Like all HAL APIs, the calls in trng_api.h are not expected to
be thread-safe.
All current accesses to the TRNG HAL are currently via
`mbedtls_hardware_poll`. Mbed TLS does not currently serialise these
calls itself, as `MBEDTLS_THREADING_C` is not enabled. But even if
Mbed TLS's own accesses were serialised, there are other direct
users of `mbedtls_hardware_poll` such as randLIB, that need to use
direct calls due to lack of API to extract entropy from Mbed TLS.
As such it makes sense to treat `mbedtls_hardware_poll` as a de facto
public Mbed OS API, akin to the C++ veneers on top of the HAL, and add a
PlatformMutex there so that it is safe for multithreaded use.
Instead of doing a "pull --rebase" to update to the latest development
branch, do a "fetch" followed by a "checkout" to update to the specified
release. This enables us to get any new tags created since the last
update to the development branch, and removes the noise of updating a
local "development" branch.
Rename the generic name `ctx` of `mbedtls_platform_context`
in `platform_alt.c` to a specific name `plat_ctx`, to avoid conflicts
when used as external in crypto modules.
To avoid collisions between the psa `crypto_platform.h` file and the
platform specific `crypto_platform.h` file, for the init \ terminate
functions, rename the latter to `crypto_device_platform`.
This commit makes the repo used to import new Mbed TLS versions into Mbed OS
a parameter, to allow CI scripts (and any other script or users) to specify
specific repos to use for testing.
The DEVICE_FOO macros are always defined (either 0 or 1).
This patch replaces any instances of a define check on a DEVICE_FOO
macro with value test instead.
Signed-off-by: Alastair D'Silva <alastair@d-silva.org>
1. For SHA AC, use atomic flag to manage its ownership.
(1) Nuvoton SHA AC doesn't support SHA context save & restore, so S/W
SHA fallback has been supported before. To make non-blocking 'acquire'
semantics clearer, introduce 'try_acquire' to substitute for 'acquire'.
(2) No biting CPU due to mechanism above.
(3) No deadlock due to mechanism above.
2. For AES/DES/ECC AC, change to mutex to manage their ownership.
(1) Change crypto-misc.c to crypto-misc.cpp to utilize C++ SingletonPtr
which guarantees thread-safe mutex construct-on-first-use.
(2) With change to crypto-misc.cpp, add 'extern "C"' modifier to CRYPTO_IRQHandler()
to avoid name mangling in C++.
(3) No priority inversion because mutex has osMutexPrioInherit attribute
bit set.
(4) No deadlock because these AC are all locked for a short sequence
of operations rather than the whole lifetime of mbedtls context.
(5) For double mbedtls_internal_ecp_init() issue, it has been fixed in upper
mbedtls layer. So no need to change ecc init/free flow.
We initialized the ECC hardware before calling
mbedtls_ecp_mul_shortcuts(). This in turn calls
mbedtls_ecp_mul_restartable(), which initializes and frees the hardware
too. This issue has been introduced by recent changes and caused some
accelerators to hang.
We move the initialization after the mbedtle_ecp_mul_shortcuts() calls
to avoid double initialization.
Reduce the default size of `MBEDTLS_MPI_MAX_SIZE` to 512 bytes,
as the default 1024 consumes much stack, and supporting RSA 4096 bit
may suffice at the moment.
If setting the MBEDTLS_PLATFORM_NV_SEED_ALT and MBEDTLS_ENTROPY_NV_SEED flags and not
setting MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_NV_SEED_READ_MACRO flags
mbed-os will add an entropy source to the relevent partition - SPE in case of daul core or
in case of single core V7 to the main partition.
The defualt behaviour will be to read or write the data from the ITS.
The new PSA-aware Mbed TLS importer script calls `config.pl` on the
Mbed TLS config.h to set the PSA configuration option
MBEDTLS_PSA_CRYPTO_STORAGE_C which isn't documented in config.h.
config.pl therefore fails, and so does the importer.
This commit fixes this by calling `config.pl` with the `--force`
option which amends the given `config.h` by a `#define` for the
requested option if the option isn't present in the file.
Have the HW accelearation drivers return the platform module
errors about feature unsupported, and hw acceleration failure,
because the moduel specific errors will be removed.
Change error from `MBEDTLS_PLATFORM_HW_FAILED` to
`MBEDTLS_PLATFORM_HW_ACCEL_FAILED` and the value to 0x70,
as the previous value cannot be used as a low level error code.
Although "nv_seed" is one of "entropy", it doesn't included to the "!defined" lineup in the following config file.
Therefore, when MBEDTLS_ENTROPY_NV_SEED is defined, it is accidently invoked "mbedtls/config-no-entropy.h".
mbed-os\features\mbedtls\inc\mbedtls\config.h
I think that correct processing should go to line 47, not line 40.
The integration is simply to define the macro MBEDTLS_HAVE_TIME_DATE
in the features/mbedtls/platform/inc/platform_mbed.h. The default
implementation of the mbedtls_time() function provided by mbed TLS is
sufficient to work with mbed OS because both use POSIX functions.
1. Move the `mbedtls_platform_context` to be platform code, in `features/mbedtls/platfrom/`.
2. Add static refernce counter, to setup and teardown the platform code only once.
3. Adjust Cryptocell porting accordingly.
The features/mbedtls/targets/TARGET_STM/* files include constant needed
for the error codes returned from the MD functions.
The features/mbedtls/targets/hash_wrappers.c provides thin redirection
layer for the hardware accelerated MD implementations that rely on the
old API.
The TESTS/mbedtls/multi/main.cpp has been changed to use the new API
as its build environment does not rely on the translation unit
containing the necessary wrappers.
Take SHA1 for example, without the fix, SHA H/W is not stopped in either case:
(1) ctx->total == 0 in mbedtls_sha1_hw_finish()
(2) mbedtls_sha1_hw_finish() is not called by upper layer
For example, even though MBEDTLS_SHA512_C is disabled (via #undef MBEDTLS_SHA512_C),
mbedtls_sha512_context is still necessary due to referenced in sha512.h.
Currently, trng_api.c is located in targets/ and AES/DES/SHA alter. are located in mbedtls/.
They have shared crypto code.
If they could locate at same location e.g. mbedtls/, the shared crypto code placement would be more reasonable.
Add counter to track crypto init among crypto sub-modules. It includes:
1. Enable crypto clock
2. Enable crypto interrupt
As counter gets zero, crypto clock is disabled to save power.
Jaeden Amero
Kevin Bracey
Ron Eldor
Jimmy Brisson
Simon Butcher
Alastair D'Silva
ccli8
Janos Follath
Cruz Monrreal
Martin Kojtal
Juho Eskeli
Netanel Gonen
Mohammad AboMokh
Danny Shavit
Jaeden Amero
Hanno Becker
itayzafrir
Mel W
Amanda Butler
Moran Peker
Krzysztof Stachowiak
TomoYamanaka
Andres Amaya Garcia
jeromecoutant
Krzysztof Stachowiak
Yossi Levy
Jasper de Winkel
Martin Kojtal
Cruz Monrreal
Wilfried Chauveau
Kimmo Vaisanen
adustm