Valerio Setti
35d90d15c7
framework: update reference
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-12-03 13:03:08 +01:00
Valerio Setti
725e3f1daa
tests: x509parse: replace certificates using secp192 with those using secp256
...
This replacement is either:
- "server5-rsa-signed.crt": if a generic secp256r1 EC key is enough, i.e.
any EC key is fine as it's not secp192 since this support is being
removed from TF-PSA-Crypto.
- "server11-rsa-signed.crt": if an EC key which does not belong to "suite-b"
is required. For this case "secp256r1" wouldn't be good, so we use
a "secp256k1" key.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-12-03 13:03:07 +01:00
Valerio Setti
5ae6c62247
tests: x509parse: transition tests based on secp192 curves to secp256
...
After some analysis search it was determined that previous test data seem
not to belong to the "framework/data_files" certificate files. Therefore
new test data has been generated from scratch.
The improvement compared to the previous situation is that comments has
been added on top of each test in order to explain how to recreate new test
data.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-27 14:38:22 +01:00
David Horstmann
caaa93884c
Merge pull request #10519 from valeriosetti/issue568-mbedtls
...
[mbedtls] Remove support for secp192[k|r]1 curves
2025-11-24 11:17:18 +00:00
Valerio Setti
65ec4cc771
tests: scripts: make enabling of secp192 curves fault tolerant in test_psa_crypto_without_heap
...
This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-20 13:20:40 +01:00
Valerio Setti
caf73f885a
library: check_config: remove references to secp192 curves
...
Support for these curves is being removed from tf-psa-crypto, so we need
to remove all the references also in this repo.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-20 13:01:18 +01:00
Valerio Setti
3057ea0288
Merge pull request #10509 from gilles-peskine-arm/config_checks_generator-fix-windows-path-mbedtls
...
Changelog entry for fix #10502
2025-11-20 11:49:36 +00:00
Gilles Peskine
6116d8feea
Update framework with fix of Mbed-TLS/mbedtls#10502
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2025-11-20 10:28:52 +01:00
Gilles Peskine
28f745515e
Changelog entry for fix #10502
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2025-11-20 10:28:30 +01:00
Manuel Pégourié-Gonnard
3a0868b8ff
Merge pull request #10496 from JuhaPekkaa/juke/change-loglevel
...
Update log level for mbedtls_ssl_check_record and PSA-based ECDH computation
2025-11-12 09:33:39 +00:00
Manuel Pégourié-Gonnard
148bc1120a
Merge pull request #10498 from valeriosetti/issue435-part2-mbedtls
...
[mbedtls] tests: migrate tests using secp192[k|r]1 toward secp256[r|k]1 --> EC [2/3]
2025-11-12 08:38:54 +00:00
Valerio Setti
1f2f6fc9cb
framework: update reference
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-06 23:48:36 +01:00
Manuel Pégourié-Gonnard
a6e59a955b
Merge pull request #10450 from bjwtaylor/move-lcov
...
Remove lcov.sh as this will be moved to the framework
2025-11-06 11:11:59 +00:00
Juha-Pekka Kesonen
5f4cbcd336
ssl_tls12: change log level for ECDH computation
...
Signed-off-by: Juha-Pekka <juha-pekka.kesonen@nordicsemi.no >
2025-11-05 14:10:52 +02:00
Juha-Pekka Kesonen
666fa2da3d
ssl_msg.c: change log level for record checking
...
Signed-off-by: Juha-Pekka <juha-pekka.kesonen@nordicsemi.no >
2025-11-05 14:08:46 +02:00
Ronald Cron
5dae44848d
Merge pull request #10462 from minosgalanakis/bugfix/update_prepare_release
...
Update `prepare_release.sh`
2025-11-04 16:10:38 +00:00
Valerio Setti
00d579e953
Merge pull request #10439 from bjwtaylor/remove-all-non-ext-apis
...
Remove all non ext apis
2025-11-04 09:53:34 +00:00
Gilles Peskine
18f2661c65
Merge pull request #10491 from valeriosetti/issue10229
...
Remove temporary fixes introduced in #10213
2025-11-04 08:59:16 +00:00
Valerio Setti
910bf4bbc6
tests: suite_x509parse: remove temporary fixes
...
Removes the temporary fixes that were introduced in order to allow crypto#308
to be merged.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-03 10:27:24 +01:00
Valerio Setti
a35e332bbb
library: debug: remove temporary fixes for RSA key handling
...
