Hi All,
A gentle reminder that the US-Europe timezone-friendly MBed TLS Tech forum
is next Monday at 4:30 PM UK time. Invite details can be found on the
online calendar here <https://www.trustedfirmware.org/meetings/>.
If you have any topics, please let Dave Rodgman know. :)
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Hi Shripad,
Cross-posting to mbed-tls ML.
I noticed though you already sent the same query to this list.
Regards,
Olivier.
________________________________
From: shripad.nunjundarao--- via TF-A <tf-a(a)lists.trustedfirmware.org>
Sent: 06 March 2024 05:39
To: tf-a(a)lists.trustedfirmware.org <tf-a(a)lists.trustedfirmware.org>
Subject: [TF-A] mbedtls and PQC algorithms support
Hi,
Is there a plan for mbedtls to add support for PQC algorithms (Dilithium/Khyber)?
regards,
/Shripad
--
TF-A mailing list -- tf-a(a)lists.trustedfirmware.org
To unsubscribe send an email to tf-a-leave(a)lists.trustedfirmware.org
Greetings,
## The Setup
Greetings,
## The Setup
I have a RENESAS board that has an integrated crypto processor and uses MbedTLS 2.25.0.
I have a SE (secure element) connected to it.
I am allowing hardware acceleration and PSA crypto API inside mbedtls_config.h
I registered my SE driver before calling psa_crypto_init().
The board connects to a web server and performs TLS handshake with the forced cipher `MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256`.
## The issue
The handshake fails during the step 8 when generating EC private key for ECDHE exchange.
I have tracked the issue through debug and it unfolded as follows inside `ssl_write_client_key_exchange()`:
- We enter the PSA crypto code from the pre-processor directives.
- We set the key attributes after initializing them to 0. (here usage_flags, algorithm, type and bits field are set but lifetime is still 0 from init at this point, this will count later on)
- The next function `psa_generate_key()` fails.
## In depth
When inside the `psa_generate_key()` function, we start the key creation inside `psa_start_key_creation()`.
But here, when validating the attributes of the key in `psa_validate_key_attributes()`, we are not able to rely on the SE to store the key due to it being volatile (lifetime is still 0), the driver is never called.
From there the program keeps going until trying to generate the key with the crypto processor from the board which does not support this type of key and returns unsupported error.
## Main question
Since the lifetime is forced to be representing a volatile key and since the driver for the SE is not called except for persistent ones, i cannot do this cryptographic step using the SE. Is the generation of the volatile key at this step meant to be handled by the MbedTLS library (software or hardware alt) and not by the PSA Crypto API (SE) due to the key being volatile ? If not, how is the Se supposed to be called in the handshake and what am i missing ?
## Discussion
I can pass the handshake when disabling hardware acceleration and using the software for cryptographic steps, but in this case i am not using the SE for them. Should the SE only be used to store the client certificate for mTLS case ?
## Note
I must use the MbedTLS version 2.25.0 since the SE driver I am using relies on this version.
Hi,
We are writing a client code which can accept or decline connection to the
server - so for each connection I understand there is a mbedtls_ssl_context
data established. Once the same is closed or not required we need to do
deinitialize or free memory allocated to its member variables like - we
need to free all memory allocated since we need it back else our
application will run out of memory like:
os_free(mbed_ctx->handshake);
os_free(mbed_ctx->transform_negotiate);
os_free(mbed_ctx->session_negotiate);
os_free(mbed_ctx->in_buf);
os_free(mbed_ctx->out_buf);
But there are many member variables which also need to free memory if
allocated and assigned to it.
Is there a function / method that can free all memory
for mbedtls_ssl_context instance variable?
Thanks in advance.
Regards,
Prakash
Hi All,
A gentle reminder that the Asia-Europe timezone-friendly MBed TLS Tech
forum is next Monday at 10:00am PM UK time. Invite details can be found on
the online calendar here <https://www.trustedfirmware.org/meetings/>.
