Mbed-os: psa_security.c breaks LoRaWAN builds

Created on 3 Dec 2018  路  11Comments  路  Source: ARMmbed/mbed-os

Description

Bugs and un-flagged code in psa_crypto.c breaks all the builds for LoRaWAN.
The problem is that the LoRaWAN builds remove MBEDTLS_GCM_C by undefining it in its Mbedtls configuration file. psa_crypto.c seems to use MBEDTLS_CCM_C or MBEDTLS_GCM_C and at some places it is correctly flagged. However, there are many places where it is not properly flagged, e.g.,
https://github.com/ARMmbed/mbed-os/blob/master/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c#L3149 here the check is needed for GCM not for CCM.

https://github.com/ARMmbed/mbed-os/blob/master/features/mbedtls/mbed-crypto/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL/psa_crypto.c#L3265 here the GCM is not flagged at all.

This is a blocker for LoRaWAn builds. Please fix asap.

Issue request type


[ ] Question
[ ] Enhancement
[X] Bug

Found in OOB CLOSED mirrored bug
Source
picture hasnainvirk

All 11 comments

It seems there are plenty of issues related to this issue and there is a fix PR open https://github.com/ARMmbed/mbedtls/pull/2241/commits/7d6f48a058b0c93e95383fa5d9a0b8da62b617b6 @0xc0170 What is the status on this PR ? Our builds are blocked because of this.

hasnainvirk picture hasnainvirk on 3 Dec 2018

I believe this should fix it https://github.com/ARMmbed/mbed-os/pull/8926 (can you test?)

The fix will be in 5.11rc2

0xc0170 picture 0xc0170 on 3 Dec 2018

@hasnainvirk How come this was not caught earlier (PR test or nightly) ?

cc @OPpuolitaival

0xc0170 picture 0xc0170 on 3 Dec 2018

@0xc0170 I am not sure why we didn't see it before. Let me try with the PR you mentioned.

hasnainvirk picture hasnainvirk on 3 Dec 2018

@0xc0170 I can confirm that the #8926 fixes the issue.

hasnainvirk picture hasnainvirk on 3 Dec 2018

Looks like a duplicate of #8893

adbridge picture adbridge on 3 Dec 2018

Internal Jira reference: https://jira.arm.com/browse/MBOCUSTRIA-238

ciarmcom picture ciarmcom on 3 Dec 2018

@hasnainvirk Could you please check if the TLS update #8926 fixes this ?

adbridge picture adbridge on 4 Dec 2018

@hasnainvirk @AnttiKauppila any update ?

adbridge picture adbridge on 5 Dec 2018

@adbridge All our Lora CI jobs are passing so this seems to have fixed the issue.
@hasnainvirk is on a sick leave so can you close this issue Anna?

AnttiKauppila picture AnttiKauppila on 5 Dec 2018
🎉1

I'll close this as resolved

0xc0170 picture 0xc0170 on 5 Dec 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

1domen1 picture 1domen1  路  3Comments
toyowata picture toyowata  路  4Comments
ghost picture ghost  路  4Comments
rbonghi picture rbonghi  路  3Comments
pilotak picture pilotak  路  3Comments