Merge pull request #12150 from Patater/update-tls-crypto-20191220

Update Mbed TLS and Mbed Crypto to latest as of 2019-12-20

Author: 0xc0170

TESTS/mbed-crypto/sanity/main.cpp

@@ -262,13 +262,13 @@ void test_crypto_asymmetric_sign_verify(void)
     psa_set_key_algorithm(&attributes, alg);
     psa_set_key_type(&attributes, key_type);
     TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_import_key(&attributes, key, sizeof(key), &key_handle));
-    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_asymmetric_sign(key_handle, alg, input, sizeof(input),
-                                                       signature, sizeof(signature), &signature_len));
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_sign_hash(key_handle, alg, input, sizeof(input),
+                                                 signature, sizeof(signature), &signature_len));
     TEST_ASSERT_EQUAL(sizeof(signature), signature_len);
     TEST_ASSERT_EQUAL_HEX8_ARRAY(expected_signature, signature, signature_len);
 
-    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_asymmetric_verify(key_handle, alg, input, sizeof(input),
-                                                         signature, signature_len));
+    TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_verify_hash(key_handle, alg, input, sizeof(input),
+                                                   signature, signature_len));
     TEST_ASSERT_EQUAL(PSA_SUCCESS, psa_destroy_key(key_handle));
 }
 

TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp

@@ -373,12 +373,12 @@ void test_use_other_partition_key_asymmetric_sign_verify(void)
     TEST_ASSERT_NOT_EQUAL(0, key_handle);
 
     /* try to asymmetric sign using the key that was created by the test partition */
-    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_sign(key_handle, key_alg, input, sizeof(input),
-                                                                    signature, sizeof(signature), &len));
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_sign_hash(key_handle, key_alg, input, sizeof(input),
+                                                              signature, sizeof(signature), &len));
 
     /* try to asymmetric verify using the key that was created by the test partition */
-    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_asymmetric_verify(key_handle, key_alg, input, sizeof(input),
-                                                                      signature, sizeof(signature)));
+    TEST_ASSERT_EQUAL(PSA_ERROR_INVALID_HANDLE, psa_verify_hash(key_handle, key_alg, input, sizeof(input),
+                                                                signature, sizeof(signature)));
 
     /* via test partition - destroy the key created by the test partition */
     TEST_ASSERT_EQUAL(PSA_SUCCESS, test_partition_crypto_destroy_key(key_handle));

components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto.c

@@ -58,13 +58,13 @@ t_cose_crypto_pub_key_sign(int32_t cose_alg_id,
         return T_COSE_ERR_NO_KID;
     }
 
-    crypto_ret = psa_asymmetric_sign(handle,
-                                     PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
-                                     hash_to_sign.ptr,
-                                     hash_to_sign.len,
-                                     signature_buffer.ptr,
-                                     signature_buffer.len,
-                                     &(signature->len));
+    crypto_ret = psa_sign_hash(handle,
+                               PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+                               hash_to_sign.ptr,
+                               hash_to_sign.len,
+                               signature_buffer.ptr,
+                               signature_buffer.len,
+                               &(signature->len));
 
 
     if (crypto_ret != PSA_SUCCESS)

components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/tfm_impl/attestation_core.c

@@ -942,7 +942,7 @@ attest_create_token(struct useful_buf_c *challenge,
 
 /* Limitations of the current implementation:
  *  - Token is not signed yet properly, just a fake signature is added to the
- *    token due to lack of psa_asymmetric_sign() implementation in crypto
+ *    token due to lack of psa_sign_hash() implementation in crypto
  *    service.
  */
 enum psa_attest_err_t

