mgmt: updatehub: replace TinyCrypt by PSA

As part of ongoing work to move away from TinyCrypt and towards PSA
(#43712), introduce a PSA option and remove the TinyCrypt one for the
SHA-256 implementation.

The Mbed TLS implementation is modified to use `mbedtls_sha256`
directly for smaller code size.

The reliance of mgmt/updatehub on storage/flash_map's configuration
(`FLASH_AREA_CHECK_INTEGRITY_BACKEND`) is removed.
The choice of which implementation to use is made automatically,
based on whether a PSA API provider is present (`PSA_CRYPTO_CLIENT`).

This commit also add a test case with PSA (based on Mbed TLS)
in samples/subsys/mgmt/updatehub/sample.yaml.

Signed-off-by: Tomi Fontanilles <tomi.fontanilles@nordicsemi.no>
Signed-off-by: Valerio Setti <vsetti@baylibre.com>

doc/releases/migration-guide-3.7.rst

@@ -838,6 +838,15 @@ State Machine Framework
   action would terminate the state machine. Passing ``NULL`` is now not allowed. Instead create a
   'terminate' state at the top level, and call :c:func:`smf_set_terminate` from its entry action.
 
+UpdateHub
+=========
+
+* The SHA-256 implementation used to perform integrity checks is not chosen with
+  :kconfig:option:`CONFIG_FLASH_AREA_CHECK_INTEGRITY_BACKEND` anymore. Instead, the implementation
+  used (now either Mbed TLS or PSA) is chosen based on :kconfig:option:`CONFIG_PSA_CRYPTO_CLIENT`.
+  It still defaults to using Mbed TLS (with a smaller footprint than previously) unless the
+  board is built with TF-M or :kconfig:option:`CONFIG_MBEDTLS_PSA_CRYPTO_C` is enabled. (:github:`73511`)
+
 ZBus
 ====
 

samples/subsys/mgmt/updatehub/overlay-psa.conf

@@ -0,0 +1,3 @@
+CONFIG_FLASH_AREA_CHECK_INTEGRITY_PSA=y
+CONFIG_MBEDTLS=y
+CONFIG_MBEDTLS_PSA_CRYPTO_C=y

samples/subsys/mgmt/updatehub/sample.yaml

@@ -19,6 +19,13 @@ tests:
       - CONFIG_UPDATEHUB_POLL_INTERVAL=1
       - CONFIG_UPDATEHUB_CE=y
       - CONFIG_UPDATEHUB_SERVER="updatehub.io"
+  sample.net.updatehub.psa:
+    extra_args: OVERLAY_CONFIG="overlay-psa.conf"
+    extra_configs:
+      - CONFIG_UPDATEHUB_PRODUCT_UID="e4d37cfe6ec48a2d069cc0bbb8b078677e9a0d8df3a027c4d8ea131130c4265f"
+      - CONFIG_UPDATEHUB_POLL_INTERVAL=1
+      - CONFIG_UPDATEHUB_CE=y
+      - CONFIG_UPDATEHUB_SERVER="updatehub.io"
   sample.net.updatehub.userspace:
     extra_configs:
       - CONFIG_UPDATEHUB_PRODUCT_UID="e4d37cfe6ec48a2d069cc0bbb8b078677e9a0d8df3a027c4d8ea131130c4265f"

subsys/mgmt/updatehub/Kconfig

@@ -2,7 +2,7 @@
 # SPDX-License-Identifier: Apache-2.0
 
 menuconfig UPDATEHUB
-	bool"UpdateHub Firmware Over-the-Air support"
+	bool "UpdateHub Firmware Over-the-Air support"
 	depends on FLASH
 	depends on REBOOT
 	depends on IMG_MANAGER
@@ -17,6 +17,8 @@ menuconfig UPDATEHUB
 	select REQUIRES_FULL_LIBC
 	select IMG_ENABLE_IMAGE_CHECK
 	select MPU_ALLOW_FLASH_WRITE
+	select MBEDTLS if !BUILD_WITH_TFM
+	select MBEDTLS_SHA256 if !PSA_CRYPTO_CLIENT
 	help
 	  UpdateHub is an enterprise-grade solution which makes simple to
 	  remotely update all your embedded devices in the field. It
@@ -69,7 +71,7 @@ config UPDATEHUB_SHELL
 	  Activate shell module that provides UpdateHub commands like
 
 config UPDATEHUB_DTLS
-	bool"Activate communication CoAPS/DTLS"
+	bool "Activate communication CoAPS/DTLS"
 	select MBEDTLS
 	select MBEDTLS_ENABLE_HEAP
 	select NET_SOCKETS_SOCKOPT_TLS
@@ -146,10 +148,6 @@ config UPDATEHUB_DOWNLOAD_STORAGE_SHA256_VERIFICATION
 
 endchoice
 
-choice FLASH_AREA_CHECK_INTEGRITY_BACKEND
-	default FLASH_AREA_CHECK_INTEGRITY_MBEDTLS
-endchoice
-
 module = UPDATEHUB
 module-str = Log level for UpdateHub
 module-help = Enables logging for UpdateHub code.

