Topics

[Networking][Mbedtls] Judicious use of cipher suites


Prabhu Vinod, Karthik
 

Hi

 

I wanted to check if there is a way to use cryptographic cipher suites without including following config options.

 

CONFIG_MBEDTLS=y

CONFIG_MBEDTLS_BUILTIN=y

 

CONFIG_MBEDTLS_ENABLE_HEAP=y

CONFIG_MBEDTLS_HEAP_SIZE=56240

CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y

CONFIG_MBEDTLS_USER_CONFIG_FILE="user-tls.conf"

 

In most user space application clients like those of mqtt, co-ap https etc,  I have observed we associate a tls_config with a socket as a socket_opt. I wanted to know if we could use a very small set of cipher suites just by providing the list of cipher suites in tls_config->cipher_list  and skip enabling the CONFIG_MBEDTLS, CONFIG_MBEDTLS_BUILTIN. I don’t want to use config-tls-generic config file as the default as it contains almost all the cipher suites

 

At Application level we can do the below:

struct mqtt_sec_config *tls_config = &client->transport.tls.config;

 

tls_config->peer_verify = 2;

tls_config->cipher_list = NULL;

tls_config->sec_tag_list = m_sec_tags;

tls_config->sec_tag_count = ARRAY_SIZE(m_sec_tags);

tls_config->hostname = hostname;

 

 

Look forward to some suggestions here

 

 

Many Regards,

Karthik Prabhu Vinod

 

Help save the planet by choosing not to use single use plastics. Pick paper, bamboo or metal cutlery and carry your own bag to the grocery store. Every little thing you do makes an impact.


Lubos, Robert
 

Hi Karthik,

 

In order to use cryptography you need a cryptographic library. Our networking applications use mbedTLS, therefore I don’t see a way to disable it, while still using cryptographic features.

 

I’m also surprised about what you write about config-tls-generic.h. It does indeed enable some ciphersuites by default (the ones used by our demo apps), but in fact it’s just a small subset of all ciphersuites available in the mbedTLS library. And they all can be disabled through Kconfig, or a proper configuration in your prj.conf file.

Especially that usage of CONFIG_MBEDTLS_USER_CONFIG_FILE indicates that you do use the generic config, perhaps you wanted to use CONFIG_MBEDTLS_CFG_FILE to use a custom one?

 

Regarding your question on limiting ciphersuites, you can do it in two ways:

  1. You can enable only a subset of available ciphersuites through a socket option, just as you noticed (see TLS_CIPHERSUITE_LIST, or tls_config->cipher_list in case of MQTT). This option accepts an array of integers, with IANA assigned ciphersuite identificatiors (see https://github.com/zephyrproject-rtos/zephyr/blob/master/ext/lib/crypto/mbedtls/include/mbedtls/ssl_ciphersuites.h)

Just note, that this configuration is a runtime configuration – all ciphersuites that were configured in your mbedTLS config file, but are not used, are still compiled in your application.

  1. You can specify a list of ciphersuites that should be available in the mbedTLS by specifying MBEDTLS_SSL_CIPHERSUITES config, see https://github.com/zephyrproject-rtos/zephyr/blob/9983710c442186e477e67fe04895a1e2be0609b2/ext/lib/crypto/mbedtls/configs/config-thread.h#L90 for sample use. This option will compile in only the selected cihpersuites.

 

Of course you can combine both approaches, and limit a compile-time number of ciphersuites, and then use different ciphersuites on different TLS contexts (sockets).

 

Regards,

Robert

 

From: users@... [mailto:users@...] On Behalf Of Prabhu Vinod, Karthik via Lists.Zephyrproject.Org
Sent: Thursday, April 4, 2019 07:25
To: users@...
Cc: users@...
Subject: [Zephyr-users] [Networking][Mbedtls] Judicious use of cipher suites

 

Hi

 

I wanted to check if there is a way to use cryptographic cipher suites without including following config options.

 

CONFIG_MBEDTLS=y

CONFIG_MBEDTLS_BUILTIN=y

 

CONFIG_MBEDTLS_ENABLE_HEAP=y

CONFIG_MBEDTLS_HEAP_SIZE=56240

CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y

CONFIG_MBEDTLS_USER_CONFIG_FILE="user-tls.conf"

 

In most user space application clients like those of mqtt, co-ap https etc,  I have observed we associate a tls_config with a socket as a socket_opt. I wanted to know if we could use a very small set of cipher suites just by providing the list of cipher suites in tls_config->cipher_list  and skip enabling the CONFIG_MBEDTLS, CONFIG_MBEDTLS_BUILTIN. I don’t want to use config-tls-generic config file as the default as it contains almost all the cipher suites

 

At Application level we can do the below:

struct mqtt_sec_config *tls_config = &client->transport.tls.config;

 

tls_config->peer_verify = 2;

tls_config->cipher_list = NULL;

tls_config->sec_tag_list = m_sec_tags;

tls_config->sec_tag_count = ARRAY_SIZE(m_sec_tags);

tls_config->hostname = hostname;

 

 

Look forward to some suggestions here

 

 

Many Regards,

Karthik Prabhu Vinod

 

Help save the planet by choosing not to use single use plastics. Pick paper, bamboo or metal cutlery and carry your own bag to the grocery store. Every little thing you do makes an impact.


