From 37065ee97254fd27a5cbff37b941322f11389b4e Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Dec 2024 16:14:02 +0100 Subject: [PATCH 1/3] Remove sample programs for the legacy cipher API These programs illustrate the legacy cipher API, which is being removed. They are not particularly interesting and there is no straightforward translation to PSA. Signed-off-by: Gilles Peskine --- programs/.gitignore | 2 - programs/CMakeLists.txt | 2 - programs/Makefile | 10 - programs/README.md | 4 - programs/aes/CMakeLists.txt | 15 - programs/aes/crypt_and_hash.c | 577 ----------------------------- programs/cipher/CMakeLists.txt | 15 - programs/cipher/cipher_aead_demo.c | 259 ------------- 8 files changed, 884 deletions(-) delete mode 100644 programs/aes/CMakeLists.txt delete mode 100644 programs/aes/crypt_and_hash.c delete mode 100644 programs/cipher/CMakeLists.txt delete mode 100644 programs/cipher/cipher_aead_demo.c diff --git a/programs/.gitignore b/programs/.gitignore index c3e61c16bd81..7d73e7ed5bef 100644 --- a/programs/.gitignore +++ b/programs/.gitignore @@ -5,8 +5,6 @@ *.sln *.vcxproj -aes/crypt_and_hash -cipher/cipher_aead_demo hash/generic_sum hash/hello hash/md_hmac_demo diff --git a/programs/CMakeLists.txt b/programs/CMakeLists.txt index 2c23c48c665e..bfaf59c62392 100644 --- a/programs/CMakeLists.txt +++ b/programs/CMakeLists.txt @@ -1,8 +1,6 @@ set(programs_target "${MBEDTLS_TARGET_PREFIX}programs") add_custom_target(${programs_target}) -add_subdirectory(aes) -add_subdirectory(cipher) if (NOT WIN32) add_subdirectory(fuzz) endif() diff --git a/programs/Makefile b/programs/Makefile index c177c28a2542..e48b3aa98037 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -33,8 +33,6 @@ endif ## Note: Variables cannot be used to define an apps path. This cannot be ## substituted by the script generate_visualc_files.pl. APPS = \ - aes/crypt_and_hash \ - cipher/cipher_aead_demo \ hash/generic_sum \ hash/hello \ hash/md_hmac_demo \ @@ -155,14 +153,6 @@ test/query_config.c: echo " Gen $@" $(PERL) ../scripts/generate_query_config.pl -aes/crypt_and_hash$(EXEXT): aes/crypt_and_hash.c $(DEP) - echo " CC aes/crypt_and_hash.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) aes/crypt_and_hash.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - -cipher/cipher_aead_demo$(EXEXT): cipher/cipher_aead_demo.c $(DEP) - echo " CC cipher/cipher_aead_demo.c" - $(CC) $(LOCAL_CFLAGS) $(CFLAGS) cipher/cipher_aead_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ - hash/generic_sum$(EXEXT): hash/generic_sum.c $(DEP) echo " CC hash/generic_sum.c" $(CC) $(LOCAL_CFLAGS) $(CFLAGS) hash/generic_sum.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@ diff --git a/programs/README.md b/programs/README.md index f53bde5611f2..f2096f1c69cf 100644 --- a/programs/README.md +++ b/programs/README.md @@ -3,10 +3,6 @@ Mbed TLS sample programs This subdirectory mostly contains sample programs that illustrate specific features of the library, as well as a few test and support programs. -## Symmetric cryptography (AES) examples - -* [`aes/crypt_and_hash.c`](aes/crypt_and_hash.c): file encryption and authentication, demonstrating the generic cipher interface and the generic hash interface. - ## Hash (digest) examples * [`hash/generic_sum.c`](hash/generic_sum.c): file hash calculator and verifier, demonstrating the message digest (`md`) interface. diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt deleted file mode 100644 index c5128b1b4d2d..000000000000 --- a/programs/aes/CMakeLists.txt +++ /dev/null @@ -1,15 +0,0 @@ -set(executables - crypt_and_hash -) -add_dependencies(${programs_target} ${executables}) - -foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $) - set_base_compile_options(${exe}) - target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT}) - target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include) -endforeach() - -install(TARGETS ${executables} - DESTINATION "bin" - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/aes/crypt_and_hash.c b/programs/aes/crypt_and_hash.c deleted file mode 100644 index b2cd70471056..000000000000 --- a/programs/aes/crypt_and_hash.c +++ /dev/null @@ -1,577 +0,0 @@ -/* - * \brief Generic file encryption program using generic wrappers for configured - * security. - * - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -/* Enable definition of fileno() even when compiling with -std=c99. Must be - * set before mbedtls_config.h, which pulls in glibc's features.h indirectly. - * Harmless on other platforms. */ -#define _POSIX_C_SOURCE 200112L - -#include "mbedtls/build_info.h" - -#include "mbedtls/platform.h" - -#if defined(MBEDTLS_CIPHER_C) && defined(MBEDTLS_MD_C) && \ - defined(MBEDTLS_FS_IO) -#include "mbedtls/cipher.h" -#include "mbedtls/md.h" -#include "mbedtls/platform_util.h" - -#include -#include -#include -#endif - -#if defined(_WIN32) -#include -#if !defined(_WIN32_WCE) -#include -#endif -#else -#include -#include -#endif - -#define MODE_ENCRYPT 0 -#define MODE_DECRYPT 1 - -#define USAGE \ - "\n crypt_and_hash \n" \ - "\n : 0 = encrypt, 1 = decrypt\n" \ - "\n example: crypt_and_hash 0 file file.aes AES-128-CBC SHA1 hex:E76B2413958B00E193\n" \ - "\n" - -#if !defined(MBEDTLS_CIPHER_C) || !defined(MBEDTLS_MD_C) || \ - !defined(MBEDTLS_FS_IO) -int main(void) -{ - mbedtls_printf("MBEDTLS_CIPHER_C and/or MBEDTLS_MD_C and/or MBEDTLS_FS_IO not defined.\n"); - mbedtls_exit(0); -} -#else - - -int main(int argc, char *argv[]) -{ - int ret = 1, i; - unsigned n; - int exit_code = MBEDTLS_EXIT_FAILURE; - int mode; - size_t keylen, ilen, olen; - FILE *fkey, *fin = NULL, *fout = NULL; - - char *p; - unsigned char IV[16]; - unsigned char key[512]; - unsigned char digest[MBEDTLS_MD_MAX_SIZE]; - unsigned char buffer[1024]; - unsigned char output[1024]; - unsigned char diff; - - const mbedtls_cipher_info_t *cipher_info; - const mbedtls_md_info_t *md_info; - mbedtls_cipher_context_t cipher_ctx; - mbedtls_md_context_t md_ctx; - mbedtls_cipher_mode_t cipher_mode; - unsigned int cipher_block_size; - unsigned char md_size; -#if defined(_WIN32_WCE) - long filesize, offset; -#elif defined(_WIN32) - LARGE_INTEGER li_size; - __int64 filesize, offset; -#else - off_t filesize, offset; -#endif - - mbedtls_cipher_init(&cipher_ctx); - mbedtls_md_init(&md_ctx); - - /* - * Parse the command-line arguments. - */ - if (argc != 7) { - const int *list; - - mbedtls_printf(USAGE); - - mbedtls_printf("Available ciphers:\n"); - list = mbedtls_cipher_list(); - while (*list) { - cipher_info = mbedtls_cipher_info_from_type(*list); - const char *name = mbedtls_cipher_info_get_name(cipher_info); - - if (name) { - mbedtls_printf(" %s\n", mbedtls_cipher_info_get_name(cipher_info)); - } - list++; - } - - mbedtls_printf("\nAvailable message digests:\n"); - list = mbedtls_md_list(); - while (*list) { - md_info = mbedtls_md_info_from_type(*list); - mbedtls_printf(" %s\n", mbedtls_md_get_name(md_info)); - list++; - } - - goto exit; - } - - mode = atoi(argv[1]); - - if (mode != MODE_ENCRYPT && mode != MODE_DECRYPT) { - mbedtls_fprintf(stderr, "invalid