feat(mbedtls): add support for mbedtls-3.3

TF-A support for mbedtls3.x has been overdue by number of releases.
As per mbedtls support it was advised to use latest and greatest
mbedtls-3.3. But mbedtls-3.x breaks API compatibility with
mbedtls-2.x

To maintain comptability for mbedtls-2.x and enable mbedtls-3.x
support add a functionality into makefile to determine the major version
of mbedtls and use that to selective include or compile files
that are present.

With mbedtls-3.x numerous other config changes have been done.
Some of the config options deprecated or enabled by default.
Thus we decided to introduce a new 3.x config file part of this
change for building TF-A with mbedtls-3.3.

For futher information on migrating to mbedtls 3.x refer to:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md

Change-Id: Ia8106d6f526809df927d608db27fe149623258ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

drivers/auth/mbedtls/mbedtls_common.mk

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015-2022, Arm Limited. All rights reserved.
+# Copyright (c) 2015-2023, Arm Limited. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -15,42 +15,68 @@ endif
 
 MBEDTLS_INC		=	-I${MBEDTLS_DIR}/include
 
+MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+MBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)')
+$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}])
+
 # Specify mbed TLS configuration file
-MBEDTLS_CONFIG_FILE	?=	"<drivers/auth/mbedtls/mbedtls_config.h>"
+ifeq (${MBEDTLS_MAJOR}, 2)
+	MBEDTLS_CONFIG_FILE	?=	"<drivers/auth/mbedtls/mbedtls_config-2.h>"
+else ifeq (${MBEDTLS_MAJOR}, 3)
+	MBEDTLS_CONFIG_FILE	?=	"<drivers/auth/mbedtls/mbedtls_config-3.h>"
+endif
+
 $(eval $(call add_define,MBEDTLS_CONFIG_FILE))
 
 MBEDTLS_SOURCES	+=		drivers/auth/mbedtls/mbedtls_common.c
 
-
-LIBMBEDTLS_SRCS		+= $(addprefix ${MBEDTLS_DIR}/library/,	\
-					aes.c 					\
-					asn1parse.c 				\
-					asn1write.c 				\
-					cipher.c 				\
-					cipher_wrap.c 				\
-					memory_buffer_alloc.c			\
-					oid.c 					\
-					platform.c 				\
-					platform_util.c				\
-					bignum.c				\
-					gcm.c 					\
-					md.c					\
-					pk.c 					\
-					pk_wrap.c 				\
-					pkparse.c 				\
-					pkwrite.c 				\
-					sha256.c            			\
-					sha512.c            			\
-					ecdsa.c					\
-					ecp_curves.c				\
-					ecp.c					\
-					rsa.c					\
-					rsa_internal.c				\
-					x509.c 					\
-					x509_crt.c 				\
-					constant_time.c 			\
+LIBMBEDTLS_SRCS		+= $(addprefix ${MBEDTLS_DIR}/library/,		\
+					aes.c 				\
+					asn1parse.c 			\
+					asn1write.c 			\
+					cipher.c 			\
+					cipher_wrap.c 			\
+					constant_time.c			\
+					memory_buffer_alloc.c		\
+					oid.c 				\
+					platform.c 			\
+					platform_util.c			\
+					bignum.c			\
+					gcm.c 				\
+					md.c				\
+					pk.c 				\
+					pk_wrap.c 			\
+					pkparse.c 			\
+					pkwrite.c 			\
+					sha256.c            		\
+					sha512.c            		\
+					ecdsa.c				\
+					ecp_curves.c			\
+					ecp.c				\
+					rsa.c				\
+					x509.c 				\
+					x509_crt.c 			\
 					)
 
+ifeq (${MBEDTLS_MAJOR}, 2)
+	LIBMBEDTLS_SRCS +=  $(addprefix ${MBEDTLS_DIR}/library/,	\
+						rsa_internal.c		\
+						)
+else ifeq (${MBEDTLS_MAJOR}, 3)
+	LIBMBEDTLS_SRCS +=  $(addprefix ${MBEDTLS_DIR}/library/,	\
+						bignum_core.c		\
+						rsa_alt_helpers.c	\
+						hash_info.c		\
+						)
+
+	# Currently on Mbedtls-3 there is outstanding bug due to usage
+	# of redundant declaration[1], So disable redundant-decls
+	# compilation flag to avoid compilation error when compiling with
+	# Mbedtls-3.
+	# [1]: https://github.com/Mbed-TLS/mbedtls/issues/6910
+	LIBMBEDTLS_CFLAGS += -Wno-error=redundant-decls
+endif
+
 # The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key
 # algorithm to use. If the variable is not defined, select it based on
 # algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined,

drivers/auth/mbedtls/mbedtls_crypto.c

@@ -295,6 +295,7 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key,
 	unsigned char *pt = data_ptr;
 	size_t dec_len;
 	int diff, i, rc;
+	size_t output_length __unused;
 
 	mbedtls_gcm_init(&ctx);
 
@@ -304,7 +305,11 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key,
 		goto exit_gcm;
 	}
 
