Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport 3.6] Partial backport of #9057 #9160

Merged
merged 11 commits into from
May 23, 2024
Merged

[Backport 3.6] Partial backport of #9057 #9160

merged 11 commits into from
May 23, 2024

Conversation

ronald-cron-arm
Copy link
Contributor

@ronald-cron-arm ronald-cron-arm commented May 22, 2024
edited

Description

Partial backport of #9057:
. Pre-existing issues in the reference configuration files
. Automatic resolution on some dependencies on HMAC and CMAC with PSA crypto config
. Adaptation of test-ref-configs.pl to work both in 3.6 and 4.x

PR checklist

  • changelog not required
  • 3.6 backport N/A
  • 2.28 backport N/A
  • tests not required

@ronald-cron-arm
config-symmetric-only.h: Remove obsolete comment
984e8dc 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
config-symmetric-only.h: Add SHA3
30b5d67 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Fix compat.sh filters
f47f545 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
test-ref-configs.pl: Detect automatically test with USE_PSA enabled
e3283ed 
Change the way we decide if for a given
configuration we need to run tests with
and without MBEDTLS_USE_PSA_CRYPTO enabled.
That makes the script suitable for 3.6 and
development branch.

Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Resolve some HMAC dependencies automatically
a6ff719 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Resolve PBKDF2_AES_CMAC_PRF_128 dependencies
7d949ae 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Fix "maybe-uninitialized" warning with GCC 11.3
f313902 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Fix the resolution of dependencies on HMAC
c8953c9 
The Mbed TLS implementations of ALG_TLS12_PRF,
ALG_TLS12_PSK_TO_MS, ALG_HKDF, ALG_HKDF_EXTRACT,
ALG_HKDF_EXPAND and ALG_PBKDF2 rely on HMAC
operations through the driver interface. Thus
if one of these algorithms is enabled and not
accelerated, we need ALG_HMAC to be enabled
(PSA_WANT_ALG_HMAC and PSA_WANT_KEY_TYPE_HMAC
defined). As HMAC operations occur through
the driver interface, HMAC operations can be
accelerated even if the caller algorithm
is not.

Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Fix PBKDF2_AES_CMAC_PRF_128 dependencies
0fd2d04 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Fix crypto_adjust_config_dependencies.h documentation
8b1c5eb 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm
Improve test-ref-configs.pl
8526751 
Signed-off-by: Ronald Cron <[email protected]>
@ronald-cron-arm ronald-cron-arm added needs-ci Needs to pass CI tests priority-high High priority - will be reviewed soon labels May 22, 2024
@ronald-cron-arm ronald-cron-arm added this to To Do in Roadmap Board for Mbed TLS via automation May 22, 2024
@ronald-cron-arm ronald-cron-arm moved this from To Do to In Development in Roadmap Board for Mbed TLS May 22, 2024
@ronald-cron-arm ronald-cron-arm mentioned this pull request May 22, 2024
Merged
4 tasks
@ronald-cron-arm
Copy link
Contributor Author

Only a cloning error in "TF OpenCI: PR tests" thus the CI can be considered as green.

@ronald-cron-arm ronald-cron-arm added needs-review Every commit must be reviewed by at least two team members, and removed needs-ci Needs to pass CI tests labels May 22, 2024
@ronald-cron-arm ronald-cron-arm moved this from In Development to In Review in Roadmap Board for Mbed TLS May 22, 2024
gilles-peskine-arm
gilles-peskine-arm approved these changes May 22, 2024
View reviewed changes
Copy link
Contributor

@gilles-peskine-arm gilles-peskine-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Roadmap Board for Mbed TLS automation moved this from In Review to Has Approval May 22, 2024
tom-daubney-arm
tom-daubney-arm approved these changes May 22, 2024
View reviewed changes
Copy link
Contributor

@tom-daubney-arm tom-daubney-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Faithful backport. LGTM.

@tom-daubney-arm tom-daubney-arm added approved Design and code approved - may be waiting for CI or backports and removed needs-review Every commit must be reviewed by at least two team members, labels May 22, 2024
@ronald-cron-arm ronald-cron-arm added this pull request to the merge queue May 23, 2024
Merged via the queue into Mbed-TLS:mbedtls-3.6 with commit baf6775 May 23, 2024
5 of 6 checks passed
Roadmap Board for Mbed TLS automation moved this from Has Approval to Done May 23, 2024
@gilles-peskine-arm gilles-peskine-arm mentioned this pull request May 23, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

@tom-daubney-arm tom-daubney-arm tom-daubney-arm approved these changes

Assignees
No one assigned
Labels
approved Design and code approved - may be waiting for CI or backports priority-high High priority - will be reviewed soon
Projects
Roadmap Board for Mbed TLS
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ronald-cron-arm @gilles-peskine-arm @tom-daubney-arm