mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard

Published 20 hours ago verified publisher icon Mbed-TLS

Remove RSA-PSK key exchange

Open gilles-peskine-arm opened this issue 4 months ago • 0 comments

Remove the RSA-PSK key exchange in TLS 1.2.

  • Prerequisites: none.
  • Config option: MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
  • Key exchange type: MBEDTLS_KEY_EXCHANGE_RSA_PSK
  • Affected cipher suite macros regex: MBEDTLS_TLS_RSA_PSK_\w+
  • Full list of cipher suite names: 
    TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256
TLS-RSA-PSK-WITH-AES-256-GCM-SHA384
TLS-RSA-PSK-WITH-AES-256-CBC-SHA384
TLS-RSA-PSK-WITH-AES-256-CBC-SHA
TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384
TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384
TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384
TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384
TLS-RSA-PSK-WITH-AES-128-GCM-SHA256
TLS-RSA-PSK-WITH-AES-128-CBC-SHA256
TLS-RSA-PSK-WITH-AES-128-CBC-SHA
TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256
TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256
TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256
TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256
TLS-RSA-PSK-WITH-NULL-SHA384
TLS-RSA-PSK-WITH-NULL-SHA256
TLS-RSA-PSK-WITH-NULL-SHA

Generic steps to remove a key exchange type

Generalized from https://github.com/Mbed-TLS/mbedtls/pull/9613.

  • Prerequisite: if there are test cases that force an affected cipher suite but whose objective is not limited to the key exchange type we're removing, adapt those test cases to use a different cipher suite that uses a key exchange that's staying.
  • Remove the configuration option and all code guarded by it (including the cipher suite definitions).
  • Remove test cases that force an affected cipher suite. At this point (after the prerequisites are done), they should be test cases whose objective is to test that particular cipher suite or at least that particular key exchange.
  • Remove the key exchange type in mbedtls_key_exchange_type_t and all code that uses it.
  • Remove all easily discoverable mentions of the key exchange type in documentation.
  • Remove the uses of the macros for affected cipher suites in include/mbedtls/mbedtls_config.h, library/ssl_ciphersuites.c and tests/compat.sh; and remove the macro definitions in include/mbedtls/ssl_ciphersuites.h.
  • Remove code that's specific to this key exchange type or to an associated cipher suite from tests/scripts/translate_ciphers.py.
  • Remove any remaining discoverable mention of the key exchange type. This step depends on the key exchange and typically cannot be fully planned out until the other steps are done. If this turns out to be a significant amount of work, file an issue for it, and determine whether that is a blocker for the 4.0 release.
  • Changelog entry.

gilles-peskine-arm avatar Oct 10 '24 20:10 gilles-peskine-arm