Commit Graph

  • da71ce9e67 feat(mbedtls): skip memset ssl buffers with dynamic buffer enabled. mbedtls-3.6.5-idf Ashish Sharma 2025-07-28 14:07:05 +08:00
  • 635267f5e3 change: update the SBOM manifest file with keywords and excluded CVEs. Frantisek Hrbata 2025-07-19 18:26:07 +02:00
  • 0d17c62d65 fix(mbedtls): update minimum cmake required to 3.10.2 Ashish Sharma 2025-05-22 13:39:40 +08:00
  • 7aad7890bf feat(component/mbedtls): Add support for RSASSA-PSS with RSA alt Ashish Sharma 2025-03-10 14:18:40 +08:00
  • e21b155113 Flatten the submodule 'framework' nilesh.kale 2024-04-16 15:03:20 +05:30
  • 9590a452e6 gcm: Support software fallback for non-AES ciphers in a gcm operation. harshal.patil 2023-12-19 13:28:05 +05:30
  • 8a128f6b88 initial version of the sbom.yml file Frantisek Hrbata 2023-06-19 16:21:49 +02:00
  • 190b0465ae cmake: Removed CMake flags for controlling C standard - CMAKE_C_EXTENSIONS: Enable/disable compiler-specific extensions - CMAKE_C_STANDARD: Set C standard (C99, C11) - These variables (as set in mbedtls) set the C standard to C99 for ESP-IDF as well, resulting in build errors related to asm volatile Laukik Hase 2022-07-15 17:42:05 +05:30
  • c5d9a00a40 ecp: Add support for hardware implementation of ECP routines - ESP32C2 has a hardware ECC accelerator that supports NIST P-192 and NIST P-256 curves, which can increase the performance of the point multiplication and point verification operation. - Provision is also added to fallback to software implementation in case the curve is not from the supported curves Sachin Parekh 2022-01-05 15:23:44 +05:30
  • 2e459cbebd bignum: add provision for combined software and hardware MPI approach Mahavir Jain 2021-11-18 15:39:30 +05:30
  • 05ece8bdd2 mbedtls: Re-apply MBEDTLS_BIGNUM_ALT & related macros for custom bignum functions Angus Gratton 2017-09-06 15:06:57 +10:00
  • e185d7fd85 Merge pull request #1428 from Mbed-TLS/mbedtls-3.6.5rc0-pr mbedtls-3.6.5 minosgalanakis 2025-10-13 08:39:14 +01:00
  • b1db32061c Update BRANCHES.md Minos Galanakis 2025-10-02 16:02:49 +01:00
  • 335197e60c Added generated files Minos Galanakis 2025-10-06 15:26:18 +01:00
  • 2e1245171c Updated framework pointer Minos Galanakis 2025-10-06 13:56:58 +01:00
  • ad63800090 Version bump for mbedtls-3.5.6 Minos Galanakis 2025-10-02 15:48:12 +01:00
  • 369ea7a041 Assemble ChangeLog Minos Galanakis 2025-10-02 15:43:02 +01:00
  • 0c4a951b37 Be more precise about the user/peer ID limitation Gilles Peskine 2025-10-09 12:49:01 +02:00
  • 7e81fe32d0 Add storage format test case for JPAKE Gilles Peskine 2025-10-08 17:19:02 +02:00
  • 90eac7fc7a Document JPAKE limitations Gilles Peskine 2025-10-08 17:36:22 +02:00
  • bafcf5bddf Merge remote-tracking branch 'restricted/mbedtls-3.6-restricted' into mbedtls-3.6.5rc0-pr Minos Galanakis 2025-10-02 15:37:04 +01:00
  • 299ce78166 Merge pull request #10417 from bensze01/abicheck-worktree-submodules-3.6 Bence Szépkúti 2025-09-30 09:41:11 +00:00
  • f2021e28c6 Merge pull request #10421 from gilles-peskine-arm/psa-transition-guide-20250630-3.6 Manuel Pégourié-Gonnard 2025-09-30 09:21:13 +00:00
  • 3c5efcb61b Merge pull request #10427 from bjwtaylor/time_t-backport David Horstmann 2025-09-29 19:35:11 +00:00
  • 6e73b2f2fd Backport time_t type conversions Ben Taylor 2025-09-29 15:35:28 +01:00
  • 8701fddbc5 Remove sentence about 1.0 that should not have been backported Gilles Peskine 2025-09-29 15:18:37 +02:00
  • 616f9fde62 Fix comment too long for pylint Bence Szépkúti 2025-09-29 14:24:25 +02:00
  • 02b7707b10 Merge pull request #10419 from mpg/fix-udp-proxy-3.6 Manuel Pégourié-Gonnard 2025-09-29 10:48:02 +00:00
  • e45e5046ba Prevent unnecessary submodule fetches Bence Szépkúti 2025-09-26 20:10:04 +02:00
