- mbed-tls - lists.trustedfirmware.org

by Gilles Peskine

Hi Jeff, Don't modify or use the certificates in certs.c. The certificates in the certs module are only intended for testing and they will be moved from the library to the test code soon. They are never used automatically and should never be used outside of tests. The easiest way to set these root certificates is to pass the file to mbedtls_x509_crt_parse_file(). This gives you an object that represents the certificates and you can use those as the trusted CAs for certificate verification through the X.509 or TLS API. Your code might look like this (error checking and rest of the code omitted): mbedtls_x509_crt roots; // head of the list of trusted CAs mbedtls_x509_crt_init(&roots); mbedtls_x509_crt_parse_file(&roots, "roots.pem"); … // Verify that there is a chain of trust from a certificate to one of the trusted CAs mbedtls_x509_crt_verify(&crt_to_verify, &roots, NULL, NULL, &flags, NULL, NULL); … // Use the trusted CAs for a TLS connection mbedtls_ssl_conf_ca_chain(&ssl_config, roots, NULL); … // Once the certificates are no longer used anywhere mbedtls_x509_crt_free(&roots); Best regards, -- Gilles Peskine Mbed TLS developer On 23/06/2020 21:38, Thompson, Jeff via mbed-tls wrote: > > I’ve downloaded https://pki.goog/roots.pem and want to use the > certificates in it with mbedTLS. Is there some documentation that > tells me how to do this? > > > > The certs.c file only contains only a handful of certs, while the PEM > file has nearly 40. How do I know which one to use for what purpose? > The certs.c file has these certificate char[]’s: > > > > mbedtls_test_ca_crt_ec > > mbedtls_test_srv_crt_ec > > mbedtls_test_cli_crt_ec > > mbedtls_test_ca_crt_rsa > > mbedtls_test_ca_crt_rsa > > mbedtls_test_srv_crt_rsa > > mbedtls_test_cli_crt_rsa > > > > I’m reasonably sure I don’t need to replace mbedtls_test_cli_crt_ec > and mbedtls_test_cli_crt_rsa, since I am not using a client > certificate. But I’m not at all sure about whether I need to replace > the 3 **_ca_crt_** certs, the 2 **_srv_crt_** certs, or all 5. And, if > so, using which certs from the PEM file to replace which certs in > certs.c?. How do I figure out what to do here? I’ve never dealt with > cloud communication like this before, so please pardon my ignorance; > I’m eager to learn, but overwhelmed by so much that is new to me. > > > > Thanks, > > > > *Jeff Thompson* | Senior Electrical Engineer-Firmware > +1 704 752 6513 x1394 > www.invue.com > > > >

5 years

1
0
0 0

Working with a PEM file

by Thompson, Jeff

I've downloaded https://pki.goog/roots.pem and want to use the certificates in it with mbedTLS. Is there some documentation that tells me how to do this? The certs.c file only contains only a handful of certs, while the PEM file has nearly 40. How do I know which one to use for what purpose? The certs.c file has these certificate char[]'s: mbedtls_test_ca_crt_ec mbedtls_test_srv_crt_ec mbedtls_test_cli_crt_ec mbedtls_test_ca_crt_rsa mbedtls_test_ca_crt_rsa mbedtls_test_srv_crt_rsa mbedtls_test_cli_crt_rsa I'm reasonably sure I don't need to replace mbedtls_test_cli_crt_ec and mbedtls_test_cli_crt_rsa, since I am not using a client certificate. But I'm not at all sure about whether I need to replace the 3 *_ca_crt_* certs, the 2 *_srv_crt_* certs, or all 5. And, if so, using which certs from the PEM file to replace which certs in certs.c?. How do I figure out what to do here? I've never dealt with cloud communication like this before, so please pardon my ignorance; I'm eager to learn, but overwhelmed by so much that is new to me. Thanks, Jeff Thompson | Senior Electrical Engineer-Firmware +1 704 752 6513 x1394 www.invue.com [cid:image001.gif@01D64974.02162CD0]

5 years

1
0
0 0

Re: [mbed-tls] Using mbed without a client certificate

by Manuel Pegourie-Gonnard

Hi Jeff, if you don't want to provision a client certificate in your TLS client, all you have to do is to not call `mbedtls_ssl_conf_own_cert()` in your client code. Then the library will send an empty certificate list as required by the standard. Actually in the example code you have, if you look at the second and third argument in the call to `mbedtls_ssl_conf_own_cert()`, you should be able to remove all references to those arguments, and end up with a functional example without client certificates. Also, you might want to have a look at this example from our source, which is a simple client without client-side certificates: https://github.com/ARMmbed/mbedtls/blob/development/programs/ssl/ssl_client… Hope that helps, Manuel. ________________________________ From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of Thompson, Jeff via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> Sent: 22 June 2020 16:03 To: 'mbed-tls(a)lists.trustedfirmware.org' <mbed-tls(a)lists.trustedfirmware.org> Subject: [mbed-tls] Using mbed without a client certificate I'm usiing: #define MBEDTLS_VERSION_NUMBER 0x020D0100 #define MBEDTLS_VERSION_STRING "2.13.1" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.13.1" According to RFC5246: If no suitable certificate is available, the client MUST send a certificate message containing no certificates. That is, the certificate_list structure has a length of zero. How do I do this with mbedTLS? The example code I have has certificates in it and calls mbedtls_x509_crt_parse(), which wants a list of certificates and will reject a zero-length list. Jeff Thompson | Senior Electrical Engineer-Firmware +1 704 752 6513 x1394 www.invue.com [cid:image001.gif@01D64864.692FAD30]

