lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-21 17:00:59 +03:00
Code Activity
34,057 Commits 176 Branches 276 Tags
development
Commit Graph

12634 Commits

Author SHA1 Message Date
Valerio Setti
a7337251f7 tests: remove temporary fix for secp192 curves in test_psa_crypto_without_heap 
secp192 curves are no more supported in tf-psa-crypto and also all the
temporary fixes has been removed. This one can be removed as well.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-12-11 17:37:06 +01:00
Manuel Pégourié-Gonnard
1c479f88d0 Avoid references to ecdh.o 
We're going to remove ecdh.c soon, so use another way of testing whether
builtin ECDH is included in the build.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-12-05 09:23:39 +01:00
Valerio Setti
725e3f1daa tests: x509parse: replace certificates using secp192 with those using secp256 
This replacement is either:
- "server5-rsa-signed.crt": if a generic secp256r1 EC key is enough, i.e.
	any EC key is fine as it's not secp192 since this support is being
	removed from TF-PSA-Crypto.
- "server11-rsa-signed.crt": if an EC key which does not belong to "suite-b"
	is required. For this case "secp256r1" wouldn't be good, so we use
	a "secp256k1" key.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-12-03 13:03:07 +01:00
Valerio Setti
5ae6c62247 tests: x509parse: transition tests based on secp192 curves to secp256 
After some analysis search it was determined that previous test data seem
not to belong to the "framework/data_files" certificate files. Therefore
new test data has been generated from scratch.

The improvement compared to the previous situation is that comments has
been added on top of each test in order to explain how to recreate new test
data.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-27 14:38:22 +01:00
Valerio Setti
65ec4cc771 tests: scripts: make enabling of secp192 curves fault tolerant in test_psa_crypto_without_heap 
This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-20 13:20:40 +01:00
Valerio Setti
910bf4bbc6 tests: suite_x509parse: remove temporary fixes 
Removes the temporary fixes that were introduced in order to allow crypto#308
to be merged.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-11-03 10:27:24 +01:00
Minos Galanakis
2842c33e2c Merge tag 'v4.0.0' into mbedtls-4.0.0_mergeback 
Mbed TLS 4.0.0

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-15 16:58:25 +01:00
Minos Galanakis
0283fa0656 Merge remote-tracking branch 'restricted/development-restricted' into mbedtls-4.0.0.rc 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-10-11 21:41:49 +01:00
Ben Taylor
91b8310e54 Remove internal deprecated items 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-10-07 08:19:44 +01:00
Ben Taylor
1317d7f14d Remove spurious make command 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-30 10:36:48 +01:00
Ben Taylor
c8e4fd3f1a Initial removal of DES from mbedtls 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-30 10:36:48 +01:00
Manuel Pégourié-Gonnard
2706002c6f Merge pull request #10426 from mpg/hide-small-curves 
all.sh: prepare component for hiding small curves
 2025-09-29 14:02:53 +00:00
Manuel Pégourié-Gonnard
9114d4ae0c all.sh: prepare component for hiding small curves 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-09-29 11:49:40 +02:00
David Horstmann
ee1991a387 Merge pull request #10408 from ronald-cron-arm/historical-libmbedcryto 
Restore historical libmbedcrypto.* libraries
 2025-09-29 08:41:06 +00:00
David Horstmann
98dfcd4908 Add missing include of stdio.h 
This is required in util.h in PSASIM as it uses fprintf. Previously
stdio was inadvertantly included via psa/crypto_struct.h (of all
places).

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-09-26 16:30:36 +01:00
Gilles Peskine
3415d2dd5f Merge pull request #10306 from gilles-peskine-arm/config-error-on-removed-options-mbedtls 
Mechanism to error out on removed configuration options
 2025-09-25 16:35:51 +00:00
Gilles Peskine
3cee43e8ab Be more consistent about method naming 
Indicate which config file has the most relevant tweak.

