Mateusz Starzyk
86ead6aba3
Add changelog entries for SHA1 and SHA384 ciphersuites bugfixes.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:56:06 +02:00
Mateusz Starzyk
9d2d6c9ea0
Clarfiy SHA224 and SHA256 documentation
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:48:52 +02:00
Mateusz Starzyk
c722ebb7d9
Update SHA-224 documentation.
...
Rephrase config.h documentation and add a note to template
configs.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:02 +02:00
Mateusz Starzyk
6848537eab
Remove obsolete config requirements for SHA384 in ssl-opt.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
a309e0ec07
Remove redundant SHA384 if defined
block.
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
3ea8e2d5ad
Restore alphabetical order of SHA definitions
...
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-19 11:38:01 +02:00
Mateusz Starzyk
4228f895c0
Merge branch 'development' into convert_NO_SHA384_to_positive
...
Conflicts:
* configs/config-psa-crypto.h: modified here, removed in development
* tests/suites/test_suite_x509parse.data: all conflicts are in depends_on
lines where development made a change unrelated to MBEDTLS_SHAxxx and our
branch either changed `MBEDTLS_SHA256_C` to `MBEDTLS_SHA224_C` or
`MBEDTLS_SHA512_C:!MBEDTLS_SHA512_NO_SHA384` to ``MBEDTLS_SHA384_C`, with
no change to what the test does. Pick the other branch's dependency
changes then apply our SHA dpeendency change.
2021-05-19 11:37:49 +02:00
Mateusz Starzyk
6326a8dd37
Fix SHA definitions and their dependencies in library and test suites.
...
Rework SHA224 and SHA283 documentation.
Define MBEDTLS_SHAxxx_C options in alphabetic order.
Fix SHA224 and SHA384 dependencies in test suites.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-05-10 13:51:53 +02:00
Manuel Pégourié-Gonnard
b6800788ca
Merge pull request #4455 from gilles-peskine-arm/remove-config-psa-crypto-3.0
...
Remove config-psa-crypto.h
2021-05-10 11:52:26 +02:00
Gilles Peskine
015109b066
Changelog entry for the removal of config-psa-crypto.h in 3.0
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-10 10:36:37 +02:00
Gilles Peskine
31017d318f
Remove config-psa-crypto.h
...
This configuration file was useful in the early days of PSA crypto
development. It stopped becoming relevant when MBEDTLS_PSA_CRYPTO_C entered
the default configuration. Remove it: better late than never.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-10 10:36:37 +02:00
Manuel Pégourié-Gonnard
b548cda1cf
Merge pull request #4397 from TRodziewicz/change_config_h_defaults
...
Four config.h defaults have been changed.
2021-05-07 12:42:39 +02:00
Tomasz Rodziewicz
532ca93246
Trailing spaces removed from comments in config.h
2021-05-07 11:01:24 +02:00
Tomasz Rodziewicz
1fc7c4c95e
Update config.h
...
Correction to the ECJPAKE_C note in config.h
2021-05-07 10:13:31 +02:00
Manuel Pégourié-Gonnard
dd57b2f240
Merge pull request #4445 from TRodziewicz/remove_deprecated_things_-_remainder
...
Remove deprecated functions and constants.
2021-05-07 10:05:30 +02:00
Tomasz Rodziewicz
6c3fe31f6c
Update config.h
...
Warning for ECJPAKE_C was removed from config.h.
2021-05-07 09:46:32 +02:00
paul-elliott-arm
5b416e95b2
Merge pull request #3910 from hanno-arm/post_handshake_handling
...
Introduce helper for handling of post-handshake handshake messages in TLS <=1.2
2021-05-06 17:13:03 +01:00
TRodziewicz
d9d035a5b5
Corrections of the migration guide from the code review.
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-06 11:53:06 +02:00
TRodziewicz
c1c479fbe9
Fllow-up of the review: ChangeLog expansion, mmigration guides added and comments fixed
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-06 00:53:22 +02:00
Gilles Peskine
275b9b2ef4
Merge pull request #4402 from mpg/migration-guide-3.0
...
Migration guide for 3.0
2021-05-05 14:30:39 +02:00
Manuel Pégourié-Gonnard
143b1e387b
Fix a number of typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
2021-05-05 09:47:47 +02:00
Ronald Cron
6ab1f81af1
Merge pull request #4312 from ronald-cron-arm/psa-hash-dispatch-testing
...
Add PSA hash driver dispatch specific testing
2021-05-04 18:17:07 +02:00
Ronald Cron
98d00d06a0
Merge pull request #4426 from ronald-cron-arm/remove-enable-weak-ciphersuites
...
Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option
2021-05-04 17:20:36 +02:00
Ronald Cron
1153c3d4f3
tests: driver wrappers: Improve test comments
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-04 16:11:06 +02:00
Ronald Cron
d5d04962ef
Add change log and migration guide
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-04 15:59:10 +02:00
Manuel Pégourié-Gonnard
438ac27059
Quit using title case for entry titles
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 13:06:34 +02:00
Manuel Pégourié-Gonnard
cae1fd0392
Merge pull request #4187 from hanno-arm/out_ctr_update_tls
...
Keep pointer to TLS record sequence number static
2021-05-04 12:44:39 +02:00
Manuel Pégourié-Gonnard
72f762b1da
Clarify 3.0-migration-guide.d/00README
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:36:40 +02:00
Manuel Pégourié-Gonnard
e756306dd6
Move some details from ChangeLog to migration guide
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:36:33 +02:00
Manuel Pégourié-Gonnard
57e93e5296
Clarify a sentence
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Manuel Pégourié-Gonnard
f5acfbac99
Improve description of migration guide entries
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Manuel Pégourié-Gonnard
2960b2e88c
Fix a few typos
...
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Manuel Pégourié-Gonnard
b2a1043a4c
Add a directory for 3.0 migration guide entries
...
Similarly to ChangeLog.d, we want to avoid endless merge conflicts.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Manuel Pégourié-Gonnard
89d4ab0999
Add a "3.0 migration guide document"
...
For now the entries are in no particular order. Before the release we
should have a final pass over this document and order them from most
impactful to least impactful. We might even create sections, a table of
contents, etc.
In the meantime, each PR should add an entry about it changes.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Manuel Pégourié-Gonnard
759f551010
Add a missing ChangeLog entry
...
Was missed in https://github.com/ARMmbed/mbedtls/pull/4324
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-05-04 11:35:08 +02:00
Ronald Cron
3e4d190b4a
tests: driver wrappers: Add hash finish tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:49:21 +02:00
Ronald Cron
1fb49e6ee7
tests: driver wrappers: Add hash update tests
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:49:21 +02:00
Ronald Cron
6e12b7b50c
tests: driver wrappers: Specialize hash multi-part test on setup only
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:49:21 +02:00
Ronald Cron
eba3c87100
tests: driver wrappers: Fix hash tests dependencies
...
Take into account that the test driver may not support
hash operations.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:49:21 +02:00
Ronald Cron
ce1d8d2c4e
tests: Revert test_driver.h name change
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:49:15 +02:00
Ronald Cron
63281332b0
tests: Fix test arguments separator
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:38:23 +02:00
Ronald Cron
4607c829d0
tests: psa: Simplify key buffer size calculation
...
Move the key buffer size calculation code under
tests to avoid check-names.sh to complain about
"likely macros with typos".
This removes the calculation of key buffer
sizes for the test driver from the wrapper based on
static size data. But the code is still there in test
code to be used when we go back to work on the
generation of the driver wrapper.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:38:20 +02:00
Ronald Cron
7f13fa2454
tests: psa: Add mbedtls/MBEDTLS prefix to test driver symbols
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 18:33:26 +02:00
Ronald Cron
b5d59a05b2
tests: psa: cipher: Remove out-dated comment
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 17:39:26 +02:00
Ronald Cron
140043a6b9
tests: driver wrapper: Add hash dispatch testing
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 17:39:26 +02:00
Ronald Cron
fa036c8024
tests: Add hash transparent test driver hooks
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-05-01 17:37:28 +02:00
Hanno Becker
f26cc72e7b
Reintroduce comment on state of renegotiation after post HS message
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-01 06:17:49 +01:00
Hanno Becker
fae12cf1ef
Use error corruption detection as initial return value
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-01 06:17:49 +01:00
Hanno Becker
cad3dbaf45
Add missing static qualification for post-HS HS message handler
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-01 06:17:49 +01:00
Hanno Becker
b03f88f06c
Introduce helper for handling of post-handshake handshake messages
...
Handling the receipt of a handshake record after the initial handshake
requires non-trivial logic depending on the protocol version and the
endpoint. This logic is currently embedded in mbedtls_ssl_read().
With the introduction of support for [D]TLS 1.3, the logic will become
even more complex, since [D]TLS 1.3 drops support for renegotiation --
which in [D]TLS 1.2 is the main purpose of post-handshake handshake
messages -- but instead introduces numerous other post-handshake
handshake messages.
In order to pave the way for those changes, this commit improves
readability and maintainability of mbedtls_ssl_read() by moving
the TLS <=1.2 logic for handling post-handshake handshake messages
into a separate helper function ssl_handle_hs_message_post_handshake().
The logic of the code is entirely unchanged.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-01 06:17:49 +01:00