- mbed-tls - lists.trustedfirmware.org

by Satya Prakash Prasad

Hi, We need to integrate the TLS Code in our codebase. I have downloaded Mbed TLS 3.5.1 @ https://github.com/Mbed-TLS/mbedtls/releases and compiled it. I understand that we can just use the code in mbedtls-3.5.1\library directory for the TLS functionality - can anyone please confirm. Are there any other directories where TLS Code exists in the MbedTLS 3.5.1 repo? Please confirm how we can only integrate MbedTLS TLS functionality code in other applications / repo. There are so many other directories in MbedTLS 3.5.1 repo - how is the code in repo organized? Do we need all the code in MbedTLS 3.5.1 repo? Your valid input will help me to integrate the MbedTLS Code in our codebase? Please provide all other details as required or will be helpful for the same. Thanks in advance. Regards, Prakash

2 years

1
0
0 0

Mbed TLS 3.5.1

by Satya Prakash Prasad

Hi, I downloaded Mbed TLS 3.5.1 @ https://github.com/Mbed-TLS/mbedtls/releases. Please let me know how to configure and compile the same. Also please let me know how to run some sample tests there or manually to verify. Thanks in advance. Regards, Prakash

2 years

1
0
0 0

Code samples for psa_import_key and ECC?

by Christian Huitema

I am trying to use psa_import_key() after loading private keys from PEM files. I am succeeding when parsing an "RSA PRIVATE KEY", but no such luck for "EC PRIVATE KEY". I assume that I am not setting attributes correctly. A code sample would be nice! Or, maybe I could just use mbedtls_pk_parse_keyfile(), but then I would need to "import" a PSA key from the "mbedtls" context, ad I did not find sample code for that either. -- Christian Huitema

2 years

2
4
0 0

Mbed TLS 3.5.1 and 2.28.6

by Dave Rodgman

Hi Mbed TLS users, We have released Mbed TLS versions 3.5.1 and 2.28.6. These releases of Mbed TLS are made under a dual Apache-2.0 OR GPL-2.0-or-later license. Mbed TLS 3.5.1 also contains a bugfix for CMake builds. They are otherwise identical to the previous releases, 2.28.5 and 3.5.0. Full details are available in the release notes (https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.6, https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.1)<https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0)>. We recommend all users to consider whether they are impacted, and to upgrade appropriately. Many Thanks. Dave

2 years, 1 month

1
0
0 0

[Mbed-tls-announce] New Mbed TLS releases : 3.5.0 and 2.28.5

by Minos Galanakis via Mbed-tls-announce

We have released Mbed TLS versions 3.5.0 and 2.8.5. These releases of Mbed TLS address several security issues, provide bug fixes, and bring other minor changes. Full details are available in the release notes (https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5, https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0). We recommend all users to consider whether they are impacted, and to upgrade appropriately. Many Thanks. IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -- Mbed-tls-announce mailing list -- mbed-tls-announce(a)lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-announce-leave(a)lists.trustedfirmware.org

2 years, 1 month

3
2
0 0

Mbed TLS license change

by Dave Rodgman

Hi Mbed TLS users, We are planning to change the license for Mbed TLS shortly, from Apache 2.0 to a dual license Apache 2.0 / GPLv2-0-or-later license. This will allow GPL-licensed projects to take Mbed TLS under a GPL license. Projects which currently take Mbed TLS under an Apache 2.0 license may continue to do so, and therefore should not be affected by this change. The inbound license, under which we accept contributions, is already a dual-license. There is therefore no impact for contributors, and no impact on PRs that are currently in review, or those that have previously been integrated into the library. We hope that this will enable more projects to make use of Mbed TLS. Dave Rodgman

2 years, 1 month

1
0
0 0

TF-PSA-Crypto publication

by Ronald Cron

We are happy to announce the publication in GitHub of the TF-PSA-Crypto repository: https://github.com/Mbed-TLS/TF-PSA-Crypto. The TF-PSA-Crypto repository provides an implementation of the PSA Cryptography API (https://arm-software.github.io/psa-api). This encompasses the on-going extensions to the PSA Cryptography API (e.g. PAKE). The PSA Cryptography API implementation is organized around the PSA Cryptography driver interface aiming to ease the support of cryptographic accelerators and processors. This is a significant milestone on the journey to split the PSA Cryptography API implementation and its development out of the Mbed TLS repository into TF-PSA-Crypto. This is early days though and the TF-PSA-Crypto repository should be considered as a prototype: it is read-only and mostly a mirror of the PSA Cryptography API implementation of Mbed TLS. But we believe it is a good illustration of what we are aiming at. Thanks, Ronald Cron on behalf of the Mbed TLS team.

