Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add accessor to get der from mbedtls_pem_context #5504

Merged
merged 3 commits into from
Feb 10, 2022
Merged

Add accessor to get der from mbedtls_pem_context #5504

merged 3 commits into from
Feb 10, 2022

Conversation

gstrauss
Copy link
Contributor

@gstrauss gstrauss commented Feb 4, 2022
edited by paul-elliott-arm
Loading

Description

Add accessor to get der from mbedtls_pem_context
closes #5414 Allow access to result of PEM decoding

Status

READY

Requires Backporting

NO

Migrations

NO

Todos

  • Tests
  • Documentation
  • Changelog updated

@gstrauss gstrauss mentioned this pull request Feb 4, 2022
Closed
@mpg mpg linked an issue Feb 7, 2022 that may be closed by this pull request
Allow access to result of PEM decoding #5414
Closed
@mpg mpg added Community needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Feb 7, 2022
mpg
mpg previously approved these changes Feb 7, 2022
View reviewed changes
Copy link
Contributor

@mpg mpg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I left a note about naming, I'm having doubts but I think the name is good enough, so I'm approving as is for now, and will wait to see that the second reviewer thinks.

include/mbedtls/pem.h Outdated Show resolved Hide resolved
@mpg
Copy link
Contributor

mpg commented Feb 7, 2022

MSVC does not seem to like the new function:

C:\builds\workspace\mbed-tls-pr-head_PR-5504-head\src\include\mbedtls/pem.h(116): error C2143: syntax error : missing '{' before 'const' [C:\builds\workspace\mbed-tls-pr-head_PR-5504-head\src\library\mbedcrypto.vcxproj]

I think it's actually about the inline keyword, and you probably want to copy-paste this block near the beginning of pem.h. Hopefully that's what the error was about, and it will make the CI pass.

@mpg mpg mentioned this pull request Feb 7, 2022
Closed
@gstrauss
Copy link
Contributor Author

gstrauss commented Feb 7, 2022

Thank you for fixing up the testing (#5508). If we change the function name to mbedtls_pem_get_raw(), that will need to be adjusted, too.

gilles-peskine-arm
gilles-peskine-arm requested changes Feb 7, 2022
View reviewed changes
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok for the code, but I'd like some documentation improvements.

include/mbedtls/pem.h Outdated Show resolved Hide resolved
ChangeLog.d/mbedtls_pem_get_der.txt Outdated Show resolved Hide resolved
include/mbedtls/pem.h Outdated Show resolved Hide resolved
tests/suites/test_suite_pem.function Outdated Show resolved Hide resolved
tests/suites/test_suite_pem.function Outdated Show resolved Hide resolved
include/mbedtls/pem.h Show resolved Hide resolved
tests/suites/test_suite_pem.function Outdated Show resolved Hide resolved
@gilles-peskine-arm gilles-peskine-arm added needs-work component-crypto Crypto primitives and low-level interfaces and removed needs-review Every commit must be reviewed by at least two team members, needs-reviewer This PR needs someone to pick it up for review labels Feb 7, 2022
@gstrauss
Copy link
Contributor Author

gstrauss commented Feb 7, 2022

I changed the name of the inline function to mbedtls_pem_get_buffer() and have incorporated the other changes requested by reviewers. Thanks!

@gstrauss
Copy link
Contributor Author

gstrauss commented Feb 7, 2022

@mpg: would you like me to cherry-pick your changes in #5508 to be part of this PR?

@mpg
Copy link
Contributor

mpg commented Feb 8, 2022

@mpg: would you like me to cherry-pick your changes in #5508 to be part of this PR?

Yes, if you don't mind, that would be nice, thanks!

gstrauss and others added 3 commits February 8, 2022 14:53
@gstrauss @gilles-peskine-arm
Add accessor to get buf from mbedtls_pem_context
72bd4e4 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
@mpg @gstrauss
Add success case for pem_read testing
33ab075 
Currently all cases were negative, so the block that exercised
mbedtls_pem_get_der() would never be reached.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg @gstrauss
Check the result of PEM decoding
1df23b9 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@gstrauss
Copy link
Contributor Author

gstrauss commented Feb 8, 2022

@mpg: would you like me to cherry-pick your changes in #5508 to be part of this PR?

Yes, if you don't mind, that would be nice, thanks!

Tests from #5508 have been cherry-picked into this PR. Thanks!

mpg
mpg approved these changes Feb 10, 2022
View reviewed changes
Copy link
Contributor

@mpg mpg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks for cherry-picking the test extensions.

@mpg mpg added needs-review Every commit must be reviewed by at least two team members, and removed needs-work labels Feb 10, 2022
@gstrauss
Copy link
Contributor Author

minor nit: I see the use of both \c param buflen and \c param buf_len in pem.h and other include/mbedtls/ headers. Which spelling is preferred?

@gilles-peskine-arm gilles-peskine-arm mentioned this pull request Feb 10, 2022
Closed
@gilles-peskine-arm
Copy link
Contributor

For future reference, please don't mark other people's review comments as resolved. It's up to the reviewer to decide whether they've been resolved satisfactorily. We use the convention that the “rocket” reaction belongs to the submitter and can mean “I've handled this in my working copy” or “I've commited a fix” or “I've pushed a fix” as you prefer.

gilles-peskine-arm
gilles-peskine-arm approved these changes Feb 10, 2022
View reviewed changes
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The test code could be made a little more robust, but I'm approving anyway in the interest of moving on.

tests/suites/test_suite_pem.function
Comment on lines +55 to +56
TEST_EQUAL( use_len, out->len );
TEST_ASSERT( memcmp( out->x, buf, out->len ) == 0 );
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have a macro for this.

Suggested change
TEST_EQUAL( use_len, out->len );
TEST_ASSERT( memcmp( out->x, buf, out->len ) == 0 );
ASSERT_COMPARE( out->x, out->len, buf, use_len );

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mpg FYI

@gilles-peskine-arm
Copy link
Contributor

gilles-peskine-arm commented Feb 10, 2022
edited
Loading

With my approval, Manuel's approval here and Andrzej's approval of #5508, we have two trusted approvers.

@gilles-peskine-arm gilles-peskine-arm merged commit bebeae9 into Mbed-TLS:development Feb 10, 2022
@gilles-peskine-arm gilles-peskine-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, labels Feb 10, 2022
@gstrauss
Copy link
Contributor Author

For future reference, please don't mark other people's review comments as resolved. It's up to the reviewer to decide whether they've been resolved satisfactorily. We use the convention that the “rocket” reaction belongs to the submitter and can mean “I've handled this in my working copy” or “I've commited a fix” or “I've pushed a fix” as you prefer.

Sorry. I was not aware of this convention here. Thanks for letting me know.

(meta: it would be nice if github had a way for reviewer and reviewee to independently indicate when each thinks a thread is resolved.)

@gstrauss gstrauss deleted the mbedtls_pem_get_der branch February 11, 2022 00:09
@daverodgman daverodgman mentioned this pull request Feb 28, 2022
Closed
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

@mpg mpg mpg approved these changes

Assignees
No one assigned
Labels
approved Design and code approved - may be waiting for CI or backports component-crypto Crypto primitives and low-level interfaces
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow access to result of PEM decoding
3 participants
@gstrauss @mpg @gilles-peskine-arm