netutils/dropbear: back hmac-sha2-256 with NuttX /dev/crypto#3640
Draft
FelipeMdeO wants to merge 1 commit into
Draft
netutils/dropbear: back hmac-sha2-256 with NuttX /dev/crypto#3640FelipeMdeO wants to merge 1 commit into
FelipeMdeO wants to merge 1 commit into
Conversation
Replace the bundled libtomcrypt HMAC modules with an adapter that computes the hmac-sha2-256 packet MAC through the NuttX crypto device using CRYPTO_SHA2_256_HMAC sessions. NETUTILS_DROPBEAR depends on CRYPTO_CRYPTODEV and CRYPTO_CRYPTODEV_SOFTWARE_CRYPTO instead of selecting them. Signed-off-by: Felipe Moura <moura.fmo@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replace Dropbear's bundled libtomcrypt HMAC modules with an adapter that
computes the
hmac-sha2-256packet MAC through the NuttX crypto device(
/dev/crypto) usingCRYPTO_SHA2_256_HMACsessions:hmac_initopens thesession with the MAC key,
hmac_processfeeds data withCOP_FLAG_UPDATEand
hmac_donereads the tag and frees the session.This PR is: espressif/esp-hal-3rdparty#13
The upstream Dropbear
hmac_stateis reused as-is, so no source patch isneeded: the existing
hashfield keeps the hash index and the/dev/cryptosession id is stored in the otherwise unused
mdbuffer. The bundledhmac_init.c/hmac_process.c/hmac_done.care dropped from the build andNETUTILS_DROPBEARdepends onCRYPTO_CRYPTODEVandCRYPTO_CRYPTODEV_SOFTWARE_CRYPTO.Only the HMAC is offloaded, not the plain SHA-256 hash: Dropbear's key
derivation (
hashkeys()incommon-kex.c)memcpy-clones apartially-updated
hash_state, which a kernel crypto session cannotrepresent, so the SHA-256 descriptor stays on libtomcrypt.
Depends on #3636 (chacha20-poly1305 offload); this PR shares the Dropbear
Kconfig/Makefile/CMakeLists and will be rebased on top once that merges.
Opened as a draft to register the work.
Impact
NETUTILS_DROPBEARis enabled;Testing
sim:dropbearon the NuttX simulator. Dropbear is started by NSH, a user iscreated, and a host OpenSSH client connects forcing
hmac-sha2-256as theMAC (with
aes128-ctr, so the HMAC runs on every packet):console Board side:
console PC side: