[tf-psa-crypto] MBEDTLS_PLATFORM_GET_ENTROPY_ALT in 4.0 #212
Conversation
valeriosetti
added
size-s
github-project-automation
bot
moved this to In Development
in Roadmap pull requests (new board)
There was a problem hiding this comment.
I just did a design review. I won't be able to do a full code review.
We just realized this morning that the issue description wasn't very clear, and several things were in Janos's mind and mine but we hadn't written them down. Sorry about this. I added a note to the issue and some comments here, hopefully that should clarify things.
| * in such information, so the function must handle | ||
| * this. | ||
| */ | ||
| int mbedtls_entropy_hardware_poll(unsigned char *output, size_t output_size, |
There was a problem hiding this comment.
Non-blocker: since the function is now declared in platform.h, should we call it mbedtls_platform_xxx? Same question about the configuration option. Maybe MBEDTLS_PLATFORM_GET_ENTROPY_ALT and mbedtls_platform_get_entropy()?
| * \param[out] entropy_content Measure of the entropy content (in bits) of the | ||
| * data written in the \p output buffer. The pointer |
There was a problem hiding this comment.
Please add the constraint that for the time being, the function must set entropy_content = 8 * *output_len on success. The library will be extended later to support partial entropy.
| * can be \c NULL in case the caller is not interested | ||
| * in such information, so the function must handle | ||
| * this. |
There was a problem hiding this comment.
We don't need to support callers that don't want the value. entropy_content is guaranteed to be non-null.
| * \brief User defined callback function that is used from the entropy | ||
| * module to gather entropy data from some hardware device. | ||
| * | ||
| * \warning This is not provided by Mbed TLS. |
There was a problem hiding this comment.
I don't think “not provided by Mbed TLS” is a useful warning. Also, it's TF-PSA-Crypto now.
On the other hand, the function's documentation should state that this function is only used when MBEDTLS_ENTROPY_HARDWARE_POLL is defined. This is otherwise not visible when you read the Doxygen-rendered documentation.
ChangeLog.d/9618.txt
Outdated
| `MBEDTLS_ENTROPY_HARDWARE_POLL_MIN` can optionally optinally define the | ||
| minimum number of bytes that should be polled using that function before | ||
| declaring entropy gathering completed. If not defined, then a default | ||
| value of 32 bytes is used. |
There was a problem hiding this comment.
MBEDTLS_ENTROPY_HARDWARE_POLL_MIN should not be a configuration parameter, at least not in this form. The RNG needs a certain amount of entropy. This minimum is up to the system configuration (and in particular the required cryptographic strength for the system), not up to the hardware integration. The person writing the TRNG device driver doesn't get to choose this value.
I think we should just use the existing MBEDTLS_ENTROPY_MIN_PLATFORM here. The distinction between “platform source” and “hardware source” doesn't really make sense as it's currently described in entropy_poll.h. Actually the “platform source” is the operating system integrations that the library supports out of the box, and the “hardware source” is the one for other systems where the integrator needs to provide a driver.
ChangeLog.d/9618.txt
Outdated
| removed. | ||
|
|
||
| Features | ||
| * The new symbol `MBEDTLS_ENTROPY_HARDWARE_POLL` is added to allow the |
There was a problem hiding this comment.
The changelog entries should probably mention the function names as well as the option names, for easier searching.
drivers/builtin/src/entropy_poll.h
Outdated
| void *data, unsigned char *output, size_t len, size_t *olen) | ||
| { | ||
| (void) data; | ||
| return mbedtls_entropy_hardware_poll(output, len, olen, NULL); |
There was a problem hiding this comment.
The wrapper should check the entropy content and fail if it's less than full entropy, i.e. if entropy_output < 8 * *olen. Please add a unit test for that in test_suite_entropy.
Also the entropy collection should fail if *olen is too small and as a result there isn't enough entropy, collected from all sources. I believe this is covered by the existing tests in test_suite_entropy, but please double-check.
