mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-06 03:40:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,034 Commits 170 Branches 263 Tags
Commit Graph

31034 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gilles Peskine
39c227207c The fully static key store will miss the 3.6.1 release 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:40:55 +02:00
Gilles Peskine
fc1b6f54a3 Mention the option name for the dynamic key store 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:40:20 +02:00
Janos Follath
5435850017
Merge pull request #9457 from gilles-peskine-arm/announce-4.0-removals-202408 
3.6 only: Announce the main removals planned for 4.0
 2024-08-12 12:41:37 +00:00
Gilles Peskine
7f9470ac02
Merge pull request #9451 from minosgalanakis/fix-v3.6-issues-9186-and-9188-bp 
[Backport 3.6] Fix v3.6 issues 9186 and 9188 bp
 2024-08-12 09:34:19 +00:00
Gilles Peskine
47bf23f748 PSA PAKE wasn't in 2.28 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-12 11:21:54 +02:00
Gilles Peskine
ce629a6ce7 entropy.h is also going away 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-12 11:21:10 +02:00
Gilles Peskine
ee7332104d Mention interfaces replaced by PSA drivers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-10 17:22:45 +02:00
Michael Schuster
3001e27f21 Update the submodule to the head of PR in the framework repository 
See Mbed-TLS/mbedtls-framework#23

Signed-off-by: Michael Schuster <michael@schuster.ms>
Signed-off-by: Gilles Peskine <gilles.peskine@arm.com>
 2024-08-10 07:01:36 +02:00
Gilles Peskine
3b41e1d2a5
Merge pull request #9403 from gilles-peskine-arm/psa-keystore-dynamic-prep-3.6 
Backport 3.6: prepare for dynamic key store
 2024-08-09 08:00:03 +00:00
Gilles Peskine
aaa96721d1 Improve documentation in some tests 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 15:56:46 +02:00
Gilles Peskine
a11687e543 Revised presentation of cipher suites 
Include patterns on the official names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:58:35 +02:00
Gilles Peskine
6df289a56f More relevant characterisation of PSA being from before 3.0 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:45:57 +02:00
Gilles Peskine
086bc91179 Improve mechanism grouping 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:45:35 +02:00
Gilles Peskine
5e64de034e Fix missing bits in crypto mechanisms 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-08 14:41:12 +02:00
Gilles Peskine
aada0c869f Mention the PSA transition guide 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 23:05:45 +02:00
Gilles Peskine
1b240c7ec1 Announce the main removals planned for 4.0 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 22:51:35 +02:00
Gilles Peskine
a9083b752c PSA_DONE: account for MBEDTLS_TEST_PSA_INTERNAL_KEYS 
Replace the hard-coded 1 by the proper constant now that the proper constant
exists.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 20:09:08 +02:00
Gilles Peskine
5eca4029c2 Fix inverted assertion message 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-07 20:08:23 +02:00
Tom Cosgrove
4306a69931
Merge pull request #9437 from tom-daubney-arm/bp_3-6_standardise_proj_detection 
[3.6 Backport] Standardise Project Detection
 2024-08-07 07:18:43 +00:00
Thomas Daubney
a542420e6d Call in_mbedtls_repo 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 18:01:42 +01:00
Gilles Peskine
7ee1a4e5d6
Merge pull request #9235 from gilles-peskine-arm/psa_generate_key_custom-3.6 
Backport 3.6: psa_generate_key_custom
 2024-08-06 16:41:34 +00:00
Thomas Daubney
5f0b64aadf Move some proj detection code inside pre_check_environment 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2024-08-06 17:38:19 +01:00
Gilles Peskine
14b87f6318 Match spacing in pointer types in documentation with the code style 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
4a85ff3997 Rename one more deprecated identifier 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
0d619b2dc7 Documentation improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
52504f8568 Rename internal function psa_key_production_parameters_are_default 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
472c10f4a5 key_custom: update analyze_outcomes.py 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:05 +02:00
Gilles Peskine
f5db72bbb9 Test cpp_dummy_build in pedantic mode 
In public headers, we want to avoid things that are not standard C++,
including features that GCC and Clang support as extensions, such as
flexible array members. So compile with `-pedantic`.

Non-regression for https://github.com/Mbed-TLS/mbedtls/issues/9020.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:13:04 +02:00
Gilles Peskine
d865c42776 Changelog entry for the move from key_ext to key_custom functions 
Document psa_generate_key_ext() and psa_key_derivation_output_key_ext() as
deprecated in favor of psa_generate_key_custom() and
psa_key_derivation_output_key_custom(), and no longer declared in C++ builds.

Resolves #9020.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:07 +02:00
Gilles Peskine
14134e7ddc Remove some tests of psa_generate_key_ext 
We know it's a thin wrapper around psa_generate_key_custom, so we just need
to check that it's passing the information through, we don't need coverage
of the parameter interpretation.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
e65cca2ee5 Document the key_ext functions as deprecated 
Don't formally deprecate them because we don't do that in a
long-time support branch. But do point readers away from them.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
603b5b842b Documentation: point to key_custom instead of key_ext 
Replace references to the deprecated functions `psa_generate_key_ext()` and
`psa_key_derivation_output_key_ext()` by their replacements
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
a8e39f2156 Update PSA wrappers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
f36d785188 Implement psa_generate_key_custom 
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`. These functions replace
`psa_generate_key_ext()` and `psa_key_derivation_output_key_ext()`.
They have the same functionality, but a slightly different interface:
the `ext` functions use a structure with a flexible array member to pass
variable-length data, while the `custom` functions use a separate parameter.

Keep the `ext` functions for backward compatibility with Mbed TLS 3.6.0.
But make them a thin wrapper around the new `custom` functions.

Duplicate the test code and data. The test cases have to be duplicated
anyway, and the test functions are individually more readable this way.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Michael Schuster
5830505b3d Fix missing-prototype error for the print_buf functions in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
9bf1875146 Revert commit 33af72df in order to not depend on test code 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
46a6e73285 Fix format-pedantic error in programs/test/metatest.c 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
ff4d6aea04 Use correct conditionals in programs/ssl (fix unused-function errors) 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
ab4951fbef Add missing include in tests/src/psa_memory_poisoning_wrappers.c to fix missing-prototype error 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
6a3573a1dd Fix Uncrustify errors in modified tests/suites to satisfy check_code_style test 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
275b698ee7 Use correct test case conditionals for helper functions in tests/suites 
Fix unused-function errors.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
6d6cae53ad Fix tests build with MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS enabled 
In that case mbedtls_psa_platform_get_builtin_key is already declared.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
4d0d0ec028 Move the -Wmissing-prototypes option from library/CMakeLists.txt to the top-level CMakeLists.txt for GCC & Clang 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
31b1cb8601 Adjust spacing in tests/suites function sources 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
b1e33fb707 Fix missing-prototype errors in tests/suites 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
8cc43f23b6 Fix unused-function error for ecjpake_operation_setup in test_suite_psa_crypto.function 
This function is not referenced anywhere in the whole codebase.

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
82984bc1be Adjust spacing in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
6fa32fd12d Fix missing-prototype errors in sample programs 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
41a686bb9f Fix missing-prototype error in programs/fuzz by moving LLVMFuzzerTestOneInput prototype to common.h 
Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00
Michael Schuster
3a4c43174c Move print_buf into mbedtls_test_print_buf helper function in sample programs 
Reduce code duplication and fix missing-prototype error for print_buf

Signed-off-by: Michael Schuster <michael@schuster.ms>
 2024-08-06 12:09:13 +01:00