diff --git a/ChangeLog.d/8357.txt b/ChangeLog.d/8357.txt new file mode 100644 index 0000000000..9cae396ec5 --- /dev/null +++ b/ChangeLog.d/8357.txt @@ -0,0 +1,8 @@ +Features + * It is now possible to have AEADs support (CCM, GCM and ChaChaPoly) without + MBEDTLS_CIPHER_C. This holds both for the builtin suport (MBEDTLS_CCM_C, + MBEDTLS_GCM_C and MBEDTLS_CHACHAPOLY_C) as well as the PSA one + (PSA_WANT_ALG_CCM, PSA_WANT_ALG_GCM, PSA_WANT_ALG_CHACHA20_POLY1305). + On the PSA side this means that it is possible to enable + MBEDTLS_PSA_CRYPTO_C without MBEDTLS_CIPHER_C if none of the + non-authenticated ciphers is enabled. diff --git a/configs/config-tfm.h b/configs/config-tfm.h index 85b677b4cc..197b80814e 100644 --- a/configs/config-tfm.h +++ b/configs/config-tfm.h @@ -45,6 +45,11 @@ #undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS #undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE +/* CCM is the only cipher/AEAD enabled in TF-M configuration files, but it + * does not need CIPHER_C to be enabled, so we can disable it in order + * to reduce code size further. */ +#undef MBEDTLS_CIPHER_C + /* * In order to get an example config that works cleanly out-of-the-box * for both baremetal and non-baremetal builds, we detect baremetal builds diff --git a/docs/driver-only-builds.md b/docs/driver-only-builds.md index 4bad2e879a..2dcfe67975 100644 --- a/docs/driver-only-builds.md +++ b/docs/driver-only-builds.md @@ -55,6 +55,7 @@ For now, only the following (families of) mechanisms are supported: - hashes: SHA-3, SHA-2, SHA-1, MD5, etc. - elliptic-curve cryptography (ECC): ECDH, ECDSA, EC J-PAKE, ECC key types. - finite-field Diffie-Hellman: FFDH algorithm, DH key types. +- AEADs: GCM, CCM and ChachaPoly Supported means that when those are provided only by drivers, everything (including PK, X.509 and TLS if `MBEDTLS_USE_PSA_CRYPTO` is enabled) should @@ -63,7 +64,7 @@ in the "Limitations" sub-sections of the sections dedicated to each family below. In the near future (end of 2023), we are planning to also add support for -ciphers (AES) and AEADs (GCM, CCM, ChachaPoly). +ciphers (AES, ARIA, Camellia). Currently (mid-2023) we don't have plans to extend this to RSA. If you're interested in driver-only support for RSA, please let us know. @@ -240,3 +241,34 @@ removing builtin support (i.e. `MBEDTLS_DHM_C`). ### Limitations Support for deterministic derivation of a DH keypair (i.e. `PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE`) is not supported. + +AEADs +----- + +[This section might contain incomplete data and it is going to be updated in +#8358, i.e. the wrap-up task for accelerated ciphers and AEADs.] + +It is possible to have all AEADs operations provided only by a driver. + +More precisely you can: +- enable desired PSA algorithm(s) and key type(s): + - `PSA_WANT_ALG_[CCM|GCM]` with `PSA_WANT_KEY_TYPE_[AES|ARIA|CAMELLIA]` + - `PSA_WANT_ALG_CHACHA20_POLY1305` with `PSA_WANT_KEY_TYPE_CHACHA20`; +- enable `MBEDTLS_PSA_ACCEL_xxx` symbol(s) which correspond to the + `PSA_WANT_xxx` of the previous step (both for algorithms and key types); +- disable builtin support of `MBEDTLS_[CCM|GCM|CHACHAPOLY|POLY1305]_C` + algorithms and key types `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C` for AEADs + which are accelerated. + +In a build in which all AEADs algorithms and related key types are accelerated +all AEADs operations requested through the PSA Crypto API (including those in +TLS and X.509) will be performed by the driver. +Moreover if no unauthenticated cipher is required, it is also possible to +disable all built-in block cipher's key types +(i.e. `MBEDTLS_[AES|ARIA|CAMELLIA|CHACHA20]_C`) and `MBEDTLS_CIPHER_C`. This +helps in further reducing code's footprint, but unfortunately it makes the +following modules unavailable: +- `MBEDTLS_PKCS[5|12]_C` +- `MBEDTLS_CTR_DRBG_C` +- `MBEDTLS_NIST_KW_C` + diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 94afc63f3d..b8acfb5eb1 