From a8737afaae1432eee096565453d3595aa9a25a54 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 22 Oct 2024 21:34:46 +0200 Subject: [PATCH] mbedtls: use CSPRNG whenever possible as PSA random source The main problem of MBEDTLS_PSA_CRYPTO_LEGACY_RNG is that it brings in some legacy modules (entropy + ctr_drbg/hmac_drbg) which means extra ROM/RAM footprint. MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG instead simply calls to the CSPRNG which makes it definitely smaller. Signed-off-by: Valerio Setti --- doc/releases/migration-guide-4.0.rst | 6 ++++++ modules/mbedtls/Kconfig.tls-generic | 1 + samples/psa/its/overlay-entropy_driver.conf | 1 - samples/psa/persistent_key/overlay-entropy_driver.conf | 1 - tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf | 1 - tests/bsim/bluetooth/ll/conn/psa_overlay.conf | 1 - tests/crypto/mbedtls_psa/prj.conf | 1 - tests/crypto/mbedtls_psa/testcase.yaml | 5 +++-- tests/crypto/secp256r1/mbedtls.conf | 1 - tests/crypto/secp256r1/p256-m_raw.conf | 1 - tests/net/socket/tls_configurations/prj.conf | 1 - tests/subsys/jwt/testcase.yaml | 6 ++++++ 12 files changed, 16 insertions(+), 10 deletions(-) diff --git a/doc/releases/migration-guide-4.0.rst b/doc/releases/migration-guide-4.0.rst index f5ad27bff776713..2e00a15b20cfefd 100644 --- a/doc/releases/migration-guide-4.0.rst +++ b/doc/releases/migration-guide-4.0.rst @@ -75,6 +75,12 @@ Mbed TLS corresponding build symbol was removed in Mbed TLS 3.1.0 and is now assumed to be enabled. (:github:`77657`) +* If a platform has a CSPRNG source available (i.e. :kconfig:option:`CONFIG_CSPRNG_ENABLED` + is set), then the Kconfig option :kconfig:option:`CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` + is the default choice for random number source instead of + :kconfig:option:`CONFIG_MBEDTLS_PSA_CRYPTO_LEGACY_RNG`. This helps in reducing + ROM/RAM footprint of the Mbed TLS library. + TinyCrypt ========= diff --git a/modules/mbedtls/Kconfig.tls-generic b/modules/mbedtls/Kconfig.tls-generic index 108258731571568..2e6e6b7f8c322f7 100644 --- a/modules/mbedtls/Kconfig.tls-generic +++ b/modules/mbedtls/Kconfig.tls-generic @@ -481,6 +481,7 @@ config MBEDTLS_SSL_EXTENDED_MASTER_SECRET choice MBEDTLS_PSA_CRYPTO_RNG_SOURCE prompt "Select random source for built-in PSA crypto" depends on MBEDTLS_PSA_CRYPTO_C + default MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG if CSPRNG_ENABLED default MBEDTLS_PSA_CRYPTO_LEGACY_RNG config MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG diff --git a/samples/psa/its/overlay-entropy_driver.conf b/samples/psa/its/overlay-entropy_driver.conf index b2fea61e044a3c5..0feb3ad09493f31 100644 --- a/samples/psa/its/overlay-entropy_driver.conf +++ b/samples/psa/its/overlay-entropy_driver.conf @@ -1,4 +1,3 @@ # SPDX-License-Identifier: Apache-2.0 CONFIG_ENTROPY_GENERATOR=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y diff --git a/samples/psa/persistent_key/overlay-entropy_driver.conf b/samples/psa/persistent_key/overlay-entropy_driver.conf index b2fea61e044a3c5..0feb3ad09493f31 100644 --- a/samples/psa/persistent_key/overlay-entropy_driver.conf +++ b/samples/psa/persistent_key/overlay-entropy_driver.conf @@ -1,4 +1,3 @@ # SPDX-License-Identifier: Apache-2.0 CONFIG_ENTROPY_GENERATOR=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y diff --git a/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf b/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf index 7086f66d96d521f..49282c5e502db12 100644 --- a/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf +++ b/tests/bsim/bluetooth/host/gatt/caching/psa_overlay.conf @@ -4,4 +4,3 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_PSA_CRYPTO_ENABLE_ALL=y CONFIG_ENTROPY_GENERATOR=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y diff --git a/tests/bsim/bluetooth/ll/conn/psa_overlay.conf b/tests/bsim/bluetooth/ll/conn/psa_overlay.conf index 7086f66d96d521f..49282c5e502db12 100644 --- a/tests/bsim/bluetooth/ll/conn/psa_overlay.conf +++ b/tests/bsim/bluetooth/ll/conn/psa_overlay.conf @@ -4,4 +4,3 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_PSA_CRYPTO_ENABLE_ALL=y CONFIG_ENTROPY_GENERATOR=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y diff --git a/tests/crypto/mbedtls_psa/prj.conf b/tests/crypto/mbedtls_psa/prj.conf index 0f4585d6b49d37f..54dd833011b1f23 100644 --- a/tests/crypto/mbedtls_psa/prj.conf +++ b/tests/crypto/mbedtls_psa/prj.conf @@ -3,4 +3,3 @@ CONFIG_ZTEST=y CONFIG_MBEDTLS=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y diff --git a/tests/crypto/mbedtls_psa/testcase.yaml b/tests/crypto/mbedtls_psa/testcase.yaml index 6b96e8ff5f6fa58..af9a0b760026072 100644 --- a/tests/crypto/mbedtls_psa/testcase.yaml +++ b/tests/crypto/mbedtls_psa/testcase.yaml @@ -11,8 +11,6 @@ # - no TF-M enabled devices because we assume that the TF-M implementation # of PSA crypto is working fine on the platforms that support TF-M. # - platform should be testable by the CI. -# - enable CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG in order to reduce as much -# as possible usage of legacy modules in Mbed TLS. # - pick 1 platform which supports entropy driver and 1 which does not. The # latter case will allow to test # CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG. @@ -34,8 +32,11 @@ tests: # Pick a platform which does not have an entropy driver. In this case we # enable the timer random generator because it's always available on all # platforms. + # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this is + # not "automatically selected" when there is CSPRNG available. integration_platforms: - qemu_x86 extra_configs: + - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y - CONFIG_TEST_RANDOM_GENERATOR=y diff --git a/tests/crypto/secp256r1/mbedtls.conf b/tests/crypto/secp256r1/mbedtls.conf index dd8231a21ca547f..e87e14abd71ae25 100644 --- a/tests/crypto/secp256r1/mbedtls.conf +++ b/tests/crypto/secp256r1/mbedtls.conf @@ -1,5 +1,4 @@ CONFIG_MBEDTLS=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED=y diff --git a/tests/crypto/secp256r1/p256-m_raw.conf b/tests/crypto/secp256r1/p256-m_raw.conf index 801a31df91a866e..5ac706ef29bf60a 100644 --- a/tests/crypto/secp256r1/p256-m_raw.conf +++ b/tests/crypto/secp256r1/p256-m_raw.conf @@ -1,5 +1,4 @@ CONFIG_MBEDTLS=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y CONFIG_MBEDTLS_PSA_P256M_DRIVER_ENABLED=y CONFIG_MBEDTLS_PSA_P256M_DRIVER_RAW=y diff --git a/tests/net/socket/tls_configurations/prj.conf b/tests/net/socket/tls_configurations/prj.conf index 93a8c0f8b1230dd..23842f6a64149a3 100644 --- a/tests/net/socket/tls_configurations/prj.conf +++ b/tests/net/socket/tls_configurations/prj.conf @@ -28,7 +28,6 @@ CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=2048 CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=y # Build the PSA Crypto core so that the TLS stack uses the PSA crypto API. CONFIG_MBEDTLS_PSA_CRYPTO_C=y -CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y CONFIG_ENTROPY_GENERATOR=y # Disable some Kconfigs that are implied by CONFIG_NET_SOCKETS_SOCKOPT_TLS. diff --git a/tests/subsys/jwt/testcase.yaml b/tests/subsys/jwt/testcase.yaml index 6606780a9f1b29d..63323a09de4330c 100644 --- a/tests/subsys/jwt/testcase.yaml +++ b/tests/subsys/jwt/testcase.yaml @@ -17,6 +17,9 @@ tests: extra_configs: - CONFIG_JWT_SIGN_ECDSA=y - CONFIG_JWT_USE_PSA=y + # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this + # is not automatically selected on platforms that do not have a CSPRNG + # source. - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y libraries.encoding.jwt.rsa.legacy: @@ -28,5 +31,8 @@ tests: extra_configs: - CONFIG_JWT_SIGN_RSA=y - CONFIG_JWT_USE_PSA=y + # Explicitly select CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG because this + # is not automatically selected on platforms that do not have a CSPRNG + # source. - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG=y - CONFIG_MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG_ALLOW_NON_CSPRNG=y