5 years

2
1
0 0

Re: [mbed-tls] BLE and Mbed TLS

by Janos Follath

Hi, The packet size limitations can be accommodated by using the Maximum Fragment Length extension (https://tools.ietf.org/html/rfc6066#section-4, enabled by MBEDTLS_SSL_MAX_FRAGMENT_LENGTH in Mbed TLS). In Mbed TLS this is only implemented for application data and DTLS handshake messages so far, and therefore you will need to use DTLS. Also the negotiation is driven by the client and it needs to be enabled both on the server and on the client. (See the documentation of mbedtls_ssl_conf_max_frag_len() for more details.) I hope that helps, Janos From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of "Fatima, Fariya via mbed-tls" <mbed-tls(a)lists.trustedfirmware.org> Reply to: "Fatima, Fariya" <Fariya.Fatima(a)Carrier.com> Date: Tuesday, 23 June 2020 at 11:47 To: "mbed-tls(a)lists.trustedfirmware.org" <mbed-tls(a)lists.trustedfirmware.org> Subject: Re: [mbed-tls] BLE and Mbed TLS Hi, Can anyone help if mbedTLS TLS/DTLS code would work on top of BLE (specifically SPP). I am not sure if the packet size limitation on SPP would make TLS work.. any pointers anyone? Would be really helpful. Regards, Fariya From: Fatima, Fariya Sent: Monday, June 15, 2020 9:21 AM To: 'mbed-tls(a)lists.trustedfirmware.org' <mbed-tls(a)lists.trustedfirmware.org> Subject: BLE and Mbed TLS Hi, I wanted to use TLS over BLE application. When I googled, I figured out that MbedTLS can work on BLE. If someone can share a sample application where-in MbedTLS APIs are used as part of a BT/BLE application, it will be of great help. Regards, Fariya

5 years

2
2
0 0

Re: [mbed-tls] BLE and Mbed TLS

by Fatima, Fariya

Hi, Can anyone help if mbedTLS TLS/DTLS code would work on top of BLE (specifically SPP). I am not sure if the packet size limitation on SPP would make TLS work.. any pointers anyone? Would be really helpful. Regards, Fariya From: Fatima, Fariya Sent: Monday, June 15, 2020 9:21 AM To: 'mbed-tls(a)lists.trustedfirmware.org' <mbed-tls(a)lists.trustedfirmware.org> Subject: BLE and Mbed TLS Hi, I wanted to use TLS over BLE application. When I googled, I figured out that MbedTLS can work on BLE. If someone can share a sample application where-in MbedTLS APIs are used as part of a BT/BLE application, it will be of great help. Regards, Fariya

5 years

1
0
0 0

Re: [mbed-tls] ECDH set custom private key

by Manuel Pegourie-Gonnard

Hi Oleksandr, I understand you want to validate your implementation against the test vectors in the cited reference. It's obvious, but just in case my reply is read out of context some day, I want to emphasize: what I'm recommending below is for testing purposes only, importing a private key from a public reference must never be done in production. In your situation the simplest way to proceed is probably to directly import the private and public key from the test vector to your ECDH context. For example (assuming the data in the reference is big-endian, and omitting error checking for brevity): static unsigned char private_a[32] = { 0x3f, 0x49, /* ... from the reference */ }; static unsigned char public_a[65] = { 0x04, /* this special value marks the start of an uncompressed public key */ 0x20, 0xb0, /* ... (public A(x) from the reference) */ 0xdc, 0x80, /* ... (public B(x) from the reference) */ }; static mbedtls_ecdh_context ctx_a; mbedtls_ecdh_init(&ctx_a); /* load the private/public key pair * this replaces mbedtls_ecdh_gen_public() */ mbedtls_mpi_read_binary( &ctx_a->d, private_a, sizeof( private_a ) ); /* should check errors! */ mbedtls_ecp_point_read_binary( &ctx_a->Q, public_a, sizeof( public_a ) ); /* should check errors! */ Doing the same with ctx_b and then exchanging public keys and computing the shared secret as usual, you should obtain values that match the reference. Again, this is only for validating against known test vectors. Importing a private key from a public reference must never be done in production. Hope that helps, Manuel. ________________________________ From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of Oleksandr Nychyporuk via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> Sent: 22 June 2020 15:33 To: mbed-tls(a)lists.trustedfirmware.org <mbed-tls(a)lists.trustedfirmware.org> Subject: [mbed-tls] ECDH set custom private key Hi, I wanna configure the ECDH algorithm to repeat the following keys: [image.png] I was able to configure the algorithm, generate private and public keys on both: client and server sides. And it works as expected. The secret keys are equal on both sides. But I did not manage to calculate the secret key that is on the picture. I do not know how to set these private keys. Could someone help me to do that? Thanks,

5 years

1
0
0 0

Using mbed without a client certificate

by Thompson, Jeff

I'm usiing: #define MBEDTLS_VERSION_NUMBER 0x020D0100 #define MBEDTLS_VERSION_STRING "2.13.1" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.13.1" According to RFC5246: If no suitable certificate is available, the client MUST send a certificate message containing no certificates. That is, the certificate_list structure has a length of zero. How do I do this with mbedTLS? The example code I have has certificates in it and calls mbedtls_x509_crt_parse(), which wants a list of certificates and will reject a zero-length list. Jeff Thompson | Senior Electrical Engineer-Firmware +1 704 752 6513 x1394 www.invue.com [cid:image001.gif@01D64864.692FAD30]

5 years

1
0
0 0

Re: [mbed-tls] mbed-tls Digest, Vol 4, Issue 15

by Oleksandr Nychyporuk

Attaching the keys from the picture: *7.1.2.1 P-256 Data Set 1* *Private A*: 3f49f6d4 a3c55f38 74c9b3e3 d2103f50 4aff607b eb40b799 5899b8a6 cd3c1abd *Private B*: 55188b3d 32f6bb9a 900afcfb eed4e72a 59cb9ac2 f19d7cfb 6b4fdd49 f47fc5fd *Public A(x):* 20b003d2 f297be2c 5e2c83a7 e9f9a5b9 eff49111 acf4fddb cc030148 0e359de6 *Public A(y)*: dc809c49 652aeb6d 63329abf 5a52155c 766345c2 8fed3024 741c8ed0 1589d28b *Public B(x)*: 1ea1f0f0 1faf1d96 09592284 f19e4c00 47b58afd 8615a69f 559077b2 2faaa190 *Public B(y)*: 4c55f33e 429dad37 7356703a 9ab85160 472d1130 e28e3676 5f89aff9 15b1214a *DHKey*: ec0234a3 57c8ad05 341010a6 0a397d9b 99796b13 b4f866f1 868d34f3 73bfa698 пн, 22 черв. 2020 о 16:33 <mbed-tls-request(a)lists.trustedfirmware.org> пише: > Send mbed-tls mailing list submissions to > mbed-tls(a)lists.trustedfirmware.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.trustedfirmware.org/mailman/listinfo/mbed-tls > or, via email, send a message with subject or body 'help' to > mbed-tls-request(a)lists.trustedfirmware.org > > You can reach the person managing the list at > mbed-tls-owner(a)lists.trustedfirmware.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of mbed-tls digest..." > > > Today's Topics: > > 1. ECDH set custom private key (Oleksandr Nychyporuk) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 22 Jun 2020 16:33:15 +0300 > From: Oleksandr Nychyporuk <olexandr.nychyporuk(a)gmail.com> > To: mbed-tls(a)lists.trustedfirmware.org > Subject: [mbed-tls] ECDH set custom private key > Message-ID: > <CAAjyQQ4kQ8J-iVSV_yputKD83G9Aj65fYEWJ= > ObPTeptXogghw(a)mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hi, > > I wanna configure the ECDH algorithm to repeat the following keys: > [image: image.png] > > I was able to configure the algorithm, generate private and public keys on > both: client and server sides. And it works as expected. The secret keys > are equal on both sides. > But I did not manage to calculate the secret key that is on the picture. I > do not know how to set these private keys. Could someone help me to do > that? > > Thanks, >