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/crypto_platform_spe.h

@@ -87,8 +87,8 @@ typedef enum psa_sec_function_s {
     PSA_AEAD_FINISH,
     PSA_AEAD_VERIFY,
     PSA_AEAD_ABORT,
-    PSA_ASYMMETRIC_SIGN,
-    PSA_ASYMMETRIC_VERIFY,
+    PSA_SIGN_HASH,
+    PSA_VERIFY_HASH,
     PSA_ASYMMETRIC_ENCRYPT,
     PSA_ASYMMETRIC_DECRYPT,
     PSA_KEY_DERIVATION_SETUP,

components/TARGET_PSA/services/crypto/COMPONENT_PSA_SRV_IPC/psa_crypto_spm.c

@@ -1216,16 +1216,16 @@ psa_status_t psa_aead_abort(psa_aead_operation_t *operation)
     return ipc_call(&operation->handle, &in_vec, 1, NULL, 0, true);
 }
 
-psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
-                                 psa_algorithm_t alg,
-                                 const uint8_t *hash,
-                                 size_t hash_length,
-                                 uint8_t *signature,
-                                 size_t signature_size,
-                                 size_t *signature_length)
+psa_status_t psa_sign_hash(psa_key_handle_t handle,
+                           psa_algorithm_t alg,
+                           const uint8_t *hash,
+                           size_t hash_length,
+                           uint8_t *signature,
+                           size_t signature_size,
+                           size_t *signature_length)
 {
     psa_crypto_ipc_asymmetric_t psa_crypto_ipc = {
-        .func           = PSA_ASYMMETRIC_SIGN,
+        .func           = PSA_SIGN_HASH,
         .handle         = handle,
         .alg            = alg,
         .input_length   = 0,
@@ -1246,15 +1246,15 @@ psa_status_t psa_asymmetric_sign(psa_key_handle_t handle,
     return (status);
 }
 
-psa_status_t psa_asymmetric_verify(psa_key_handle_t handle,
-                                   psa_algorithm_t alg,
-                                   const uint8_t *hash,
-                                   size_t hash_length,
-                                   const uint8_t *signature,
-                                   size_t signature_size)
+psa_status_t psa_verify_hash(psa_key_handle_t handle,
+                             psa_algorithm_t alg,
+                             const uint8_t *hash,
+                             size_t hash_length,
+                             const uint8_t *signature,
+                             size_t signature_size)
 {
     psa_crypto_ipc_asymmetric_t psa_crypto_ipc = {
-        .func           = PSA_ASYMMETRIC_VERIFY,
+        .func           = PSA_VERIFY_HASH,
         .handle         = handle,
         .alg            = alg,
         .input_length   = 0,

components/TARGET_PSA/services/crypto/COMPONENT_SPE/crypto_spe.h

@@ -59,8 +59,8 @@ extern "C" {
 #define psa_aead_finish  psa_sec_aead_finish
 #define psa_aead_verify  psa_sec_aead_verify
 #define psa_aead_abort  psa_sec_aead_abort
-#define psa_asymmetric_sign  psa_sec_asymmetric_sign
-#define psa_asymmetric_verify  psa_sec_asymmetric_verify
+#define psa_sign_hash  psa_sec_sign_hash
+#define psa_verify_hash  psa_sec_verify_hash
 #define psa_asymmetric_encrypt  psa_sec_asymmetric_encrypt
 #define psa_asymmetric_decrypt  psa_sec_asymmetric_decrypt
 #define psa_key_derivation_setup  psa_sec_key_derivation_setup

components/TARGET_PSA/services/crypto/COMPONENT_SPE/psa_crypto_partition.c

@@ -989,7 +989,7 @@ static void psa_asymmetric_operation(void)
             }
 
             switch (psa_crypto.func) {
-                case PSA_ASYMMETRIC_SIGN: {
+                case PSA_SIGN_HASH: {
                     uint8_t *signature = NULL;
                     uint8_t *hash = NULL;
                     size_t signature_length = 0,
@@ -1015,9 +1015,9 @@ static void psa_asymmetric_operation(void)
                     }
 
                     if (status == PSA_SUCCESS) {
-                        status = psa_asymmetric_sign(psa_crypto.handle, psa_crypto.alg,
-                                                     hash, hash_size,
-                                                     signature, signature_size, &signature_length);
+                        status = psa_sign_hash(psa_crypto.handle, psa_crypto.alg,
+                                               hash, hash_size,
+                                               signature, signature_size, &signature_length);
 