operation mode\n"); - goto exit; - } - - if (strcmp(argv[2], argv[3]) == 0) { - mbedtls_fprintf(stderr, "input and output filenames must differ\n"); - goto exit; - } - - if ((fin = fopen(argv[2], "rb")) == NULL) { - mbedtls_fprintf(stderr, "fopen(%s,rb) failed\n", argv[2]); - goto exit; - } - - if ((fout = fopen(argv[3], "wb+")) == NULL) { - mbedtls_fprintf(stderr, "fopen(%s,wb+) failed\n", argv[3]); - goto exit; - } - - /* Ensure no stdio buffering of secrets, as such buffers cannot be wiped. */ - mbedtls_setbuf(fin, NULL); - mbedtls_setbuf(fout, NULL); - - /* - * Read the Cipher and MD from the command line - */ - cipher_info = mbedtls_cipher_info_from_string(argv[4]); - if (cipher_info == NULL) { - mbedtls_fprintf(stderr, "Cipher '%s' not found\n", argv[4]); - goto exit; - } - if ((ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_setup failed\n"); - goto exit; - } - - md_info = mbedtls_md_info_from_string(argv[5]); - if (md_info == NULL) { - mbedtls_fprintf(stderr, "Message Digest '%s' not found\n", argv[5]); - goto exit; - } - - if (mbedtls_md_setup(&md_ctx, md_info, 1) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_setup failed\n"); - goto exit; - } - - /* - * Read the secret key from file or command line - */ - if ((fkey = fopen(argv[6], "rb")) != NULL) { - keylen = fread(key, 1, sizeof(key), fkey); - fclose(fkey); - } else { - if (memcmp(argv[6], "hex:", 4) == 0) { - p = &argv[6][4]; - keylen = 0; - - while (sscanf(p, "%02X", (unsigned int *) &n) > 0 && - keylen < (int) sizeof(key)) { - key[keylen++] = (unsigned char) n; - p += 2; - } - } else { - keylen = strlen(argv[6]); - - if (keylen > (int) sizeof(key)) { - keylen = (int) sizeof(key); - } - - memcpy(key, argv[6], keylen); - } - } - -#if defined(_WIN32_WCE) - filesize = fseek(fin, 0L, SEEK_END); -#else -#if defined(_WIN32) - /* - * Support large files (> 2Gb) on Win32 - */ - li_size.QuadPart = 0; - li_size.LowPart = - SetFilePointer((HANDLE) _get_osfhandle(_fileno(fin)), - li_size.LowPart, &li_size.HighPart, FILE_END); - - if (li_size.LowPart == 0xFFFFFFFF && GetLastError() != NO_ERROR) { - mbedtls_fprintf(stderr, "SetFilePointer(0,FILE_END) failed\n"); - goto exit; - } - - filesize = li_size.QuadPart; -#else - if ((filesize = lseek(fileno(fin), 0, SEEK_END)) < 0) { - perror("lseek"); - goto exit; - } -#endif -#endif - - if (fseek(fin, 0, SEEK_SET) < 0) { - mbedtls_fprintf(stderr, "fseek(0,SEEK_SET) failed\n"); - goto exit; - } - - md_size = mbedtls_md_get_size(md_info); - cipher_block_size = mbedtls_cipher_get_block_size(&cipher_ctx); - - if (mode == MODE_ENCRYPT) { - /* - * Generate the initialization vector as: - * IV = MD( filesize || filename )[0..15] - */ - for (i = 0; i < 8; i++) { - buffer[i] = (unsigned char) (filesize >> (i << 3)); - } - - p = argv[2]; - - if (mbedtls_md_starts(&md_ctx) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, buffer, 8) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, (unsigned char *) p, strlen(p)) - != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_finish(&md_ctx, digest) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); - goto exit; - } - - memcpy(IV, digest, 16); - - /* - * Append the IV at the beginning of the output. - */ - if (fwrite(IV, 1, 16, fout) != 16) { - mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", 16); - goto exit; - } - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset(digest, 0, 32); - memcpy(digest, IV, 16); - - for (i = 0; i < 8192; i++) { - if (mbedtls_md_starts(&md_ctx) != 