ThePassionate opened a new pull request, #3338:
URL: https://github.com/apache/nuttx-apps/pull/3338
## Summary
This commit introduces significant functional enhancements and code
optimizations to the `crypto/openssl_mbedtls_wrapper` component. The primary
goal is to **improve the functional completeness, debugging convenience, code
robustness, and memory safety of this wrapper layer**, providing upper-layer
applications with a more stable MbedTLS backend that more closely aligns with
the standard OpenSSL API.
**Key Changes and Rationale:**
1. **New Configuration Options (`Kconfig`)**: Introduces four debug
behavior configurations (`DEBUG`, `EXIT`, `DEBUG_EXIT`, `DEBUG_BLOCK`) for the
`SSL_ASSERT` macros. This allows developers to flexibly choose the handling
strategy upon assertion failure (print only, return error code only, print then
return, print then block) based on debugging or production environment needs,
significantly enhancing issue diagnosis capabilities.
2. **Greatly Expanded API Compatibility**:
* **Header File Expansion**: Added numerous function declarations,
type definitions, and macros in headers such as `bio.h`, `err.h`, `evp.h`,
`ssl.h`, `ssl_local.h`, `tls1.h`, `types.h`, and `x509.h`. For example,
critical APIs for `BIO` chaining, `SSL` session management, `TLS` protocol
version methods, and `X509` certificate file loading were added, substantially
improving compatibility with existing OpenSSL code.
* **New Implementation Files**: Added implementations for key modules
like `bio_b64.c` (Base64 BIO filter), `bio_lib.c` (BIO core library), and
`bss_mem.c` (memory BIO), completing foundational functionality.
3. **Refactored and Optimized Core Implementation (`ssl_pm.c`, `ssl_lib.c`,
etc.)**:
* **Memory Management Optimization**: Changed the internal certificate
structure (`x509_pm.x509_crt`) from a dynamically allocated pointer to a stack
object. This simplifies lifecycle management and eliminates potential memory
leaks and null pointer dereferences.
* **Functional Enhancements**: Added `x509_pm_load_file` and
`x509_pm_load_path` methods to the `x509_pm` structure, supporting direct
certificate loading from files or paths for improved usability.
* **Strengthened Error Handling**: Enhanced the translation logic from
MbedTLS error codes to OpenSSL error codes (e.g., `SSL_ERROR_WANT_READ/WRITE`)
in functions like `ssl_pm_read/write`, leading to more precise error handling.
* **Code Cleanup and Standardization**: Removed the redundant
`LOCAL_ATTR` macro for consistent coding style. Replaced `printf` debug outputs
with the project-defined `SSL_DEBUG` macro for more standardized and
controllable logging.
## Impact
* **Impact on Users (Developers)**:
* **Positive Impact**: Applications using this wrapper can now call
more standard OpenSSL APIs (e.g., `BIO_f_base64`,
`SSL_CTX_use_certificate_chain_file`, `ERR_print_errors_cb`), improving
portability and development experience. The new debug options provide powerful
tools for troubleshooting TLS/SSL issues.
* **Potential Impact**: Due to the internal structure change of
`struct x509_pm` (`x509_crt` changed from a pointer to an embedded object), any
third-party code or downstream patches directly manipulating this internal
structure may require adjustments. This change is necessary for advancing
towards a safer, simpler memory model.
* **Impact on Security**: Positive impact. The optimized memory management
model reduces risks associated with improper memory handling. More complete
error handling aids developers in writing more robust secure communication code.
## Testing
* **Verification Methods**:
1. **Build Testing**: Performed full builds on multiple target
architectures (e.g., armv7-m, armv8-m, risc-v) using default configurations and
configurations with `OPENSSL_MBEDTLS_WRAPPER` enabled, ensuring no compilation
errors or warnings.
2. **Functional Testing**:
* Wrote test programs using the new APIs to verify the read/write
functionality of Base64 BIO and memory BIO.
* Tested new file loading interfaces like
`SSL_CTX_use_certificate_chain_file`.
* Verified that different `SSL_ASSERT` configuration modes behave
as expected under simulated error conditions (e.g., printing info, exiting, or
blocking upon assertion failure).
* **Test Environment (Example, please update based on actual situation)**:
* **Host**: Ubuntu 22.04, GCC 11.4.0
* **Target/Board**: `sim:nsh` (simulator)
* **Configuration**: enabling `CRYPTO_MBEDTLS` and
`OPENSSL_MBEDTLS_WRAPPER`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
