[PATCH v2 00/28] [RFC] Integrate MbedTLS v3.6 LTS with U-Boot
Raymond Mao
raymond.mao at linaro.org
Tue May 7 19:50:42 CEST 2024
Integrate MbedTLS v3.6 LTS (currently v3.6.0-RC1) with U-Boot.
Motivations:
------------
1. MbedTLS is well maintained with LTS versions.
2. LWIP is integrated with MbedTLS and easily to enable HTTPS.
3. MbedTLS recently switched license back to GPLv2.
Prerequisite:
-------------
This patch series requires mbedtls git repo to be added as a
subtree to the main U-Boot repo via:
$ git subtree add --prefix lib/mbedtls/external/mbedtls \
https://github.com/Mbed-TLS/mbedtls.git \
v3.6.0 --squash
Moreover, due to the Windows-style files from mbedtls git repo,
we need to convert the CRLF endings to LF and do a commit manually:
$ git add --renormalize .
$ git commit
New Kconfig options:
--------------------
`MBEDTLS_LIB` is for MbedTLS general switch.
`MBEDTLS_LIB_CRYPTO` is for replacing original digest and crypto libs with
MbedTLS.
`MBEDTLS_LIB_X509` is for replacing original X509, PKCS7, MSCode, ASN1,
and Pubkey parser with MbedTLS.
`MBEDTLS_LIB_TLS` is for SSL/TLS (Disabled until LWIP port for MbedTLS is
ready)
In this patch set, MBEDTLS_LIB, MBEDTLS_LIB_CRYPTO and MBEDTLS_LIB_X509
are by default enabled in qemu_arm64_defconfig for testing purpose.
Patches for external MbedTLS project:
-------------------------------------
Since U-Boot uses Microsoft Authentication Code to verify PE/COFFs
executables which is not supported by MbedTLS at the moment,
addtional patches for MbedTLS are created to adapt with the EFI loader:
1. Decoding of Microsoft Authentication Code.
2. Decoding of PKCS#9 Authenticate Attributes.
3. Extending MbedTLS PKCS#7 lib to support multiple signer's certificates.
4. MbedTLS native test suites for PKCS#7 signer's info.
All above 4 patches (tagged with `mbedtls/external`) are submitted to
MbedTLS project and being reviewed, eventually they should be part of
MbedTLS release.
See below PR for the reference:
https://github.com/Mbed-TLS/mbedtls/pull/9001
Miscellaneous:
--------------
Minor fixes for arm EFI linker script for testing EFI secure boot.
Optimized MbedTLS library size by tailoring the config file.
After disabling all unnecessary features for EFI loader, enabling MbedTLS
increases U-Boot size by 6.03% (V1).
For V2, this figure drops to about 4.66% by completely replacing
original libs (rsa, asn1_decoder, rsa_helper, md5, sha1, sha256, sha512)
with MbedTLS when related Kconfig options are enabled.
Please see the output of bloat-o-meter for the reference of the size-growth
on QEMU arm64 target [1].
Tests done:
-----------
EFI Secure Boot test (EFI variables loading and verifying, EFI signed image
verifying and booting) via U-Boot console.
EFI Secure Boot and Capsule sandbox test passed.
Known issues:
-------------
None.
