lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-20 03:32:32 +03:00
Code Activity
33,443 Commits 176 Branches 276 Tags
4561164e7c2fd19bf12bbc44ca3ee93b8775ed2c
Commit Graph

33443 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bence Szépkúti
4561164e7c Freeze cryptography version on the CI at 35.0.0 
The version was unspecified because of our use of Python 3.5 on the CI,
whichi has since been eliminated.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-07-16 13:29:55 +02:00
minosgalanakis
8f548c9dba Merge pull request #10256 from ariwo17/psa-dlopen-demo 
Modify dlopen.c and tfpsacrypto_dlopen.c so that they use PSA API-only dynamic loading
 2025-07-15 22:06:49 +00:00
Ari Weiler-Ofek
30a53fe5a4 Update TF-PSA-Crypto submodule to PSA-only dynamic loading 
Signed-off-by: Ari Weiler-Ofek <ari.weiler-ofek@arm.com>
 2025-07-15 15:08:07 +01:00
Ari Weiler-Ofek
c3d54b619e Fix comment in dlopen.c to remove reference to deprecated API 
Signed-off-by: Ari Weiler-Ofek <ari.weiler-ofek@arm.com>
 2025-07-15 15:08:07 +01:00
Ari Weiler-Ofek
abcfd4c160 Modified dlopen.c and tfpsacrypto_dlopen.c so that they use PSA API-only dynamic loading 
- Replaced soon-deprecated mbedtls_md_list() in dlopen.c with psa_hash_compute()
- Added tfpsacrypto_dlopen.c as a PSA-only shared-library loading test
- Enabled -fPIC for tf-psa-crypto builtins to support shared linking
- Confirmed clean builds and successful dlopen() test execution.

