Closed HomeACcessoryKid closed 5 months ago
Thanks for your report. I'm labeling "bug" and scheduling for the next release as this looks like a usability regression in 3.0.
A few thoughts and questions:
There is an API to do
mbedtls_ecp_read_pubkey(grp_id, &mbedtls_ecp_key, but, len);
There is an API to dombedtls_ecp_check_pubkey(&mbedtls_ecdsa_ctx);
I'm not sure the second one would be necessary, as read_pubkey()
should probably validate the public key anyway.
Taking a step back, currently the intention in the API is that key parsing (and writing) is handled by the PK layer: mbedtls_pk_parse_key()
and mbedtls_pk_parse_public_key()
which support a variety of standard formats. This populates an mbedtls_pk_context
that you can then use to verify a signature, in the same format as mbedtls_ecdsa_read_signature()
.
Would switching to PK work for you? It probably depends in which format you're getting your key, but the buffer+23
in you code snippet suggests you're already getting more than just the "point" part.
Also, I would like to point out that in the next major version of Mbed TLS (that is, 4.0, no due date so far), we intend to remove all of ecdsa.h
and ecp.h
from the public API, leaving only the PSA Crypto API (and probably some of pk.h
, to be determined). Would switching to the PSA Crypto API work for you? It looks like psa_import_key()
does accept the same format for public keys as you are currently using, namely just an uncompressed EC point. However, switching to PSA Crypto is likely to be more work.
Just to let you know I saw your feedback. Thanks for that and sorry for the delayed response.
My considerations is that I want to just use what is available in ESP IDF. As you refer to a PSA API, which is an ARM initiative, I expect that to port to ESP only once you have switched over in mbedtls and then ESP has adopted it. If you have a link to show that it is in IDF v5 already, then that would be worth pointing out.
So, I want to think inside mbedtls v3 and you ask if I could use PK layer. The thing is that I use the raw EC point and without having verified this, I guess that makes PK not compatible. Is that correct?
One thing is, that I never found a good document helping one to get the bigger picture of all the mbedtls stuff. If you have that, I might have a look there.
Otherwise, I hope that we keep to use mbed also as a generic crypto library and not just a https server library. Similar to wolfcrypt as part of wolfssl.
So, bottom line, please keep the regression bug and I will continue with my current code.
Thanks again for your help and product.
PSA APIs have been available in Mbed TLS for a long time. I don't know ESP IDF, but unless they've deliberately removed PSA APIs, they're available. And psa_import_key
can read the same format as mbedtls_ecp_point_read_binary
.
That being said, as Manuel said, converting your code to use the PSA might to be a significant effort. But it wouldn't be wasted effort, since it would prepare you for Mbed TLS 4.0. Whether you should do it now depends partly on whether you would run into problems (some “exotic” things in TLS might not be easy to make work with PSA yet, and it might increase the code size), which depends heavily on what your application does.
This has been resolved by https://github.com/Mbed-TLS/mbedtls/pull/7815 which is merged in the development
branch and will be in the next minor release of Mbed TLS (3.6.0). This introduces a function mbedtls_ecp_set_public_key()
. Combined with mbedtls_ecp_point_read_binary
, this function allows filling an mbedtls_ecp_keypair
object with a public key, taking the input in the standard binary format (compressed or uncompressed point).
Summary
I start using ESP IDF v5.0 and this has mbedtls updated from 2.x to 3.0 Now private struct members are shielded and that is OK, BUT there is no API to load a ECP public key.
System information
Mbed TLS version (number or commit id): as in IDF v5.0 Operating system and version: Configuration (if not default, please attach
mbedtls_config.h
): Compiler and options (if you used a pre-built binary, please indicate how you obtained it): Additional environment information:Expected behavior
There is an API to do
mbedtls_ecp_read_pubkey(grp_id, &mbedtls_ecp_key, but, len);
There is an API to dombedtls_ecp_check_pubkey(&mbedtls_ecdsa_ctx);
Actual behavior
this used to work in ESP IDF v4.4.3 but without support for private struct entries, it is not possible
Steps to reproduce
https://github.com/HomeACcessoryKid/LCM4ESP32/blob/main/main/ota.c#L412 use docker to compile this in esp idf v5.0 image remove
#include "mbedtls/certs.h"
firstAdditional information