Skip to content

Add platform setup and teardown support #165

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
May 9, 2018
Merged

Add platform setup and teardown support #165

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
f9d17b3
Add platform setup and teardown support
Apr 12, 2018
7c78056
Add explicit checks for non-zero result of platform setup
Apr 16, 2018
9a36b87
Pass platform context to tests
Apr 16, 2018
93b8992
Add a link to the platform context passing issue
Apr 17, 2018
3781f08
Move platform context comments
Apr 17, 2018
4bd4bca
Add return value printing for failed platform initialization
Apr 25, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 4 additions & 3 deletions authcrypt/authcrypt.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,6 @@
#include "mbedtls/debug.h"
#endif

#include "mbedtls/platform.h"

#include <string.h>

const unsigned char Authcrypt::secret_key[16] = {
Expand All @@ -41,8 +39,11 @@ const char Authcrypt::message[] = "Some things are better left unread";

const char Authcrypt::metadata[] = "eg sequence number, routing info";

Authcrypt::Authcrypt()
Authcrypt::Authcrypt(mbedtls_platform_context* platform_ctx)
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is it required to pass platform_ctx to the application(test)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not required, but we do so as a way of showing the user how to access it. It's an approach that we have chosen with Ron after a discussion that can be followed above, on this PR.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be limited to the tests that actually test things from the platform context.

{
// The platform context can be used by cryptographic calls which require it.
// Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
_platform_ctx = platform_ctx;
memset(ciphertext, 0, sizeof(ciphertext));
memset(decrypted, 0, sizeof(decrypted));

Expand Down
8 changes: 7 additions & 1 deletion authcrypt/authcrypt.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
#include "mbedtls/cipher.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/platform.h"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this case it's better to have mbedtls_platform_context* as forward declaration , instead of adding include for the header. I prefer minimal includes in header files, unless really needed, and keep the include in the .cpp file


/**
* This class implements the logic to demonstrate authenticated encryption using
Expand All @@ -34,7 +35,7 @@ class Authcrypt
/**
* Construct an Authcrypt instance
*/
Authcrypt();
Authcrypt(mbedtls_platform_context* platform_ctx);

/**
* Free any allocated resources
Expand Down Expand Up @@ -103,6 +104,11 @@ class Authcrypt
* The block cipher configuration
*/
mbedtls_cipher_context_t cipher;

/**
* The platform context
*/
mbedtls_platform_context* _platform_ctx;
};

#endif /* _AUTHCRYPT_H_ */
16 changes: 12 additions & 4 deletions authcrypt/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,23 @@
#include "mbedtls/platform.h"

int main() {
int exit_code = MBEDTLS_EXIT_SUCCESS;
Authcrypt *authcrypt = new Authcrypt();
mbedtls_platform_context platform_ctx;
int exit_code = MBEDTLS_EXIT_FAILURE;

if (authcrypt->run() != 0) {
if((exit_code = mbedtls_platform_setup(&platform_ctx)) != 0) {
printf("Platform initialization failed with error %d\r\n", exit_code);
return MBEDTLS_EXIT_FAILURE;
}

Authcrypt *authcrypt = new Authcrypt(&platform_ctx);

if ((exit_code = authcrypt->run()) != 0) {
mbedtls_printf("Example failed with error %d\r\n", exit_code);
exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_printf("\r\nFAIL\r\n");
}

delete authcrypt;

mbedtls_platform_teardown(&platform_ctx);
return exit_code;
}
69 changes: 42 additions & 27 deletions benchmark/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -300,7 +300,7 @@ typedef struct {
rsa, dhm, ecdsa, ecdh;
} todo_list;

static int benchmark( int argc, char *argv[] )
static int benchmark( int argc, char *argv[], mbedtls_platform_context* ctx )
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same question as https://github.com/ARMmbed/mbed-os-example-tls/pull/165/files#r186700998

{
int i;
unsigned char tmp[200];
Expand All @@ -309,7 +309,10 @@ static int benchmark( int argc, char *argv[] )
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
unsigned char malloc_buf[HEAP_SIZE] = { 0 };
#endif

// The call below is used to avoid the "unused parameter" warning.
// The context itself can be used by cryptographic calls which require it.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An application like this test will not directly call a cryptographic function. The cryptographic functions should have a way of accessing the context like a getter as suggested in Mbed-TLS/mbedtls#1200

// Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
(void)ctx;
if( argc <= 1 )
{
memset( &todo, 1, sizeof( todo ) );
Expand Down Expand Up @@ -651,17 +654,17 @@ static int benchmark( int argc, char *argv[] )
mbedtls_ctr_drbg_init( &ctr_drbg );

if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
TIME_AND_TSC( "CTR_DRBG (NOPR)",
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );

if( mbedtls_ctr_drbg_seed( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
mbedtls_ctr_drbg_set_prediction_resistance( &ctr_drbg, MBEDTLS_CTR_DRBG_PR_ON );
TIME_AND_TSC( "CTR_DRBG (PR)",
if( mbedtls_ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );
mbedtls_ctr_drbg_free( &ctr_drbg );
}
#endif
Expand All @@ -676,43 +679,43 @@ static int benchmark( int argc, char *argv[] )

