From 1e8f18c5198342fd94484b76e2d358c126a3a0fa Mon Sep 17 00:00:00 2001 From: Deomid Ryabkov Date: Wed, 1 Jan 2020 03:16:39 +0300 Subject: [PATCH] Update mbedTLS to 2.16.3-cesanta4 Changes necessary for Apple HomeKit * Enabled Curve25519 * Cherry-picked `mbedtls_ecp_read_key()` from 2.18 CL: mbedTLS 2.16.3-cesanta4: Enable Curve25519, add mbedtls_ecp_read_key() PUBLISHED_FROM=75464cbd459d50f0739fd6c53a8219599ccc2dec --- mbedtls/include/mbedtls/bignum.h | 20 ++++++- mbedtls/include/mbedtls/config.h | 2 +- mbedtls/include/mbedtls/ecp.h | 16 ++++++ mbedtls/include/mbedtls/version.h | 4 +- mbedtls/tests/suites/test_suite_ecdh.function | 7 ++- mbedtls/tests/suites/test_suite_ecp.data | 52 +++++++++++++++++++ mbedtls/tests/suites/test_suite_ecp.function | 22 ++++++++ mbedtls/tests/suites/test_suite_mpi.data | 3 ++ mbedtls/tests/suites/test_suite_mpi.function | 19 +++++++ mos.yml | 2 +- 10 files changed, 137 insertions(+), 10 deletions(-) diff --git a/mbedtls/include/mbedtls/bignum.h b/mbedtls/include/mbedtls/bignum.h index 1c86072..833a800 100644 --- a/mbedtls/include/mbedtls/bignum.h +++ b/mbedtls/include/mbedtls/bignum.h @@ -495,8 +495,24 @@ int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen ); /** - * \brief Export an MPI into unsigned big endian binary data - * of fixed size. + * \brief Import X from unsigned binary data, little endian + * + * \param X The destination MPI. This must point to an initialized MPI. + * \param buf The input buffer. This must be a readable buffer of length + * \p buflen Bytes. + * \param buflen The length of the input buffer \p p in Bytes. + * + * \return \c 0 if successful. + * \return #MBEDTLS_ERR_MPI_ALLOC_FAILED if memory allocation failed. + * \return Another negative error code on different kinds of failure. + */ +int mbedtls_mpi_read_binary_le( mbedtls_mpi *X, + const unsigned char *buf, size_t buflen ); + +/** + * \brief Export X into unsigned binary data, big endian. + * Always fills the whole buffer, which will start with zeros + * if the number is smaller. * * \param X The source MPI. This must point to an initialized MPI. * \param buf The output buffer. This must be a writable buffer of length diff --git a/mbedtls/include/mbedtls/config.h b/mbedtls/include/mbedtls/config.h index f1bd88c..fa157f9 100644 --- a/mbedtls/include/mbedtls/config.h +++ b/mbedtls/include/mbedtls/config.h @@ -762,7 +762,7 @@ //#define MBEDTLS_ECP_DP_BP256R1_ENABLED //#define MBEDTLS_ECP_DP_BP384R1_ENABLED //#define MBEDTLS_ECP_DP_BP512R1_ENABLED -//#define MBEDTLS_ECP_DP_CURVE25519_ENABLED +#define MBEDTLS_ECP_DP_CURVE25519_ENABLED //#define MBEDTLS_ECP_DP_CURVE448_ENABLED /** diff --git a/mbedtls/include/mbedtls/ecp.h b/mbedtls/include/mbedtls/ecp.h index 3e2db5e..0ca0792 100644 --- a/mbedtls/include/mbedtls/ecp.h +++ b/mbedtls/include/mbedtls/ecp.h @@ -1094,6 +1094,22 @@ int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); +/** + * \brief This function reads an ECP key. + * + * \param grp_id The ECP group identifier. + * \param key The destination key. + * \param buf The the buffer containing the binary representation of the + * key. (Big endian integer for Weierstrass curves, byte + * string for Montgomery curves.) + * \param buflen The length of the buffer in bytes. + * + * \return \c 0 on success. + * \return An \c MBEDTLS_ERR_ECP_XXX or \c MBEDTLS_MPI_XXX error code + * on failure. + */ +int mbedtls_ecp_read_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key, + const unsigned char *buf, size_t buflen ); /** * \brief This function checks that the keypair objects * \p pub and \p prv have the same group and the diff --git a/mbedtls/include/mbedtls/version.h b/mbedtls/include/mbedtls/version.h index 1702b36..959735c 100644 --- a/mbedtls/include/mbedtls/version.h +++ b/mbedtls/include/mbedtls/version.h @@ -48,8 +48,8 @@ * Major version | Minor version | Patch version */ #define MBEDTLS_VERSION_NUMBER 0x02100300 -#define MBEDTLS_VERSION_STRING "2.16.3-cesanta3" -#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.3-cesanta3" +#define MBEDTLS_VERSION_STRING "2.16.3-cesanta4" +#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.16.3-cesanta4" #if defined(MBEDTLS_VERSION_C) diff --git a/mbedtls/tests/suites/test_suite_ecdh.function b/mbedtls/tests/suites/test_suite_ecdh.function index 1a33d81..d6bed7f 100644 --- a/mbedtls/tests/suites/test_suite_ecdh.function +++ b/mbedtls/tests/suites/test_suite_ecdh.function @@ -22,10 +22,9 @@ static int load_private_key( int grp_id, data_t *private_key, rnd_pseudo_info *rnd_info ) { int ok = 0; - TEST_ASSERT( mbedtls_ecp_group_load( &ecp->grp, grp_id ) == 0 ); - TEST_ASSERT( mbedtls_mpi_read_binary( &ecp->d, - private_key->x, - private_key->len ) == 0 ); + TEST_ASSERT( mbedtls_ecp_read_key( grp_id, ecp, + private_key->x, + private_key->len ) == 0 ); TEST_ASSERT( mbedtls_ecp_check_privkey( &ecp->grp, &ecp->d ) == 0 ); /* Calculate the public key from the private key. */ TEST_ASSERT( mbedtls_ecp_mul( &ecp->grp, &ecp->Q, &ecp->d, diff --git a/mbedtls/tests/suites/test_suite_ecp.data b/mbedtls/tests/suites/test_suite_ecp.data index 30d5ec6..d83b6ac 100644 --- a/mbedtls/tests/suites/test_suite_ecp.data +++ b/mbedtls/tests/suites/test_suite_ecp.data @@ -244,6 +244,58 @@ ECP gen keypair wrapper depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED mbedtls_ecp_gen_key:MBEDTLS_ECP_DP_SECP192R1 +ECP read key #1 (short weierstrass, too small) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"00":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP read key #2 (short weierstrass, smallest) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"01":0 + +ECP read key #3 (short weierstrass, biggest) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22830":0 + +ECP read key #4 (short weierstrass, too big) +depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_SECP192R1:"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP read key #5 (montgomery, too big) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"000000000000000000000000000000000000000000000000000000000000000C":0 + +ECP read key #6 (montgomery, not big enough) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":0 + +ECP read key #7 (montgomery, msb OK) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0000000000000000000000000000000000000000000000000000000000000004":0 + +ECP read key #8 (montgomery, bit 0 set) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"1000000000000000000000000000000000000000000000000000000000000000":0 + +ECP read key #9 (montgomery, bit 1 set) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"2000000000000000000000000000000000000000000000000000000000000004":0 + +ECP read key #10 (montgomery, bit 2 set) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"4000000000000000000000000000000000000000000000000000000000000004":0 + +ECP read key #11 (montgomery, OK) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"8FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7":0 + +ECP read key #12 (montgomery, too long) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"00000000000000000000000000000000000000000000000000000000000000000C":MBEDTLS_ERR_ECP_INVALID_KEY + +ECP read key #13 (montgomery, not long enough) +depends_on:MBEDTLS_ECP_DP_CURVE25519_ENABLED +mbedtls_ecp_read_key:MBEDTLS_ECP_DP_CURVE25519:"0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3":MBEDTLS_ERR_ECP_INVALID_KEY + ECP mod p192 small (more than 192 bits, less limbs than 2 * 192 bits) depends_on:MBEDTLS_ECP_DP_SECP192R1_ENABLED ecp_fast_mod:MBEDTLS_ECP_DP_SECP192R1:"0100000000000103010000000000010201000000000001010100000000000100" diff --git a/mbedtls/tests/suites/test_suite_ecp.function b/mbedtls/tests/suites/test_suite_ecp.function index 0b2e029..72ae931 100644 --- a/mbedtls/tests/suites/test_suite_ecp.function +++ b/mbedtls/tests/suites/test_suite_ecp.function @@ -1008,6 +1008,28 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_ecp_read_key( int grp_id, data_t* in_key, int expected ) +{ + int ret = 0; + mbedtls_ecp_keypair key; + + mbedtls_ecp_keypair_init( &key ); + + ret = mbedtls_ecp_read_key( grp_id, &key, in_key->x, in_key->len ); + TEST_ASSERT( ret == expected ); + + if( expected == 0 ) + { + ret = mbedtls_ecp_check_privkey( &key.grp, &key.d ); + TEST_ASSERT( ret == 0 ); + } + +exit: + mbedtls_ecp_keypair_free( &key ); +} +/* END_CASE */ + /* BEGIN_CASE depends_on:MBEDTLS_SELF_TEST */ void ecp_selftest( ) { diff --git a/mbedtls/tests/suites/test_suite_mpi.data b/mbedtls/tests/suites/test_suite_mpi.data index 425e93a..81bd8b8 100644 --- a/mbedtls/tests/suites/test_suite_mpi.data +++ b/mbedtls/tests/suites/test_suite_mpi.data @@ -61,6 +61,9 @@ mpi_read_write_string:16:"-1":16:"":3:0:MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL Base test mbedtls_mpi_read_binary #1 mbedtls_mpi_read_binary:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924" +Base test mbedtls_mpi_read_binary_le #1 +mbedtls_mpi_read_binary_le:"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":10:"219946662473865722255717126709915431768051735954189829340600976826409773245337023925691629251672268961177825243440202069039100741562168093042339401187848509859789949044607421190014088260008793380554914226244485299326152319899746569" + Base test mbedtls_mpi_write_binary #1 mbedtls_mpi_write_binary:10:"56125680981752282334141896320372489490613963693556392520816017892111350604111697682705498319512049040516698827829292076808006940873974979584527073481012636016353913462376755556720019831187364993587901952757307830896531678727717924":"0941379d00fed1491fe15df284dfde4a142f68aa8d412023195cee66883e6290ffe703f4ea5963bf212713cee46b107c09182b5edcd955adac418bf4918e2889af48e1099d513830cec85c26ac1e158b52620e33ba8692f893efbb2f958b4424":200:0 diff --git a/mbedtls/tests/suites/test_suite_mpi.function b/mbedtls/tests/suites/test_suite_mpi.function index f982385..dbcaef7 100644 --- a/mbedtls/tests/suites/test_suite_mpi.function +++ b/mbedtls/tests/suites/test_suite_mpi.function @@ -331,6 +331,25 @@ exit: } /* END_CASE */ +/* BEGIN_CASE */ +void mbedtls_mpi_read_binary_le( data_t * buf, int radix_A, char * input_A ) +{ + mbedtls_mpi X; + unsigned char str[1000]; + size_t len; + + mbedtls_mpi_init( &X ); + + + TEST_ASSERT( mbedtls_mpi_read_binary_le( &X, buf->x, buf->len ) == 0 ); + TEST_ASSERT( mbedtls_mpi_write_string( &X, radix_A, (char *) str, sizeof( str ), &len ) == 0 ); + TEST_ASSERT( strcmp( (char *) str, input_A ) == 0 ); + +exit: + mbedtls_mpi_free( &X ); +} +/* END_CASE */ + /* BEGIN_CASE */ void mbedtls_mpi_write_binary( int radix_X, char * input_X, data_t * input_A, int output_size, diff --git a/mos.yml b/mos.yml index 47afcec..b827282 100644 --- a/mos.yml +++ b/mos.yml @@ -1,7 +1,7 @@ author: mongoose-os description: Implements SPI API on Mongoose OS type: lib -version: 2.16.3-cesanta3 +version: 2.16.3-cesanta4 sources: - src