0) { - mbedtls_fprintf(stderr, - "mbedtls_md_starts() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { - mbedtls_fprintf(stderr, - "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { - mbedtls_fprintf(stderr, - "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_finish(&md_ctx, digest) != 0) { - mbedtls_fprintf(stderr, - "mbedtls_md_finish() returned error\n"); - goto exit; - } - - } - - if (mbedtls_cipher_setkey(&cipher_ctx, - digest, - (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), - MBEDTLS_ENCRYPT) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); - goto exit; - } - if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); - goto exit; - } - if (mbedtls_cipher_reset(&cipher_ctx) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); - goto exit; - } - - if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); - goto exit; - } - - /* - * Encrypt and write the ciphertext. - */ - for (offset = 0; offset < filesize; offset += cipher_block_size) { - ilen = ((unsigned int) filesize - offset > cipher_block_size) ? - cipher_block_size : (unsigned int) (filesize - offset); - - if (fread(buffer, 1, ilen, fin) != ilen) { - mbedtls_fprintf(stderr, "fread(%ld bytes) failed\n", (long) ilen); - goto exit; - } - - if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, &olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); - goto exit; - } - - if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); - goto exit; - } - - if (fwrite(output, 1, olen, fout) != olen) { - mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); - goto exit; - } - } - - if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); - goto exit; - } - if (mbedtls_md_hmac_update(&md_ctx, output, olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); - goto exit; - } - - if (fwrite(output, 1, olen, fout) != olen) { - mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); - goto exit; - } - - /* - * Finally write the HMAC. - */ - if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); - goto exit; - } - - if (fwrite(digest, 1, md_size, fout) != md_size) { - mbedtls_fprintf(stderr, "fwrite(%d bytes) failed\n", md_size); - goto exit; - } - } - - if (mode == MODE_DECRYPT) { - /* - * The encrypted file must be structured as follows: - * - * 00 .. 15 Initialization Vector - * 16 .. 31 Encrypted Block #1 - * .. - * N*16 .. (N+1)*16 - 1 Encrypted Block #N - * (N+1)*16 .. (N+1)*16 + n Hash(ciphertext) - */ - if (filesize < 16 + md_size) { - mbedtls_fprintf(stderr, "File too short to be encrypted.\n"); - goto exit; - } - - if (cipher_block_size == 0) { - mbedtls_fprintf(stderr, "Invalid cipher block size: 0. \n"); - goto exit; - } - - /* - * Check the file size. - */ - cipher_mode = mbedtls_cipher_info_get_mode(cipher_info); - if (cipher_mode != MBEDTLS_MODE_GCM && - cipher_mode != MBEDTLS_MODE_CTR && - cipher_mode != MBEDTLS_MODE_CFB && - cipher_mode != MBEDTLS_MODE_OFB && - ((filesize - md_size) % cipher_block_size) != 0) { - mbedtls_fprintf(stderr, "File content not a multiple of the block size (%u).