lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Call psa_crypto_init in the library when required for TLS 1.3

Browse Source 
For backward compatibility with Mbed TLS <=3.5.x, applications must be able
to make a TLS connection with a peer that supports both TLS 1.2 and TLS 1.3,
regardless of whether they call psa_crypto_init(). Since Mbed TLS 3.6.0,
we enable TLS 1.3 in the default configuration, so we must take care of
calling psa_crypto_init() if needed. This is a change from TLS 1.3 in
previous versions, where enabling MBEDTLS_SSL_PROTO_TLS1_3 was a user
choice and could have additional requirement.

This commit makes the library call psa_crypto_init() when it needs PSA
crypto in a situation where the application might not have called it,
namely, when starting a TLS 1.3 connection.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2024-08-23 21:55:24 +02:00
parent cd4da16eea
commit 069bccdf78
5 changed files with 44 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
library/ssl_misc.h
View File

@ -1891,6 +1891,26 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13(const mbedtls_ssl_confi
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 && MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
/** \brief Initialize the PSA crypto subsystem if necessary.
*
* Call this function before doing any cryptography in a TLS 1.3 handshake.
*
* This is necessary in Mbed TLS 3.x for backward compatibility.
* Up to Mbed TLS 3.5, in the default configuration, you could perform
* a TLS connection with default parameters without having called
* psa_crypto_init(), since the TLS layer only supported TLS 1.2 and
* did not use PSA crypto. (TLS 1.2 only uses PSA crypto if
* MBEDTLS_USE_PSA_CRYPTO is enabled, which is not the case in the default
* configuration.) Starting with Mbed TLS 3.6.0, TLS 1.3 is enabled
* by default, and the TLS 1.3 layer uses PSA crypto. This means that
* applications that are not otherwise using PSA crypto and that worked
* with Mbed TLS 3.5 started failing in TLS 3.6.0 if they connected to
* a peer that supports TLS 1.3. See
* https://github.com/Mbed-TLS/mbedtls/issues/9072
*/
int mbedtls_ssl_tls13_crypto_init(mbedtls_ssl_context *ssl);
extern const uint8_t mbedtls_ssl_tls13_hello_retry_request_magic[
MBEDTLS_SERVER_HELLO_RANDOM_LEN];
MBEDTLS_CHECK_RETURN_CRITICAL