Fllow-up of the review: ChangeLog expansion, mmigration guides added and comments fixed

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-06 00:53:22 +02:00 · 2021-05-06 00:53:22 +02:00 · c1c479fbe9
commit c1c479fbe9
parent 0bc3938551
6 changed files with 80 additions and 22 deletions
--- a/ChangeLog.d/issue4282.txt
+++ b/ChangeLog.d/issue4282.txt
@ -1,2 +1,13 @@
 Removals
-   * Remove deprecated functions and constants. Fix #4282
+   * Remove the following deprecated functions and constants of hex-encoded
+     primes based on RFC 5114 and RFC 3526 from library code and tests:
+     mbedtls_aes_encrypt(), mbedtls_aes_decrypt(), mbedtls_mpi_is_prime(),
+     mbedtls_cipher_auth_encrypt(), mbedtls_cipher_auth_decrypt(),
+     mbedtls_ctr_drbg_update(), mbedtls_hmac_drbg_update(),
+     mbedtls_ecdsa_write_signature_det(), mbedtls_ecdsa_sign_det(),
+     mbedtls_ssl_conf_dh_param(), mbedtls_ssl_get_max_frag_len(),
+     MBEDTLS_DHM_RFC5114_MODP_2048_P, MBEDTLS_DHM_RFC5114_MODP_2048_G,
+     MBEDTLS_DHM_RFC3526_MODP_2048_P, MBEDTLS_DHM_RFC3526_MODP_2048_G,
+     MBEDTLS_DHM_RFC3526_MODP_3072_P, MBEDTLS_DHM_RFC3526_MODP_3072_G,
+     MBEDTLS_DHM_RFC3526_MODP_4096_P, MBEDTLS_DHM_RFC3526_MODP_4096_G.
+     Remove the deprecated file: include/mbedtls/net.h. Fixes #4282.
--- a/configs/config-psa-crypto.h
+++ b/configs/config-psa-crypto.h
@ -397,12 +397,6 @@
 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
 * with this definition.
 *
- * \note Because of a signature change, the core AES encryption and decryption routines are
- *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- *       respectively. When setting up alternative implementations, these functions should
- *       be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and
- *       mbedtls_internal_aes_encrypt must stay untouched.
- *
 * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
 *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
 *       tables.
--- a/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md
+++ b/docs/3.0-migration-guide.d/remove_deprecated_functions_and_constants.md
@ -0,0 +1,64 @@
+Deprecated functions were removed from AES
+------------------------------------------
+
+The functions `mbedtls_aes_encrypt()` and `mbedtls_aes_decrypt()` were removed.
+Please use `mbedtls_internal_aes_encrypt()` and `mbedtls_internal_aes_decrypt()`
+respectively.
+
+Deprecated functions were removed from bignum
+---------------------------------------------
+
+The function `mbedtls_mpi_is_prime()` was removed. Please use
+`mbedtls_mpi_is_prime_ext()` instead which additionally allows specifying the
+number of Miller-Rabin rounds.
+
+Deprecated functions were removed from cipher
+---------------------------------------------
+
+The functions `mbedtls_cipher_auth_encrypt()` and
+`mbedtls_cipher_auth_decrypt()` were removed. They were superseded by
+`mbedtls_cipher_auth_encrypt_ext()` and `mbedtls_cipher_auth_decrypt_ext()`
+respectively which additionally support key wrapping algorithms such as
+NIST_KW.
+    
+Deprecated functions were removed from DRBGs
+--------------------------------------------
+
+The functions `mbedtls_ctr_drbg_update()` and `mbedtls_hmac_drbg_update()`
+were removed. They were superseded by `mbedtls_ctr_drbg_update_ret()` and
+`mbedtls_hmac_drbg_update_ret()` respectively.
+
+Deprecated functions were removed from ECDSA
+--------------------------------------------
+
+The functions `mbedtls_ecdsa_write_signature_det()` and
+`mbedtls_ecdsa_sign_det()` were removed. They were superseded by
+`mbedtls_ecdsa_write_signature()` and `mbedtls_ecdsa_sign_det_ext()`
