Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move programs from mbedtls to framework #131

Open
wants to merge 58 commits into
base: main
Choose a base branch
from
Open

Move programs from mbedtls to framework #131

wants to merge 58 commits into from

Conversation

Harry-Ramsey
Copy link
Contributor

Description

Move program files to MbedTLS-Framework.

PR checklist

Please add the numbers (or links) of the associated pull requests for consuming branches. You can omit branches where this pull request is not needed.

  • crypto PR Mbed-TLS/TF-PSA-Crypto#
  • development PR Mbed-TLS/mbedtls#
  • 3.6 PR Mbed-TLS/mbedtls#

Notes for the submitter

Please refer to the contributing guidelines, especially the
checklist for PR contributors.

Help make review efficient:

  • Multiple simple commits
    • please structure your PR into a series of small commits, each of which does one thing
  • Avoid force-push
    • please do not force-push to update your PR - just add new commit(s)
  • See our Guidelines for Contributors for more details about the review process.

gilles-peskine-arm and others added 30 commits January 8, 2025 16:51
@gilles-peskine-arm
Fix make dir/file not rebuilding existing files
1701c34 
Running `make library/foo`, `make programs/foo` or `make tests/foo` only
rebuilt the given target if it was not an existing file, because the
toplevel makefile does not know the file's dependencies and thus thought
that every such target had empty dependencies. Fix this by always invoking
make recursively.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Declare the new Python module used by generate_psa_tests.py
a074fe4 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Remove uses of secp244k1
bc7c523 
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Update submodules
46fb5dc 
Update TF-PSA-Crypto to have the latest framework with
Mbed-TLS#83 .

Update the framework to match.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Remove test coverage exceptions that are no longer needed
49e48ef 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Merge pull request #9841 from gilles-peskine-arm/psa-storage-test-cas…
eef2a2e 
…es-never-supported-positive-dev

Switch generate_psa_test.py to automatic dependencies for positive test cases
@valeriosetti
Move files out of Mbed TLS
6f1cedf 
The following files are moved to the framework repo (deleted here):

tests/scripts/check_names.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
component-basic-checks: fix paths of files moved to framework
c9e32b4 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
framework: update reference
e9468eb 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@ronald-cron-arm
Merge pull request #9853 from valeriosetti/issue73-main
69dcb6d 
Move tests/scripts/check_names.py to the framework
@valeriosetti
Move files out of Mbed TLS
f62b8ba 
The following files are moved to the framework repo (deleted here):

scripts/min_requirements.py

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
scripts: add new min_requirements.py script
3730e4a 
This call into the "old" script that has been moved to the framework
repository. The *.requirements.txt files are kept on this repo though.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
framework: update reference
7459ef2 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@ronald-cron-arm
Merge pull request #9863 from valeriosetti/issue86-development
67ba14c 
Move most of min_requirements.py to the framework
@valeriosetti
Move files out of Mbed TLS
3533e9b 
The following files are moved to the framework repo (deleted here):

tests/scripts/pkgconfig.sh

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
components-build-system.sh: fix path of pkgconfig.sh
ba8500b 
The script was moved to the framework sub-repo.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
framework: update reference
dff650e 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@ronald-cron-arm
Merge pull request #9888 from valeriosetti/issue101-development
99d8216 
Move pkgconfig.sh to the framework
@mpg
Remove deprecated function mbedtls_ssl_conf_curves()
93d4591 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg
Remove mbedtls_ssl_conf::curve_list
6b72016 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg
Remove internal helper mbedtls_ssl_get_groups()
6402c35 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg
Remove useless dependency from test function
4c3134a 
This dependency was never right in the first place.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@mpg
Add ChangeLog entry
4787b40 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@valeriosetti
x509: remove definition and implementation of x509write_crt_set_serial
6b64a1b 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
tests: remove usage of mbedtls_x509write_crt_set_serial
6487da1 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
changelog: add note for mbedtls_x509write_crt_set_serial() deprecation
19846f5 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@Harry-Ramsey
Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS
e65bfe6 
This commit removes the check_test_dependencies from Mbed TLS as it has
been added to TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
@Harry-Ramsey
Update TF-PSA-Crypto pointer
28eed1a 
This commit updates TF-PSA-Crypto pointer to include the moved test in
Mbed TLS via TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
@Harry-Ramsey
Update framework pointer
cec9562 
This commit updates the framework pointer to include modified
collect_test_cases.py which can run independently for TF-PSA-Crypto.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
@ronald-cron-arm
Merge pull request #9913 from valeriosetti/issue9892
bff7733 
Remove deprecated function mbedtls_x509write_crt_set_serial()
ronald-cron-arm and others added 28 commits January 20, 2025 10:38
@ronald-cron-arm
Merge pull request #9914 from Harry-Ramsey/remove-tf-psa-crypto-test
6daf4ef 
Remove check_test_dependencies TF-PSA-Crypto test from Mbed TLS
@gilles-peskine-arm
Update submodules
08c4362 
Catch up with Mbed-TLS#104 =
"Switch generate_psa_test.py to automatic dependencies for negative test cases"

