yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
16254 commits 1 branch 0 tags 94 MiB
Commit graph

86 commits

Author SHA1 Message Date
Gilles Peskine
b1940a76ad In TLS, order curves by resource usage, not size 
TLS used to prefer larger curves, under the idea that a larger curve has a
higher security strength and is therefore harder to attack. However, brute
force attacks are not a practical concern, so this was not particularly
meaningful. If a curve is considered secure enough to be allowed, then we
might as well use it.

So order curves by resource usage. The exact definition of what this means
is purposefully left open. It may include criteria such as performance and
memory usage. Risk of side channels could be a factor as well, although it
didn't affect the current choice.

The current list happens to exactly correspond to the numbers reported by
one run of the benchmark program for "full handshake/s" on my machine.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-17 21:46:29 +02:00
Gilles Peskine
3758fd6b79 Changelog entry and migration guide for hash and curve profile upgrades 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2021-06-17 21:46:14 +02:00
Gilles Peskine
17575dcb03
Merge pull request #4629 from TRodziewicz/rename_functions_whose_deprecated_variants_have_been_removd 
Rename the _ret() functions
 2021-06-15 20:32:07 +02:00
TRodziewicz
28a4a963fc Corrections to the docs wording and changes to aux scripts 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-15 00:18:32 +02:00
TRodziewicz
3946f79cab Correction according to code review (function and param. names change 
and docs rewording)

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-14 13:46:21 +02:00
TRodziewicz
8b223b6509 Addition of the migration guide entry file. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-14 11:56:33 +02:00
TRodziewicz
1fcd72e93c change log and migr. guide fixes and _DEPRECATED_REMOVED removed 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-14 11:16:06 +02:00
Gilles Peskine
02b76b7d18
Merge pull request #4619 from TRodziewicz/remove_MBEDTLS_X509_CHECK_x_KEY_USAGE_options 
Remove MBEDTLS_X509_CHECK_*_KEY_USAGE options but enable the code
 2021-06-10 17:43:36 +02:00
TRodziewicz
2a5e5a2759 Correction to the migration guide entry wording 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-09 16:54:20 +02:00
TRodziewicz
0ea2576502 Correction to the migr. guide wording and removal of not needed option 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-09 13:31:42 +02:00
TRodziewicz
b8367380b1 Addition of the migration guide 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-09 13:31:42 +02:00
TRodziewicz
1e66642d68 Addition of change log and migration guide files. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-09 11:25:28 +02:00
Ronald Cron
f8abfa8b1b Improve migration guide 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-09 10:54:14 +02:00
Ronald Cron
6fe1bc3f24 Add change log and migration guide 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-08 14:11:19 +02:00
Manuel Pégourié-Gonnard
16fdab79a5
Merge pull request #4382 from hanno-arm/max_record_payload_api 
Remove MFL query API and add API for maximum plaintext size of incoming records
 2021-06-08 11:07:27 +02:00
Hanno Becker
61f292ea0a Fix migration guide for now-removed deprecated functions 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-06-08 07:50:55 +01:00
TRodziewicz
0730cd5d9e Merge branch 'development' into Remove__CHECK_PARAMS_option 2021-06-07 15:41:49 +02:00
TRodziewicz
442fdc22ea Remove MBEDTLS_X509_CHECK_*_KEY_USAGE options but enable the code 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-06-07 13:52:23 +02:00
Manuel Pégourié-Gonnard
13a9776676 Editorial improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-06-07 12:00:04 +02:00
Manuel Pégourié-Gonnard
3b5a7c198c Update ChangeLog and migration guide 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-06-07 11:13:34 +02:00
Manuel Pégourié-Gonnard
84191eab06
Merge pull request #4315 from Kxuan/feat-pre-compute-tls 
Static initialize comb table
 2021-06-03 11:41:54 +02:00
kXuan
782c2b9f36
fix comment, ChangeLog & migration-guide for MBEDTLS_ECP_FIXED_POINT_OPTIM 
Signed-off-by: kXuan <kxuanobj@gmail.com>
 2021-06-03 15:47:40 +08:00
Manuel Pégourié-Gonnard
1b1327cc0d
Merge pull request #4581 from TRodziewicz/remove_supp_for_extensions_in_pre-v3_X.509_certs 
Remove MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option
 2021-06-02 13:48:03 +02:00
Manuel Pégourié-Gonnard
df77624ab5
Merge pull request #4490 from TRodziewicz/Combine__SSL_<CID-TLS1_3>_PADDING_GRANULARITY_options 
Combine _SSL_<CID-TLS1_3>_PADDING_GRANULARITY options
 2021-06-02 13:47:48 +02:00
Manuel Pégourié-Gonnard
1b3b27cbb0
Merge pull request #4587 from TRodziewicz/remove_3DES_ciphersuites 
Remove 3DES ciphersuites
 2021-06-02 11:01:42 +02:00
Ronald Cron
3dafa9bda8
Merge pull request #4555 from ronald-cron-arm/m-ccm-api 
Define CCM multi-part API
 2021-06-02 09:56:43 +02:00
Gilles Peskine
fe3069b7f1
Merge pull request #4585 from mpg/cipher-aead-delayed 
Clarify multi-part AEAD calling sequence in Cipher module
 2021-06-01 12:04:19 +02:00
Manuel Pégourié-Gonnard
c01b87b820 Fix some typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-06-01 09:40:53 +02:00
Ronald Cron
f668bd18df Add migration guide for developers of CCM alternative implementation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2021-06-01 09:07:46 +02:00
kXuan
22fc906d57
Add ChangeLog and migration guide for MBEDTLS_ECP_FIXED_POINT_OPTIM 
Signed-off-by: kXuan <kxuanobj@gmail.com>
 2021-06-01 14:01:59 +08:00
TRodziewicz
231649a020 Changing the migration guide entry wording. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-31 13:12:16 +02:00
TRodziewicz
4e57f4cdfd Adding removed defines to check_config.h and fixing the migration guide entry. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-31 12:58:25 +02:00
Manuel Pégourié-Gonnard
6d84e917bb
Merge pull request #4568 from creiter32/to_upstream/csr_critical_extensions 
Expose flag for critical extensions
 2021-05-31 12:46:59 +02:00
Manuel Pégourié-Gonnard
ee57ebe553 Add ChangeLog and migration guide entries 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2021-05-31 12:25:01 +02:00
TRodziewicz
3670e387dc Remove 3DES ciphersuites 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-31 12:11:53 +02:00
Ronald Cron
ea62d2f391
Merge pull request #4369 from hanno-arm/relax_psk_config 
Implement relaxed semantics for static PSK configuration in Mbed TLS 3.0
 2021-05-31 10:03:56 +02:00
TRodziewicz
dee975af7d Remove MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 option 
Remove define

