[mod_mbedtls] mbedTLS option for TLS

(experimental)

mod_mbedtls supports most ssl.* config options supported by mod_openssl

thx Ward Willats for the initial discussion and attempt in the comments
  https://redmine.lighttpd.net/boards/3/topics/7029

SConstruct

@@ -252,6 +252,7 @@ vars.AddVariables(
 	BoolVariable('with_memcached', 'enable memcached support', 'no'),
 	PackageVariable('with_mysql', 'enable mysql support', 'no'),
 	BoolVariable('with_openssl', 'enable openssl support', 'no'),
+	PackageVariable('with_mbedtls', 'enable mbedTLS support', 'no'),
 	PackageVariable('with_wolfssl', 'enable wolfSSL support', 'no'),
 	BoolVariable('with_nettle', 'enable Nettle support', 'no'),
 	BoolVariable('with_pam', 'enable PAM auth support', 'no'),
@@ -341,6 +342,7 @@ if 1:
 		LIBSQLITE3 = '',
 		LIBSSL = '',
 		LIBUUID = '',
+		LIBX509 = '',
 		LIBXML2 = '',
 		LIBZ = '',
 	)
@@ -609,6 +611,16 @@ if 1:
 			LIBCRYPTO = 'wolfssl',
 		)
 
+	if env['with_mbedtls']:
+		if not autoconf.CheckLibWithHeader('mbedtls', 'mbedtls/ssl.h', 'C'):
+			fail("Couldn't find mbedtls")
+		autoconf.env.Append(
+			CPPFLAGS = [ '-DHAVE_LIBMBEDCRYPTO' ],
+			LIBSSL = 'mbedtls',
+			LIBX509 = 'mbedx509',
+			LIBCRYPTO = 'mbedcrypto',
+		)
+
 	if env['with_nettle']:
 		if not autoconf.CheckLibWithHeader('nettle', 'nettle/nettle-types.h', 'C'):
 			fail("Couldn't find Nettle")

configure.ac

@@ -686,7 +686,7 @@ if test "$WITH_OPENSSL" != no; then
     [ -lcrypto "$DL_LIB" ]
   )
 
-  AC_DEFINE([HAVE_LIBSSL], [], [Have libssl])
+  AC_DEFINE([HAVE_LIBSSL], [1], [Have libssl])
   AC_SUBST([SSL_LIB])
   AC_SUBST([CRYPTO_LIB])
 fi
@@ -737,6 +737,46 @@ if test "$WITH_OPENSSL" != no && test "$WITH_WOLFSSL" != no; then
   AC_MSG_ERROR([lighttpd should not be built with both --with-openssl and --with-wolfssl])
 fi
 
+dnl Check for mbedTLS
+AC_MSG_NOTICE([----------------------------------------])
+AC_MSG_CHECKING([for mbedTLS])
+AC_ARG_WITH([mbedtls],
+  AC_HELP_STRING([--with-mbedtls@<:@=DIR@:>@],[Include mbedTLS support. DIR points to the installation root. (default no)]),
+  [WITH_MBEDTLS=$withval],
+  [WITH_MBEDTLS=no]
+)
+
+if test "$WITH_MBEDTLS" != "no"; then
+  use_mbedtls=yes
+  if test "$WITH_MBEDTLS" != "yes"; then
+      CPPFLAGS="$CPPFLAGS -I$WITH_MBEDTLS/include"
+      LDFLAGS="$LDFLAGS -L$WITH_MBEDTLS/lib"
+  fi
+else
+  use_mbedtls=no
+fi
+AC_MSG_RESULT([$use_mbedtls])
+AM_CONDITIONAL(BUILD_WITH_MBEDTLS, test ! $WITH_MBEDTLS = no)
+
+if test "x$use_mbedtls" = "xyes"; then
+  AC_CHECK_HEADERS([mbedtls/ssl.h])
+  OLDLIBS="$LIBS"
+  AC_CHECK_LIB(mbedcrypto,mbedtls_base64_encode,
+    [AC_CHECK_LIB(mbedx509, mbedtls_x509_get_name,
+      [AC_CHECK_LIB(mbedtls, mbedtls_cipher_info_from_type,
+        [MTLS_LIB="-lmbedtls -lmbedx509 -lmbedcrypto"
+         CRYPTO_LIB="-lmbedcrypto"
+         AC_DEFINE(HAVE_LIBMBEDTLS, [1], [Have libmbedtls library])
+         AC_DEFINE(HAVE_LIBMBEDX509, [1], [Have libmbedx509 library])
+         AC_DEFINE(HAVE_LIBMBEDCRYPTO, [1], [Have libmbedcrypto library]) ],
+        [],[-lmbedcrypto "$DL_LIB"])
+      ],[],[-lmbedcrypto "$DL_LIB"])
+    ],[],[])
+  LIBS="$OLDLIBS"
+  AC_SUBST(MTLS_LIB)
+  AC_SUBST(CRYPTO_LIB)
+fi
+
 dnl Check for Nettle (and overwrite CRYPTO_LIB if set by OpenSSL or wolfSSL)
 AC_MSG_NOTICE([----------------------------------------])
 AC_MSG_CHECKING([for Nettle])
@@ -1560,6 +1600,9 @@ lighty_track_feature "pam" "mod_authn_pam" \
 lighty_track_feature "network-openssl" "mod_openssl" \
   'test "$WITH_OPENSSL" != no || test "$WITH_WOLFSSL" != no'
 
