-
Notifications
You must be signed in to change notification settings - Fork 83
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'main' into update_spin
- Loading branch information
Showing
10 changed files
with
99 additions
and
48 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,7 +8,8 @@ on: | |
- trying | ||
pull_request: | ||
branches: | ||
- master | ||
- mbedtls-3 | ||
- main | ||
- 'v0.*' | ||
merge_group: | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
.cargo | ||
target/ | ||
venv/ |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,55 @@ | ||
> [!WARNING] | ||
> The state of this repertory is changed to maintenance. We will not accept any more feature requests. Please check [Change of status](#change-of-status) for details | ||
|
||
# mbedtls | ||
|
||
[![Build Status](https://travis-ci.com/fortanix/rust-mbedtls.svg?branch=master)](https://travis-ci.com/fortanix/rust-mbedtls) | ||
|
||
|
||
This is an idiomatic Rust wrapper for MbedTLS, allowing you to use MbedTLS with | ||
only safe code while being able to use such great Rust features like error | ||
handling and closures. | ||
|
||
Additionally, building on MbedTLS's focus on embedded use, this crate can be | ||
used in a no_std environment. | ||
|
||
## Change of status | ||
|
||
We discovered that `mbedtls 3.4.X` is not thread safe and will not work properly with multiple threads. This problem will not be fixed in short time. And the new PSA approach does not match our needs. | ||
|
||
So we now decided to stay on mbedtls `2.28.X`; and the state of this repertory is changed to maintenance. We will not accept any more feature requests. | ||
|
||
Old code of `mbedtls 3.X` on `master` branch has been moved to branch `mbedtls-3`. | ||
|
||
Related issue: [#320](https://github.com/fortanix/rust-mbedtls/issues/320) | ||
|
||
Reference links: | ||
|
||
- Design changes: | ||
- https://lists.trustedfirmware.org/archives/list/[email protected]/message/RJ7YPNBNWUNW2ICQJ72H2JMKPDKGQOLT/ | ||
- Bugs | ||
- https://github.com/fortanix/rust-mbedtls/issues/301 | ||
- https://github.com/fortanix/rust-mbedtls/issues/293 | ||
- https://github.com/Mbed-TLS/mbedtls/issues/3263 | ||
|
||
## Building | ||
|
||
This crate depends on the mbedtls-sys-auto crate, see below for build details. | ||
|
||
### Features | ||
|
||
This is a list of the Cargo features available for mbedtls. Features in | ||
|
||
* *x509* Enable PKI functionality. The main code enabled by this feature is in | ||
the `x509` module. | ||
|
||
* *ssl* Enable ssl/tls functionality. The main code enabled by this feature is | ||
in the `ssl` module. | ||
|
||
Note: The above features were introduced so that this crate could be used as a | ||
crypto (or PKI) only library. | ||
|
||
**bold** are enabled by default. | ||
|
||
* **aesni** Enable support for the AES-NI instructions. On SGX, this feature is | ||
|
@@ -29,12 +63,12 @@ This is a list of the Cargo features available for mbedtls. Features in | |
unsupported processors. On SGX, this feature is | ||
enabled automatically. | ||
* *mpi_force_c_code* Enables the `mpi_force_c_code` feature in mbedtls-sys | ||
* *legacy_protocols* Enable support for SSLv3, TLSv1.0 and TLSv1.1 | ||
* *legacy_protocols* Enable support for SSLv3, TLSv1.0 and TLSv1.1. Implies *ssl*. | ||
* *no_std_deps* On no_std, you must enable this feature. It enables optional | ||
dependencies needed on no_std. If the `std` feature is enabled, | ||
this feature is ignored. | ||
* **padlock** Enable support for VIA padlock. | ||
* *pkcs12* Enable code to parse PKCS12 files using yasna | ||
* *pkcs12* Enable code to parse PKCS12 files using yasna. Implies *x509*. | ||
* *pkcs12_rc2* Enable use of RC2 crate to decrypt RC2-encrypted PKCS12 files | ||
* *rdrand* Enable the RDRAND random number generator. On SGX, this feature is | ||
enabled automatically. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,8 @@ | ||
[package] | ||
name = "mbedtls" | ||
version = "0.9.3" | ||
# We jumped from v0.9 to v0.12 because v0.10 and v0.11 were based on mbedtls 3.X, which | ||
# we decided not to support. | ||
version = "0.12.0" | ||
authors = ["Jethro Beekman <[email protected]>"] | ||
build = "build.rs" | ||
edition = "2018" | ||
|
@@ -60,6 +62,10 @@ cc = "1.0" | |
|
||
[features] | ||
# Features are documented in the README | ||
|
||
x509 = [] | ||
ssl = ["x509"] | ||
|
||
default = ["std", "aesni", "time", "padlock"] | ||
std = ["byteorder/std", "mbedtls-sys-auto/std", "serde/std", "yasna", "mbedtls-platform-support/std"] | ||
debug = ["mbedtls-sys-auto/debug"] | ||
|
@@ -72,46 +78,45 @@ zlib = ["mbedtls-sys-auto/zlib"] | |
time = ["mbedtls-platform-support/time"] | ||
padlock = ["mbedtls-sys-auto/padlock"] | ||
dsa = ["std", "yasna", "num-bigint", "bit-vec"] | ||
pkcs12 = ["std", "yasna"] | ||
pkcs12 = ["std", "yasna", "x509"] | ||
pkcs12_rc2 = ["pkcs12", "rc2", "cbc"] | ||
legacy_protocols = ["mbedtls-sys-auto/legacy_protocols"] | ||
legacy_protocols = ["mbedtls-sys-auto/legacy_protocols", "ssl"] | ||
async = ["std", "tokio","tokio/net","tokio/io-util", "tokio/macros"] | ||
async-rt = ["async", "tokio/rt", "tokio/sync", "tokio/rt-multi-thread"] | ||
|
||
[[example]] | ||
name = "client" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[example]] | ||
name = "client_dtls" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[example]] | ||
name = "client_psk" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[example]] | ||
name = "server" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[test]] | ||
name = "client_server" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[test]] | ||
name = "ssl_conf_ca_cb" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[test]] | ||
name = "ssl_conf_verify" | ||
required-features = ["std"] | ||
required-features = ["std", "ssl"] | ||
|
||
[[test]] | ||
name = "hyper" | ||
required-features = ["std"] | ||
|
||
required-features = ["std", "ssl"] | ||
|
||
[[test]] | ||
name = "async_session" | ||
path = "tests/async_session.rs" | ||
required-features = ["async-rt"] | ||
required-features = ["async-rt", "ssl"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters