Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							197a6d454b 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'upstream-public/pr/1097' into development  
						
						
						
						
					 
					
						2018-01-02 16:09:15 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							3fcc045c23 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'upstream-public/pr/866' into development  
						
						... 
						
						
						
						Conflict resolution: additions in the same places as
upstream-public/pr/865, both adding into lexicographically sorted
lists, resolved by taking the additions in lexicographic order. 
						
						
					 
					
						2018-01-02 15:55:55 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							7c483b6765 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'upstream-public/pr/865' into development  
						
						
						
						
					 
					
						2018-01-02 15:35:18 +01:00 
						 
				 
			
				
					
						
							
							
								nirekh01 
							
						 
					 
					
						
						
						
						
							
						
						
							49762fa21f 
							
						 
					 
					
						
						
							
							Add 'MBEDTLS_DHM_ALT' #DEFINE to library/config.h  
						
						... 
						
						
						
						Add 'MBEDTLS_DHM_ALT' #DEFINE to library/config.h to support alternate DHM 
						
						
					 
					
						2017-12-25 06:46:48 +00:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
						
						
							
						
						
							3226d36d61 
							
						 
					 
					
						
						
							
							Fix typo in configuration  
						
						... 
						
						
						
						Change duplicate of MBEDTLS_ECDH_GEN_PUBLIC_ALT to
MBEDTLS_ECDH_COMPUTE_SHARED_ALT 
						
						
					 
					
						2017-10-12 14:17:48 +03:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
						
						
							
						
						
							a84c1cb355 
							
						 
					 
					
						
						
							
							Address PR cpomments reviews  
						
						... 
						
						
						
						1) move the change into Features from Changes, in the changLog
2) Change the feature alternative configuration MBEDTLS_ECDH_ALT
definition to function alternative defintions
MBEDTLS_ECDH_COMPUTE_SHARED_ALT and MBEDTLS_ECDH_GEN_PUBLIC_ALT 
						
						
					 
					
						2017-10-10 19:04:27 +03:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
						
						
							
						
						
							314adb6baa 
							
						 
					 
					
						
						
							
							Address PR review comments  
						
						... 
						
						
						
						1) update ChangLog to have new feature in Features instead of Changes
2) Change MBEDTLS_ECDSA_ALT to function specific alternative definitions:
MBEDTLS_ECDSA_SIGN_ALT, MBEDTLS_ECDSA_VERIFY_ALT and MBEDTLS_ECDSA_GENKEY_ALT 
						
						
					 
					
						2017-10-10 18:49:02 +03:00 
						 
				 
			
				
					
						
							
							
								Jaeden Amero 
							
						 
					 
					
						
						
						
						
							
						
						
							1526330931 
							
						 
					 
					
						
						
							
							Allow alternate implementation of GCM  
						
						... 
						
						
						
						Provide the ability to use an alternative implementation of GCM in place
of the library-provided implementation. 
						
						
					 
					
						2017-09-22 17:42:44 +01:00 
						 
				 
			
				
					
						
							
							
								Hanno Becker 
							
						 
					 
					
						
						
						
						
							
						
						
							ab3773123c 
							
						 
					 
					
						
						
							
							Add support for alternative RSA implementations  
						
						... 
						
						
						
						Alternative RSA implementations can be provided by defining MBEDTLS_RSA_ALT in
config.h, defining an mbedtls_rsa_context struct in a new file rsa_alt.h and
re-implementing the RSA interface specified in rsa.h.
Through the previous reworkings, the adherence to the interface is the only
implementation obligation - in particular, implementors are free to use a
different layout for the RSA context structure. 
						
						
					 
					
						2017-08-23 16:24:51 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							4b9c51ef32 
							
						 
					 
					
						
						
							
							Rename EARLY_RETURN -> RESTARTABLE  
						
						... 
						
						
						
						This is more consistent with function and context names. 
						
						
					 
					
						2017-08-09 11:44:53 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							c3a3bc7636 
							
						 
					 
					
						
						
							
							Add config flag MBEDTLS_ECP_EARLY_RETURN  
						
						
						
						
					 
					
						2017-08-09 11:44:53 +02:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
						
						
							
						
						
							433f39c437 
							
						 
					 
					
						
						
							
							ECDH alternative implementation support  
						
						... 
						
						
						
						Add alternative implementation support for ECDH at the higher layer 
						
						
					 
					
						2017-08-08 18:43:56 +03:00 
						 
				 
			
				
					
						
							
							
								Ron Eldor 
							
						 
					 
					
						
						
						
						
							
						
						
							b68733bf62 
							
						 
					 
					
						
						
							
							ECDSA alternative support  
						
						... 
						
						
						
						Support for alternative implementation of ECDSA, at the higher layer 
						
						
					 
					
						2017-08-07 18:00:22 +03:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							683ac27b0f 
							
						 
					 
					
						
						
							
							Checked names  
						
						
						
						
					 
					
						2017-07-27 21:44:33 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							a95d630197 
							
						 
					 
					
						
						
							
							Fix platform setup/teardown feature and comments  
						
						... 
						
