Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Complete implementation of MbedTLS as backend #528

Open
wants to merge 29 commits into
base: master
Choose a base branch
from
Open

Complete implementation of MbedTLS as backend #528

wants to merge 29 commits into from

Conversation

huitema
Copy link
Collaborator

@huitema huitema commented May 16, 2024

No description provided.

huitema added 29 commits May 16, 2024 16:44
@huitema
copy-updated-mbedtls_files
0058a94
@huitema
Small cmake fixes
059249a
@huitema
Another errant ref to ed25519
ed0f872
@huitema
Fix more compile warnings
e53f880
@huitema
More compile warnings
d32c1ad
@huitema
More typos fixed.
9733496
@huitema
Merge branch 'master' into complete-mbedtls-backend
27c6b0a
@huitema
Do not set the output length to excessive value
b08896e
@huitema
Fix typo
03befd1
@huitema
Add verification of signature.
5c3943c
@huitema
Fixing test compile issues.
0bbab1c
@huitema
remove spurious include ref.
73d4925
@huitema
Fix code porting issues.
e0ed5f9
@huitema
Not be so verbose.
4a4940e
@huitema
Fix reference totrust CA
460c487
@huitema
Add intermediate checks for sign-verify
1f38b04
@huitema
Disable rsa-p
387a354
@huitema
Also disabling unused code.
f3bb5e5
@huitema
Update mbedtls sign to latest tested.
0a5a506
@huitema
Simplify flow of tests
44741e9
@huitema
Fix test on line 217
117011f
@huitema
Use server name in verify cert
7d3f7ad
@huitema
Debugging the end to end test.
428e6d8
@huitema
Fix typo
0408666
@huitema
Add debugging traces
cbd630c
@huitema
Fix location of trusted CA
675dced
@huitema
Don't use problematic API
95ab894
@huitema
Add include, simplify test
f37b7bc
@huitema
Remove unused variable.
bad0e50
@huitema huitema mentioned this pull request May 21, 2024
Open
@barracuda156
Copy link

@huitema How is this going?

@huitema huitema requested a review from kazuho June 2, 2024 15:19
@huitema
Copy link
Collaborator Author

huitema commented Jun 2, 2024

I think this PR is ready. It allows using MbedTLS as a self-sufficient back end, including for functions like certificate verification. I would like review of the code that derives the server's public key from the list of certificates. In all the tests, the size of the list is 1, so the assumption that the first certificate is good works. But if the list contains more certificates, we probably have some extra work to do.

@huitema
Copy link
Collaborator Author

huitema commented Jun 3, 2024

@kazuho in the test assets, do we have example of certificate chains containing more than 1 certificate?

@doublex doublex mentioned this pull request Aug 16, 2024
Closed
@doublex
Copy link

doublex commented Aug 18, 2024

@kazuho
Are there any reasons against this pull request?
An alternative to Openssl would be really helpful for embedded systems.

@doublex
Copy link

doublex commented Sep 10, 2024
edited
Loading

The patch works for me (tested in production). Some issues:

a) Memory leak, this is never free'd:

static int mbedtls_verify_certificate(ptls_verify_certificate_t *_self, ptls_t *tls, const char *server_name,
    mbedtls_x509_crt* chain_head = (mbedtls_x509_crt*)malloc(sizeof(mbedtls_x509_crt));

int ptls_mbedtls_init_verify_certificate(ptls_context_t* ptls_ctx, char const* buffer, size_t len)
    mbedtls_x509_crt* chain_head = (mbedtls_x509_crt*)malloc(sizeof(mbedtls_x509_crt));

b) Unused variable:
https://github.com/huitema/picotls/blob/complete-mbedtls-backend/lib/mbedtls_sign.c#L406

c) Maybe a typo (mbedssl -> mbedtls):
ptls_mbedssl_init_verify_certificate_complete() -> ptls_mbedtls_init_verify_certificate_complete()

@doublex
Copy link

doublex commented Sep 10, 2024

Patch to fix the memory-leak:

*** a/mbedtls_sign.c    2024-09-10 16:56:25.685199324 +0200
--- b/mbedtls_sign.c    2024-09-10 16:56:05.489162611 +0200
*************** static int mbedtls_verify_certificate(pt
*** 1250,1255 ****
--- 1250,1256 ----
  
      if (chain_head != NULL) {
          mbedtls_x509_crt_free(chain_head);
+         free(chain_head);
      }
      return ret;
  }
*************** void ptls_mbedtls_dispose_verify_certifi
*** 1390,1395 ****
--- 1391,1397 ----
      if (verifier != NULL) {
          if (verifier->trust_ca != NULL) {
              mbedtls_x509_crt_free(verifier->trust_ca);
+             free(verifier->trust_ca);
              verifier->trust_ca = NULL;
          }
          if (verifier->trust_crl != NULL) {

@doublex
Copy link

doublex commented Oct 7, 2024

Update:
Client works (nice, because minicrypto fails to verify)

Server fails:
a) Sending stateless-retry-token results in stack-buffer-overflow, this line:

picotls/lib/mbedtls.c

Line 346 in bad0e50

psa_aead_decrypt(ctx->key, ctx->alg, iv, ctx->super.algo->iv_size, aad, aadlen, input, inlen, output, inlen, &outlen);

b) After increasing buffer, curl --http3-only reports "bad signature"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kazuho kazuho Awaiting requested review from kazuho

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@huitema @barracuda156 @doublex