Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider using bitfields for TLS 1.2 key exchange identifiers #4832

Open
hanno-becker opened this issue Aug 3, 2021 · 2 comments
Open

Consider using bitfields for TLS 1.2 key exchange identifiers #4832

hanno-becker opened this issue Aug 3, 2021 · 2 comments
Labels
component-tls enhancement

Comments

@hanno-becker
Copy link

Mbed TLS maintains an internal (in the sense that it is not used in any public API) enum for key exchange identifiers:

typedef enum {
    MBEDTLS_KEY_EXCHANGE_NONE = 0,
    MBEDTLS_KEY_EXCHANGE_RSA,
    MBEDTLS_KEY_EXCHANGE_DHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
    MBEDTLS_KEY_EXCHANGE_PSK,
    MBEDTLS_KEY_EXCHANGE_DHE_PSK,
    MBEDTLS_KEY_EXCHANGE_RSA_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
    MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
    MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
    MBEDTLS_KEY_EXCHANGE_ECJPAKE,
} mbedtls_key_exchange_type_t;

The suggestion is to replace this by a list of bitfield macros, at the benefit of reduced code size for checks like

static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info )
{
    switch( info->MBEDTLS_PRIVATE(key_exchange) )
    {
        case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
        case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
        case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
        case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
        case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
        case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
            return( 1 );

        default:
            return( 0 );
    }
}
@hanno-becker
Copy link
Author

This came up in #4811. CC @mpg @gilles-peskine-arm

yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 6, 2021
@yuhaoth
tls1.3: Add conf check in structure setup stage.
0c9d120 
Make sure tls1.3 and tls1.2 are not both enabled.
Before we resolve Mbed-TLS#4832, keep this test case.


CustomizedGitHooks: yes
Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 9, 2021
@yuhaoth
tests: Add negative version config tests.
7e23b3a 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 9, 2021
@yuhaoth
tests: Add negative version config tests.
0142da4 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 9, 2021
@yuhaoth
tests: Add negative version config tests.
687888e 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 9, 2021
@yuhaoth
tests: Add negative version config tests.
9288817 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 10, 2021
@yuhaoth
tests: Add negative version config tests.
9ba9ee6 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 10, 2021
@yuhaoth
tests: Add negative version config tests.
2bd1211 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 10, 2021
@yuhaoth
tests: Add negative version config tests.
7b32f45 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 10, 2021
@yuhaoth
tests: Add negative version config tests.
48d9fdc 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
yuhaoth added a commit to yuhaoth/mbedtls1.3 that referenced this issue Aug 10, 2021
@yuhaoth
tests: Add negative version config tests.
c46e9b4 
tls1.3 and tls1.2 can not be enabled at same
time before Mbed-TLS#4832 resolved.

And the test won't run into `handshake` stage, add
`skip_handshak_check` function to skip it.

Change-Id: I13f3b06b2f33b9c9beb8cac90f5fda41a4ed53f3
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
@gilles-peskine-arm
Copy link
Contributor

In the next release of Mbed TLS (Mbed TLS 4.0), we will remove support for RSA, RSA-PSK, static ECDH and finite-field DH key exchanges. This vastly reduces the number of places where we filter for multiple key exchange types, and brings the set of TLS 1.2 key exchanges closer to 1.3. So we might be able to unify mbedtls_key_exchange_type_t with MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_xxx bit masks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
component-tls enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@daverodgman @gilles-peskine-arm @hanno-becker @bensze01