So far, `ssl_client2` printed the CRT info for the peer's CRT
by requesting the latter through `mbedtls_ssl_get_peer_cert()`
at the end of the handshake, and printing it via
`mbedtls_x509_crt_info()`. When `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE`
is disabled, this does no longer work because the peer's CRT
isn't stored beyond the handshake.
This makes some tests in `ssl-opt.sh` fail which rely on the CRT
info output for the peer certificate.
This commit modifies `ssl_client2` to extract the peer CRT info
from the verification callback, which is always called at a time
when the peer's CRT is available. This way, the peer's CRT info
is still printed if `MBEDTLS_SSL_KEEP_PEER_CERTIFICATE` is disabled.
Additional work done as part of merge:
- Run ./tests/scripts/check-generated-files.sh and check in the
resulting changes to programs/ssl/query_config.c
When `MBEDTLS_PLATFORM_C` is not enabled, our PSA Crypto implementation
depends on the standard C library for functions like snprintf() and
exit(). However, our implementation was not including the proper header
files nor redefining all `mbedtls_*` symbols properly to ensure
successful builds without MBEDTLS_PLATFORM_C. Add the necessary header
files and macro definitions to our PSA Crypto implementation.
When MBEDTLS_CHECK_PARAMS is enabled, it's required to have an
implementation of mbedtls_param_failed() present. Without it in the PSA
examples, building the PSA examples will result in linker errors like
the following.
../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_import':
rsa.c:(.text+0x9fd): undefined reference to `mbedtls_param_failed'
../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_import_raw':
rsa.c:(.text+0xb0b): undefined reference to `mbedtls_param_failed'
../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_complete':
rsa.c:(.text+0xe63): undefined reference to `mbedtls_param_failed'
../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_export_raw':
rsa.c:(.text+0xfee): undefined reference to `mbedtls_param_failed'
../../library/libmbedcrypto.a(rsa.c.o): In function `mbedtls_rsa_export':
rsa.c:(.text+0x116f): undefined reference to `mbedtls_param_failed'
../../library/libmbedcrypto.a(rsa.c.o):rsa.c:(.text+0x1304): more undefined
references to `mbedtls_param_failed' follow
collect2: error: ld returned 1 exit status
programs/psa/CMakeFiles/crypto_examples.dir/build.make:97: recipe for target
'programs/psa/crypto_examples' failed
make[2]: *** [programs/psa/crypto_examples] Error 1
Add an implementation of mbedtls_param_failed() to the PSA Crypto
examples to avoid getting this error on the PSA examples.
Resolve conflicts by performing the following.
- Take the upstream Mbed TLS ChangeLog verbatim.
- Reject changes to Makefiles and CMake that are related to using Mbed
Crypto as a submodule. It doesn't make sense to use Mbed Crypto as a
submodule of itself.
- Reject README changes, as Mbed Crypto has its own, different README.
- Reject PSA-related changes to config.h. We don't want to disable the
availability of the PSA Crypto API by default in the Mbed Crypto
config.h.
- Don't inadvertently revert dead code removal in
mbedtls_cipher_write_tag() which was added in f2a752940307 ("Fix
double return statement in cipher.c")
- Where Mbed Crypto already had some MBEDTLS_USE_PSA_CRYPTO code (from
past companion PRs) take the latest version from Mbed TLS which
includes integration with MBEDTLS_CHECK_PARAMS.
- Update the version of the shared library files to match what's
currently present in Mbed TLS.
- Reject removal of testing with PSA from config full tests.
- Resolve conflicts in test tests/suites/helpers.function, where both
Mbed Crypto and Mbed TLS both added documentation for TEST_ASSERT.
Combine text from both documentation efforts.
- Reject adding a submodule of ourselves.
- Reject addition of submodule tests in all.sh.
- Reject addition of submodule to library path in
tests/scripts/run-test-suites.pl.
- Avoid using USE_CRYPTO_SUBMODULE=1 in
component_test_use_psa_crypto_full_cmake_asan() in all.sh.
Merge a development version of Mbed TLS 2.16.0 that doesn't have
parameter validation into development.
The following conflicts were resolved:
- Update ChangeLog to include release notes merged from development so
far, with a version of "2.14.0+01b34fb316a5" and release date of
"xxxx-xx-xx" to show this is not a released version, but instead a
snapshot of the development branch equivalent to version of the 2.14.0
with additional commits from the mbedtls/development branch up through
01b34fb316a5 included. Entries added for unreleased versions of Mbed
Crypto remain at the top of the file for Mbed TLS 2.xx.x.
- Replace the Mbed Crypto version of
mbedtls_rsa_rsaes_pkcs1_v15_decrypt() with the version from Mbed TLS
which fixes timing variations and memory access variations that could
lead to a Bleichenbacher-style padding oracle attack. This will
prevent using psa_asymmetric_decrypt() with zero-length output buffers
until a follow up commit is made to restore this capability.
- In ssl_srv.c, include changes for both the new ECDH interface and
opaque PSK as already added to development previously.
Additional changes to temporarily enable running tests:
ssl_srv.c and test_suite_ecdh use mbedtls_ecp_group_load instead of
mbedtls_ecdh_setup
test_suite_ctr_drbg uses mbedtls_ctr_drbg_update instead of
mbedtls_ctr_drbg_update_ret
psa_status_t is currently a signed type where only non-negative values
are used, which makes things a bit awkward. For now, non-negative
values trigger an error. This code will need to be revised if we
switch to using negative values as error codes.