                         if (status == PSA_SUCCESS) {
                             psa_write(msg.handle, 0, signature, signature_length);
@@ -1030,7 +1030,7 @@ static void psa_asymmetric_operation(void)
                     break;
                 }
 
-                case PSA_ASYMMETRIC_VERIFY: {
+                case PSA_VERIFY_HASH: {
                     uint8_t *signature = NULL;
                     uint8_t *hash = NULL;
                     size_t signature_size = msg.in_size[1],
@@ -1060,9 +1060,9 @@ static void psa_asymmetric_operation(void)
                     }
 
                     if (status == PSA_SUCCESS) {
-                        status = psa_asymmetric_verify(psa_crypto.handle, psa_crypto.alg,
-                                                       hash, hash_size,
-                                                       signature, signature_size);
+                        status = psa_verify_hash(psa_crypto.handle, psa_crypto.alg,
+                                                 hash, hash_size,
+                                                 signature, signature_size);
                     }
 
                     mbedtls_free(signature);

features/mbedtls/VERSION.txt

@@ -1 +1 @@
-mbedtls-2.20.0d0
+mbedtls-2.20.0d1

features/mbedtls/importer/Makefile

@@ -27,8 +27,8 @@
 #
 
 # Set the mbed TLS release to import (this can/should be edited before import)
-MBED_TLS_RELEASE ?= mbedtls-2.20.0d0
-MBED_TLS_REPO_URL ?= [email protected]:ARMmbed/mbedtls-restricted.git
+MBED_TLS_RELEASE ?= mbedtls-2.20.0d1
+MBED_TLS_REPO_URL ?= [email protected]:ARMmbed/mbedtls.git
 
 # Translate between mbed TLS namespace and mbed namespace
 TARGET_PREFIX:=../

features/mbedtls/inc/mbedtls/error.h

@@ -52,9 +52,10 @@
  * For historical reasons, low-level error codes are divided in even and odd,
  * even codes were assigned first, and -1 is reserved for other errors.
  *
- * Low-level module errors (0x0002-0x007E, 0x0003-0x007F)
+ * Low-level module errors (0x0002-0x007E, 0x0001-0x007F)
  *
  * Module   Nr  Codes assigned
+ * ERROR     2  0x006E          0x0001
  * MPI       7  0x0002-0x0010
  * GCM       3  0x0012-0x0014   0x0013-0x0013
  * BLOWFISH  3  0x0016-0x0018   0x0017-0x0017
@@ -86,7 +87,7 @@
  * CHACHA20  3                  0x0051-0x0055
  * POLY1305  3                  0x0057-0x005B
  * CHACHAPOLY 2 0x0054-0x0056
- * PLATFORM  1  0x0070-0x0072
+ * PLATFORM  2  0x0070-0x0072
  *
  * High-level module nr (3 bits - 0x0...-0x7...)
  * Name      ID  Nr of Errors
@@ -112,6 +113,9 @@
 extern "C" {
 #endif
 
+#define MBEDTLS_ERR_ERROR_GENERIC_ERROR       -0x0001  /**< Generic error */
+#define MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED -0x006E  /**< This is a bug in the library */
+
 /**
  * \brief Translate a mbed TLS error code into a string representation,
  *        Result is truncated if necessary and always includes a terminating

features/mbedtls/mbed-crypto/VERSION.txt

@@ -1 +1 @@
-mbedcrypto-2.1.0d0
+mbedcrypto-3.0.0d0

features/mbedtls/mbed-crypto/importer/Makefile

@@ -29,8 +29,8 @@
 
 # Set the Mbed Crypto release to import (this can/should be edited before
 # import)
-CRYPTO_RELEASE ?= mbedcrypto-2.1.0d0
-CRYPTO_REPO_URL ?= [email protected]:ARMmbed/mbedtls-psa.git
+CRYPTO_RELEASE ?= mbedcrypto-3.0.0d0
+CRYPTO_REPO_URL ?= [email protected]:ARMmbed/mbed-crypto.git
 