#if defined(MBEDTLS_SHA1_C)
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 ) ) == NULL )
mbedtls_exit(1);
return(1);

if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
TIME_AND_TSC( "HMAC_DRBG SHA-1 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );

if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-1 (PR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
#endif

#if defined(MBEDTLS_SHA256_C)
if( ( md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 ) ) == NULL )
mbedtls_exit(1);
return(1);

if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
TIME_AND_TSC( "HMAC_DRBG SHA-256 (NOPR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );

if( mbedtls_hmac_drbg_seed( &hmac_drbg, md_info, myrand, NULL, NULL, 0 ) != 0 )
mbedtls_exit(1);
return(1);
mbedtls_hmac_drbg_set_prediction_resistance( &hmac_drbg,
MBEDTLS_HMAC_DRBG_PR_ON );
TIME_AND_TSC( "HMAC_DRBG SHA-256 (PR)",
if( mbedtls_hmac_drbg_random( &hmac_drbg, buf, BUFSIZE ) != 0 )
mbedtls_exit(1) );
return(1) );
mbedtls_hmac_drbg_free( &hmac_drbg );
#endif
}
Expand Down Expand Up @@ -771,13 +774,13 @@ static int benchmark( int argc, char *argv[] )
if( mbedtls_mpi_read_string( &dhm.P, 16, dhm_P[i] ) != 0 ||
mbedtls_mpi_read_string( &dhm.G, 16, dhm_G[i] ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}

dhm.len = mbedtls_mpi_size( &dhm.P );
mbedtls_dhm_make_public( &dhm, (int) dhm.len, buf, dhm.len, myrand, NULL );
if( mbedtls_mpi_copy( &dhm.GY, &dhm.GX ) != 0 )
mbedtls_exit( 1 );
return( 1 );

mbedtls_snprintf( title, sizeof( title ), "DHE-%d", dhm_sizes[i] );
TIME_PUBLIC( title, "handshake",
Expand Down Expand Up @@ -810,7 +813,7 @@ static int benchmark( int argc, char *argv[] )
mbedtls_ecdsa_init( &ecdsa );

if( mbedtls_ecdsa_genkey( &ecdsa, curve_info->grp_id, myrand, NULL ) != 0 )
mbedtls_exit( 1 );
return( 1 );
ecp_clear_precomputed( &ecdsa.grp );

mbedtls_snprintf( title, sizeof( title ), "ECDSA-%s",
Expand All @@ -832,7 +835,7 @@ static int benchmark( int argc, char *argv[] )
mbedtls_ecdsa_write_signature( &ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size,
tmp, &sig_len, myrand, NULL ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}
ecp_clear_precomputed( &ecdsa.grp );

Expand Down Expand Up @@ -868,7 +871,7 @@ static int benchmark( int argc, char *argv[] )
myrand, NULL ) != 0 ||
mbedtls_ecp_copy( &ecdh.Qp, &ecdh.Q ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}
ecp_clear_precomputed( &ecdh.grp );

Expand All @@ -890,7 +893,7 @@ static int benchmark( int argc, char *argv[] )
if( mbedtls_ecp_group_load( &ecdh.grp, MBEDTLS_ECP_DP_CURVE25519 ) != 0 ||
mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}

TIME_PUBLIC( "ECDHE-Curve25519", "handshake",
Expand All @@ -916,7 +919,7 @@ static int benchmark( int argc, char *argv[] )
mbedtls_ecdh_make_public( &ecdh, &olen, buf, sizeof( buf ),
myrand, NULL ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}
ecp_clear_precomputed( &ecdh.grp );

Expand All @@ -938,7 +941,7 @@ static int benchmark( int argc, char *argv[] )
myrand, NULL ) != 0 ||
mbedtls_ecdh_gen_public( &ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL ) != 0 )
{
mbedtls_exit( 1 );
return( 1 );
}

TIME_PUBLIC( "ECDH-Curve25519", "handshake",
Expand All @@ -961,8 +964,20 @@ static int benchmark( int argc, char *argv[] )
}

int main(void) {
int ret = benchmark(0, NULL);
if (ret != 0) {
mbedtls_printf("Benchmark failed with error %d\r\n", ret);
mbedtls_platform_context platform_ctx;
int exit_code = MBEDTLS_EXIT_FAILURE;

if((exit_code = mbedtls_platform_setup(&platform_ctx)) != 0) {
printf("Platform initialization failed with error %d\r\n", exit_code);
return MBEDTLS_EXIT_FAILURE;
}

exit_code = benchmark(0, NULL, &platform_ctx);
if (exit_code != 0) {
mbedtls_printf("Benchmark failed with error %d\r\n", exit_code);
exit_code = MBEDTLS_EXIT_FAILURE;
}

mbedtls_platform_teardown(&platform_ctx);
return exit_code;
}
25 changes: 21 additions & 4 deletions hashing/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,8 +47,13 @@ static const char hello_str[] = "Hello, world!";
static const unsigned char *hello_buffer = (const unsigned char *) hello_str;
static const size_t hello_len = strlen(hello_str);

static int example(void)
static int example(mbedtls_platform_context* ctx)
{
// The call below is used to avoid the "unused parameter" warning.
// The context itself can be used by cryptographic calls which require it.
// Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more information.
(void)ctx;

mbedtls_printf("\r\n\r\n");