+lighty_track_feature "network-mbedtls" "mod_mbedtls" \
+  'test "$WITH_MBEDTLS" != no'
+
 lighty_track_feature "auth-crypt" "" \
   'test "$found_crypt" != no'
 

meson_options.txt

@@ -53,6 +53,11 @@ option('with_maxminddb',
 	value: false,
 	description: 'with MaxMind GeoIP2-support mod_maxminddb [default: off]',
 )
+option('with_mbedtls',
+	type: 'string',
+	value: 'false',
+	description: 'with mbedTLS-support [default: off]',
+)
 option('with_memcached',
 	type: 'boolean',
 	value: false,

src/CMakeLists.txt

@@ -20,6 +20,7 @@ option(WITH_XATTR "with xattr-support for the stat-cache [default: off]")
 option(WITH_MYSQL "with mysql-support for mod_vhostdb_mysql [default: off]")
 option(WITH_PGSQL "with postgres-support for mod_vhostdb_pgsql [default: off]")
 option(WITH_DBI "with dbi-support for mod_vhostdb_dbi [default: off]")
+option(WITH_MBEDTLS "with mbedTLS-support [default: off]")
 option(WITH_OPENSSL "with openssl-support [default: off]")
 option(WITH_WOLFSSL "with wolfSSL-support [default: off]")
 option(WITH_NETTLE "with Nettle-support [default: off]")
@@ -371,6 +372,24 @@ if(WITH_OPENSSL AND WITH_WOLFSSL)
 	message(FATAL_ERROR "lighttpd should not be built with both --with-openssl and --with-wolfssl")
 endif()
 
+if(WITH_MBEDTLS)
+	check_include_files(mbedtls/ssl.h HAVE_MBEDTLS_SSL_H)
+	if(HAVE_MBEDTLS_SSL_H)
+		check_library_exists(mbedcrypto mbedtls_base64_encode "" HAVE_LIBMBEDCRYPTO)
+		if(HAVE_LIBMEDTLSCRYPTO)
+		    check_library_exists(mbedtls mbedtls_cipher_info_from_type "" HAVE_LIBMBEDTLS)
+			if(HAVE_LIBMBEDTLS)
+			    check_library_exists(mbedx509 mbedtls_x509_get_name "" HAVE_LIBMBEDX509)
+			endif()
+		endif()
+	endif()
+else()
+	unset(HAVE_MBEDTLS_SSL_H)
+	unset(HAVE_LIBMBEDCRYPTO)
+	unset(HAVE_LIBMBEDTLS)
+	unset(HAVE_LIBMEDX509)
+endif()
+
 if(WITH_NETTLE)
 	if(APPLE)
 		set(CMAKE_REQUIRED_INCLUDES /opt/local/include)
@@ -1070,6 +1089,16 @@ if(NOT ${CRYPTO_LIBRARY} EQUAL "")
 	target_link_libraries(mod_wstunnel ${CRYPTO_LIBRARY})
 endif()
 
