mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00

Author	SHA1	Message	Date
Gabor Mezei	fe14d85b7c	Remove unused symbol Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-01-27 15:03:14 +01:00
Gabor Mezei	069e3e6fe7	Remove reference for `PSA_WANT_ALG_SECP_K1_224` The `PSA_WANT_ALG_SECP_K1_224` symbol has been removed. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-01-27 15:03:14 +01:00
Gabor Mezei	0a2f257492	Use symbol matching for the curves domain Instead of using the `crypto_knowledge.py`, use basic symbol matching for the `PSA_WANT_ECC_*` macros to search for in the `curves` domain of `depend.py`. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-01-27 15:03:13 +01:00
Gabor Mezei	1c49cff468	Use PSA macros for the `curves` domain Exclude the SECP224K1 curve due it is unstable via the PSA API. Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>	2025-01-27 15:03:13 +01:00
Valerio Setti	0ebd6de77b	ssl-opt.sh: remove tests forcing DHE-RSA for which have alternatives Remove tests which are forcing DHE-RSA, but for which an ECDHE-RSA alternative already exists. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:46:26 +01:00
Valerio Setti	3b412e283f	ssl-opt.sh: remove tests which are specific for DHE-RSA For these ones there is no ECDHE alternative as they are testing specific features of DHE. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:46:26 +01:00
Valerio Setti	309a7ec70e	ssl-opt.sh: adapt tests from DHE-RSA to ECDHE-RSA Adapted tests do not already have an ECDHE-RSA test available. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:46:26 +01:00
Valerio Setti	592f6826dd	test_suite_ssl: update description for conf_curve and conf_gruop tests These tests are about EC curves/groups, not DH ones, so the description should be updated accordingly. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:46:25 +01:00
Valerio Setti	8638603ba7	test_suite_ssl: remove tests specific for DHE-RSA These tests were specific for DHE-RSA (which is being removed on development branch) and also for each of them there was already the ECDHE-RSA counterpart available. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:38:39 +01:00
Valerio Setti	b8ef2a4455	test_suite_ssl: adapt handshake_fragmentation() to use ECDHE-RSA Use ECDHE-RSA instead of DHE-RSA. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:38:39 +01:00
Valerio Setti	5b7bfd8d5a	test_suite_ssl: adapt DHE-RSA tests to ECDHE-RSA Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 12:38:39 +01:00
Ronald Cron	189dcf630f	Merge pull request #9910 from valeriosetti/issue9684 Remove DHE-PSK key exchange	2025-01-27 11:15:10 +00:00
Manuel Pégourié-Gonnard	7e1154c959	Merge pull request #9906 from mpg/rm-conf-curves [dev] Remove deprecated function mbedtls_ssl_conf_curves()	2025-01-27 08:21:27 +00:00
Valerio Setti	094fd49f5b	tf-psa-crypto: update reference Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-27 05:24:06 +01:00
Deomid rojer Ryabkov	aaa152ed91	Allow fragments less HS msg header size (4 bytes) Except the first Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>	2025-01-26 11:12:25 +02:00
Deomid rojer Ryabkov	3dfe75e115	Remove mbedtls_ssl_reset_in_out_pointers Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>	2025-01-26 11:12:21 +02:00
Valerio Setti	944f3ab1d6	changelog: add note about DHE-PSK removal Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	27bc56303a	docs: remove references of DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	6ba324de02	mbedtls_config: remove MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED This commit also removes its disabling from config_adjust_ssl.h Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	a07345247e	check_config: remove checks for DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	6e892cb630	components-configuration-crypto.sh: remove references to DHE_PSK kex Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	70cc4e6bd1	analyze_outcomes.py: remove exceptions related to DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	6348b46c0b	ssl_ciphersuites: remove references/usages of DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	48659a1f9c	ssl_tls: remove usage of DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	64d264d2e6	compat.sh: remove usage of DHE-PSK Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	9a9c9a53c1	compat.sh: do not use DHE-PSK key exchange in gnutls tests DHE-PSK is being removed from Mbed TLS so we cannot use this key exchange with gnutls testing. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Valerio Setti	5c730c1d54	ssl-opt.sh: remove DHE-PSK only test cases Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-24 11:49:59 +01:00