Prabhu Vinod, Karthik
 

Thanks for the detailed answer. This is really helpful. I was able to make it work.

 

Many Regards,

Karthik Prabhu Vinod

 

Help save the planet by choosing not to use single use plastics. Pick paper, bamboo or metal cutlery and carry your own bag to the grocery store. Every little thing you do makes an impact.

 

From: "Lubos, Robert" <Robert.Lubos@...>
Date: Thursday, April 4, 2019 at 12:58 AM
To: "Karthik Prabhu Vinod (Intel)" <karthik.prabhu.vinod@...>, "users@..." <users@...>
Subject: RE: [Zephyr-users] [Networking][Mbedtls] Judicious use of cipher suites

 

Hi Karthik,

 

In order to use cryptography you need a cryptographic library. Our networking applications use mbedTLS, therefore I don’t see a way to disable it, while still using cryptographic features.

 

I’m also surprised about what you write about config-tls-generic.h. It does indeed enable some ciphersuites by default (the ones used by our demo apps), but in fact it’s just a small subset of all ciphersuites available in the mbedTLS library. And they all can be disabled through Kconfig, or a proper configuration in your prj.conf file.

Especially that usage of CONFIG_MBEDTLS_USER_CONFIG_FILE indicates that you do use the generic config, perhaps you wanted to use CONFIG_MBEDTLS_CFG_FILE to use a custom one?

 

Regarding your question on limiting ciphersuites, you can do it in two ways:

  1. You can enable only a subset of available ciphersuites through a socket option, just as you noticed (see TLS_CIPHERSUITE_LIST, or tls_config->cipher_list in case of MQTT). This option accepts an array of integers, with IANA assigned ciphersuite identificatiors (see https://github.com/zephyrproject-rtos/zephyr/blob/master/ext/lib/crypto/mbedtls/include/mbedtls/ssl_ciphersuites.h)

Just note, that this configuration is a runtime configuration – all ciphersuites that were configured in your mbedTLS config file, but are not used, are still compiled in your application.

  1. You can specify a list of ciphersuites that should be available in the mbedTLS by specifying MBEDTLS_SSL_CIPHERSUITES config, see https://github.com/zephyrproject-rtos/zephyr/blob/9983710c442186e477e67fe04895a1e2be0609b2/ext/lib/crypto/mbedtls/configs/config-thread.h#L90 for sample use. This option will compile in only the selected cihpersuites.

 

Of course you can combine both approaches, and limit a compile-time number of ciphersuites, and then use different ciphersuites on different TLS contexts (sockets).

 

Regards,

Robert

 

From: users@... [mailto:users@...] On Behalf Of Prabhu Vinod, Karthik via Lists.Zephyrproject.Org
Sent: Thursday, April 4, 2019 07:25
To: users@...
Cc: users@...
Subject: [Zephyr-users] [Networking][Mbedtls] Judicious use of cipher suites

 

Hi

 

I wanted to check if there is a way to use cryptographic cipher suites without including following config options.

 

CONFIG_MBEDTLS=y

CONFIG_MBEDTLS_BUILTIN=y

 

CONFIG_MBEDTLS_ENABLE_HEAP=y

CONFIG_MBEDTLS_HEAP_SIZE=56240

CONFIG_MBEDTLS_USER_CONFIG_ENABLE=y

CONFIG_MBEDTLS_USER_CONFIG_FILE="user-tls.conf"

 

In most user space application clients like those of mqtt, co-ap https etc,  I have observed we associate a tls_config with a socket as a socket_opt. I wanted to know if we could use a very small set of cipher suites just by providing the list of cipher suites in tls_config->cipher_list  and skip enabling the CONFIG_MBEDTLS, CONFIG_MBEDTLS_BUILTIN. I don’t want to use config-tls-generic config file as the default as it contains almost all the cipher suites

 

At Application level we can do the below:

struct mqtt_sec_config *tls_config = &client->transport.tls.config;

 

tls_config->peer_verify = 2;

tls_config->cipher_list = NULL;

tls_config->sec_tag_list = m_sec_tags;

tls_config->sec_tag_count = ARRAY_SIZE(m_sec_tags);

tls_config->hostname = hostname;

 

 

Look forward to some suggestions here

 

 

Many Regards,

Karthik Prabhu Vinod

 

Help save the planet by choosing not to use single use plastics. Pick paper, bamboo or metal cutlery and carry your own bag to the grocery store. Every little thing you do makes an impact.