mbedtls

Author	SHA1	Message	Date
Glenn Strauss	a950938ff0	Add mbedtls_ssl_ticket_rotate for ticket rotation. Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-02-09 14:33:15 -05:00
Manuel Pégourié-Gonnard	62b49cd06a	Merge pull request #5472 from yuhaoth/pr/move-client-auth Move client_auth to handshake	2022-02-09 10:57:00 +01:00
Jerry Yu	0ff8ac89f5	fix comments issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-08 10:10:48 +08:00
Manuel Pégourié-Gonnard	1ab2d6966c	Merge pull request #5385 from AndrzejKurek/use-psa-crypto-reduced-configs Resolve problems with reduced configs using USE_PSA_CRYPTO	2022-02-02 10:20:26 +01:00
Jerry Yu	fb28b88e26	move client_auth to handshake Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-28 11:05:58 +08:00
Jerry Yu	7ce0f2aa6b	Wrap client_auth. The variable is used for client side only Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-27 18:26:06 +08:00
XiaokangQian	647719a172	Add hello retry request in client side Signed-off-by: XiaokangQian <xiaokang.qian@arm.com>	2022-01-26 10:50:06 +00:00
Ronald Cron	f51b79c297	Merge pull request #5355 from yuhaoth/pr/remove-duplicate-sig-alg-ext Remove duplicate write signature algorithms extension The failure of ABI-API-checking is expected.	2022-01-26 10:05:26 +01:00
Gilles Peskine	cfb151889f	Merge pull request #5457 from AndrzejKurek/key-id-encodes-owner-psa-fixes-follow-up Remove incorrect incompatibility information about `MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER` from mbedtls_config.h	2022-01-25 17:02:35 +01:00
Andrzej Kurek	cfc920a960	Remove incorrect incompatibility information from mbedtls_config.h Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-25 06:33:08 -05:00
Jerry Yu	7ddc38cedb	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	713013fa80	fix various issues Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	6106fdc085	fix build fail without TLS13 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-01-25 12:46:17 +08:00
Jerry Yu	f017ee4203	merge write sig_alg of tls12 and tls13 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com> # Conflicts: # library/ssl_misc.h	2022-01-25 12:46:17 +08:00
Gilles Peskine	a5c1bf0b8d	Merge pull request #5367 from AndrzejKurek/doxygen-closure-fixes doxygen: add missing asterisk to group closures	2022-01-24 21:40:39 +01:00
Andrzej Kurek	cead70dbe5	doxygen: fix missing asterisk in ecp.h Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-24 10:48:10 -05:00
Manuel Pégourié-Gonnard	fcca7cfa97	Merge pull request #5428 from gstrauss/mbedtls_ssl_ciphersuite Add accessors for ciphersuite info	2022-01-24 11:13:31 +01:00
Gilles Peskine	6249603e7c	Merge pull request #5438 from SebastianBoe/check_config Add missing config check for PKCS5.	2022-01-22 00:52:07 +01:00
Andrzej Kurek	8d2864d6bc	Force usage of MBEDTLS_PK_WRITE_C when PK_C and USE_PSA_CRYPTO is used Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-19 12:34:30 -05:00
Sebastian Bøe	24e88018d2	Add missing config check for PKCS5. PKCS5 depends on MD, but is missing a config check resulting in obscure errors on invalid configurations. Signed-off-by: Sebastian Bøe <sebastian.boe@nordicsemi.no>	2022-01-19 12:04:35 +01:00
Glenn Strauss	8f52690956	Add accessors for ciphersuite info Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-01-13 00:05:48 -05:00
Andrzej Kurek	03e01461ad	Make KEY_ID_ENCODES_OWNER compatible with USE_PSA_CRYPTO Fix library references, tests and programs. Testing is performed in the already present all.sh test. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-01-03 12:53:24 +01:00
Andrzej Kurek	01404dfaa2	doxygen: remove empty platform_time configuration section Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-12-30 12:34:00 +01:00
Andrzej Kurek	a0defed667	doxygen: move addtogroup closures to include more elements Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-12-30 12:33:31 +01:00
Andrzej Kurek	38d4fddcd8	Add missing asterisk to doxygen closures Clarify section names next to closing braces Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2021-12-28 16:22:52 +01:00
Ronald Cron	17b1e2f6c3	Bump version to 3.1.0 Executed ./scripts/bump_version.sh --version 3.1.0 --so-crypto 11 --so-tls 17 + fix of build_info.h Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-15 09:02:53 +01:00
Gilles Peskine	a5c18512b9	Merge pull request #5155 from paul-elliott-arm/pcks12_fix Fixes for pkcs12 with NULL and/or zero length password	2021-12-13 14:52:36 +01:00
Dave Rodgman	050ad4bb50	Merge pull request #5313 from gilles-peskine-arm/missing-ret-check-mbedtls_md_hmac Check HMAC return values	2021-12-13 10:51:27 +00:00
Gilles Peskine	ecf6bebb9c	Catch failures of md_hmac operations Declare mbedtls_md functions as MBEDTLS_CHECK_RETURN_TYPICAL, meaning that their return values should be checked. Do check the return values in our code. We were already doing that everywhere for hash calculations, but not for HMAC calculations. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-11 15:00:57 +01:00