+#if (MBEDTLS_VERSION_MAJOR < 3)
 	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0);
+#else
+	rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len);
+#endif
 	if (rc != 0) {
 		rc = CRYPTO_ERR_DECRYPTION;
 		goto exit_gcm;
@@ -313,7 +318,12 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key,
 	while (len > 0) {
 		dec_len = MIN(sizeof(buf), len);
 
+#if (MBEDTLS_VERSION_MAJOR < 3)
 		rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf);
+#else
+		rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length);
+#endif
+
 		if (rc != 0) {
 			rc = CRYPTO_ERR_DECRYPTION;
 			goto exit_gcm;
@@ -324,7 +334,12 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key,
 		len -= dec_len;
 	}
 
+#if (MBEDTLS_VERSION_MAJOR < 3)
 	rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf));
+#else
+	rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf));
+#endif
+
 	if (rc != 0) {
 		rc = CRYPTO_ERR_DECRYPTION;
 		goto exit_gcm;

include/drivers/auth/mbedtls/mbedtls_config-3.h

@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2023, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/**
+ *  This set of compile-time options may be used to enable
+ *  or disable features selectively, and reduce the global
+ *  memory footprint.
+ */
+
+/*
+ * Key algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_RSA			1
+#define TF_MBEDTLS_ECDSA		2
+#define TF_MBEDTLS_RSA_AND_ECDSA	3
+
+#define TF_MBEDTLS_USE_RSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA \
+		|| TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+#define TF_MBEDTLS_USE_ECDSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA \
+		|| TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA)
+
+/*
+ * Hash algorithms currently supported on mbed TLS libraries
+ */
+#define TF_MBEDTLS_SHA256		1
+#define TF_MBEDTLS_SHA384		2
+#define TF_MBEDTLS_SHA512		3
+
+/*
+ * Configuration file to build mbed TLS with the required features for
+ * Trusted Boot
+ */
+
+#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
+#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+
+#define MBEDTLS_PKCS1_V21
+
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_ASN1_WRITE_C
+
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+
+#define MBEDTLS_ERROR_C
+#define MBEDTLS_MD_C
+
+#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
+#define MBEDTLS_OID_C
+
+#define MBEDTLS_PK_C
+#define MBEDTLS_PK_PARSE_C
+#define MBEDTLS_PK_WRITE_C
+
+#define MBEDTLS_PLATFORM_C
+
+#if TF_MBEDTLS_USE_ECDSA
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_ECP_C
+#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#endif
+#if TF_MBEDTLS_USE_RSA
+#define MBEDTLS_RSA_C
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
+#endif
+
+/* The library does not currently support enabling SHA-256 without SHA-224. */
+#define MBEDTLS_SHA224_C
+#define MBEDTLS_SHA256_C
+/*
+ * If either Trusted Boot or Measured Boot require a stronger algorithm than
+ * SHA-256, pull in SHA-512 support. Library currently needs to have SHA_384
+ * support when enabling SHA-512.
+ */
+#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256) /* TBB hash algo */
+#define MBEDTLS_SHA384_C
+#define	MBEDTLS_SHA512_C
+#else
+   /* TBB uses SHA-256, what about measured boot? */
+#if defined(TF_MBEDTLS_MBOOT_USE_SHA512)
+#define MBEDTLS_SHA384_C
+#define MBEDTLS_SHA512_C
+#endif
+#endif
+
+#define MBEDTLS_VERSION_C
+
+#define MBEDTLS_X509_USE_C
+#define MBEDTLS_X509_CRT_PARSE_C
+
+#if TF_MBEDTLS_USE_AES_GCM
+#define MBEDTLS_AES_C
+#define MBEDTLS_CIPHER_C
+#define MBEDTLS_GCM_C
+#endif
+
+/* MPI / BIGNUM options */
+#define MBEDTLS_MPI_WINDOW_SIZE			2
+
+#if TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define MBEDTLS_MPI_MAX_SIZE			256
+#else
+#define MBEDTLS_MPI_MAX_SIZE			512
+#endif
+#else
+#define MBEDTLS_MPI_MAX_SIZE			256
+#endif
+
+/* Memory buffer allocator options */
+#define MBEDTLS_MEMORY_ALIGN_MULTIPLE		8
+
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
+#ifndef __ASSEMBLER__
+/* System headers required to build mbed TLS with the current configuration */
+#include <stdlib.h>
+#include <mbedtls/check_config.h>
+#endif
+
+/*
+ * Determine Mbed TLS heap size
+ * 13312 = 13*1024
+ * 11264 = 11*1024
+ * 7168  = 7*1024
+ */
+#if TF_MBEDTLS_USE_ECDSA
+#define TF_MBEDTLS_HEAP_SIZE		U(13312)
+#elif TF_MBEDTLS_USE_RSA
+#if TF_MBEDTLS_KEY_SIZE <= 2048
+#define TF_MBEDTLS_HEAP_SIZE		U(7168)
+#else
+#define TF_MBEDTLS_HEAP_SIZE		U(11264)
+#endif
+#endif
+
+/*
+ * Warn if errors from certain functions are ignored.
+ *
+ * The warnings are always enabled (where supported) for critical functions
+ * where ignoring the return value is almost always a bug. This macro extends
+ * the warnings to more functions.
+ */
+#define MBEDTLS_CHECK_RETURN_WARNING