mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard
verified publisher icon Mbed-TLS

Add support for ECDHE-PSK-AES-GCM/CCM ciphersuites

Open mpg opened this issue 7 years ago • 2 comments

Description

  • Type: Feature Request
  • Priority: Minor

Enhancement\Feature Request

Add support for the new ciphersuites with ECDHE-PSK key exchange and AEAD encryption from https://tools.ietf.org/html/draft-ietf-tls-ecdhe-psk-aead-05 (the draft is not an RFC yet but the ciphersuites already have codepoints assigned by IANA). (Edit: the draft is now RFC 8442.)

Justification - why does the library need this feature?

ECDHE-PSK key exchange can be interesting in a number of constrained scenarios including IoT. It is currently supported by Mbed TLS but the only ciphersuites defined with it use NULL, RC4 or CBC-mode encryption, all of which are deprecated or have issues. The draft adds ciphersuites based on ECDHE-PSK and modern AEAD algorithms such as AES-GCM and AES-CCM.

Support for these ciphersuites would be easy to add to Mbed TLS as we already have all the building blocks.

mpg avatar Jun 14 '18 08:06 mpg

This is now RFC 8442. +1 for this feature.

jethrogb avatar Jun 11 '19 17:06 jethrogb

Not sure if this will help bump the priority, but our Gramine project would like this feature to be added to mbedTLS: https://github.com/Mbed-TLS/mbedtls/issues/8170#issuecomment-2172715014

dimakuv avatar Jun 27 '24 14:06 dimakuv

I've added the labels "help-wanted" and "good-first-issue" to indicate that we would welcome a PR for this, and it should not require deep knowledge of the library to achieve. Here's an outline of steps

  • [ ] Add a paragraph to include/ssl/ssl_ciphersuites.h defining macros for the new ciphersuites with the value from section 4 - should go between RFC 7902 and RFC 8446 (TLS 1.3).
  • [ ] Add definitions for this ciphersuites in ciphersuite_definitions in library/ssl_ciphersuites.c. Check existing similar ciphersuites (some with ECDHE-PSK, some with AES-GCM, AES-CCM, AES-CCM-8) for applicable values and feature guard macros.
  • [ ] Add the ciphersuites to ciphersuite_preference in library/ssl_ciphersuites.c` - check the comment at the top for where to insert them (and look at existing entries).
  • [ ] Manually confirm that everything works my invoking programs/ssl/ssl_server2 and programs/ssl/ssl_client2 with appropriate options (forcing TLS 1.2 and use of one of the new ciphersuites).
  • [ ] Add test cases for the new ciphersuites in tests/suites/test_suite_ssl.data using the function handshake_psk_cipher (check existing uses of this function for examples).
  • [ ] Add the ciphersuites to tests/compat.sh - check if they are supported by OpenSSL and GnuTLS (if you are unsure about which versions we use on the CI, feel free to ask).

(And of course see CONTRIBUTING.md.)

mpg avatar Jul 01 '24 08:07 mpg