[1]: bloat-o-meter output between disabling/enabling MbedTLS (QEMU arm64)
```
add/remove: 212/81 grow/shrink: 20/17 up/down: 56376/-17495 (38881)
Function old new delta
mbedtls_internal_sha1_process - 4540 +4540
mbedtls_x509_crt_parse_der_internal - 3072 +3072
mbedtls_internal_md5_process - 2928 +2928
mbedtls_internal_sha256_process - 2052 +2052
mbedtls_pkcs7_parse_der - 1608 +1608
mbedtls_rsa_private - 1468 +1468
pkcs7_parse_message 372 1648 +1276
mbedtls_mpi_div_mpi - 1168 +1168
mbedtls_internal_sha512_process - 1056 +1056
mbedtls_mpi_inv_mod - 1000 +1000
mbedtls_x509_dn_gets - 996 +996
x509_populate_cert - 948 +948
K - 896 +896
oid_x520_attr_type - 840 +840
__udivti3 - 832 +832
mbedtls_x509_parse_subject_alt_name - 724 +724
mbedtls_rsa_deduce_primes - 720 +720
mbedtls_mpi_exp_mod - 668 +668
mbedtls_rsa_rsaes_pkcs1_v15_decrypt - 652 +652
pkcs7_get_signer_info - 632 +632
mbedtls_rsa_complete - 624 +624
mbedtls_rsa_validate_params - 608 +608
mbedtls_mpi_core_exp_mod - 560 +560
mbedtls_sha512_finish - 556 +556
mscode_parse 28 580 +552
mbedtls_x509_get_time - 552 +552
mbedtls_x509_get_name - 516 +516
mbedtls_sha256_finish - 484 +484
mbedtls_rsa_validate_crt - 464 +464
mbedtls_mpi_core_mla - 460 +460
rsa_rsassa_pkcs1_v15_encode - 420 +420
mbedtls_sha1_finish - 420 +420
mbedtls_mpi_gcd - 400 +400
oid_x509_ext - 360 +360
rsa_parse_pub_key 24 372 +348
mbedtls_x509_get_subject_alt_name_ext - 348 +348
mbedtls_sha512_starts - 340 +340
mbedtls_mpi_mul_mpi - 340 +340
mbedtls_rsa_rsassa_pkcs1_v15_sign - 336 +336
mbedtls_oid_get_numeric_string - 336 +336
mbedtls_md5_finish - 336 +336
mbedtls_pk_parse_subpubkey - 328 +328
oid_sig_alg - 320 +320
mbedtls_rsa_deduce_private_exponent - 312 +312
rsa_check_context.isra - 300 +300
mbedtls_rsa_rsaes_pkcs1_v15_encrypt - 288 +288
mbedtls_rsa_parse_pubkey - 284 +284
mbedtls_mpi_sub_abs - 284 +284
mbedtls_mpi_core_montmul - 276 +276
mbedtls_rsa_rsassa_pkcs1_v15_verify - 268 +268
mbedtls_asn1_traverse_sequence_of - 268 +268
mbedtls_sha512_update - 264 +264
hash_command 472 732 +260
mbedtls_asn1_get_alg - 256 +256
mbedtls_sha256_update - 252 +252
mbedtls_mpi_add_abs - 248 +248
oid_md_alg - 240 +240
mbedtls_sha1_update - 236 +236
mbedtls_rsa_deduce_crt - 236 +236
mbedtls_md5_update - 236 +236
mbedtls_rsa_import_raw - 232 +232
mbedtls_ct_memcpy_if - 228 +228
mbedtls_mpi_copy - 220 +220
mbedtls_mpi_cmp_mpi - 212 +212
mbedtls_mpi_shrink - 208 +208
mbedtls_ct_memmove_left - 208 +208
mbedtls_rsa_public - 204 +204
rsa_sign_wrap - 196 +196
mbedtls_pk_parse_public_key - 196 +196
asn1_get_tagged_int - 196 +196
mbedtls_mpi_mul_int - 184 +184
mbedtls_mpi_core_write_be - 184 +184
mbedtls_pk_verify_restartable - 180 +180
mbedtls_mpi_mod_mpi - 180 +180
mbedtls_asn1_get_len - 180 +180
pk_get_pk_alg.isra - 176 +176
mbedtls_mpi_core_fill_random - 176 +176