+if(HAVE_LIBMBEDTLS AND HAVE_LIBMEDCRYPTO AND HAVE_LIBMEDX509)
+	target_link_libraries(lighttpd mbedtls)
+	target_link_libraries(lighttpd mbedcrypto)
+	target_link_libraries(lighttpd mbedx509)
+	add_and_install_library(mod_mbedtls "mod_mbedtls.c")
+	set(L_MOD_MBEDTLS ${L_MOD_MBEDTLS} mbedtls mbedcrypto mbedx509)
+	target_link_libraries(mod_mbedtls ${L_MOD_MBEDTLS})
+	# not doing "cross module" linkage yet (e.g. mod_authn, secdownload)
+endif()
+
 if(WITH_LIBEV)
 	target_link_libraries(lighttpd ${LIBEV_LDFLAGS})
 	add_target_properties(lighttpd COMPILE_FLAGS ${LIBEV_CFLAGS})

src/Makefile.am

@@ -391,6 +391,14 @@ mod_openssl_la_LDFLAGS = $(common_module_ldflags)
 mod_openssl_la_LIBADD = $(SSL_LIB) $(common_libadd)
 endif
 
+if BUILD_WITH_MBEDTLS
+lib_LTLIBRARIES += mod_mbedtls.la
+mod_mbedtls_la_SOURCES = mod_mbedtls.c
+mod_mbedtls_la_LDFLAGS = $(common_module_ldflags)
+mod_mbedtls_la_LIBADD = $(MTLS_LIB) $(common_libadd)
+endif
+
+
 lib_LTLIBRARIES += mod_rewrite.la
 mod_rewrite_la_SOURCES = mod_rewrite.c
 mod_rewrite_la_LDFLAGS = $(common_module_ldflags)

src/SConscript

@@ -179,6 +179,9 @@ if env['with_openssl']:
 if env['with_wolfssl']:
 	modules['mod_openssl'] = { 'src' : [ 'mod_openssl.c' ], 'lib' : [ env['LIBCRYPTO'], 'm' ] }
 
+if env['with_mbedtls']:
+	modules['mod_mbedtls'] = { 'src' : [ 'mod_mbedtls.c' ], 'lib' : [ env['LIBSSL'], env['LIBX509'], env['LIBCRYPTO'] ] }
+
 staticenv = env.Clone(CPPFLAGS=[ env['CPPFLAGS'], '-DLIGHTTPD_STATIC' ])
 
 ## all the core-sources + the modules

src/algo_sha1.h

@@ -4,6 +4,12 @@
 
 #include "sys-crypto.h" /* USE_LIB_CRYPTO */
 #ifdef USE_LIB_CRYPTO
+#if (!defined(USE_MBEDTLS_CRYPTO) || defined(MBEDTLS_SHA1_C))
+#define USE_LIB_CRYPTO_SHA1
+#endif
+#endif
+
+#ifdef USE_LIB_CRYPTO_SHA1
 
 #ifdef USE_NETTLE_CRYPTO
 #include <nettle/sha.h>
@@ -21,6 +27,23 @@ SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
     sha1_update(ctx, length, data);
 }
 
+#elif defined(USE_MBEDTLS_CRYPTO) && defined(MBEDTLS_SHA1_C)
+
+#include <mbedtls/sha1.h>
+#ifndef SHA_DIGEST_LENGTH
+#define SHA_DIGEST_LENGTH 20
+#endif
+typedef struct mbedtls_sha1_context SHA_CTX;
+#define SHA1_Init(ctx) \
+        (mbedtls_sha1_init(ctx), mbedtls_sha1_starts_ret(ctx))
+#define SHA1_Final(digest, ctx) \
+        (mbedtls_sha1_finish_ret((ctx),(digest)), mbedtls_sha1_free(ctx))
+static void
+SHA1_Update(SHA_CTX *ctx, const void *data, size_t length)
+{
+    mbedtls_sha1_update_ret(ctx, data, length);
+}
+
 #elif defined(USE_OPENSSL_CRYPTO)
 
 #include <openssl/sha.h>

src/configfile.c

@@ -307,6 +307,8 @@ static void config_compat_module_load (server *srv) {
             append_mod_staticfile = 0;
         else if (buffer_eq_slen(m, CONST_STR_LEN("mod_dirlisting")))
             append_mod_dirlisting = 0;
+        else if (buffer_eq_slen(m, CONST_STR_LEN("mod_mbedtls")))
+            append_mod_openssl = 0;
         else if (buffer_eq_slen(m, CONST_STR_LEN("mod_openssl")))
             append_mod_openssl = 0;
         else if (buffer_eq_slen(m, CONST_STR_LEN("mod_authn_file")))
@@ -702,7 +704,7 @@ static int config_insert_srvconf(server *srv) {
                 break;
               case 30:/* ssl.engine */
                 ssl_enabled = (0 != cpv->v.u);
-               #ifndef USE_OPENSSL_CRYPTO
+               #if !defined(USE_OPENSSL_CRYPTO) && !defined(USE_MBEDTLS_CRYPTO)
                 if (ssl_enabled) {
                     log_error(srv->errh, __FILE__, __LINE__,
                       "ssl support is missing; "

