Manuel Pégourié-Gonnard
Manuel Pégourié-Gonnard
### Suggested enhancement The `all.sh` component `test_cmake_out_of_source` checks the stderr output of `ssl-opt.sh` in order to detect errors. However, some of them at quite innocent and not indicative of an...
`mbedtls_x509_string_to_names()` incorrectly handles inputs like `DC=example,DC=net`, where multiple RDNs have the same type (here, DC). The result of parsing this string is the same as if the string `DC=net` was...
The function `mbedtls_pk_get_name()` is not public so we should stop using it in Mbed TLS. We also want to remove it from TF-PSA-Crypto. **Step 1: stop using in mbedtls.** Mostly...
The function `mbedtls_pk_get_type()` is not public and we should stop using it. The old concept of `pk_type_t` was ambiguous, so there will be different replacements depending of what it was...
Currently `x509_internal.h` includes `pk_internal.h` which is an internal crypto header. This makes a whole lot of internal crypto symbols visible basically everywhere in X.509 and TLS (because `ssl_misc.h` also includes...
Remove all uses of `mbedtls_pk_debug()` in `ssl_debug.c` and simplify the way public keys are printed in debug logs. Currently after calling `pk_debug()` we do some parsing of the output in...
The function `mbedtls_pk_can_do()` is not public, it's deprecated and we want to remove it, so we need to stop using it in Mbed TLS. When `can_do()` is really used as...