Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add accessors in vendor code to replace private_ fields access #279

Closed
wants to merge 50 commits into from

Conversation

Taowyoo
Copy link
Collaborator

@Taowyoo Taowyoo commented Jun 9, 2023

According to https://github.com/fortanix/rust-mbedtls/blob/f92979a91102fd3e743decee1c0ecfd55b3d29dd/mbedtls-sys/vendor/docs/3.0-migration-guide.md

Most structure fields are now private

Direct access to fields of structures (struct types) declared in public headers is no longer supported. In Mbed TLS 3, the layout of structures is not considered part of the stable API, and minor versions (3.1, 3.2, etc.) may add, remove, rename, reorder or change the type of structure fields.

There is a small number of exceptions where some fields are guaranteed to remain stable throughout the lifetime of Mbed TLS 3.x. These fields are explicitly documented as public. Please note that even if all the fields of a structure are public, future versions may add new fields. Also, as before, some public fields should be considered read-only, since modifying them may make the structure inconsistent; check the documentation in each case.

Attempting to access a private field directly will result in a compilation error.

If you were accessing structure fields directly, and these fields are not documented as public, you need to change your code. If an accessor (getter/setter) function exists, use that. Direct accessor functions are usually called mbedtls_<MODULE>_{get,set}_<FIELD> or mbedtls_<MODULE>_<STRUCTURE>_{get,set}_<FIELD>. Accessor functions that change the format may use different verbs, for example read/write for functions that import/export data from/to a text or byte string.

If no accessor function exists, please open an enhancement request against Mbed TLS and describe your use case. The Mbed TLS development team is aware that some useful accessor functions are missing in the 3.0 release, and we expect to add them to the first minor release(s) (3.1, etc.).

As a last resort, you can access the field foo of a structure bar by writing bar.MBEDTLS_PRIVATE(foo). Note that you do so at your own risk, since such code is likely to break in a future minor version of Mbed TLS.

We need to prevent accessing to any field with prefix: private_, so in this PR, a lot of accessors have been added to vendor code to achieve this.

All vendor code also need to be up-streamed

Taowyoo and others added 30 commits June 8, 2023 15:07
1. Added conditional compilation flags "MBEDTLS_FORCE_AESNI" and "MBEDTLS_FORCE_PADLOCK"
2. This allows us to supress cpuid based feature detection on sgx platforms.
3. "MBEDTLS_FORCE_AESNI" gets set if "force_aesni_support" flag is enabled.
4. Please refer to the previous commit for rust side changes.
- better renaming through `item_name`
- remove unnecessary comments for default value of DEFINE's
- add bindgen for static inline functions
- add LTO for generated static inline functions
- Remove and add self_test for mbedtls 3.4.0
- Remove deprecated features
update src
- revert unnessary format changes
- add `SslStates`
- add special case handling in `Read` and `AsyncRead`
- update code to sync with new C mbedtls API
  - some fields become private and renamed with prefix: `private_`
  - some functions need RNG now:
    - Pk::from_private_key
    - Pk::private_from_ec_components
    - add `mbedtls_psa_external_get_random`

update tests
- add `hyper_async` test for testing async and hyper14
- update old tests code to sync with new C mbedtls API
- revert unnessary format changes
ci: refacor ci

- Use `nextest` to run tests
- Refactor travis config
- Put arm job run on arm vm instead of using not use qemu
Remove usage of `generate_deprecated_union_accessors`
Since bindings of psa related code has been put in a mod: psa, mbedtls
side code need to be updated to sync with new code structure.
Set `MBEDTLS_CONFIG_VERSION` to number for 3.4.0
- move MBEDTLS_PKCS12_C behind the feature `pkcs12`
- put pkcs12.h behind the feature `pkcs12`
Replace access to private_mode by using accessor
Use a better version value for `mbedtls-sys-auto`
@Taowyoo Taowyoo force-pushed the yx/upgrade-mbedtls branch 7 times, most recently from 136c991 to d054c6c Compare June 15, 2023 23:25
@Taowyoo Taowyoo linked an issue Jun 16, 2023 that may be closed by this pull request
@Taowyoo Taowyoo force-pushed the yx/upgrade-mbedtls branch 5 times, most recently from 5020a42 to f028d00 Compare June 23, 2023 21:59
@Taowyoo Taowyoo force-pushed the yx/upgrade-mbedtls branch 3 times, most recently from 78090be to 7a1e697 Compare June 26, 2023 23:11
@Taowyoo
Copy link
Collaborator Author

Taowyoo commented Jul 18, 2023

This PR is too old, will create a another new PR for #283

@Taowyoo Taowyoo closed this Jul 18, 2023
@Taowyoo Taowyoo deleted the yx/upgrade-mbedtls-add-accessors branch July 18, 2023 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add accessors in vendor code to replace private_ fields access
2 participants