mbedtls

Author	SHA1	Message	Date
Xiaokang Qian	29ee43c0e1	Update document base on comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:16:22 +00:00
Xiaokang Qian	097771672d	Update early data document and prerequisites check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:16:22 +00:00
Xiaokang Qian	f447e8a8d3	Address comments base on reviews Improve early data indication check Update test case to gnutls server Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:36 +00:00
Xiaokang Qian	ecc2948f21	Fix format issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:05 +00:00
Xiaokang Qian	76332816c7	Define the EARLY_DATA_STATUS Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:05 +00:00
Xiaokang Qian	338f727683	Move EARLY_DATA_OFF/ON guard to ssl_misc.h Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:15:03 +00:00
Xiaokang Qian	911c0cc4f0	Fix format issues in comments Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:50 +00:00
Xiaokang Qian	0e97d4d16d	Add early data indication to client side Add fields to mbedtls_ssl_context Add write early data indication function Add check whether write early data indication Add early data option to ssl_client2 Add test cases for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-11-14 03:13:50 +00:00
Dave Rodgman	50e5616553	Fix typo in check_config.h Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-11-10 10:07:35 +00:00
Dave Rodgman	f58172fe43	Merge remote-tracking branch 'origin/development' into pr3431	2022-11-10 09:54:49 +00:00
Nick Child	89e82e1685	pkcs7: Add dependecy on MBEDTLS_MD_C Signed-off-by: Nick Child <nick.child@ibm.com>	2022-11-09 10:36:10 -06:00
Moritz Fischer	ab45425623	include: mbedtls: Add missing private_access header This adds a missing private access header. Signed-off-by: Moritz Fischer <moritzf@google.com>	2022-11-08 14:55:32 -08:00
Gilles Peskine	69ae1ee4fe	Merge pull request #6552 from gstrauss/bignum-aliasing Add comments for some forbidden aliasing in bignum.h interfaces	2022-11-08 17:15:37 +01:00
Gilles Peskine	42d75f2daf	Merge pull request #6013 from gstrauss/asn1-type-free Shared code to free x509 structs like mbedtls_x509_named_data	2022-11-08 12:20:20 +01:00
Glenn Strauss	0750d08601	Add comments for some forbidden aliasing in bignum Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-11-08 02:47:21 -05:00
Glenn Strauss	82ba274c01	Deprecate mbedtls_asn1_free_named_data() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-11-07 15:42:44 -05:00
Gilles Peskine	faefe62013	Merge pull request #6390 from mpg/fix-ecjpake-psa-format Fix ecjpake PSA format	2022-11-07 17:35:44 +01:00
Nick Child	3951a4f3ad	pkcs7: Use better error codes Remove an unnecessary debug print (whoops). Use new error code for when the x509 is expired. When there are no signers return invalid certificate. Signed-off-by: Nick Child <nick.child@ibm.com> Co-authored-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Nick Child <nick.child@ibm.com>	2022-10-31 09:38:42 -05:00
Dave Rodgman	55fd0b9fc1	Merge pull request #6121 from daverodgman/pr277 cert_write - add a way to set extended key usages - rebase	2022-10-31 13:27:49 +00:00
Dave Rodgman	1a22bef116	Merge pull request #6190 from daverodgman/invalid-ecdsa-pubkey Improve ECDSA verify validation	2022-10-31 09:37:26 +00:00
Nick Child	bb82ab764f	pkcs7: Respond to feeback on parsing logic After recieving review on the pkcs7 parsing functions, attempt to use better API's, increase consisitency and use better documentation. The changes are in response to the following comments: - use mbedtls_x509_crt_parse_der instead of mbedtls_x509_crt_parse [1] - make lack of support for authenticatedAttributes more clear [2] - increment pointer in pkcs7_get_content_info_type rather than after [3] - rename `start` to `p` for consistency in mbedtls_pkcs7_parse_der [4] [1] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r992509630 [2] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r992562450 [3] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r992741877 [4] https://github.com/Mbed-TLS/mbedtls/pull/3431#discussion_r992754103 Signed-off-by: Nick Child <nick.child@ibm.com>	2022-10-28 12:28:54 -05:00
