lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-09-15 12:01:08 +03:00
Code Activity
33,773 Commits 174 Branches 272 Tags
coverity_scan
Commit Graph

12585 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
1a81ab6390 Merge pull request #10379 from bjwtaylor/update-header-guards 
Update header guard use in p256m test
 2025-09-12 10:03:02 +00:00
Ben Taylor
485d4c1343 reverting last commit as the tests cause failures 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
26cdf6ee2b Re-adding tests for ECDH 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
59474406a6 Re-instate MBEDTLS_PKCS1_V15 unset 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
df3e595536 Re-instate test for correctness of sent single supported algorithm 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
9e360b8f33 Remove MBEDTLS_RSA_C from depends.py 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
a47fd0faf4 Add bug link to test modifications 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
1a4f4b32a4 Add filter to test_tls13_only_ephemeral_ffdh to remove ffdh tests 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
120bd868b6 add filter to component_full_without_ecdhe_ecdsa 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
8371674048 re-add TLS_VERSION derivation 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
f57293654e Revert change to Everest test message back to ECDH 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
7b14d8228e Reverting TLS_VERSION derivation improvement, as it appear to be causing issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
677994af64 Change ecdh to ecdhe on everest test 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
59213b66df Re-add everest test, as it was mislabelled 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
6f0eb79111 Use get_tls_version to determine TLS_VERSION instead of statically assigning it 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
b191c02f6b Correct style issues 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
e16798ec67 Re-add reference to PSA_WANT_ALG_ECDH as this will be mantained 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
0fe02bb1bf Removed TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT as it is no longer used 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
844a264317 Remove stray MBEDTLS_PKCS1_V15 and MBEDTLS_PKCS1_V21 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
1d651cc8a1 Remove additional occurances of static ECDH symbols 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
a1914ef453 further removals of ssh tests from ssl-opt 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
fbd806ae95 Remove everest ECDH test as it is no longer required 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
5802394451 Remove further ECDH testd from ssl-opt.sh 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
0a7c5588db Remove further ECDH tests 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
dbf3977107 Remove tests from ssl-opt.sh that are depedendent the removed ECDH algorithm's 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
39280a4110 Remove ECDH from ssl-opt 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ben Taylor
15f1d7f812 Remove support for static ECDH cipher suites 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00
Ronald Cron
ab7610c318 Cleanup following the removal of entropy options 
Cleanup following the removal in TF-PSA-Crypto of:
- MBEDTLS_NO_PLATFORM_ENTROPY
- MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
- MBEDTLS_ENTROPY_HARDWARE_ALT
- MBEDTLS_ENTROPY_MIN_HARDWARE

Only MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES was still
present in Mbed TLS.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
eb16a9d9ea Prepare for the removal of MBEDTLS_PLATFORM_GET_ENTROPY_ALT 
We cannot remove it completely yet.
It must remain in config.py so that it is not
included in the full configuration.
A temporary exception is required for it in
analyze_outcomes.py.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
3b30643143 Adapt configurations to stricter compile-time checks 
Adapt configurations to stricter compile-time checks
for entropy enablement and MBEDTLS_ENTROPY_NV_SEED
option.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
efcec8cecd Cleanup following the removal of MBEDTLS_ENTROPY_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-10 15:23:32 +02:00
Ronald Cron
5df9d9d53e ssl-opt.sh: Fix dependency on ECDSA 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-08 15:40:12 +02:00
Ben Taylor
a2aa7daaca Change unset of MBEDTLS config to more standard method 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-04 11:22:52 +01:00
Ben Taylor
ecde0aaa41 replace undef with deletion in p256m test 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-02 11:13:05 +01:00
Ben Taylor
dfdac46163 Update header guard use in p256m test 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-02 11:13:05 +01:00
David Horstmann
f790fb84fc Merge pull request #10367 from davidhorstmann-arm/configuration-crypto-sh-legacy-ecdsa-deterministic 
Remove component uses of `MBEDTLS_ECDSA_DETERMINISTIC`
 2025-09-02 09:36:46 +00:00
Gilles Peskine
fda51526b5 Merge pull request #10363 from felixc-arm/error-codes-prereq 
[1/3] Unify generic error codes (partial prerequisite)
 2025-08-29 11:04:53 +00:00
Anton Matkin
4e091786ca Moved the MbedTLS config adjust headers to a private subdirectory 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
7a65ce6737 Unfortunately, we had two files named oid.h - one in the main repo, and one in the tf-psa-crypto repo, and these files included the mbedtls one, so I restored the header include 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:40 +02:00
Anton Matkin
bc48725b64 Include fixups (headers moves to private directory) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-29 07:05:37 +02:00
Felix Conway
a01ddf65b7 Revert unification for some error codes 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-28 17:39:10 +01:00
Felix Conway
07eb02889e Remove a redundant error test case and improve another 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-28 17:38:13 +01:00
David Horstmann
6ff9c89648 Merge pull request #10361 from bensze01/runtime-version-interface 
Simplify runtime version info string methods
 2025-08-27 14:59:15 +00:00
David Horstmann
b907dbc4d3 Remove other cases of explicit crypto config file 
Remove unnecessary passing of the crypto config filename either with the
'-f' or '-c' switch, throughout all of the all.sh component files.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-27 15:19:40 +01:00
Felix Conway
a15729d38e Fix libtestdriver1 rewrite in include/mbedtls/private 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-27 13:33:02 +01:00
David Horstmann
7cbeedc607 Remove uses of the -c $CRYPTO_CONFIG_H idiom 
This is no longer needed as config.py knows where the crypto config file
is these days.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-26 17:27:49 +01:00
Ronald Cron
aad5f1bedd tests: Prepare to switch to SHA-256 as the default CTR_DRBG hash 
Ensure that when we switch from SHA-512 to SHA-256
as the default CTR_DRBG hash, we still properly
test CTR_DRBG with SHA-512.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:35:42 +02:00
Ronald Cron
8fc000ec2c ssl-opt.sh: Fix MBEDTLS_ENTROPY_C dependency adjustment 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:19:59 +02:00
Minos Galanakis
a1e867981b ssl-opt.sh: Adjust dependency to MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00
Minos Galanakis
906950d8dc config/depends.py: Removed legacy options. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00