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Remove test coverage exceptions that are no longer needed
fe683e7 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Add ignore list entries for ECDH/FFDH algorithm without key type
13c418d 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@gilles-peskine-arm
Update submodule
7dc5709 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
@davidhorstmann-arm
Merge pull request #9909 from gilles-peskine-arm/psa-storage-test-cas…
5a77c23 
…es-never-supported-negative-dev

Switch generate_psa_test.py to automatic dependencies for negative test cases
@mpg
Fix incorrect test function
c4e768a 
We should not manually set the TLS version, the tests are supposed to
pass in 1.3-only builds as well. Instead do the normal thing of setting
defaults. This doesn't interfere with the rest of the testing, so I'm
not sure why we were not doing it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@davidhorstmann-arm
Add X.509 formatting validation to SECURITY.md
2fe0da7 
Clarify that strict formatting of X.509 certificates is not checked by
Mbed TLS and that it therefore should not be used to construct a CA.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
@davidhorstmann-arm
Add paragraph on undefined behaviour
faa1a0f 
Add a note that we do aim to protect against undefined behaviour and
undefined behaviour in certificate parsing is in scope.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
@mpg
Stop recommended deprecated function in migration guide
490e305 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
@davidhorstmann-arm
Fix missing-word typo
0704fbf 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
@yanesca
Merge pull request #9918 from davidhorstmann-arm/clarify-x509-securit…
1532ea4 
…y-md

Add X.509 formatting validation to SECURITY.md
@valeriosetti
ssl-opt.sh: remove DHE-PSK only test cases
5c730c1 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
compat.sh: do not use DHE-PSK key exchange in gnutls tests
9a9c9a5 
DHE-PSK is being removed from Mbed TLS so we cannot use this key
exchange with gnutls testing.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
compat.sh: remove usage of DHE-PSK
64d264d 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
ssl_tls: remove usage of DHE-PSK
48659a1 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
ssl_ciphersuites: remove references/usages of DHE-PSK
6348b46 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
analyze_outcomes.py: remove exceptions related to DHE-PSK
70cc4e6 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
components-configuration-crypto.sh: remove references to DHE_PSK kex
6e892cb 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
check_config: remove checks for DHE-PSK
a073452 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
mbedtls_config: remove MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
6ba324d 
This commit also removes its disabling from config_adjust_ssl.h

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
docs: remove references of DHE-PSK
27bc563 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
changelog: add note about DHE-PSK removal
944f3ab 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@valeriosetti
tf-psa-crypto: update reference
094fd49 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
@mpg
Merge pull request #9906 from mpg/rm-conf-curves
7e1154c 
[dev] Remove deprecated function mbedtls_ssl_conf_curves()
@ronald-cron-arm
Merge pull request #9910 from valeriosetti/issue9684
189dcf6 
Remove DHE-PSK key exchange
@Harry-Ramsey
Move programs into the framework
781bf03 
This commit moves demo_common.sh and dlopen_demo.sh from MbedTLS to
MbedTLS-framework.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
@Harry-Ramsey
Merge branch 'tmp-branch-move-files-to-framework' into move-files-int…
fae5278 
…o-framework
@Harry-Ramsey Harry-Ramsey self-assigned this Jan 29, 2025
@Harry-Ramsey Harry-Ramsey mentioned this pull request Jan 29, 2025
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@Harry-Ramsey Harry-Ramsey

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@Harry-Ramsey @gilles-peskine-arm @valeriosetti @ronald-cron-arm @mpg @davidhorstmann-arm @yanesca