lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-02 21:06:37 +03:00
Code Activity
33,580 Commits 174 Branches 272 Tags
development
Commit Graph

1722 Commits

Author SHA1 Message Date
Gilles Peskine
bb8bafa5e5 Pacify uncrustify 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-26 00:23:05 +02:00
Gilles Peskine
4995d4435c Don't incude auxiliary headers that have alternative versions 
When compiling with `MBEDTLS_PSA_CRYPTO_PLATFORM_FILE`, we must not include
`<psa/crypto_platform.h`. Same with `MBEDTLS_PSA_CRYPTO_STRUCT_FILE` and
`<psa/crypto_struct.h>`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-26 00:19:32 +02:00
Gilles Peskine
409c688c4b Include mbedtls/platform_time.h conditionally on MBEDTLS_HAVE_TIME 
Work around https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/393

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-26 00:17:57 +02:00
Gilles Peskine
8b006ce95f Invoke generate_query_config.pl from the root 
Otherwise it can't find headers to include.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-25 19:51:17 +02:00
Gilles Peskine
c0a562c895 query_config.fmt: glob headers instead of listing them explicitly 
This lets us remove or rename crypto headers without hassle, and means we
don't risk forgetting to add a new header.

Fix #10323

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-25 18:12:37 +02:00
Bence Szépkúti
27125ceacf Update references to tf-psa-crypto/core/common.h 
This commit was generated using the following command:

sed -i 's/\(^\|[^_]\)common\.h/\1tf_psa_crypto_common.h/g' \
    $(git ls-files .                                       \
        ':!:programs/fuzz'                                 \
        ':!:tests/psa-client-server'                       \
        ':!:tf-psa-crypto'                                 \
        ':!:framework')                                    \
    $(git grep -l 'tf-psa-crypto/core/common.h')