\n", - cipher_block_size); - goto exit; - } - - /* - * Subtract the IV + HMAC length. - */ - filesize -= (16 + md_size); - - /* - * Read the IV and original filesize modulo 16. - */ - if (fread(buffer, 1, 16, fin) != 16) { - mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", 16); - goto exit; - } - - memcpy(IV, buffer, 16); - - /* - * Hash the IV and the secret key together 8192 times - * using the result to setup the AES context and HMAC. - */ - memset(digest, 0, 32); - memcpy(digest, IV, 16); - - for (i = 0; i < 8192; i++) { - if (mbedtls_md_starts(&md_ctx) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_starts() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, digest, 32) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_update(&md_ctx, key, keylen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_update() returned error\n"); - goto exit; - } - if (mbedtls_md_finish(&md_ctx, digest) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_finish() returned error\n"); - goto exit; - } - } - - if (mbedtls_cipher_setkey(&cipher_ctx, - digest, - (int) mbedtls_cipher_info_get_key_bitlen(cipher_info), - MBEDTLS_DECRYPT) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_setkey() returned error\n"); - goto exit; - } - - if (mbedtls_cipher_set_iv(&cipher_ctx, IV, 16) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_set_iv() returned error\n"); - goto exit; - } - - if (mbedtls_cipher_reset(&cipher_ctx) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_reset() returned error\n"); - goto exit; - } - - if (mbedtls_md_hmac_starts(&md_ctx, digest, 32) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_starts() returned error\n"); - goto exit; - } - - /* - * Decrypt and write the plaintext. - */ - for (offset = 0; offset < filesize; offset += cipher_block_size) { - ilen = ((unsigned int) filesize - offset > cipher_block_size) ? - cipher_block_size : (unsigned int) (filesize - offset); - - if (fread(buffer, 1, ilen, fin) != ilen) { - mbedtls_fprintf(stderr, "fread(%u bytes) failed\n", - cipher_block_size); - goto exit; - } - - if (mbedtls_md_hmac_update(&md_ctx, buffer, ilen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_update() returned error\n"); - goto exit; - } - if (mbedtls_cipher_update(&cipher_ctx, buffer, ilen, output, - &olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_update() returned error\n"); - goto exit; - } - - if (fwrite(output, 1, olen, fout) != olen) { - mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); - goto exit; - } - } - - /* - * Verify the message authentication code. - */ - if (mbedtls_md_hmac_finish(&md_ctx, digest) != 0) { - mbedtls_fprintf(stderr, "mbedtls_md_hmac_finish() returned error\n"); - goto exit; - } - - if (fread(buffer, 1, md_size, fin) != md_size) { - mbedtls_fprintf(stderr, "fread(%d bytes) failed\n", md_size); - goto exit; - } - - /* Use constant-time buffer comparison */ - diff = 0; - for (i = 0; i < md_size; i++) { - diff |= digest[i] ^ buffer[i]; - } - - if (diff != 0) { - mbedtls_fprintf(stderr, "HMAC check failed: wrong key, " - "or file corrupted.\n"); - goto exit; - } - - /* - * Write the final block of data - */ - if (mbedtls_cipher_finish(&cipher_ctx, output, &olen) != 0) { - mbedtls_fprintf(stderr, "mbedtls_cipher_finish() returned error\n"); - goto exit; - } - - if (fwrite(output, 1, olen, fout) != olen) { - mbedtls_fprintf(stderr, "fwrite(%ld bytes) failed\n", (long) olen); - goto exit; - } - } - - exit_code = MBEDTLS_EXIT_SUCCESS; - -exit: - if (fin) { - fclose(fin); - } - if (fout) { - fclose(fout); - } - - /* Zeroize all command line arguments to also cover - the case when the user has missed or reordered some, - in which case the key might not be in argv[6]. */ - for (i = 0; i < argc; i++) { - mbedtls_platform_zeroize(argv[i], strlen(argv[i])); - } - - mbedtls_platform_zeroize(IV, sizeof(IV)); - mbedtls_platform_zeroize(key, sizeof(key)); - mbedtls_platform_zeroize(buffer, sizeof(buffer)); - mbedtls_platform_zeroize(output, sizeof(output)); - mbedtls_platform_zeroize(digest, sizeof(digest)); - - mbedtls_cipher_free(&cipher_ctx); - mbedtls_md_free(&md_ctx); - - mbedtls_exit(exit_code); -} -#endif /* MBEDTLS_CIPHER_C && MBEDTLS_MD_C && MBEDTLS_FS_IO */ diff --git a/programs/cipher/CMakeLists.txt b/programs/cipher/CMakeLists.txt deleted file mode 100644 index d6483011a065..000000000000 --- a/programs/cipher/CMakeLists.txt +++ /dev/null @@ -1,15 +0,0 @@ -set(executables - cipher_aead_demo -) -add_dependencies(${programs_target} ${executables}) - -foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $) - set_base_compile_options(${exe}) - target_link_libraries(${exe} ${tfpsacrypto_target} ${CMAKE_THREAD_LIBS_INIT}) - target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../framework/tests/include) -endforeach() - -install(TARGETS ${executables} - DESTINATION "bin" - PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) diff --git a/programs/cipher/cipher_aead_demo.c b/programs/cipher/cipher_aead_demo.c deleted file mode 100644 index 83fcce5878fe..000000000000 --- a/programs/cipher/cipher_aead_demo.c +++ /dev/null @@ -1,259 +0,0 @@ -/** - * Cipher API multi-part AEAD demonstration. - * - * This program AEAD-encrypts a message, using the algorithm and key size - * specified on the command line, using the multi-part API. - * - * It comes with a companion program psa/aead_demo.c, which does the same - * operations with the PSA Crypto API. The goal is that comparing the two - * programs will help people migrating to the PSA Crypto API. - * - * When used with multi-part AEAD operations, the `mbedtls_cipher_context` - * serves a triple purpose (1) hold the key, (2) store the algorithm when no - * operation is active, and (3) save progress information for the current - * operation. With PSA those roles are held by disinct objects: (1) a - * psa_key_id_t to hold the key, a (2) psa_algorithm_t to represent the - * algorithm, and (3) a psa_operation_t for multi-part progress. - * - * On the other hand, with PSA, the algorithms encodes the desired tag length; - * with Cipher the desired tag length needs to be tracked separately. - * - * This program and its companion psa/aead_demo.c illustrate this by doing the - * same sequence of multi-part AEAD computation with both APIs; looking at the - * two side by side should make the differences and similarities clear. - */ - -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -/* First include Mbed TLS headers to get the Mbed TLS configuration and - * platform definitions that we'll use in this program. Also include - * standard C headers for functions we'll use here. */ -#include "mbedtls/build_info.h" - -#include "mbedtls/cipher.h" - -#include -#include -#include - -/* If the build options we need are not enabled, compile a placeholder. */ -#if !defined(MBEDTLS_CIPHER_C) || \ - !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_GCM_C) || \ - !defined(MBEDTLS_CHACHAPOLY_C) -int main(void) -{ - printf("MBEDTLS_MD_C and/or " - "MBEDTLS_AES_C and/or MBEDTLS_GCM_C and/or " - "MBEDTLS_CHACHAPOLY_C not defined\r\n"); - return 0; -} -#else - -/* The real program starts here. */ - -const char usage[] = - "Usage: cipher_aead_demo [aes128-gcm|aes256-gcm|aes128-gcm_8|chachapoly]"; - -/* Dummy data for encryption: IV/nonce, additional data, 2-part message */ -const unsigned char iv1[12] = { 0x00 }; -const unsigned char add_data1[] = { 0x01, 0x02 }; -const unsigned char msg1_part1[] = { 0x03, 0x04 }; -const unsigned char msg1_part2[] = { 0x05, 0x06, 0x07 }; - -/* Dummy