x509_populate_pubkey - 164 +164
rsa_verify_wrap - 164 +164
mbedtls_x509_crt_free - 164 +164
mbedtls_mpi_core_shift_r - 164 +164
oid_pk_alg - 160 +160
mbedtls_ct_zeroize_if - 156 +156
rsa_encrypt_wrap - 152 +152
rsa_decrypt_wrap - 152 +152
mbedtls_mpi_cmp_abs - 152 +152
add_sub_mpi - 152 +152
mbedtls_sha512 - 148 +148
mbedtls_rsa_check_privkey - 148 +148
mbedtls_mpi_core_shift_l - 148 +148
mbedtls_x509_get_ext - 144 +144
mbedtls_mpi_grow - 144 +144
mbedtls_mpi_core_read_be - 144 +144
mbedtls_x509_get_serial - 140 +140
mbedtls_asn1_write_len - 140 +140
pkcs7_get_one_cert - 136 +136
mbedtls_x509_crl_free - 136 +136
mbedtls_rsa_free - 136 +136
mbedtls_rsa_check_pubkey - 136 +136
mbedtls_x509_get_key_usage - 128 +128
mbedtls_asn1_get_bitstring - 128 +128
do_sha1sum - 128 +128
do_md5sum - 128 +128
mbedtls_sha256_starts - 124 +124
mbedtls_mpi_core_mul - 124 +124
mbedtls_asn1_get_alg_null - 124 +124
hash_parse_string - 124 +124
mbedtls_x509_get_sig - 120 +120
mbedtls_pkcs7_free - 120 +120
mbedtls_oid_get_x509_ext_type - 120 +120
mbedtls_oid_get_pk_alg - 120 +120
mbedtls_oid_get_md_alg - 120 +120
mbedtls_oid_get_attr_short_name - 120 +120
mbedtls_x509_get_subject_alt_name - 116 +116
asn1_get_sequence_of_cb - 116 +116
mbedtls_x509_get_sig_alg - 112 +112
hash_show - 112 +112
mbedtls_x509_get_ns_cert_type - 108 +108
mbedtls_mpi_resize_clear - 108 +108
mbedtls_mpi_lset - 108 +108
mbedtls_mpi_fill_random - 108 +108
mbedtls_asn1_get_sequence_of - 108 +108
mbedtls_mpi_core_get_mont_r2_unsafe - 104 +104
oid_sig_alg_from_asn1 - 100 +100
mbedtls_mpi_shift_l - 100 +100
public_key_verify_signature 312 408 +96
mbedtls_rsa_info - 96 +96
mbedtls_pk_setup - 96 +96
mbedtls_mpi_read_binary - 96 +96
mbedtls_rsa_check_pub_priv - 92 +92
mbedtls_mpi_lsb - 92 +92
mbedtls_asn1_get_bool - 92 +92
mbedtls_mpi_core_bigendian_to_host - 84 +84
mbedtls_mpi_core_bitlen - 76 +76
mbedtls_asn1_get_bitstring_null - 76 +76
x509_free_mbedtls_ctx.part - 72 +72
mbedtls_sha1_starts - 72 +72
mbedtls_mpi_core_cond_assign - 72 +72
CSWTCH 1266 1338 +72
x509_populate_dn_name_string - 68 +68
mbedtls_pk_free - 68 +68
mbedtls_oid_get_sig_alg - 68 +68
mbedtls_mpi_free - 68 +68
mbedtls_mpi_core_sub - 68 +68
mbedtls_mpi_core_check_zero_ct - 68 +68
pkcs7_free_signer_info - 64 +64
pkcs7_free_message 124 188 +64
mbedtls_oid_get_oid_by_md - 64 +64
rsa_debug - 60 +60
mbedtls_mpi_sub_int - 60 +60
mbedtls_mpi_core_add - 60 +60
mbedtls_mpi_cmp_int - 60 +60
mbedtls_mpi_add_int - 60 +60
mbedtls_md5_starts - 60 +60
hash_init_sha512 52 112 +60
hash_init_sha256 52 112 +60
mbedtls_platform_zeroize - 56 +56
mbedtls_asn1_get_tag - 56 +56
_u_boot_list_2_cmd_2_sha1sum - 56 +56
_u_boot_list_2_cmd_2_md5sum - 56 +56
rsa_alloc_wrap - 52 +52
mbedtls_mpi_shift_r - 52 +52
mbedtls_mpi_core_montmul_init - 52 +52
