- Update vendor
mbedtls
code from version2.28.3
to a commit at development version: 0b3de6fce- Please checkout C
mbedtls
3.0-migration-guide.md for more info - The vendor code at this commit includes the TLS server side version negotiation which implements rfc844 4.2.1
- This is a temporary approach at current time point since upstream has not released major version (
3.5.0
) that contains the Server Side Version Negotiation, we need to upgrade to3.5.0
once it's released, its estimated release date is 2023-09-30, Ref: https://github.com/orgs/Mbed-TLS/ projects/1#column-19402885
- Please checkout C
- Update the build code for
mbedtls-sys-auto
crate to sync up with vendor code change:- Changes in C DEFINE's for configuration
- Changes in header files
- Add binding code generation for
static inline
code in C side - Removing deprecated cargo features or dependencies
- Add a cargo feature for TLS 1.3
- Put pkcs12 behind a cargo feature
- Bump crate version to
3.5.0-alpha.1+0b3de6f
to represent we are using a deveoplent version of upstream code
- Update rust wrapper code in
./mbedtls
to sync up the changes inmbedtls-sys-auto
- Removing deprecated cargo features or dependencies
- Update rust code to sync up API changes
- Add types and functions for TLS 1.3
- Add a cargo feature for TLS 1.3
- Update integration tests for new API and TLS 1.3
- Update dependencies
Note: entries with 💥 are ensured that they will break the downstream.
Upstream changes:
- 💥 Upgrade vendor
mbeldtls
code to version3.5.0-alpha.1+0b3de6f
, it means we are using upstream code at commit 0b3de6fce: this is needed because it contains the server side version negotiation features which is necessary in a functional complete TLS 1.3 stack.
Note: Here we use a pre-release version since upstream has not release 3.5.0
yet. Ref: https://doc.rust-lang.org/cargo/reference/semver.html
Changes on our side:
- Cherry picked previous changes in old versions:
- New changes
- vendor change: fix time call in tls13 client&server : This has been merged into upstream, see: Mbed-TLS/mbedtls#7639 .
- vendor change: add accessors : these are added to following new upstream requirements that we should not access to fields with
private_
prefix, and these changes will be sent to upstream soon.
Features:
- 💥
zlib
is removed: support for TLS record-level compression is removed inmbedtls
3.X- Related C DEFINE
MBEDTLS_ZLIB_SUPPORT
is also removed
- Related C DEFINE
- 💥
legacy_protocols
is removed: all protocols early than TLS 1.2 is removed inmbedtls
3.X- Related C DEFINE's are also removed:
MBEDTLS_SSL_PROTO_SSL3
,MBEDTLS_SSL_PROTO_TLS1
,MBEDTLS_SSL_PROTO_TLS1_1
,MBEDTLS_SSL_CBC_RECORD_SPLITTING
- Related C DEFINE's are also removed:
- 💥
pkcs11
is removed: wrapper forlibpkcs11-helper
is removed inmbedtls
3.X, see 3.0-migration-guide.md - 💥
pkcs12
is removed: because fortanix#269 - Put TLS 1.3 behind a feature
tls13
: because the dependency of TLS 1.3 in mbedtls 3.X are using a global state RNG which breaks the requirements for FIPS, so this feature enables use to avoid these code from compilation. - 💥 Deprecated features
custom_threading
,custom_time
,custom_gmtime_r
,pthread
are removed
Dependencies:
- 💥 Bump
mbedtls-sys
version to3.4.0
- 💥 Deprecated dependencies are removed
libz-sys
: support for TLS record-level compression is removed inmbedtls
3.Xlibc
:libc
is not needed insgx
Build code changes:
Following changes are made according to 3.0-migration-guide.md.
- Remove
MBEDTLS_CONFIG_H
inmbedtls_config.h
- Remove
#include <mbedtls/check_config.h>
mbedtls-sys/build/bindgen.rs
- Allow
bindgen
to generate bindings for functions, types and variables start withpsa_
, and put them in a submod psa
because they are needed by TLS 1.3 - Use
bindgen
experiment feature to generate C function wrapper for Cstatic inline
functions
- Allow
mbedtls-sys/build/headers.rs
: Update header filesmbedtls-sys/build/config.rs
: Remove/add C defines- 💥 Added
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
: this is added because TLS 1.3 need to use PSA library which need this when featurestd
is off, user need to provide their implementation. Inrus-mbedtls
, one implementation is proveded, see:mbedtls/src/rng/mod.rs
.
