mbedtls

Author	SHA1	Message	Date
Glenn Strauss	0750d08601	Add comments for some forbidden aliasing in bignum Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2022-11-08 02:47:21 -05:00
Gilles Peskine	faefe62013	Merge pull request #6390 from mpg/fix-ecjpake-psa-format Fix ecjpake PSA format	2022-11-07 17:35:44 +01:00
Dave Rodgman	55fd0b9fc1	Merge pull request #6121 from daverodgman/pr277 cert_write - add a way to set extended key usages - rebase	2022-10-31 13:27:49 +00:00
Dave Rodgman	1a22bef116	Merge pull request #6190 from daverodgman/invalid-ecdsa-pubkey Improve ECDSA verify validation	2022-10-31 09:37:26 +00:00
Dave Rodgman	cd7fe3ee14	Merge pull request #6487 from gilles-peskine-arm/legacy_or_psa-internal	2022-10-27 20:21:43 +01:00
Ronald Cron	77e15e8a2c	Merge pull request #6460 from xkqian/tls13_add_early_data_preparatory Internal and Open CI merge job ran successfully. Good to go.	2022-10-27 10:40:56 +02:00
Gilles Peskine	3a9ebd69c3	Declare legacy_or_psa.h as private We think we're likely to change these macros. So make them only for internal use, not just "mostly". Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-26 18:03:14 +02:00
Gilles Peskine	49540ac529	Move copyright notice out of the Doxygen documentation Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-10-26 18:02:56 +02:00
Ronald Cron	c9176a03a7	Merge pull request #6410 from gilles-peskine-arm/psa-pkparse-pkwrite-3.2 PSA with RSA requires PK_WRITE and PK_PARSE	2022-10-26 14:57:36 +02:00
Manuel Pégourié-Gonnard	3e0ea98b7c	Merge pull request #6451 from mpg/fix-can-exercise Fix can_exercise() for RSA and hashes	2022-10-26 10:18:52 +02:00
Xiaokang Qian	72dbfef6e4	Improve coding styles Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-26 06:33:57 +00:00
Xiaokang Qian	4ef4c89af2	Fix CI failure in build_info.h Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-26 02:48:47 +00:00
Xiaokang Qian	65fc0de894	Improve the prerequisites for early data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 09:08:57 +00:00
Xiaokang Qian	d69d06fffa	Improve format issue Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 06:51:25 +00:00
Xiaokang Qian	95a0730f17	Change prerequisites of MBEDTLS_SSL_EARLY_DATA and add related check Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 05:34:48 +00:00
Xiaokang Qian	72de95dcf5	Move function mbedtls_ssl_tls13_conf_early_data to ssl_tls.c Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 05:34:25 +00:00
Xiaokang Qian	600804b0e7	Remove useless early data related macros for the time being Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Xiaokang Qian	54413b10c2	Add early data support preparatory work Add MBEDTLS_SSL_EARLY_DATA configuration option Define early_data_enabled field in mbedtls_ssl_config Add function mbedtls_ssl_conf_early_data Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2022-10-25 03:00:18 +00:00
Ronald Cron	571f1ff6dc	Make sure TLS 1.2 kex macros are undefined in builds without TLS 1.2 Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	73fe8df922	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED to guard TLS code (both 1.2 and 1.3) specific to handshakes involving PSKs. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	e68ab4f55e	Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED Introduce and use MBEDTLS_SSL_HANDSHAKE_WITH_CERT_ENABLED to guard TLS code (both TLS 1.2 and 1.3) specific to handshakes involving certificates. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	928cbd34e7	tls13: Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED Use MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED instead of MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED to guard code specific to the TLS 1.3 ephemeral key exchange mode. Use it also for the dependencies of TLS 1.3 only tests relying on ephemeral key exchange mode, but for tests in tls13-kex-modes.sh where the change is done later using all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_.*ENABLED macros. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:42:04 +02:00
Ronald Cron	d8d2ea5674	Add TLS 1.3 key exchange mode config options Add TLS 1.3 specific configuration options to enable/disable the support for TLS 1.3 key exchange modes. These configurations are introduced to move away from the aforementioned enablement/disablement based on MBEDTLS_KEY_EXCHANGE_xxx_ENABLED options that relate to group of TLS 1.2 ciphersuites. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-10-22 14:41:57 +02:00