						
						
						Fixed the platform setup/teardown feature, by fixing it for doxygen and adding it
as a feature  in 'version_features.c'. 
						
						
					 
					
						2017-07-27 21:44:33 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							04d6c3da3f 
							
						 
					 
					
						
						
							
							Checked names  
						
						
						
						
					 
					
						2017-07-27 15:08:01 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							9469919447 
							
						 
					 
					
						
						
							
							Fix platform setup/teardown feature and comments  
						
						... 
						
						
						
						Fixed the platform setup/teardown feature, by fixing it for doxygen and adding it
as a feature  in 'version_features.c'. 
						
						
					 
					
						2017-07-27 15:08:01 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
						
						
							
						
						
							710f54182f 
							
						 
					 
					
						
						
							
							Checked names  
						
						
						
						
					 
					
						2017-07-22 11:53:56 +02:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							c0da47dd1e 
							
						 
					 
					
						
						
							
							Fix platform setup/teardown feature and comments  
						
						... 
						
						
						
						Fixed the platform setup/teardown feature, by fixing it for doxygen and adding it
as a feature  in 'version_features.c'. 
						
						
					 
					
						2017-07-21 23:48:55 +01:00 
						 
				 
			
				
					
						
							
							
								Hanno Becker 
							
						 
					 
					
						
						
						
						
							
						
						
							177d3cf7bb 
							
						 
					 
					
						
						
							
							Rename and document new configuration option for packing AES tables  
						
						... 
						
						
						
						This commit renames the new AES table packing option introduced in the
previous MBEDTLS_AES_PACK_TABLES and documents its use and memory vs.
speed tradeoff. It also enhances the documentation of the other
AES-related option MBEDTLS_AES_ROM_TABLES. 
						
						
					 
					
						2017-06-09 16:57:44 +01:00 
						 
				 
			
				
					
						
							
							
								Jussi Kivilinna 
							
						 
					 
					
						
						
						
						
							
						
						
							2fd1bb8f02 
							
						 
					 
					
						
						
							
							Add option to use smaller AES tables (table sizes reduced by 6144 bytes)  
						
						... 
						
						
						
						This patch adds MBEDTLS_AES_SMALL_TABLES option to reduce number of AES
look-up tables and thus save 6 KiB of memory. Enabling this option
cause performance hit MBEDTLS_AES_SMALL_TABLES of ~7% on ARM and ~15%
on x86-64.
Benchmark on Cortex-A7 (armhf):
Before:
  AES-CBC-128              :      14394 Kb/s,          0 cycles/byte
  AES-CBC-192              :      12442 Kb/s,          0 cycles/byte
  AES-CBC-256              :      10958 Kb/s,          0 cycles/byte
After:
  AES-CBC-128              :      13342 Kb/s,          0 cycles/byte
  AES-CBC-192              :      11469 Kb/s,          0 cycles/byte
  AES-CBC-256              :      10058 Kb/s,          0 cycles/byte
Benchmark on Intel Core i5-4570 (x86_64, 3.2 Ghz, no turbo):
Before:
  AES-CBC-128              :     215759 Kb/s,         14 cycles/byte
  AES-CBC-192              :     190884 Kb/s,         16 cycles/byte
  AES-CBC-256              :     171536 Kb/s,         18 cycles/byte
After:
  AES-CBC-128              :     185108 Kb/s,         16 cycles/byte
  AES-CBC-192              :     162839 Kb/s,         19 cycles/byte
  AES-CBC-256              :     144700 Kb/s,         21 cycles/byte 
						
						
					 
					
						2017-06-07 15:29:31 +01:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
						
						
							
						
						
							69b2051e76 
							
						 
					 
					
						
						
							
							Update version features with ECP macros  
						
						
						
						
					 
					
						2017-05-11 22:42:14 +01:00 
						 
				 
			
				
					
						
							
							
								Steven Cooreman 
							
						 
					 
					
						
						
						
						
							
						
						
							3a93387cea 
							
						 
					 
					
						
						
							
							Forgot version-features update for new config flag  
						
						
						
						
					 
					
						2017-04-04 12:02:37 +02:00 
						 
				 
			
				
					
						
							
							
								Steven Cooreman 
							
						 
					 
					
						
						
						
						
							
						
						
							12d9f3c84d 
							
						 
					 
					
						
						
							
							Forgot version-features update for new config flag  
						
						
						
						
					 
					
						2017-04-04 12:01:42 +02:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							8e00410402 
							
						 
					 
					
						
						
							
							Merge fix for AEAD Random IVs  
						
						
						
						
					 
					
						2016-10-14 00:48:33 +01:00 
						 
				 
			
				
					
						
							
							
								Robert Cragie 
							
						 
					 
					
						
						
						
						
							
						
						
							48f2ff9dbe 
							
						 
					 
					
						
						
							
							Use autogenerated version_features.c  
						
						
						
						
					 
					
						2016-10-05 14:19:13 +01:00 
						 
				 
			
				
					
						
							
							
								Robert Cragie 
							
						 
					 
					
						
						
						
						
							
						
						
							8324818e0a 
							
						 
					 
					
						
						
							
							Added MBEDTLS_CMAC_C  
						
						
						
						
					 
					
						2016-10-05 14:19:13 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							124646e4b5 
							
						 
					 
					
						
						
							
							Updates version feature list for NV Seed  
						
						
						
						
					 
					
						2016-06-12 11:56:03 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							ab5df40054 
							
						 
					 
					
						
						
							
							Rename the 'no entropy' feature to MBEDTLS_TEST_NULL_ENTROPY  
						
						... 
						
