mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	56b159a12a	Merge pull request #7627 from mprse/ffdh_tls13_v2 Make use of FFDH keys in TLS 1.3 v.2	2023-07-03 10:12:33 +02:00
Tom Cosgrove	c4a760c538	Merge pull request #7849 from davidhorstmann-arm/fix-string-to-names-retcode Fix false success return code in `mbedtls_x509_string_to_names()`	2023-06-30 14:28:29 +01:00
Dave Rodgman	c23d2222ea	Merge pull request #7728 from waleed-elmelegy-arm/crypt_and_hash-decrypt-fix Fix crypt_and_hash decrypt issue when used with stream cipher	2023-06-30 11:42:35 +01:00
Dave Rodgman	90282149fa	fix trailing whitespace Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-28 11:29:27 +01:00
Dave Rodgman	6bed2dabc1	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-28 10:00:23 +01:00
David Horstmann	582b7cf0d4	Add ChangeLog entry for string_to_names() fix Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-27 15:38:02 +01:00
Dave Rodgman	9f4fd28eff	Merge pull request #7808 from daverodgman/fix-ct-compile-warning Fix for arm64_32 (aka ILP32) on Clang	2023-06-27 15:23:14 +01:00
Gilles Peskine	e8e1e157cb	Fix empty union when TLS is disabled When all TLS 1.2 support is disabled, union mbedtls_ssl_premaster_secret was empty, which is not valid C even if the union is never used. Fixes #6628. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-25 21:41:58 +02:00
Dave Rodgman	140fa15a7f	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-21 12:36:52 +01:00
Dave Rodgman	517e891e55	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-21 11:16:42 +01:00
Gilles Peskine	fd235bc9df	Fix very high stack usage in SSL debug code Use a switch instead of an array. The array was very hollow for some enum types such as mbedtls_ssl_protocol_version (which formerly used small values, but switched to using the protocol encoding as enum values in Mbed TLS 3.2.0). Optimizing compilers know how to compile a switch into a lookup table when the range warrants it. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-20 17:48:18 +02:00
Marek Jansta	8bde649c0b	Fixed AlgorithmIdentifier parameters when used with ECDSA signature algorithm in x509 certificate Signed-off-by: Marek Jansta <jansta@2n.cz>	2023-06-19 12:49:27 +02:00
Dave Rodgman	418843ed64	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-16 15:27:23 +01:00
Valerio Setti	01951f01ad	changelog: added entries for explaining changes of this PR Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-06-16 12:26:26 +02:00
Gilles Peskine	f45a5a0ddd	Merge pull request #7700 from silabs-Kusumit/PBKDF2_output_bytes PBKDF2: Output bytes	2023-06-16 10:08:02 +02:00
Dave Rodgman	3650a60586	Update changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-15 18:56:15 +01:00
Gilles Peskine	8c2f18dac2	Merge pull request #7738 from davidhorstmann-arm/fix-iar-typo Fix typo in CMakeList.txt in IAR compiler flags	2023-06-15 19:24:00 +02:00
David Horstmann	ff4b6a8d18	Reword changelog entry Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-06-15 14:08:19 +01:00
Dave Rodgman	2e7d57270e	Merge pull request #7624 from daverodgman/aes-perf AES perf improvements	2023-06-15 12:10:06 +01:00
Tom Cosgrove	6edf8b8c7b	Merge pull request #7451 from yanrayw/7376_aes_128bit_only Introduce config option of 128-bit key only in AES calculation	2023-06-15 10:35:32 +01:00
Gilles Peskine	6966141561	Changelog entry for the MBEDTLS_CIPHER_BLKSIZE_MAX deprecation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-14 18:00:37 +02:00
SlugFiller	daa363b4d3	Add changelog entry Signed-off-by: SlugFiller <5435495+SlugFiller@users.noreply.github.com>	2023-06-14 05:42:12 +03:00
Waleed Elmelegy	3bc6feae89	Add crypt_and_hash decrypt issue to Changelog Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>	2023-06-12 17:37:23 +01:00
Dave Rodgman	12d89741bf	Improve phrasing Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-11 16:29:54 +01:00
Dave Rodgman	5a46dfae2c	Changelog for SHA-384 max block size bug Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-11 16:23:02 +01:00
Dave Rodgman	0e22597871	Update Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-09 17:23:20 +01:00