5 years

1
0
0 0

ECDH set custom private key

by Oleksandr Nychyporuk

Hi, I wanna configure the ECDH algorithm to repeat the following keys: [image: image.png] I was able to configure the algorithm, generate private and public keys on both: client and server sides. And it works as expected. The secret keys are equal on both sides. But I did not manage to calculate the secret key that is on the picture. I do not know how to set these private keys. Could someone help me to do that? Thanks,

5 years

1
0
0 0

Re: [mbed-tls] How to enable mbedtls complete debug logs?

by Srinivasa Rao Ragolu

Hi Hannes, See the output of ssl_client2 output with command line arguments Could you please help me in resolving the issue. Same source code on Ubuntu is working fine but not working on my embedded device(STM32MP157x-EV1) Your support is appreciated. =450a-certificate.pem.crt key_file=/certs/774a17950a-private.pem.key debug_leve . Seeding the random number generator... ok . Loading the CA root certificate ... ok (0 skipped) . Loading the client cert. and key... ok . Connecting to tcp/a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com/443... ok . Setting up the SSL/TLS structure...ssl_tls.c:0081: |3| set_timer to 0 ms ok . Performing the SSL/TLS handshake...ssl_tls.c:8084: |2| => handshake ssl_cli.c:3510: |2| client state: 0 ssl_tls.c:2755: |2| => flush output ssl_tls.c:2767: |2| <= flush output ssl_cli.c:3510: |2| client state: 1 ssl_tls.c:2755: |2| => flush output ssl_tls.c:2767: |2| <= flush output ssl_cli.c:0774: |2| => write client hello ssl_cli.c:0812: |3| client hello, max version: [3:3] ssl_cli.c:0703: |3| client hello, current time: 1592572806 ssl_cli.c:0821: |3| dumping 'client hello, random bytes' (32 bytes) ssl_cli.c:0821: |3| 0000: 5e ec bb 86 f1 65 15 c9 27 e1 12 b3 af 40 7d ab ^....e..'....@}. ssl_cli.c:0821: |3| 0010: 16 2e 28 f5 f6 e1 82 9b 2d 5c e7 93 e1 e6 e8 17 ..(.....-\...... ssl_cli.c:0874: |3| client hello, session id len.: 0 ssl_cli.c:0875: |3| dumping 'client hello, session id' (0 bytes) ssl_cli.c:0922: |3| client hello, add ciphersuite: cca8 ssl_cli.c:0922: |3| client hello, add ciphersuite: cca9 ssl_cli.c:0922: |3| client hello, add ciphersuite: ccaa ssl_cli.c:0922: |3| client hello, add ciphersuite: c02c ssl_cli.c:0922: |3| client hello, add ciphersuite: c030 ssl_cli.c:0922: |3| client hello, add ciphersuite: 009f ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ad ssl_cli.c:0922: |3| client hello, add ciphersuite: c09f ssl_cli.c:0922: |3| client hello, add ciphersuite: c024 ssl_cli.c:0922: |3| client hello, add ciphersuite: c028 ssl_cli.c:0922: |3| client hello, add ciphersuite: 006b ssl_cli.c:0922: |3| client hello, add ciphersuite: c00a ssl_cli.c:0922: |3| client hello, add ciphersuite: c014 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0039 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0af ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a3 ssl_cli.c:0922: |3| client hello, add ciphersuite: c087 ssl_cli.c:0922: |3| client hello, add ciphersuite: c08b ssl_cli.c:0922: |3| client hello, add ciphersuite: c07d ssl_cli.c:0922: |3| client hello, add ciphersuite: c073 ssl_cli.c:0922: |3| client hello, add ciphersuite: c077 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00c4 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0088 ssl_cli.c:0922: |3| client hello, add ciphersuite: c02b ssl_cli.c:0922: |3| client hello, add ciphersuite: c02f ssl_cli.c:0922: |3| client hello, add ciphersuite: 009e ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ac ssl_cli.c:0922: |3| client hello, add ciphersuite: c09e ssl_cli.c:0922: |3| client hello, add ciphersuite: c023 ssl_cli.c:0922: |3| client hello, add ciphersuite: c027 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0067 ssl_cli.c:0922: |3| client hello, add ciphersuite: c009 ssl_cli.c:0922: |3| client hello, add ciphersuite: c013 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0033 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ae ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a2 ssl_cli.c:0922: |3| client hello, add ciphersuite: c086 ssl_cli.c:0922: |3| client hello, add ciphersuite: c08a ssl_cli.c:0922: |3| client hello, add ciphersuite: c07c ssl_cli.c:0922: |3| client hello, add ciphersuite: c072 ssl_cli.c:0922: |3| client hello, add ciphersuite: c076 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00be ssl_cli.c:0922: |3| client hello, add ciphersuite: 0045 ssl_cli.c:0922: |3| client hello, add ciphersuite: ccac ssl_cli.c:0922: |3| client hello, add ciphersuite: ccad ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ab ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a7 ssl_cli.c:0922: |3| client hello, add ciphersuite: c038 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b3 ssl_cli.c:0922: |3| client hello, add ciphersuite: c036 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0091 ssl_cli.c:0922: |3| client