src/meson.build

@@ -395,6 +395,7 @@ if get_option('with_mysql')
 endif
 
 libssl = []
+libx509 = []
 libcrypto = []
 if get_option('with_openssl')
 	# manual search:
@@ -420,6 +421,17 @@ if get_option('with_wolfssl') != 'false'
 	libcrypto += libwolfssl_includes_dep
 	conf_data.set('HAVE_WOLFSSL_SSL_H', true)
 endif
+if get_option('with_mbedtls')
+	# manual search:
+	# header: mbedtls/ssl.h
+	# function: mbedtls_cipher_info_from_type (-lmbedtls)
+	# function: mbedtls_x509_get_name (-lmbedx509)
+	# function: mbedtls_base64_encode (-lmbedcrypto)
+	libssl = [ dependency('libmbedtls') ]
+	libx509 = [ dependency('libmbedx509') ]
+	libcrypto = [ dependency('libmbedcrypto') ]
+	conf_data.set('HAVE_LIBMBEDCRYPTO', true)
+endif
 if get_option('with_nettle') != 'false'
 	# manual search:
 	# header: nettle/nettle-types.h
@@ -973,6 +985,12 @@ if get_option('with_wolfssl') != 'false'
 	]
 endif
 
+if get_option('with_mbedtls') != 'false'
+	modules += [
+		[ 'mod_mbedtls', [ 'mod_mbedtls.c' ], libssl + libx509 + libcrypto ],
+	]
+endif
+
 if get_option('with_pam')
 	modules += [
 		[ 'mod_authn_pam', [ 'mod_authn_pam.c' ], libpam ],

src/mod_auth.c

@@ -37,6 +37,22 @@ SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length)
     sha512_256_update(ctx, length, data);
 }
 
+#elif defined(USE_MBEDTLS_CRYPTO)
+
+#include <mbedtls/sha256.h>
+#ifdef MBEDTLS_SHA256_C
+typedef struct mbedtls_sha256_context SHA256_CTX;
+#define SHA256_Init(ctx) \
+        (mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0))
+#define SHA256_Final(digest, ctx) \
+        (mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx))
+static void
+SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
+{
+    mbedtls_sha256_update_ret(ctx, data, length);
+}
+#endif
+
 #elif defined(USE_OPENSSL_CRYPTO)
 
 #include <openssl/sha.h>

src/mod_authn_file.c

@@ -58,6 +58,38 @@ SHA512_256_Update(SHA512_CTX *ctx, const void *data, size_t length)
     sha512_256_update(ctx, length, data);
 }
 
+#elif defined(USE_MBEDTLS_CRYPTO)
+
+#include <mbedtls/md4.h>
+#ifdef MBEDTLS_MD4_C
+typedef struct mbedtls_md4_context MD4_CTX;
+#define MD4_Init(ctx) \
+        (mbedtls_md4_init(ctx), mbedtls_md4_starts_ret(ctx))
+#define MD4_Final(digest, ctx) \
+        (mbedtls_md4_finish_ret((ctx),(digest)), mbedtls_md4_free(ctx))
+static void
+MD4_Update(MD4_CTX *ctx, const void *data, size_t length)
+{
+    mbedtls_md4_update_ret(ctx, data, length);
+}
+#else /*(mbedTLS built without MD4)*/
+#define NO_MD4
+#endif
+
+#include <mbedtls/sha256.h>
+#ifdef MBEDTLS_SHA256_C
+typedef struct mbedtls_sha256_context SHA256_CTX;
+#define SHA256_Init(ctx) \
+        (mbedtls_sha256_init(ctx), mbedtls_sha256_starts_ret((ctx),0))
+#define SHA256_Final(digest, ctx) \
+        (mbedtls_sha256_finish_ret((ctx),(digest)), mbedtls_sha256_free(ctx))
+static void
+SHA256_Update(SHA256_CTX *ctx, const void *data, size_t length)
+{
+    mbedtls_sha256_update_ret(ctx, data, length);
+}
+#endif
+
 #elif defined(USE_OPENSSL_CRYPTO)
 