Glenn Strauss	4b2a6e8df3	Reuse time when verifying certificate chain Replace mbedtls_x509_time_is_past(), mbedtls_x509_time_is_future() Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Glenn Strauss	416dc03467	mbedtls_x509_time_cmp() compare mbedtls_x509_time Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Tom Cosgrove	ef2aa0ecad	Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c If we're built with MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT but don't have a way to detect the crypto extensions required, the code turns off _IF_PRESENT and falls back to C only (with a warning). This was done after the attributes are pushed, and the pop is done only #if defined(xxx_IF_PRESENT), so this commit fixes that. Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-06-09 11:29:50 +01:00
Gilles Peskine	95b43a04a9	Merge pull request #7651 from daverodgman/fix-armclang-compile-fail Fix armclang compile fail	2023-06-08 14:36:18 +02:00
Kusumit Ghoderao	e5dd11164a	Edit changelog Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-08 16:43:32 +05:30
Dave Rodgman	05d71ffe5b	Merge remote-tracking branch 'origin/development' into sha3-updated	2023-06-07 18:02:04 +01:00
Dave Rodgman	cf4d2bdc09	Spell as SHA-3 not SHA3 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-07 17:08:09 +01:00
Gilles Peskine	d598eaf212	Merge pull request #7106 from davidhorstmann-arm/parse-oid-from-string Parse an OID from a string	2023-06-06 20:57:17 +02:00
Przemek Stekiel	da4fba64b8	Further code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	316c19ef93	Adapt guards, dependencies + optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:09 +02:00
Przemek Stekiel	f0d5df0c88	Add changelog entry (FFDH in TLS 1.3) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 12:31:08 +02:00
Kusumit Ghoderao	354434c466	Add changelog entry Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>	2023-06-06 15:05:47 +05:30
Gilles Peskine	5c3d6e277c	Merge pull request #7575 from AndrzejKurek/URI-SAN-verification Add partial support for URI SubjectAltNames verification	2023-06-05 16:46:47 +02:00
Gilles Peskine	84b547b5ee	Merge pull request #7400 from AndrzejKurek/cert-write-sans Add a possibility to generate certificates with a Subject Alternative Name	2023-06-05 15:38:38 +02:00
Dave Rodgman	4db4d6b9b0	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-04 20:41:24 -04:00
Dave Rodgman	49bd1f2cb2	Fix spelling in Changelog Signed-off-by: Dave Rodgman <dave.rodgman@gmail.com>	2023-06-02 10:31:49 -04:00
Manuel Pégourié-Gonnard	0b68784053	Merge pull request #7577 from mprse/ffdh_drivers FFDH 3b: add driver testing (no TLS 1.3)	2023-06-01 10:26:08 +02:00
David Horstmann	57b5d22a9e	Reword ChangeLog entry for consistency Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-05-31 14:36:41 +01:00
Robin Kastberg	925c9b826d	Create bugfix_iar_typo.txt Changelog entry Signed-off-by: Robin Kastberg <robin.kastberg@iar.com>	2023-05-26 16:06:44 +02:00
Dave Rodgman	1ae50aebb9	Update Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-25 09:46:34 +01:00
Dave Rodgman	a1f51c213c	Fix Changelog formatting Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 13:02:18 +01:00
Dave Rodgman	a55e12c525	Add Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-24 12:15:26 +01:00
Dave Rodgman	b19b63a639	Changelog update Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-22 19:56:03 +01:00
Dave Rodgman	0805ad10b2	XOR perf improvements Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-05-19 11:48:10 +01:00
Andrzej Kurek	1bc7df2540	Add documentation and a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-17 15:23:56 -04:00
Tom Cosgrove	6d62faca8e	Only include psa_pake_setup() and friends if some PAKE algorithms are required Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-05-12 12:36:24 +01:00
Przemek Stekiel	ea52e1a43f	Add changelog entry (FFDH driver dispatch) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-05-11 12:23:12 +02:00