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-21 20:02:30 +02:00
Ronald Cron
b5fd7b9a54 Merge pull request #10295 from gilles-peskine-arm/nv-seed-only-prepare-mbedtls 
Allow builds with no RNG but entropy in an NV seed: prepare Mbed TLS
 2025-07-18 11:56:41 +00:00
Gilles Peskine
0b49112329 Merge pull request #10212 from bjwtaylor/remove-hkdf 
Remove hkdf
 2025-07-17 09:57:11 +00:00
Bence Szépkúti
5956d28c0b Restrict CI-specific python requirements to Linux 
The dependencies declared in ci.requirements.txt are only used in
scripts that we run on the Linux CI.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-16 14:18:12 +02:00
Bence Szépkúti
9dda0ca195 Don't install cryptography on the FreeBSD CI 
Recent versions of cryptography require a Rust toolchain to install on
FreeBSD, which we do not have set up yet.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-16 13:33:17 +02:00
Bence Szépkúti
4561164e7c Freeze cryptography version on the CI at 35.0.0 
The version was unspecified because of our use of Python 3.5 on the CI,
whichi has since been eliminated.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-16 13:29:55 +02:00
Gilles Peskine
aeac0b31ac Disable new platform-related option 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-07-10 13:00:36 +02:00
David Horstmann
ba2376c580 Merge pull request #10275 from ariwo17/remove-des-core-before-crypto 
Remove DES from Mbed TLS core (except references blocked by TF PSA Crypto)
 2025-07-09 09:52:31 +00:00
Ben Taylor
08072685bd remove hkdf header file from query_config template 
Signed-off-by: Ben Taylor <bentay03@e140121.arm.com>
 2025-07-08 14:24:44 +01:00
Anton Matkin
0c10d9b700 Improved the error generating script, so that it is a little more explicit 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-07-08 14:02:15 +02:00
Anton Matkin
f94bc63fdb Updated generate_errors.pl to include private directories too: the header is deemed to be private if it is in a private subdirectory 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-07-07 14:15:34 +02:00
Ari Weiler-Ofek
86422e5509 Remove: DES selftest, component_test_psa_crypto_config_accel_des and dead DES mentions prior to TF-PSA-Crypto cleanup 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-07 11:29:50 +01:00
Ari Weiler-Ofek
2795197ba0 Remove DES handling from error generator 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-04 11:59:42 +01:00
Valerio Setti
8e8dc11406 scripts: generate_visualc_files: remove temporary Everest path fixes 
Remove temporary path fixes for Everest's headers that were introduced
in #10225. Only the new and correct path of the header files is kept.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-06-23 21:54:58 +02:00
minosgalanakis
a3857eb746 Merge pull request #10162 from davidhorstmann-arm/fix-bump-version 
Fix bug in `bump_version.sh`
 2025-06-20 16:50:35 +00:00
Manuel Pégourié-Gonnard
6a3b877d60 Remove OID from generate_error.pl 
There is no longer any associated error code, so this commit does not
change the generated file in any way.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-06-19 12:14:02 +02:00
Manuel Pégourié-Gonnard
4ccde0c8e5 Merge pull request #10225 from valeriosetti/issue229-mbedtls 
[development] Move Everest headers to a private subdirectory (1/2)
 2025-06-19 06:47:21 +00:00
Valerio Setti
2d7ded653f scripts: generate_visualc_files: fix include_directories 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-06-18 10:01:29 +02:00
Valerio Setti
3de417fce2 scripts: generate_visualc_files.pl: prepare for Everest headers relocation 
This change allows the Perl script to manage Everest headers in
tf-psa-crypto repo both before and after psa#235. Once psa#235 will be
merged this commit can be simplified, i.e. it will be returned to its
original state with paths of Everest headers updated.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-06-16 15:04:27 +02:00
Ben Taylor
2d6374a0f9 adjust everest header paths in generate_visualc_files.pl 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-06-05 11:26:51 +01:00
Gabor Mezei
72cc7bb706 Start the generation at the beginning of the line 
The markers for the generated code need to indented due to the code style check.
During the replacement remove the spaces along with the markers.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-06-03 17:49:23 +02:00
Gabor Mezei
588769cc65 Update error generation 
Adapt the `generate_errors.pl` to handle `PSA_WANT` macros and
update to handle SHA3 macros.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
 2025-06-03 17:49:23 +02:00
David Horstmann
05027f23ce Fix bug in bump_version.sh 
This had not been updated after test_suite_version was moved back to
mbedtls from TF-PSA-Crypto.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-05-02 11:41:19 +01:00
Valerio Setti
73bd210a94 tests: remove usage of MBEDTLS_NO_PLATFORM_ENTROPY 
Use MBEDTLS_PLATFORM_GET_ENTROPY_ALT instead.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Valerio Setti
c568688456 config.py: do not enable MBEDTLS_PLATFORM_GET_ENTROPY_ALT in full config 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-04-29 11:01:46 +02:00
Ronald Cron
762c80199d Use make_generated_files.py in make_generated_files.bat 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-31 17:18:03 +02:00
Felix Conway
92efce2b84 [development] Remove code relating to MBEDTLS_PSA_INJECT_ENTROPY 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-03-28 09:01:05 +01:00
Ronald Cron
99226e9b9b cmake: Generate test_keys.h and test_certs.h in the build tree 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
81a674eee8 Adapt to generate_config_tests.py changes 
Adapt builds and check-generated-files.sh to the fact
that generate_config_tests.py does not generate
test_suite_config.psa_boolean.data in Mbed TLS 4.x
context anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Ronald Cron
ddbf729ef7 Add directory and list arguments to generate_visualc_files.pl 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-03-26 21:19:28 +01:00
Valerio Setti
ae5f6c4de1 scripts: config.py: remove references to MBEDTLS_PSA_CRYPTO_SE_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-26 13:32:54 +01:00
Gilles Peskine
1ffdb18cdb Remove mbedtls_low_level_sterr() and mbedtls_high_level_strerr() 
Just removed from the API. We can greatly simplify error.c but that will be
for later.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-24 14:26:39 +00:00
Minos Galanakis
a2a0c2cbe7 Merge remote-tracking branch 'origin/features/tls-defragmentation/development' into feature_merge_defragmentation_dev 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-03-12 15:25:06 +00:00
Valerio Setti
ddc4b042f8 scripts: generate_errors: remove DHM occurrence 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:23 +01:00
Valerio Setti
c56cda7ad6 scripts: query_config.fmt: do not include "dhm.h" 
The file is being removed together with the removal of MBEDTLS_DHM_C.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-03-05 10:11:22 +01:00
Gilles Peskine
4773333dc6 New generated file: tests/opt-testcases/handshake-generated.sh 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-03-03 16:13:19 +01:00
Valerio Setti
69d0781576 scripts: move ecc-heap.sh to tf-psa-crypto 
Since benchmark programs was moved to tf-psa-crypto, this script should
be moved as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-21 11:21:40 +01:00
Harry Ramsey
ec4af6c6e2 Update paths for moved programs in generate_visualc_files.pl 
This commit updates the paths for moved programs in
generate_visualc_files.pl.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-19 15:30:25 +00:00
Harry Ramsey
94c386a8ea Update config paths in scripts 
This commit updates the moved config paths in multiple script files.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-04 12:54:15 +00:00
Valerio Setti
3730e4a6b7 scripts: add new min_requirements.py script 
This call into the "old" script that has been moved to the framework
repository. The *.requirements.txt files are kept on this repo though.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-13 13:16:40 +01:00
Valerio Setti
f62b8baf27 Move files out of Mbed TLS 
The following files are moved to the framework repo (deleted here):

scripts/min_requirements.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-13 13:16:40 +01:00
Gilles Peskine
eef2a2e59b Merge pull request #9841 from gilles-peskine-arm/psa-storage-test-cases-never-supported-positive-dev 
Switch generate_psa_test.py to automatic dependencies for positive test cases
 2025-01-09 11:37:43 +00:00
Gilles Peskine
bc7c523420 Remove uses of secp244k1 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-01-08 16:51:23 +01:00
Valerio Setti
cb333f24f0 Move files out of Mbed TLS 
The following files are moved to the framework repo (deleted here):

scripts/assemble_changelog.py
tests/scripts/check-doxy-blocks.pl
tests/scripts/check-python-files.sh
tests/scripts/doxygen.sh
scripts/apidoc_full.sh
tests/scripts/recursion.pl

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-01-08 09:51:04 +01:00
David Horstmann
3dd86cd845 Merge pull request #9777 from hughsie/hughsie/sbom 
Add a SBOM file in CycloneDX format
 2025-01-06 11:51:34 +00:00