len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-10-17 02:07:48 -04:00
Code Issues Projects Releases Packages Wiki Activity

mbedtls-pkcs11: Separate mbedtls rng pkcs11 callback into separate file

Browse source
This commit is contained in:
Paul Bartell 2022-12-07 13:57:39 -08:00 committed by Paul Bartell
parent 0ca1ec8861
commit b66a75936f
9 changed files with 100 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

3
FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo.vcxproj
View file

@ -164,6 +164,7 @@
<ClCompile Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_state.c" />
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_bio_tcp_sockets_wrapper.c" />
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.c" />
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_rng_pkcs11.c" />
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\tcp_sockets_wrapper\ports\freertos_plus_tcp\tcp_sockets_wrapper.c" />
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.c" />
<ClCompile Include="..\..\..\..\Source\AWS\fleet-provisioning\source\fleet_provisioning.c" />
@ -189,7 +190,7 @@
<ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_state.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\coreMQTT\source\interface\transport_interface.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_bio_tcp_sockets_wrapper.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pkcs11.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\tcp_sockets_wrapper\include\tcp_sockets_wrapper.h" />
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.h" />
<ClInclude Include="..\..\..\..\Source\AWS\fleet-provisioning\source\include\fleet_provisioning.h" />

5
FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/fleet_provisioning_demo.vcxproj.filters
View file

@ -108,6 +108,9 @@
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.c">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + PKCS11 + MbedTLS Transport</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_rng_pkcs11.c">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + PKCS11 + MbedTLS Transport</Filter>
</ClCompile>
<ClCompile Include="..\..\..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.c">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + PKCS11 + MbedTLS Transport</Filter>
</ClCompile>
@ -176,7 +179,7 @@
<ClInclude Include="..\..\Mqtt_Demo_Helpers\mqtt_pkcs11_demo_helpers.h">
<Filter>Headers</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.h">
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\mbedtls_pkcs11.h">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + PKCS11 + MbedTLS Transport\include</Filter>
</ClInclude>
<ClInclude Include="..\..\..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.h">

4
FreeRTOS-Plus/Demo/AWS/Fleet_Provisioning_Windows_Simulator/Fleet_Provisioning_With_CSR_Demo/pkcs11_operations.c
View file

@ -44,7 +44,7 @@
#include "core_pkcs11_config.h"
#include "core_pki_utils.h"
#include "mbedtls_utils.h"
#include "mbedtls_pk_pkcs11.h"
#include "mbedtls_pkcs11.h"
/* MbedTLS include. */
#include "mbedtls/error.h"
@ -257,7 +257,7 @@ bool xGenerateKeyAndCsr( CK_SESSION_HANDLE xP11Session,
mbedtls_x509write_csr_set_key( &xReq, &xPrivKey );
ulMbedtlsRet = mbedtls_x509write_csr_pem( &xReq, ( unsigned char * ) pcCsrBuffer,
xCsrBufferLength, &lPKCS11RandomCallback,
xCsrBufferLength, &lMbedCryptoRngCallbackPKCS11,
&xP11Session );
}

3
FreeRTOS-Plus/Demo/corePKCS11_MQTT_Mutual_Auth_Windows_Simulator/corePKCS11_MQTT_Mutual_Auth.vcxproj
View file

@ -159,6 +159,7 @@
<ClCompile Include="..\..\Source\Application-Protocols\coreMQTT\source\core_mqtt_state.c" />
<ClCompile Include="..\..\Source\Application-Protocols\network_transport\mbedtls_bio_tcp_sockets_wrapper.c" />
<ClCompile Include="..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.c" />
<ClCompile Include="..\..\Source\Application-Protocols\network_transport\mbedtls_rng_pkcs11.c" />
<ClCompile Include="..\..\Source\Application-Protocols\network_transport\tcp_sockets_wrapper\ports\freertos_plus_tcp\tcp_sockets_wrapper.c" />
<ClCompile Include="..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.c" />
<ClCompile Include="..\..\Source\Utilities\backoff_algorithm\source\backoff_algorithm.c" />
@ -172,7 +173,7 @@
<ClInclude Include="..\..\Source\Application-Protocols\coreMQTT\source\include\core_mqtt_state.h" />
<ClInclude Include="..\..\Source\Application-Protocols\coreMQTT\source\interface\transport_interface.h" />
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_bio_tcp_sockets_wrapper.h" />
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.h" />
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_pkcs11.h" />
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\tcp_sockets_wrapper\include\tcp_sockets_wrapper.h" />
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.h" />
<ClInclude Include="..\..\Source\Utilities\backoff_algorithm\source\include\backoff_algorithm.h" />

2
FreeRTOS-Plus/Demo/corePKCS11_MQTT_Mutual_Auth_Windows_Simulator/corePKCS11_MQTT_Mutual_Auth.vcxproj.filters
View file

@ -98,7 +98,7 @@
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_bio_tcp_sockets_wrapper.h">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + MbedTLS Transport\include</Filter>
</ClInclude>
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_pk_pkcs11.h">
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\mbedtls_pkcs11.h">
<Filter>Additional Network Transport Files\TCP Sockets Wrapper + MbedTLS Transport\include</Filter>
</ClInclude>
<ClInclude Include="..\..\Source\Application-Protocols\network_transport\transport_mbedtls_pkcs11.h">