Ronald Cron	bb27b43013	build: Fix TLS 1.3 prerequisites Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 14:22:52 +01:00
Ronald Cron	6f135e1148	Rename MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL to MBEDTLS_SSL_PROTO_TLS1_3 As we have now a minimal viable implementation of TLS 1.3, let's remove EXPERIMENTAL from the config option enabling it. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:47:55 +01:00
Ronald Cron	0abf07ca2c	Make PSA crypto mandatory for TLS 1.3 As we want to move to PSA for cryptographic operations let's mandate PSA crypto from the start. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-10 13:22:21 +01:00
Ronald Cron	6b07916e40	Merge pull request #5230 from ronald-cron-arm/tls13_ccs_client Add initial support for "Middlebox Compatibility Mode"	2021-12-10 11:58:05 +01:00
Gilles Peskine	d31da1c673	Merge pull request #5270 from davidhorstmann-arm/improve-cmac-docs Reword documentation of CMAC operations	2021-12-09 23:28:36 +01:00
Ronald Cron	49ad6197ca	Add injection of dummy's ChangeCipherSpec for middlebox compatibility Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-09 13:40:22 +01:00
Ronald Cron	ab65c52944	Add MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE config option Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-09 13:40:22 +01:00
Manuel Pégourié-Gonnard	c38c1f2411	Merge pull request #5268 from gilles-peskine-arm/struct_reordering_3.0 Reorder structure fields to maximize usage of immediate offset access	2021-12-09 12:54:09 +01:00
Gilles Peskine	b3ec69dba5	mbedtls_ssl_config: better document former bit-fields Ensure that the documentation of fields affected by "mbedtls_ssl_config: Replace bit-fields by separate bytes" conveys information that may have been lost by removing the exact size of the type. Extend the preexisting pattern "do this?" for formerly 1-bit boolean fields. Indicate the possible values for non-boolean fields. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2021-12-08 18:32:12 +01:00
Gilles Peskine	392113434a	Merge pull request #5263 from ronald-cron-arm/psa-test-driver_3.x Forward port to 3.x: Introduce PSA test driver library to test PSA configuration	2021-12-07 12:52:20 +01:00
David Horstmann	3d5dfa598b	Reword documentation of CMAC operations Change the wording of the documentation for some CMAC functions, as the existing wording, while technically correct, can be easy to misunderstand. The reworded docs explain the flow of a CMAC computation a little more fully. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2021-12-06 18:58:02 +00:00
Dave Rodgman	351c71b7f2	Fix builds when config.h only defines MBEDTLS_BIGNUM_C Fixes #4929 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2021-12-06 17:50:53 +00:00
Ronald Cron	8c8cea25c7	Merge pull request #5166 from xffbai/code-align Align the TLS 1.3 code with coding rules	2021-12-06 10:54:00 +01:00
Ronald Cron	d4c2c9bf94	psa: Fix some dependencies in config_psa.h Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	ef6ffe3033	psa: Fix Mbed TLS hash operation definition Use PSA_BUILTIN macros instead of the Mbed TLS ones as in the hash operation contexts the context for a given hash is needed only if the support for it through PSA is enabled. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	7975fae6bd	Move to separately compiled PSA test driver library This commit removes the test_psa_crypto_config_basic all.sh component that can no longer work without adapting it to the separately compiled test driver library. This component is replaced by several components in the following commits to test various type of acceleration independently. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-06 07:50:27 +01:00
Ronald Cron	fcaba24697	psa: Fix hash max sizes The PSA max hash size has to be 64 if SHA512 or SHA384 is supported by the library or an accelerator, not just in case of the library. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2021-12-03 18:55:33 +01:00
Gilles Peskine	28de59c50a	Merge pull request #5246 from adeaarm/development Align function parameter names for mbedtls_set_key_owner_id	2021-12-03 17:24:46 +01:00
Gilles Peskine	1bbf6d645b	Merge pull request #5149 from mfil/feature/additional_cipher_info_getters Additional cipher_info getters	2021-12-03 17:21:51 +01:00
Paul Elliott	ad7e8a7092	Documentation fixes Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2021-11-30 15:37:49 +00:00
Antonio de Angelis	e2b6866e0b	Align function parameter names for mbedtls_set_key_owner_id in PSA headers static function mbedtls_set_key_owner() is declared in psa/crypto.h and defined in psa/crypto_struct.h with different parameter name for the mbedtls_key_owner_id_t parameter and that may trigger errors from static code analysis tool as cppcheck. Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>	2021-11-30 12:26:58 +00:00

1 2 3 4 5 ...

5012 commits