Glenn Strauss	a4b4041219	Shared code to free x509 structs Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-10-28 12:51:35 -04:00
Dave Rodgman	cd7fe3ee14	Merge pull request #6487 from gilles-peskine-arm/legacy_or_psa-internal	2022-10-27 20:21:43 +01:00
Ronald Cron	77e15e8a2c	Merge pull request #6460 from xkqian/tls13_add_early_data_preparatory Internal and Open CI merge job ran successfully. Good to go.	2022-10-27 10:40:56 +02:00
Gilles Peskine	3a9ebd69c3	Declare legacy_or_psa.h as private We think we're likely to change these macros. So make them only for internal use, not just "mostly". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-26 18:03:14 +02:00
Gilles Peskine	49540ac529	Move copyright notice out of the Doxygen documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-26 18:02:56 +02:00
Ronald Cron	c9176a03a7	Merge pull request #6410 from gilles-peskine-arm/psa-pkparse-pkwrite-3.2 PSA with RSA requires PK_WRITE and PK_PARSE	2022-10-26 14:57:36 +02:00
Manuel Pégourié-Gonnard	3e0ea98b7c	Merge pull request #6451 from mpg/fix-can-exercise Fix can_exercise() for RSA and hashes	2022-10-26 10:18:52 +02:00
Xiaokang Qian	72dbfef6e4	Improve coding styles Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-26 06:33:57 +00:00
Xiaokang Qian	4ef4c89af2	Fix CI failure in build_info.h Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-26 02:48:47 +00:00
Xiaokang Qian	65fc0de894	Improve the prerequisites for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 09:08:57 +00:00
Xiaokang Qian	d69d06fffa	Improve format issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 06:51:25 +00:00
Xiaokang Qian	95a0730f17	Change prerequisites of MBEDTLS_SSL_EARLY_DATA and add related check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 05:34:48 +00:00
Xiaokang Qian	72de95dcf5	Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 05:34:25 +00:00
Xiaokang Qian	600804b0e7	Remove useless early data related macros for the time being Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Xiaokang Qian	54413b10c2	Add early data support preparatory work Add MBEDTLS_SSL_EARLY_DATA configuration option Define early_data_enabled field in mbedtls_ssl_config Add function mbedtls_ssl_conf_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Ronald Cron	571f1ff6dc	Make sure TLS 1.2 kex macros are undefined in builds without TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	d8d2ea5674	Add TLS 1.3 key exchange mode config options Add TLS 1.3 specific configuration options to enable/disable the support for TLS 1.3 key exchange modes. These configurations are introduced to move away from the aforementioned enablement/disablement based on MBEDTLS_KEY_EXCHANGE_xxx_ENABLED options that relate to group of TLS 1.2 ciphersuites. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:41:57 +02:00
Manuel Pégourié-Gonnard	98b91d40d6	RSA PKCS#1 v1.5 no longer depends on MD This has been the case since https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the documentation, and also is_builtin_calling_md(), so update those. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 10:59:30 +02:00
Dave Rodgman	f33da19dfb	Merge pull request #6413 from daverodgman/update_docs_links Update documentation links	2022-10-14 17:42:48 +01:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	29c490db97	Update LMS calculate_public_key docs To avoid the word "generate" Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:34 +01:00
Raef Coles	07b70d9196	Correct typo in LMS config check Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:28 +01:00
Raef Coles	1b43a7448d	Clean up LMS and LMOTS feature dependencies Remove SHA256 dependencies from tests, fix incorrect boolean logic in check_config, and change depends_hashes.pl to disable LMS in one test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:26 +01:00
Raef Coles	3c4ae77fec	Improve LMS private context documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:45 +01:00
Raef Coles	285d44b180	Capitalize "Merkle" in LMS and LMOTS code As it is a proper noun Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:43 +01:00