subsys/mgmt/updatehub/updatehub.c

@@ -61,7 +61,7 @@ static struct updatehub_context {
 	struct coap_block_context block;
 	struct k_sem semaphore;
 	struct updatehub_storage_context storage_ctx;
-	struct updatehub_crypto_context crypto_ctx;
+	updatehub_crypto_context_t crypto_ctx;
 	enum updatehub_response code_status;
 	uint8_t hash[SHA256_BIN_DIGEST_SIZE];
 	uint8_t uri_path[MAX_PATH_SIZE];
@@ -113,7 +113,7 @@ static void prepare_fds(void)
 
 static int metadata_hash_get(char *metadata)
 {
-	struct updatehub_crypto_context local_crypto_ctx;
+	updatehub_crypto_context_t local_crypto_ctx;
 
 	if (updatehub_integrity_init(&local_crypto_ctx)) {
 		return -1;

subsys/mgmt/updatehub/updatehub_integrity.c

@@ -9,7 +9,13 @@ LOG_MODULE_DECLARE(updatehub, CONFIG_UPDATEHUB_LOG_LEVEL);
 
 #include "updatehub_integrity.h"
 
-int updatehub_integrity_init(struct updatehub_crypto_context *ctx)
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
+#define SUCCESS_VALUE PSA_SUCCESS
+#else
+#define SUCCESS_VALUE 0
+#endif
+
+int updatehub_integrity_init(updatehub_crypto_context_t *ctx)
 {
 	int ret;
 
@@ -18,43 +24,22 @@ int updatehub_integrity_init(struct updatehub_crypto_context *ctx)
 		return -EINVAL;
 	}
 
-	memset(ctx, 0, sizeof(struct updatehub_crypto_context));
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
-
+	*ctx = psa_hash_operation_init();
-#if defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_MBEDTLS)
+	ret = psa_hash_setup(ctx, PSA_ALG_SHA_256);
-	ctx->md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);
+#else
-	if (ctx->md_info == NULL) {
+	mbedtls_sha256_init(ctx);
-		LOG_DBG("Message Digest not found or not enabled");
+	ret = mbedtls_sha256_starts(ctx, false);
-		return -ENOENT;
-	}
-
-	mbedtls_md_init(&ctx->md_ctx);
-	ret = mbedtls_md_setup(&ctx->md_ctx, ctx->md_info, 0);
-	if (ret == MBEDTLS_ERR_MD_BAD_INPUT_DATA) {
-		LOG_DBG("Bad Message Digest selected");
-		return -EFAULT;
-	}
-	if (ret == MBEDTLS_ERR_MD_ALLOC_FAILED) {
-		LOG_DBG("Failed to allocate memory");
-		return -ENOMEM;
-	}
-
-	ret = mbedtls_md_starts(&ctx->md_ctx);
-	if (ret == MBEDTLS_ERR_MD_BAD_INPUT_DATA) {
-		LOG_DBG("Bad Message Digest selected");
-		return -EFAULT;
-	}
-#elif defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_TC)
-	ret = tc_sha256_init(&ctx->sha256sum);
-	if (ret != TC_CRYPTO_SUCCESS) {
-		LOG_DBG("Invalid integrity context");
-		return -EFAULT;
-	}
 #endif
+	if (ret != SUCCESS_VALUE) {
+		LOG_DBG("Failed to %s SHA-256 operation. (%d)", "set up", ret);
+		return -EFAULT;
+	}
 
 	return 0;
 }
 
-int updatehub_integrity_update(struct updatehub_crypto_context *ctx,
+int updatehub_integrity_update(updatehub_crypto_context_t *ctx,
 			       const uint8_t *buffer, const uint32_t len)
 {
 	int ret;
@@ -68,24 +53,27 @@ int updatehub_integrity_update(struct updatehub_crypto_context *ctx,
 		return 0;
 	}
 
