Remove core_io dependency and add alternative interface for no_std environments #211
Conversation
…d writing without implementing std::io::{Read, Write} traits
…g IoCallback implements those traits, too
…th Write and Read trait
…ize_of to reduce architecture dependency
|
@zugzwang Would you mind having a look at this or find another maintainer who could find the time? |
|
Hello @DrTobe, thanks for the PR! |
mbedtls/src/cipher/raw/serde.rs
Outdated
| @@ -341,20 +341,20 @@ unsafe impl BytesSerde for gcm_context {} | |||
|
|
|||
| // If the C API changes, the serde implementation needs to be reviewed for correctness. | |||
|
|
|||
| unsafe fn _check_cipher_context_t_size(ctx: cipher_context_t) -> [u8; 96] { | |||
| unsafe fn _check_cipher_context_t_size(ctx: cipher_context_t) -> [u8; size_of::<cipher_context_t>()] { | |||
There was a problem hiding this comment.
I think we need to use constants here, as compilation of these functions alerts us of changes in these objects.
E.g. if for some reason cipher_context_t changes size, then this will result in a compilation failure. However using cipher_context_t against its own size will always work.
Does this make sense?
There was a problem hiding this comment.
Ah yes, I see, this definitely makes sense. But the value of that constant must be platform-dependent. So, it should roughly be x + y * size_of::<usize>() I guess?
There was a problem hiding this comment.
I don't think so, all these structs fields are only dependent on crypto (see e.g. https://github.com/Mbed-TLS/mbedtls/blob/development/include/mbedtls/cipher.h#L319 for cipher_context_t). E.g. any platform should serialize a cipher_context_t in exactly 96 bytes.
(Orthogonally, I do think that these constants should be declared separately e.g. const CIPHER_CONTEXT_T_SIZE: usize = 96;)
There was a problem hiding this comment.
Okay, I haven't checked this specific check in detail but I have changed it because some of the checks failed when building for thumbv7em-none-eabihf so I just assumed now this would be due to different usize sizes. I will take a look at this again soon.
There was a problem hiding this comment.
Oh, different usize sizes? I thought usize was always 8 bytes. If this is not the case, you are right, we should adjust by target (and perhaps add some sanity check test that checks that serialized objects are really exactly 96, 288, 128, etc bytes, if possible).
If this is not the case, we should check which of the functions compilation is failing and why exactly.
There was a problem hiding this comment.
usize is the type that comes to my mind when talking about different sizes in memory because it is
The pointer-sized unsigned integer type.
The size of this primitive is how many bytes it takes to reference any location in memory. For example, on a 32 bit target, this is 4 bytes and on a 64 bit target, this is 8 bytes.
There was a problem hiding this comment.
Thanks, so let us adjust those constants according to the target.
There was a problem hiding this comment.
I had a look at the underlying C structs and calculated the expected sizes. On a 64 bit machine, this works. I still have to test this when building for a 32 bit target.
There was a problem hiding this comment.
With the latest commit, this also works for 32 bit targets 👍
DrTobe
force-pushed
the
remove-core-io
branch
from
3854aea to
5c112b7
Compare
|
@MihirLuthra, any chance to merge this one? |
|
@DrTobe do you think that we can add tests for these changes? (apart from the adapted the |
|
Ping! What is the status of this PR? |
Sorry, I have not found the time yet to look into @zugzwang's request to add tests. |
I have had a look at this again and to me, the adaption in the |
|
@DrTobe it was more of a question in case you thought more tests could be added. |
|
bors r+ |
211: Remove core_io dependency and add alternative interface for no_std environments r=zugzwang a=DrTobe As already stated in #210, `core_io` "has not been updated for a long time, the latest rust version it supports is 2021-03-25." Since `no_std` usage of `rust-mbedtls` currently depends on `core_io`, this is a major barrier when adopting `rust-mbedtls` in `no_std` environments. As opposed to #210, I propose to remove any `std::io` replacement altogether because we need a different interface (non `io::Write`, non `io::Read`) for DTLS anyways. So this interface can be used for TLS in `no_std` environments, too, which removes the necessity to have a `std::io` replacement at all. If you think the benefits are worth the effort, a `std::io` replacement could be added optionally with a feature. I have not had a detailed look at `core2` but I found working with `core_io` very limiting, so maybe `core2` could be a better option. When working on these changes, I have also fixed some other minor issues with `no_std` usage. Specifically, this should also fix #208 (making #209 obsolete) while bringing `rust-mbedtls` to 32 bit targets (specifically the ARM `thumb...` targets commonly found on MCUs). With the changes presented in this PR, I was finally able to successfully use `rust-mbedtls` on an STM32L452CCUx MCU. Co-authored-by: Tobias Naumann <[email protected]>
|
Build failed:
|
|
The tests failed because the Additionally, the test did the same checks twice. I have removed that duplication. @zugzwang Assuming that the checks succeed now, can you try to merge again? |
|
bors r+ |
|
Build succeeded:
|
|
We should add a safe abstraction for IoCallback |
237: Add a new IO abstraction r=Taowyoo a=jethrogb Implement an IO abstraction as [previously suggested](#211 (comment)) to replace Read+Write if you don't have that available. This allows you to layer any `Io` types like you would Read+Write. cc `@DrTobe` hope you can live with the API change. Co-authored-by: Jethro Beekman <[email protected]>
As already stated in #210,
core_io"has not been updated for a long time, the latest rust version it supports is 2021-03-25." Sinceno_stdusage ofrust-mbedtlscurrently depends oncore_io, this is a major barrier when adoptingrust-mbedtlsinno_stdenvironments.As opposed to #210, I propose to remove any
std::ioreplacement altogether because we need a different interface (nonio::Write, nonio::Read) for DTLS anyways. So this interface can be used for TLS inno_stdenvironments, too, which removes the necessity to have astd::ioreplacement at all. If you think the benefits are worth the effort, astd::ioreplacement could be added optionally with a feature. I have not had a detailed look atcore2but I found working withcore_iovery limiting, so maybecore2could be a better option.When working on these changes, I have also fixed some other minor issues with
no_stdusage. Specifically, this should also fix #208 (making #209 obsolete) while bringingrust-mbedtlsto 32 bit targets (specifically the ARMthumb...targets commonly found on MCUs).With the changes presented in this PR, I was finally able to successfully use
rust-mbedtlson an STM32L452CCUx MCU.