  • d040427111 Eliminate use of git worktree prune Bence Szépkúti 2025-09-26 15:44:11 +02:00
  • 99fa0abc75 Use f-string literal Bence Szépkúti 2025-09-26 15:37:42 +02:00
  • 1e9efcc1ab Update some references to the future Gilles Peskine 2025-09-26 15:15:13 +02:00
  • 106700481d Improve explanations of configuration translation Gilles Peskine 2025-09-26 13:15:58 +02:00
  • f6a7be0673 Copyediting Gilles Peskine 2025-09-26 12:29:42 +02:00
  • 4f9d6e9451 update 1.0.0/4.0.0 release bullet point Gilles Peskine 2025-09-25 19:20:01 +02:00
  • b9eeace74a Update asymmetric cryptography Gilles Peskine 2025-09-26 15:02:22 +02:00
  • 223fd448ea Miscellaneous improvements Gilles Peskine 2025-09-26 14:57:33 +02:00
  • e7a9546dfa Fix section names Gilles Peskine 2025-06-30 21:11:25 +02:00
  • f7f3ec460a A few updates for 3.6 Gilles Peskine 2025-06-30 20:56:22 +02:00
  • be407038bf Fix includes in udp_proxy.c Manuel Pégourié-Gonnard 2025-09-26 12:11:03 +02:00
  • cdd166274e Use worktrees instead of fetches for submodules Bence Szépkúti 2025-09-25 15:51:07 +02:00
  • 5cbbca45dd Merge pull request #8197 from gilles-peskine-arm/readme-20230913 Manuel Pégourié-Gonnard 2025-09-24 08:01:44 +00:00
  • 70135847cd Merge pull request #1425 from gilles-peskine-arm/restricted-3.6-merge-public-20250916 Gilles Peskine 2025-09-17 21:05:31 +02:00
  • aa611e4bef Update framework to the merge of the merge PR Gilles Peskine 2025-09-17 18:22:30 +02:00
  • b6bf893c70 Qualify "reference implementation" wording Gilles Peskine 2023-09-13 13:19:41 +02:00
  • 263b6925a2 The PSA implementation is production-quality Gilles Peskine 2023-09-13 13:14:43 +02:00
  • 334dfa8799 Merge remote-tracking branch '3.6' into restricted-3.6-merge-public-20250916 Gilles Peskine 2025-09-16 16:16:53 +02:00
  • 64d4c3675a Merge pull request #1424 from gilles-peskine-arm/pkcs7-padding-error-timing-leak-cveid-3.6 Gilles Peskine 2025-09-16 16:10:56 +02:00
  • d1244932f1 We have a CVE ID Gilles Peskine 2025-09-16 10:39:29 +02:00
  • c2b94d45d4 Merge pull request #10401 from gilles-peskine-arm/psa_can_do-declare-publicly-3.6 Gilles Peskine 2025-09-15 12:02:50 +00:00
  • 753036edb3 Merge pull request #10336 from gilles-peskine-arm/generated-files-lib-build-3.6 Janos Follath 2025-09-12 13:27:26 +00:00
  • 9a5444a3b8 Fix copypasta Gilles Peskine 2025-09-12 11:24:12 +02:00
  • 6e1b66320a Improve documentation Gilles Peskine 2025-09-11 18:34:29 +02:00
  • 447134b704 Announce psa_can_do_cipher() Gilles Peskine 2025-09-11 17:05:40 +02:00
  • 3aee15b8e5 Declare psa_can_do_cipher() in a public header Gilles Peskine 2025-09-11 17:04:44 +02:00
  • 3e59e0ae08 Merge pull request #1411 from mpg/bypass-wrappers Manuel Pégourié-Gonnard 2025-09-11 12:25:23 +02:00
  • c6b28b31ef Be explicit about modinv output range Manuel Pégourié-Gonnard 2025-09-11 09:58:45 +02:00
  • f46aee2603 Merge pull request #1406 from gilles-peskine-arm/pkcs7-padding-error-timing-leak-3.6 Janos Follath 2025-09-08 16:33:22 +01:00
  • fb7eba06b0 Merge pull request #10387 from davidhorstmann-arm/upgrade-python-packages-3.6 David Horstmann 2025-09-08 15:31:46 +00:00
  • cc908ad04c Remove redundant memset on freshly initialized buffer Gilles Peskine 2025-08-25 17:01:34 +02:00
  • 2d666646ba Changelog entry for PSA CBC-PKCS7 padding oracle fix Gilles Peskine 2025-08-07 23:07:31 +02:00
  • 04dfd70432 psa_cipher_decrypt: treat status and output length as sensitive Gilles Peskine 2025-08-07 22:27:26 +02:00
  • 3b380daedb psa_cipher_finish: treat status and output length as sensitive Gilles Peskine 2025-08-07 21:59:07 +02:00
  • e74b42832e Return PSA_ERROR_INVALID_PADDING in constant time Gilles Peskine 2025-07-27 21:29:40 +02:00
  • d179dc80a5 Use mbedtls_psa_cipher_finish() in PSA Gilles Peskine 2025-07-27 18:57:04 +02:00
