mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-24 01:43:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
32,613 Commits 172 Branches 263 Tags
Commit Graph

1051 Commits

Author SHA1 Message Date
Ronald Cron
5e29260544 Rework first sections 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 09:12:10 +02:00
Ronald Cron
a25e9dbdeb Move MBEDTLS_VERSION_* back to mbedtls_config.h 
We will add TF-PSA-Crypto specific ones when
we add support for querying version and version
features in TF-PSA-Crypto.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:55:07 +02:00
Ronald Cron
8e1b463e34 Reorder sections 
Move "Cryptographic mechanism selection (extended API)"
and "Data format support" just after section
Cryptographic mechanism selection (PSA API)"

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
e5d0f8c906 Move MBEDTLS_*_RETURN config options 
Move MBEDTLS_*_RETURN config options
in the same section as
MBEDTLS_CHECK_RETURN_WARNING.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
34a4086901 Move MBEDTLS_NET_C config option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
717663bcbc Move MBEDTLS_SELF_TEST option 
Move MBEDTLS_SELF_TEST option to
the "General and test configuration options"
section as MBEDTLS_VERSION_C.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
42c30e6a6e Move DRBG options 
Move DRBG options to the
"Cryptographic mechanism selection (extended API)"
section.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
61391063b6 No config renaming 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
ca99203bc3 Remove module and function _ALT config option 
These options have been removed now.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
ad62dce86f Keep legacy crypto config options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
5c46496dd2 Improve section names 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
4f4a30c2e7 Remove question marks triplets 
The associated config options are at the
right place.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:35:34 +02:00
Ronald Cron
a3f3fca492 Remove trailing spaces 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-09-04 08:33:58 +02:00
Elena Uziunaite
414e59bcf4 Leave the spaces in psa-transition.md 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-27 19:22:08 +01:00
Elena Uziunaite
34fe4fddfd Fix typo in psa-transition.md 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-27 16:07:09 +01:00
Gilles Peskine
59602d3929 The fully static key store will miss the 3.6.1 release 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:41:34 +02:00
Gilles Peskine
3c1d287f8d Mention the option name for the dynamic key store 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:41:33 +02:00
Bence Szépkúti
88f3dd9f78
Merge pull request #9402 from tom-daubney-arm/remove_function_level_alt_interface 
Remove function level alt interface
 2024-08-09 17:59:51 +00:00
Thomas Daubney
ebcd49b961 Remove outdated documentation 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 15:20:06 +01:00
Gilles Peskine
e863f868ec Documentation: point to key_custom instead of key_ext 
Replace references to the deprecated functions `psa_generate_key_ext()` and
`psa_key_derivation_output_key_ext()` by their replacements
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-05 15:49:22 +02:00
Gilles Peskine
343d040ab6 Miscellaneous clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
7fc3a50883 Expand on performance 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
2e0fc78d21 Discuss why we have so many variants 
Explain that the hybrid key store is the historical implementation and
neither alternative is a drop-in replacement. Discuss how we could
potentially reduce the number of variants after the next major release.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
19afbc9568 Link to issue about freeing empty slices 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
ef94001222 Improve and fix explanation of next_free 
In particular, fix an off-by-one error right after I explain how the number
is off by one from what you'd expect. State explicitly that the number can
be negative.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
5a040db142 Update macro name about the static key store 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
708c877da1 Typos and minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
c0037da514 psa_open_key does not lock the key in memory 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
Gilles Peskine
d63a0cc49c Document the key store design 
Include the proposed dynamic and fully-static key stores that are
currently proposed in https://github.com/Mbed-TLS/mbedtls/pull/9240
and https://github.com/Mbed-TLS/mbedtls/pull/9302

