Remove non-crypto code #71
Conversation
Patater
added
enhancement
Patater
force-pushed
the
remove-non-crypto
branch
11 times, most recently
from
0da6d7d to
ab52966
Compare
|
Split out into #74 which focuses on breaking dependencies |
Patater
force-pushed
the
remove-non-crypto
branch
from
ab52966 to
f071035
Compare
|
Rebased on top of the latest development. Previous commits at https://github.com/Patater/mbed-crypto/tree/remove-non-crypto-1 |
Patater
force-pushed
the
remove-non-crypto
branch
from
f071035 to
7621d96
Compare
|
Rebased to remove per-commit testing scripts that were used for local testing and aren't meant to go in yet. Previous branch at https://github.com/Patater/mbed-crypto/tree/remove-non-crypto-2 |
Patater
force-pushed
the
remove-non-crypto
branch
from
7621d96 to
fb98280
Compare
|
Rebased to organize the commits a bit better. Previous branch at https://github.com/Patater/mbed-crypto/tree/remove-non-crypto-6 |
Patater
force-pushed
the
remove-non-crypto
branch
from
fb98280 to
d7ce1f8
Compare
|
Rebased to remove per-commit testing script, again. Previous branch at https://github.com/Patater/mbed-crypto/tree/remove-non-crypto-7 |
Patater
added
needs: review
|
Before merging this PR, we should make an empirical test: make a branch based on this PR that adds a bug that breaks X509 or TLS but not crypto, and check that it fails the crypto-in-TLS part of the CI (but passes the rest of the CI). |
There was a problem hiding this comment.
This looks mostly ok, there are just a few mistakes here and there.
A few of the mistakes are in the commit structure or in commit messages. Since this is a huge PR, please synchronize with reviewers before rebasing. For my sake, it's ok to rebase from now on until the next review stage.
There was a problem hiding this comment.
The PR looks good. Just a few more minor points in addition to what @gilles-peskine-arm already pointed out.
NOTE: I did not actually try integrating this with the rest of Mbed TLS. I think it would be ideal to check that this integration works correctly.
|
|
||
| /* For test certificates */ | ||
| #define MBEDTLS_BASE64_C | ||
| #define MBEDTLS_CERTS_C |
There was a problem hiding this comment.
This was removed, but do we need the certs.h file at all? I think that the x509 file was deleted, so we cannot even parse it.
| !defined(MBEDTLS_SHA1_C) ) | ||
| #error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires MBEDTLS_SHA512_C, MBEDTLS_SHA256_C or MBEDTLS_SHA1_C" | ||
| #endif | ||
|
|
||
| #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ |
There was a problem hiding this comment.
I think that strictly speaking the memory buffer alloc thing is a platform/test thing. I would not be sure whether it is part of the crypto or tls. Why dont we just remove it?
There was a problem hiding this comment.
We'll evaluate removing platform things later. Out of scope for this PR.
| @@ -5,9 +5,6 @@ else() | |||
| project("mbed TLS" C) | |||
| endif() | |||
|
|
|||
| option(USE_PKCS11_HELPER_LIBRARY "Build mbed TLS with the pkcs11-helper library." OFF) | |||
| option(ENABLE_ZLIB_SUPPORT "Build mbed TLS with zlib library." OFF) | |||
|
|
|||
| option(ENABLE_PROGRAMS "Build mbed TLS programs." ON) | |||
There was a problem hiding this comment.
Are we keeping the name "mbed TLS"? There are a few other places where this happens
There was a problem hiding this comment.
We'll change the name, just not in this PR.
| @@ -2861,9 +1957,6 @@ | |||
| * Module: library/sha256.c | |||
There was a problem hiding this comment.
I noticed that we are keeping all the docs for MBEDTLS_*_ALT macros that are part of the old Mbed TLS hardware accelerator interface. Do we really want to keep those considering that we are coming up with a new abstraction layer for drivers?
There was a problem hiding this comment.
The ALT drivers should still work. We need to implement an alternative to move them to before we remove ALT. Mbed OS currently uses Mbed Crypto, so we'd have to at least update all ALT drivers in Mbed OS. Mbed TLS LTS releases (2.16, 2.7) will still support ALT for other OSes.
Remove TLS and NET options from config files and scripts. Note that this fails check-names.sh because options that TLS and NET files use are no longer present in config.h.
Note that this fails check-names.sh because options that TLS and X.509 files use are no longer present in config.h.
We've removed all software that depends on or uses the TLS, NET, and X.509 modules. This means TLS, NET, and X.509 are unused and can be removed. Remove TLS, NET, and X.509.
Remove references to the X.509, NET, and SSL modules. Update text from "Mbed TLS" to "Mbed Crypto". Update version number.
Update comments in the top of the test code generator script with the name of the parent project.
Periodic release notes and git history will work fine and be easier to maintain.
Make maintaining config files easier by removing any explicit ciphersuite lists. These explicit lists are prone to being incomplete as TLS defines more and more ciphersuites. Rather than try to play catch up, let's refer to sets of ciphersuites with declarative language.
GCM is not just for AES, but for at least Camellia as well.
Previously, GCM required enabling either AES or Camellia. However, we also support using GCM with ARIA and without other ciphers. Enable configurations with only ARIA enabled to use GCM.
Patater
force-pushed
the
remove-non-crypto
branch
from
9b05f35 to
651ae68
Compare
|
Rebased to fix the patch that removes udp_proxy to also remove udp_proxy from .gitignore. Previous patch set at https://github.com/Patater/mbed-crypto/tree/remove-non-crypto-11 |
Patater
removed
the
needs: review
|
CI is expected to pass with the exception of the TLS-testing-with-new-crypto-submodule job on check-generated-files. This is because of changes to how error descriptions will be placed into errors.c, when TLS uses a Crypto submodule that doesn't contain SSL or X.509 headers. See Patater/mbedtls@7df4245 for what the differences are and how to rectify the issue to make the test pass. This issue should not hold up this PR, as its easily fixed when TLS updates to the new subodule concurrently. |
|
https://jenkins-internal.mbed.com/job/mbed-crypto-pr-ci-testing/job/PR-71-merge/6/display/redirect passes all tests, except the expected errors.c issue as previously mentioned. |
Update the Mbed Crypto submodule to revision 461fd58 ("Merge pull request ARMmbed#71 from Patater/remove-non-crypto"). This includes removing SSL, NET, and X.509 modules from Mbed Crypto.
Remove non-crypto code, as that code is maintained in the Mbed TLS repo. Only crypto code should be present in our repo.
Our CI has been updated to cope with the lack of non-crypto tests, programs, and code; we expect this PR to pass the PR job and nightly job.
Internal ref: IOTCRYPT-678, IOTCRYPT-682
Notes:
error.hstill reserves space for SSL and X509 errors, to ensure those aren't re-used on accident