Andrzej Kurek	199eab97e7	Add partial support for URI SubjectAltNames Only exact matching without normalization is supported. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-05-10 09:57:19 -04:00
Yanray Wang	463351d824	ChangeLog: remove issue number as this is a new feature Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-10 18:10:03 +08:00
Yanray Wang	a30c72fc44	rewrite ChangeLog Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-10 10:13:39 +08:00
Gilles Peskine	97edeb4fb8	Merge pull request #6866 from mprse/extract-key-ids Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions v.2	2023-05-08 20:38:29 +02:00
Pol Henarejos	d06c6fc45b	Merge branch 'development' into sha3 Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>	2023-05-05 16:01:18 +02:00
Yanray Wang	d9bf370fbe	add ChangeLog entry Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-05-05 16:28:35 +08:00
Jethro Beekman	0167244be4	Read and write X25519 and X448 private keys Signed-off-by: Jethro Beekman <jethro@fortanix.com> Co-authored-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com> Signed-off-by: Gijs Kwakkel <gijs.kwakkel@fortanix.com>	2023-05-04 13:01:47 +02:00
Gilles Peskine	d3ca5e5897	Merge pull request #7328 from mprse/ec-jpake-fix1 Fix the JPAKE driver interface for user+peer	2023-05-02 20:42:25 +02:00
Gilles Peskine	672a771227	Fix a build error when MBEDTLS_PSA_INJECT_ENTROPY is enabled Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-04-28 21:00:28 +02:00
Gilles Peskine	53a9ac576d	Merge pull request #7443 from mprse/psa_init_in_programs Init PSA in ssl and x509 programs	2023-04-28 12:49:11 +02:00
JonathanWitthoeft	2a878a85a6	Adjust ChangeLog Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 19:00:46 -05:00
JonathanWitthoeft	9b265180cc	Make mbedtls_ecdsa_can_do definition unconditional Signed-off-by: JonathanWitthoeft <jonw@gridconnect.com>	2023-04-26 16:09:28 -05:00
David Horstmann	b6ff8a2c4b	Add ChangeLog entry for string-to-OID parsing Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-04-26 12:10:36 +01:00
Przemek Stekiel	6cec5e9d9e	Add changelog entry (PSA initialization in sample programs) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-24 08:03:30 +02:00
Gilles Peskine	935a987b2b	Merge pull request #7436 from AndrzejKurek/x509-verify-san-ip x509 SAN IP parsing	2023-04-21 22:00:58 +02:00
Ronald Cron	f54762e498	Merge pull request #7415 from Harshal5/fix/declaration_of_mbedtls_ecdsa_sign_det_restartable_function ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined	2023-04-17 15:41:25 +02:00
harshal.patil	8c77644906	ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined - In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public. - But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`, only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined. Signed-off-by: harshal.patil <harshal.patil@espressif.com>	2023-04-17 12:53:00 +05:30
Eugene K	3208b0b391	add IP SAN tests changes per mbedTLS standards Signed-off-by: Eugene K <eugene.kobyakov@netfoundry.io>	2023-04-11 08:29:42 -04:00
Gilles Peskine	7c1c7ce90e	Merge pull request #7401 from AndrzejKurek/md-guards-missing Add missing md.h includes	2023-04-11 09:32:17 +02:00
Ronald Cron	4d31496294	Update TLS 1.3 documentation and add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Andrzej Kurek	468a99ed0b	Add a changelog entry Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-04-06 03:04:15 -04:00
toth92g	d96027acd2	Correcting documentation issues: - Changelog entry is Feature instead of API Change - Correcting whitespaces around braces - Also adding defensive mechanism to x509_get_subject_key_id to avoid malfunction in case of trailing garbage Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
toth92g	27f9e7815c	Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates Signed-off-by: toth92g <toth92g@gmail.com>	2023-04-04 17:48:27 +02:00
Manuel Pégourié-Gonnard	86d5d4bf31	Merge pull request #7103 from valeriosetti/issue6622 Some MAX_SIZE macros are too small when PSA ECC is accelerated	2023-04-03 16:23:27 +02:00
Valerio Setti	3a3a756431	adding missing newline at the end of changelog file Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 10:55:29 +02:00
