Skip to content

Update to Mbed TLS 2.20.0d0 and Mbed Crypto 2.1.0d0 #11687

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 31, 2019
Merged

Update to Mbed TLS 2.20.0d0 and Mbed Crypto 2.1.0d0 #11687

merged 2 commits into from
Oct 31, 2019

Conversation

Patater
Copy link
Contributor

@Patater Patater commented Oct 15, 2019

Description

Update Mbed TLS to 2.20.0d0 and Mbed Crypto to 2.1.0d0.

Pull request type

[ ] Fix
[ ] Refactor
[ ] Target update
[ ] Functionality change
[ ] Docs update
[ ] Test update
[x] Breaking change

Reviewers

@AndrzejKurek

Release Notes

What is breaking?
The PSA Crypto secure element (SE) driver API - an additional parameter (a persistent data pointer) is now also passed to the slot validation for the driver to use.

Why is this breaking?
Mbed OS tracks the unstable PSA Crypto API. This particular break is to enable drivers to modify persistent data during slot validation.

Migration
Users implementing SE drivers should add an additional void *persistent_data parameter to the slot validation callback, regardless of whether the persistent_data will be used or not.

Old New
psa_drv_se_validate_slot_number_t did not have a modifiable persistent_data parameter psa_drv_se_validate_slot_number_t now has a modifiable persistent_data parameter

New declaration of psa_drv_se_validate_slot_number_t:

typedef psa_status_t (*psa_drv_se_validate_slot_number_t)(
   psa_drv_se_context_t *drv_context,
   void *persistent_data,
   const psa_key_attributes_t *attributes,
   psa_key_creation_method_t method,
   psa_key_slot_number_t key_slot);

Old declaration of psa_drv_se_validate_slot_number_t:

typedef psa_status_t (*psa_drv_se_validate_slot_number_t)(
   psa_drv_se_context_t *drv_context,
   const psa_key_attributes_t *attributes,
   psa_key_creation_method_t method,
   psa_key_slot_number_t key_slot);

@Patater Patater changed the title Update to mbedtls 2.20.0d0 Update to Mbed TLS 2.20.0d0 and Mbed Crypto 2.1.0d0 Oct 15, 2019
@ciarmcom ciarmcom requested review from AndrzejKurek and a team October 15, 2019 15:00
@ciarmcom
Copy link
Member

@Patater, thank you for your changes.
@AndrzejKurek @ARMmbed/mbed-os-tls @ARMmbed/mbed-os-crypto @ARMmbed/mbed-os-maintainers please review.

AndrzejKurek
AndrzejKurek reviewed Oct 16, 2019
View reviewed changes
features/mbedtls/inc/mbedtls/version.h
#define MBEDTLS_VERSION_STRING "2.19.0"
#define MBEDTLS_VERSION_STRING_FULL "mbed TLS 2.19.0"
#define MBEDTLS_VERSION_NUMBER 0x02130100
#define MBEDTLS_VERSION_STRING "2.19.1"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This version doesn't match the one used in other files.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Which other files?

Copy link
Contributor Author

@Patater Patater Oct 16, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you mean the Makefiles, then yes, it doesn't match. We update version.h for official releases and not for developer releases, so in developer releases like 2.20.0d0, we see the most recently released version in version.h.

@0xc0170 0xc0170 added the release-version: 6.0.0-alpha-1 First pre-release version of 6.0.0 label Oct 17, 2019
@0xc0170
Copy link
Contributor

0xc0170 commented Oct 25, 2019

@Patater I'll review this today, is this ready for integration?

@0xc0170
Copy link
Contributor

0xc0170 commented Oct 25, 2019

Started CI

@mbed-ci
Copy link

mbed-ci commented Oct 25, 2019

Test run: SUCCESS

Summary: 11 of 11 test jobs passed
Build number : 1
Build artifacts

@Patater
Copy link
Contributor Author

Patater commented Oct 28, 2019

@Patater I'll review this today, is this ready for integration?

Thanks. Yes, it is ready.

@0xc0170 0xc0170 requested a review from bulislaw October 28, 2019 11:05
bulislaw
bulislaw approved these changes Oct 31, 2019
View reviewed changes
Copy link
Member

@bulislaw bulislaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does it affect the PDMC? If so that should be aligned with @JanneKiiskila and @yogpan01

@0xc0170 0xc0170 merged commit c93c181 into ARMmbed:master Oct 31, 2019
@0xc0170 0xc0170 added release-version: 5.15.0-rc1 and removed release-version: 6.0.0-alpha-1 First pre-release version of 6.0.0 labels Nov 19, 2019
@0xc0170
Copy link
Contributor

0xc0170 commented Nov 19, 2019

Set to 5.15

@bulislaw bulislaw mentioned this pull request Dec 27, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bulislaw bulislaw bulislaw approved these changes

@0xc0170 0xc0170 0xc0170 approved these changes

@AndrzejKurek AndrzejKurek AndrzejKurek approved these changes

Assignees
No one assigned
Labels
BREAKING-CHANGE release-version: 5.15.0-rc1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Patater @ciarmcom @0xc0170 @mbed-ci @bulislaw @AndrzejKurek