+respectively.
+
+Deprecated functions were removed from SSL
+------------------------------------------
+
+The functions `mbedtls_ssl_conf_dh_param()` and
+`mbedtls_ssl_get_max_frag_len()` were removed. Please use
+`mbedtls_ssl_conf_dh_param_bin()` or `mbedtls_ssl_conf_dh_param_ctx()` and
+`mbedtls_ssl_get_output_max_frag_len()` instead.
+
+
+Deprecated hex-encoded primes were removed from DHM
+---------------------------------------------------
+
+The macros `MBEDTLS_DHM_RFC5114_MODP_2048_P`, `MBEDTLS_DHM_RFC5114_MODP_2048_G`,
+`MBEDTLS_DHM_RFC3526_MODP_2048_P`, `MBEDTLS_DHM_RFC3526_MODP_2048_G`,
+`MBEDTLS_DHM_RFC3526_MODP_3072_P`, `MBEDTLS_DHM_RFC3526_MODP_3072_G`,
+`MBEDTLS_DHM_RFC3526_MODP_4096_P `and `MBEDTLS_DHM_RFC3526_MODP_4096_G` were
+removed. The hex-encoded primes from RFC 5114 are deprecated because their 
+derivation is not documented and therefore their usage constitutes a security 
+risk. They are removed from the library without replacement.
+
+Deprecated net.h file was removed
+---------------------------------
+
+The file `include/mbedtls/net.h` was removed because its only function was to
+include `mbedtls/net_sockets.h` which now should be included directly.
+
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@ -421,12 +421,6 @@
 * of mbedtls_sha1_context, so your implementation of mbedtls_sha1_process must be compatible
 * with this definition.
 *
- * \note Because of a signature change, the core AES encryption and decryption routines are
- *       currently named mbedtls_aes_internal_encrypt and mbedtls_aes_internal_decrypt,
- *       respectively. When setting up alternative implementations, these functions should
- *       be overridden, but the wrapper functions mbedtls_internal_aes_decrypt and
- *       mbedtls_internal_aes_encrypt must stay untouched.
- *
 * \note If you use the AES_xxx_ALT macros, then is is recommended to also set
 *       MBEDTLS_AES_ROM_TABLES in order to help the linker garbage-collect the AES
 *       tables.
@ -445,9 +439,7 @@
 *            alternative implementations should use the RNG only for generating
 *            the ephemeral key and nothing else. If this is not possible, then
 *            MBEDTLS_ECDSA_DETERMINISTIC should be disabled and an alternative
- *            implementation should be provided for mbedtls_ecdsa_sign_det_ext()
- *            (and for mbedtls_ecdsa_sign_det_ext() too if backward compatibility
- *            is desirable).
+ *            implementation should be provided for mbedtls_ecdsa_sign_det_ext().
 *
 */
 //#define MBEDTLS_MD2_PROCESS_ALT
--- a/library/ecdsa.c
+++ b/library/ecdsa.c
@ -685,7 +685,9 @@ int mbedtls_ecdsa_write_signature_restartable( mbedtls_ecdsa_context *ctx,
    ECDSA_VALIDATE_RET( hash  != NULL );
    ECDSA_VALIDATE_RET( sig   != NULL );
    ECDSA_VALIDATE_RET( slen  != NULL );
-    ECDSA_VALIDATE_RET( f_rng != NULL );
+
+    if( f_rng == NULL )
+        return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );

    mbedtls_mpi_init( &r );
    mbedtls_mpi_init( &s );
--- a/tests/suites/test_suite_cipher.function
+++ b/tests/suites/test_suite_cipher.function
@ -1008,11 +1008,6 @@ void auth_crypt_tv( int cipher_id, data_t * key, data_t * iv,
     * of AEAD decryption and AEAD encryption. Check that
     * this results in the expected plaintext, and that
     * decryption and encryption are inverse to one another.
-     *
-     * Do that twice:
-     * - once with legacy functions auth_decrypt/auth_encrypt
-     * - once with new functions auth_decrypt_ext/auth_encrypt_ext
-     * This allows testing both without duplicating test cases.
     */

    int ret;