Manuel Pégourié-Gonnard	98b91d40d6	RSA PKCS#1 v1.5 no longer depends on MD This has been the case since https://github.com/Mbed-TLS/mbedtls/pull/6065 which forgot to update the documentation, and also is_builtin_calling_md(), so update those. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-10-19 10:59:30 +02:00
Dave Rodgman	f33da19dfb	Merge pull request #6413 from daverodgman/update_docs_links Update documentation links	2022-10-14 17:42:48 +01:00
Gilles Peskine	8874cd570e	Merge pull request #4826 from RcColes/development Add LMS implementation	2022-10-14 18:33:01 +02:00
Ronald Cron	49e4184812	Merge pull request #6299 from xkqian/tls13_add_servername_check Add server name check when proposing pre-share key	2022-10-13 16:00:59 +02:00
Raef Coles	29c490db97	Update LMS calculate_public_key docs To avoid the word "generate" Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:34 +01:00
Raef Coles	07b70d9196	Correct typo in LMS config check Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:28 +01:00
Raef Coles	1b43a7448d	Clean up LMS and LMOTS feature dependencies Remove SHA256 dependencies from tests, fix incorrect boolean logic in check_config, and change depends_hashes.pl to disable LMS in one test Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:30:26 +01:00
Raef Coles	3c4ae77fec	Improve LMS private context documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:45 +01:00
Raef Coles	285d44b180	Capitalize "Merkle" in LMS and LMOTS code As it is a proper noun Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:43 +01:00
Raef Coles	9b0daf60fb	Improve LMS private function warning Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:38 +01:00
Raef Coles	370cc43630	Make LMS public key export part of public key api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:28 +01:00
Raef Coles	be3bdd8240	Rename LMS and LMOTS init/free functions To match convention Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:18 +01:00
Raef Coles	2ac352a322	Make LMS functions args const where required Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:14 +01:00
Raef Coles	f6ddd51bfd	Sanitize LMS and LMOTS macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:13 +01:00
Raef Coles	5127e859d7	Update LMS and LMOTS dependency macros Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:11 +01:00
Raef Coles	56fe20a473	Move MBEDTLS_PRIVATE required defines into lms.h From lmots.h, as it is a private header Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:10 +01:00
Raef Coles	ab300f15e8	Move public header content from lmots.h to lms.h Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:29:08 +01:00
Raef Coles	403558c1c9	Fix LMS function documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:57 +01:00
Raef Coles	9b88ee5d5d	Fix LMS and LMOTS coding style violations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:40 +01:00
Raef Coles	366d67d9af	Shorted LMS and LMOTS line-lengths To attempt to comply with the 80-char suggestion Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:38 +01:00
Raef Coles	e9479a0264	Update LMS API to support multiple parameter sets Parameterise macros to allow variation of sizes Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:36 +01:00
Raef Coles	ab4f87413a	Add MBEDTLS_LMS_PRIVATE define To enable private key operations Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:35 +01:00
Raef Coles	01c71a17b3	Update LMS and LMOTS api Fix function names and parameters. Move macros to be more private. Update implementation. Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:25 +01:00
Raef Coles	c8f9604d7b	Use PSA hashing for LMS and LMOTS Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:23 +01:00
Raef Coles	7dce69a27a	Make LMOTS a private api Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:22 +01:00
Raef Coles	2ad6e611f0	Update LMS/LMOTS documentation Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:20 +01:00
Raef Coles	0aa18e041f	Note that LMS sign function is for testing only Signed-off-by: Raef Coles <raef.coles@arm.com>	2022-10-13 14:28:18 +01:00

1 2 3 4 5 ...

5466 Commits