Valerio Setti	0a7ff791a6	add Changelog Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-04-03 09:18:41 +02:00
Dave Rodgman	b8f5ba826b	Merge pull request #6891 from yuhaoth/pr/add-milliseconds-platform-function Add milliseconds platform time function	2023-03-31 11:47:37 +01:00
Andrzej Kurek	9fa1d25aeb	Add changelog entry for directoryname SAN Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:38:47 -04:00
Paul Elliott	d01a3bca05	Merge tag 'v3.4.0' into mbedtls-3.4.0_mergeback Mbed TLS 3.4.0	2023-03-27 18:09:49 +01:00
Manuel Pégourié-Gonnard	a71594538f	Add a ChangeLog entry for driver-only hashes Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Przemek Stekiel	ebfeb172ee	Add change log entry (j-pake user/peer accept any values) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-23 13:37:18 +01:00
Paul Elliott	dbe435cda0	Assemble Changelog for 3.4.0 release Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-23 10:46:10 +00:00
Tom Cosgrove	4903139bc4	Add security entry to ChangeLog for AES-NI Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-22 17:43:40 +00:00
Tom Cosgrove	a9c58584be	Add security entry to ChangeLog for AES-CE Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-22 17:42:17 +00:00
Paul Elliott	e214827347	Add TLS1.2 Opaque ECJPAKE changelog entry Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-22 15:03:32 +00:00
Valerio Setti	89029e7366	changelog: fix description for ECDH changes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Valerio Setti	8427b56d71	added changelog for accelerated ECDH changes Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-03-22 10:48:34 +01:00
Paul Elliott	1b5957165a	Add Changelog for PSA to Mbed TLS error translation unification Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 16:38:31 +00:00
Tom Cosgrove	c4d759b697	Update AESCE changelog entry Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-21 16:31:18 +00:00
Tom Cosgrove	dcc0ee1a1e	Update changelog entry, splitting into two sections Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>	2023-03-21 15:52:20 +00:00
Jerry Yu	8d3fa9bd7b	Add changelog entry for #6932 and #7203 Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-21 15:52:08 +00:00
Paul Elliott	3201f56952	Rename misnamed changelog entries Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:46:33 +00:00
Paul Elliott	f1eb5e2a04	Merge branch 'development-restricted' into mbedtls-3.4.0rc0-pr Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-21 15:35:17 +00:00
Dave Rodgman	3543806026	Merge pull request #7190 from yanrayw/6197_rsa_get_padding_hashID RSA: provide interface to retrieve padding mode and hash_id	2023-03-20 18:34:53 +00:00
Dave Rodgman	d3b6e92967	Merge pull request #997 from gilles-peskine-arm/aesni-intrinsics Implement AESNI with intrinsics	2023-03-20 18:20:51 +00:00
Manuel Pégourié-Gonnard	e9a60224fd	Add ChangeLog entry for driver-only EC J-PAKE Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-20 10:03:55 +01:00
Yanray Wang	b46ccf235c	fix line length of ChangeLog Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-20 12:41:10 +08:00
Dave Rodgman	f992e6fe38	Changelog for AESCE support Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-17 17:52:38 +00:00
Dave Rodgman	8a7ed6951d	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com> Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-03-17 18:58:11 +08:00
Paul Elliott	9f02a4177b	Merge pull request #7009 from mprse/csr_write_san Added ability to include the SubjectAltName extension to a CSR - v.2	2023-03-17 10:07:27 +00:00
Gilles Peskine	74b4223c81	Announce the expanded AESNI support Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-16 17:50:15 +01:00
Dave Rodgman	680dbd46ae	Merge pull request #7270 from DemiMarie/oid-fix Fix segfault in mbedtls_oid_get_numeric_string	2023-03-16 12:21:36 +00:00
