Mbed-TLS
mbedtls 4.x does not expose mbedtls_ecp_curve_list()
Suggested enhancement
RFE: mbedtls 4.x mbedtls_ecp_curve_info and mbedtls_ecp_curve_list() should be public interfaces, as they currently are in mbedtls 3.x. In mbedtls 4.0.0 beta, they are hidden behind MBEDTLS_DECLARE_PRIVATE_IDENTIFIERS
Justification
lighttpd mod_mbedtls allows the admin to specify groups/curves to be allowed. This is a security requirement for those who want or need to disable FFDHE groups, such as those following Mozilla Server Side TLS guidelines where the groups/curves list is explicitly defined. https://wiki.mozilla.org/Security/Server_Side_TLS https://github.com/mozilla/ssl-config-generator/issues/270 (Aside: a future version of the Mozilla guidelines will include PQC groups, where available)
For more details on lighttpd's use, please refer to lighttpd mod_mbedtls.c:mod_mbedtls_ssl_conf_curves() https://git.lighttpd.net/lighttpd/lighttpd1.4/src/branch/master/src/mod_mbedtls.c#L4642
We aren't going to expose mbedtls_ecp_curve_info because these are now internal representations. The external representation of a curve is its PSA curve family and its bit size. So we would need a new function to expose that.
I guess exposing the TLS NamedCurve identifier as part of this interface is desired? If so this should really be a TLS API — the crypto library isn't supposed to know about TLS.
And in fact if this API should know about FFDH groups as well, it isn't an ECP API.
I guess exposing the TLS NamedCurve identifier as part of this interface is desired?
Yes, I need to map the user-provided "string-names" to TLS ids.
If so this should really be a TLS API — the crypto library isn't supposed to know about TLS.
Probably.
And in fact if this API should know about FFDH groups as well, it isn't an ECP API.
What mbedtls 4.x interfaces do you recommend to use for building a uint16_t list of TLS ids of groups to pass to mbedtls_ssl_conf_groups()? Should I hard-code the TLS ids from the RFCs to make my own string name -> id table?