TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,722 Commits 177 Branches 276 Tags
efcec8cecd5afabdfd43d930cccf6c22a6438407
Commit Graph

12552 Commits

Author SHA1 Message Date
Ronald Cron
efcec8cecd Cleanup following the removal of MBEDTLS_ENTROPY_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
5df9d9d53e ssl-opt.sh: Fix dependency on ECDSA 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-08 15:40:12 +02:00
David Horstmann
f790fb84fc Merge pull request #10367 from davidhorstmann-arm/configuration-crypto-sh-legacy-ecdsa-deterministic 
Remove component uses of `MBEDTLS_ECDSA_DETERMINISTIC`
 2025-09-02 09:36:46 +00:00
Gilles Peskine
fda51526b5 Merge pull request #10363 from felixc-arm/error-codes-prereq 
[1/3] Unify generic error codes (partial prerequisite)
 2025-08-29 11:04:53 +00:00
Anton Matkin
4e091786ca Moved the MbedTLS config adjust headers to a private subdirectory 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
7a65ce6737 Unfortunately, we had two files named oid.h - one in the main repo, and one in the tf-psa-crypto repo, and these files included the mbedtls one, so I restored the header include 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
bc48725b64 Include fixups (headers moves to private directory) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:37 +02:00
Felix Conway
a01ddf65b7 Revert unification for some error codes 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-28 17:39:10 +01:00
Felix Conway
07eb02889e Remove a redundant error test case and improve another 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-28 17:38:13 +01:00
David Horstmann
6ff9c89648 Merge pull request #10361 from bensze01/runtime-version-interface 
Simplify runtime version info string methods
 2025-08-27 14:59:15 +00:00
David Horstmann
b907dbc4d3 Remove other cases of explicit crypto config file 
Remove unnecessary passing of the crypto config filename either with the
'-f' or '-c' switch, throughout all of the all.sh component files.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-27 15:19:40 +01:00
Felix Conway
a15729d38e Fix libtestdriver1 rewrite in include/mbedtls/private 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-27 13:33:02 +01:00
David Horstmann
7cbeedc607 Remove uses of the -c $CRYPTO_CONFIG_H idiom 
This is no longer needed as config.py knows where the crypto config file
is these days.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-26 17:27:49 +01:00
Ronald Cron
aad5f1bedd tests: Prepare to switch to SHA-256 as the default CTR_DRBG hash 
Ensure that when we switch from SHA-512 to SHA-256
as the default CTR_DRBG hash, we still properly
test CTR_DRBG with SHA-512.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:35:42 +02:00
Ronald Cron
8fc000ec2c ssl-opt.sh: Fix MBEDTLS_ENTROPY_C dependency adjustment 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:19:59 +02:00
Minos Galanakis
a1e867981b ssl-opt.sh: Adjust dependency to MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00
Minos Galanakis
906950d8dc config/depends.py: Removed legacy options. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00
Minos Galanakis
5dbc24a255 components-configuration-crypto: Removed legacy options. 
Removed setters for `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY`
and `MBEDTLS_ENTROPY_FORCE_SHA256`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:56:59 +01:00
David Horstmann
3492807e0b Remove component uses of MBEDTLS_ECDSA_DETERMINISTIC 
Remove all references to MBEDTLS_ECDSA_DETERMINISTIC from
components-configuration-crypto.sh. Replace them with
PSA_WANT_ALG_DETERMINISTIC_ECDSA.

This is safe because:
* MBEDTLS_ECDSA_DETERMINISTIC is only ever unset in components in order
  to avoid errors from disabling its dependency MBEDTLS_HMAC_DRBG_C.
* MBEDTLS_ECDSA_DETERMINISTIC is only ever defined in
  config_adjust_legacy_from_psa.h, and only if
  PSA_WANT_ALG_DETERMINISTIC_ECDSA is defined.

Therefore PSA_WANT_ALG_DETERMINISTIC_ECDSA's dependencies are a superset
of MBEDTLS_ECDSA_DETERMINISTIC's dependencies and must include
MBEDTLS_HMAC_DRBG_C, so disabling PSA_WANT_ALG_DETERMINISTIC_ECDSA is a
sufficient substitute for disabling MBEDTLS_ECDSA_DETERMINISTIC.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-20 10:26:11 +01:00
Minos Galanakis
f3486e198b components-configuration-crypto.sh: Added setters for MBEDTLS_PSA_CRYPTO_RNG_HASH 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-20 00:04:35 +01:00
Felix Conway
e984d35590 Fix ssl tests expecting old X509 error output 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-19 10:23:46 +01:00
Bence Szépkúti
0e5fe877cc Update PSASim tests to new call signature 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 14:38:01 +02:00
Felix Conway
8616ee762d Change values for error tests 
Previously these tests used values that will become PSA aliases,
and so the tests will fail once they're changed.

Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-18 11:32:58 +01:00
Bence Szépkúti
b2ba9fa68b Simplify runtime version info string methods 
Return a const char* instead of taking a char* as an argument.

This aligns us with the interface used in TF PSA Crypto.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 11:39:45 +02:00
minosgalanakis
265e98da45 Merge pull request #10355 from valeriosetti/issue10283-fix-test-coverage 
tests: configuration-crypto: enable p192 curves in test_psa_crypto_without_heap
 2025-08-15 11:22:06 +00:00
Bence Szépkúti
e96491c193 Merge pull request #10049 from amtkarm1/iss9321 
Move the PAKE hash algorithm parameter into the alg id
 2025-08-13 10:14:05 +00:00
Valerio Setti
a785eea41f tests: configuration-crypto: enable p192 curves in test_psa_crypto_without_heap 
Enable p192[k|r]1 curves which are disabled by default in tf-psa-crypto.
This is required to get the proper test coverage otherwise there are
tests in 'test_suite_psa_crypto_op_fail' that would never be executed.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-13 10:57:46 +02:00
Anton Matkin
6eb5335ef0 Fixed issues with policy verification, since wildcard JPAKE policy is now disallowed, changed to concrete jpake algorithm (with SHA256 hash) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
1b70084bd9 TF-PSA-Crypto submodule link fixup 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:45 +02:00
Manuel Pégourié-Gonnard
c7a10589cf Merge pull request #10352 from valeriosetti/issue10283-development-prereq 
[development] Remove 224-bit curves (3/5)
 2025-08-12 11:39:20 +00:00
Valerio Setti
981a0c46b2 tests: remove leftover from debug session and extra spaces 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-12 11:31:11 +02:00
Valerio Setti
37a4281710 tests: configuration_crypto: fix selection of EC/DH group to accelerate 
Some EC/DH group might be disabled in default configuration in
"crypto_config.h" so before running "helper_get_psa_key_type_list" and/or
"helper_get_psa_curve_list" it's better to set/unset what's required
for that test component and only then parse the enabled groups.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-12 09:36:45 +02:00
Manuel Pégourié-Gonnard
5b74c79f00 Merge pull request #10298 from bjwtaylor/remove-deprecated-items 
Remove deprecated items
 2025-08-11 07:13:08 +00:00
Gilles Peskine
627d653863 Merge pull request #10282 from bjwtaylor/switch-to-mbedtls_pk_sigalg_t 
Switch to mbedtls pk sigalg t
 2025-08-07 11:06:31 +00:00
Manuel Pégourié-Gonnard
2656eb9121 Merge pull request #10344 from valeriosetti/issue10283-development 
[development] Remove 224-bit curves & Remove 192-bit curves from TLS & X.509 (2/3)
 2025-08-07 10:40:49 +00:00
Ben Taylor
8b3b7e5cac Update further type mismatches 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
6816fd781e Adjust for change in mbedtls_pk_verify_new function prototype 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
1c118a564d reverted enum in pk_verify_new 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
adf5d537b2 Fix code style 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Ben Taylor
d95ea27e8c Create new enum mbedtls_pk_sigalg_t 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 08:25:52 +01:00
Minos Galanakis
2fc59949b2 Added MBEDTLS_PSA_CRYPTO_RNG_STRENGTH to tests. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-06 10:50:27 +01:00
Valerio Setti
80a623089d tests: ssl: allow more groups in conf_group() 
Previously 3 different groups were allowed, but since the removal of
secp192r1 and secp224r1 only secp256r1 was left. This commit adds
other 2 options.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 11:38:45 +02:00
Valerio Setti
fa648bacb2 depends.py: keep reverse dependencies for p192 and p224 curves 
These reverse dependencies will be removed once tf-psa-crypto will
remove the corresponding build symbols.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 11:02:25 +02:00
Valerio Setti
d0d0791aed remove usage of secp192[k|r]1 curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 09:15:35 +02:00
Valerio Setti
70a4a31cb5 remove secp224[k|r]1 curves 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-06 09:15:35 +02:00
Ben Taylor
4265e91930 Remove test component_test_dtls_cid_legacy as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Ben Taylor
4a43804d69 Remove deprecated items 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-01 11:45:14 +01:00
Gilles Peskine
40486a404d Merge pull request #10209 from bjwtaylor/remove-MBEDTLS_USE_PSA_CRYPTO-code 
Remove mbedtls use psa crypto code
 2025-07-30 11:46:09 +00:00
Gilles Peskine
ae9dbaae3f Merge pull request #10315 from bjwtaylor/include-private-pk 
Add copy of header file for libtestdriver1
 2025-07-30 08:10:20 +00:00
Ben Taylor
c454b5b658 Fix rebase failure 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-07-30 07:55:14 +01:00