mbedtls

Author	SHA1	Message	Date
Dave Rodgman	33b2210065	Fix cast alignment warning in timing.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-31 15:50:54 +01:00
Paul Elliott	03d557db35	Merge pull request #6900 from AndrzejKurek/san-dirname Add support for directoryName subjectAltName	2023-03-30 18:37:26 +01:00
Manuel Pégourié-Gonnard	0ab380a8ae	Merge pull request #7354 from mpg/ecc-doc-update Ecc doc update	2023-03-30 15:38:47 +02:00
Manuel Pégourié-Gonnard	9463e780c6	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-30 09:37:39 +02:00
Manuel Pégourié-Gonnard	59b61da7c4	Fix dependency check for TLS 1.3 ECDH This part is specific to 1.3 and directly calls PSA APIs regardless of whether MBEDTLS_USE_PSA_CRYPTO is defined, so use PSA_WANT. Note: the code is already using PSA_WANT everywhere in ssl_tls13*.c. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-30 09:35:41 +02:00
Andrzej Kurek	c27ba3a531	Clarify SAN structure memory management Co-authored-by: David Horstmann <david.horstmann@arm.com> Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:41:34 -04:00
Andrzej Kurek	8bc128eca7	Add missing information about supported subjectAltName types Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:40:38 -04:00
Andrzej Kurek	5f0c6e82fb	Add missing deallocation of subject alt name Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:40:38 -04:00
Andrzej Kurek	d40c2b65a6	Introduce proper memory management for SANs DirectoryName parsing performs allocation that has to be handled. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Andrzej Kurek	e12b01d31b	Add support for directoryName subjectAltName Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00
Dave Rodgman	05c5a91514	Merge pull request #7307 from Mbed-TLS/sphinx-versioned-documentation Generate API documentation with Sphinx and Breathe	2023-03-29 12:01:59 +01:00
Manuel Pégourié-Gonnard	4fa702ae79	Update documented dependencies on ECC algs Previous PRs update check_config.h correctly, but forgot the documentation in mbedtls_config.h. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-29 12:19:41 +02:00
Manuel Pégourié-Gonnard	93b21e74f9	Update documentation to mention ECC drivers Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-29 10:30:26 +02:00
Valerio Setti	77a904c761	ssl: remove useless guard Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:48 +02:00
Valerio Setti	1fa5c56863	ssl_tls: fix guard symbols for EC accelerated tests Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-28 16:26:47 +02:00
Paul Elliott	69034388e9	Fix conflict between restricted and development MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA was removed in development and replaced with MBEDTLS_MD_CAN_SHA384. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-27 21:24:45 +01:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Valerio Setti	ab9dc667ff	psa_util: fix for correctly computing elements in array Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-27 11:25:10 -04:00
Manuel Pégourié-Gonnard	2ca08c8409	Try again to clarify USE_PSA_CRYPTO Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	a22857b710	Fix documented dependencies on TLS 1.2 The check in check_config.h was fixed in a previous PR, but the documentation hadn't been updated accordingly. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	70a1b6d828	Fix typos Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	5a51d0d789	Fix depends.py failure with correct TLS 1.2 deps TLS 1.2 has never been able to work with only SHA-512, it just happened to pass previously because the declared dependencies were too lax. (Probably related to the fact that in the past we didn't distinguish between SHA-512 and SHA-384 in dependencies.) So, just disable all of TLS in SHA-512-only builds. While at it, tune build_info.h to make this easier - it already had partial support for disabling TLS 1.2 or TLS 1.3 in an easier way, but not both of them at the same time. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	a31ddb98dc	Fix and simplify TLS hash dependency declarations Fixes #6441 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	bb21c5afa7	Use helper macros for hashes in check_config.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	93302422fd	Fix instances of old feature macros being used sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/.c programs/x509/.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data Then manually revert programs/pkey/ecdsa.c as it's using a low-level hash API. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	4011eb49dc	Fix entropy-related feature macros Was causing testing disparities picked by analyze_outcomes.py Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Manuel Pégourié-Gonnard	5cd4b6403b	Use MD-light in entropy.c Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:43:40 +01:00
Paul Elliott	db67e99bbf	Bump library, libcrypto and libx509 versions Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:57:39 +00:00
Valerio Setti	080a22ba75	ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	4059aba353	accelerated ecdh: re-enable TLS 1.3 key exchanges and fix guards in check_config Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	ccf0be28e8	fix typo Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:40:05 +01:00
Valerio Setti	da8535b74e	ecdh: simplify guards for the newly created PSA_HAVE_FULL_ECDH symbol Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:40:05 +01:00
Valerio Setti	d3f0b9e78c	ecdhe: fix guards for accelerated ECDHE key exchanges Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:36:59 +01:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Manuel Pégourié-Gonnard	161dca63c3	Fix typos & improve wording in comments Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	7224086ebc	Remove legacy_or_psa.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:29:31 +01:00
Manuel Pégourié-Gonnard	a946489efd	X.509: use MD_CAN macros Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	49e67f814f	PKCS5: always use MD As a consequence, MD_C is now enabled in component accel_hash_use_psa. Fix guards in X.509 info function to avoid this causing a failure now. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	fb8d90a2db	RSA: always use MD light Note: already auto-enabled in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	1c2008fa37	PEM: always use MD light Note: PEM_PARSE already auto-enables MD_LIGHT in build_info.h Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	be97afe5d4	PKCS12: always use MD light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	41bc8b6b1e	ECJPAKE: always use MD light This enables access to all available hashes, instead of the previous situation where you had to choose by including MD_C or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	235a933f99	PSA hash algs must be a superset of built-ins Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	534d64d67e	MD no longer depends on a built-in hash Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-21 16:28:00 +01:00
Manuel Pégourié-Gonnard	e0e161b54a	Merge pull request #7296 from valeriosetti/issue7253-part1 driver-only ECDH: enable ECDH-based TLS 1.2 key exchanges -- part 1	2023-03-21 16:09:02 +01:00
Dave Rodgman	3543806026	Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID RSA: provide interface to retrieve padding mode and hash_id	2023-03-20 18:34:53 +00:00
Dave Rodgman	97fd217748	Merge pull request #7318 from tom-cosgrove-arm/update-mbedtls_have_asm-requirements-in-mbedtls_config.h Note that MBEDTLS_HAVE_ASM is required by MBEDTLS_AESCE_C	2023-03-20 18:22:25 +00:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Tom Cosgrove	f586aa2af2	Note that MBEDTLS_HAVE_ASM is required by MBEDTLS_AESCE_C Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-20 14:45:27 +00:00
Valerio Setti	5d1f29e700	ssl_tls: fix guards for accelerated ECDH Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-20 14:02:07 +01:00

1 2 3 4 5 ...

5841 commits