data (2nd message) */ -const unsigned char iv2[12] = { 0x10 }; -const unsigned char add_data2[] = { 0x11, 0x12 }; -const unsigned char msg2_part1[] = { 0x13, 0x14 }; -const unsigned char msg2_part2[] = { 0x15, 0x16, 0x17 }; - -/* Maximum total size of the messages */ -#define MSG1_SIZE (sizeof(msg1_part1) + sizeof(msg1_part2)) -#define MSG2_SIZE (sizeof(msg2_part1) + sizeof(msg2_part2)) -#define MSG_MAX_SIZE (MSG1_SIZE > MSG2_SIZE ? MSG1_SIZE : MSG2_SIZE) - -/* Dummy key material - never do this in production! - * 32-byte is enough to all the key size supported by this program. */ -const unsigned char key_bytes[32] = { 0x2a }; - -/* Print the contents of a buffer in hex */ -static void print_buf(const char *title, unsigned char *buf, size_t len) -{ - printf("%s:", title); - for (size_t i = 0; i < len; i++) { - printf(" %02x", buf[i]); - } - printf("\n"); -} - -/* Run an Mbed TLS function and bail out if it fails. - * A string description of the error code can be recovered with: - * programs/util/strerror */ -#define CHK(expr) \ - do \ - { \ - ret = (expr); \ - if (ret != 0) \ - { \ - printf("Error %d at line %d: %s\n", \ - ret, \ - __LINE__, \ - #expr); \ - goto exit; \ - } \ - } while (0) - -/* - * Prepare encryption material: - * - interpret command-line argument - * - set up key - * - outputs: context and tag length, which together hold all the information - */ -static int aead_prepare(const char *info, - mbedtls_cipher_context_t *ctx, - size_t *tag_len) -{ - int ret; - - /* Convert arg to type + tag_len */ - mbedtls_cipher_type_t type; - if (strcmp(info, "aes128-gcm") == 0) { - type = MBEDTLS_CIPHER_AES_128_GCM; - *tag_len = 16; - } else if (strcmp(info, "aes256-gcm") == 0) { - type = MBEDTLS_CIPHER_AES_256_GCM; - *tag_len = 16; - } else if (strcmp(info, "aes128-gcm_8") == 0) { - type = MBEDTLS_CIPHER_AES_128_GCM; - *tag_len = 8; - } else if (strcmp(info, "chachapoly") == 0) { - type = MBEDTLS_CIPHER_CHACHA20_POLY1305; - *tag_len = 16; - } else { - puts(usage); - return MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA; - } - - /* Prepare context for the given type */ - CHK(mbedtls_cipher_setup(ctx, - mbedtls_cipher_info_from_type(type))); - - /* Import key */ - int key_len = mbedtls_cipher_get_key_bitlen(ctx); - CHK(mbedtls_cipher_setkey(ctx, key_bytes, key_len, MBEDTLS_ENCRYPT)); - -exit: - return ret; -} - -/* - * Print out some information. - * - * All of this information was present in the command line argument, but his - * function demonstrates how each piece can be recovered from (ctx, tag_len). - */ -static void aead_info(const mbedtls_cipher_context_t *ctx, size_t tag_len) -{ - mbedtls_cipher_type_t type = mbedtls_cipher_get_type(ctx); - const mbedtls_cipher_info_t *info = mbedtls_cipher_info_from_type(type); - const char *ciph = mbedtls_cipher_info_get_name(info); - int key_bits = mbedtls_cipher_get_key_bitlen(ctx); - mbedtls_cipher_mode_t mode = mbedtls_cipher_get_cipher_mode(ctx); - - const char *mode_str = mode == MBEDTLS_MODE_GCM ? "GCM" - : mode == MBEDTLS_MODE_CHACHAPOLY ? "ChachaPoly" - : "???"; - - printf("%s, %d, %s, %u\n", - ciph, key_bits, mode_str, (unsigned) tag_len); -} - -/* - * Encrypt a 2-part message. - */ -static int aead_encrypt(mbedtls_cipher_context_t *ctx, size_t tag_len, - const unsigned char *iv, size_t iv_len, - const unsigned char *ad, size_t ad_len, - const unsigned char *part1, size_t part1_len, - const unsigned char *part2, size_t part2_len) -{ - int ret; - size_t olen; -#define MAX_TAG_LENGTH 16 - unsigned char