TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 11:11:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
34,336 Commits 177 Branches 276 Tags
development
Commit Graph

34336 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Valerio Setti
d36ed4a84d tf-psa-crypto: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-12-03 13:03:08 +01:00
Valerio Setti
35d90d15c7 framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-12-03 13:03:08 +01:00
Valerio Setti
725e3f1daa tests: x509parse: replace certificates using secp192 with those using secp256 
This replacement is either:
- "server5-rsa-signed.crt": if a generic secp256r1 EC key is enough, i.e.
	any EC key is fine as it's not secp192 since this support is being
	removed from TF-PSA-Crypto.
- "server11-rsa-signed.crt": if an EC key which does not belong to "suite-b"
	is required. For this case "secp256r1" wouldn't be good, so we use
	a "secp256k1" key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-12-03 13:03:07 +01:00
Valerio Setti
d262352601 Merge pull request #10523 from mpg/rm-ecdh 
Remove some useless private includes
 2025-12-02 15:21:24 +00:00
Manuel Pégourié-Gonnard
5341c86877 Add comments for remaining internal includes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-02 12:35:20 +01:00
Manuel Pégourié-Gonnard
ea5718721f Remove two more useless internal includes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-02 12:06:39 +01:00
Manuel Pégourié-Gonnard
3e6455d50e Remove useless includes of psa_util_internal 
Those in SSL modules were redundant because it's already included from
ssl_misc.h.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-02 12:00:34 +01:00
Manuel Pégourié-Gonnard
d6551eaaa6 Add comment about internal crypto include 
Besides using an internal crypto header, error.h is arguably the wrong
place: this file's docstring says it's about "Error to string
translation", quite unrelated to the things we use from error_common.h.
This is not surprising given the history, but no longer makes sense
today.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 11:06:02 +01:00
Manuel Pégourié-Gonnard
411282d126 x509: rm useless private include in C file 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 11:06:02 +01:00
Manuel Pégourié-Gonnard
eab6d3276b ssl: rm useless private include in C file 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 10:26:28 +01:00
Manuel Pégourié-Gonnard
c53c43c296 x509: rm useless private includes in internal headers 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 10:24:50 +01:00
Manuel Pégourié-Gonnard
4b663abecc ssl: rm useless private includes in internal headers 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 10:24:41 +01:00
Manuel Pégourié-Gonnard
53c511578a x509: rm useless private include in public header 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 10:04:11 +01:00
Manuel Pégourié-Gonnard
59c9ebfaae ssl: rm useless private includes in public headers 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-01 10:04:06 +01:00
Valerio Setti
5ae6c62247 tests: x509parse: transition tests based on secp192 curves to secp256 
After some analysis search it was determined that previous test data seem
not to belong to the "framework/data_files" certificate files. Therefore
new test data has been generated from scratch.

The improvement compared to the previous situation is that comments has
been added on top of each test in order to explain how to recreate new test
data.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-27 14:38:22 +01:00
David Horstmann
caaa93884c Merge pull request #10519 from valeriosetti/issue568-mbedtls 
[mbedtls] Remove support for secp192[k|r]1 curves
 2025-11-24 11:17:18 +00:00
Valerio Setti
65ec4cc771 tests: scripts: make enabling of secp192 curves fault tolerant in test_psa_crypto_without_heap 
This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-20 13:20:40 +01:00
Valerio Setti
caf73f885a library: check_config: remove references to secp192 curves 
Support for these curves is being removed from tf-psa-crypto, so we need
to remove all the references also in this repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-20 13:01:18 +01:00
Valerio Setti
3057ea0288 Merge pull request #10509 from gilles-peskine-arm/config_checks_generator-fix-windows-path-mbedtls 
Changelog entry for fix #10502
 2025-11-20 11:49:36 +00:00
Gilles Peskine
6116d8feea Update framework with fix of Mbed-TLS/mbedtls#10502 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-11-20 10:28:52 +01:00
Gilles Peskine
28f745515e Changelog entry for fix #10502 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-11-20 10:28:30 +01:00
Manuel Pégourié-Gonnard
3a0868b8ff Merge pull request #10496 from JuhaPekkaa/juke/change-loglevel 
Update log level for mbedtls_ssl_check_record and PSA-based ECDH computation
 2025-11-12 09:33:39 +00:00
Manuel Pégourié-Gonnard
148bc1120a Merge pull request #10498 from valeriosetti/issue435-part2-mbedtls 
[mbedtls] tests: migrate tests using secp192[k|r]1 toward secp256[r|k]1 --> EC [2/3]
 2025-11-12 08:38:54 +00:00
Valerio Setti
1f2f6fc9cb framework: update reference 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-06 23:48:36 +01:00
Manuel Pégourié-Gonnard
a6e59a955b Merge pull request #10450 from bjwtaylor/move-lcov 
Remove lcov.sh as this will be moved to the framework
 2025-11-06 11:11:59 +00:00
Juha-Pekka Kesonen
5f4cbcd336 ssl_tls12: change log level for ECDH computation 
Signed-off-by: Juha-Pekka <juha-pekka.kesonen@nordicsemi.no>
 2025-11-05 14:10:52 +02:00
Juha-Pekka Kesonen
666fa2da3d ssl_msg.c: change log level for record checking 
Signed-off-by: Juha-Pekka <juha-pekka.kesonen@nordicsemi.no>
 2025-11-05 14:08:46 +02:00
Ronald Cron
5dae44848d Merge pull request #10462 from minosgalanakis/bugfix/update_prepare_release 
Update `prepare_release.sh`
 2025-11-04 16:10:38 +00:00
Valerio Setti
00d579e953 Merge pull request #10439 from bjwtaylor/remove-all-non-ext-apis 
Remove all non ext apis
 2025-11-04 09:53:34 +00:00
Gilles Peskine
18f2661c65 Merge pull request #10491 from valeriosetti/issue10229 
Remove temporary fixes introduced in #10213
 2025-11-04 08:59:16 +00:00
Valerio Setti
910bf4bbc6 tests: suite_x509parse: remove temporary fixes 
Removes the temporary fixes that were introduced in order to allow crypto#308
to be merged.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-03 10:27:24 +01:00
Valerio Setti
a35e332bbb library: debug: remove temporary fixes for RSA key handling 
Since crypto#308 has been merged:
- replace MBEDTLS_PK_USE_PSA_RSA_DATA with PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
- remove "no-check-names"

