mbedtls: complete version 4 compatibility#3594
Open
stefan-sedlak wants to merge 4 commits into
Open
Conversation
Keep the compatibility handling localized to the mbedtls backend and include boundaries while preserving existing 2.x and 3.x behavior. Add the missing 4.x private-header and PSA-backed glue for hashing, key handling, x509 paths and COSE RSA signing, and keep the broadened RSA key completion logic limited to 4.x so older versions retain their previous behavior. Validated with api-test-gencrypto, api-test-x509, crypto-cose-sign-7 and crypto-cose-sign-8 on mbedTLS 2.28.10, 3.6.6 and 4.1.0.
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds support for building libwebsockets against mbedTLS 4.x while keeping compatibility with 2.x/3.x. mbedTLS 4 removes the legacy ctr_drbg/entropy modules, relocates many headers under mbedtls/private/, and exposes PSA Crypto as the primary API; this PR introduces detection, header-path shims, RNG/key-parsing wrappers, and legacy-type stubs to bridge those differences.
Changes:
- New CMake checks (
LWS_HAVE_MBEDTLS_V4,LWS_HAVE_MBEDTLS_PRIVATE_*_H) plus conditional includes throughout the tree to pick the right header location for each mbedTLS major. - New
lws_mbedtls_*wrapper helpers (PK parse, RNG conf, CSR/CRT write, RSA/EC keygen, global crypto init) plus inline shims formbedtls_rsa_complete, ECDH context, and PSS sign/verify when building against mbedTLS 4. - Reworked
lws_x509_public_to_jwk/lws_x509_jwk_privkey_pemto derive JWK elements via PSA export / ASN.1 parsing when the legacy RSA/ECP internals are unavailable.
Reviewed changes
Copilot reviewed 24 out of 24 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| cmake/lws_config.h.in | Adds new LWS_HAVE_MBEDTLS_* config defines. |
| lib/tls/mbedtls/CMakeLists.txt | Detects mbedTLS 4 and the TF-PSA-Crypto private headers; fails fast if missing. |
| include/libwebsockets.h | Conditionally includes private mbedTLS headers and provides opaque stub types for removed entropy/drbg. |
| include/libwebsockets/lws-gen{aes,chacha,dtls,ec,rsa}.h | Public headers updated to pick private headers / forward-declare types for mbedTLS 4. |
| lib/core/private-lib-core.h | Provides inline stubs for removed mbedtls_entropy_* / mbedtls_ctr_drbg_* functions on mbedTLS 4. |
| lib/core/context.c | Uses the v4 form of mbedtls_version_get_string. |
| lib/cose/cose_sign_alg.c | Uses signer return length instead of precomputed bytes and marks alg failed on error. |
| lib/tls/lws-genchacha.c | Picks private chacha/cipher headers under mbedTLS 4. |
| lib/tls/private-lib-tls.h | Conditional include of private AES/GCM/ECP/ECDSA/RSA headers. |
| lib/tls/mbedtls/private-lib-tls-mbedtls.h | Core compatibility layer: PSA init, RNG wrappers, PK/CSR/CRT helpers, ECDH/PSS/mbedtls_rsa_complete reimplementations. |
| lib/tls/mbedtls/mbedtls-tls.c | Calls lws_mbedtls_global_crypto_init during SSL library init. |
| lib/tls/mbedtls/mbedtls-server.c | Switches CSR creation to the new keygen / CSR-write wrappers. |
| lib/tls/mbedtls/mbedtls-extensions.c | Local re-declaration of mbedtls_oid_descriptor_t because the type is no longer public. |
| lib/tls/mbedtls/mbedtls-x509.c | New v4 paths for cert info, JWK from public/private keys via PSA + ASN.1. |
| lib/tls/mbedtls/lws-gen{aes,dtls,ec,hash,rsa}.c | Re-route to new wrappers, adjust struct access for v4, compute key length from N. |
| lib/tls/mbedtls/wrapper/platform/ssl_pm.c | Uses lws_mbedtls_ssl_conf_rng and lws_mbedtls_pk_parse_key. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Tighten the 4.x RSA completion gate, fix the PSA ECDSA algorithm selection, harden RSA public-key JWK extraction for SPKI-wrapped DER, and reduce public mbedtls 4 type leakage by keeping legacy RNG shims out of umbrella public headers. Also cache PSA initialization in the 4.x compatibility helpers and document the unsupported AES mode return.
Member
|
I think it's good to support mbedtls4 but probably these patches aren't quite the way. Let me take a look tomorrow and see if we can match what your patches do in a slightly better way. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This completes mbedTLS 4.x compatibility while keeping the change surface
localized to the mbedTLS backend and include boundaries, so existing 2.x and
3.x support is preserved.
mbedTLS 4.x moved a number of low-level details behind TF-PSA private headers
and also needs PSA-backed initialization in standalone crypto paths that older
versions did not. This patch keeps those differences inside the mbedTLS
integration layer instead of spreading version-specific handling through
generic code.
The main pieces are:
their previous behaviour
instead of serializing an empty signature on error
Validation was kept conservative:
crypto-cose-sign-8 all pass
crypto-cose-sign-8 all pass
crypto-cose-sign-8 all pass
failures remaining:
Full 2.x / 3.x broad reruns were also attempted, but those runs were dominated
by unrelated external network / CA-environment instability, so the focused
cross-version regression slice above is the reliable validation signal for this
patch.
Review Note:
It was developed by GPT-5.4. I tried to review it as much as possible. If it is garbage I will keep it on my private repo.