38
FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.c
View file

@ -387,44 +387,6 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx,
/*-----------------------------------------------------------*/
int lPKCS11RandomCallback( void * pvCtx,
unsigned char * pucOutput,
size_t uxLen )
{
int lRslt;
CK_FUNCTION_LIST_PTR pxFunctionList = NULL;
CK_SESSION_HANDLE * pxSessionHandle = ( CK_SESSION_HANDLE * ) pvCtx;
if( pucOutput == NULL )
{
lRslt = -1;
}
else if( pvCtx == NULL )
{
lRslt = -1;
LogError( ( "pvCtx must not be NULL." ) );
}
else
{
lRslt = ( int ) C_GetFunctionList( &pxFunctionList );
}
if( ( lRslt != CKR_OK ) ||
( pxFunctionList == NULL ) ||
( pxFunctionList->C_GenerateRandom == NULL ) )
{
lRslt = -1;
}
else
{
lRslt = ( int ) pxFunctionList->C_GenerateRandom( *pxSessionHandle, pucOutput, uxLen );
}
return lRslt;
}
/*-----------------------------------------------------------*/
static void * p11_ecdsa_ctx_alloc( void )
{
void * pvCtx = NULL;

16
FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pk_pkcs11.h → FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_pkcs11.h
View file

@ -24,8 +24,8 @@
*
*/
#ifndef MBEDTLS_PK_PKCS11_H
#define MBEDTLS_PK_PKCS11_H
#ifndef MBEDTLS_PKCS11_H
#define MBEDTLS_PKCS11_H
#include <string.h>
#include "mbedtls/pk.h"
@ -47,16 +47,16 @@ CK_RV xPKCS11_initMbedtlsPkContext( mbedtls_pk_context * pxMbedtlsPkCtx,
CK_OBJECT_HANDLE xPkHandle );
/**
* @brief Callback to generate random data with the PKCS11 module.
* @brief Callback to generate random data with the PKCS11 API.
*
* @param[in] pvCtx void pointer to the
* @param[in] pvCtx void pointer to a PKCS11 Session handle.
* @param[in] pucRandom Byte array to fill with random data.
* @param[in] xRandomLength Length of byte array.
*
* @return 0 on success.
*/
int lPKCS11RandomCallback( void * pvCtx,
unsigned char * pucOutput,
size_t uxLen );
int lMbedCryptoRngCallbackPKCS11( void * pvCtx,
unsigned char * pucOutput,
size_t uxLen );
#endif /* MBEDTLS_PK_PKCS11_H */
#endif /* MBEDTLS_PKCS11_H */

80
FreeRTOS-Plus/Source/Application-Protocols/network_transport/mbedtls_rng_pkcs11.c Normal file
View file

@ -0,0 +1,80 @@
/*
* FreeRTOS V202211.00
* Copyright (C) 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining a copy of
* this software and associated documentation files (the "Software"), to deal in
* the Software without restriction, including without limitation the rights to
* use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
* the Software, and to permit persons to whom the Software is furnished to do so,
* subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in all
* copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*
* https://www.FreeRTOS.org
* https://github.com/FreeRTOS
*
*/
#include "logging_levels.h"
#define LIBRARY_LOG_NAME "MbedTLSRNGP11"
#define LIBRARY_LOG_LEVEL LOG_ERROR
#include "logging_stack.h"
/**
* @file mbedtls_rng_pkcs11.c
* @brief Implements an mbedtls RNG callback using the PKCS#11 API
*/
#include "core_pkcs11_config.h"
#include "core_pkcs11.h"
/*-----------------------------------------------------------*/
int lMbedCryptoRngCallbackPKCS11( void * pvCtx,
unsigned char * pucOutput,
size_t uxLen )
{
int lRslt;
CK_FUNCTION_LIST_PTR pxFunctionList = NULL;
CK_SESSION_HANDLE * pxSessionHandle = ( CK_SESSION_HANDLE * ) pvCtx;
if( pucOutput == NULL )
{
lRslt = -1;
}
else if( pvCtx == NULL )
{
lRslt = -1;
LogError( ( "pvCtx must not be NULL." ) );
}
else
{
lRslt = ( int ) C_GetFunctionList( &pxFunctionList );
}
if( ( lRslt != CKR_OK ) ||
( pxFunctionList == NULL ) ||
( pxFunctionList->C_GenerateRandom == NULL ) )
{
lRslt = -1;
}
else
{
lRslt = ( int ) pxFunctionList->C_GenerateRandom( *pxSessionHandle, pucOutput, uxLen );
}
return lRslt;
}
/*-----------------------------------------------------------*/

2
FreeRTOS-Plus/Source/Application-Protocols/network_transport/transport_mbedtls_pkcs11.c
View file

@ -52,7 +52,7 @@
/* TLS transport header. */
#include "transport_mbedtls_pkcs11.h"
#include "mbedtls_pk_pkcs11.h"
#include "mbedtls_pkcs11.h"
/* PKCS #11 includes. */
#include "core_pkcs11_config.h"