 # Translate between Mbed Crypto namespace and Mbed OS namespace
 TARGET_PREFIX:=..

features/mbedtls/mbed-crypto/inc/mbedtls/asn1.h

@@ -75,6 +75,7 @@
 #define MBEDTLS_ASN1_OCTET_STRING            0x04
 #define MBEDTLS_ASN1_NULL                    0x05
 #define MBEDTLS_ASN1_OID                     0x06
+#define MBEDTLS_ASN1_ENUMERATED              0x0A
 #define MBEDTLS_ASN1_UTF8_STRING             0x0C
 #define MBEDTLS_ASN1_SEQUENCE                0x10
 #define MBEDTLS_ASN1_SET                     0x11
@@ -254,13 +255,32 @@ int mbedtls_asn1_get_bool( unsigned char **p,
  *              a valid ASN.1 INTEGER.
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
- * \return      An ASN.1 error code if the input does not start with
- *              a valid ASN.1 INTEGER.
  */
 int mbedtls_asn1_get_int( unsigned char **p,
                           const unsigned char *end,
                           int *val );
 
+/**
+ * \brief       Retrieve an enumerated ASN.1 tag and its value.
+ *              Updates the pointer to immediately behind the full tag.
+ *
+ * \param p     On entry, \c *p points to the start of the ASN.1 element.
+ *              On successful completion, \c *p points to the first byte
+ *              beyond the ASN.1 element.
+ *              On error, the value of \c *p is undefined.
+ * \param end   End of data.
+ * \param val   On success, the parsed value.
+ *
+ * \return      0 if successful.
+ * \return      An ASN.1 error code if the input does not start with
+ *              a valid ASN.1 ENUMERATED.
+ * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
+ *              not fit in an \c int.
+ */
+int mbedtls_asn1_get_enum( unsigned char **p,
+                           const unsigned char *end,
+                           int *val );
+
 /**
  * \brief       Retrieve a bitstring ASN.1 tag and its value.
  *              Updates the pointer to immediately behind the full tag.
@@ -367,8 +387,6 @@ int mbedtls_asn1_get_sequence_of( unsigned char **p,
  * \return      #MBEDTLS_ERR_ASN1_INVALID_LENGTH if the parsed value does
  *              not fit in an \c int.
  * \return      An MPI error code if the parsed value is too large.
- * \return      An ASN.1 error code if the input does not start with
- *              a valid ASN.1 INTEGER.
  */
 int mbedtls_asn1_get_mpi( unsigned char **p,
                           const unsigned char *end,

features/mbedtls/mbed-crypto/inc/mbedtls/asn1write.h

@@ -192,6 +192,21 @@ int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start,
  */
 int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
 
+/**
+ * \brief           Write an enum tag (#MBEDTLS_ASN1_ENUMERATED) and value
+ *                  in ASN.1 format.
+ *
+ * \note            This function works backwards in data buffer.
+ *
+ * \param p         The reference to the current position pointer.
+ * \param start     The start of the buffer, for bounds-checking.
+ * \param val       The integer value to write.
+ *
+ * \return          The number of bytes written to \p p on success.
+ * \return          A negative \c MBEDTLS_ERR_ASN1_XXX error code on failure.
+ */
+int mbedtls_asn1_write_enum( unsigned char **p, unsigned char *start, int val );
+
 /**
  * \brief           Write a string in ASN.1 format using a specific
  *                  string encoding tag.