2 years, 1 month

2
2
0 0

How to implement Opaque driver API

by Jiamei Xie

Hi experts, I wanted to forward some crypto operations to an external driver that provides psa_call APIs. The mbedtls version I am using 3.4.0. Take psa_asymmetric_encrypt as an example, The mbedtls api is psa_status_t psa_asymmetric_encrypt(mbedtls_svc_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) It gets attribute, key.data and key.byte from key_id. Then call function psa_driver_wrapper_asymmetric_encrypt without key_id as its argument: status = psa_driver_wrapper_asymmetric_encrypt( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, salt, salt_length, output, output_size, output_length); In psa_driver_wrapper_asymmetric_encrypt, it will use different implementations according to the location value in https://github.com/Mbed-TLS/mbedtls/blob/d69d3cda34c400a55220352518e37d3d2c…. I define a new location definition(RSS_PSA_LOCATION. When the location is RSS_PSA_LOCATION, making it call psa_status_t crypto_psa_asymmetric_encrypt(psa_key_id_t key, psa_algorithm_t alg, const uint8_t *input, size_t input_length, const uint8_t *salt, size_t salt_length, uint8_t *output, size_t output_size, size_t *output_length) This API require key_id. Is it possible to get key_id from attribute and key_slot? Regards, Jiamei Xie

2 years, 1 month

3
3
0 0

Driver only build option

by Ruchika Gupta

Hi, I am trying to use the MACRO's defined at - https://github.com/Mbed-TLS/mbedtls/blob/development/docs/driver-only-build… to enable driver only build. As mentioned on the page I tried to do this for SHA256. However, the code in sha256.c isn't ifdefed by "MBEDTLS_PSA_ACCEL_ALG_SHA_256" so still gets compiled ? Can you point me to what I am missing here ? Regards, Ruchika

2 years, 1 month

1
1
0 0

How can I encrypt with a private key?

by 克坚马

Hi all, I have been using the old version(2.28) for a very long time, and updated to version 3.4.0 recently. When using rsa encryption, there is a parameter 'mode' that allows to choose whether to use a public key or a private key. Why is it canceled in the new version? And how can I use the private key to perform an encryption operation? Thank you for your help!

2 years, 1 month

4
6
0 0

For enabling TLS 1.3

by Sankalp Raj Singh

Can you please provide the proper steps and file name where we have to make changes in order to enable TLS 1.3

2 years, 1 month

1
0
0 0

PSA crypto driver - KEY LOCATIONS

by Ruchika Gupta

Hi, For the crypto accelerator, we are developing for our SoC, we have a use-case where the same driver can support multiple/range of KEY LOCATIONS. We want a mechanism such that, the a common function in driver is called which can then take the necessary option based on the key location. The way jsons are currently structured, what I understand is that for every key location, we will need to create a separate json with a different driver prefix. This would lead to a lot of code duplication for us. For eg { to define 3 locations X, Y and Z , I need to create 3 json files -> these all refer to same crypto sub-system I my case} #define TEST_DRIVER_X_OPAQUE_DRIVER_ID #define TEST_DRIVER_Y_OPAQUE_DRIVER_ID #define TEST_DRIVER_Z_OPAQUE_DRIVER_ID Switch (key_location) Case x: Test_driver_x_ opaque_import_key(); break; Case y: Test_driver_y_ opaque_import_key(); break; Case z: Test_driver_z_ opaque_import_key(); break; This is resulting in a lot of code duplication and overhead. What we want to have the flexibility to achieve is : #define TEST_DRIVER_OPAQUE_DRIVER_ID Switch (key_location) Case x: Case y: Case z: Test_driver_opaque_import_key(); If we can support multiple locations from a driver json file for a given driver, this issue would be resolved. This would give the driver writers flexibility on how and where they want to handle the locations. Please let us know your views on the same. Regards, Ruchika