mbedtls_mpi_core_from_mont_rep - 52 +52
mbedtls_mpi_core_clz - 52 +52
mbedtls_ct_memcmp - 52 +52
mbedtls_mpi_core_sub_int - 48 +48
mbedtls_asn1_write_tag - 48 +48
mbedtls_asn1_sequence_free - 48 +48
mbedtls_asn1_free_named_data_list_shallow - 48 +48
mbedtls_rsa_init - 44 +44
mbedtls_mpi_get_bit - 44 +44
hash_init_sha1 52 96 +44
x509_parse2_int - 40 +40
mbedtls_zeroize_and_free - 40 +40
mbedtls_rsa_pkcs1_verify - 40 +40
mbedtls_rsa_pkcs1_sign - 40 +40
mbedtls_mpi_core_exp_mod_working_limbs - 40 +40
rsa_free_wrap - 36 +36
mbedtls_md_info_from_type - 36 +36
mbedtls_x509_get_alg - 32 +32
mbedtls_pk_get_type - 28 +28
mbedtls_mpi_size - 28 +28
mbedtls_mpi_core_to_mont_rep - 28 +28
x509_get_timestamp - 24 +24
mbedtls_x509_free_subject_alt_name - 24 +24
mbedtls_rsa_pkcs1_encrypt - 20 +20
mbedtls_rsa_pkcs1_decrypt - 20 +20
mbedtls_pk_info_from_type - 20 +20
mbedtls_mpi_write_binary - 20 +20
mbedtls_md_get_size - 20 +20
rsa_can_do - 16 +16
mbedtls_x509_crt_parse_der - 16 +16
mbedtls_sha512_free - 16 +16
mbedtls_sha256_free - 16 +16
mbedtls_sha1_free - 16 +16
mbedtls_mpi_init - 16 +16
mbedtls_md5_free - 16 +16
hash_finish_sha512 72 88 +16
hash_finish_sha256 72 88 +16
hash_finish_sha1 72 88 +16
x509_free_certificate 88 100 +12
sha512_csum_wd 68 80 +12
sha256_csum_wd 68 80 +12
sha1_csum_wd 68 80 +12
rsa_check_pair_wrap - 12 +12
md5_wd 68 80 +12
mbedtls_x509_crt_init - 12 +12
mbedtls_sha512_init - 12 +12
mbedtls_sha256_init - 12 +12
mbedtls_sha1_init - 12 +12
mbedtls_pkcs7_init - 12 +12
mbedtls_mpi_bitlen - 12 +12
mbedtls_md5_init - 12 +12
mbedtls_asn1_get_int - 12 +12
rsa_get_bitlen - 8 +8
mpi_bigendian_to_host - 8 +8
memset_func - 8 +8
mbedtls_sha512_info - 8 +8
mbedtls_sha384_info - 8 +8
mbedtls_sha256_info - 8 +8
mbedtls_sha1_info - 8 +8
mbedtls_rsa_get_len - 8 +8
mbedtls_rsa_get_bitlen - 8 +8
mbedtls_pk_verify - 8 +8
mbedtls_pk_init - 8 +8
mbedtls_mpi_sub_mpi - 8 +8
mbedtls_mpi_add_mpi - 8 +8
mbedtls_md5_info - 8 +8
mbedtls_ct_zero - 8 +8
sha512_update 4 8 +4
sha384_update 4 8 +4
sha256_update 12 8 -4
sha1_update 12 8 -4
rsapubkey_machine 10 - -10
x509_note_not_before 12 - -12
x509_note_not_after 12 - -12
month_lengths 12 - -12
x509_akid_note_name 16 - -16
sha256_process 16 - -16
sha1_process 16 - -16
rsapubkey_action_table 16 - -16
pkcs7_sig_note_skid 16 - -16
pkcs7_sig_note_serial 16 - -16
pkcs7_sig_note_issuer 16 - -16
pkcs7_check_content_type 20 - -20
hash_update_sha512 36 16 -20
hash_update_sha256 36 16 -20
hash_update_sha1 36 16 -20
MD5Init 56 36 -20
x509_note_serial 24 - -24
x509_decoder 24 - -24
x509_akid_decoder 24 - -24
sha1_starts 60 36 -24
rsapubkey_decoder 24 - -24
pkcs7_decoder 24 - -24
mscode_machine 24 - -24
mscode_decoder 24 - -24
mscode_action_table 24 - -24
x509_note_subject 28 - -28
x509_note_issuer 28 - -28
x509_note_tbs_certificate 32 - -32
