Skip to content

Commit

Permalink
Import mbedtls-3.4.0
Browse files Browse the repository at this point in the history 
Imports Mbed TLS 3.4.0 from https://github.com/Mbed-TLS/mbedtls.git
tags mbedtls-3.4.0, v3.4.0.

Files that are not needed are removed:

cd lib/libmbedtls
rm -rf mbedtls
cp -R path/to/mbedtls-3.4.0/mbedtls .
cd mbedtls
rm CMakeLists.txt DartConfiguration.tcl Makefile
rm .gitignore .travis.yml .pylintrc .globalrc .mypy.ini BRANCHES.md
rm include/.gitignore include/CMakeLists.txt library/.gitignore
rm library/CMakeLists.txt library/Makefile
rm mbedtls/cmake/MbedTLSConfig.cmake.in
rm -rf .git .github doxygen configs programs scripts tests visualc
rm -rf 3rdparty ChangeLog.d docs
rm library/psa_* library/mps_*
cd ..
git add mbedtls

This is a complete overwrite of previous code so earlier changes in the
previous branch import/mbedtls-2.28.1 will be added on top of this commit.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
  • Loading branch information
@jenswi-linaro
jenswi-linaro committed Oct 6, 2023
1 parent 00b7b3e commit dfafe50
Show file tree
Hide file tree
Showing 227 changed files with 102,809 additions and 62,319 deletions.
2 changes: 2 additions & 0 deletions lib/libmbedtls/mbedtls/.gitattributes
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Classify all '.function' files as C for syntax highlighting purposes
*.function linguist-language=C
252 changes: 252 additions & 0 deletions lib/libmbedtls/mbedtls/.uncrustify.cfg
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,252 @@
# Configuration options for Uncrustify specifying the Mbed TLS code style.
#
# Note: The code style represented by this file has not yet been introduced
# to Mbed TLS.
#
# Copyright The Mbed TLS Contributors
# SPDX-License-Identifier: Apache-2.0
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.


# Wrap lines at 100 characters
code_width = 100

# Allow splitting long for statements between the condition statements
ls_for_split_full = true

# Allow splitting function calls between arguments
ls_func_split_full = true

input_tab_size = 4

# Spaces-only indentation
indent_with_tabs = 0

indent_columns = 4

# Indent 'case' 1 level from 'switch'
indent_switch_case = indent_columns

# Line-up strings broken by '\'
indent_align_string = true

# Braces on the same line (Egyptian-style braces)
nl_enum_brace = remove
nl_union_brace = remove
nl_struct_brace = remove
nl_do_brace = remove
nl_if_brace = remove
nl_for_brace = remove
nl_else_brace = remove
nl_while_brace = remove
nl_switch_brace = remove

# Braces on same line as keywords that follow them - 'else' and the 'while' in 'do {} while ()';
nl_brace_else = remove
nl_brace_while = remove
# Space before else on the same line
sp_brace_else = add
# If else is on the same line as '{', force exactly 1 space between them
sp_else_brace = force

# Functions are the exception and have braces on the next line
nl_fcall_brace = add
nl_fdef_brace = add

# Force exactly one space between ')' and '{' in statements
sp_sparen_brace = force

# At least 1 space around assignment
sp_assign = add

# Remove spaces around the preprocessor '##' token-concatenate
sp_pp_concat = ignore

# At least 1 space around '||' and '&&'
sp_bool = add

# But no space after the '!' operator
sp_not = remove

# No space after the bitwise-not '~' operator
sp_inv = remove

# No space after the addressof '&' operator
sp_addr = remove

# No space around the member '.' and '->' operators
sp_member = remove

# No space after the dereference '*' operator
sp_deref = remove

# No space after a unary negation '-'
sp_sign = remove

# No space between the '++'/'--' operator and its operand
sp_incdec = remove

# At least 1 space around comparison operators
sp_compare = add

# Remove spaces inside all kinds of parentheses:

# Remove spaces inside parentheses
sp_inside_paren = remove

# No spaces inside statement parentheses
sp_inside_sparen = remove

# No spaces inside cast parentheses '( char )x' -> '(char)x'
sp_inside_paren_cast = remove

# No spaces inside function parentheses
sp_inside_fparen = remove
# (The case where the function has no parameters/arguments)
sp_inside_fparens = remove

