mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-10 06:40:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
32,678 Commits 170 Branches 263 Tags
Commit Graph

32678 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gabor Mezei
7554eeaf4c
Disable 224K1 while testing the other curves 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-01-27 15:03:14 +01:00
Gabor Mezei
fe14d85b7c
Remove unused symbol 
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-01-27 15:03:14 +01:00
Gabor Mezei
069e3e6fe7
Remove reference for PSA_WANT_ALG_SECP_K1_224 
The `PSA_WANT_ALG_SECP_K1_224` symbol has been removed.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-01-27 15:03:14 +01:00
Gabor Mezei
0a2f257492
Use symbol matching for the curves domain 
Instead of using the `crypto_knowledge.py`, use basic symbol matching for the
`PSA_WANT_ECC_*` macros to search for in the `curves` domain of `depend.py`.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-01-27 15:03:13 +01:00
Gabor Mezei
1c49cff468
Use PSA macros for the curves domain 
Exclude the SECP224K1 curve due it is unstable via the PSA API.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-01-27 15:03:13 +01:00
Ronald Cron
189dcf630f
Merge pull request #9910 from valeriosetti/issue9684 
Remove DHE-PSK key exchange
 2025-01-27 11:15:10 +00:00
Manuel Pégourié-Gonnard
7e1154c959
Merge pull request #9906 from mpg/rm-conf-curves 
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
 2025-01-27 08:21:27 +00:00
Valerio Setti
094fd49f5b tf-psa-crypto: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-27 05:24:06 +01:00
Valerio Setti
944f3ab1d6 changelog: add note about DHE-PSK removal 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
27bc56303a docs: remove references of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6ba324de02 mbedtls_config: remove MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED 
This commit also removes its disabling from config_adjust_ssl.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
a07345247e check_config: remove checks for DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6e892cb630 components-configuration-crypto.sh: remove references to DHE_PSK kex 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
70cc4e6bd1 analyze_outcomes.py: remove exceptions related to DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
6348b46c0b ssl_ciphersuites: remove references/usages of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
48659a1f9c ssl_tls: remove usage of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
64d264d2e6 compat.sh: remove usage of DHE-PSK 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
9a9c9a53c1 compat.sh: do not use DHE-PSK key exchange in gnutls tests 
DHE-PSK is being removed from Mbed TLS so we cannot use this key
exchange with gnutls testing.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Valerio Setti
5c730c1d54 ssl-opt.sh: remove DHE-PSK only test cases 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-24 11:49:59 +01:00
Janos Follath
1532ea42ac
Merge pull request #9918 from davidhorstmann-arm/clarify-x509-security-md 
Add X.509 formatting validation to SECURITY.md
 2025-01-23 16:09:50 +00:00
David Horstmann
0704fbf1eb Fix missing-word typo 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-01-23 10:28:06 +00:00
Manuel Pégourié-Gonnard
490e30599b Stop recommended deprecated function in migration guide 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-23 09:33:59 +01:00
David Horstmann
faa1a0fe50 Add paragraph on undefined behaviour 
Add a note that we do aim to protect against undefined behaviour and
undefined behaviour in certificate parsing is in scope.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-01-22 14:48:58 +00:00
David Horstmann
2fe0da7947 Add X.509 formatting validation to SECURITY.md 
Clarify that strict formatting of X.509 certificates is not checked by
Mbed TLS and that it therefore should not be used to construct a CA.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-01-22 14:27:22 +00:00
Manuel Pégourié-Gonnard
c4e768a8a6 Fix incorrect test function 
We should not manually set the TLS version, the tests are supposed to
pass in 1.3-only builds as well. Instead do the normal thing of setting
defaults. This doesn't interfere with the rest of the testing, so I'm
not sure why we were not doing it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-22 10:04:43 +01:00
David Horstmann
5a77c230b1
Merge pull request #9909 from gilles-peskine-arm/psa-storage-test-cases-never-supported-negative-dev 
Switch generate_psa_test.py to automatic dependencies for negative test cases
 2025-01-21 18:34:25 +00:00
Gilles Peskine
7dc570905e Update submodule 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-20 19:43:41 +01:00
Gilles Peskine
13c418dcee Add ignore list entries for ECDH/FFDH algorithm without key type 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-20 16:00:46 +01:00
Gilles Peskine
fe683e7a1b Remove test coverage exceptions that are no longer needed 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-20 16:00:46 +01:00
Gilles Peskine
08c4362ad1 Update submodules 
Catch up with https://github.com/Mbed-TLS/mbedtls-framework/pull/104 =
"Switch generate_psa_test.py to automatic dependencies for negative test cases"