Add ChangeLog file and migration guide entry

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-28 15:27:01 +02:00
Hanno Becker
2bec09c113 Fix typo in migration guide 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-28 09:54:31 +01:00
Hanno Becker
196739b478 Change wording in documentation of PSK configuration 
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
 2021-05-28 05:33:14 +01:00
TRodziewicz
062f353804 Changes after code review 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-27 17:34:14 +02:00
TRodziewicz
caf2ae04b8 ChangeLog and migration guide added. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-27 17:33:51 +02:00
Christoph Reiter
95273f4b07 Expose flag for critical extensions 
Enables creating X.509 CSRs with critical extensions.

Signed-off-by: Christoph Reiter <christoph.reiter@infineon.com>
 2021-05-27 14:27:43 +02:00
TRodziewicz
0a02fbb783 Addition of the migration guide entry. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-26 15:57:50 +02:00
TRodziewicz
a86c312d92 Addition of the migration guide entry. 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-26 15:29:36 +02:00
Gilles Peskine
b7abba28e3
Merge pull request #4515 from tom-daubney-arm/remove_rsa_mode_params_2 
Remove rsa mode params part 2
 2021-05-25 20:36:33 +02:00
Thomas Daubney
6f966112c7 Corrections to ChangeLog and Migration guide 
Corrections to address wording of ChangeLog
and Migration guide.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-25 15:00:19 +01:00
Thomas Daubney
3ca92b182c Re-wording of Migration guide entry 
Commit re-words the migration guide
entry as requested in review.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-24 14:11:39 +01:00
TRodziewicz
4ca18aae38 Corrections after the code review 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 13:38:00 +02:00
TRodziewicz
d807060e0a Addition of migration guide and corrections to the ChangeLog file 
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
 2021-05-24 12:50:51 +02:00
Thomas Daubney
2fbbe1d2fe Corrections to ChangeLog and Migration guide 
This commit fixes typos and re-words
the migration guide. It also adds
the issue number to the ChangeLog.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2021-05-24 10:53:57 +01:00