mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	0dba51cfad	Fix list of what's common to TLS 1.2 and 1.3 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:44:37 +02:00
Manuel Pégourié-Gonnard	9bf9b9e269	Link to restartable ECC EPIC Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:44:37 +02:00
Manuel Pégourié-Gonnard	f3f79a00fc	Now compatible with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER Also make a few general clarifications/improvements while at it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:44:37 +02:00
Manuel Pégourié-Gonnard	3e83098e01	Clarify the TLS 1.3 situation Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:44:32 +02:00
Manuel Pégourié-Gonnard	103b9929d1	Remove HKDF-Extract/Expand Being resolved in https://github.com/Mbed-TLS/mbedtls/issues/5784 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	b2bd34ecdc	Update docs/use-psa-crypto.md The scope of the option has been expanded, now it makes more sense to describe it as "everything except ...". Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	ff43ff6e78	Remove stability waiver from USE_PSA It was initially motivated by the fact that the PSA Crypto APIs themselves were not stable. In the meantime, PSA Crypto has reached 1.0.0 so this no longer applies. If we want user to be able to fully benefit from PSA in order to isolate long-term secrets, they need to be able to use the new APIs with confidence. There is no reason to think those APIs are any more likely to change than any of our other APIs, and if they do, we'll follow the normal process (deprecated in favour of a new variant). For reference, the APIs in question are: mbedtls_pk_setup_opaque() // to use PSA-held ECDSA/RSA keys in TLS mbedtls_ssl_conf_psk_opaque() // for PSA-held PSKs in TLS mbedtls_ssl_set_hs_psk_opaque() // for PSA-held PSKs in TLS mbedtls_cipher_setup_psa() (deprecated in 3.2) mbedtls_pk_wrap_as_opaque() (documented internal, to be removed in 3.2) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	97ec0b7bfa	Clarify effect of USE_PSA on TLS 1.3 The previous wording was wrong, there are parts that are affected. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	2a47d23927	Update strategy.md Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	83c538869e	Update psa-limitations - misc updates about on-going/recent work - removal of the section about mixed-PSK: being done in #5762 - clarifications in some places - some typo fixes Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	b8a6c2320e	Update testing.md Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Manuel Pégourié-Gonnard	2ffb93a83b	Rm tasks-g2.md That document was always temporary (said so at the top). Now superseded by https://github.com/orgs/Mbed-TLS/projects/1#column-18338322 Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-07-04 12:38:43 +02:00
Paul Elliott	7c6b0e4464	Merge pull request #5972 from wernerlewis/migration_guide_removals Add guidance for deprecated functions and macros to migration guide	2022-07-01 17:40:21 +01:00
Ronald Cron	3cb707dc6d	Fix and improve logs and documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-01 14:36:52 +02:00
Ronald Cron	2ba0d23c65	Update TLS 1.3 support documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-07-01 11:25:49 +02:00
Manuel Pégourié-Gonnard	11ccb35987	Merge pull request #5994 from gilles-peskine-arm/storage-format-doc-2.25-development Update storage format specification for Mbed TLS 2.25.0+	2022-07-01 09:25:35 +02:00
Gilles Peskine	0b7ee23fe0	Historical update: the layout on stdio changed in Mbed Crypto 1.1.0 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 12:16:50 +02:00
Gilles Peskine	38989612d6	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 12:16:32 +02:00
Gilles Peskine	219a34839c	Repeat the seed file documentation in 2.25.0 This way the 2.25.0 section is now fully self-contained. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 12:15:53 +02:00
Gilles Peskine	3d65a19ee3	Fix wrong type in C snippet Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 12:15:35 +02:00
Tom Cosgrove	d7adb3c7d9	Add comments about MBEDTLS_PSA_CRYPTO_C also being required by MBEDTLS_SSL_PROTO_TLS1_3 Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-06-30 09:48:40 +01:00
Gilles Peskine	25e39f24b9	Add section for Mbed TLS 2.25.0+ We hadn't updated the storage specification in a while. There have been no changes to the storage layout, but the details of the contents of some fields have changed. Since this is now a de facto stable format (unchanged between 2.25 and 3.2), describe it fully, avoiding references to previous versions. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-06-30 09:16:53 +02:00
