PSA integration sibling: Update crypto submodule (Hash clone, Key Policy Init, Key slot alloc) #27
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 8 commits
January 25, 2019 14:36
|
@Patater Please review. Travis failed because of 3d interoperability tests. |
AndrzejKurek
approved these changes
Jan 28, 2019
AndrzejKurek
approved these changes
Jan 28, 2019
There was a problem hiding this comment.
I cross-checked this PR with Mbed-TLS/mbedtls#2339 and all allocations are handled correctly. Please add a note on how you tested this PR.
|
I ran |
|
I ran |
|
Travis failed on "DTLS proxy: 3d, max handshake (FS, ticket + client auth) ............... FAIL", a known issue. |
gilles-peskine-arm
added a commit
to gilles-peskine-arm/mbed-crypto
that referenced
this pull request
Feb 13, 2019
Confict resolution:
* `CMakeLists.txt`: keep the Crypto version. All changes on the TLS branch
are related to using the crypto submodule in mbedtls.
* `ChangeLog`: take the version from the TLS branch. The crypto branch
had a suffix of that corresponding to changes since 2.14.0+01b34fb316a5,
plus one entry for a change that was made in 2.16. The TLS branch has
all of those plus more.
* `README.md`: changes on the TLS branch in parts that were deleted earlier
on the crypto branch, so resolve all conflicts by taking the crypto branch.
* `include/mbedtls/cipher.h`: all the conflicting changes are due to
whitespace changes on the crypto branch. Take the TLS version.
* `include/mbedtls/config.h`: some changes on the TLS branch affect
PSA-related options. Take the Crypto version.
* `include/mbedtls/ecdsa.h`:
* Git finds a conflict, but the two sides actually had identical
changes there.
* `include/mbedtls/pk.h`:
* `mbedtls_pk_free`: the TLS version is the Crypto version plus further
changes. Take the TLS version.
* `library/CMakeLists.txt`: all conflicting changes are related to using the
crypto submodule, which is not relevant in mbed-crypto, except for the
version number updates. So resolve all conflicts by taking the crypto branch,
then update the version numbers from 2.14.0 to 2.16.0.
* `library/cipher.c`: all changes on the crypto branch are from a modified
version ("sibling PR" ARMmbed#27)
of changes on the TLS branch. Take the TLS branch.
* `library/pk.c`: all changes on the crypto branch are from a modified
version ("sibling PR" ARMmbed#27)
of changes on the TLS branch. Take the TLS branch.
* `library/pk_wrap.c`: all changes on the crypto branch are from a modified
version ("sibling PR" ARMmbed#27)
of changes on the TLS branch. Take the TLS branch.
* `library/rsa.c`:
* `mbedtls_rsa_rsaes_pkcs1_v15_encrypt`: the TLS branch changed some
null pointer checks to using RSA_VALIDATE_RET. The crypto branch
changed checking `input == NULL` to `ilen != 0 && input == NULL`
to support an empty input buffer. Take the TLS branch code, which
has already been adapted to support an empty input buffer.
* `library/ssl_tls.c`: all changes on the crypto branch are from a modified
version ("sibling PR" ARMmbed#27)
of changes on the TLS branch. Take the TLS branch.
* `programs/ssl/ssl_client2.c`: all changes on the crypto branch are
from a modified version ("sibling PR"
ARMmbed#27) of changes on the
TLS branch. Take the TLS branch.
* `programs/ssl/ssl_server2.c`: all changes on the crypto branch are
from a modified version ("sibling PR"
ARMmbed#27) of changes on the
TLS branch. Take the TLS branch.
* `scripts/config.pl`: keep the Crypto version. The changes from the TLS
branch are all about excluding PSA options and we don't want that on the
crypto branch.
* `tests/scripts/all.sh`: the Crypto branch adds the setting of
CTEST_OUTPUT_ON_FAILURE in a part that was otherwise changed
identically on both sides. Keep the Crypto branch here.
* `tests/ssl-opt.sh`: the TLS branch and the Crypto branch both add a test
for MBEDTLS_USE_PSA_CRYPTO. The Crypto branch has an earlier version of
that test, to take the TLS branch.
* `tests/suites/helpers.function`:
* Concurrent addition and reconcile the documentation of TEST_ASSERT from
both sides.
* Concurrent addition, order indifferent.
* `tests/suites/test_suite_pk.function`: all conflicting changes on the crypto
branch are from a modified version ("sibling PR"
ARMmbed#27) of changes on the
TLS branch. Take the TLS branch.
Non-conflicting changes from the TLS branch not taken:
* `.gitmodules`: don't create this file since we don't want to make
mbed-crypto a submodule of mbed-crypto.
* `CMakeLists.txt`: keep the Crypto version, except for removing the
`ENABLE_ZLIB_SUPPORT` section. All other changes on the TLS branch
are related to using the crypto submodule in mbedtls.
* `Makefile`: keep the Crypto version. All changes on the TLS branch
are related to using the crypto submodule in mbedtls.
* `crypto`: don't create this directory for a submodule since we don't want
to make mbed-crypto a submodule of mbed-crypto.
* `library/Makefile`: all changes on the TLS branch are related to the
crypto submodule except for one typo fix. We don't want the crypto submodule,
so take the typo fix and keep the Crypto version otherwise.
* `programs/Makefile`: keep the Crypto version. All changes on the TLS branch
are related to using the crypto submodule in mbedtls.
* `scripts/config.pl`: keep the Crypto version. The changes from the TLS
branch are all about excluding PSA options and we don't want that on the
crypto branch.
* `tests/CMakeLists.txt`: Discard changes on the TLS branch that are
related to using the crypto submodule in mbedtls. Take the addition
of two test suites cipher.misc and gcm.misc.
* `tests/scripts/all.sh`: Discard changes on the TLS branch that are
related to using the crypto submodule in mbedtls. Take the typo fixes
and the new check_params and use_psa_crypto components.
* `tests/scripts/run-test-suites.pl`: keep the Crypto version. All
changes on the TLS branch are related to using the crypto submodule
in mbedtls.
Non-conflicting changes taken wholly from the TLS branch:
* `library/cipher.c`: all changes on the crypto branch are from a modified
version ("sibling PR" ARMmbed#27)
of changes on the TLS branch. Take the TLS branch.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary: This is the sibling of Mbed-TLS/mbedtls#2376. It is based on the merge 0b6b871 of #22 with development, it adapts crypto and TLS files to the changes that have been made to the key policy initialization and key slot allocation APIs in the same way as Mbed-TLS/mbedtls#2376 does.