hello, add ciphersuite: c091 ssl_cli.c:0922: |3| client hello, add ciphersuite: c09b ssl_cli.c:0922: |3| client hello, add ciphersuite: c097 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0ab ssl_cli.c:0922: |3| client hello, add ciphersuite: 00aa ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a6 ssl_cli.c:0922: |3| client hello, add ciphersuite: c037 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b2 ssl_cli.c:0922: |3| client hello, add ciphersuite: c035 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0090 ssl_cli.c:0922: |3| client hello, add ciphersuite: c090 ssl_cli.c:0922: |3| client hello, add ciphersuite: c096 ssl_cli.c:0922: |3| client hello, add ciphersuite: c09a ssl_cli.c:0922: |3| client hello, add ciphersuite: c0aa ssl_cli.c:0922: |3| client hello, add ciphersuite: 009d ssl_cli.c:0922: |3| client hello, add ciphersuite: c09d ssl_cli.c:0922: |3| client hello, add ciphersuite: 003d ssl_cli.c:0922: |3| client hello, add ciphersuite: 0035 ssl_cli.c:0922: |3| client hello, add ciphersuite: c032 ssl_cli.c:0922: |3| client hello, add ciphersuite: c02a ssl_cli.c:0922: |3| client hello, add ciphersuite: c00f ssl_cli.c:0922: |3| client hello, add ciphersuite: c02e ssl_cli.c:0922: |3| client hello, add ciphersuite: c026 ssl_cli.c:0922: |3| client hello, add ciphersuite: c005 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a1 ssl_cli.c:0922: |3| client hello, add ciphersuite: c07b ssl_cli.c:0922: |3| client hello, add ciphersuite: 00c0 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0084 ssl_cli.c:0922: |3| client hello, add ciphersuite: c08d ssl_cli.c:0922: |3| client hello, add ciphersuite: c079 ssl_cli.c:0922: |3| client hello, add ciphersuite: c089 ssl_cli.c:0922: |3| client hello, add ciphersuite: c075 ssl_cli.c:0922: |3| client hello, add ciphersuite: 009c ssl_cli.c:0922: |3| client hello, add ciphersuite: c09c ssl_cli.c:0922: |3| client hello, add ciphersuite: 003c ssl_cli.c:0922: |3| client hello, add ciphersuite: 002f ssl_cli.c:0922: |3| client hello, add ciphersuite: c031 ssl_cli.c:0922: |3| client hello, add ciphersuite: c029 ssl_cli.c:0922: |3| client hello, add ciphersuite: c00e ssl_cli.c:0922: |3| client hello, add ciphersuite: c02d ssl_cli.c:0922: |3| client hello, add ciphersuite: c025 ssl_cli.c:0922: |3| client hello, add ciphersuite: c004 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a0 ssl_cli.c:0922: |3| client hello, add ciphersuite: c07a ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ba ssl_cli.c:0922: |3| client hello, add ciphersuite: 0041 ssl_cli.c:0922: |3| client hello, add ciphersuite: c08c ssl_cli.c:0922: |3| client hello, add ciphersuite: c078 ssl_cli.c:0922: |3| client hello, add ciphersuite: c088 ssl_cli.c:0922: |3| client hello, add ciphersuite: c074 ssl_cli.c:0922: |3| client hello, add ciphersuite: ccae ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ad ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b7 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0095 ssl_cli.c:0922: |3| client hello, add ciphersuite: c093 ssl_cli.c:0922: |3| client hello, add ciphersuite: c099 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ac ssl_cli.c:0922: |3| client hello, add ciphersuite: 00b6 ssl_cli.c:0922: |3| client hello, add ciphersuite: 0094 ssl_cli.c:0922: |3| client hello, add ciphersuite: c092 ssl_cli.c:0922: |3| client hello, add ciphersuite: c098 ssl_cli.c:0922: |3| client hello, add ciphersuite: ccab ssl_cli.c:0922: |3| client hello, add ciphersuite: 00a9 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a5 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00af ssl_cli.c:0922: |3| client hello, add ciphersuite: 008d ssl_cli.c:0922: |3| client hello, add ciphersuite: c08f ssl_cli.c:0922: |3| client hello, add ciphersuite: c095 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a9 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00a8 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a4 ssl_cli.c:0922: |3| client hello, add ciphersuite: 00ae ssl_cli.c:0922: |3| client hello, add ciphersuite: 008c ssl_cli.c:0922: |3| client hello, add ciphersuite: c08e ssl_cli.c:0922: |3| client hello, add ciphersuite: c094 ssl_cli.c:0922: |3| client hello, add ciphersuite: c0a8 ssl_cli.c:0934: |3| client hello, got 127 ciphersuites (excluding SCSVs) ssl_cli.c:0943: |3| adding EMPTY_RENEGOTIATION_INFO_SCSV ssl_cli.c:0992: |3| client hello, compress len.: 1 ssl_cli.c:0994: |3| client hello, compress alg.: 0 ssl_cli.c:0069: |3| client hello, adding server name extension: a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com ssl_cli.c:0186: |3| client hello, adding signature_algorithms extension ssl_cli.c:0271: |3| client hello, adding supported_elliptic_curves extension ssl_cli.c:0336: |3| client hello, adding supported_point_formats extension ssl_cli.c:0518: |3| client hello, adding encrypt_then_mac extension ssl_cli.c:0552: |3| client hello, adding extended_master_secret extension ssl_cli.c:0585: |3| client hello, adding session ticket extension ssl_cli.c:1071: |3| client hello, total extension length: 128 ssl_tls.c:3184: |2| => write handshake message ssl_tls.c:3343: |2| => write record ssl_tls.c:3423: |3| output record: msgtype = 22, version = [3:1], msglen = 429 ssl_tls.c:3426: |4| dumping 'output record sent to network' (434 bytes) ssl_tls.c:3426: |4| 0000: 16 03 01 01 ad 01 00 01 a9 03 03 5e ec bb 86 f1 ...........