TLS: enable TLS 1.3 for Mbed TLS.

This requires using a supporting version of Mbed TLS.
We have to use PSA crypto for TLS 1.3.

Author: gdamore

src/supplemental/tls/mbedtls/tls.c

@@ -17,6 +17,9 @@
 #include "mbedtls/version.h" // Must be first in order to pick up version
 
 #include "mbedtls/error.h"
+#ifdef MBEDTLS_PSA_CRYPTO_C
+#include "psa/crypto.h"
+#endif
 
 #include "nng/nng.h"
 #include "nng/supplemental/tls/tls.h"
@@ -28,6 +31,7 @@
 #include "mbedtls/net.h"
 #endif
 
+#include "mbedtls/debug.h"
 #include "mbedtls/ssl.h"
 
 #include "core/nng_impl.h"
@@ -465,7 +469,11 @@ config_init(nng_tls_engine_config *cfg, enum nng_tls_mode mode)
 	// SSL v3.3. As of this writing, Mbed TLS still does not support
 	// version 1.3, and we would want to test it before enabling it here.
 	cfg->min_ver = MBEDTLS_SSL_MINOR_VERSION_3;
+#ifdef MBEDTLS_SSL_PROTO_TLS1_3
+	cfg->max_ver = MBEDTLS_SSL_MINOR_VERSION_4;
+#else
 	cfg->max_ver = MBEDTLS_SSL_MINOR_VERSION_3;
+#endif
 
 	mbedtls_ssl_conf_min_version(
 	    &cfg->cfg_ctx, MBEDTLS_SSL_MAJOR_VERSION_3, cfg->min_ver);
@@ -689,9 +697,16 @@ config_version(nng_tls_engine_config *cfg, nng_tls_version min_ver,
 		v1 = MBEDTLS_SSL_MINOR_VERSION_2;
 		break;
 #endif
+#ifdef MBEDTLS_SSL_MINOR_VERSION_3
 	case NNG_TLS_1_2:
 		v1 = MBEDTLS_SSL_MINOR_VERSION_3;
 		break;
+#endif
+#ifdef MBEDTLS_SSL_PROTO_TLS1_3
+	case NNG_TLS_1_3:
+		v1 = MBEDTLS_SSL_MINOR_VERSION_4;
+		break;
+#endif
 	default:
 		nng_log_err(
 		    "TLS-CFG-VER", "TLS minimum version not supported");
@@ -709,9 +724,17 @@ config_version(nng_tls_engine_config *cfg, nng_tls_version min_ver,
 		v2 = MBEDTLS_SSL_MINOR_VERSION_2;
 		break;
 #endif
+#ifdef MBEDTLS_SSL_MINOR_VERSION_3
 	case NNG_TLS_1_2:
+		v2 = MBEDTLS_SSL_MINOR_VERSION_3;
+		break;
+#endif
 	case NNG_TLS_1_3: // We lack support for 1.3, so treat as 1.2.
+#ifdef MBEDTLS_SSL_PROTO_TLS1_3
+		v2 = MBEDTLS_SSL_MINOR_VERSION_4;
+#else
 		v2 = MBEDTLS_SSL_MINOR_VERSION_3;
+#endif
 		break;
 	default:
 		// Note that this means that if we ever TLS 1.4 or 2.0,
@@ -778,10 +801,18 @@ nng_tls_engine_init_mbed(void)
 		nni_mtx_fini(&rng_lock);
 		return (rv);
 	}
+#endif
+#ifdef MBEDTLS_PSA_CRYPTO_C
+	rv = psa_crypto_init();
+	if (rv != 0) {
+		tls_log_err(
+		    "NNG-TLS-INIT", "Failed initializing PSA crypto", rv);
+		return (rv);
+	}
 #endif
 	// Uncomment the following to have noisy debug from mbedTLS.
 	// This may be useful when trying to debug failures.
-	// mbedtls_debug_set_threshold(3);
+	//	mbedtls_debug_set_threshold(9);
 
 	rv = nng_tls_engine_register(&tls_engine_mbed);
 
@@ -801,4 +832,7 @@ nng_tls_engine_fini_mbed(void)
 	mbedtls_ctr_drbg_free(&rng_ctx);
 	nni_mtx_fini(&rng_lock);
 #endif
+#ifdef MBEDTLS_PSA_CRYPTO_C
+	mbedtls_psa_crypto_free();
+#endif
 }

src/supplemental/tls/tls_test.c

@@ -207,6 +207,8 @@ test_tls_psk(void)
 	nng_aio_set_timeout(aio1, 5000);
 	nng_aio_set_timeout(aio2, 5000);
 
+	// all PSK implementations also can do TLS 1.3
+
 	// Allocate the listener first.  We use a wild-card port.
 	NUTS_PASS(nng_stream_listener_alloc(&l, "tls+tcp://127.0.0.1:0"));
 	NUTS_PASS(nng_tls_config_alloc(&c1, NNG_TLS_MODE_SERVER));
@@ -417,8 +419,9 @@ test_tls_psk_bad_identity(void)
 	t1 = nuts_stream_send_start(s1, buf1, size);
 	t2 = nuts_stream_recv_start(s2, buf2, size);
 
-	NUTS_FAIL(nuts_stream_wait(t1), NNG_ECRYPTO);
-	NUTS_FAIL(nuts_stream_wait(t2), NNG_ECRYPTO);
+	// These can fail due to ECRYPTO, EPEERAUTH, or ECONNSHUT, for example
+	NUTS_ASSERT(nuts_stream_wait(t1) != 0);
+	NUTS_ASSERT(nuts_stream_wait(t2) != 0);
 
 	nng_free(buf1, size);
 	nng_free(buf2, size);