ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-10-21 23:11:17 +08:00
Code Issues Releases Wiki Activity
33,927 Commits 176 Branches 276 Tags
release/mbedtls4.0.0-documentation
Commit Graph

33927 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Horstmann
22e810fedc Merge pull request #10353 from minosgalanakis/feature/introduce_crypto_rng_hash_cleanup 
Cleanup: Introduce MBEDTLS_PSA_CRYPTO_RNG_HASH (4/4)
 2025-08-26 10:27:17 +00:00
Manuel Pégourié-Gonnard
2bd0cfd272 Merge pull request #10331 from amtkarm1/task-remove-programs-pkey 
Removed the programs/pkey directory
 2025-08-26 09:27:00 +00:00
Ronald Cron
a0b1c8c7fb build: Remove CTR_DRBG 128 bits key warnings 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-26 09:33:33 +02:00
Ronald Cron
aad5f1bedd tests: Prepare to switch to SHA-256 as the default CTR_DRBG hash 
Ensure that when we switch from SHA-512 to SHA-256
as the default CTR_DRBG hash, we still properly
test CTR_DRBG with SHA-512.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:35:42 +02:00
Ronald Cron
8fc000ec2c ssl-opt.sh: Fix MBEDTLS_ENTROPY_C dependency adjustment 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:19:59 +02:00
Minos Galanakis
1eda7487ae Updated tf-psa-crypto pointer 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2025-08-25 15:17:31 +02:00
Minos Galanakis
a1e867981b ssl-opt.sh: Adjust dependency to MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00
Minos Galanakis
906950d8dc config/depends.py: Removed legacy options. 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:57:00 +01:00
Minos Galanakis
5dbc24a255 components-configuration-crypto: Removed legacy options. 
Removed setters for `MBEDTLS_CTR_DRBG_USE_128_BIT_KEY`
and `MBEDTLS_ENTROPY_FORCE_SHA256`

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-21 15:56:59 +01:00
David Horstmann
f476d1576b Merge pull request #10362 from bjwtaylor/mbedtls_x509write_crt_set_serial_raw 
Add const to serial argument in mbedtls_x509write_crt_set_serial_raw
 2025-08-21 10:54:07 +00:00
Ronald Cron
0387ca6755 Merge pull request #10320 from minosgalanakis/feature/introduce_crypto_rng_hash 
crypto_config: Introduce MBEDTLS_PSA_CRYPTO_RNG_HASH (2/4)
 2025-08-21 07:49:52 +00:00
Ben Taylor
32e100a573 Renamed and corrected ChangeLog 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-21 08:00:07 +01:00
Felix Conway
1cf9a1590b Remove programs from gitignore and documentation 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-20 11:02:18 +01:00
Felix Conway
3962284de6 Update & fix changelog 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-20 11:00:01 +01:00
Anton Matkin
5b49f31956 Adjusted the Makefile in the programs directory - removed the pkey programs 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-20 10:51:38 +01:00
Anton Matkin
87ae4e6a14 Added a changelog entry for the removal 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-20 10:51:38 +01:00
Felix Conway
ed7058730a Removed the directory with the programs, and its inclusion in the parent directory CMakeLists.txt file 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-20 10:51:23 +01:00
David Horstmann
3492807e0b Remove component uses of MBEDTLS_ECDSA_DETERMINISTIC 
Remove all references to MBEDTLS_ECDSA_DETERMINISTIC from
components-configuration-crypto.sh. Replace them with
PSA_WANT_ALG_DETERMINISTIC_ECDSA.

This is safe because:
* MBEDTLS_ECDSA_DETERMINISTIC is only ever unset in components in order
  to avoid errors from disabling its dependency MBEDTLS_HMAC_DRBG_C.
* MBEDTLS_ECDSA_DETERMINISTIC is only ever defined in
  config_adjust_legacy_from_psa.h, and only if
  PSA_WANT_ALG_DETERMINISTIC_ECDSA is defined.

Therefore PSA_WANT_ALG_DETERMINISTIC_ECDSA's dependencies are a superset
of MBEDTLS_ECDSA_DETERMINISTIC's dependencies and must include
MBEDTLS_HMAC_DRBG_C, so disabling PSA_WANT_ALG_DETERMINISTIC_ECDSA is a
sufficient substitute for disabling MBEDTLS_ECDSA_DETERMINISTIC.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-20 10:26:11 +01:00
David Horstmann
7ec90c254f Merge pull request #10365 from davidhorstmann-arm/clarify-file-generation-cc 
Clarify use of `CC` and friends for file generation
 2025-08-20 09:07:38 +00:00
Minos Galanakis
f3486e198b components-configuration-crypto.sh: Added setters for MBEDTLS_PSA_CRYPTO_RNG_HASH 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2025-08-20 00:04:35 +01:00
David Horstmann
24e3388cf3 Clarify use of CC and friends for file generation 
Add more detail around how generation of configuration-independent files
chooses a C compiler. Mention that setting HOSTCC or CC is recommended
where there are multiple toolchains.