 #include <openssl/md4.h>

src/mod_secdownload.c

@@ -15,6 +15,8 @@
 #ifdef USE_LIB_CRYPTO
 #if defined(USE_NETTLE_CRYPTO)
 #include <nettle/hmac.h>
+#elif defined(USE_MBEDTLS_CRYPTO)
+#include <mbedtls/md.h>
 #elif defined(USE_OPENSSL_CRYPTO)
 #include <openssl/evp.h>
 #include <openssl/hmac.h>
@@ -180,8 +182,8 @@ static int secdl_verify_mac(plugin_config *config, const char* protected_path, c
 
 			return const_time_memeq((char *)HA1, (char *)md5bin, sizeof(md5bin));
 		}
+     #ifdef USE_LIB_CRYPTO
 	case SECDL_HMAC_SHA1:
-#ifdef USE_LIB_CRYPTO
 		{
 			unsigned char digest[20];
 			char base64_digest[27];
@@ -191,6 +193,18 @@ static int secdl_verify_mac(plugin_config *config, const char* protected_path, c
 			hmac_sha1_set_key(&ctx, buffer_string_length(config->secret), (const uint8_t *)config->secret->ptr);
 			hmac_sha1_update(&ctx, strlen(protected_path), (const uint8_t *)protected_path);
 			hmac_sha1_digest(&ctx, sizeof(digest), (uint8_t *)digest);
+		  #elif defined(USE_MBEDTLS_CRYPTO) && defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C)
+			int rc =
+			  mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA1),
+			                  (const unsigned char *)config->secret->ptr,
+			                  buffer_string_length(config->secret),
+			                  (const unsigned char *)protected_path,
+			                  strlen(protected_path), digest);
+			if (0 != rc) {
+				log_error(errh, __FILE__, __LINE__,
+				  "hmac-sha1: HMAC() failed");
+				return 0;
+			}
 		  #elif defined(USE_OPENSSL_CRYPTO)
 			if (NULL == HMAC(
 					EVP_sha1(),
@@ -209,10 +223,8 @@ static int secdl_verify_mac(plugin_config *config, const char* protected_path, c
 
 			return (27 == maclen) && const_time_memeq(mac, base64_digest, 27);
 		}
-#endif
 		break;
 	case SECDL_HMAC_SHA256:
-#ifdef USE_LIB_CRYPTO
 		{
 			unsigned char digest[32];
 			char base64_digest[43];
@@ -222,6 +234,18 @@ static int secdl_verify_mac(plugin_config *config, const char* protected_path, c
 			hmac_sha256_set_key(&ctx, buffer_string_length(config->secret), (const uint8_t *)config->secret->ptr);
 			hmac_sha256_update(&ctx, strlen(protected_path), (const uint8_t *)protected_path);
 			hmac_sha256_digest(&ctx, sizeof(digest), (uint8_t *)digest);
+		  #elif defined(USE_MBEDTLS_CRYPTO) && defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C)
+			int rc =
+			  mbedtls_md_hmac(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
+			                  (const unsigned char *)config->secret->ptr,
+			                  buffer_string_length(config->secret),
+			                  (const unsigned char *)protected_path,
+			                  strlen(protected_path), digest);
+			if (0 != rc) {
+				log_error(errh, __FILE__, __LINE__,
+				  "hmac-sha256: HMAC() failed");
+				return 0;
+			}
 		  #elif defined(USE_OPENSSL_CRYPTO)
 			if (NULL == HMAC(
 					EVP_sha256(),
@@ -240,7 +264,9 @@ static int secdl_verify_mac(plugin_config *config, const char* protected_path, c
 
 			return (43 == maclen) && const_time_memeq(mac, base64_digest, 43);
 		}
-#endif
+		break;
+     #endif
+	default:
 		break;
 	}
 

src/network.c

@@ -142,6 +142,7 @@ typedef struct {
     /* global or per-socket config; not patched per connection */
     int listen_backlog;
     unsigned char ssl_enabled;
+    unsigned char mbedtls_enabled; /* TODO: more integration needed ... */
     unsigned char use_ipv6;
     unsigned char set_v6only; /* set_v6only is only a temporary option */
     unsigned char defer_accept;
@@ -264,7 +265,7 @@ static int network_server_init(server *srv, network_socket_config *s, buffer *ho
 	memcpy(&srv_socket->addr, &addr, addr_len);
 	srv_socket->fd = -1;
 	srv_socket->sidx = sidx;
-	srv_socket->is_ssl = s->ssl_enabled;
+	srv_socket->is_ssl = (s->ssl_enabled || s->mbedtls_enabled);
 	srv_socket->srv = srv;
 	srv_socket->srv_token = buffer_init_buffer(host_token);
 
