Merge pull request #8855 from gilles-peskine-arm/benchmark-ecdh-no-legacy

Remove most uses of MBEDTLS_ALLOW_PRIVATE_ACCESS in test programs
This commit is contained in:
Manuel Pégourié-Gonnard 2024-02-23 09:16:46 +00:00 committed by GitHub
commit 81c322329e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
16 changed files with 68 additions and 188 deletions

View file

@ -0,0 +1,3 @@
Features
* The benchmark program now reports times for both ephemeral and static
ECDH in all ECDH configurations.

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdint.h> #include <stdint.h>

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdint.h> #include <stdint.h>
@ -137,7 +135,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
ret = mbedtls_ssl_handshake(&ssl); ret = mbedtls_ssl_handshake(&ssl);
if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { if (ret == MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) {
biomemfuzz.Offset = ssl.next_record_offset; biomemfuzz.Offset = ssl.MBEDTLS_PRIVATE(next_record_offset);
mbedtls_ssl_session_reset(&ssl); mbedtls_ssl_session_reset(&ssl);
mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout); mbedtls_ssl_set_bio(&ssl, &biomemfuzz, dummy_send, fuzz_recv, fuzz_recv_timeout);
if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) { if (mbedtls_ssl_set_client_transport_id(&ssl, client_ip, sizeof(client_ip)) != 0) {

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <stdint.h> #include <stdint.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
@ -73,7 +71,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
mbedtls_ecp_group_id grp_id = ecp->grp.id; mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(ecp);
const mbedtls_ecp_curve_info *curve_info = const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id(grp_id); mbedtls_ecp_curve_info_from_grp_id(grp_id);

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <stdint.h> #include <stdint.h>
#include <stdlib.h> #include <stdlib.h>
#include "mbedtls/pk.h" #include "mbedtls/pk.h"
@ -49,7 +47,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY || if (mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) { mbedtls_pk_get_type(&pk) == MBEDTLS_PK_ECKEY_DH) {
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk); mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(pk);
mbedtls_ecp_group_id grp_id = ecp->grp.id; mbedtls_ecp_group_id grp_id = mbedtls_ecp_keypair_get_group_id(ecp);
const mbedtls_ecp_curve_info *curve_info = const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_grp_id(grp_id); mbedtls_ecp_curve_info_from_grp_id(grp_id);
@ -61,9 +59,15 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)
/* It's a public key, so the private value should not have /* It's a public key, so the private value should not have
* been changed from its initialization to 0. */ * been changed from its initialization to 0. */
if (mbedtls_mpi_cmp_int(&ecp->d, 0) != 0) { mbedtls_mpi d;
mbedtls_mpi_init(&d);
if (mbedtls_ecp_export(ecp, NULL, &d, NULL) != 0) {
abort(); abort();
} }
if (mbedtls_mpi_cmp_int(&d, 0) != 0) {
abort();
}
mbedtls_mpi_free(&d);
} else } else
#endif #endif
{ {

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <stdint.h> #include <stdint.h>
#include "mbedtls/x509_crl.h" #include "mbedtls/x509_crl.h"

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <stdint.h> #include <stdint.h>
#include "mbedtls/x509_crt.h" #include "mbedtls/x509_crt.h"

View file

@ -1,5 +1,3 @@
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <stdint.h> #include <stdint.h>
#include "mbedtls/x509_csr.h" #include "mbedtls/x509_csr.h"

View file

@ -5,8 +5,6 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"
#include "mbedtls/debug.h" #include "mbedtls/debug.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
@ -551,23 +549,23 @@ void print_deserialized_ssl_session(const uint8_t *ssl, uint32_t len,
const mbedtls_md_info_t *md_info; const mbedtls_md_info_t *md_info;
#endif #endif
printf("\tciphersuite : %s\n", ciphersuite_info->name); printf("\tciphersuite : %s\n", mbedtls_ssl_ciphersuite_get_name(ciphersuite_info));
printf("\tcipher flags : 0x%02X\n", ciphersuite_info->flags); printf("\tcipher flags : 0x%02X\n", ciphersuite_info->MBEDTLS_PRIVATE(flags));
#if defined(MBEDTLS_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
const mbedtls_cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->cipher); cipher_info = mbedtls_cipher_info_from_type(ciphersuite_info->MBEDTLS_PRIVATE(cipher));
if (cipher_info == NULL) { if (cipher_info == NULL) {
printf_err("Cannot find cipher info\n"); printf_err("Cannot find cipher info\n");
} else { } else {
printf("\tcipher : %s\n", cipher_info->name); printf("\tcipher : %s\n", mbedtls_cipher_info_get_name(cipher_info));
} }
#else /* MBEDTLS_CIPHER_C */ #else /* MBEDTLS_CIPHER_C */
printf("\tcipher type : %d\n", ciphersuite_info->cipher); printf("\tcipher type : %d\n", ciphersuite_info->MBEDTLS_PRIVATE(cipher));
#endif /* MBEDTLS_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */
#if defined(MBEDTLS_MD_C) #if defined(MBEDTLS_MD_C)
md_info = mbedtls_md_info_from_type(ciphersuite_info->mac); md_info = mbedtls_md_info_from_type(ciphersuite_info->MBEDTLS_PRIVATE(mac));
if (md_info == NULL) { if (md_info == NULL) {
printf_err("Cannot find Message-Digest info\n"); printf_err("Cannot find Message-Digest info\n");
} else { } else {