Mention that the fallback location is the cc executable, which may help
users troubleshooting when the file generation picks up the wrong
toolchain (as in Mbed-TLS/mbedtls#10360).

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-08-19 16:56:25 +01:00
Felix Conway
1a1ff64f42 Remove tf-psa-crypto/include/mbedtls/private from Doxygen 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-19 11:11:58 +01:00
Felix Conway
e984d35590 Fix ssl tests expecting old X509 error output 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-19 10:23:46 +01:00
Ben Taylor
f8b4aa135b Add ChangeLog 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-19 07:52:48 +01:00
Felix Conway
f5b48c3d9c Add Changelog and documentation 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-18 14:52:41 +01:00
Felix Conway
37ede2c3b4 Unify generic errors to PSA errors 
Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-18 14:46:39 +01:00
Ben Taylor
3f523748e0 Add const to serial argument in mbedtls_x509write_crt_set_serial_raw 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-18 13:47:50 +01:00
Bence Szépkúti
0e5fe877cc Update PSASim tests to new call signature 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 14:38:01 +02:00
Bence Szépkúti
783d8adb15 Update CMake linkage tests to new call signature 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 14:31:34 +02:00
Felix Conway
8616ee762d Change values for error tests 
Previously these tests used values that will become PSA aliases,
and so the tests will fail once they're changed.

Signed-off-by: Felix Conway <felix.conway@arm.com>
 2025-08-18 11:32:58 +01:00
Bence Szépkúti
b2ba9fa68b Simplify runtime version info string methods 
Return a const char* instead of taking a char* as an argument.

This aligns us with the interface used in TF PSA Crypto.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2025-08-18 11:39:45 +02:00
minosgalanakis
265e98da45 Merge pull request #10355 from valeriosetti/issue10283-fix-test-coverage 
tests: configuration-crypto: enable p192 curves in test_psa_crypto_without_heap
 2025-08-15 11:22:06 +00:00
Bence Szépkúti
e96491c193 Merge pull request #10049 from amtkarm1/iss9321 
Move the PAKE hash algorithm parameter into the alg id
 2025-08-13 10:14:05 +00:00
Valerio Setti
a785eea41f tests: configuration-crypto: enable p192 curves in test_psa_crypto_without_heap 
Enable p192[k|r]1 curves which are disabled by default in tf-psa-crypto.
This is required to get the proper test coverage otherwise there are
tests in 'test_suite_psa_crypto_op_fail' that would never be executed.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-13 10:57:46 +02:00
Manuel Pégourié-Gonnard
eca92dcdeb Update tf-psa-crypto to current development 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-08-13 09:50:12 +02:00
Anton Matkin
6eb5335ef0 Fixed issues with policy verification, since wildcard JPAKE policy is now disallowed, changed to concrete jpake algorithm (with SHA256 hash) 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
143d5d8a3a Deleted the changelog entry as requested 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
e8be4ee08c Fixed the changelog entry wording 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
e2c5ca332f Fixed the changelog entry, missing trailing newline 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
e8073180ac Create a changelog entry 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:48 +02:00
Anton Matkin
1b70084bd9 TF-PSA-Crypto submodule link fixup 
Signed-off-by: Anton Matkin <anton.matkin@arm.com>
 2025-08-12 13:50:45 +02:00
Manuel Pégourié-Gonnard
c7a10589cf Merge pull request #10352 from valeriosetti/issue10283-development-prereq 
[development] Remove 224-bit curves (3/5)
 2025-08-12 11:39:20 +00:00
Valerio Setti
981a0c46b2 tests: remove leftover from debug session and extra spaces 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-12 11:31:11 +02:00
Valerio Setti
37a4281710 tests: configuration_crypto: fix selection of EC/DH group to accelerate 
Some EC/DH group might be disabled in default configuration in
"crypto_config.h" so before running "helper_get_psa_key_type_list" and/or
"helper_get_psa_curve_list" it's better to set/unset what's required
for that test component and only then parse the enabled groups.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-12 09:36:45 +02:00
Manuel Pégourié-Gonnard
5b74c79f00 Merge pull request #10298 from bjwtaylor/remove-deprecated-items 
Remove deprecated items
 2025-08-11 07:13:08 +00:00
Ben Taylor
5a27010fab Remove group_list_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-08 08:33:03 +01:00
Gilles Peskine
627d653863 Merge pull request #10282 from bjwtaylor/switch-to-mbedtls_pk_sigalg_t 
Switch to mbedtls pk sigalg t
 2025-08-07 11:06:31 +00:00
Manuel Pégourié-Gonnard
2656eb9121 Merge pull request #10344 from valeriosetti/issue10283-development 
[development] Remove 224-bit curves & Remove 192-bit curves from TLS & X.509 (2/3)
 2025-08-07 10:40:49 +00:00
Ben Taylor
ed0db45b63 Completely remove sig_algs_heap_allocated 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
 2025-08-07 09:40:42 +01:00
Valerio Setti
602fa5dd99 changelog: add note about EC curves support removal in TLS 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-08-07 10:30:30 +02:00