mbedtls

mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-07-25 18:03:15 +08:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	70a1b6d828	Fix typos Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	a31ddb98dc	Fix and simplify TLS hash dependency declarations Fixes #6441 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	bb21c5afa7	Use helper macros for hashes in check_config.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	5cd4b6403b	Use MD-light in entropy.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Valerio Setti	4059aba353	accelerated ecdh: re-enable TLS 1.3 key exchanges and fix guards in check_config Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	d3f0b9e78c	ecdhe: fix guards for accelerated ECDHE key exchanges Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:36:59 +01:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Manuel Pégourié-Gonnard	49e67f814f	PKCS5: always use MD As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	fb8d90a2db	RSA: always use MD light Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	be97afe5d4	PKCS12: always use MD light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	41bc8b6b1e	ECJPAKE: always use MD light This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	534d64d67e	MD no longer depends on a built-in hash Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Valerio Setti	5d1f29e700	ssl_tls: fix guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-20 14:02:07 +01:00
Manuel Pégourié-Gonnard	4ebe2a7372	Merge pull request #7300 from valeriosetti/issue7281 Driver only EC JPAKE: re-enable the EC J-PAKE key exchange and get test parity	2023-03-20 09:54:47 +01:00
Dave Rodgman	0e2b06a1ce	Merge pull request #7083 from KloolK/record-size-limit/parsing Add parsing for Record Size Limit extension in TLS 1.3	2023-03-17 10:18:34 +00:00
Gilles Peskine	dd6021caf1	Remove the dependency of MBEDTLS_AESNI_C on MBEDTLS_HAVE_ASM AESNI can now be implemented with intrinsics. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 16:51:40 +01:00
Valerio Setti	82b484ecbc	ecjpake: fix guards for driver only builds Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-16 08:21:44 +01:00
Dave Rodgman	b599562033	Merge pull request #7240 from tom-cosgrove-arm/fix-issue-7234 Don't insist on MBEDTLS_HAVE_ASM for MBEDTLS_AESCE_C on non-Arm64 systems	2023-03-15 09:04:44 +00:00
Jan Bruckner	151f64283f	Add parsing for Record Size Limit extension in TLS 1.3 Fixes #7007 Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2023-03-14 08:41:25 +01:00
Manuel Pégourié-Gonnard	439dbc5c60	Fix dependency for TLS 1.3 as well Turns out TLS 1.3 is using the PK layer for signature generation & verification, and the PK layer is influenced by USE_PSA_CRYPTO. Also update docs/use-psa-crypto.md accordingly. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:15 +01:00
Manuel Pégourié-Gonnard	45bcb6aac8	Fix dependencies of 1.2 ECDSA key exchanges Having ECDSA in PSA doesn't help if we're not using PSA from TLS 1.2... Also, move the definition of PSA_HAVE_FULL_ECDSA outside the MBEDTLS_PSA_CRYPTO_CONFIG guards so that it is available in all cases. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:15 +01:00
Tom Cosgrove	94e841290d	Don't check prerequisites for MBEDTLS_AESCE_C if we won't use it Fixes #7234 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-09 17:17:42 +00:00
Valerio Setti	1470ce3eba	fix typos Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:50:12 +01:00
Valerio Setti	30c4618970	Add new PSA_HAS_FULL_ECDSA macro for easily signal that PSA has full ECDSA support Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-08 16:47:28 +01:00
Dave Rodgman	05b80a4eee	Merge pull request #6201 from gilles-peskine-arm/tls13_only-renegotiation Disable MBEDTLS_SSL_RENEGOTIATION in TLS-1.3-only builds	2023-03-03 09:56:51 +00:00
Gilles Peskine	6def41b146	Merge pull request #6932 from yuhaoth/pr/fix-arm64-host-build-and-illegal_instrucion-fail Replace CPU modifier check with file scope target cpu modifiers	2023-03-02 15:36:41 +01:00
Gilles Peskine	7d3186d18a	Disable MBEDTLS_SSL_RENEGOTIATION in tls13-only configuration There's no renegotiation in TLS 1.3, so this option should have no effect. Insist on having it disabled, to avoid the risk of accidentally having different behavior in TLS 1.3 if the option is enabled (as happened in https://github.com/Mbed-TLS/mbedtls/issues/6200). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-01 19:47:23 +01:00