Janos Follath	1532ea42ac	Merge pull request #9918 from davidhorstmann-arm/clarify-x509-security-md Add X.509 formatting validation to SECURITY.md	2025-01-23 16:09:50 +00:00
David Horstmann	0704fbf1eb	Fix missing-word typo Signed-off-by: David Horstmann <david.horstmann@arm.com>	2025-01-23 10:28:06 +00:00
Manuel Pégourié-Gonnard	490e30599b	Stop recommended deprecated function in migration guide Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-23 09:33:59 +01:00
David Horstmann	faa1a0fe50	Add paragraph on undefined behaviour Add a note that we do aim to protect against undefined behaviour and undefined behaviour in certificate parsing is in scope. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2025-01-22 14:48:58 +00:00
David Horstmann	2fe0da7947	Add X.509 formatting validation to SECURITY.md Clarify that strict formatting of X.509 certificates is not checked by Mbed TLS and that it therefore should not be used to construct a CA. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2025-01-22 14:27:22 +00:00
Manuel Pégourié-Gonnard	c4e768a8a6	Fix incorrect test function We should not manually set the TLS version, the tests are supposed to pass in 1.3-only builds as well. Instead do the normal thing of setting defaults. This doesn't interfere with the rest of the testing, so I'm not sure why we were not doing it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-22 10:04:43 +01:00
David Horstmann	5a77c230b1	Merge pull request #9909 from gilles-peskine-arm/psa-storage-test-cases-never-supported-negative-dev Switch generate_psa_test.py to automatic dependencies for negative test cases	2025-01-21 18:34:25 +00:00
Gilles Peskine	7dc570905e	Update submodule Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-20 19:43:41 +01:00
Gilles Peskine	13c418dcee	Add ignore list entries for ECDH/FFDH algorithm without key type Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-20 16:00:46 +01:00
Gilles Peskine	fe683e7a1b	Remove test coverage exceptions that are no longer needed Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-20 16:00:46 +01:00
Gilles Peskine	08c4362ad1	Update submodules Catch up with https://github.com/Mbed-TLS/mbedtls-framework/pull/104 = "Switch generate_psa_test.py to automatic dependencies for negative test cases" Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2025-01-20 16:00:44 +01:00
Ronald Cron	6daf4ef507	Merge pull request #9914 from Harry-Ramsey/remove-tf-psa-crypto-test Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS	2025-01-20 10:38:53 +00:00
Ronald Cron	bff7733714	Merge pull request #9913 from valeriosetti/issue9892 Remove deprecated function mbedtls_x509write_crt_set_serial()	2025-01-20 10:11:57 +00:00
Harry Ramsey	cec956263d	Update framework pointer This commit updates the framework pointer to include modified collect_test_cases.py which can run independently for TF-PSA-Crypto. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2025-01-20 08:41:40 +00:00
Harry Ramsey	28eed1abff	Update TF-PSA-Crypto pointer This commit updates TF-PSA-Crypto pointer to include the moved test in Mbed TLS via TF-PSA-Crypto. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2025-01-20 08:41:31 +00:00
Deomid rojer Ryabkov	cad11ada7f	Review comments Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>	2025-01-18 15:59:29 +02:00
Harry Ramsey	e65bfe6449	Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS This commit removes the check_test_dependencies from Mbed TLS as it has been added to TF-PSA-Crypto. Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>	2025-01-17 09:20:23 +00:00
Valerio Setti	19846f5561	changelog: add note for mbedtls_x509write_crt_set_serial() deprecation Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-16 15:06:19 +01:00
Valerio Setti	6487da15e9	tests: remove usage of mbedtls_x509write_crt_set_serial Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-16 15:02:15 +01:00
Valerio Setti	6b64a1ba37	x509: remove definition and implementation of x509write_crt_set_serial Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2025-01-16 15:00:10 +01:00
Deomid Ryabkov	5f7c2c2182	Update ChangeLog.d/tls-hs-defrag-in.txt Co-authored-by: minosgalanakis <30719586+minosgalanakis@users.noreply.github.com> Signed-off-by: Deomid Ryabkov <rojer@rojer.me>	2025-01-15 19:26:47 +00:00
Manuel Pégourié-Gonnard	4787b4012c	Add ChangeLog entry Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:28:01 +01:00
Manuel Pégourié-Gonnard	4c3134a396	Remove useless dependency from test function This dependency was never right in the first place. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2025-01-14 12:25:52 +01:00

... 6 7 8 9 10 ...

33040 Commits