.toml b/matter/Cargo.toml
@@ -74,7 +74,7 @@ x509-cert = { version = "0.2.0", default-features = false, features = ["pem"], o
 astro-dnssd = { version = "0.3" }
 
 [target.'cfg(not(target_os = "espidf"))'.dependencies]
-mbedtls = { git = "https://github.com/fortanix/rust-mbedtls", optional = true }
+mbedtls = { version = "0.11", optional = true }
 env_logger = { version = "0.10.0", optional = true }
 nix = { version = "0.26", features = ["net"], optional = true }
 

diff --git a/matter/src/crypto/crypto_mbedtls.rs b/matter/src/crypto/crypto_mbedtls.rs
@@ -74,10 +74,15 @@ impl KeyPair {
     }
 
     pub fn new_from_components(_pub_key: &[u8], priv_key: &[u8]) -> Result<Self, Error> {
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
         // No rust-mbedtls API yet for creating keypair from both public and private key
         let priv_key = Mpi::from_binary(priv_key)?;
         Ok(Self {
-            key: Pk::private_from_ec_components(EcGroup::new(EcGroupId::SecP256R1)?, priv_key)?,
+            key: Pk::private_from_ec_components(
+                &mut ctr_drbg,
+                EcGroup::new(EcGroupId::SecP256R1)?,
+                priv_key,
+            )?,
         })
     }
 
@@ -91,9 +96,13 @@ impl KeyPair {
     }
 
     pub fn get_csr<'a>(&self, out_csr: &'a mut [u8]) -> Result<&'a [u8], Error> {
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
         let tmp_priv = self.key.ec_private()?;
-        let mut tmp_key =
-            Pk::private_from_ec_components(EcGroup::new(EcGroupId::SecP256R1)?, tmp_priv)?;
+        let mut tmp_key = Pk::private_from_ec_components(
+            &mut ctr_drbg,
+            EcGroup::new(EcGroupId::SecP256R1)?,
+            tmp_priv,
+        )?;
 
         let mut builder = x509::csr::Builder::new();
         builder.key(&mut tmp_key);
@@ -134,29 +143,36 @@ impl KeyPair {
     }
 
     pub fn derive_secret(self, peer_pub_key: &[u8], secret: &mut [u8]) -> Result<usize, Error> {
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
         // mbedtls requires a 'mut' key. Instead of making a change in our Trait,
         // we just clone the key this way
 
         let tmp_key = self.key.ec_private()?;
-        let mut tmp_key =
-            Pk::private_from_ec_components(EcGroup::new(EcGroupId::SecP256R1)?, tmp_key)?;
+        let mut tmp_key = Pk::private_from_ec_components(
+            &mut ctr_drbg,
+            EcGroup::new(EcGroupId::SecP256R1)?,
+            tmp_key,
+        )?;
 
         let group = EcGroup::new(EcGroupId::SecP256R1)?;
         let other = EcPoint::from_binary(&group, peer_pub_key)?;
         let other = Pk::public_from_ec_components(group, other)?;
 
         let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
-
         let len = tmp_key.agree(&other, secret, &mut ctr_drbg)?;
         Ok(len)
     }
 
     pub fn sign_msg(&self, msg: &[u8], signature: &mut [u8]) -> Result<usize, Error> {
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
         // mbedtls requires a 'mut' key. Instead of making a change in our Trait,
         // we just clone the key this way
         let tmp_key = self.key.ec_private()?;
-        let mut tmp_key =
-            Pk::private_from_ec_components(EcGroup::new(EcGroupId::SecP256R1)?, tmp_key)?;
+        let mut tmp_key = Pk::private_from_ec_components(
+            &mut ctr_drbg,
+            EcGroup::new(EcGroupId::SecP256R1)?,
+            tmp_key,
+        )?;
 
         // First get the SHA256 of the message
         let mut msg_hash = [0_u8; super::SHA256_HASH_LEN_BYTES];
@@ -294,18 +310,16 @@ pub fn encrypt_in_place(
     nonce: &[u8],
     ad: &[u8],
     data: &mut [u8],
-    data_len: usize,
+    _: usize,
 ) -> Result<usize, Error> {
     let cipher = Cipher::<_, Authenticated, _>::new(
         mbedtls::cipher::raw::CipherId::Aes,
         mbedtls::cipher::raw::CipherMode::CCM,
         (key.len() * 8) as u32,
     )?;
     let cipher = cipher.set_key_iv(key, nonce)?;
-    let (data, tag) = data.split_at_mut(data_len);
-    let tag = &mut tag[..super::AEAD_MIC_LEN_BYTES];
     cipher
-        .encrypt_auth_inplace(ad, data, tag)
+        .encrypt_auth_inplace(ad, data, super::AEAD_MIC_LEN_BYTES)
         .map(|(len, _)| len)
         .map_err(|_e| ErrorCode::TLSStack.into())
 }
@@ -322,10 +336,8 @@ pub fn decrypt_in_place(
         (key.len() * 8) as u32,
     )?;
     let cipher = cipher.set_key_iv(key, nonce)?;
-    let data_len = data.len() - super::AEAD_MIC_LEN_BYTES;
-    let (data, tag) = data.split_at_mut(data_len);
     cipher
-        .decrypt_auth_inplace(ad, data, tag)
+        .decrypt_auth_inplace(ad, data, super::AEAD_MIC_LEN_BYTES)
         .map(|(len, _)| len)
         .map_err(|e| {
             error!("Error during decryption: {:?}", e);

diff --git a/matter/src/secure_channel/crypto_mbedtls.rs b/matter/src/secure_channel/crypto_mbedtls.rs
@@ -130,7 +130,11 @@ impl CryptoSpake2 {
         //    where P is the generator of the underlying elliptic curve
         self.set_w1_from_w1s(w1s)?;
         // TODO: rust-mbedtls doesn't yet accept the DRBG parameter
-        self.L = self.group.generator()?.mul(&mut self.group, &self.w1)?;
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
+        self.L = self
+            .group
+            .generator()?
+            .mul(&mut self.group, &self.w1, &mut ctr_drbg)?;
         Ok(())
     }
 
@@ -288,7 +292,8 @@ impl CryptoSpake2 {
         let Z = EcPoint::muladd(group, X, y, &inverted_M, &tmp)?;
         // Cofactor for P256 is 1, so that is a No-Op
 
-        let V = L.mul(group, y)?;
+        let mut ctr_drbg = CtrDrbg::new(Arc::new(OsEntropy::new()), None)?;
+        let V = L.mul(group, y, &mut ctr_drbg)?;
         Ok((Z, V))
     }