Commit graph

15403 commits

Author SHA1 Message Date
Ronald Cron
cee427002b Remove MBEDTLS_ENABLE_WEAK_CIPHERSUITES configuration option
Fix 4416

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-04-27 09:34:14 +02:00
Dave Rodgman
12f93f4fc2
Merge pull request #4407 from ARMmbed/dev3_signoffs
Merge development_3.0 into development
2021-04-26 19:48:16 +01:00
Dave Rodgman
dca8509bb6 Update future Mbed TLS version in Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:22 +01:00
Dave Rodgman
10ba553c2e Update Changelog
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:22 +01:00
Dave Rodgman
ddb8ea6847 Fix Changelog entry
Rename a Changelog.d file, so that it gets picked up as expected by
scripts/assemble_changelog.py.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:21 +01:00
Dave Rodgman
a00e8502c9 Documentation updates for Mbed TLS 3.0
Update documentation to reflect the branch changes.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:21 +01:00
Dave Rodgman
5ec6906964 Add sign-off for some older commits which are missing it.
This sign-off applies to:

c258a0fa65
7bdbc45275
bfa03e3bc9

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-23 15:12:56 +01:00
Ronald Cron
b5939e814e
Merge pull request #4160 from stevew817/feature/driver_builtin_keys
Add implementation for MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS

Merging as it has been ready for four days now and I prefer not having to go through other rebases especially given the coming change of scope of development (3.0 rather than 2.2x).
2021-04-23 09:40:31 +02:00
Manuel Pégourié-Gonnard
c102164a54
Merge pull request #4339 from TRodziewicz/remove_depr_error_codes
Remove deprecated error codes.
2021-04-22 22:28:00 +02:00
Ronald Cron
2bbb5bc6bf
Merge pull request #4380 from paul-elliott-arm/bignum_unchecked_return
Fix unchecked return value in bignum
2021-04-22 13:08:57 +02:00
Tomasz Rodziewicz
9a97a13d3e
Merge branch 'development_3.0' into remove_depr_error_codes 2021-04-22 12:53:15 +02:00
Manuel Pégourié-Gonnard
f6b677ea98
Merge pull request #4349 from mpg/apply-4334-3.0
Apply 4334 to development-3.0
2021-04-22 12:42:40 +02:00
Manuel Pégourié-Gonnard
e8e450a394
Merge pull request #4254 from mstarzyk-mobica/remove_libpkcs11-helper
Remove PKCS#11 library wrapper.
2021-04-22 12:39:54 +02:00
Manuel Pégourié-Gonnard
1216233949
Merge pull request #4391 from gilles-peskine-arm/error-on-removed-options-20210421
Error on removed options
2021-04-22 08:55:53 +02:00
Gilles Peskine
cc26e3bf25 Remove extraneous word
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-21 19:01:59 +02:00
Gilles Peskine
fa4e4b8645 Error out if attempting to use a removed feature
If the compile-time configuration enables an option that was removed
in Mbed TLS 3.0, and the effect of removing the option would likely
not be detected at build time, #error out in check_config.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-21 18:48:09 +02:00
Gilles Peskine
b683776181 Per-line opt-out of check-names typo check
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-04-21 18:45:08 +02:00
Tomasz Rodziewicz
bfa03e3bc9
Update psa_util.h
Remove the conditional include after the code review
2021-04-21 17:14:31 +02:00
Tomasz Rodziewicz
7bdbc45275
Update issue4283.txt
Corrections in the ChangeLog file after a review.
2021-04-21 16:50:15 +02:00
TRodziewicz
3408d60225 revert the error.h file include in psa_util.c
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-21 13:25:25 +02:00
TRodziewicz
e022938ec7 error.c re-generated once more
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-21 13:14:04 +02:00
Tomasz Rodziewicz
d6c246f5bf
Merge branch 'development_3.0' into remove_depr_error_codes 2021-04-21 12:31:43 +02:00
TRodziewicz
1fbdb25d60 error.c re-generated
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-21 12:24:59 +02:00
TRodziewicz
33946bbf16 Two platform error codes moved to error.h to fix _without_platform test
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-21 12:06:23 +02:00
Mateusz Starzyk
f9c7b3eb11 Remove PKCS#11 library wrapper.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-21 11:05:00 +02:00
Paul Elliott
70c68dac45 Remove unnecessary changelog
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-04-20 21:47:42 +01:00
Paul Elliott
986b55af03 Style Fix
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-04-20 21:46:29 +01:00
Paul Elliott
7725a63c24 Fix unchecked return in bignum
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-04-20 19:01:46 +01:00
Ronald Cron
218da3fcf9
Merge pull request #4370 from tniessen/docs-typo
Fix typo in architecture docs
Typo fix thus merging with only one approval.
2021-04-20 08:38:50 +02:00
Tobias Nießen
835beffcf4
Fix typo in architecture docs
Signed-off-by: Tobias Nießen <tniessen@tnie.de>
2021-04-19 23:56:25 +02:00
Manuel Pégourié-Gonnard
1cc91e7475
Merge pull request #4366 from gilles-peskine-arm/development_3.0-merge_2.x-20210419
Merge development 2.x into 3.0 (Apr 19)
2021-04-19 13:08:48 +02:00
Manuel Pégourié-Gonnard
16529bd439
Merge pull request #4344 from TRodziewicz/remove_deprecated_things_in_crypto_compat_h
Remove deprecated things from crypto_compat.h and dependent tests.
2021-04-19 10:55:21 +02:00
Gilles Peskine
ee259130e4 Merge branch 'development' into development_3.0
Conflicts:
* visualc/VS2010/mbedTLS.vcxproj: resolved by re-generating the file
  with scripts/generate_visualc_files.pl.
2021-04-19 10:51:59 +02:00
Manuel Pégourié-Gonnard
0bbb38c67e
Merge pull request #4199 from TRodziewicz/mul_shortcut_fix
Fix ECDSA failing when the hash is all-bits-zero
2021-04-19 09:54:12 +02:00
Gilles Peskine
5192e00a4d
Merge pull request #4266 from mstarzyk-mobica/remove_allow_sha1_in_certificates
Remove MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
2021-04-16 20:55:41 +02:00
Mateusz Starzyk
bf4c4f9cd5 Reword changelog entry for removal of SHA-1
from the default TLS configuration.

Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-16 18:39:10 +02:00
Mateusz Starzyk
a58625f90d Remove optional SHA-1 in the default TLS configuration.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-16 18:39:10 +02:00
TRodziewicz
2333e6302d Revert 2 files conflicting after previous push in the Github.
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-04-16 14:32:22 +02:00
Manuel Pégourié-Gonnard
13af41f88c
Merge pull request #4156 from mstarzyk-mobica/drop_old_tls_options
Drop support for obsolete SSL/TLS features
2021-04-16 12:49:31 +02:00
Steven Cooreman
31e27af0cc Reword the builtin key language on persistency declaration
Specifically allow the driver to override the persistency level of a
builtin key in cases where the driver is persistency-aware.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-16 11:25:18 +02:00
Steven Cooreman
966db26779 Minor code flow improvements
* group setting of attributes before calling get_builtin_key
* return early instead of going to exit when no resources are allocated yet

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-16 11:22:17 +02:00
Steven Cooreman
2cca9b8f13 Rename test driver source files to avoid file name conflicts
MSVC doesn't like multiple compilation units with the same name.
(conflict between cipher.c in the library and in the test driver folder)

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-16 11:22:14 +02:00
Steven Cooreman
16141ed2fb Add test driver sources to VC build
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-16 11:20:03 +02:00
Mateusz Starzyk
a17fb8eac8 Fix line lenghts in changelog entry for removal of old TLS features.
Signed-off-by: Mateusz Starzyk <mateusz.starzyk@mobica.com>
2021-04-16 10:32:17 +02:00
Steven Cooreman
ce48702448 Get a builtin key's attributes in order to correctly get its size
Leverage the fact that the get_builtin_key entrypoint returns a key's
attributes, such that a proper size for the builtin key's buffer can
be calculated through the driver's get_key_buffer_size hook.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman
7ddee7f7c5 Use remove_key_data_from_memory instead of wipe_key_slot
Since the loading attempt of a builtin key might be followed by trying
to load a persistent key, we can only wipe the allocated key data, not
the associated metadata.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman
7609b1ff6c leverage psa_allocate_buffer_to_slot from slot management
It makes the implementation of psa_load_builtin_key_into_slot a lot
cleaner.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman
0bb653600f If no storage backend is available, don't even attempt key loading
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman
054bf7f2a0 Reduce indentation need by checking negative case first
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00
Steven Cooreman
43e4a406d9 Give builtin key export test functions the same dependencies
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
2021-04-15 15:06:53 +02:00