If you have any topics, please let Dave Rodgman know. :)
Best regards,
Don Harbin
TrustedFirmware Community Manager
don.harbin(a)linaro.org
Hi,
Please note that I needed to compile and work with MBed TLS version 2.19.1
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.19.1
However I am unable to compile the code / examples in it - i get below
error:
*$ cmake .CMake Deprecation Warning at CMakeLists.txt:1
(cmake_minimum_required): Compatibility with CMake < 2.8.12 will be
removed from a future version of CMake. Update the VERSION argument <min>
value or use a ...<max> suffix to tell CMake that the project does not
need compatibility with older versions.-- Selecting Windows SDK version
10.0.19041.0 to target Windows 10.0.22631.CMake Error at CMakeLists.txt:192
(add_subdirectory): add_subdirectory given source "crypto/3rdparty" which
is not an existing directory.CMake Error at CMakeLists.txt:199
(add_subdirectory): add_subdirectory given source "crypto/library" which
is not an existing directory.CMake Error at CMakeLists.txt:200
(add_subdirectory): add_subdirectory given source "crypto/include" which
is not an existing directory.CMake Warning (dev) at
programs/ssl/CMakeLists.txt:37 (target_sources): Policy CMP0076 is not
set: target_sources() command converts relative paths to absolute. Run
"cmake --help-policy CMP0076" for policy details. Use the cmake_policy
command to set the policy and suppress this warning. An interface source
of target "ssl_client2" has a relative path.This warning is for project
developers. Use -Wno-dev to suppress it.CMake Warning (dev) at
programs/ssl/CMakeLists.txt:44 (target_sources): Policy CMP0076 is not
set: target_sources() command converts relative paths to absolute. Run
"cmake --help-policy CMP0076" for policy details. Use the cmake_policy
command to set the policy and suppress this warning. An interface source
of target "ssl_server2" has a relative path.This warning is for project
developers. Use -Wno-dev to suppress it.CMake Warning (dev) at
programs/test/CMakeLists.txt:31 (target_sources): Policy CMP0076 is not
set: target_sources() command converts relative paths to absolute. Run
"cmake --help-policy CMP0076" for policy details. Use the cmake_policy
command to set the policy and suppress this warning. An interface source
of target "query_compile_time_config" has a relative path.This warning is
for project developers. Use -Wno-dev to suppress it.*
I tried removing the errors from the CmakeFile.txt but now get below error:
*$ cmake --build .Microsoft (R) Build Engine version 16.11.2+f32259642 for
.NET FrameworkCopyright (C) Microsoft Corporation. All rights
reserved.MSBUILD : error MSB1009: Project file does not exist.Switch:
ALL_BUILD.vcxproj*
Also
make all
Makefile:84: ../crypto/3rdparty/Makefile.inc: No such file or directory
make[1]: *** No rule to make target '../crypto/3rdparty/Makefile.inc'.
Stop.
Makefile:19: recipe for target 'lib' failed
make: *** [lib] Error 2
Please let me know how to resolve them and compile MBedTLS version 2.19.1
code?
Thanks in advance.
Regards,
Prakash
Hi,
I am working on an issue related to memory leak in MBedTLS. We have
integrated MBedTLS code for below 3rd party HostAPD code integration .
https://github.com/prplfoundation/hostap [Hostapd]
Please refer to the Hostapd peer code implementation as provided in
the link below:
https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_exampl…https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_exampl…
The main function code snippet is provided below:
https://github.com/prplfoundation/hostap/blob/master/eap_example/eap_exampl…
if (eap_example_peer_init() < 0 ||
eap_example_server_init() < 0)
return -1;
do {
printf("---[ server ]--------------------------------\n");
res_s = eap_example_server_step();
printf("---[ peer ]----------------------------------\n");
res_p = eap_example_peer_step();
} while (res_s || res_p);
Since we are implementing code for peers hence we have removed the
server step. Now we need to keep monitoring for new connections /
failed connections and act accordingly we have modified the code to
something like below -
if (eap_example_peer_init() < 0 ||
eap_example_server_init() < 0)
return -1;
do {
res_p = eap_example_peer_step();
if (eap_ctx.eapNoResp || eap_ctx.eapFail) {
eap_client_peer_deinit();
eap_client_peer_init();
}
} while (1);
We have modified the loop such that it will keep iterating for new
connections and in case of failure, re-initialization is required. Is
my understanding correct? The issue I am facing is that the client
peer deinit method is not releasing all memory allocated during
eap_example_peer_step() function ( I understand while processing the
EAP TLS server request). The deinit is purely implemented to
deallocate memory initially allocated for a new connection using TLS?
void eap_client_peer_deinit(void)
{
eap_peer_sm_deinit(eap_ctx.eap);
eap_peer_unregister_methods();
wpabuf_free(eap_ctx.eapReqData);
os_free(eap_ctx.eap_config.identity);
os_free(eap_ctx.eap_config.password);
os_free(eap_ctx.eap_config.cert.ca_cert);
os_free(eap_ctx.eap_config.cert.client_cert);
os_free(eap_ctx.eap_config.cert.private_key);
}
where
void eap_peer_sm_deinit(struct eap_sm *sm)
{
if (sm == NULL)
return;
eap_deinit_prev_method(sm, "deinit");
eap_sm_abort(sm);
if (sm->ssl_ctx2)
tls_deinit(sm->ssl_ctx2);
tls_deinit(sm->ssl_ctx);
eap_peer_erp_free_keys(sm);
os_free(sm);
}
Can you please let me know whether we are deallocating memory correctly?
Thanks in advance.
Regards,
Prakash