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -3265,6 +3265,10 @@ component_test_tfm_config_p256m_driver_accel_ec () { # Check that p256m was built grep -q p256_ecdsa_ library/libmbedcrypto.a + # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration + # files, so we want to ensure that it has not be re-enabled accidentally. + not grep mbedtls_cipher library/cipher.o + # Run the tests msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA" make test @@ -3286,6 +3290,10 @@ component_test_tfm_config() { # Check that p256m was not built not grep p256_ecdsa_ library/libmbedcrypto.a + # In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration + # files, so we want to ensure that it has not be re-enabled accidentally. + not grep mbedtls_cipher library/cipher.o + msg "test: TF-M config" make test } diff --git a/tests/suites/test_suite_block_cipher.data b/tests/suites/test_suite_block_cipher.data index cf321ae47a..097b567e41 100644 --- a/tests/suites/test_suite_block_cipher.data +++ b/tests/suites/test_suite_block_cipher.data @@ -182,56 +182,74 @@ depends_on:MBEDTLS_ARIA_C test_vec:MBEDTLS_CIPHER_ID_ARIA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f":"00112233445566778899aabbccddeeff":"f92bd7c79fb72e2f2b8f80c1972d24fc" Camellia-128-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba9876543210":"0123456789abcdeffedcba9876543210":"67673138549669730857065648eabe43" Camellia-192-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba98765432100011223344556677":"0123456789abcdeffedcba9876543210":"b4993401b3e996f84ee5cee7d79b09b9" Camellia-256-ECB Encrypt RFC3713 #1 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff":"0123456789abcdeffedcba9876543210":"9acc237dff16d76c20ef7c919e3a7509" Camellia-128-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F":"00112233445566778899AABBCCDDEEFF":"77CF412067AF8270613529149919546F" Camellia-192-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F1011121314151617":"00112233445566778899AABBCCDDEEFF":"B22F3C36B72D31329EEE8ADDC2906C68" Camellia-256-ECB Encrypt Perl EVP #1 [#1] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F":"00112233445566778899AABBCCDDEEFF":"2EDF1F3418D53B88841FC8985FB1ECF2" Camellia-128-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"6BC1BEE22E409F96E93D7E117393172A":"432FC5DCD628115B7C388D770B270C96" Camellia-128-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"0BE1F14023782A22E8384C5ABB7FAB2B" Camellia-128-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"30C81C46A35CE411E5FBC1191A0A52EF":"A0A1ABCD1893AB6FE0FE5B65DF5F8636" Camellia-128-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"2B7E151628AED2A6ABF7158809CF4F3C":"F69F2445DF4F9B17AD2B417BE66C3710":"E61925E0D5DFAA9BB29F815B3076E51A" Camellia-192-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"6BC1BEE22E409F96E93D7E117393172A":"CCCC6C4E138B45848514D48D0D3439D3" Camellia-192-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"5713C62C14B2EC0F8393B6AFD6F5785A" Camellia-192-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"30C81C46A35CE411E5FBC1191A0A52EF":"B40ED2B60EB54D09D030CF511FEEF366" Camellia-192-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B":"F69F2445DF4F9B17AD2B417BE66C3710":"909DBD95799096748CB27357E73E1D26" Camellia-256-ECB Encrypt Perl EVP #1 [#2] +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"6BC1BEE22E409F96E93D7E117393172A":"BEFD219B112FA00098919CD101C9CCFA" Camellia-256-ECB Encrypt Perl EVP #2 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"AE2D8A571E03AC9C9EB76FAC45AF8E51":"C91D3A8F1AEA08A9386CF4B66C0169EA" Camellia-256-ECB Encrypt Perl EVP #3 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"30C81C46A35CE411E5FBC1191A0A52EF":"A623D711DC5F25A51BB8A80D56397D28" Camellia-256-ECB Encrypt Perl EVP #4 +depends_on:MBEDTLS_CAMELLIA_C test_vec:MBEDTLS_CIPHER_ID_CAMELLIA:"603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4":"F69F2445DF4F9B17AD2B417BE66C3710":"7960109FB6DC42947FCFE59EA3C5EB6B"