^.... ssl_tls.c:3426: |4| 0010: 65 15 c9 27 e1 12 b3 af 40 7d ab 16 2e 28 f5 f6 e..'....@}...(.. ssl_tls.c:3426: |4| 0020: e1 82 9b 2d 5c e7 93 e1 e6 e8 17 00 01 00 cc a8 ...-\........... ssl_tls.c:3426: |4| 0030: cc a9 cc aa c0 2c c0 30 00 9f c0 ad c0 9f c0 24 .....,.0.......$ ssl_tls.c:3426: |4| 0040: c0 28 00 6b c0 0a c0 14 00 39 c0 af c0 a3 c0 87 .(.k.....9...... ssl_tls.c:3426: |4| 0050: c0 8b c0 7d c0 73 c0 77 00 c4 00 88 c0 2b c0 2f ...}.s.w.....+./ ssl_tls.c:3426: |4| 0060: 00 9e c0 ac c0 9e c0 23 c0 27 00 67 c0 09 c0 13 .......#.'.g.... ssl_tls.c:3426: |4| 0070: 00 33 c0 ae c0 a2 c0 86 c0 8a c0 7c c0 72 c0 76 .3.........|.r.v ssl_tls.c:3426: |4| 0080: 00 be 00 45 cc ac cc ad 00 ab c0 a7 c0 38 00 b3 ...E.........8.. ssl_tls.c:3426: |4| 0090: c0 36 00 91 c0 91 c0 9b c0 97 c0 ab 00 aa c0 a6 .6.............. ssl_tls.c:3426: |4| 00a0: c0 37 00 b2 c0 35 00 90 c0 90 c0 96 c0 9a c0 aa .7...5.......... ssl_tls.c:3426: |4| 00b0: 00 9d c0 9d 00 3d 00 35 c0 32 c0 2a c0 0f c0 2e .....=.5.2.*.... ssl_tls.c:3426: |4| 00c0: c0 26 c0 05 c0 a1 c0 7b 00 c0 00 84 c0 8d c0 79 .&.....{.......y ssl_tls.c:3426: |4| 00d0: c0 89 c0 75 00 9c c0 9c 00 3c 00 2f c0 31 c0 29 ...u.....<./.1.) ssl_tls.c:3426: |4| 00e0: c0 0e c0 2d c0 25 c0 04 c0 a0 c0 7a 00 ba 00 41 ...-.%.....z...A ssl_tls.c:3426: |4| 00f0: c0 8c c0 78 c0 88 c0 74 cc ae 00 ad 00 b7 00 95 ...x...t........ ssl_tls.c:3426: |4| 0100: c0 93 c0 99 00 ac 00 b6 00 94 c0 92 c0 98 cc ab ................ ssl_tls.c:3426: |4| 0110: 00 a9 c0 a5 00 af 00 8d c0 8f c0 95 c0 a9 00 a8 ................ ssl_tls.c:3426: |4| 0120: c0 a4 00 ae 00 8c c0 8e c0 94 c0 a8 00 ff 01 00 ................ ssl_tls.c:3426: |4| 0130: 00 80 00 00 00 34 00 32 00 00 2f 61 32 67 37 74 .....4.2../a2g7t ssl_tls.c:3426: |4| 0140: 77 6d 71 6f 37 68 67 38 32 2d 61 74 73 2e 69 6f wmqo7hg82-ats.io ssl_tls.c:3426: |4| 0150: 74 2e 61 70 2d 73 6f 75 74 68 2d 31 2e 61 6d 61 t.ap-south-1.ama ssl_tls.c:3426: |4| 0160: 7a 6f 6e 61 77 73 2e 63 6f 6d 00 0d 00 16 00 14 zonaws.com...... ssl_tls.c:3426: |4| 0170: 06 03 06 01 05 03 05 01 04 03 04 01 03 03 03 01 ................ ssl_tls.c:3426: |4| 0180: 02 03 02 01 00 0a 00 18 00 16 00 19 00 1c 00 18 ................ ssl_tls.c:3426: |4| 0190: 00 1b 00 17 00 16 00 1a 00 15 00 14 00 13 00 12 ................ ssl_tls.c:3426: |4| 01a0: 00 0b 00 02 01 00 00 16 00 00 00 17 00 00 00 23 ...............# ssl_tls.c:3426: |4| 01b0: 00 00 .. ssl_tls.c:2755: |2| => flush output ssl_tls.c:2774: |2| message length: 434, out_left: 434 ssl_tls.c:2779: |2| ssl->f_send() returned 434 (-0xfffffe4e) ssl_tls.c:2807: |2| <= flush output ssl_tls.c:3476: |2| <= write record ssl_tls.c:3320: |2| <= write handshake message ssl_cli.c:1106: |2| <= write client hello ssl_cli.c:3510: |2| client state: 2 ssl_tls.c:2755: |2| => flush output ssl_tls.c:2767: |2| <= flush output ssl_cli.c:1499: |2| => parse server hello ssl_tls.c:4311: |2| => read record ssl_tls.c:2536: |2| => fetch input ssl_tls.c:2697: |2| in_left: 0, nb_want: 5 ssl_tls.c:2721: |2| in_left: 0, nb_want: 5 ssl_tls.c:2722: |2| ssl->f_recv(_timeout)() returned -80 (-0x0050) ssl_tls.c:4973: |1| mbedtls_ssl_fetch_input() returned -80 (-0x0050) ssl_tls.c:4344: |1| ssl_get_next_record() returned -80 (-0x0050) ssl_cli.c:1506: |1| mbedtls_ssl_read_record() returned -80 (-0x0050) ssl_tls.c:8094: |2| <= handshake failed ! mbedtls_ssl_handshake returned -0x50 Last error was: -0x50 - NET - Connection was reset by peer ssl_tls.c:8934: |2| => free ssl_tls.c:8999: |2| <= free Regards, Srinivas. [cid:e050759f-7151-4fb6-8259-848135ad05b0] ________________________________ From: Hannes Tschofenig <Hannes.Tschofenig(a)arm.com> Sent: 19 June 2020 18:35 To: Srinivasa Rao Ragolu <srinivasa(a)alifsemi.com> Subject: RE: How to enable mbedtls complete debug logs? Hi Srinivas, Here is a good summary: https://tls.mbed.org/kb/development/debugging-tls If you just run the examples (such as ssl_client2 and ssl_server2) on the command line then you just need to use a command line parameter to set the debug level. Ciao Hannes From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> On Behalf Of Srinivasa Rao Ragolu via mbed-tls Sent: Friday, June 19, 2020 2:44 PM To: mbed-tls(a)lists.trustedfirmware.org Subject: [mbed-tls] How to enable mbedtls complete debug logs? Hi All, Please help me with the procedure, how to enable complete debug logs in mbedtls. Regards, Srinivas. [cid:image001.jpg@01D6464B.1CC8C6E0] IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.

