From a93084be95634b66b917f1c8baf403067dc75c5d Mon Sep 17 00:00:00 2001 From: Sandrine Bailleux Date: Thu, 21 Apr 2022 10:21:29 +0200 Subject: [PATCH] build(deps): upgrade to mbed TLS 2.28.0 Upgrade to the latest and greatest 2.x release of Mbed TLS library (i.e. v2.28.0) to take advantage of their bug fixes. Note that the Mbed TLS project published version 3.x some time ago. However, as this is a major release with API breakages, upgrading to 3.x might require some more involved changes in TF-A, which we are not ready to do. We shall upgrade to mbed TLS 3.x after the v2.7 release of TF-A. Actually, the upgrade this time simply boils down to including the new source code module 'constant_time.c' into the firmware. To quote mbed TLS v2.28.0 release notes [1]: The mbedcrypto library includes a new source code module constant_time.c, containing various functions meant to resist timing side channel attacks. This module does not have a separate configuration option, and functions from this module will be included in the build as required. As a matter of fact, if one is attempting to link TF-A against mbed TLS v2.28.0 without the present patch, one gets some linker errors due to missing symbols from this new module. Apart from this, none of the items listed in mbed TLS release notes [1] directly affect TF-A. Special note on the following one: Fix a bug in mbedtls_gcm_starts() when the bit length of the iv exceeds 2^32. In TF-A, we do use mbedtls_gcm_starts() when the firmware decryption feature is enabled with AES-GCM as the authenticated decryption algorithm (DECRYPTION_SUPPORT=aes_gcm). However, the iv_len variable which gets passed to mbedtls_gcm_starts() is an unsigned int, i.e. a 32-bit value which by definition is always less than 2**32. Therefore, we are immune to this bug. With this upgrade, the size of BL1 and BL2 binaries does not appear to change on a standard sample test build (with trusted boot and measured boot enabled). [1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.0 Change-Id: Icd5dbf527395e9e22c8fd6b77427188bd7237fd6 Signed-off-by: Sandrine Bailleux --- drivers/auth/mbedtls/mbedtls_common.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index 0a4775d00..3eb41617f 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -48,6 +48,7 @@ LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \ rsa_internal.c \ x509.c \ x509_crt.c \ + constant_time.c \ ) # The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key