  • d3e182e7da Add BUFFER_TOO_SMALL testing Gilles Peskine 2025-08-07 21:25:23 +02:00
  • b6b1a8299b Factor API calls into auxiliary functions Gilles Peskine 2025-08-07 20:28:34 +02:00
  • bba5d7c439 Add constant-time AES-CBC encrypt and decrypt tests through PSA Gilles Peskine 2025-07-27 18:10:01 +02:00
  • 9d7d0e63ae Merge pull request #1407 from gilles-peskine-arm/mbedtls_cipher_finish_padded-3.6 Gilles Peskine 2025-09-08 12:18:50 +02:00
  • 943c291f59 Merge pull request #10390 from gilles-peskine-arm/threading-3.6-alt-doc Gilles Peskine 2025-09-08 09:50:16 +00:00
  • df13694ecd Improve documentation of MBEDTLS_THREADING_ALT Gilles Peskine 2025-09-07 14:45:15 +02:00
  • fe00817fe7 Improve documentation of mutex primitives Gilles Peskine 2025-09-07 14:42:54 +02:00
  • c056b64042 Merge pull request #10378 from gilles-peskine-arm/threading-1.0-condition-3.6 Gilles Peskine 2025-09-05 15:52:01 +00:00
  • 4c40f08148 Update framework: support threading internal interface 4.0.0.0 Gilles Peskine 2025-09-01 00:55:59 +02:00
  • 7f231a634b Upgrade packages in requirements.txt David Horstmann 2025-09-05 09:34:15 +01:00
  • 89f7cdbbac Merge pull request #1418 from mpg/ssbleed-mstep-changelog David Horstmann 2025-09-04 14:51:24 +01:00
  • 07cbb33e76 Add ChangeLog entry for SSBleed and M-Step Manuel Pégourié-Gonnard 2025-09-02 10:41:50 +02:00
  • 56c4dc12b8 Single-threaded test of nominal mutex usage Gilles Peskine 2025-08-31 18:13:23 +02:00
  • e0ef179ea7 Merge pull request #10375 from gilles-peskine-arm/threading_internal.h-3.6 Manuel Pégourié-Gonnard 2025-08-29 11:48:51 +00:00
  • c2e9dac28f Expand on why and how we bypass the quiet wrapper Gilles Peskine 2025-08-29 13:23:33 +02:00
  • 9f7ac0371f Fix code style Gilles Peskine 2025-08-29 10:46:52 +02:00
  • 7e43145bac Typo Gilles Peskine 2025-08-29 09:35:29 +02:00
  • 2324a02602 Create threading_internal.h Gilles Peskine 2025-08-29 08:51:00 +02:00
  • 44765c4b9b Test invalid_padding against all-bits-one Gilles Peskine 2025-08-26 13:11:27 +02:00
  • c18eea6d43 Minor grammar fix in comment Manuel Pégourié-Gonnard 2025-08-26 11:34:45 +02:00
  • b46432930e ecdsa: rm unused variable Manuel Pégourié-Gonnard 2025-08-26 11:33:12 +02:00
  • 6ab0f519b8 dhm: remove unused variable (and improve comment) Manuel Pégourié-Gonnard 2025-08-26 11:31:52 +02:00
  • 94e4e15748 Explain the near-duplication of test function for constant-flow tests Gilles Peskine 2025-08-25 16:53:54 +02:00
  • f845e9d111 Minor documentation improvements Gilles Peskine 2025-08-25 16:48:42 +02:00
  • 54bf8addd7 Merge pull request #10366 from davidhorstmann-arm/clarify-file-generation-cc-3.6 David Horstmann 2025-08-20 09:48:26 +00:00
  • 8281e6a13b Clarify use of CC and friends for file generation David Horstmann 2025-08-19 16:56:25 +01:00
  • 9e1c532847 RSA: use CT gcd-modinv in deduce_private_exponent() Manuel Pégourié-Gonnard 2025-08-13 14:14:19 +02:00
  • a4bf680e92 RSA: refactor: avoid code duplication Manuel Pégourié-Gonnard 2025-07-10 10:48:23 +02:00
  • 630148e67f RSA: use constant-time modinv in deduce_crt() Manuel Pégourié-Gonnard 2025-08-13 13:57:35 +02:00
  • 7dcfd73731 RSA: use constant-time GCD in deduce_primes() Manuel Pégourié-Gonnard 2025-07-10 09:57:29 +02:00
  • 0d73de5ee0 ecdsa: use CT modinv Manuel Pégourié-Gonnard 2025-07-10 22:59:39 +02:00
  • f35d30799c ECP: use CT modinv Manuel Pégourié-Gonnard 2025-07-10 21:54:38 +02:00
  • c2d210ea0d DHM: use CT modinv for blinding Manuel Pégourié-Gonnard 2025-07-10 21:48:41 +02:00
  • a56a05b015 RSA: use CT gcd-modinv in prepare_blinding() Manuel Pégourié-Gonnard 2025-07-10 21:40:15 +02:00
  • 210f8bc4d7 Merge pull request #1408 from mpg/improve-gcd-3.6 Janos Follath 2025-08-13 19:44:57 +01:00