yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #8161 from gilles-peskine-arm/config-boolean-options-wrong-section-202309

Browse source 
Fix module configuration options in mbedtls_config.h
This commit is contained in:
Dave Rodgman 2023-09-11 15:08:56 +00:00 committed by GitHub
commit 7fda906a68
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 116 additions and 93 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog.d/tls13-custom-config.txt Normal file
View file

@ -0,0 +1,3 @@
Bugfix
* Fix undefined symbols in some builds using TLS 1.3 with a custom
configuration file.

184
include/mbedtls/mbedtls_config.h
View file

@ -272,6 +272,48 @@
//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT //#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
//#define MBEDTLS_PLATFORM_MS_TIME_ALT //#define MBEDTLS_PLATFORM_MS_TIME_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_gmtime_r(). This replaces the default implementation in
* platform_util.c.
*
* gmtime() is not a thread-safe function as defined in the C standard. The
* library will try to use safer implementations of this function, such as
* gmtime_r() when available. However, if Mbed TLS cannot identify the target
* system, the implementation of mbedtls_platform_gmtime_r() will default to
* using the standard gmtime(). In this case, calls from the library to
* gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
* if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
* library are also guarded with this mutex to avoid race conditions. However,
* if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
* unconditionally use the implementation for mbedtls_platform_gmtime_r()
* supplied at compile time.
*/
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(), to wipe sensitive data in memory. This replaces
* the default implementation in platform_util.c.
*
* By default, the library uses a system function such as memset_s()
* (optional feature of C11), explicit_bzero() (BSD and compatible), or
* SecureZeroMemory (Windows). If no such function is detected, the library
* falls back to a plain C implementation. Compilers are technically
* permitted to optimize this implementation out, meaning that the memory is
* not actually wiped. The library tries to prevent that, but the C language
* makes it impossible to guarantee that the memory will always be wiped.
*
* If your platform provides a guaranteed method to wipe memory which
* `platform_util.c` does not detect, define this macro to the name of
* a function that takes two arguments, a `void *` pointer and a length,
* and wipes that many bytes starting at the specified address. For example,
* if your platform has explicit_bzero() but `platform_util.c` does not
* detect its presence, define `MBEDTLS_PLATFORM_ZEROIZE_ALT` to be
* `explicit_bzero` to use that function as mbedtls_platform_zeroize().
*/
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
/** /**
* \def MBEDTLS_DEPRECATED_WARNING * \def MBEDTLS_DEPRECATED_WARNING
* *
@ -569,6 +611,20 @@
*/ */
//#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH //#define MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
/*
* Disable plain C implementation for AES.
*
* When the plain C implementation is enabled, and an implementation using a
* special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
* detection will be used to select between them.
*
* If only one implementation is present, runtime detection will not be used.
* This configuration will crash at runtime if running on a CPU without the
* necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
* and/or MBEDTLS_AESNI_C is enabled & present in the build.
*/
//#define MBEDTLS_AES_USE_HARDWARE_ONLY
/** /**
* \def MBEDTLS_CAMELLIA_SMALL_MEMORY * \def MBEDTLS_CAMELLIA_SMALL_MEMORY
* *
@ -692,6 +748,15 @@
*/ */
//#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY //#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
/**
* Enable the verified implementations of ECDH primitives from Project Everest
* (currently only Curve25519). This feature changes the layout of ECDH
* contexts and therefore is a compatibility break for applications that access
* fields of a mbedtls_ecdh_context structure directly. See also
* MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/** /**
* \def MBEDTLS_ECP_DP_SECP192R1_ENABLED * \def MBEDTLS_ECP_DP_SECP192R1_ENABLED
* *
@ -782,6 +847,28 @@
*/ */
//#define MBEDTLS_ECP_RESTARTABLE //#define MBEDTLS_ECP_RESTARTABLE
/**
* Uncomment to enable using new bignum code in the ECC modules.
*
* \warning This is currently experimental, incomplete and therefore should not
* be used in production.
*/
//#define MBEDTLS_ECP_WITH_MPI_UINT
/**
* Uncomment to enable p256-m, which implements ECC key generation, ECDH,
* and ECDSA for SECP256R1 curves. This driver is used as an example to
* document how a third-party driver or software accelerator can be integrated
* to work alongside Mbed TLS.
*
* \warning p256-m has only been included to serve as a sample implementation
* of how a driver/accelerator can be integrated alongside Mbed TLS. It is not
* intended for use in production. p256-m files in Mbed TLS are not updated
* regularly, so they may not contain upstream fixes/improvements.
* DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS!
*/
//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED
/** /**
* \def MBEDTLS_ECDSA_DETERMINISTIC * \def MBEDTLS_ECDSA_DETERMINISTIC
* *
@ -1643,9 +1730,7 @@
* *
* Enable support for TLS 1.3. * Enable support for TLS 1.3.
* *
* \note The support for TLS 1.3 is not comprehensive yet, in particular * \note See docs/architecture/tls13-support.md for a description of the TLS
* pre-shared keys are not supported.
* See docs/architecture/tls13-support.md for a description of the TLS
* 1.3 support that this option enables. * 1.3 support that this option enables.
* *
* Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE * Requires: MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
