Since 2.9.0 release mbedTLS has some minor functional improvements,
security fixes and bug fixed. A list with all changes can be found
in:
./ext/lib/crypto/mbedtls/ChangeLog
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Update tinycrypt to latest revision, two commits after 0.2.8 release.
These commits are only bug fixes and one of them is fixing incorrect
buffer size in decryption with CBC mode.
This algorithm is being used by tinycrypt shim and is tested in
samples/drivers/crypto/.
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
- Remove redundant 'n' defaults. 'n' is the default value for bool
symbols.
This makes the auto-generated documentation clearer as well: You get
"implicitly defaults to n" instead of
"- n if <propagated dependencies>".
- Shorten
<type>
prompt "foo"
to
<type> "foo"
This works for all types, not just bool.
- Various formatting nits.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Default configuration of config-tls-generic.h mimics the current default
config file configuration - config-mini-tls1_2.h, thererfore it can be
safely used instead of it.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
This commits provides a config file for mbedtls that can be modifed by
Kconfig. In result features like supported ciphersuites can be easily
adjusted from Kconfig.
Signed-off-by: Robert Lubos <robert.lubos@nordicsemi.no>
Bool symbols implicitly default to 'n'.
A 'default n' could make sense e.g. in a Kconfig.defconfig file, if you
wanted to override a 'default y' on the base definition of the symbol,
but it doesn't seem to be used like that on any of these symbols.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
mbedTLS 2.9.0 removed several macros from the config-ccm-psk-tls1_2.h
configuration that we need defined to build mbedTLS in zephyr. This
fixes the CI build failure in samples/net/mbedtls_sslclient
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
Mbed TLS 2.9.0 introduces some minor functional improvements including
code size reductions with smaller AES tables, and initial support for
Curve448 along with some security fixes and bug fixes.
Signed-off-by: Maureen Helm <maureen.helm@nxp.com>
This updates mbedTLS to 2.8.0, which fixes CVEs 2018-0488 and
2048-0487, that affects 2.7.0.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Instead of CONFIG_COAP_MBEDTLS_SSL_MAX_CONTENT_LEN, use recently
introduced CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN.
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This value allows to set max payload length of a TLS protocol
message, and passed thru to mbedTLS as MBEDTLS_SSL_MAX_CONTENT_LEN
setting. The only safe value is 16384, which translates to 32KB
of RAM required just for mbedTLS input/output buffers. Any other
value can be configured *only* per a particular application
(e.g. knowing that it won't pass more than spefific amount of
data at once and/or won't connect to a server with a long cert
chain). Previosuly, we had quite an adhoc and inflexible config
with random values for that setting, based on protocol.
Note that while the safe value is 16384, "backward compatible"
default of 1500 is used (good for DTLS on the other hand).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
mbedTLS log level is obviously a mbedTLS config setting. It makes
sense to have it defined in mbedTLS Kconfig, and different parts
of Zephyr to reuse as needed (e.g. net-app vs upcoming TLS wrapper
for sockets).
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Fix Kconfig help sections and add spacing to be consistent across all
Kconfig file. In a previous run we missed a few.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The previous default, "config-threadnet.h", is more or less arbitrary
choice made in a commit 312def2c78 1.5 years ago. In particular,
it's not related to Thread support in Zephyr per se (there was no
such support at that time).
It doesn't make sense to have a default intended for a particular,
not widely used (yet) protocol. Instead, the default should work
out of the box with a contemporary widely deployed arrays of TLS
servers, which are HTTPS server. config-mini-tls1_2.h works with
https://google.com, and by extension, with many other servers on
the Internet.
So, have that as the default, and let applications with special
needs to override that to what they need.
Addresses: #6132
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
This config enables TLS 1.2 (only), as its name suggests, and
contrary to the (copy-pasted) comments in the file header, so
update these comments.
Fixes: #6131
Signed-off-by: Paul Sokolovsky <paul.sokolovsky@linaro.org>
Due to a security advisory released on February 1st 2018[1], it's
advisable to update mbedTLS to 2.7.0.
The vulnerability, identified as CVE-2018-0488 and CVE-2018-0487, risk
remote code execution when truncated HMAC is enabled or when verifying
RSASSA-PSS signatures.
[1] https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01Fixes: #6025
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Kbuild supported CONFIG_MBEDTLS_LIBRARY and
CONFIG_MBEDTLS_INSTALL_PATH to allow users to link in an externally
built mbedtls. This was not ported over to CMake, causing build
failures when it was kconfig-enabled.
This patch implements this support. This support has been tested
as well as MBEDTLS_LIBRARY was tested in CI.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Signed-off-by: Ding Tao <miyatsu@qq.com>
CONFIG_MBEDTLS means you are using MBEDTLS
CONFIG_MBEDTLS_BUILTIN means you are using a built-in MDEDTLS
CONFIG_MBEDTLS_LIBRARY means you are using an external MBEDTLS
This patch ensures that you must select one or the other
implementation when MBEDTLS is enabled.