# No spaces inside the first parentheses in a function type
sp_inside_tparen = remove

# (Uncrustify >= 0.74.0) No spaces inside parens in for statements
sp_inside_for = remove

# Remove spaces between nested parentheses '( (' -> '(('
sp_paren_paren = remove
# (Uncrustify >= 0.74.0)
sp_sparen_paren = remove

# Remove spaces between ')' and adjacent '('
sp_cparen_oparen = remove

# (Uncrustify >= 0.73.0) space between 'do' and '{'
sp_do_brace_open = force

# (Uncrustify >= 0.73.0) space between '}' and 'while'
sp_brace_close_while = force

# At least 1 space before a '*' pointer star
sp_before_ptr_star = add

# Remove spaces between pointer stars
sp_between_ptr_star = remove

# No space after a pointer star
sp_after_ptr_star = remove

# But allow a space in the case of e.g. char * const x;
sp_after_ptr_star_qualifier = ignore

# Remove space after star in a function return type
sp_after_ptr_star_func = remove

# At least 1 space after a type in variable definition etc
sp_after_type = add

# Force exactly 1 space between a statement keyword (e.g. 'if') and an opening parenthesis
sp_before_sparen = force

# Remove a space before a ';'
sp_before_semi = remove
# (Uncrustify >= 0.73.0) Remove space before a semi in a non-empty for
sp_before_semi_for = remove
# (Uncrustify >= 0.73.0) Remove space in empty first statement of a for
sp_before_semi_for_empty = remove
# (Uncrustify >= 0.74.0) Remove space in empty middle statement of a for
sp_between_semi_for_empty = remove

# Add a space after a ';' (unless a comment follows)
sp_after_semi = add
# (Uncrustify >= 0.73.0) Add a space after a semi in non-empty for statements
sp_after_semi_for = add
# (Uncrustify >= 0.73.0) No space after final semi in empty for statements
sp_after_semi_for_empty = remove

# Remove spaces on the inside of square brackets '[]'
sp_inside_square = remove

# Must have at least 1 space after a comma
sp_after_comma = add

# Must not have a space before a comma
sp_before_comma = remove

# No space before the ':' in a case statement
sp_before_case_colon = remove

# Must have space after a cast - '(char)x' -> '(char) x'
sp_after_cast = add

# No space between 'sizeof' and '('
sp_sizeof_paren = remove

# At least 1 space inside '{ }'
sp_inside_braces = add

# At least 1 space inside '{ }' in an enum
sp_inside_braces_enum = add

# At least 1 space inside '{ }' in a struct
sp_inside_braces_struct = add

# At least 1 space between a function return type and the function name
sp_type_func = add

# No space between a function name and its arguments/parameters
sp_func_proto_paren = remove
sp_func_def_paren = remove
sp_func_call_paren = remove

# No space between '__attribute__' and '('
sp_attribute_paren = remove

# No space between 'defined' and '(' in preprocessor conditions
sp_defined_paren = remove

# At least 1 space between a macro's name and its definition
sp_macro = add
sp_macro_func = add

# Force exactly 1 space between a '}' and the name of a typedef if on the same line
sp_brace_typedef = force

# At least 1 space before a '\' line continuation
sp_before_nl_cont = add

# At least 1 space around '?' and ':' in ternary statements
sp_cond_colon = add
sp_cond_question = add

# Space between #else/#endif and comment afterwards
sp_endif_cmt = add

# Remove newlines at the start of a file
nl_start_of_file = remove

# At least 1 newline at the end of a file
nl_end_of_file = add
nl_end_of_file_min = 1

# Add braces in single-line statements
mod_full_brace_do = add
mod_full_brace_for = add
mod_full_brace_if = add
mod_full_brace_while = add