@ -3842,7 +3927,7 @@
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32 //#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
/* RSA OPTIONS */ /* RSA OPTIONS */
#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */ //#define MBEDTLS_RSA_GEN_KEY_MIN_BITS 1024 /**< Minimum RSA key size that can be generated in bits (Minimum possible value is 128 bits) */
/* SSL Cache options */ /* SSL Cache options */
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ //#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
@ -3973,7 +4058,7 @@
* This is not used in TLS 1.2. * This is not used in TLS 1.2.
* *
*/ */
#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000 //#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
/** /**
* \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH * \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH
@ -3982,7 +4067,7 @@
* *
* This must be less than 256. * This must be less than 256.
*/ */
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32 //#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
/** /**
* \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS * \def MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS
@ -3992,95 +4077,10 @@
* the MBEDTLS_SSL_SESSION_TICKETS option is enabled. * the MBEDTLS_SSL_SESSION_TICKETS option is enabled.
* *
*/ */
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1 //#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
/* X509 options */ /* X509 options */
//#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */ //#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8 /**< Maximum number of intermediate CAs in a verification chain. */
//#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */ //#define MBEDTLS_X509_MAX_FILE_PATH_LEN 512 /**< Maximum length of a path/filename string in bytes including the null terminator character ('\0'). */
/**
* Uncomment the macro to let mbed TLS use your alternate implementation of
* mbedtls_platform_zeroize(). This replaces the default implementation in
* platform_util.c.
*
* mbedtls_platform_zeroize() is a widely used function across the library to
* zero a block of memory. The implementation is expected to be secure in the
* sense that it has been written to prevent the compiler from removing calls
* to mbedtls_platform_zeroize() as part of redundant code elimination
* optimizations. However, it is difficult to guarantee that calls to
* mbedtls_platform_zeroize() will not be optimized by the compiler as older
* versions of the C language standards do not provide a secure implementation
* of memset(). Therefore, MBEDTLS_PLATFORM_ZEROIZE_ALT enables users to
* configure their own implementation of mbedtls_platform_zeroize(), for
* example by using directives specific to their compiler, features from newer
* C standards (e.g using memset_s() in C11) or calling a secure memset() from
* their system (e.g explicit_bzero() in BSD).
*/
//#define MBEDTLS_PLATFORM_ZEROIZE_ALT
/**
* Uncomment the macro to let Mbed TLS use your alternate implementation of
* mbedtls_platform_gmtime_r(). This replaces the default implementation in
* platform_util.c.
*
* gmtime() is not a thread-safe function as defined in the C standard. The
* library will try to use safer implementations of this function, such as
* gmtime_r() when available. However, if Mbed TLS cannot identify the target
* system, the implementation of mbedtls_platform_gmtime_r() will default to
* using the standard gmtime(). In this case, calls from the library to
* gmtime() will be guarded by the global mutex mbedtls_threading_gmtime_mutex
* if MBEDTLS_THREADING_C is enabled. We recommend that calls from outside the
* library are also guarded with this mutex to avoid race conditions. However,
* if the macro MBEDTLS_PLATFORM_GMTIME_R_ALT is defined, Mbed TLS will
* unconditionally use the implementation for mbedtls_platform_gmtime_r()
* supplied at compile time.
*/
//#define MBEDTLS_PLATFORM_GMTIME_R_ALT
/**
* Enable the verified implementations of ECDH primitives from Project Everest
* (currently only Curve25519). This feature changes the layout of ECDH
* contexts and therefore is a compatibility break for applications that access
* fields of a mbedtls_ecdh_context structure directly. See also
* MBEDTLS_ECDH_LEGACY_CONTEXT in include/mbedtls/ecdh.h.
*/
//#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED
/**
* Uncomment to enable p256-m, which implements ECC key generation, ECDH,
* and ECDSA for SECP256R1 curves. This driver is used as an example to
* document how a third-party driver or software accelerator can be integrated
* to work alongside Mbed TLS.
*
* \warning p256-m has only been included to serve as a sample implementation
* of how a driver/accelerator can be integrated alongside Mbed TLS. It is not
* intended for use in production. p256-m files in Mbed TLS are not updated
* regularly, so they may not contain upstream fixes/improvements.
* DO NOT ENABLE/USE THIS MACRO IN PRODUCTION BUILDS!
*/
//#define MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED
/**
* Uncomment to enable using new bignum code in the ECC modules.
*
* \warning This is currently experimental, incomplete and therefore should not
* be used in production.
*/
//#define MBEDTLS_ECP_WITH_MPI_UINT
/*
* Disable plain C implementation for AES.
*
* When the plain C implementation is enabled, and an implementation using a
* special CPU feature (such as MBEDTLS_AESCE_C) is also enabled, runtime
* detection will be used to select between them.
*
* If only one implementation is present, runtime detection will not be used.
* This configuration will crash at runtime if running on a CPU without the
* necessary features. It will not build unless at least one of MBEDTLS_AESCE_C
* and/or MBEDTLS_AESNI_C is enabled & present in the build.
*/
//#define MBEDTLS_AES_USE_HARDWARE_ONLY
/** \} name SECTION: Module configuration options */ /** \} name SECTION: Module configuration options */

12
include/mbedtls/ssl.h
View file

@ -405,6 +405,18 @@
#define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16 #define MBEDTLS_SSL_CID_TLS1_3_PADDING_GRANULARITY 16
#endif #endif
#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE)
#define MBEDTLS_SSL_TLS1_3_TICKET_AGE_TOLERANCE 6000
#endif
#if !defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH)
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
#endif
#if !defined(MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS)
#define MBEDTLS_SSL_TLS1_3_DEFAULT_NEW_SESSION_TICKETS 1
#endif
/** \} name SECTION: Module settings */ /** \} name SECTION: Module settings */
/* /*

2
library/ssl_tls13_generic.c
View file

@ -837,6 +837,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len)); ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
cleanup: cleanup:
#else /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
(void) ssl;
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate")); MBEDTLS_SSL_DEBUG_MSG(2, ("<= parse certificate"));

8
scripts/config.py
View file

@ -190,6 +190,7 @@ def realfull_adapter(_name, active, section):
EXCLUDE_FROM_FULL = frozenset([ EXCLUDE_FROM_FULL = frozenset([
#pylint: disable=line-too-long #pylint: disable=line-too-long
'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_AES_USE_HARDWARE_ONLY', # hardware dependency
'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256 'MBEDTLS_CTR_DRBG_USE_128_BIT_KEY', # interacts with ENTROPY_FORCE_SHA256
'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_REMOVED', # conflicts with deprecated options
'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options 'MBEDTLS_DEPRECATED_WARNING', # conflicts with deprecated options
@ -233,7 +234,12 @@ def is_seamless_alt(name):
Exclude alternative implementations of library functions since they require Exclude alternative implementations of library functions since they require
an implementation of the relevant functions and an xxx_alt.h header. an implementation of the relevant functions and an xxx_alt.h header.
""" """
if name in ('MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', 'MBEDTLS_PLATFORM_MS_TIME_ALT'): if name in (
'MBEDTLS_PLATFORM_GMTIME_R_ALT',
'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT',
'MBEDTLS_PLATFORM_MS_TIME_ALT',
'MBEDTLS_PLATFORM_ZEROIZE_ALT',
):
# Similar to non-platform xxx_ALT, requires platform_alt.h # Similar to non-platform xxx_ALT, requires platform_alt.h
return False return False
return name.startswith('MBEDTLS_PLATFORM_') return name.startswith('MBEDTLS_PLATFORM_')