Demi Marie Obenour	889534a4d2	Fix segfault in mbedtls_oid_get_numeric_string When passed an empty OID, mbedtls_oid_get_numeric_string would read one byte from the zero-sized buffer and return an error code that depends on its value. This is demonstrated by the test suite changes, which check that an OID with length zero and an invalid buffer pointer does not cause Mbed TLS to segfault. Also check that second and subsequent subidentifiers are terminated, and add a test case for that. Furthermore, stop relying on integer division by 40, use the same loop for both the first and subsequent subidentifiers, and add additional tests. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-03-16 01:06:41 -04:00
Gilles Peskine	2a44ac245f	Merge pull request #7217 from lpy4105/issue/6840/add-cache-entry-removal-api ssl_cache: Add cache entry removal api	2023-03-15 15:38:06 +01:00
Janos Follath	0086f8626a	Add changelog entry PR7083 silently fixed a security vulnerability in public, this commit adds a changelog entry for it. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-03-15 13:31:48 +00:00
Dave Rodgman	a94c90d30d	Merge pull request #7282 from gilles-peskine-arm/changelog-6567-psa_key_derivation_abort-no-other_secret Add changelog entry for a bug in non-PAKE code fixed during PAKE work	2023-03-15 09:27:33 +00:00
Manuel Pégourié-Gonnard	18336dace2	Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user EC J-PAKE: partial fix for role vs user+peer	2023-03-15 09:37:30 +01:00
Pengyu Lv	db47f2fbd4	Add changelog entry for new API Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>	2023-03-15 15:01:36 +08:00
Gilles Peskine	51b2868f3c	Add changelog entry for a bug in non-PAKE code fixed during PAKE work Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-14 21:41:54 +01:00
Gilles Peskine	215ecd0439	Merge pull request #7252 from daverodgman/enable_pkcs7 Enable PKCS 7	2023-03-14 10:39:50 +01:00
Paul Elliott	e4622a3436	Merge remote-tracking branch 'development/development' into development-restricted Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-03-13 17:49:32 +00:00
Przemek Stekiel	a11c1d141e	Reword change log entry Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-13 16:21:40 +01:00
Dave Rodgman	756b028511	Merge pull request #7171 from daverodgman/pr5527 Fix undefined behavior in ssl_read if buf parameter is NULL	2023-03-13 10:46:29 +00:00
Jerry Yu	3373ccaa18	Update changelog Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-13 11:39:43 +08:00
Przemek Stekiel	8b429ba414	Add change log entry (EC j-pake driver dispatch) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:28 +01:00
Przemek Stekiel	9cc1786e46	Add chenage log entry for j-pake user/peer partial fix Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-12 16:59:20 +01:00
Dave Rodgman	957cc36be9	Improve wording; use PKCS #7 not PKCS7 Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Dave Rodgman	3fe2abf306	Apply suggestions from code review Co-authored-by: Tom Cosgrove <tom.cosgrove@arm.com> Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Dave Rodgman	d12b592bc1	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-03-12 08:50:58 +00:00
Manuel Pégourié-Gonnard	c2495f78e6	Add a ChangeLog entry for driver-only ECDSA Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:16 +01:00
Przemek Stekiel	89e268dfb9	Add change log entry (SubjectAltName extension in CSR) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-09 14:04:17 +01:00
Dave Rodgman	4693fd9e9e	Merge pull request #7173 from daverodgman/zeroize-platform Use platform-provided secure zeroization	2023-03-06 09:16:12 +00:00
Pol Henarejos	f61d6c0a2b	Merge branch 'development' into sha3	2023-03-04 00:03:06 +01:00
Dave Rodgman	1f39a62ce6	Merge pull request #7151 from gilles-peskine-arm/psa-headers-alt Allow alternative names for overridable PSA headers	2023-03-03 12:37:51 +00:00
Jerry Yu	8049346989	Add change log entry for `mbedtls_ms_time` Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>	2023-03-03 11:19:07 +08:00
Gilles Peskine	cc29bfd92a	Bug fixes from the split of ssl_handle_hs_message_post_handshake The split of ssl_handle_hs_message_post_handshake() into ssl_tls12_handle_hs_message_post_handshake() and ssl_tls13_handle_hs_message_post_handshake() fixed some user-visible bugs. Add a changelog entry for those bugs. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-03-01 19:49:58 +01:00