Signed-off-by: Ari Weiler-Ofek <ari.weiler-ofek@arm.com>
 2025-07-15 15:08:07 +01:00
David Horstmann
ba2376c580 Merge pull request #10275 from ariwo17/remove-des-core-before-crypto 
Remove DES from Mbed TLS core (except references blocked by TF PSA Crypto)
 2025-07-09 09:52:31 +00:00
Manuel Pégourié-Gonnard
7aa58bc9a4 Merge pull request #10281 from amtkarm1/task-private-headers-gen-errors-pl 
Make generate_errors.pl scan through private directories too
 2025-07-09 09:30:24 +00:00
Ronald Cron
a3e1e95617 Merge pull request #10286 from davidhorstmann-arm/update-4.x-lts-timeline 
Update note about the first 4.x LTS
 2025-07-09 08:10:13 +00:00
Ari Weiler-Ofek
5d8d299f43 Disable PSA_WANT_KEY_TYPE_DES to stop DES from being re-enabled 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-09 00:18:18 +01:00
David Horstmann
b5e283679f Update note about the first 4.x LTS 
The release date is yet to be determined, to allow time for 4.x to
stabilise.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-07-08 15:09:08 +01:00
Anton Matkin
0c10d9b700 Improved the error generating script, so that it is a little more explicit 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-07-08 14:02:15 +02:00
Minos Galanakis
04c4d9cabd Updated tf-psa-crypto pointer to tf-psa-crypto1.0.0-beta_mergeback 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-07-07 18:42:50 +03:00
Minos Galanakis
4716308835 Bring forward ChangeLog changes. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-07-07 17:41:18 +03:00
Minos Galanakis
83bef5b66a Merge tag 'mbedtls-4.0.0-beta' into mbedtls-4.0.0-beta-mergeback 
Mbed TLS 4.0.0-beta
 2025-07-07 17:40:18 +03:00
Anton Matkin
f94bc63fdb Updated generate_errors.pl to include private directories too: the header is deemed to be private if it is in a private subdirectory 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-07-07 14:15:34 +02:00
Ari Weiler-Ofek
86422e5509 Remove: DES selftest, component_test_psa_crypto_config_accel_des and dead DES mentions prior to TF-PSA-Crypto cleanup 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-07 11:29:50 +01:00
David Horstmann
a9ff1c4089 Merge pull request #10262 from ariwo17/remove-des-from-error-generation 
Remove DES from error generation
 2025-07-04 17:50:23 +00:00
Ari Weiler-Ofek
2795197ba0 Remove DES handling from error generator 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-04 11:59:42 +01:00
Ari Weiler-Ofek
5341e3c3b3 Update tf-psa-crypto submodule to include DES error macro changes 
Signed-off-by: Ari Weiler-Ofek <ariwei01@e134794.arm.com>
 2025-07-04 11:59:42 +01:00
Manuel Pégourié-Gonnard
64e80ddf89 Merge pull request #10255 from gilles-peskine-arm/migration-guide-20250624-mbedtls 
Migration guide for API changes in 2025Q2 in mbedtls
 2025-06-30 18:33:36 +00:00
Gilles Peskine
159a652096 Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
0b44f56d8d Typos 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
5acb3a5969 Copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
ac18d0c0db Fix spelling of mbedtls_low_level_strerr 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
9b69972589 Remove crypto error codes, refer to the crypto guide instead 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
bf92bae959 Copy error-codes.md from tf-psa-crypto 
Much of it also applies to Mbed TLS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
d3a6cbb6bb Subsection for the removal of explicit RNG contexts 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
9000633f0e Move some crypto changelog files to TF-PSA-Crypto 
These files had gone on the wrong side during the repo split.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
2649aa283b TLS key exchange removals 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
2ee5c55c79 Fix spelling of psa_generate_random() 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
fbab8c1df1 General notes about the transition to PSA 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
72968cca33 Generalize the section on function prototype changes 
Not everything will be about PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
f6c03d1b7f typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
826225fe31 Migration guide entries for removed deprecated functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
a0e06dd6d3 Don't mention changes to fields that were already private 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
15037deab3 Consolidate changes to mbedtls_ssl_ticket_setup() 
Describe the change to the cipher mechanism specification. Consolidate that
with the removal of the RNG arguments.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
663b6df522 Generalize section to other function prototype changes 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
6f035a854b Explain why the programs have been removed 
Also fix the indentation of `*`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
617ee75e98 Copyediting and wording improvements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
cd5abfe7b4 Move the X.509 and SSL content from the crypto migration guide 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
2607918066 Move PSA transition document to TF-PSA-Crypto 
It went with Mbed TLS in the repository split, but belongs in TF-PSA-Crypto.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
1c2d9a3d74 Migration guide for OID 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
8ba67aef0d Rendered documentation: info about private elements in public headers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:23 +02:00
Gilles Peskine
0204470f38 Slight improvement to the Doxygen entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-30 13:17:16 +02:00
Manuel Pégourié-Gonnard
921331867d Merge pull request #10197 from gilles-peskine-arm/ssl_helpers-split_perform_handshake-dev 
Break down mbedtls_test_ssl_perform_handshake
 2025-06-30 09:39:29 +00:00
Minos Galanakis
71157fd574 Update BRANCHES.md 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
v4.0.0-beta mbedtls-4.0.0-beta 		2025-06-27 13:01:26 +01:00
Minos Galanakis
8bccf16218 Assemble ChangeLog 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-27 13:01:26 +01:00
Minos Galanakis
09dc57d323 Version Bump 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-27 12:17:28 +01:00
Minos Galanakis
42bfc164a2 Updated tf-psa-crypto pointer (tf-psa-crypto-1.0.0-beta) 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-06-27 12:17:28 +01:00
Gilles Peskine
0038408f55 Properly initialize SSL endpoint objects 
In some cases, we were calling `mbedtls_test_ssl_endpoint_free()` on an
uninitialized `mbedtls_test_ssl_endpoint` object if the test case failed
early, e.g. due to `psa_crypto_init()` failing. This was largely harmless,
but could have caused weird test results in case of failure, and was flagged
by Coverity.

Use a more systematic style for initializing the stack object as soon as
it's declared.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2025-06-27 11:12:55 +01:00