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-20 16:00:44 +01:00
Ronald Cron
6daf4ef507
Merge pull request #9914 from Harry-Ramsey/remove-tf-psa-crypto-test 
Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS
 2025-01-20 10:38:53 +00:00
Ronald Cron
bff7733714
Merge pull request #9913 from valeriosetti/issue9892 
Remove deprecated function mbedtls_x509write_crt_set_serial()
 2025-01-20 10:11:57 +00:00
Harry Ramsey
cec956263d Update framework pointer 
This commit updates the framework pointer to include modified
collect_test_cases.py which can run independently for TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-20 08:41:40 +00:00
Harry Ramsey
28eed1abff Update TF-PSA-Crypto pointer 
This commit updates TF-PSA-Crypto pointer to include the moved test in
Mbed TLS via TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-20 08:41:31 +00:00
Harry Ramsey
e65bfe6449 Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS 
This commit removes the check_test_dependencies from Mbed TLS as it has
been added to TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-01-17 09:20:23 +00:00
Valerio Setti
19846f5561 changelog: add note for mbedtls_x509write_crt_set_serial() deprecation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:06:19 +01:00
Valerio Setti
6487da15e9 tests: remove usage of mbedtls_x509write_crt_set_serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:02:15 +01:00
Valerio Setti
6b64a1ba37 x509: remove definition and implementation of x509write_crt_set_serial 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-16 15:00:10 +01:00
Manuel Pégourié-Gonnard
4787b4012c Add ChangeLog entry 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:28:01 +01:00
Manuel Pégourié-Gonnard
4c3134a396 Remove useless dependency from test function 
This dependency was never right in the first place.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:25:52 +01:00
Manuel Pégourié-Gonnard
6402c35eca Remove internal helper mbedtls_ssl_get_groups() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:23:56 +01:00
Manuel Pégourié-Gonnard
6b720161ca Remove mbedtls_ssl_conf::curve_list 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:17:20 +01:00
Manuel Pégourié-Gonnard
93d4591255 Remove deprecated function mbedtls_ssl_conf_curves() 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:06:31 +01:00
Ronald Cron
99d82166a3
Merge pull request #9888 from valeriosetti/issue101-development 
Move pkgconfig.sh to the framework
 2025-01-14 10:46:20 +00:00
Valerio Setti
dff650eb34 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-14 09:46:18 +01:00
Valerio Setti
ba8500b6b9 components-build-system.sh: fix path of pkgconfig.sh 
The script was moved to the framework sub-repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-14 09:46:07 +01:00
Valerio Setti
3533e9b761 Move files out of Mbed TLS 
The following files are moved to the framework repo (deleted here):

tests/scripts/pkgconfig.sh

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-14 09:46:07 +01:00
Ronald Cron
67ba14c0ba
Merge pull request #9863 from valeriosetti/issue86-development 
Move most of min_requirements.py to the framework
 2025-01-13 15:05:29 +00:00
Valerio Setti
7459ef2425 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-13 13:17:07 +01:00
Valerio Setti
3730e4a6b7 scripts: add new min_requirements.py script 
This call into the "old" script that has been moved to the framework
repository. The *.requirements.txt files are kept on this repo though.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-13 13:16:40 +01:00