Dave Rodgman	dd4427cc5b	Merge pull request #7169 from AndrzejKurek/mpi-window-size Reduce the default MBEDTLS_ECP_WINDOW_SIZE value from 6 to 2	2023-02-27 17:12:38 +00:00
Paul Elliott	ac2251dad1	Merge pull request #7076 from mprse/parse_RFC822_name Add parsing of x509 RFC822 name + test	2023-02-27 14:16:13 +00:00
Dave Rodgman	bf0597f804	Changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 17:45:41 +00:00
Dave Rodgman	fd8929cfd1	Improve changelog Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-02-24 15:57:30 +00:00
Ashley Duncan	88240e769f	Added changelog entry. Signed-off-by: Ashley Duncan <ashley.duncan@evnex.com>	2023-02-24 15:57:30 +00:00
Andrzej Kurek	86f30ff626	Reduce the default MBEDTLS_ECP_WINDOW_SIZE value to 2 As tested in https://github.com/Mbed-TLS/mbedtls/issues/6790, after introducing side-channel counter-measures to bignum, the performance of RSA decryption in correlation to the MBEDTLS_ECP_WINDOW_SIZE has changed. The default value of 2 has been chosen as it provides best or close-to-best results for tests on Cortex-M4 and Intel i7. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-24 07:51:21 -05:00
Paul Elliott	a3b625b0a1	Merge pull request #7098 from gilles-peskine-arm/retval-non-empty Pacify Clang 15 about empty \retval	2023-02-24 09:10:53 +00:00
Gilles Peskine	b1176f2583	Allow alternative names for overridden PSA headers Integrators of Mbed TLS may override the header files "psa/crypto_platform.h" and "psa/crypto_struct.h" by overwriting the files or by placing alternative versions earlier in the include file search path. These two methods are sometimes inconvenient, so allow a third method which doesn't require overwriting files or having a precise order for the include path: integrators can now specify alternative names for the headers. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-22 22:07:28 +01:00
Gilles Peskine	ffb92b0789	Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug Fix bugs in OID to string conversion	2023-02-21 23:16:44 +01:00
Gilles Peskine	250a5ac4cb	Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle Implement PSA interruptible sign/verify hash	2023-02-21 15:13:34 +01:00
Ronald Cron	d89360b87b	Fix and improve documentation, comments and logs Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-21 14:57:25 +01:00
Przemek Stekiel	d7820b7026	Add change log entry: SAN rfc822Name Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-20 15:09:50 +01:00
Ronald Cron	675d97d42e	Add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-02-20 11:42:19 +01:00
Manuel Pégourié-Gonnard	718eb4f190	Merge pull request #7025 from AndrzejKurek/uri_san Add the uniformResourceIdentifier subtype for the subjectAltName	2023-02-20 11:29:59 +01:00
Paul Elliott	e04e15b766	Add Changelog entry Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-15 23:34:29 +00:00
David Horstmann	21b8387929	Add ChangeLog for OID-to-string fixes Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-02-15 13:07:49 +00:00
Gilles Peskine	4386cf188d	Changelog entry for pacifying clang -Wdocumentation about \retval Fixes #6960 Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-14 19:26:56 +01:00
Paul Elliott	1748de160a	Fix IAR Warnings IAR was warning that conditional execution could bypass initialisation of variables, although those same variables were not used uninitialised. Signed-off-by: Paul Elliott <paul.elliott@arm.com>	2023-02-13 15:35:35 +00:00
Andrzej Kurek	3e8f65a7e2	Add a changelog entry for URI SAN parsing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-02-13 10:21:20 -05:00
Gilles Peskine	928593f732	Merge pull request #7041 from gilles-peskine-arm/pk_ext-pss_options-public Make the fields of mbedtls_pk_rsassa_pss_options public	2023-02-10 15:08:06 +01:00
Gilles Peskine	b8531c4b0b	Merge pull request #6882 from AndrzejKurek/x509_san_parsing_testing-dev X.509: Fix bug in SAN parsing and enhance negative testing	2023-02-10 15:05:32 +01:00

1 2 3 4 5 ...

1254 commits