pkcs7_note_data 32 - -32
rsa_get_n 36 - -36
hash_update_sha384 36 - -36
x509_note_params 40 - -40
x509_akid_action_table 40 - -40
pkcs7_note_content 40 - -40
asn1_op_lengths 41 - -41
rsa_get_e 48 - -48
pkcs7_note_signeddata_version 48 - -48
pkcs7_note_certificate_list 48 - -48
hash_init_sha384 52 - -52
sha384_csum_wd 68 12 -56
sha256_starts 104 40 -64
sha256_padding 64 - -64
sha1_padding 64 - -64
mscode_note_digest 72 - -72
hash_finish_sha384 72 - -72
pkcs7_sig_note_set_of_authattrs 84 - -84
x509_note_OID 92 - -92
x509_akid_note_serial 92 - -92
x509_akid_note_kid 92 - -92
pkcs7_sig_note_pkey_algo 92 - -92
x509_akid_machine 93 - -93
x509_extract_name_segment 96 - -96
pkcs7_note_signerinfo_version 96 - -96
pkcs7_sig_note_signature 100 - -100
x509_action_table 104 - -104
x509_machine 113 - -113
x509_extract_key_data 116 - -116
sha512_finish 152 36 -116
pkcs7_note_OID 116 - -116
pkcs7_extract_cert 116 - -116
sha512_starts 168 40 -128
sha384_starts 168 40 -128
mscode_note_content_type 132 - -132
pkcs7_action_table 136 - -136
sha384_finish 152 4 -148
oid_index 150 - -150
MD5Final 196 44 -152
sha512_base_do_finalize 160 - -160
x509_process_extension 168 - -168
x509_note_signature 172 - -172
pkcs7_note_signed_info 216 - -216
sha256_update.part 228 - -228
pkcs7_machine 239 - -239
sha1_update.part 240 - -240
sha512_base_do_update 244 - -244
pkcs7_sig_note_digest_algo 244 - -244
look_up_OID 244 - -244
sprint_oid 260 - -260
MD5Update 260 - -260
sha1_finish 300 36 -264
mscode_note_digest_algo 280 - -280
oid_search_table 296 - -296
x509_cert_parse 408 108 -300
x509_get_sig_params 304 - -304
pkcs7_sig_note_authenticated_attr 316 - -316
x509_note_pkey_algo 336 - -336
sha256_finish 404 36 -368
sha256_armv8_ce_process 428 - -428
x509_fabricate_name.isra 460 - -460
sha1_armv8_ce_process 484 - -484
oid_data 513 - -513
sha512_K 640 - -640
x509_decode_time 672 - -672
sha512_block_fn 1212 - -1212
asn1_ber_decoder 1480 - -1480
MD5Transform 2552 - -2552
Total: Before=835065, After=873946, chg +4.66%
```
Raymond Mao (28):
CI: Exclude MbedTLS subtree for CONFIG checks
mbedtls: Add script to update MbedTLS subtree
mbedtls: add mbedtls into the build system
arm: EFI linker script text section alignment
image: remove redundant hash includes
efi_loader: remove redundant hash includes
lib: Adapt digest header files to MbedTLS
md5: Adapt to the changes of md5 header
mbedtls: add digest shim layer for MbedTLS
hash: integrate hash on mbedtls
makefile: add mbedtls include directories
mbedtls/external: support MicroSoft Authentication Code
mbedtls/external: support PKCS9 Authenticate Attributes
mbedtls/external: support decoding multiple signer's cert
mbedtls/external: update MbedTLS PKCS7 test suites
mbedtls: add public key porting layer
lib/crypto: Adapt public_key header with MbedTLS