Tested by opening xconfig and observing that when MBEDTLS was enabled,
BUILTIN was automatically enabled, and a radio-button interface
existed to change the implementation.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
Signed-off-by: Ding Tao <miyatsu@qq.com>
mbedTLS include directories will now default to be in the 'app'
include path when mbedTLS has been enabled.
Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>
The CoAP samples use an MBEDTLS config "config-coap.h" which could be
re-used by the LwM2M sample, except that most servers use a larger
maximum content length setting of 1500 bytes.
Let's add a CONFIG to set this for users of the CoAP lib and set the
CONFIG value for the samples to the 256 size currently used.
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
Version 0.2.8 of this library has been released on Aug 29, and this
patch updates the library from version 0.2.7. A summary of changes
is available at the official repository at:
https://github.com/01org/tinycrypt/releases/tag/v0.2.8
A number of the changes we already had in tree, so the import to sync
with v0.2.8 is pretty minor.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
Mysterious TLS errors are printed if we try to work with too
small crypto buffer when https is enabled.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Set default MBEDTLS_HEAP_SIZE to 512 which fixes the driver Kconfig
dependency issues.
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
This should clear up some of the confusion with random number
generators and drivers that obtain entropy from the hardware. Also,
many hardware number generators have limited bandwidth, so it's natural
for their output to be only used for seeding a random number generator.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
When default "n" is selected (as it is by default) this sets:
CONFIG_MBEDTLS_DEBUG="n"
When checked by the existing logic (example shown below) will always
be true and debug will be enabled all the time:
//#if defined(CONFIG_MBEDTLS_DEBUG)
Instead, let's change the config type to "bool" which will be
undefined when set to "n" (by default). The existing #if defined()
checks will work correctly.
NOTE: This fix saves a lot of binary space when MBEDTLS is enabled
due to the amount debug output being compiled in.
Signed-off-by: Michael Scott <michael.scott@linaro.org>
Due to a security advisory released on August 28th 2017[1], it's
advisable to update mbedTLS to 2.6.0.
The vulnerability, identified as CVE-2017-14032, allows bypassing the
authentication of a peer when the authentication mode is configured as
optional (the default is secure, but applications might change the
setting.)
tests/crypto/mbedtls is passing.
[1] https://goo.gl/s4imN6
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This commit fixes the issue reported by Coverity: an array compared
against NULL is always false.
Coverity-CID: 143715
Coverity-CID: 143730
THis patch is ported from below patch:
https://gerrit.zephyrproject.org/r/#/c/7419/
Jira : ZEP-2468
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
This commit fixes the issue reported by Coverity: an array compared
against NULL is always false.
Coverity-CID: 143687
Coverity-CID: 143737
Coverity-CID: 143740
This patch is ported from the below patch:
https://gerrit.zephyrproject.org/r/#/c/7418/
Jira: ZEP-2468
Signed-off-by: Ramakrishna Pallala <ramakrishna.pallala@intel.com>
Zeroing out 2*NUM_ECC_WORDS bytes starting from the `p2` pointer would
not only write 16 bytes to an 8-byte array allocated on the stack, but
also not clear out important arrays such as `_private` and `tmp`.
Moreover, no memory was cleared out before returning from the function,
and there are two exit points.
Properly memset() all private data and use an empty assembly block
referencing the memory region to avoid the memset() calls to be elided
by the compiler.
Ideally, in the future, all stack-allocated variables that contains
sensitive information should be marked with __attribute__((cleanup)), a
GCC extension that calls a function when the variable exits the scope.
This will not only reduce code size, but for other functions with
multiple exit points, also ensure that sensitive data is always
cleared.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
This mbedtls configuration creates support for DTLS. The values
are not optimized for RAM usage, but can be used for various
networking sample applications.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Version 0.2.7 of this library has been released on June 30th, and this
patch updates the library from version 0.2.6. A summary of changes
is available at the official repository at:
https://github.com/01org/tinycrypt/releases/tag/v0.2.7
There were some API changes in this version, so some tests are not
building: ccm_mode, ecc_dh, and ecc_dsa. Fixes to these tests and
subsystems affected by the changes will be provided.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
This changes increases content buffer length
MBEDTLS_SSL_MAX_CONTENT_LEN to 1500 bytes so that we can use
this config for echo-client and echo-server network sample
applications which need to send bigger data than 1024 bytes.
Removing MBEDTLS_PEM_PARSE_C as we do not have any cert in PEM
format.
Place various MBEDTLS debug options behind CONFIG_MBEDTLS_DEBUG
Kconfig option which was introduced in previous commit.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Add Kconfig option that can be used to enable various debug
options in mbedtls config file.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
As the mbedtls heap is global for the whole device, enable it
during device startup if configured so. The heap size can be
set in config file. There is no default value for the heap as
that depends very much on application needs.
Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com>
TinyCrypt 0.2.5 was released a few hours ago:
https://github.com/01org/tinycrypt/releases/tag/v0.2.5
This patch updates some TinyCrypt files, solving the following issues:
- Decryptions using ccm mode can incorrectly fail
- Minor style issues in code documentation
Change-Id: I606cde179888aad7a52fd277d73973f2347d8882
Signed-off-by: Flavio Santes <flavio.santes@intel.com>
Flavio Ceolin