mbedtls

Author	SHA1	Message	Date
Jethro Beekman	0167244be4	Read and write X25519 and X448 private keys Signed-off-by: Jethro Beekman <jethro@fortanix.com> Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com> Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>	2023-05-04 13:01:47 +02:00
Gilles Peskine	d3ca5e5897	Merge pull request #7328 from mprse/ec-jpake-fix1 Fix the JPAKE driver interface for user+peer	2023-05-02 20:42:25 +02:00
Gilles Peskine	53a9ac576d	Merge pull request #7443 from mprse/psa_init_in_programs Init PSA in ssl and x509 programs	2023-04-28 12:49:11 +02:00
JonathanWitthoeft	2a878a85a6	Adjust ChangeLog Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 19:00:46 -05:00
JonathanWitthoeft	9b265180cc	Make mbedtls_ecdsa_can_do definition unconditional Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 16:09:28 -05:00
David Horstmann	b6ff8a2c4b	Add ChangeLog entry for string-to-OID parsing Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-26 12:10:36 +01:00
Przemek Stekiel	6cec5e9d9e	Add changelog entry (PSA initialization in sample programs) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 08:03:30 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Ronald Cron	f54762e498	Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined	2023-04-17 15:41:25 +02:00
harshal.patil	8c77644906	ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined - In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public. - But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`, only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined. Signed-off-by: harshal.patil <harshal.patil@espressif.com>	2023-04-17 12:53:00 +05:30
Eugene K	3208b0b391	add IP SAN tests changes per mbedTLS standards Signed-off-by: Eugene K <eugene.kobyakov@netfoundry.io>	2023-04-11 08:29:42 -04:00
Gilles Peskine	7c1c7ce90e	Merge pull request #7401 from AndrzejKurek/md-guards-missing Add missing md.h includes	2023-04-11 09:32:17 +02:00
Ronald Cron	4d31496294	Update TLS 1.3 documentation and add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Andrzej Kurek	468a99ed0b	Add a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-06 03:04:15 -04:00
toth92g	d96027acd2	Correcting documentation issues: - Changelog entry is Feature instead of API Change - Correcting whitespaces around braces - Also adding defensive mechanism to x509_get_subject_key_id to avoid malfunction in case of trailing garbage Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
toth92g	27f9e7815c	Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Manuel Pégourié-Gonnard	86d5d4bf31	Merge pull request #7103 from valeriosetti/issue6622 Some MAX_SIZE macros are too small when PSA ECC is accelerated	2023-04-03 16:23:27 +02:00
Valerio Setti	3a3a756431	adding missing newline at the end of changelog file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 10:55:29 +02:00
Valerio Setti	0a7ff791a6	add Changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 09:18:41 +02:00
Dave Rodgman	b8f5ba826b	Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function Add milliseconds platform time function	2023-03-31 11:47:37 +01:00
Andrzej Kurek	9fa1d25aeb	Add changelog entry for directoryname SAN Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:38:47 -04:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Manuel Pégourié-Gonnard	a71594538f	Add a ChangeLog entry for driver-only hashes Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Przemek Stekiel	ebfeb172ee	Add change log entry (j-pake user/peer accept any values) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:18 +01:00
Paul Elliott	dbe435cda0	Assemble Changelog for 3.4.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:46:10 +00:00
Tom Cosgrove	4903139bc4	Add security entry to ChangeLog for AES-NI Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-22 17:43:40 +00:00
Tom Cosgrove	a9c58584be	Add security entry to ChangeLog for AES-CE Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-22 17:42:17 +00:00
Paul Elliott	e214827347	Add TLS1.2 Opaque ECJPAKE changelog entry Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-22 15:03:32 +00:00
Valerio Setti	89029e7366	changelog: fix description for ECDH changes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	8427b56d71	added changelog for accelerated ECDH changes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Paul Elliott	1b5957165a	Add Changelog for PSA to Mbed TLS error translation unification Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 16:38:31 +00:00
Tom Cosgrove	c4d759b697	Update AESCE changelog entry Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-21 16:31:18 +00:00
Tom Cosgrove	dcc0ee1a1e	Update changelog entry, splitting into two sections Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-21 15:52:20 +00:00
Jerry Yu	8d3fa9bd7b	Add changelog entry for #6932 and #7203 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-21 15:52:08 +00:00
Paul Elliott	3201f56952	Rename misnamed changelog entries Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:46:33 +00:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Dave Rodgman	3543806026	Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID RSA: provide interface to retrieve padding mode and hash_id	2023-03-20 18:34:53 +00:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Manuel Pégourié-Gonnard	e9a60224fd	Add ChangeLog entry for driver-only EC J-PAKE Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-20 10:03:55 +01:00