5 years

1
0
0 0

How to enable mbedtls complete debug logs?

by Srinivasa Rao Ragolu

Hi All, Please help me with the procedure, how to enable complete debug logs in mbedtls. Regards, Srinivas. [cid:42424919-ffb4-4795-981d-a54ca257f268]

5 years

1
0
0 0

Mutual Authentication in TLS handshake - No client certificate passed

by Abhilash Iyer

Hello, I am trying to incorporate Mutual Authentication TLS in my hardware. For testing the mutual authentication in TLS, I setup a demo service which would request a client certificate in the TLS handshake. I used MS Edge, Google Chrome to test whether the service requests a client certificate during the TLS 1.2 handshake. When I ping the website, I do receive a request for a client certificate as shown in the image below. On selecting a certificate, I am able to access the website. Link to the demo service: https://serviceforsomsecurity.azurewebsites.net/ [A screenshot of a cell phone Description automatically generated] The above validates that the service requires the client to provide the client certificate during the TLS handshake. Now, when I test this with the sample mbedTLS ssl_client2.c program: https://github.com/ARMmbed/mbedtls/blob/development/programs/ssl/ssl_client…, the client does not send a certificate at all. The following are the steps that I carry out to test the TLS connection with my service with the sample mbedTLS ssl_client2.exe : 1. Open the mbedTLS.sln and build the ssl_client2 project. This creates a ssl_client2.exe under the Debug folder. 2. ssl_client2.exe server_name=serviceforsomsecurity.azurewebsites.net server_port=443 debug_level=3 auth_mode=required reconnect=1 crt_file=cert.pem key_file=key.pem ca_file=Digicert.cer force_version=tls1_2 The above command to test whether the client sends the client certificate during handshake. Here's the log: [A screenshot of a computer Description automatically generated] As you can see, in 3025 client receives: got no certificate request and then followed by server hello done at 3157. And then at 2080 & 2094, client skips writing certificate; during this handshake. 3. Then I tried including renegotiation flag: ssl_client2.exe server_name=serviceforsomsecurity.azurewebsites.net server_port=443 debug_level=3 auth_mode=required reconnect=1 crt_file=cert.pem key_file=key.pem ca_file=Digicert.cer force_version=tls1_2 renegotiate=1 Even in this case, the client does not get the certificate and abruptly ends during renegotiation due to timeout. I have included both the log files below for complete handshake review. [ssl_client_without_renegotiation.txt and ssl_client_with_renegotiation.txt] Can you please let me know how to debug this client certificate problem? It will be really a great help! Million thanks in advance. Regards, Abhilash

5 years

1
0
0 0

About raising an issue on mbedTLS forum

by Aditya Patwardhan

Hello Sir/Madam, I work in Espressif Systems. I am currently working on providing an alternate hardware RSA sign implementation for mbedtls software sign for Espressif's new chip ESP32S2. I have gone through mbedTLS API in detail but I dont see any option where I can only replace mbedTLS software sign function with our hardware sign function . I have gone through the issue https://tls.mbed.org/discussions/generic/using-an-external-rsa-private-key I have seen that there is a function named `mbedtls_pk_setup_rsa_alt` where we only register private key related function to the ALT_CTX which mbedtls uses to perform RSA sign. but this is not supported for TLS connections. I have seen that there is MBEDTLS_RSA_ALT option in mbedTLS where we can provide alternate function to many of mbedTLS API, but we do not want to change any of the other functions, just provide alternate implementation of hardware sign. If we go with this way, there will be lot of duplicate code which will be needed to be maintained. can mbedTLS provide option to use mbedtls_rsa_alt context in its file `pkparse.c` so as to allow rsa sign using an extrnal private key. Thanks and Regards, Aditya P.S. - I raised the same issue yesterday, my issue was rejected stating I have not subscribed to the mailing-list. But I had already done that. I tried to subscribe again and it also said you are already subscribed.

5 years

1
0
0 0

Re: [mbed-tls] Link error when calling "altcp_tls_create_config_client"

by Janos Follath

These defines are needed when the platform doesn’t have standard functions like `calloc()` and `free()`. (You can find more details on the macros in `config.h`.) Regards, Janos From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of songwei fu via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> Reply to: "songwei.fu(a)web.de" <songwei.fu(a)web.de> Date: Wednesday, 17 June 2020 at 13:41 To: "Kaul, Martin" <Martin.Kaul(a)leuze.com> Cc: "mbed-tls(a)lists.trustedfirmware.org" <mbed-tls(a)lists.trustedfirmware.org> Subject: Re: [mbed-tls] Link error when calling "altcp_tls_create_config_client" Thanks Martin. It solved my problem! By adding $(CHIBIOS)/os/various/syscalls.c in the makefile and removing following defines, the linker error is gone. #define MBEDTLS_PLATFORM_C #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_CALLOC_MACRO chHeapAlloc #define MBEDTLS_PLATFORM_FREE_MACRO chHeapFree Now I wonder when these defines are needed? I thought I need to port them to the OS-specific memory allocation. like in freeRTOS, it would be "pvPortCalloc", and for chibios it would be chHeapAlloc. Anybody can give me some hint? -- Songwei Gesendet: Mittwoch, 17. Juni 2020 um 12:12 Uhr Von: "Kaul, Martin" <Martin.Kaul(a)leuze.com> An: "songwei.fu(a)web.de" <songwei.fu(a)web.de> Betreff: AW: [mbed-tls] Link error when calling "altcp_tls_create_config_client" Hi, _sbrk is need when you using heap memory, for example using malloc() – see following discussion in stackoverflow: https://stackoverflow.com/questions/32446814/undefined-reference-to-sbrk-in… Maybe that helps. Best regards Martin Von: mbed-tls [mailto:mbed-tls-bounces@lists.trustedfirmware.org] Im Auftrag von songwei fu via mbed-tls Gesendet: Mittwoch, 17. Juni 2020 11:49 An: mbed-tls(a)lists.trustedfirmware.org Betreff: [mbed-tls] Link error when calling "altcp_tls_create_config_client" Hi guys, I am new to the list and also to mbedTLS. Now I am trying to port mbedTLS to chibiOS. And when I called altcp_tls_create_config_client(cert, sizeof(cert)), I got a link error like following: c:/chibistudio/tools/gnu tools arm embedded/7.0 2017q4/bin/../lib/gcc/arm-none-eabi/7.2.1/../../../../arm-none-eabi/lib/thumb/v7e-m\libg.a(lib_a-sbrkr.o): In function `_sbrk_r': sbrkr.c:(.text._sbrk_r+0xc): undefined reference to `_sbrk' And these are my settings: #define MBEDTLS_PLATFORM_C #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_CALLOC_MACRO chHeapAlloc #define MBEDTLS_PLATFORM_FREE_MACRO chHeapFree where chHeapAlloc and chHeapFree are the memory allocation functions from chibios. (1) Did I miss some settings? or i did something wrong? (2) I did not find much information about the porting from chibios side. Does anybody know where I can look for reference projects/docs? Any suggestion will be appreciated. Thanks. Songwei

