May I ask a stupid question?
I have developed a product which uses MbedTLS 2.16. I am on this mailing list so I get to see the various updates since.
And I wonder: is there any point in upgrading?
If your embedded product is a client, and usually behind NAT (or an equivalent firewall) and accessing some private server (or a trusted public server) on a schedule of its own choosing, then the whole attack surface is minimal.
If your embedded product is a server, on a private LAN with no internet connection, then the attack surface is similarly negligible.
If your embedded product is a server and on an open port, it WILL get attacked within hours (if not minutes, especially if the DNS is published) and it WILL get hacked. For these applications you must use a heavy duty server e.g. Linux, Centos, etc, and the web server needs to be a similar thing e.g. Apache, NGINX, etc. Not some $5 chip running MbedTLS!
But I see updates like zeroing malloc'd buffers before doing a free() which is nice, but the relevance is zero because exploitation is possible only if an attacker is running code of his choice, and if he gets that far (on an embedded box sitting in some rack in a factory) then it is game over because obviously you have zero *physical* security!
I guess this question is sacrilege, so I am not expecting anyone to reply :) But if somebody does reply, I'd be interested in their take.
Basically, as you can see, I see the only valid applications for MbedTLS in scenarios where a) the box is a client and b) you control the other end's server (or, if you don't control it, you are prepared to periodically revisit your code and fix it whenever the server's owner has changed the crypto suite or whatever).
ISTM that the general drift in the IoT sphere is indeed along the lines I describe. It "incidentally" also delivers a revenue stream because you can charge the customer for that server ;) Whereas if you just sell a box, you have no business model for funding long term functionality.
Regards,
Peter
Hi Prakash,
It seems that you've disabled MBEDTLS_PSA_ITS_FILE_C but kept MBEDTLS_PSA_CRYPTO_STORAGE_C. MBEDTLS_PSA_CRYPTO_STORAGE_C is looking for something that provides the PSA ITS interface, which can either be built into your platform or provided by MBEDTLS_PSA_ITS_FILE_C. Per your other thread, you wanted to disable PSA crypto, so just disable MBEDTLS_PSA_CRYPTO_STORAGE_C.
Best regards,
-- Gilles Peskine Mbed TLS developer
On 13/03/2024 10:44, Satya Prakash Prasad via mbed-tls wrote:
Hi,
I am trying to build MbedtLS 3.5.2 and get the below error:
mbedtls/library/psa_crypto_storage.c:23:23: psa/error.h: No such file or directory mbedtls/library/psa_crypto_storage.c:24:42: psa/internal_trusted_storage.h: No such file or directory
I searched all thru the directories and found error.h in mbetls directory but could not find internal_trusted_storage.h header file?
#if defined(MBEDTLS_PSA_ITS_FILE_C) #include "psa_crypto_its.h" #else /* Native ITS implementation */ #include "psa/error.h" #include "psa/internal_trusted_storage.h" #endif
Regards, Prakash