Yanray Wang	b46ccf235c	fix line length of ChangeLog Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-20 12:41:10 +08:00
Dave Rodgman	f992e6fe38	Changelog for AESCE support Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-17 17:52:38 +00:00
Dave Rodgman	8a7ed6951d	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-17 18:58:11 +08:00
Paul Elliott	9f02a4177b	Merge pull request #7009 from mprse/csr_write_san Added ability to include the SubjectAltName extension to a CSR - v.2	2023-03-17 10:07:27 +00:00
Gilles Peskine	74b4223c81	Announce the expanded AESNI support Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:50:15 +01:00
Dave Rodgman	680dbd46ae	Merge pull request #7270 from DemiMarie/oid-fix Fix segfault in mbedtls_oid_get_numeric_string	2023-03-16 12:21:36 +00:00
Demi Marie Obenour	889534a4d2	Fix segfault in mbedtls_oid_get_numeric_string When passed an empty OID, mbedtls_oid_get_numeric_string would read one byte from the zero-sized buffer and return an error code that depends on its value. This is demonstrated by the test suite changes, which check that an OID with length zero and an invalid buffer pointer does not cause Mbed TLS to segfault. Also check that second and subsequent subidentifiers are terminated, and add a test case for that. Furthermore, stop relying on integer division by 40, use the same loop for both the first and subsequent subidentifiers, and add additional tests. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-03-16 01:06:41 -04:00
Gilles Peskine	2a44ac245f	Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: Add cache entry removal api	2023-03-15 15:38:06 +01:00
Janos Follath	0086f8626a	Add changelog entry PR7083 silently fixed a security vulnerability in public, this commit adds a changelog entry for it. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-03-15 13:31:48 +00:00
Dave Rodgman	a94c90d30d	Merge pull request #7282 from gilles-peskine-arm/changelog-6567-psa_key_derivation_abort-no-other_secret Add changelog entry for a bug in non-PAKE code fixed during PAKE work	2023-03-15 09:27:33 +00:00
Manuel Pégourié-Gonnard	18336dace2	Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user EC J-PAKE: partial fix for role vs user+peer	2023-03-15 09:37:30 +01:00
Pengyu Lv	db47f2fbd4	Add changelog entry for new API Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-15 15:01:36 +08:00
Gilles Peskine	51b2868f3c	Add changelog entry for a bug in non-PAKE code fixed during PAKE work Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-14 21:41:54 +01:00
Gilles Peskine	215ecd0439	Merge pull request #7252 from daverodgman/enable_pkcs7 Enable PKCS 7	2023-03-14 10:39:50 +01:00
Paul Elliott	e4622a3436	Merge remote-tracking branch 'development/development' into development-restricted Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-13 17:49:32 +00:00
Przemek Stekiel	a11c1d141e	Reword change log entry Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-13 16:21:40 +01:00
Dave Rodgman	756b028511	Merge pull request #7171 from daverodgman/pr5527 Fix undefined behavior in ssl_read if buf parameter is NULL	2023-03-13 10:46:29 +00:00
Jerry Yu	3373ccaa18	Update changelog Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 11:39:43 +08:00
Przemek Stekiel	8b429ba414	Add change log entry (EC j-pake driver dispatch) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	9cc1786e46	Add chenage log entry for j-pake user/peer partial fix Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:20 +01:00
Dave Rodgman	957cc36be9	Improve wording; use PKCS #7 not PKCS7 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Dave Rodgman	3fe2abf306	Apply suggestions from code review Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Dave Rodgman	d12b592bc1	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Manuel Pégourié-Gonnard	c2495f78e6	Add a ChangeLog entry for driver-only ECDSA Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:16 +01:00
Przemek Stekiel	89e268dfb9	Add change log entry (SubjectAltName extension in CSR) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-09 14:04:17 +01:00
Dave Rodgman	4693fd9e9e	Merge pull request #7173 from daverodgman/zeroize-platform Use platform-provided secure zeroization	2023-03-06 09:16:12 +00:00
Pol Henarejos	f61d6c0a2b	Merge branch 'development' into sha3	2023-03-04 00:03:06 +01:00
Dave Rodgman	1f39a62ce6	Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt Allow alternative names for overridable PSA headers	2023-03-03 12:37:51 +00:00
Jerry Yu	8049346989	Add change log entry for `mbedtls_ms_time` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-03 11:19:07 +08:00
Gilles Peskine	cc29bfd92a	Bug fixes from the split of ssl_handle_hs_message_post_handshake The split of ssl_handle_hs_message_post_handshake() into ssl_tls12_handle_hs_message_post_handshake() and ssl_tls13_handle_hs_message_post_handshake() fixed some user-visible bugs. Add a changelog entry for those bugs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-01 19:49:58 +01:00
Dave Rodgman	dd4427cc5b	Merge pull request #7169 from AndrzejKurek/mpi-window-size Reduce the default MBEDTLS_ECP_WINDOW_SIZE value from 6 to 2	2023-02-27 17:12:38 +00:00