2 years, 2 months

2
1
0 0

Re: [Mbed-tls-announce] New Mbed TLS releases : 3.5.0 and 2.28.5

by Oubaid AKRMI

Hi, Is the SHA-3 impacted by the vulnerability reported in NIST vulnerability database (link below) ? https://nvd.nist.gov/vuln/detail/CVE-2022-37454 "Description The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface. " Best regards, [Shape, rectangle Description automatically generated] Oubaid AKRMI | Mobile: +33 7 53 06 08 49 GPM | Application Security Engineer [Icon Description automatically generated]<https://www.facebook.com/STMicroelectronics.NV/> [cid:image003.png@01D9FD35.14D24980] <https://twitter.com/st_world> [Icon Description automatically generated] <https://www.linkedin.com/company/stmicroelectronics/> [Icon Description automatically generated] <https://www.instagram.com/stmicroelectronics.nv/> [Icon Description automatically generated] <https://www.youtube.com/user/STonlineMedia> ST online: www.st.com<https://stmicroelectronics-my.sharepoint.com/personal/oubaid_akrmi_st_com/D…>

2 years, 2 months

2
1
0 0

Link to MBed TLS Tech Forum - Asia/Europe

by Daniel Morris

Just in case others are struggling to join/had a bad bookmark for the meeting which started a few minutes ago, the right one is: https://linaro-org.zoom.us/j/95471735908?pwd=WStaaWhEVXNqcWx1S2pEQU13cHU2UT… Also handily listed here: https://www.trustedfirmware.org/meetings/ Daniel %<---------------------------------------------------------------------- Daniel Morris eCosCentric - The eCos experts Tel: +44 1223 245 571 - info(a)eCosCentric.com

2 years, 2 months

1
0
0 0

psa_raw_key_agreement does not like PSA_ALG_ECDSA(PSA_ALG_SHA_256)

by Christian Huitema

I am not sure I completely understand the PSA API for key exchange. I have been creating a private key, exporting the public key, passing that successfully to the peer, obtaining the peer's public key, and I want to use psa_raw_key_agreement to obtain the shared secret. But it fails in: if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { status = PSA_ERROR_INVALID_ARGUMENT; goto exit; } The value of "alg" is 0x06000609, computed as PSA_ALG_ECDSA(PSA_ALG_SHA_256). That's probably wrong, but I do not know why... -- Christian Huitema

2 years, 3 months

1
1
0 0

Output format of mbedtls_ecdh_make_params does not play well with TLS 1.3

by Christian Huitema

In TLS 1.3, one half of an ECDH exchange is defined as a "key entry", coded as: struct { NamedGroup group; opaque key_exchange<1..2^16-1>; } KeyShareEntry; The opaque data is typically encoded as a one byte format (e.g., 0x04, no compression), and then the encoding of either one or two points: 32 bytes for one point with CURVE25519, 64 bytes for two points with SECP256R1. The encoding for the "public key" output of mbedtls_ecdh_make_params is different: 1 byte of length, followed by 2 bytes of curve ID, followed by the raw encoding of the point or points. The related encoding of the server public key output of mbedtls_ecdh_make_public is also different: 1 byte of length, followed by 2 bytes of curve ID, followed by the raw encoding of the point or points. To make that work, I need some reformatting: strip out 3 bytes for the client public key, write a single 0x04 byte instead; strip out one byte from the key-exchange data received at the server and write 3 bytes of length and curve ID instead. Also, make sure to reset the strings to the unmodified value before calling mbedtls_ecdh_calc_secret, which probably means maintaining two copies, thus twice the memory. This is a bit messy, and probably unnecessary. The extra parameters "length" is already passed through the API (the &olen argument) and the "group_id" could easily be passed as well. Or maybe I am looking at the wrong API... -- Christian Huitema