There was a problem hiding this comment.
The wrapper should check the entropy content and fail if it's less than full entropy, i.e. if entropy_output < 8 * *olen. Please add a unit test for that in test_suite_entropy.
While adding the check on the wrapper and testing it with the new component tf_psa_crypto_platform_get_entropy_alt I found that tests are already failing if the returned entropy content is not correct, so there seems to be no need for a new test step. As reference implementation I'm using the one proposed in the companion PR Mbed-TLS/mbedtls-framework#151.
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
49842b8 to
a5de9ab
Compare
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
a5de9ab to
17e588b
Compare
valeriosetti
changed the title
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
2 times, most recently
from
dfe34b3 to
92e6f42
Compare
|
I think that CI failures in |
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
92e6f42 to
fa5d3d3
Compare
|
I just forced push the last commit following the merge of Mbed-TLS/mbedtls-framework#151. No other change was made |
Thinking on this a bit more I think I can explain why |
valeriosetti
dismissed stale reviews from bjwtaylor and gabor-mezei-arm
via
0b4ca69
|
It's problematic to merge something in the crypto repository that breaks the CI, since it means crypto will be broken on all branches that don't have this PR merged yet. Can you please add a transition function |
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
ced4965 to
88c818c
Compare
@gilles-peskine-arm I just created #273 to track this |
|
@gilles-peskine-arm although I added the stub function for |
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
88c818c to
996bb07
Compare
|
Since we agreed to manually merge this PR and then set Mbed-TLS/mbedtls#10090 on the merge queue immediately after that I removed the temporary commit 26fdaa1 which was added as attempt to make the CI fully happy. |
component_tf_psa_crypto_test_platform_get_entropy_alt() was missing the _test_ part in order to be aligned with the standard naming form. Correct naming is component_tf_psa_crypto_test_platform_get_entropy_alt(). Signed-off-by: Valerio Setti <[email protected]>
Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
issue9618-tfpsacrypto
branch
from
996bb07 to
1294fd2
Compare
|
Sorry for the last minute fix, but since I had to modify the PR on the main repo to make its CI happy, I preferred to fix the name of the test component being added also in this PR (see new commit). |
There was a problem hiding this comment.
LGTM at 1294fd2. The CI is still unhappy but that's expected: we are breaking TF-PSA-Crypto, and Mbed-TLS/mbedtls#10090 will fix it.
gilles-peskine-arm
added
needs-work
needs-review
| @@ -24,5 +24,6 @@ | |||
| #define MBEDTLS_PSA_CRYPTO_C | |||
| #define MBEDTLS_CTR_DRBG_C | |||
| #define MBEDTLS_ENTROPY_C | |||
| #define MBEDTLS_PLATFORM_C | |||
There was a problem hiding this comment.
This shouldn't be necessary. MBEDTLS_PLATFORM_C should only be needed to support runtime configuration of platform features. Neither MBEDTLS_PLATFORM_GET_ENTROPY_ALT nor !MBEDTLS_PLATFORM_GET_ENTROPY_ALT should require MBEDTLS_PLATFORM_C.
I think the natural way to fix this is to move the code from platform.c to platform_util.c.
At this point, given that we're planning to do a disruptive combined merge tonight, I propose to merge as is, and do a follow-up that does the move and removes the added enabling of MBEDTLS_PLATFORM_C in both TF-PSA-Crypto and mbedtls.
|
As previously discussed, I'm going ahead and force-merging this pull request. This will break the CI on TF-PSA-Crypto where it consumes the head of mbedtls, to be fixed by merging Mbed-TLS/mbedtls#10090. |
github-project-automation
bot
moved this from Has Approval
to Done
in Roadmap pull requests (new board)
Description
This helps resolving Mbed-TLS/mbedtls#9618
CI note
Due to dependencies with the main repo PR please evaluate the CI of 10090 as validation of this PR.
PR checklist