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-03 10:25:15 +01:00
Ben Taylor
4b8d9d41ee Update tf-psa-crypto submodule to include new framework 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 14:41:31 +00:00
Ben Taylor
76899ea606 Update framework module 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 14:18:05 +00:00
Ben Taylor
82a48d42ff Update lcov.sh patch to use CMake variable 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 14:18:05 +00:00
Ben Taylor
9b4f222f4f Update lcov.sh paths in make files 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 14:18:05 +00:00
Ben Taylor
284481f7ca Remove lcov.sh as this will be moved to the framework 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 14:18:05 +00:00
Valerio Setti
ee72a20288 Merge pull request #10481 from gilles-peskine-arm/cmake-package-version-mbedtls 
Fix duplication of product version in CMakeLists.txt
 2025-10-31 13:02:09 +00:00
Valerio Setti
525dd917dc Merge pull request #10477 from Cube707/fix/iar-compiler-warning 
add cast to fix IAR compiler errors
 2025-10-31 12:33:26 +00:00
Ben Taylor
42074c193f Rename mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg to mbedtls_ssl_get_pk_sigalg_and_md_alg_from_sig_alg 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 08:40:36 +00:00
Ben Taylor
b76c38334a Update name of mbedtls_ssl_pk_alg_from_sig_pk_alg to mbedtls_ssl_pk_sig_alg_from_sig 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-31 08:40:25 +00:00
Ben Taylor
f21e63c6d0 Update pk_alg to use mbedtls_pk_sigalg_t and remove casts in library/x509write_csr.c 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-30 15:29:02 +00:00
Ben Taylor
00b04a6590 Update mbedtls_pk_sign_ext in x509write_crt.c to use mbedtls_pk_sigalg_t directly and remove casts 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-30 15:11:09 +00:00
Ben Taylor
5f037c7fb3 Rename mbedtls_ssl_pk_alg_from_sig to mbedtls_ssl_pk_alg_from_sig_pk_alg and update to use mbedtls_pk_sigalg_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-30 14:59:24 +00:00
Ben Taylor
0035cfb1f0 Removed unnecessary cast in mbedtls_pk_sign_ext 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-30 13:42:56 +00:00
Ben Taylor
4565d5d4e6 Change the call to mbedtls_pk_verify_ext in pkcs7 to have a variable input cert->sig_pk 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-30 13:37:09 +00:00
Minos Galanakis
a2cba40df6 prepare_release.sh: modify submodule files recursively 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-30 10:00:22 +00:00
Minos Galanakis
bdb1dcbdb6 prepare_release.sh: simplified regex 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-30 10:00:22 +00:00
Minos Galanakis
958d9d97a4 prepare_release.sh: Added documentation 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-30 09:58:17 +00:00
minosgalanakis
32b597bd31 Merge pull request #10469 from Begasus/includedir 
Use GNUInstallDirs CMAKE_INSTALL_INCLUDEDDIR path for headers installation
 2025-10-29 15:21:32 +00:00