2 years, 3 months

3
7
0 0

TLS handshake with AWS IoT MQTT broker seems to succeed and then is terminated by the broker

by Roger Sala

I am developing an AWS IoT MQTT client on STM32H723 using FreeRTOS 10.3.1, LwIP 2.1.2 and MbedTLS. My first attempt used MbedTLS 2.16.2 and it mostly works except that sometimes, seemingly related to the timing of the network I'm using, it fails when my client fails to send out anything after the Client Key Exchange message and then the server responds with a Close Notify as follows: "Time","Source","Destination","Protocol","Length","Info" "0.000000","10.24.108.94","54.157.158.237","TLSv1.2","418","Client Hello" "0.016460","54.157.158.237","10.24.108.94","TLSv1.2","150","Server Hello" "0.002777","54.157.158.237","10.24.108.94","TLSv1.2","685","Certificate" "0.000000","54.157.158.237","10.24.108.94","TLSv1.2","438","Server Key Exchange, Certificate Request, Server Hello Done" "0.976521","10.24.108.94","54.157.158.237","TLSv1.2","1006","Certificate, Client Key Exchange" "0.014853","54.157.158.237","10.24.108.94","TLSv1.2","61","Alert (Level: Warning, Description: Close Notify)" When it works it looks like this: "Time","Source","Destination","Protocol","Length","Info" "0.000000000","10.0.0.11","54.84.254.130","TLSv1.2","418","Client Hello" "0.017495225","54.84.254.130","10.0.0.11","TLSv1.2","150","Server Hello" "0.001743255","54.84.254.130","10.0.0.11","TLSv1.2","685","Certificate" "0.000022282","54.84.254.130","10.0.0.11","TLSv1.2","392","Server Key Exchange" "0.000004428","54.84.254.130","10.0.0.11","TLSv1.2","100","Certificate Request, Server Hello Done" "2.606030441","10.0.0.11","54.84.254.130","TLSv1.2","1326","Certificate, Client Key Exchange, Certificate Verify, Change Cipher Spec, Encrypted Handshake Message" "0.027421478","54.84.254.130","10.0.0.11","TLSv1.2","105","Change Cipher Spec, Encrypted Handshake Message" "0.000971482","10.0.0.11","54.84.254.130","TLSv1.2","193","Application Data" "0.075384354","54.84.254.130","10.0.0.11","TLSv1.2","87","Application Data" The last two "Application Data" messages are the MQTT connect and connect ACK, So before I filed a bug report, I upgraded to MbedTLS 2.28.4. The good news is that this client always (seems) to successfully negotiate the TLS handshake, but after receiving the first encrypted "Application Data" (connect), the broker immediately sends and "Encrypted Alert", which I'm taking to be a Close Notify because a TCP FIN follows shortly thereafter. The Wireshark capture of the 2.28.4 handshake looks almost exactly like the successful 2.16.2 handshake: "Time","Source","Destination","Protocol","Length","Info" "0.000000000","10.0.0.11","44.195.98.16","TLSv1.2","336","Client Hello" "0.018450117","44.195.98.16","10.0.0.11","TLSv1.2","150","Server Hello" "0.000524146","44.195.98.16","10.0.0.11","TLSv1.2","685","Certificate" "0.000003168","44.195.98.16","10.0.0.11","TLSv1.2","392","Server Key Exchange" "0.000002995","44.195.98.16","10.0.0.11","TLSv1.2","100","Certificate Request, Server Hello Done" "2.517148776","10.0.0.11","44.195.98.16","TLSv1.2","1329","Certificate, Client Key Exchange, Certificate Verify, Change Cipher Spec, Encrypted Handshake Message" "0.016572792","44.195.98.16","10.0.0.11","TLSv1.2","60","Change Cipher Spec" "0.000007326","44.195.98.16","10.0.0.11","TLSv1.2","99","Encrypted Handshake Message" "0.001500778","10.0.0.11","44.195.98.16","TLSv1.2","193","Application Data" "0.031014646","44.195.98.16","10.0.0.11","TLSv1.2","85","Encrypted Alert" ... except for the "Encrypted Alert" from the broker that leads to the closing of the session. I'm hoping someone has an explanation of the behavior I'm seeing and can suggest a path forward for me. Another data point is the fact that the client with MbedTLS 2.28.4 can successfully authentic and negotiate a TLS handshake with a mosquitto broker I'm running locally using self signed certificates. ====================================================================== The information contained in this e-mail, including all of its attachments, is confidential and proprietary information of IPG Photonics and its affiliates and intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by telephone or e-mail, and destroy this communication and all copies. Thank you. ======================================================================= This Email has been scanned for all viruses by IPG Photonics Email Scanning Services.