Jerry Yu	1ae2b2f034	Improve code style Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-21 15:37:12 +08:00
Jerry Yu	35f2b26fd8	move cpu modifier flags check to source file Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-15 11:58:48 +08:00
Jerry Yu	b3b85ddf4a	Disable macro conflict check It cause full configuration test fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:54 +08:00
Jerry Yu	2fddfd7f8f	Add AESCE confige options Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-02-07 17:11:51 +08:00
Jerry Yu	38257491aa	Add milliseconds time function We provide windows and posix implementation for it. With MBEDTLS_PLATFORM_MS_TIME_ALT, user can provide their own implementation. Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-01-12 18:01:14 +08:00
Jerry Yu	eba0ab5db2	Add million seconds time type. From RFC8446, the unit of ticket age is million seconds Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-01-12 18:01:14 +08:00
Manuel Pégourié-Gonnard	3368724ade	Merge pull request #6870 from valeriosetti/issue6831 Document/test dependencies on ECP & Bignum	2023-01-10 09:25:41 +01:00
Valerio Setti	8e45cdd440	fix wrong dependency for X509_TRUSTED_CERTIFICATE_CALLBACK Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-05 09:33:38 +01:00
Valerio Setti	a4bb0fabea	check_config: add missing dependencies for the build without BIGNUM Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2023-01-03 16:20:43 +01:00
Manuel Pégourié-Gonnard	7a389ddc84	Merge pull request #6784 from valeriosetti/issue6702 Make SHA224_C/SHA384_C independent from SHA256_C/SHA512_C	2023-01-03 09:36:58 +01:00
Gilles Peskine	d1dd41f3fc	Merge pull request #6723 from mpg/restartable-vs-use-psa Document ECP_RESTARTABLE and make it compatible with USE_PSA	2022-12-15 19:47:44 +01:00
Valerio Setti	a3f99591f6	sha: make SHA-224 independent from SHA-256 Using proper configuration options (i.e. MBEDTLS_SHA224_C and MBEDTLS_SHA256_C) it is now possible to build SHA224 and SHA256 independently from each other. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-14 10:56:54 +01:00
Valerio Setti	43363f5962	sha: make SHA-384 independent from SHA-512 Using proper configuration options (i.e. MBEDTLS_SHA384_C and MBEDTLS_SHA512_C) it is now possible to build SHA384 and SHA512 independently from each other. Signed-off-by: Valerio Setti <vsetti@baylibre.com>	2022-12-14 08:53:23 +01:00
Manuel Pégourié-Gonnard	2b70a3f831	Merge pull request #6558 from lpy4105/6416-psa_macros_name_typo check_names: extend typo check to PSA macro/enum names	2022-12-13 09:56:27 +01:00
Manuel Pégourié-Gonnard	ad45c4d386	Document that ECP_RESTARTABLE depends on ECP_C This is not new, it had always been the case, just not documented. Pointed out by depends.py pkalgs (again, now that restartable is part of full). Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-12-09 10:09:33 +01:00
Manuel Pégourié-Gonnard	1a100b69a4	Merge pull request #6705 from davidhorstmann-arm/code-style-script-non-corrected Add code style correction script	2022-12-09 09:41:14 +01:00
Ronald Cron	fbba0e9d75	Merge pull request #6537 from yuhaoth/pr/tls13-refactor-early-data-configuration-interface TLS 1.3: Refactor early data configuration interface.	2022-12-07 09:42:12 +01:00
David Horstmann	1b84781184	Disable code style correction in check_config.h Code style correction currently messes up check_names.py Signed-off-by: David Horstmann <david.horstmann@arm.com>	2022-12-06 16:09:17 +00:00
Manuel Pégourié-Gonnard	ad27b8074f	Declare ECP_RESTARTABLE and USE_PSA compatible This is only the beginning: - some test failures in test_suite_pk, test_suite_x509 and ssl-opt.sh will be fixed in the next few commits; - then the interactions between those options will be documented and tested. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-12-06 11:05:28 +01:00
Jerry Yu	12c46bd14f	fix various issues - disable reuse of max_early_data_size. - make conf_early_data available for server. - various comment issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-06 11:02:51 +08:00
Tom Cosgrove	1797b05602	Fix typos prior to release Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-12-04 17:19:59 +00:00
Jerry Yu	16f6853b05	Add max_early_data_size config option Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-12-01 23:11:48 +08:00

1 2 3 4 5 ...

385 Commits