View file

@ -8,7 +8,6 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "ssl_test_lib.h" #include "ssl_test_lib.h"

View file

@ -5,8 +5,6 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
@ -1188,141 +1186,44 @@ int main(int argc, char *argv[])
} }
#endif #endif
#if defined(MBEDTLS_ECDH_C) && defined(MBEDTLS_ECDH_LEGACY_CONTEXT)
if (todo.ecdh) {
mbedtls_ecdh_context ecdh;
mbedtls_mpi z;
const mbedtls_ecp_curve_info montgomery_curve_list[] = {
#if defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
{ MBEDTLS_ECP_DP_CURVE25519, 0, 0, "Curve25519" },
#endif
#if defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
{ MBEDTLS_ECP_DP_CURVE448, 0, 0, "Curve448" },
#endif
{ MBEDTLS_ECP_DP_NONE, 0, 0, 0 }
};
const mbedtls_ecp_curve_info *curve_info;
size_t olen;
const mbedtls_ecp_curve_info *selected_montgomery_curve_list =
montgomery_curve_list;
if (curve_list == (const mbedtls_ecp_curve_info *) &single_curve) {
mbedtls_ecp_group grp;
mbedtls_ecp_group_init(&grp);
if (mbedtls_ecp_group_load(&grp, curve_list->grp_id) != 0) {
mbedtls_exit(1);
}
if (mbedtls_ecp_get_type(&grp) == MBEDTLS_ECP_TYPE_MONTGOMERY) {
selected_montgomery_curve_list = single_curve;
} else { /* empty list */
selected_montgomery_curve_list = single_curve + 1;
}
mbedtls_ecp_group_free(&grp);
}
for (curve_info = curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
curve_info++) {
if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
continue;
}
mbedtls_ecdh_init(&ecdh);
CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q));
mbedtls_snprintf(title, sizeof(title), "ECDHE-%s",
curve_info->name);
TIME_PUBLIC(title, "handshake",
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL)));
mbedtls_ecdh_free(&ecdh);
}
/* Montgomery curves need to be handled separately */
for (curve_info = selected_montgomery_curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
curve_info++) {
mbedtls_ecdh_init(&ecdh);
mbedtls_mpi_init(&z);
CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp, myrand, NULL));
mbedtls_snprintf(title, sizeof(title), "ECDHE-%s",
curve_info->name);
TIME_PUBLIC(title, "handshake",
CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q,
myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp,
&ecdh.d,
myrand, NULL)));
mbedtls_ecdh_free(&ecdh);
mbedtls_mpi_free(&z);
}
for (curve_info = curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
curve_info++) {
if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
continue;
}
mbedtls_ecdh_init(&ecdh);
CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecp_copy(&ecdh.Qp, &ecdh.Q));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL));
mbedtls_snprintf(title, sizeof(title), "ECDH-%s",
curve_info->name);
TIME_PUBLIC(title, "handshake",
CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh, &olen, buf, sizeof(buf),
myrand, NULL)));
mbedtls_ecdh_free(&ecdh);
}
/* Montgomery curves need to be handled separately */
for (curve_info = selected_montgomery_curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
curve_info++) {
mbedtls_ecdh_init(&ecdh);
mbedtls_mpi_init(&z);
CHECK_AND_CONTINUE(mbedtls_ecp_group_load(&ecdh.grp, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Qp,
myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_gen_public(&ecdh.grp, &ecdh.d, &ecdh.Q, myrand, NULL));
mbedtls_snprintf(title, sizeof(title), "ECDH-%s",
curve_info->name);
TIME_PUBLIC(title, "handshake",
CHECK_AND_CONTINUE(mbedtls_ecdh_compute_shared(&ecdh.grp, &z, &ecdh.Qp,
&ecdh.d,
myrand, NULL)));
mbedtls_ecdh_free(&ecdh);
mbedtls_mpi_free(&z);
}
}
#endif