@@ -383,7 +384,7 @@ static int network_server_init(server *srv, network_socket_config *s, buffer *ho
 		return -1;
 	}
 
-	if (s->ssl_enabled) {
+	if (s->ssl_enabled || s->mbedtls_enabled) {
 #ifdef TCP_DEFER_ACCEPT
 	} else if (s->defer_accept) {
 		int v = s->defer_accept;
@@ -514,6 +515,11 @@ int network_init(server *srv, int stdin_fd) {
      ,{ CONST_STR_LEN("server.set-v6only"),
         T_CONFIG_BOOL,
         T_CONFIG_SCOPE_CONNECTION }
+    #if 0 /* TODO: more integration needed ... */
+     ,{ CONST_STR_LEN("mbedtls.engine"),
+        T_CONFIG_BOOL,
+        T_CONFIG_SCOPE_CONNECTION }
+    #endif
      ,{ NULL, 0,
         T_CONFIG_UNSET,
         T_CONFIG_SCOPE_UNSET }

src/rand.c

@@ -1,6 +1,7 @@
 #include "first.h"
 
 #include "rand.h"
+#include "buffer.h"
 #include "fdevent.h"
 #include "safe_memclear.h"
 
@@ -15,11 +16,17 @@
 
 #include "sys-crypto.h" /* USE_LIB_CRYPTO */
 #ifdef USE_NETTLE_CRYPTO
+#undef USE_MBEDTLS_CRYPTO
 #undef USE_OPENSSL_CRYPTO
 #include <nettle/knuth-lfib.h>
 #include <nettle/arcfour.h>
 #include <nettle/yarrow.h>
 #endif
+#ifdef USE_MBEDTLS_CRYPTO
+#undef USE_OPENSSL_CRYPTO
+#include <mbedtls/ctr_drbg.h>
+#include <mbedtls/entropy.h>
+#endif
 #ifdef USE_OPENSSL_CRYPTO
 #include <openssl/opensslv.h> /* OPENSSL_VERSION_NUMBER */
 #include <openssl/rand.h>
@@ -132,6 +139,14 @@ static int li_rand_device_bytes (unsigned char *buf, int num)
 
 static int li_rand_inited;
 static unsigned short xsubi[3];
+#ifdef USE_MBEDTLS_CRYPTO
+#ifdef MBEDTLS_ENTROPY_C
+static mbedtls_entropy_context entropy;
+#ifdef MBEDTLS_CTR_DRBG_C
+static mbedtls_ctr_drbg_context ctr_drbg;
+#endif
+#endif
+#endif
 #ifdef USE_NETTLE_CRYPTO
 static struct knuth_lfib_ctx knuth_lfib_ctx;
 static struct arcfour_ctx    arcfour_ctx;
@@ -206,10 +221,33 @@ static void li_rand_init (void)
     RAND_poll();
     RAND_seed(xsubi, (int)sizeof(xsubi));
   #endif
+  #ifdef USE_MBEDTLS_CRYPTO
+  #ifdef MBEDTLS_ENTROPY_C
+    mbedtls_entropy_init(&entropy);
+  #ifdef MBEDTLS_CTR_DRBG_C
+    mbedtls_ctr_drbg_init(&ctr_drbg);
+    int rc =
+      mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
+                            (unsigned char *)xsubi, sizeof(xsubi));
+    if (0 != rc) /*(not expecting built-in entropy function to fail)*/
+        log_failed_assert(__FILE__, __LINE__, "mbedtls_ctr_drbg_seed() failed");
+  #endif
+  #endif
+  #endif
 }
 
 void li_rand_reseed (void)
 {
+  #ifdef USE_MBEDTLS_CRYPTO
+    if (li_rand_inited) {
+      #ifdef MBEDTLS_ENTROPY_C
+      #ifdef MBEDTLS_CTR_DRBG_C
+        mbedtls_ctr_drbg_free(&ctr_drbg);
+      #endif
+        mbedtls_entropy_free(&entropy);
+      #endif
+    }
+  #endif
     if (li_rand_inited) li_rand_init();
 }
 