-#if defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_MBEDTLS)
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
-	ret = mbedtls_md_update(&ctx->md_ctx, buffer, len);
+	ret = psa_hash_update(ctx, buffer, len);
-	if (ret == MBEDTLS_ERR_MD_BAD_INPUT_DATA) {
+	if (ret != PSA_SUCCESS) {
-		LOG_DBG("Bad Message Digest selected");
+		psa_hash_abort(ctx);
-		return -EFAULT;
 	}
-#elif defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_TC)
+#else
-	ret = tc_sha256_update(&ctx->sha256sum, buffer, len);
+	ret = mbedtls_sha256_update(ctx, buffer, len);
-	if (ret != TC_CRYPTO_SUCCESS) {
+	if (ret != 0) {
-		LOG_DBG("Invalid integrity context or invalid buffer");
+		mbedtls_sha256_free(ctx);
-		return -EFAULT;
 	}
 #endif
 
+	if (ret != SUCCESS_VALUE) {
+		LOG_DBG("Failed to %s SHA-256 operation. (%d)", "update", ret);
+		return -EFAULT;
+	}
+
 	return 0;
 }
 
-int updatehub_integrity_finish(struct updatehub_crypto_context *ctx,
+int updatehub_integrity_finish(updatehub_crypto_context_t *ctx,
 			       uint8_t *hash, const uint32_t size)
 {
 	int ret;
@@ -94,26 +82,26 @@ int updatehub_integrity_finish(struct updatehub_crypto_context *ctx,
 		return -EINVAL;
 	}
 
-#if defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_MBEDTLS)
+	if (size < SHA256_BIN_DIGEST_SIZE) {
-	if (size < mbedtls_md_get_size(ctx->md_info)) {
 		LOG_DBG("HASH input buffer is to small to store the message digest");
 		return -EINVAL;
 	}
 
-	ret = mbedtls_md_finish(&ctx->md_ctx, hash);
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
-	if (ret == MBEDTLS_ERR_MD_BAD_INPUT_DATA) {
+	size_t hash_len;
-		LOG_DBG("Bad Message Digest selected");
-		return -EFAULT;
-	}
 
-	mbedtls_md_free(&ctx->md_ctx);
+	ret = psa_hash_finish(ctx, hash, size, &hash_len);
-#elif defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_TC)
+	if (ret != PSA_SUCCESS) {
-	ret = tc_sha256_final(hash, &ctx->sha256sum);
+		psa_hash_abort(ctx);
-	if (ret != TC_CRYPTO_SUCCESS) {
+	}
-		LOG_DBG("Invalid integrity context or invalid hash pointer");
+#else
+	ret = mbedtls_sha256_finish(ctx, hash);
+	mbedtls_sha256_free(ctx);
+#endif
+	if (ret != SUCCESS_VALUE) {
+		LOG_DBG("Failed to %s SHA-256 operation. (%d)", "finish", ret);
 		return -EFAULT;
 	}
-#endif
 
 	return 0;
 }

subsys/mgmt/updatehub/updatehub_integrity.h

@@ -7,13 +7,10 @@
 #ifndef __UPDATEHUB_INTEGRITY_H__
 #define __UPDATEHUB_INTEGRITY_H__
 
-#if defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_MBEDTLS)
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
-#include <mbedtls/md.h>
+#include <psa/crypto.h>
-#elif defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_TC)
-#include <tinycrypt/sha256.h>
-#include <tinycrypt/constants.h>
 #else
-#error "Integrity check method not defined"
+#include <mbedtls/sha256.h>
 #endif
 
 #ifdef __cplusplus
@@ -23,19 +20,16 @@ extern "C" {
 #define SHA256_BIN_DIGEST_SIZE	(32)
 #define SHA256_HEX_DIGEST_SIZE	((SHA256_BIN_DIGEST_SIZE * 2) + 1)
 
-struct updatehub_crypto_context {
+#if defined(CONFIG_PSA_CRYPTO_CLIENT)
-#if defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_MBEDTLS)
+typedef psa_hash_operation_t updatehub_crypto_context_t;
-	mbedtls_md_context_t md_ctx;
+#else
-	const mbedtls_md_info_t *md_info;
+typedef mbedtls_sha256_context updatehub_crypto_context_t;
-#elif defined(CONFIG_FLASH_AREA_CHECK_INTEGRITY_TC)
-	struct tc_sha256_state_struct sha256sum;
 #endif
-};
 
-int updatehub_integrity_init(struct updatehub_crypto_context *ctx);
+int updatehub_integrity_init(updatehub_crypto_context_t *ctx);
-int updatehub_integrity_update(struct updatehub_crypto_context *ctx,
+int updatehub_integrity_update(updatehub_crypto_context_t *ctx,
 			       const uint8_t *buffer, const uint32_t len);
-int updatehub_integrity_finish(struct updatehub_crypto_context *ctx,
+int updatehub_integrity_finish(updatehub_crypto_context_t *ctx,
 			       uint8_t *hash, const uint32_t size);
 
 #ifdef __cplusplus