out[MSG_MAX_SIZE + MAX_TAG_LENGTH]; - unsigned char *p = out; - - CHK(mbedtls_cipher_set_iv(ctx, iv, iv_len)); - CHK(mbedtls_cipher_reset(ctx)); - CHK(mbedtls_cipher_update_ad(ctx, ad, ad_len)); - CHK(mbedtls_cipher_update(ctx, part1, part1_len, p, &olen)); - p += olen; - CHK(mbedtls_cipher_update(ctx, part2, part2_len, p, &olen)); - p += olen; - CHK(mbedtls_cipher_finish(ctx, p, &olen)); - p += olen; - CHK(mbedtls_cipher_write_tag(ctx, p, tag_len)); - p += tag_len; - - olen = p - out; - print_buf("out", out, olen); - -exit: - return ret; -} - -/* - * AEAD demo: set up key/alg, print out info, encrypt messages. - */ -static int aead_demo(const char *info) -{ - int ret = 0; - - mbedtls_cipher_context_t ctx; - size_t tag_len; - - mbedtls_cipher_init(&ctx); - - CHK(aead_prepare(info, &ctx, &tag_len)); - - aead_info(&ctx, tag_len); - - CHK(aead_encrypt(&ctx, tag_len, - iv1, sizeof(iv1), add_data1, sizeof(add_data1), - msg1_part1, sizeof(msg1_part1), - msg1_part2, sizeof(msg1_part2))); - CHK(aead_encrypt(&ctx, tag_len, - iv2, sizeof(iv2), add_data2, sizeof(add_data2), - msg2_part1, sizeof(msg2_part1), - msg2_part2, sizeof(msg2_part2))); - -exit: - mbedtls_cipher_free(&ctx); - - return ret; -} - - -/* - * Main function - */ -int main(int argc, char **argv) -{ - /* Check usage */ - if (argc != 2) { - puts(usage); - return 1; - } - - int ret; - - /* Run the demo */ - CHK(aead_demo(argv[1])); - -exit: - return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE; -} - -#endif From 44b30ccff73c6a7a67a98857311f5ac327fa0e9c Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Dec 2024 16:28:24 +0100 Subject: [PATCH 2/3] Allow ssl_context_info and benchmark to use private functions Signed-off-by: Gilles Peskine --- programs/ssl/ssl_context_info.c | 6 ++++++ programs/test/benchmark.c | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c index cbe9c6dccc0a..25e6bfb973f1 100644 --- a/programs/ssl/ssl_context_info.c +++ b/programs/ssl/ssl_context_info.c @@ -5,6 +5,12 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +/* Private access is needed to print cipher suite properties in + * print_deserialized_ssl_session(). It will no longer be needed once + * mbedtls_ssl_ciphersuite_t migrates from legacy metadata to + * PSA metadata. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "mbedtls/build_info.h" #include "mbedtls/debug.h" #include "mbedtls/platform.h" diff --git a/programs/test/benchmark.c b/programs/test/benchmark.c index c878e3426d75..5c1984b29424 100644 --- a/programs/test/benchmark.c +++ b/programs/test/benchmark.c @@ -5,6 +5,10 @@ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later */ +/* This program uses the legacy crypto API. It should be migrated to the + * PSA API. Until then, enable legacy crypto API functions. */ +#define MBEDTLS_ALLOW_PRIVATE_ACCESS + #include "mbedtls/build_info.h" #include "mbedtls/platform.h" From e14b84b3730a35e2068539a547934a1493ed46a0 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 23 Dec 2024 16:28:46 +0100 Subject: [PATCH 3/3] Update submodule * New macro `MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS` in `mbedtls/private_access.h`. * Make `mbedtls/cipher.h` functions private. Signed-off-by: Gilles Peskine --- tf-psa-crypto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf-psa-crypto b/tf-psa-crypto index 9e4ac374e2be..e3abfab8edc3 160000 --- a/tf-psa-crypto +++ b/tf-psa-crypto @@ -1 +1 @@ -Subproject commit 9e4ac374e2be67892e70b9c653c6872ba8a2031b +Subproject commit e3abfab8edc364b4ecc70145b0af0dab4772bc13