Raef Coles	9b0daf60fb	Improve LMS private function warning Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:38 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	2ac352a322	Make LMS functions args const where required Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:14 +01:00
Raef Coles	f6ddd51bfd	Sanitize LMS and LMOTS macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:13 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	56fe20a473	Move MBEDTLS_PRIVATE required defines into lms.h From lmots.h, as it is a private header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:10 +01:00
Raef Coles	ab300f15e8	Move public header content from lmots.h to lms.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:08 +01:00
Raef Coles	403558c1c9	Fix LMS function documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:57 +01:00
Raef Coles	9b88ee5d5d	Fix LMS and LMOTS coding style violations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:40 +01:00
Raef Coles	366d67d9af	Shorted LMS and LMOTS line-lengths To attempt to comply with the 80-char suggestion Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:38 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	2ad6e611f0	Update LMS/LMOTS documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:20 +01:00
Raef Coles	0aa18e041f	Note that LMS sign function is for testing only Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:18 +01:00
Raef Coles	c464746d45	Document LMS and LMOTS contexts And add some comments about the source of their type IDs Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:17 +01:00
Raef Coles	8ff6df538c	Add LMS implementation Also an LM-OTS implementation as one is required for LMS. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:15 +01:00
Gilles Peskine	0fe6631486	Merge pull request #6291 from gilles-peskine-arm/platform.h-unconditional-3.2 Include platform.h unconditionally	2022-10-13 10:19:22 +02:00
Dave Rodgman	b319684bca	Additional updates to docs links Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-10-12 16:47:08 +01:00
Xiaokang Qian	baa4764d77	Fix typo issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	ed3afcd6c3	Fix various typo and macro guards issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	03409290d2	Add MBEDTLS_SSL_SESSION_TICKETS guard to server name check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:51 +00:00
Xiaokang Qian	2f9efd3038	Address comments base on review Change function name to ssl_session_set_hostname() Remove hostname_len Change hostname to c_string Update test cases to multi session tickets Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:49 +00:00
Xiaokang Qian	bc663a0461	Refine code based on commnets Change code layout Change hostname_len type to size_t Fix various issues Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:06:01 +00:00
Xiaokang Qian	adf84a4a8c	Remove public api mbedtls_ssl_reset_hostname() Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:05:11 +00:00
Xiaokang Qian	281fd1bdd8	Add server name check when proposeing pre-share key Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-12 11:03:41 +00:00
Gilles Peskine	8fd3254cfc	Merge pull request #6374 from mprse/enc_types Test TLS 1.2 builds with each encryption type	2022-10-12 12:45:50 +02:00
Ronald Cron	78317c832b	Merge pull request #6327 from yuhaoth/pr/tls13-psk-after-session-tickets TLS 1.3: PSK and NewSessionTicket: Add support for sending PSK and Ticket together.	2022-10-12 12:39:51 +02:00
Gilles Peskine	fcee740b83	Automatically enable PK_PARSE for RSA in PSA PSA crypto currently needs MBEDTLS_PK_PARSE_C to parse RSA keys to do almost anything with them (import, get attributes, export public from private, any cryptographic operations). Force it on, for symmetry with what we're doing for MBEDTLS_PK_WRITE_C. Fixes #6409. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:15:24 +02:00
Gilles Peskine	fd94304f9d	PSA RSA needs pk_write The PSA crypto code needs mbedtls_pk_write_key_der() and mbedtls_pk_write_pubkey() when using RSA without drivers. We were already forcing MBEDTLS_PK_WRITE_C when MBEDTLS_USE_PSA_CRYPTO is enabled. Do so also when MBEDTLS_PSA_CRYPTO_C is enabled as well as MBEDTLS_RSA_C, even without MBEDTLS_USE_PSA_CRYPTO. Fixes #6408. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-11 21:09:12 +02:00