Paul Elliott	ac2251dad1	Merge pull request #7076 from mprse/parse_RFC822_name Add parsing of x509 RFC822 name + test	2023-02-27 14:16:13 +00:00
Dave Rodgman	bf0597f804	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:45:41 +00:00
Dave Rodgman	fd8929cfd1	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:30 +00:00
Ashley Duncan	88240e769f	Added changelog entry. Signed-off-by: Ashley Duncan <ashley.duncan@evnex.com>	2023-02-24 15:57:30 +00:00
Andrzej Kurek	86f30ff626	Reduce the default MBEDTLS_ECP_WINDOW_SIZE value to 2 As tested in https://github.com/Mbed-TLS/mbedtls/issues/6790, after introducing side-channel counter-measures to bignum, the performance of RSA decryption in correlation to the MBEDTLS_ECP_WINDOW_SIZE has changed. The default value of 2 has been chosen as it provides best or close-to-best results for tests on Cortex-M4 and Intel i7. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-24 07:51:21 -05:00
Paul Elliott	a3b625b0a1	Merge pull request #7098 from gilles-peskine-arm/retval-non-empty Pacify Clang 15 about empty \retval	2023-02-24 09:10:53 +00:00
Gilles Peskine	b1176f2583	Allow alternative names for overridden PSA headers Integrators of Mbed TLS may override the header files "psa/crypto_platform.h" and "psa/crypto_struct.h" by overwriting the files or by placing alternative versions earlier in the include file search path. These two methods are sometimes inconvenient, so allow a third method which doesn't require overwriting files or having a precise order for the include path: integrators can now specify alternative names for the headers. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-22 22:07:28 +01:00
Gilles Peskine	ffb92b0789	Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug Fix bugs in OID to string conversion	2023-02-21 23:16:44 +01:00
Gilles Peskine	250a5ac4cb	Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle Implement PSA interruptible sign/verify hash	2023-02-21 15:13:34 +01:00
Ronald Cron	d89360b87b	Fix and improve documentation, comments and logs Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-21 14:57:25 +01:00
Przemek Stekiel	d7820b7026	Add change log entry: SAN rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-20 15:09:50 +01:00
Ronald Cron	675d97d42e	Add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Manuel Pégourié-Gonnard	718eb4f190	Merge pull request #7025 from AndrzejKurek/uri_san Add the uniformResourceIdentifier subtype for the subjectAltName	2023-02-20 11:29:59 +01:00
Paul Elliott	e04e15b766	Add Changelog entry Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
David Horstmann	21b8387929	Add ChangeLog for OID-to-string fixes Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-15 13:07:49 +00:00
Gilles Peskine	4386cf188d	Changelog entry for pacifying clang -Wdocumentation about \retval Fixes #6960 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-14 19:26:56 +01:00
Paul Elliott	1748de160a	Fix IAR Warnings IAR was warning that conditional execution could bypass initialisation of variables, although those same variables were not used uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-13 15:35:35 +00:00
Andrzej Kurek	3e8f65a7e2	Add a changelog entry for URI SAN parsing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-13 10:21:20 -05:00
Gilles Peskine	928593f732	Merge pull request #7041 from gilles-peskine-arm/pk_ext-pss_options-public Make the fields of mbedtls_pk_rsassa_pss_options public	2023-02-10 15:08:06 +01:00
Gilles Peskine	b8531c4b0b	Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev X.509: Fix bug in SAN parsing and enhance negative testing	2023-02-10 15:05:32 +01:00
Manuel Pégourié-Gonnard	cf1c16af6e	Merge pull request #6925 from gilles-peskine-arm/coding-style-doc Switch to the new coding style: documentation	2023-02-10 10:05:27 +01:00
Pol Henarejos	4e747337ee	Merge branch 'development' into sha3 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-02-07 19:55:31 +01:00
Hanno Becker	dc0e8b92f8	Add a ChangeLog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-07 05:10:29 -05:00
Gilles Peskine	4c77601832	Merge pull request #6975 from davidhorstmann-arm/c-build-helper-improvements Minor improvements to `c_build_helper.py`	2023-02-07 10:25:59 +01:00
Dave Rodgman	94c9c96c94	Merge pull request #6998 from aditya-deshpande-arm/fix-example-programs-usage Fix incorrect dispatch to USAGE in example programs, which causes uninitialized memory to be used	2023-02-06 09:53:50 +00:00
Gilles Peskine	0cfb08ddf1	Merge pull request #6922 from mprse/csr_v3 Parsing v3 extensions from a CSR - v.2	2023-02-03 16:41:11 +01:00
Gilles Peskine	34c43a871f	Make the fields of mbedtls_pk_rsassa_pss_options public This makes it possible to verify RSA PSS signatures with the pk module, which was inadvertently broken since Mbed TLS 3.0. Fixes #7040. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-02 23:06:37 +01:00
Aditya Deshpande	3b18a29c13	Amend changelog entry Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>	2023-02-02 09:06:00 +00:00
David Horstmann	a43e332fe4	Fix near-tautological repetition in ChangeLog Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-01 13:39:57 +00:00
Gilles Peskine	a193986aab	Merge pull request #6942 from ucko/2023a-bignum mbedtls_mpi_sub_abs: Skip memcpy when redundant (#6701).	2023-02-01 11:36:25 +01:00

1 2 3 4 5 ...

1144 commits