2 years, 3 months

1
0
0 0

Reminder: MBed TLS Tech Forum - Asia/Europe

by Don Harbin

Hi All, A gentle reminder that the Asia-Europe timezone-friendly MBed TLS Tech forum is *next Monday at 10:00am PM UK time.* Invite details can be found on the online calendar here <https://www.trustedfirmware.org/meetings/>. If you have any topics, please let Dave Rodgman know. :) Best regards, Don Harbin TrustedFirmware Community Manager don.harbin(a)linaro.org ReplyReply to allForward

2 years, 3 months

2
2
0 0

New TrustedFirmware Discord Server

by Don Harbin

Hi All, Note you may have received another instance of this note but when I attempted to send to all TF ML's simultaneously it seemed to fail, so sending to each one at a time. Sorry about that. :/ We've created a Discord Server for real time chats/sharing. This solution comes at no cost to the project, is set up with channels for each project, includes a #general channel, and supports direct 1-1 chats between members, all with the goal of improving collaboration between trustedfirmware.org developers. We encourage all to join! :) Instructions for joining can be found on the TF.org FAQ page <https://www.trustedfirmware.org/faq/>. See you all there and please don't hesitate to reach out if you have any questions! Don Harbin TrustedFirmware Community Manager don.harbin(a)linaro.org

2 years, 3 months

1
0
0 0

New TrustedFirmware Discord Server

by don.harbin＠linaro.org

The content of this message was lost. It was probably cross-posted to multiple lists and previously handled on another list.

2 years, 3 months

1
0
0 0

Does mbedtls support x509 certificates signed wih ED448 algorithm?

by Bahadır Maktav

Hi, I am trying to use a certificate with its public key algorithm is NIST P-384 and its signature algorithm is ED448. I am working on ESP board with IDF framework which supports mbedtls. But when I am trying to use that certificate, I got error message about 'MBEDTLS_ERR_X509_UNKOWN_SIG_ALG'. So, I thought that maybe mbedtls does not support certificates which signed with ED448.

2 years, 3 months

2
1
0 0

Does mbedtls support x509 certificates signed wih ED448 algorithm?

by Bahadır Maktav

Hi, I am trying to use a certificate with its public key algorithm is NIST P-384 and its signature algorithm is ED448. I am working on ESP board with IDF framework which supports mbedtls. But when I am trying to use that certificate, I got error message about 'MBEDTLS_ERR_X509_UNKOWN_SIG_ALG'. So, I thought that maybe mbedtls does not support certificates which signed with ED448.

2 years, 3 months

1
0
0 0

Example of AEAD decrypt?

by Christian Huitema

The example of AEAD encryption in "aead_demo" is very useful. Is there a similar example for decryption? -- Christian Huitema

2 years, 3 months

2
1
0 0

Does mbedTLS TLS1.3 only support PSK?

by Thompson, Jeff

I've got mbedTLS 3.1.4 and want to use TLS 1.3. My handshake fails very early because I don't have any Pre-Shared Keys. Does mbedTLS TLS1.3 only support PSKs, or can I still use generated session keys as does TLS 1.2? If so, how? Jeff Thompson | Senior Electrical Engineer - Firmware +1 704 752 6513 x1394 www.invue.com [cid:image001.gif@01D9D729.620C6230]

2 years, 3 months

2
2
0 0

Silly python problem when building on MacOS

by Christian Huitema

Hello, I am trying to build MbedTLS on a Mac, as part of a project to support MbedTLS in the "picoquic" implementation of QUIC. I have a small problem, probably something of my making. I have cloned the repo on an "mbedtls" directory, created a "build" subdirectory, and from there run"cmake ..", which worked fine, and then tried to run "make", which fails in "generating psa_crypto_driver_wrapper.c" when trying the python script "generate_driver_wrappers.py" because it cannot find the python module "jsonschema". I tried to solve that by installing that module using "pip", and test programs running python3 do find the "jsonschema". Calling print(jsonschema.__file__) shows the module is installed in my user directory: /users/christianhuitema/Library/python3.9/lib/python/... Is there a simple way to fix that? -- Christian Huitema

2 years, 4 months

2
4
0 0

2025

2024

2023

2022

2021

2020

mbed-tls