Since crypto#308 has been merged:
- replace MBEDTLS_PK_USE_PSA_RSA_DATA with PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
- remove "no-check-names"
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2025-11-03 10:25:15 +01:00
Ben Taylor
4b8d9d41ee
Update tf-psa-crypto submodule to include new framework
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 14:41:31 +00:00
Ben Taylor
76899ea606
Update framework module
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 14:18:05 +00:00
Ben Taylor
82a48d42ff
Update lcov.sh patch to use CMake variable
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 14:18:05 +00:00
Ben Taylor
9b4f222f4f
Update lcov.sh paths in make files
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 14:18:05 +00:00
Ben Taylor
284481f7ca
Remove lcov.sh as this will be moved to the framework
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 14:18:05 +00:00
Valerio Setti
ee72a20288
Merge pull request #10481 from gilles-peskine-arm/cmake-package-version-mbedtls
...
Fix duplication of product version in CMakeLists.txt
2025-10-31 13:02:09 +00:00
Valerio Setti
525dd917dc
Merge pull request #10477 from Cube707/fix/iar-compiler-warning
...
add cast to fix IAR compiler errors
2025-10-31 12:33:26 +00:00
Ben Taylor
42074c193f
Rename mbedtls_ssl_get_pk_type_and_md_alg_from_sig_alg to mbedtls_ssl_get_pk_sigalg_and_md_alg_from_sig_alg
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 08:40:36 +00:00
Ben Taylor
b76c38334a
Update name of mbedtls_ssl_pk_alg_from_sig_pk_alg to mbedtls_ssl_pk_sig_alg_from_sig
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-31 08:40:25 +00:00
Ben Taylor
f21e63c6d0
Update pk_alg to use mbedtls_pk_sigalg_t and remove casts in library/x509write_csr.c
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-30 15:29:02 +00:00
Ben Taylor
00b04a6590
Update mbedtls_pk_sign_ext in x509write_crt.c to use mbedtls_pk_sigalg_t directly and remove casts
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-30 15:11:09 +00:00
Ben Taylor
5f037c7fb3
Rename mbedtls_ssl_pk_alg_from_sig to mbedtls_ssl_pk_alg_from_sig_pk_alg and update to use mbedtls_pk_sigalg_t
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-30 14:59:24 +00:00
Ben Taylor
0035cfb1f0
Removed unnecessary cast in mbedtls_pk_sign_ext
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-30 13:42:56 +00:00
Ben Taylor
4565d5d4e6
Change the call to mbedtls_pk_verify_ext in pkcs7 to have a variable input cert->sig_pk
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-30 13:37:09 +00:00
Minos Galanakis
a2cba40df6
prepare_release.sh: modify submodule files recursively
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2025-10-30 10:00:22 +00:00
Minos Galanakis
bdb1dcbdb6
prepare_release.sh: simplified regex
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2025-10-30 10:00:22 +00:00
Minos Galanakis
958d9d97a4
prepare_release.sh: Added documentation
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2025-10-30 09:58:17 +00:00
minosgalanakis
32b597bd31
Merge pull request #10469 from Begasus/includedir
...
Use GNUInstallDirs CMAKE_INSTALL_INCLUDEDDIR path for headers installation
2025-10-29 15:21:32 +00:00
Jan Wille
64e7d4b64b
format: apply suggestions (add spaces)
...
Signed-off-by: Jan Wille <jan.wille@siemens.com >
2025-10-29 15:49:10 +01:00
Gilles Peskine
574aae2146
Fix duplication of product version in CMakeLists.txt
...
The CMake package version definition had its own line with a copy of the
version number since 2.27.0. Until recently, `bump_version.sh` updated both
copies, and that was still the case when we bumped the version to 4.0.0
(7ba04a298c879cba1a67https://github.com/Mbed-TLS/TF-PSA-Crypto/issues/553
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2025-10-29 12:31:57 +01:00
Jan Spannberger
a5384bdf09
add cast to fix IAR compiler errors
...
IAR throws a warning "mixed ENUM with other type"
Signed-off-by: Jan Spannberger <jan.spannberger@siemens.com >
2025-10-28 15:13:08 +01:00
Ben Taylor
bc076f9f76
fix style isses
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
a2de40a100
Change the return type of mbedtls_ssl_get_ciphersuite_sig_pk_alg to mbedtls_pk_sigalg_t
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
4b4ca812e5
Corrected debug return
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
10d471a14d
Correct debug return
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
b190c1bb0b
Replace change to restartable with ext
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
1b32994bef
Fix style issues
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
2c056721d1
Tidy up debug of non ext functions
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
cef9d2d31f
Revert change to mbedtls_pk_{sign,verify}_restartable and replace with ext version
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
Ben Taylor
5e23093285
Fix code style issues
...
Signed-off-by: Ben Taylor <ben.taylor@linaro.org >
2025-10-28 07:58:37 +00:00
