"tests/data_files/test-ca.key" is now encrypted using AES instead of DES.
Update test dependencies accordingly. This fixes `depends.py cipher_id`.
This is a partial cherry-pick of 1a4cc5e92c
(done manually because the context on the same line is different).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This is no longer needed as make.bat has been removed. We do not support
building the documentation on Windows.
This reverts commit d50daedcca.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Building the docs on Windows is not supported in any case, as the apidoc
target in the main Makefile will not run on Windows.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Include the make apidoc and breathe-apidoc steps in the documentation
Makefile for ease of use. In this way, depart from the Makefile
generated automatically by Sphinx.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Sphinx's breathe plugin cannot readily parse the Mbed TLS macros, so
define the less essential ones away at the doxygen step to reduce the
number of warnings.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
We duplicated ecp.c in the anticipation of heavy refactoring there. This
work has been suspended and the duplication is not useful anymore but
imposes an overhead.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We normally don't mention test updates in the changelog, but this one
explains why we're making a patch release.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
After upgrading certificates, some parsing unit tests are failing because
the new certificates have a different expiry date, by design. Switch those
test cases to using the moved copy of the old data (as we did in a more
systematic way in the development branch).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Copy updated test certificates and related data (keys, CSR, etc.) from
development. This replaces certificates that will expire on 2023-09-07,
causing the unit tests to fail. This also adds new data files that are not
used, and moves some files.
The replacement data is good until 2023-12-31.
The update causes some parsing unit tests to fail because the new
certificates have a different expiry date. This will be fixed in a
subsequent commit.
```
git checkout dc2d7cce02 -- tests/data_files tests/src/test_certs.h tests/src/certs.c
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For time being, there are only two aes implementations for known
architectures. I define runtime detection function as const when
built-in was disabled. In this case, compiler will remove dead
built-in code.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
In ecp_new.c mbedtls_ecp_read_key did only check Weierstrass keys. The
behaviour in ecp.c was correct.
This bug has no immediate security impact. (The code with the missing
check wasn't released and we are checking keys at later point.)
After this change ecp.c and ecp_new.c will have a single remaining
difference and unifying them will be more straightforward.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We would like to de-duplicate ecp.c, but ecp_curves.c remains duplicated
and we still want to test for the active variant.
Signed-off-by: Janos Follath <janos.follath@arm.com>