@@ -229,6 +267,13 @@ int li_rand_pseudo (void)
     nettle_arcfour_crypt(&arcfour_ctx, sizeof(i), (uint8_t *)&i, (uint8_t *)&i);
     if (i) return i; /*(cond to avoid compiler warning for code after return)*/
   #endif
+  #ifdef USE_MBEDTLS_CRYPTO
+  #ifdef MBEDTLS_CTR_DRBG_C
+    int i;
+    if (0 == mbedtls_ctr_drbg_random(&ctr_drbg, (unsigned char *)&i, sizeof(i)))
+        return i;
+  #endif
+  #endif
   #ifdef HAVE_ARC4RANDOM_BUF
     return (int)arc4random();
   #elif defined(HAVE_SRANDOM)
@@ -246,6 +291,11 @@ int li_rand_pseudo (void)
 
 void li_rand_pseudo_bytes (unsigned char *buf, int num)
 {
+  #ifdef USE_MBEDTLS_CRYPTO
+  #ifdef MBEDTLS_CTR_DRBG_C
+    if (0 == mbedtls_ctr_drbg_random(&ctr_drbg, buf, (size_t)num)) return;
+  #endif
+  #endif
     for (int i = 0; i < num; ++i)
         buf[i] = li_rand_pseudo() & 0xFF;
 }
@@ -272,6 +322,15 @@ int li_rand_bytes (unsigned char *buf, int num)
     if (-1 != rc) {
         return rc;
     }
+  #endif
+  #ifdef USE_MBEDTLS_CRYPTO
+  #ifdef MBEDTLS_ENTROPY_C
+    /*(each call <= MBEDTLS_ENTROPY_BLOCK_SIZE; could implement loop here)*/
+    if (num <= MBEDTLS_ENTROPY_BLOCK_SIZE
+        && 0 == mbedtls_entropy_func(&entropy, buf, (size_t)num)) {
+        return 1;
+    }
+  #endif
   #endif
     if (1 == li_rand_device_bytes(buf, num)) {
         return 1;
@@ -290,6 +349,14 @@ void li_rand_cleanup (void)
   #if OPENSSL_VERSION_NUMBER < 0x10100000L
     RAND_cleanup();
   #endif
+  #endif
+  #ifdef USE_MBEDTLS_CRYPTO
+  #ifdef MBEDTLS_ENTROPY_C
+  #ifdef MBEDTLS_CTR_DRBG_C
+    mbedtls_ctr_drbg_free(&ctr_drbg);
+  #endif
+    mbedtls_entropy_free(&entropy);
+  #endif
   #endif
     safe_memclear(xsubi, sizeof(xsubi));
 }

src/server.c

@@ -71,8 +71,8 @@ static const buffer default_server_tag = { CONST_STR_LEN(PACKAGE_DESC), 0 };
 #endif
 
 #include "sys-crypto.h"
-#ifdef USE_OPENSSL_CRYPTO
-#define USE_SSL
+#if defined(USE_OPENSSL_CRYPTO) \
+ || defined(USE_MBEDTLS_CRYPTO)
 #define TEXT_SSL " (ssl)"
 #else
 #define TEXT_SSL
@@ -430,10 +430,15 @@ static void show_features (void) {
 #else
       "\t- crypt support\n"
 #endif
-#ifdef USE_SSL
-      "\t+ SSL support\n"
+#ifdef USE_OPENSSL_CRYPTO
+      "\t+ OpenSSL support\n"
+#else
+      "\t- OpenSSL support\n"
+#endif
+#ifdef USE_MBEDTLS_CRYPTO
+      "\t+ mbedTLS support\n"
 #else
-      "\t- SSL support\n"
+      "\t- mbedTLS support\n"
 #endif
 #ifdef HAVE_LIBPCRE
       "\t+ PCRE support\n"

src/sys-crypto.h

@@ -18,6 +18,12 @@
 #include <wolfssl/options.h>
 #endif
 
+#ifdef HAVE_LIBMBEDCRYPTO
+#define USE_LIB_CRYPTO
+#define USE_MBEDTLS_CRYPTO
+#include <mbedtls/config.h>
+#endif
+
 #ifdef HAVE_NETTLE_NETTLE_TYPES_H
 #define USE_LIB_CRYPTO
 #define USE_NETTLE_CRYPTO