Duplicate a few test cases so that both the crypto config and the mbedtls
config are tested.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
f7ed4e506f Add test case for allowing setting an always-on removed option 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
4bb82fdb16 Fix copypasta in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
379d38de1c Unit tests for checks for removed options in the config file 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
8e44a94d39 Automatically generate checkers for removed options 
Read the list of historical config options in 3.6, compare that to 1.0/4.0
and emit the appropriate checkers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Gilles Peskine
24273c06db Checks for crypto options or internal macros set in mbedtls 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-24 17:20:35 +02:00
Ronald Cron
e5bae0dde3 Adapt basic-build-test.sh to make deprecation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-24 12:38:02 +02:00
Gilles Peskine
caaf52d6d0 Merge pull request #10391 from bjwtaylor/remove-deprecated-compilation-options-2 
Remove deprecated compilation options 2
 2025-09-23 08:40:11 +00:00
Ronald Cron
90979728ee Merge pull request #10382 from ronald-cron-arm/deprecate-make 
Deprecate Make build system and remove MS visual studio files
 2025-09-23 08:14:28 +00:00
Ronald Cron
e7bac84a22 Remove the generation of MS visual studio files 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 18:00:26 +02:00
Ronald Cron
31f63210ec Deprecate Make 
Move and rename the root Makefile to
scripts/legacy.make. That way running
make from the root fails.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 18:00:26 +02:00
Ronald Cron
401f20fb35 Prepare test components to scripts/legacy.make 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 18:00:26 +02:00
Gilles Peskine
9da0dce845 Bypass config checks when setting a low-level option directly 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-09-22 15:55:10 +02:00
Ronald Cron
35d59c6cb6 cmake: Install libmbedcrypto.* libraries 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-22 15:08:39 +02:00
Ben Taylor
fec1c002d5 Revert changes to analyze outcomes after dependencies have been merged 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-22 09:07:12 +01:00
Ronald Cron
b91117c32f Merge pull request #10402 from ronald-cron-arm/remove-legacy-crypto-options 
Remove legacy crypto options
 2025-09-17 18:46:05 +00:00
Gilles Peskine
a1d6b2733b Merge remote-tracking branch 'development' into restricted-mbedtls-merge-public-20250916 
Conflicts:
* `tf-psa-crypto`: updated to the merge of `development` and
  `development-restricted`.
 2025-09-16 16:24:09 +02:00
Valerio Setti
e2aed3a6df tests: revert changes to test_suite_ssl.data 
Revert changes previously done at following test cases:
- Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_ANY_HASH
- Handshake, select ECDHE-ECDSA-WITH-AES-256-CCM, opaque, PSA_ALG_SHA_256

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Valerio Setti
91c0945def tests: fix alg and usage for some ECDHE-ECDSA opaque key tests 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-09-16 16:12:07 +02:00
Ronald Cron
4fe3760a27 Cleanup following the removal of MBEDTLS_BIGNUM_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
feb5e26619 Cleanup following the removal of MBEDTLS_ECP_DP_.*_ENABLED options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
6cfab2880a Cleanup following the removal of MBEDTLS_ECP_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
2ad1e5c1a2 Cleanup following the removal of MBEDTLS_ECJPAKE_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
3c6bbddfd4 Cleanup following the removal of MBEDTLS_ECDSA_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
a19ee2819e Cleanup following the removal of MBEDTLS_ECDH_C option 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
919a1e4e22 Cleanup following the removal of RSA legacy options 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
2b7f59535f Remove completely MBEDTLS_PLATFORM_GET_ENTROPY_ALT 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Ronald Cron
0dd31fe523 Introduce MBEDTLS_SSL_NULL_CIPHERSUITES 
The support for TLS ciphersuites without
encryption does not rely anymore on the
MBEDTLS_CIPHER_NULL_CIPHER feature of
the cipher module. Introduce a specific
config option to enable these ciphersuites
and use it instead of MBEDTLS_CIPHER_NULL_CIPHER.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-09-16 15:53:43 +02:00
Manuel Pégourié-Gonnard
07912c9e36 Merge pull request #10370 from bjwtaylor/remove-deprecated-compilation-options 
Remove deprecated compilation options
 2025-09-15 09:26:01 +00:00
Manuel Pégourié-Gonnard
1a81ab6390 Merge pull request #10379 from bjwtaylor/update-header-guards 
Update header guard use in p256m test
 2025-09-12 10:03:02 +00:00
Ben Taylor
14e1932935 Remove stray comment int components-platform.sh 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
5a7a72ee41 testing with analyze_outcomes changes reverted for merge 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
bb877a8cbf remove further references to MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT and MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-12 10:52:23 +01:00
Ben Taylor
485d4c1343 reverting last commit as the tests cause failures 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-09-11 13:22:40 +01:00