From 714b6603e4cbfcabb4de6ae6acf02f5fd8f2baa3 Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 7 Apr 2022 07:44:04 -0400 Subject: [PATCH 1/3] Remove dummy timing implementation Having such implementation might cause issues for those that expect to have a working implementation. Having a compile-time error is better in such case. Signed-off-by: Andrzej Kurek --- library/timing.c | 27 --------------------------- 1 file changed, 27 deletions(-) diff --git a/library/timing.c b/library/timing.c index a65bc99406..9a35eedb1c 100644 --- a/library/timing.c +++ b/library/timing.c @@ -167,33 +167,6 @@ uint32_t mbedtls_timing_get_final_delay( { return( data->fin_ms ); } -#else /* MBEDTLS_HAVE_TIME */ -uint32_t mbedtls_timing_get_final_delay( - const mbedtls_timing_delay_context *data ) -{ - (void) data; - return( 0 ); -} - -int mbedtls_timing_get_delay( void *data ) -{ - (void) data; - return( 0 ); -} -void mbedtls_timing_set_delay( void *data, uint32_t int_ms, uint32_t fin_ms ) -{ - (void) data; - (void) int_ms; - (void) fin_ms; -} - -unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) -{ - (void) val; - (void) reset; - return( 0 ); -} - #endif /* MBEDTLS_HAVE_TIME */ #endif /* !MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_C */ From 5735369f4aa36d4627a143169fe988def4a3177e Mon Sep 17 00:00:00 2001 From: Andrzej Kurek Date: Thu, 7 Apr 2022 08:08:21 -0400 Subject: [PATCH 2/3] Remove the dependency on MBEDTLS_HAVE_TIME from MBEDTLS_TIMING_C The timing module might include time.h on its own when on a suitable platform, even if MBEDTLS_HAVE_TIME is disabled. Co-authored-by: Tom Cosgrove Signed-off-by: Andrzej Kurek --- include/mbedtls/mbedtls_config.h | 11 ++++++++++- library/timing.c | 6 ++---- tests/suites/test_suite_timing.data | 3 --- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h index e8a2705868..5e74980b14 100644 --- a/include/mbedtls/mbedtls_config.h +++ b/include/mbedtls/mbedtls_config.h @@ -129,7 +129,12 @@ * MBEDTLS_PLATFORM_TIME_MACRO, MBEDTLS_PLATFORM_TIME_TYPE_MACRO and * MBEDTLS_PLATFORM_STD_TIME. * - * Comment if your system does not support time functions + * Comment if your system does not support time functions. + * + * \note If MBEDTLS_TIMING_C is set - to enable the semi-portable timing + * interface - timing.c will include time.h on suitable platforms + * regardless of the setting of MBEDTLS_HAVE_TIME, unless + * MBEDTLS_TIMING_ALT is used. See timing.c for more information. */ #define MBEDTLS_HAVE_TIME @@ -3013,6 +3018,10 @@ * your own implementation of the whole module by setting * \c MBEDTLS_TIMING_ALT in the current file. * + * \note The timing module will include time.h on suitable platforms + * regardless of the setting of MBEDTLS_HAVE_TIME, unless + * MBEDTLS_TIMING_ALT is used. See timing.c for more information. + * * \note See also our Knowledge Base article about porting to a new * environment: * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS diff --git a/library/timing.c b/library/timing.c index 9a35eedb1c..859c1b83f8 100644 --- a/library/timing.c +++ b/library/timing.c @@ -46,14 +46,14 @@ struct _hr_time #include #include #include -#if defined(MBEDTLS_HAVE_TIME) +/* time.h should be included independently of MBEDTLS_HAVE_TIME. If the + * platform matches the ifdefs above, it will be used. */ #include #include struct _hr_time { struct timeval start; }; -#endif #endif /* _WIN32 && !EFIX64 && !EFI32 */ /** @@ -75,7 +75,6 @@ struct _hr_time * get_timer(0) }` the value time1+time2 is only approximately * the delay since the first reset. */ -#if defined(MBEDTLS_HAVE_TIME) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset ) @@ -167,6 +166,5 @@ uint32_t mbedtls_timing_get_final_delay( { return( data->fin_ms ); } -#endif /* MBEDTLS_HAVE_TIME */ #endif /* !MBEDTLS_TIMING_ALT */ #endif /* MBEDTLS_TIMING_C */ diff --git a/tests/suites/test_suite_timing.data b/tests/suites/test_suite_timing.data index a45ed0e99d..de89239e76 100644 --- a/tests/suites/test_suite_timing.data +++ b/tests/suites/test_suite_timing.data @@ -1,11 +1,8 @@ Timing: get timer -depends_on:MBEDTLS_HAVE_TIME timing_get_timer: Timing: delay 0ms -depends_on:MBEDTLS_HAVE_TIME timing_delay:0: Timing: delay 100ms -depends_on:MBEDTLS_HAVE_TIME timing_delay:100: From e756f642cdf09ece1160d1c25edaea0f0be86b32 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 5 Apr 2022 21:39:43 +0200 Subject: [PATCH 3/3] Seed the PRNG even if time() isn't available time() is only needed to seed the PRNG non-deterministically. If it isn't available, do seed it, but pick a static seed. Signed-off-by: Andrzej Kurek --- programs/test/udp_proxy.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index bc78fab869..41a90a9ada 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -825,7 +825,6 @@ int main( int argc, char *argv[] ) get_options( argc, argv ); -#if defined(MBEDTLS_HAVE_TIME) /* * Decisions to drop/delay/duplicate packets are pseudo-random: dropping * exactly 1 in N packets would lead to problems when a flight has exactly @@ -836,12 +835,15 @@ int main( int argc, char *argv[] ) */ if( opt.seed == 0 ) { +#if defined(MBEDTLS_HAVE_TIME) opt.seed = (unsigned int) mbedtls_time( NULL ); +#else + opt.seed = 1; +#endif /* MBEDTLS_HAVE_TIME */ mbedtls_printf( " . Pseudo-random seed: %u\n", opt.seed ); } srand( opt.seed ); -#endif /* MBEDTLS_HAVE_TIME */ /* * 0. "Connect" to the server