5 years

2
1
0 0

Re: [mbed-tls] Link error when calling "altcp_tls_create_config_client"

by songwei.fu＠web.de

5 years

1
0
0 0

Re: [mbed-tls] Link error when calling "altcp_tls_create_config_client"

by Janos Follath

Hi Songwei, Welcome to the list and thank you for your interest in Mbed TLS! I found a similar issue on stack overflow: https://stackoverflow.com/questions/28895703/sbrk-function-not-found-when-p… Is this the same issue as yours? Regards, Janos From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of songwei fu via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> Reply to: "songwei.fu(a)web.de" <songwei.fu(a)web.de> Date: Wednesday, 17 June 2020 at 10:49 To: "mbed-tls(a)lists.trustedfirmware.org" <mbed-tls(a)lists.trustedfirmware.org> Subject: [mbed-tls] Link error when calling "altcp_tls_create_config_client" Hi guys, I am new to the list and also to mbedTLS. Now I am trying to port mbedTLS to chibiOS. And when I called altcp_tls_create_config_client(cert, sizeof(cert)), I got a link error like following: c:/chibistudio/tools/gnu tools arm embedded/7.0 2017q4/bin/../lib/gcc/arm-none-eabi/7.2.1/../../../../arm-none-eabi/lib/thumb/v7e-m\libg.a(lib_a-sbrkr.o): In function `_sbrk_r': sbrkr.c:(.text._sbrk_r+0xc): undefined reference to `_sbrk' And these are my settings: #define MBEDTLS_PLATFORM_C #define MBEDTLS_PLATFORM_MEMORY #define MBEDTLS_PLATFORM_CALLOC_MACRO chHeapAlloc #define MBEDTLS_PLATFORM_FREE_MACRO chHeapFree where chHeapAlloc and chHeapFree are the memory allocation functions from chibios. (1) Did I miss some settings? or i did something wrong? (2) I did not find much information about the porting from chibios side. Does anybody know where I can look for reference projects/docs? Any suggestion will be appreciated. Thanks. Songwei

5 years

1
0
0 0

Link error when calling "altcp_tls_create_config_client"

by songwei.fu＠web.de

5 years

1
0
0 0

mbedtls_ssh_handshake error -0X50 when connecting to AWS

by Srinivasa Rao Ragolu

Hi All, I am working on Renesas RZA2M embedded board with Linux. It has limited memory of 6MB flash(R-Only) I am using mbedtls version 2.16.5 for aws iot sdk for embedded c according to https://docs.aws.amazon.com/iot/latest/developerguide/iot-embedded-c-sdk.ht… When I run sample application, it is taking 15 secs for "Seeding random generator number..." and throwing below error $ ./subscribe_publish_sample AWS IoT SDK Version 3.0.1- DEBUG: main L#159 rootCA /root/../certs/AmazonRootCA1.pem DEBUG: main L#160 clientCRT /root/../certs/774a17950a-certificate.pem.crt DEBUG: main L#161 clientKey /root/../certs/774a17950a-private.pem.key Connecting... DEBUG: iot_tls_connect L#130 . Seeding the random number generator... DEBUG: iot_tls_connect L#138 . Loading the CA root certificate ... DEBUG: iot_tls_connect L#144 ok (0 skipped) DEBUG: iot_tls_connect L#146 . Loading the client cert. and key... DEBUG: iot_tls_connect L#159 ok DEBUG: iot_tls_connect L#161 . Connecting to a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com/443... DEBUG: iot_tls_connect L#180 ok DEBUG: iot_tls_connect L#182 . Setting up the SSL/TLS structure... DEBUG: iot_tls_connect L#223 SSL state connect : 0 DEBUG: iot_tls_connect L#226 ok DEBUG: iot_tls_connect L#228 SSL state connect : 0 DEBUG: iot_tls_connect L#229 . Performing the SSL/TLS handshake... ERROR: iot_tls_connect L#232 failed ! mbedtls_ssl_handshake returned -0x50 ERROR: main L#190 Error(-4) connecting to a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com:443 For detailed debug log using ssl_client2, go through https://pastebin.com/mNXhB0xj<https://github.com/ARMmbed/mbedtls/issues/url> https://pastebin.com/mNXhB0xj my client device specifications $ cat /proc/cpuinfo processor : 0 model name : ARMv7 Processor rev 1 (v7l) BogoMIPS : 1056.00 Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpd32 CPU implementer : 0x41 CPU architecture: 7 CPU variant : 0x4 CPU part : 0xc09 CPU revision : 1 Hardware : Generic R7S9210 (Flattened Device Tree) Revision : 0000 Serial : 0000000000000000 $ free total used free shared buffers cached Mem: 7544 4484 3060 40 0 304 -/+ buffers/cache: 4180 3364 Swap: 0 0 0 I am not getting any help to resolve this issue and spending days and days. I am suspecting the issue might be timing related (or) cpu clock related (or) memory footprint related (or) something else I need this forum help badly to resolve the issue. Please ping me if you need any other data. Thanks in advance, Srinivas. Regards, Srinivas. [cid:1eddf249-06f8-4cbd-a3e2-9c22437fd27f]

5 years

1
0
0 0

BLE and Mbed TLS

by Fatima, Fariya

Hi, I wanted to use TLS over BLE application. When I googled, I figured out that MbedTLS can work on BLE. If someone can share a sample application where-in MbedTLS APIs are used as part of a BT/BLE application, it will be of great help. Regards, Fariya

5 years

1
0
0 0

ASIO and mbed TLS

by Frank Bergmann

Hi, we have an application which uses ASIO. And now we want to add mbed TLS to provide a TLS layer. ASIO can be used with OpenSSL and wolfSSL. But how to do this with mbed TLS? Any hints on that? See also this question at SO: https://stackoverflow.com/questions/61875404/asio-c-with-mbed-tls-library best regards, Frank

5 years

1
0
0 0

DTLS handshake never ends successfully

by Xavier Del Campo Romero

I want to connect an ESP32 to a DTLS server using mbedtls' dtls_server demo. The code I used for the client is very similar to the dtls_client example, but is unable to finish the handshake process for some reason. According to Wireshark, the client is not responding to the "Server hello done" frame, causing a timeout that makes the server to send the certificate again and again until it gives up the connection. The dtls_client demo works correctly on the computer, but not on the ESP32. Has anyone tested DTLS on the ESP32? I have attached the following files for further reference: - dtls_esp32.pcapng: Wireshark file with the DTLS packets between client and server. - mbedtls.tar.bz2: compressed (> 7k lines) plain text log as reported by the board. On line 7131, where the last message from the server is received, it looks like the client never receives the whole message, so it never reaches the "Server hello done" state. Could anyone please confirm this? - dtls.c: client source code. Slightly modified from the dtls_client example. Thank you very much for your help. Xavi

5 years

1
0
0 0

Re: [mbed-tls] Feedback sought on a new PSA Crypto driver interface

by Quach, Brian

Hi, I was reviewing the proposal and had a few questions on usage of the new params. 1) When using plaintext keys, is the "attributes" param unused and should/could it be set to NULL? 2) If using key store (i.e. opaque), is the key ID the only attribute field which needs to be set? My assumption is attributes would be populated from the key store using the key ID? 3) If using key store, are the "key_buffer" and "key_buffer_size" params typically unused (i.e. can be set to null and zero respectively)? I do the proposal says the buffer content is up to the driver. Are there any usage cases in mind? 4) For drivers that support both opaque and transparent operation, which param would be used to determine the mode? (I had assumed key ID = 0 would be transparent, and non-zero is opaque) I'm unclear how persistent_state for opaque driver's is used. Could you elaborate on how it's used by the driver and core and why it isn't needed for transparent drivers? Key management with opaque drivers Transparent drivers may provide the following key management functions: Should this be "Opaque"? Regards, Brian Quach SimpleLink MCU Texas Instruments Inc. 12500 TI Blvd, MS F-4000 Dallas, TX 75243 214-479-4076

5 years

1
0
0 0

Re: [mbed-tls] mbedtls_x509write_crt_set_subject_name, mbedtls_x509_dn_gets fail to handle UTF8 multibyte properly

by Martin Man

> On 11 Jun 2020, at 12:09, Gilles Peskine via mbed-tls <mbed-tls(a)lists.trustedfirmware.org> wrote: > > On 11/06/2020 11:24, Martin Man via mbed-tls wrote: >> >> I think this is a bug and the dn_gets should simply leave the UTF-8 >> multibyte untouched when parsing it out from a field tagged with ASN.1 >> tag 12 (utf-8). > > We are not going to do Unicode normalization in Mbed TLS: that would be > far too complex for a library that runs on systems with ~1e5 bytes > available for code. So Unicode strings would only be processed correctly > if the application passes normalized strings and CAs only generate > certificates with normalized strings. But that would be an improvement > on converting non-ASCII characters to '?'. Definitely agree that normalization is not needed. I think this problem could be split into two parts: 1) When a const char* is passed into mbedtls_x509write_crt_set_subject_name, the mbedtls will currently encode it into ASN tag 12 UTF8. Not sure what validation is done. But it could perhaps do at least a basic validation of what the C string passed in is to avoid generating a cert with crippled DN. Alternatively you can simply trust the developer to pass in correct UTF8 and document this. This is a API design decision of what input is allowed to be passed into the method and what validation is done on this. 2) When the mbedtls_x509_dn_gets extracts a C string from the ASN.1 tagged as 12, it could validate that it is indeed valid UTF-8, or just leave it as is and push it out. Again, this is about what we expect the library to do. I’m not an expert on whether this can in any way be used to trick MBEDLTS to do bad things when sending in a malformed certificate, say a one where DN is encoded as UTF-8 but contains illegal UTF-8 in the payload. thanks for listening, Martin

5 years

1
0
0 0

Re: [mbed-tls] mbedtls_x509write_crt_set_subject_name, mbedtls_x509_dn_gets fail to handle UTF8 multibyte properly

by Gilles Peskine

On 11/06/2020 11:24, Martin Man via mbed-tls wrote: > The code in mbedtls_x509_dn_gets fails to properly handle the UTF-8 > multibyte sequence 0xe2 0x80 0x99 and turns it into 0xe2 0x80 0x3f. > > There is a fix floating around development branch mentioned > here https://github.com/ARMmbed/mbedtls/pull/3326/files which > essentially replaces all control chars with question marks. > > I think this is a bug and the dn_gets should simply leave the UTF-8 > multibyte untouched when parsing it out from a field tagged with ASN.1 > tag 12 (utf-8). That code is from an earlier era (mid 2000s, I think) when most systems used an 8-bit encoding, but non-8-bit-clean systems were still common. A '\x80' in text might be transformed to '\x00' with disastrous consequences. But over a decade later, I don't think non-8-bit-clean systems are a concern anymore. Leaving all non-ASCII characters alone sounds reasonable to me. We are not going to do Unicode normalization in Mbed TLS: that would be far too complex for a library that runs on systems with ~1e5 bytes available for code. So Unicode strings would only be processed correctly if the application passes normalized strings and CAs only generate certificates with normalized strings. But that would be an improvement on converting non-ASCII characters to '?'. -- Gilles Peskine Mbed TLS developer

5 years

1
0
0 0

mbedtls_x509write_crt_set_subject_name, mbedtls_x509_dn_gets fail to handle UTF8 multibyte properly

by Martin Man

Hi guys, I’m new to the list and bringing the discussion over here from https://github.com/ARMmbed/mbedtls/issues/3413 <https://github.com/ARMmbed/mbedtls/issues/3413>. I’m creating a certificate using mbedtls and setting it’s issuer and and subject using the mbedtls_x509write_crt_set_subject_name, and mbedtls_x509write_crt_set_issuer_name. The name passed in is in UTF8 and contains a sequence 0xe2 0x80 0x99 (apostrophe) in the CN string. If I debugged this correctly, the underlying sequence of bytes is correctly encoded in ASN.1 and tagged as 12 (UTF-8). When I later parse the cert and try to extract its subject back using mbedtls_x509_dn_gets from crt.subject and crt.issuer the UTF-8 gets corrupted. The code in mbedtls_x509_dn_gets fails to properly handle the UTF-8 multibyte sequence 0xe2 0x80 0x99 and turns it into 0xe2 0x80 0x3f. There is a fix floating around development branch mentioned here https://github.com/ARMmbed/mbedtls/pull/3326/files <https://github.com/ARMmbed/mbedtls/pull/3326/files> which essentially replaces all control chars with question marks. I think this is a bug and the dn_gets should simply leave the UTF-8 multibyte untouched when parsing it out from a field tagged with ASN.1 tag 12 (utf-8). What’s your opinion? Martin

5 years

1
0
0 0

2025

2024

2023

2022

2021

2020

mbed-tls