Those test cases aren't actually executed due to another typo which is
beyond the scope of this commit and will be resolved in
https://github.com/Mbed-TLS/mbedtls/pull/8029 . But update DES to AES anyway.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
"tests/data_files/test-ca.key" is now encrypted using AES instead of DES.
Update test dependencies accordingly. This fixes `depends.py cipher_id`.
This is a partial cherry-pick of 1a4cc5e92ca8dbffa5606e4da84eb02e1c70e83d
(done manually because the context on the same line is different).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is no longer needed as make.bat has been removed. We do not support
building the documentation on Windows.
This reverts commit d50daedccace24bf69903ff7879bc0543757f5ef.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Building the docs on Windows is not supported in any case, as the apidoc
target in the main Makefile will not run on Windows.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Include the make apidoc and breathe-apidoc steps in the documentation
Makefile for ease of use. In this way, depart from the Makefile
generated automatically by Sphinx.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Sphinx's breathe plugin cannot readily parse the Mbed TLS macros, so
define the less essential ones away at the doxygen step to reduce the
number of warnings.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
We normally don't mention test updates in the changelog, but this one
explains why we're making a patch release.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
After upgrading certificates, some parsing unit tests are failing because
the new certificates have a different expiry date, by design. Switch those
test cases to using the moved copy of the old data (as we did in a more
systematic way in the development branch).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Copy updated test certificates and related data (keys, CSR, etc.) from
development. This replaces certificates that will expire on 2023-09-07,
causing the unit tests to fail. This also adds new data files that are not
used, and moves some files.
The replacement data is good until 2023-12-31.
The update causes some parsing unit tests to fail because the new
certificates have a different expiry date. This will be fixed in a
subsequent commit.
```
git checkout dc2d7cce02a273f6ec6a7cd78512dfeaf633a3a5 -- tests/data_files tests/src/test_certs.h tests/src/certs.c
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The EXCLUDE_FROM_FULL list in config.py should be, and used to be, but
no longer is, in alphabetical order, and with a comma on the last
element.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Use the standard "experimental" word in the description and make the
wording more similar to other experimental warnings.
Signed-off-by: Janos Follath <janos.follath@arm.com>
By default, the full configuration enables all options. But we
specifically don't want to enable MBEDTLS_ECP_WITH_MPI_UINT except where
it's done explicitly, because it disables the old ecp. So it needs to be
added to the exceptions in config.py (EXCLUDE_FROM_FULL).
Signed-off-by: Janos Follath <janos.follath@arm.com>
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
There is a precedent for having bigger and less mature options in
mbedtls_config.h (MBEDTLS_USE_PSA_CRYPTO) for an extended period.
Having this option in mbedtls_config.h is simpler and more robust.
Signed-off-by: Janos Follath <janos.follath@arm.com>