- 💥 Added
- Added
once_cell
for initializing PSA only one times: seefn psa_crypto_init()
inmbedtls-platform-support/src/lib.rs
, this is needed because:-
MBEDTLS_USE_PSA_CRYPTO means that X.509 and TLS will use PSA Crypto as much as possible (that is, everywhere except for features that are not supported by PSA Crypto, see "Internal Changes" below for a complete list of exceptions). When it is enabled, you need to call psa_crypto_init() before calling any function from PK, X.509 or TLS;
- Ref: https://github.com/Mbed-TLS/mbedtls/blob/0b3de6fcec4aa4b23a9ee1e076714cbc796f3ac4/docs/use-psa-crypto.md#general-considerations
-
- Add function pointer
mbedtls_psa_external_get_random
which is needed when C DEFINE optionMBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
is turned on. This will be used in case when system default RNG or entropy is no available (for example in SGX)- Using function pointer here ensure there is no link time conflict in future when mutiple
rust-mbedtls
is using this crate. - User need to call function
set_psa_external_rng_callback
before using any PSA functions or TLS 1.3
- Using function pointer here ensure there is no link time conflict in future when mutiple
- Add rust implementation of
explicit_bzero
, which is needed in SGX. Because in SGX, our rs-libc does not support this function. - Update self tests:
- following are removed:
- arc4_self_test
- md2_self_test
- md4_self_test
- x509_self_test
- xtea_self_test
- following are added:
- sha384_self_test
- chacha20_self_test
- chachapoly_self_test
- poly1305_self_test
- sha224_self_test
- following are removed:
Features:
- 💥
zlib
,legacy_protocols
removed to sync with changes inmbedtls-sys
- 💥
pkcs12
andpkcs12_rc2
are removed: see fortanix#269 - Put TLS 1.3 logic behind a feature
tls13
: check reason above
Dependencies:
- 💥 Bump
rust-mbedtls
version to0.11.0
- 💥 Bump dependency
mbedtls-sys-auto
version to3.5.0-alpha.1+0b3de6f
- Added
rstest
rstest_reuse
lazy_static
env_logger
: used for improving code of tests
- Function
EcPoint::mul
now need to pass in a RNG to ensure blinding. - Add prefix
private_
to some fields ofmbedtls
types undermbedtls/src/cipher/raw
- 💥 Removed and added some options in
Error
,CipherType
,CipherMode
andCipherSuite
to sync with changes inmbedtls
3.X - 💥
mbedtls/src/pk/ec.rs
: User need to provide a RNG callback for functionEcPoint::mul
, this originally is not a hard requirement, but in Cmbedtls
3.X this become a hard requirement for blinding to defend side channel attack. - 💥
mbedtls/hash
:Md2
andMd4
are removed since they are no longer supported inmbedtls
3.X- fn
pbkdf_pkcs12
is removed sincepkcs12
is removed
- 💥
mbedtls/pk/mod.rs
:- Remove
CustomPk
- User need to provide a RNG callback for
Pk::from_private_key
, this originally is not a hard requirement, but in Cmbedtls
3.X this become a hard requirement for blinding to defend side channel attack.
- Remove
- 💥
mbedtls/src/ssl/ciphersuites.rs
: RenameTlsCipherSuite
toTls12CipherSuite
, and add enum:Tls13CipherSuite
,IanaTlsNamedGroup
,TLS13SignatureAlgorithms
: these are introduced by TLS 1.3 mbedtls/src/ssl/ssl_states.rs
: AddSslStates
to represent the state of SSL handshake- Update tests accordingly
Special code need to notice:
In impl
of std::io::Read
under mbedtls/src/ssl/io.rs
and tokio::io::AsyncRead
under mbedtls/src/ssl/async_io.rs
, there are some code to handle the special case when using mbedtls
as client
to connect to a server whose session ticket
extension is enabled.
This case is found when connecting to goolge.com
, where Google's server send the session ticket
after the completion of handshake, which cause C-mbedtls
throw errors when client is try to read msg data.
- Use cargo-nextest to run tests
- Reduce time to run tests
- Have ability to run some tests in serial
- tests under
hyper.rs
need to access togoogle.com
which has QPS limit - some tests function use some system resource, see https://github.com/fortanix/rust-mbedtls/blob/yx/upgrade-mbedtls/mbedtls/tests/support/net.rs
- tests under