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-01 16:14:32 +02:00
David Horstmann
f7fffbdd5c Upgrade python dependencies in requirements file 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-07-15 16:31:02 +01:00
Ronald Cron
bdd8df852f Adapt documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-07-10 08:10:40 +02:00
Ronald Cron
f0481f562a
Merge pull request #9258 from tom-daubney-arm/drop_padlock_support 
Drop support for VIA Padlock
 2024-06-26 07:36:04 +00:00
Thomas Daubney
62af02c063 Drop support for VIA Padlock 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-06-14 10:37:13 +01:00
Ronald Cron
7e5d61c41a Adjust more paths to PSA headers 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-06-13 09:51:20 +02:00
Ronald Cron
8793d9cee8 Configuration file split proposal 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-06-06 18:27:31 +02:00
David Horstmann
f6f3bcae43 Update file paths for moved files 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-31 15:49:02 +01:00
Bence Szépkúti
e3abb6a148
Merge pull request #9094 from davidhorstmann-arm/move-mbedtls-dev-to-framework 
Move `mbedtls_dev` to framework submodule
 2024-05-28 15:50:47 +00:00
David Horstmann
cd84bb287b Update references to mbedtls_dev 
Change these to point to the new mbedtls_framework module in the
framework submodule.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-13 14:43:29 +01:00
Gilles Peskine
ff3b8211ff Driver-only FFDH is not good enough for DHE support in TLS 1.2 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-04-30 16:20:20 +02:00
Manuel Pégourié-Gonnard
4575d230bf Add a note on hits usefulness 
And fix a typo while at it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-15 10:54:49 +02:00
Manuel Pégourié-Gonnard
432e3b4198 Misc fixes & improvements to driver testing doc 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
a47a3c4e13 Rephrase description of the KDF situation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
ae22f04769 Refine paragraphs about incomplete entry points 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:41 +02:00
Manuel Pégourié-Gonnard
0ca2fd0e2b Update libtestdriver1 vs internal 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
dde1abd572 Update of opaque asymmetric encrypt/decrypt 
https://github.com/Mbed-TLS/mbedtls/pull/8700 merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
6c45361a9c Update for HMAC testing 
Been merged in the meantime.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
98f8da1b1a Update names of components renamed in the meantime 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:44:40 +02:00
Manuel Pégourié-Gonnard
f2089dab5e Update status of RSA testing 
Improved by https://github.com/Mbed-TLS/mbedtls/pull/8616/ - closing
8553.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
b18bc80133 Add note about fallback to other entry points 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00
Manuel Pégourié-Gonnard
6a96f42051 Document driver wrapper suite & tested configs 
The coverage data for the test drivers was generated using the following
patch:

diff --git a/scripts/lcov.sh b/scripts/lcov.sh
index 9258ba788874..1ef071a65c06 100755
--- a/scripts/lcov.sh
+++ b/scripts/lcov.sh
@@ -63,8 +63,8 @@ if [ $# -gt 0 ] && [ "$1" = "--help" ]; then
 fi

 if in_mbedtls_build_dir; then
-    library_dir='library'
-    title='Mbed TLS'
+    library_dir='tests/src/drivers'
+    title='Mbed TLS test drivers'
 else
     library_dir='core'
     title='TF-PSA-Crypto'
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 734d8323ca73..f6b17ca5692b 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -4795,14 +4795,17 @@ component_test_psa_crypto_drivers () {
     msg "build: full + test drivers dispatching to builtins"
     scripts/config.py full
     scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG
-    loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
+    loc_cflags="--coverage -DPSA_CRYPTO_DRIVER_TEST_ALL"
     loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
-    loc_cflags="${loc_cflags} -I../tests/include -O2"
+    loc_cflags="${loc_cflags} -I../tests/include -Og -g3"

-    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
+    make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="--coverage" -C tests test_suite_psa_crypto_driver_wrappers

     msg "test: full + test drivers dispatching to builtins"
-    make test
+    (cd tests && ./test_suite_psa_crypto_driver_wrappers --verbose)
+    #make test
+
+    scripts/lcov.sh
 }

 component_test_make_shared () {

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:01 +02:00