/*
Expand Down Expand Up @@ -152,8 +157,20 @@ static int example(void)
}

int main() {
int ret = example();
if (ret != 0) {
mbedtls_printf("Example failed with error %d\r\n", ret);
mbedtls_platform_context platform_ctx;
int exit_code = MBEDTLS_EXIT_FAILURE;

if((exit_code = mbedtls_platform_setup(&platform_ctx)) != 0) {
printf("Platform initialization failed with error %d\r\n", exit_code);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

printf -> mbedtls_printf

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

mbedtls_printf may be a substituted for a custom printer function that may not work if the platform setup fails.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed.

return MBEDTLS_EXIT_FAILURE;
}

exit_code = example(&platform_ctx);
if (exit_code != 0) {
mbedtls_printf("Example failed with error %d\r\n", exit_code);
exit_code = MBEDTLS_EXIT_FAILURE;
}

mbedtls_platform_teardown(&platform_ctx);
return exit_code;
}
9 changes: 7 additions & 2 deletions tls-client/HelloHttpsClient.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,10 +70,15 @@ const char *HelloHttpsClient::HTTP_HELLO_STR = "Hello world!";
const char *HelloHttpsClient::HTTP_OK_STR = "200 OK";

HelloHttpsClient::HelloHttpsClient(const char *in_server_name,
const uint16_t in_server_port) :
const uint16_t in_server_port,
mbedtls_platform_context* in_platform_ctx) :
socket(),
server_name(in_server_name),
server_port(in_server_port)
server_port(in_server_port),
/* The platform context is passed just in case any crypto calls need it.
* Please refer to https://github.com/ARMmbed/mbedtls/issues/1200 for more
* information. */
platform_ctx(in_platform_ctx)
{
mbedtls_entropy_init(&entropy);
mbedtls_ctr_drbg_init(&ctr_drbg);
Expand Down
6 changes: 5 additions & 1 deletion tls-client/HelloHttpsClient.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
#include "TCPSocket.h"

#include "mbedtls/config.h"
#include "mbedtls/platform.h"
#include "mbedtls/ssl.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"
Expand Down Expand Up @@ -60,7 +61,8 @@ class HelloHttpsClient
* The server port
*/
HelloHttpsClient(const char *in_server_name,
const uint16_t in_server_port);
const uint16_t in_server_port,
mbedtls_platform_context* in_platform_ctx);

/**
* Free any allocated resources
Expand Down Expand Up @@ -223,6 +225,8 @@ class HelloHttpsClient
* The TLS configuration in use
*/
mbedtls_ssl_config ssl_conf;

mbedtls_platform_context* platform_ctx;
};

#endif /* _HELLOHTTPSCLIENT_H_ */
13 changes: 11 additions & 2 deletions tls-client/main.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,13 +49,19 @@ const int SERVER_PORT = 443;
*/
int main()
{
mbedtls_platform_context platform_ctx;
int exit_code = MBEDTLS_EXIT_FAILURE;

if((exit_code = mbedtls_platform_setup(&platform_ctx)) != 0) {
printf("Platform initialization failed with error %d\r\n", exit_code);
return MBEDTLS_EXIT_FAILURE;
}
/*
* The default 9600 bps is too slow to print full TLS debug info and could
* cause the other party to time out.
*/

HelloHttpsClient *client;
int exit_code = MBEDTLS_EXIT_FAILURE;

mbedtls_printf("Starting mbed-os-example-tls/tls-client\n");

Expand All @@ -67,10 +73,12 @@ int main()
#endif /* MBEDTLS_MAJOR_VERSION */

/* Allocate a HTTPS client */
client = new (std::nothrow) HelloHttpsClient(SERVER_NAME, SERVER_PORT);
client = new (std::nothrow) HelloHttpsClient(SERVER_NAME, SERVER_PORT,
&platform_ctx);
if (client == NULL) {
mbedtls_printf("Failed to allocate HelloHttpsClient object\n"
"\nFAIL\n");
mbedtls_platform_teardown(&platform_ctx);
return exit_code;
}

Expand All @@ -84,5 +92,6 @@ int main()

delete client;

mbedtls_platform_teardown(&platform_ctx);
return exit_code;
}