TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 11:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,336 Commits 177 Branches 276 Tags
development
Commit Graph

12753 Commits

Author SHA1 Message Date
Ronald Cron
b91117c32f Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options 
Remove legacy crypto options
 2025-09-17 18:46:05 +00:00
Gilles Peskine
a1d6b2733b Merge remote-tracking branch 'development' into restricted-mbedtls-merge-public-20250916 
Conflicts:
* `tf-psa-crypto`: updated to the merge of `development` and
  `development-restricted`.
 2025-09-16 16:24:09 +02:00
Valerio Setti
e2aed3a6df tests: revert changes to test_suite_ssl.data 
Revert changes previously done at following test cases:
- Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH
- Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Valerio Setti
91c0945def tests: fix alg and usage for some ECDHE-ECDSA opaque key tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Ronald Cron
4fe3760a27 Cleanup following the removal of MBEDTLS_BIGNUM_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
feb5e26619 Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
6cfab2880a Cleanup following the removal of MBEDTLS_ECP_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
2ad1e5c1a2 Cleanup following the removal of MBEDTLS_ECJPAKE_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
3c6bbddfd4 Cleanup following the removal of MBEDTLS_ECDSA_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
a19ee2819e Cleanup following the removal of MBEDTLS_ECDH_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
919a1e4e22 Cleanup following the removal of RSA legacy options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
2b7f59535f Remove completely MBEDTLS_PLATFORM_GET_ENTROPY_ALT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
0dd31fe523 Introduce MBEDTLS_SSL_NULL_CIPHERSUITES 
The support for TLS ciphersuites without
encryption does not rely anymore on the
MBEDTLS_CIPHER_NULL_CIPHER feature of
the cipher module. Introduce a specific
config option to enable these ciphersuites
and use it instead of MBEDTLS_CIPHER_NULL_CIPHER.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Manuel Pégourié-Gonnard
07912c9e36 Merge pull request #10370 from bjwtaylor/remove-deprecated-compilation-options 
Remove deprecated compilation options
 2025-09-15 09:26:01 +00:00
Manuel Pégourié-Gonnard
1a81ab6390 Merge pull request #10379 from bjwtaylor/update-header-guards 
Update header guard use in p256m test
 2025-09-12 10:03:02 +00:00
Ben Taylor
14e1932935 Remove stray comment int components-platform.sh 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
5a7a72ee41 testing with analyze_outcomes changes reverted for merge 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
bb877a8cbf remove further references to MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
485d4c1343 reverting last commit as the tests cause failures 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
26cdf6ee2b Re-adding tests for ECDH 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
59474406a6 Re-instate MBEDTLS_PKCS1_V15 unset 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
df3e595536 Re-instate test for correctness of sent single supported algorithm 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
9e360b8f33 Remove MBEDTLS_RSA_C from depends.py 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
a47fd0faf4 Add bug link to test modifications 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
1a4f4b32a4 Add filter to test_tls13_only_ephemeral_ffdh to remove ffdh tests 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
120bd868b6 add filter to component_full_without_ecdhe_ecdsa 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
8371674048 re-add TLS_VERSION derivation 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
f57293654e Revert change to Everest test message back to ECDH 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
7b14d8228e Reverting TLS_VERSION derivation improvement, as it appear to be causing issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
677994af64 Change ecdh to ecdhe on everest test 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
59213b66df Re-add everest test, as it was mislabelled 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
6f0eb79111 Use get_tls_version to determine TLS_VERSION instead of statically assigning it 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
b191c02f6b Correct style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
e16798ec67 Re-add reference to PSA_WANT_ALG_ECDH as this will be mantained 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
0fe02bb1bf Removed TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT as it is no longer used 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
844a264317 Remove stray MBEDTLS_PKCS1_V15 and MBEDTLS_PKCS1_V21 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
1d651cc8a1 Remove additional occurances of static ECDH symbols 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
a1914ef453 further removals of ssh tests from ssl-opt 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
fbd806ae95 Remove everest ECDH test as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
5802394451 Remove further ECDH testd from ssl-opt.sh 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
0a7c5588db Remove further ECDH tests 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
dbf3977107 Remove tests from ssl-opt.sh that are depedendent the removed ECDH algorithm's 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
39280a4110 Remove ECDH from ssl-opt 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
15f1d7f812 Remove support for static ECDH cipher suites 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ronald Cron
ab7610c318 Cleanup following the removal of entropy options 
Cleanup following the removal in TF-PSA-Crypto of:
- MBEDTLS_NO_PLATFORM_ENTROPY
- MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- MBEDTLS_ENTROPY_HARDWARE_ALT
- MBEDTLS_ENTROPY_MIN_HARDWARE

Only MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES was still
present in Mbed TLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
eb16a9d9ea Prepare for the removal of MBEDTLS_PLATFORM_GET_ENTROPY_ALT 
We cannot remove it completely yet.
It must remain in config.py so that it is not
included in the full configuration.
A temporary exception is required for it in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
3b30643143 Adapt configurations to stricter compile-time checks 
Adapt configurations to stricter compile-time checks
for entropy enablement and MBEDTLS_ENTROPY_NV_SEED
option.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
efcec8cecd Cleanup following the removal of MBEDTLS_ENTROPY_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
5df9d9d53e ssl-opt.sh: Fix dependency on ECDSA 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-08 15:40:12 +02:00
Ben Taylor
a2aa7daaca Change unset of MBEDTLS config to more standard method 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-04 11:22:52 +01:00