#if defined(MBEDTLS_ECDH_C) #if defined(MBEDTLS_ECDH_C)
if (todo.ecdh) { if (todo.ecdh) {
mbedtls_ecdh_context ecdh_srv, ecdh_cli; mbedtls_ecdh_context ecdh_srv, ecdh_cli;
unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE]; unsigned char buf_srv[BUFSIZE], buf_cli[BUFSIZE];
const mbedtls_ecp_curve_info *curve_info; const mbedtls_ecp_curve_info *curve_info;
size_t olen; size_t params_len, publen, seclen;
for (curve_info = curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
curve_info++) {
if (!mbedtls_ecdh_can_do(curve_info->grp_id)) {
continue;
}
mbedtls_ecdh_init(&ecdh_srv);
CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &params_len, buf_srv,
sizeof(buf_srv), myrand, NULL));
mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", curve_info->name);
TIME_PUBLIC(title,
"ephemeral handshake",
const unsigned char *p_srv = buf_srv;
mbedtls_ecdh_init(&ecdh_cli);
CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv,
p_srv + params_len));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &publen, buf_cli,
sizeof(buf_cli), myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &seclen, buf_cli,
sizeof(buf_cli), myrand, NULL));
mbedtls_ecdh_free(&ecdh_cli);
);
mbedtls_ecdh_free(&ecdh_srv);
}
for (curve_info = curve_list; for (curve_info = curve_list;
curve_info->grp_id != MBEDTLS_ECP_DP_NONE; curve_info->grp_id != MBEDTLS_ECP_DP_NONE;
@ -1334,31 +1235,26 @@ int main(int argc, char *argv[])
mbedtls_ecdh_init(&ecdh_srv); mbedtls_ecdh_init(&ecdh_srv);
mbedtls_ecdh_init(&ecdh_cli); mbedtls_ecdh_init(&ecdh_cli);
mbedtls_snprintf(title, sizeof(title), "ECDHE-%s", curve_info->name); CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &params_len, buf_srv,
sizeof(buf_srv), myrand, NULL));
const unsigned char *p_srv = buf_srv;
CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv,
p_srv + params_len));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &publen, buf_cli,
sizeof(buf_cli), myrand, NULL));
mbedtls_snprintf(title, sizeof(title), "ECDH-%s", curve_info->name);
TIME_PUBLIC(title, TIME_PUBLIC(title,
"full handshake", "static handshake",
const unsigned char *p_srv = buf_srv; CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &seclen, buf_cli,
CHECK_AND_CONTINUE(mbedtls_ecdh_setup(&ecdh_srv, curve_info->grp_id));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_params(&ecdh_srv, &olen, buf_srv,
sizeof(buf_srv), myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_read_params(&ecdh_cli, &p_srv,
p_srv + olen));
CHECK_AND_CONTINUE(mbedtls_ecdh_make_public(&ecdh_cli, &olen, buf_cli,
sizeof(buf_cli), myrand, NULL)); sizeof(buf_cli), myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_read_public(&ecdh_srv, buf_cli, olen));
CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_srv, &olen, buf_srv,
sizeof(buf_srv), myrand, NULL));
CHECK_AND_CONTINUE(mbedtls_ecdh_calc_secret(&ecdh_cli, &olen, buf_cli,
sizeof(buf_cli), myrand, NULL));
mbedtls_ecdh_free(&ecdh_cli);
mbedtls_ecdh_free(&ecdh_srv);
); );
mbedtls_ecdh_free(&ecdh_cli);
mbedtls_ecdh_free(&ecdh_srv);
} }
} }
#endif #endif

View file

@ -26,7 +26,6 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include <mbedtls/platform.h> #include <mbedtls/platform.h>
#include <mbedtls/platform_util.h> #include <mbedtls/platform_util.h>

View file

@ -5,8 +5,6 @@
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"

View file

@ -11,7 +11,6 @@
* example of good general usage. * example of good general usage.
*/ */
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
#include "mbedtls/build_info.h" #include "mbedtls/build_info.h"