# Remove parentheses from return statements
mod_paren_on_return = remove

# Disable removal of leading spaces in a multi-line comment if the first and
# last lines are the same length
cmt_multi_check_last = false
42 changes: 26 additions & 16 deletions lib/libmbedtls/mbedtls/CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,21 @@
Contributing
============
We gratefully accept bug reports and contributions from the community. There are some requirements we need to fulfill in order to be able to integrate contributions:
We gratefully accept bug reports and contributions from the community. All PRs are reviewed by the project team / community, and may need some modifications to
be accepted.

- As with any open source project, contributions will be reviewed by the project team and community and may need some modifications to be accepted.
- The contribution should not break API or ABI, unless there is a real justification for that. If there is an API change, the contribution, if accepted, will be merged only when there will be a major release.
Quick Checklist for PR contributors
-----------------------------------
More details on all of these points may be found in the sections below.

- [Sign-off](#license-and-copyright): all commits must be signed off.
- [Tests](#tests): please ensure the PR includes adequate tests.
- [Changelog](#documentation): if needed, please provide a changelog entry.
- [Backports](#long-term-support-branches): provide a backport if needed (it's fine to wait until the main PR is accepted).

Coding Standards
----------------
- We would ask that contributions conform to [our coding standards](https://tls.mbed.org/kb/development/mbedtls-coding-standards), and that contributions are fully tested before submission, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections.
- The code should be written in a clean and readable style.
- Contributions should include tests, as mentioned in the [Tests](#tests) and [Continuous Integration](#continuous-integration-tests) sections. Please check that your contribution passes basic tests before submission, and check the CI results after making a pull request.
- The code should be written in a clean and readable style, and must follow [our coding standards](https://mbed-tls.readthedocs.io/en/latest/kb/development/mbedtls-coding-standards/).
- The code should be written in a portable generic way, that will benefit the whole community, and not only your own needs.
- The code should be secure, and will be reviewed from a security point of view as well.

Expand All @@ -19,21 +26,15 @@ Making a Contribution
1. Write a test which shows that the bug was fixed or that the feature works as expected.
1. Send a pull request (PR) and work with us until it gets merged and published. Contributions may need some modifications, so a few rounds of review and fixing may be necessary. We will include your name in the ChangeLog :)
1. For quick merging, the contribution should be short, and concentrated on a single feature or topic. The larger the contribution is, the longer it would take to review it and merge it.
1. All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible.
1. Ensure that each commit has at least one `Signed-off-by:` line from the committer. If anyone else contributes to the commit, they should also add their own `Signed-off-by:` line. By adding this line, contributor(s) certify that the contribution is made under the terms of the [Developer Certificate of Origin](dco.txt). The contribution licensing is described in the [License section of the README](README.md#License).

Backwards Compatibility
-----------------------

The project aims to minimise the impact on users upgrading to newer versions of the library and it should not be necessary for a user to make any changes to their own code to work with a newer version of the library. Unless the user has made an active decision to use newer features, a newer generation of the library or a change has been necessary due to a security issue or other significant software defect, no modifications to their own code should be necessary. To achieve this, API compatibility is maintained between different versions of Mbed TLS on the main development branch and in LTS (Long Term Support) branches, as described in [BRANCHES.md](BRANCHES.md).

To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change.

Where changes to an existing interface are necessary, functions in the public interface which need to be changed, are marked as 'deprecated'. This is done with the preprocessor symbols `MBEDTLS_DEPRECATED_WARNING` and `MBEDTLS_DEPRECATED_REMOVED`. Then, a new function with a new name but similar if not identical behaviour to the original function containing the necessary changes should be created alongside the existing deprecated function.
To minimise such disruption to users, where a change to the interface is required, all changes to the ABI or API, even on the main development branch where new features are added, need to be justifiable by either being a significant enhancement, new feature or bug fix which is best resolved by an interface change. If there is an API change, the contribution, if accepted, will be merged only when there is a major release.

When a build is made with the deprecation preprocessor symbols defined, a compiler warning will be generated to warn a user that the function will be removed at some point in the future, notifying users that they should change from the older deprecated function to the newer function at their own convenience.

Therefore, no changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. As described above, if a function needs to be changed, a new function needs to be created alongside it, with a new name, and whatever change is necessary, such as a new parameter or the addition of a return value.
No changes are permitted to the definition of functions in the public interface which will change the API. Instead the interface can only be changed by its extension. Where changes to an existing interface are necessary, functions in the public interface which need to be changed are marked as 'deprecated'. If there is a strong reason to replace an existing function with one that has a slightly different interface (different prototype, or different documented behavior), create a new function with a new name with the desired interface. Keep the old function, but mark it as deprecated.

Periodically, the library will remove deprecated functions from the library which will be a breaking change in the API, but such changes will be made only in a planned, structured way that gives sufficient notice to users of the library.

Expand All @@ -56,9 +57,9 @@ Tests
-----
As mentioned, tests that show the correctness of the feature or bug fix should be added to the pull request, if no such tests exist.

Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_mpi.c`). These files are generated from a `function file` (e.g. `suites/test_suite_mpi.function`) and a `data file` (e.g. `suites/test_suite_mpi.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.
Mbed TLS includes a comprehensive set of test suites in the `tests/` directory that are dynamically generated to produce the actual test source files (e.g. `test_suite_rsa.c`). These files are generated from a `function file` (e.g. `suites/test_suite_rsa.function`) and a `data file` (e.g. `suites/test_suite_rsa.data`). The function file contains the test functions. The data file contains the test cases, specified as parameters that will be passed to the test function.

[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://tls.mbed.org/kb/development/test_suites).
[A Knowledge Base article describing how to add additional tests is available on the Mbed TLS website](https://mbed-tls.readthedocs.io/en/latest/kb/development/test_suites/).

A test script `tests/scripts/basic-build-test.sh` is available to show test coverage of the library. New code contributions should provide a similar level of code coverage to that which already exists for the library.

Expand All @@ -77,5 +78,14 @@ Mbed TLS is well documented, but if you think documentation is needed, speak out
1. All interfaces should be documented through Doxygen. New APIs should introduce Doxygen documentation.
1. Complex parts in the code should include comments.
1. If needed, a Readme file is advised.
1. If a [Knowledge Base (KB)](https://tls.mbed.org/kb) article should be added, write this as a comment in the PR description.
1. If a [Knowledge Base (KB)](https://mbed-tls.readthedocs.io/en/latest/kb/) article should be added, write this as a comment in the PR description.
1. A [ChangeLog](https://github.com/Mbed-TLS/mbedtls/blob/development/ChangeLog.d/00README.md) entry should be added for this contribution.

License and Copyright
---------------------

All new files should include the [Apache-2.0](https://spdx.org/licenses/Apache-2.0.html) standard license header where possible. For licensing details, please see the [License section of the README](README.md#License).

The copyright on contributions is retained by the original authors of the code. Where possible for new files, this should be noted in a comment at the top of the file in the form: "Copyright The Mbed TLS Contributors".

When contributing code to us, the committer and all authors are required to make the submission under the terms of the [Developer Certificate of Origin](dco.txt), confirming that the code submitted can (legally) become part of the project, and be subject to the same Apache 2.0 license. This is done by including the standard Git `Signed-off-by:` line in every commit message. If more than one person contributed to the commit, they should also add their own `Signed-off-by:` line.

0 comments on commit dfafe50

Please sign in to comment.