Przemek Stekiel	d61a4d3d1a	Fix missing guard and double-space Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-11 09:40:40 +02:00
Przemek Stekiel	52a428b824	Fix MBEDTLS_SSL_TICKET_C, MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-10 11:23:18 +02:00
Jerry Yu	8897c07075	Add server only guards for psk callback Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-10-07 10:11:05 +08:00
Jan Bruckner	b33f6e5ee2	Fix typo Signed-off-by: Jan Bruckner <jan@janbruckner.de>	2022-10-06 11:23:49 +02:00
Manuel Pégourié-Gonnard	79617d99ae	Fix namespacing issue This macro is specific to the Mbed TLS implementation and not part of the public API, so it shouldn't used the PSA_ namespace. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-05 12:55:50 +02:00
Manuel Pégourié-Gonnard	ec7012dbc7	Fix I/O format of PSA EC J-PAKE for compliance The format used by the mbedtls_ecjpake_xxx() APIs and that defined by the PSA Crypto PAKE extension are quite different; the former is tailored to the needs of TLS while the later is quite generic and plain. Previously we only addressed some part of this impedance mismatch: the different number of I/O rounds, but failed to address the part where the legacy API adds some extras (length bytes, ECParameters) that shouldn't be present in the PSA Crypto version. See comments in the code. Add some length testing as well; would have caught the issue. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-05 12:52:48 +02:00
Przemek Stekiel	0957e7bfc5	Rmove MBEDTLS_NIST_KW_C dependency from MBEDTLS_SSL_TICKET_C Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 11:39:02 +02:00
Przemek Stekiel	460192ee19	Fix and sync configuration file and configuration verifiation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-10-03 08:55:29 +02:00
Nick Child	7dbe8528f3	pkcs7: Import header files with included directory path not relative path In #include statements, rely on -I paths instead of relative paths. Signed-off-by: Nick Child <nick.child@ibm.com>	2022-09-30 17:28:16 -05:00
Przemek Stekiel	ce5b68c7a3	Revert "Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions" This reverts commit `a82290b727`. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-29 15:29:18 +02:00
Manuel Pégourié-Gonnard	f3f9e450b6	Merge pull request #6115 from AndrzejKurek/ecjpake-kdf-tls-1-2 Ad-hoc KDF for EC J-PAKE in TLS 1.2	2022-09-28 09:47:32 +02:00
Przemek Stekiel	e31ba83675	Use basic symbols instead MBEDTLS_CIPHER_MODE_AEAD in check config Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 09:44:58 +02:00
Przemek Stekiel	d582a01073	Make MBEDTLS_SSL_CONTEXT_SERIALIZATION dependent on AEAD Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-28 07:59:01 +02:00
Przemek Stekiel	a82290b727	Fix guards for mbedtls_ssl_ticket_write() and mbedtls_ssl_ticket_parse() functions Both functions are calling mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions. These functions are guarded with MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C flags - make it consistent. As a result ssl_server2 won't build now with MBEDTLS_SSL_SESSION_TICKETS enabled (mbedtls_cipher_auth_[encrypt/decrypt]_ext() functions not available). Mark MBEDTLS_SSL_SESSION_TICKETS as dependent on MBEDTLS_CIPHER_MODE_AEAD \|\| MBEDTLS_NIST_KW_C and disable MBEDTLS_SSL_SESSION_TICKETS in stream cipher only build. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2022-09-27 15:04:14 +02:00
Andrzej Kurek	e09aff8f5a	Add information about ECJPAKE_TO_PMS output size expectations Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:59:31 -04:00
Andrzej Kurek	96b9f23853	Adjust ECJPAKE_TO_PMS macro value This way the low 8 bits of the identifier indicate that this algorithm is used with SHA-256. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-09-26 10:30:46 -04:00
Paul Elliott	2c282c9bd0	Merge pull request #6180 from yuhaoth/pr/add-tls13-multiple-session-tickets TLS 1.3: NewSessionTicket: Add support for sending multiple tickets per session.	2022-09-23 15:48:33 +01:00

1 2 3 4 5 ...

5542 commits