Tom Cosgrove	afb2fe1acf	Document that MBEDTLS_SSL_KEEP_PEER_CERTIFICATE is required by MBEDTLS_SSL_PROTO_TLS1_3 Also have check_config.h enforce this. And MBEDTLS_SSL_EXPORT_KEYS has been removed, so no longer mention it. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2022-06-29 16:36:12 +01:00
Werner Lewis	05d5f81c20	Fix spelling and formatting consistency Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-29 09:19:29 +01:00
Ronald Cron	6b14c69277	Improve documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	139d0aa9d3	Fix typo in documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:21:13 +02:00
Ronald Cron	44b23b10e1	tls13: Document TLS 1.3 handshake implementation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-06-28 09:18:42 +02:00
Werner Lewis	4abd7c2545	Minor phrasing changes Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 09:42:34 +01:00
Werner Lewis	129d6adc0e	Use mbedtls-2.28 branch for documentation link Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 09:42:34 +01:00
Werner Lewis	4b8aaa4e60	Add clarification on 2.x branch choice Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 09:41:54 +01:00
Werner Lewis	f5b86f3b16	Add clarification for 2.x section Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-27 09:20:01 +01:00
Werner Lewis	f8a478795c	Add guidance for generating deprecated list Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-24 11:10:48 +01:00
Werner Lewis	016cec17e8	Add deprecated macros to migration guide Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-23 16:55:52 +01:00
Werner Lewis	745fcde406	Add reference to 2.x docs to migration guide Signed-off-by: Werner Lewis <werner.lewis@arm.com>	2022-06-23 16:51:45 +01:00
bootstrap-prime	6dbbf44d78	Fix typos in documentation and constants with typo finding tool Signed-off-by: bootstrap-prime <bootstrap.prime@gmail.com>	2022-05-18 14:15:33 -04:00
Dave Rodgman	65a141a7b0	Fix minor grammatical error Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:54 +01:00
Andrzej Kurek	5c65c5781f	Fix additional misspellings found by codespell Remaining hits seem to be hex data, certificates, and other miscellaneous exceptions. List generated by running codespell -w -L keypair,Keypair,KeyPair,keyPair,ciph,nd Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2022-05-11 21:25:54 +01:00
Shaun Case	8b0ecbccf4	Redo of PR#5345. Fixed spelling and typographical errors found by CodeSpell. Signed-off-by: Shaun Case <warmsocks@gmail.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-05-11 21:25:51 +01:00
Dave Rodgman	017a19997a	Update references to old Github organisation Replace references to ARMmbed organisation with the new org, Mbed-TLS, following project migration. Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2022-03-31 14:43:16 +01:00
Ronald Cron	8f6d39a81d	Make some handshake TLS 1.3 utility routines available for TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-03-29 14:42:17 +02:00
Gilles Peskine	fdfc10b250	Merge pull request #4408 from gilles-peskine-arm/storage-format-check-mononicity Check storage format tests for regressions	2022-03-07 17:02:34 +01:00
Gilles Peskine	e356f075f5	Merge pull request #5512 from gilles-peskine-arm/psa-driver-interface-tweaks-202201 PSA driver description spec: minor tweaks to the JSON format	2022-03-01 20:46:14 +01:00
Gilles Peskine	790f7428d2	Storage format test regressions are now checked mechanically Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-02-22 19:16:42 +01:00
Jerry Yu	bd19287a8e	fix docs issue Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	adb1869f8d	fix document about tls13 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Jerry Yu	72a0565e13	docs: Add version support description Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2022-02-21 09:06:00 +08:00
Ronald Cron	87829e5429	Fix documentation Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-14 16:31:33 +01:00
Ronald Cron	4279bac965	Document TLS 1.3 MVP limitation regarding MBEDTLS_USE_PSA_CRYPTO Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-02-11 15:10:22 +01:00
Manuel Pégourié-Gonnard	c70013e4bc	Clarify the trailer field situation Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-10 13:16:50 +01:00
Manuel Pégourié-Gonnard	c7f3254379	Clarify a sentence Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-02-10 13:00:33 +01:00

1 2 3 4 5 ...

526 commits