mbedtls: add X509 cert parser porting layer
lib/crypto: Adapt x509_cert_parser to MbedTLS
mbedtls: add PKCS7 parser porting layer
lib/crypto: Adapt PKCS7 parser to MbedTLS
mbedtls: add MSCode parser porting layer
lib/crypto: Adapt mscode_parser to MbedTLS
mbedtls: add RSA helper layer on MbedTLS
lib/rypto: Adapt rsa_helper to MbedTLS
asn1_decoder: remove ASN1 decoder when using MbedTLS
test: Remove ASN1 library test
configs: enable MbedTLS as default setting
.azure-pipelines.yml | 3 +-
.gitlab-ci.yml | 3 +-
Makefile | 13 +
arch/arm/lib/elf_aarch64_efi.lds | 1 +
boot/image-fit.c | 4 -
boot/image.c | 2 -
common/hash.c | 134 +
configs/qemu_arm64_defconfig | 5 +
configs/sandbox_defconfig | 4 +
drivers/crypto/hash/hash_sw.c | 8 +-
include/crypto/mscode.h | 4 +
include/crypto/pkcs7_parser.h | 56 +
include/crypto/public_key.h | 6 +
include/crypto/x509_parser.h | 36 +
include/stdio.h | 1 +
include/stdlib.h | 1 +
include/u-boot/md5.h | 17 +-
include/u-boot/sha1.h | 21 +-
include/u-boot/sha256.h | 20 +
include/u-boot/sha512.h | 22 +-
lib/Kconfig | 4 +
lib/Makefile | 10 +-
lib/crypto/Makefile | 12 +-
lib/crypto/asymmetric_type.c | 2 +-
lib/crypto/x509_public_key.c | 4 +
lib/efi_loader/efi_signature.c | 1 -
lib/efi_loader/efi_tcg2.c | 3 -
lib/mbedtls/Kconfig | 25 +
lib/mbedtls/Makefile | 132 +
.../external/mbedtls/include/mbedtls/oid.h | 35 +
.../external/mbedtls/include/mbedtls/pkcs7.h | 21 +
lib/mbedtls/external/mbedtls/library/pkcs7.c | 154 +-
.../tests/suites/test_suite_pkcs7.data | 4 +-
lib/mbedtls/mbedtls_def_config.h | 4262 +++++++++++++++++
lib/mbedtls/md5.c | 68 +
lib/mbedtls/mscode_parser.c | 111 +
lib/mbedtls/pkcs7_parser.c | 533 +++
lib/mbedtls/port/assert.h | 12 +
lib/mbedtls/port/limits.h | 33 +
lib/mbedtls/public_key.c | 105 +
lib/mbedtls/rsa_helper.c | 99 +
lib/mbedtls/sha1.c | 111 +
lib/mbedtls/sha256.c | 65 +
lib/mbedtls/sha512.c | 96 +
lib/mbedtls/update-mbedtls-subtree.sh | 50 +
lib/mbedtls/x509_cert_parser.c | 497 ++
lib/md5.c | 10 +-
test/Kconfig | 2 +-
48 files changed, 6747 insertions(+), 75 deletions(-)
create mode 100644 lib/mbedtls/Kconfig
create mode 100644 lib/mbedtls/Makefile
create mode 100644 lib/mbedtls/mbedtls_def_config.h
create mode 100644 lib/mbedtls/md5.c
create mode 100644 lib/mbedtls/mscode_parser.c
create mode 100644 lib/mbedtls/pkcs7_parser.c
create mode 100644 lib/mbedtls/port/assert.h
create mode 100644 lib/mbedtls/port/limits.h
create mode 100644 lib/mbedtls/public_key.c
create mode 100644 lib/mbedtls/rsa_helper.c
create mode 100644 lib/mbedtls/sha1.c
create mode 100644 lib/mbedtls/sha256.c
create mode 100644 lib/mbedtls/sha512.c
create mode 100755 lib/mbedtls/update-mbedtls-subtree.sh
create mode 100644 lib/mbedtls/x509_cert_parser.c
--
2.25.1
More information about the U-Boot
mailing list