						
						
						Following review and for clarity, changed the name of the feature to 'null
entropy'. 
						
						
					 
					
						2016-06-11 02:31:21 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
						
						
							
						
						
							bddf9ab8ff 
							
						 
					 
					
						
						
							
							Update features file  
						
						
						
						
					 
					
						2016-06-10 19:42:15 +01:00 
						 
				 
			
				
					
						
							
							
								Janos Follath 
							
						 
					 
					
						
						
						
						
							
						
						
							51bcd9355b 
							
						 
					 
					
						
						
							
							Update version features.  
						
						
						
						
					 
					
						2016-06-09 13:55:37 +01:00 
						 
				 
			
				
					
						
							
							
								Simon Butcher 
							
						 
					 
					
						
						
						
						
							
						
						
							3fe6cd3a2d 
							
						 
					 
					
						
						
							
							Fixes time() abstraction for custom configs  
						
						... 
						
						
						
						Added platform abstraction of time() to ChangeLog, version features, and fixed the build for dynamic configuration. 
						
						
					 
					
						2016-04-26 19:51:29 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							fadacb9d0b 
							
						 
					 
					
						
						
							
							Merge branch 'development' into iotssl-461-ecjpake-finalization  
						
						... 
						
						
						
						* development: (73 commits)
  Bump yotta dependencies version
  Fix typo in documentation
  Corrected misleading fn description in ssl_cache.h
  Corrected URL/reference to MPI library
  Fix yotta dependencies
  Fix minor spelling mistake in programs/pkey/gen_key.c
  Bump version to 2.1.2
  Fix CVE number in ChangeLog
  Add 'inline' workaround where needed
  Fix references to non-standard SIZE_T_MAX
  Fix yotta version dependencies again
  Upgrade yotta dependency versions
  Fix compile error in net.c with musl libc
  Add missing warning in doc
  Remove inline workaround when not useful
  Fix macroization of inline in C++
  Changed attribution for Guido Vranken
  Merge of IOTSSL-476 - Random malloc in pem_read()
  Fix for IOTSSL-473 Double free error
  Fix potential overflow in CertificateRequest
  ...
Conflicts:
	include/mbedtls/ssl_internal.h
	library/ssl_cli.c 
						
						
					 
					
						2015-10-20 15:00:29 +02:00 
						 
				 
			
				
					
						
							
							
								Robert Cragie 
							
						 
					 
					
						
						
						
						
							
						
						
							4d284d271b 
							
						 
					 
					
						
						
							
							Added feature MBEDTLS_SSL_EXPORT_KEYS  
						
						
						
						
					 
					
						2015-10-08 16:56:26 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							557535d8c4 
							
						 
					 
					
						
						
							
							Add ECJPAKE key exchange  
						
						
						
						
					 
					
						2015-09-16 22:58:29 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							ab05d23b29 
							
						 
					 
					
						
						
							
							Update generated file  
						
						
						
						
					 
					
						2015-09-09 11:50:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							4d8685b4ff 
							
						 
					 
					
						
						
							
							Add skeleton for EC J-PAKE module  
						
						
						
						
					 
					
						2015-09-07 12:43:09 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							37ff14062e 
							
						 
					 
					
						
						
							
							Change main license to Apache 2.0  
						
						
						
						
					 
					
						2015-09-04 14:21:07 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							6fb8187279 
							
						 
					 
					
						
						
							
							Update date in copyright line  
						
						
						
						
					 
					
						2015-07-28 17:11:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							07894338a0 
							
						 
					 
					
						
						
							
							Rename M255 to Curve25519  
						
						
						
						
					 
					
						2015-06-23 13:09:10 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							7320eb46d4 
							
						 
					 
					
						
						
							
							Remove references to some Montgomery curves  
						
						... 
						
						
						
						After all it looks like those won't become standard. 
						
						
					 
					
						2015-06-23 13:09:10 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							f9cbd73191 
							
						 
					 
					
						
						
							
							Update generated files  
						
						
						
						
					 
					
						2015-06-22 14:40:56 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							b541da6ef3 
							
						 
					 
					
						
						
							
							Fix define for ssl_conf_curves()  
						
						... 
						
						
						
						This is a security feature, it shouldn't be optional. 
						
						
					 
					
						2015-06-17 14:27:38 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							cb46fd8216 
							
						 
					 
					
						
						
							
							Avoid non-standard strcasecmp()  
						
						
						
						
					 
					
						2015-05-29 10:18:09 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							eb0d8706ce 
							
						 
					 
					
						
						
							
							Add option for even smaller SHA-256  
						
						
						
						
					 
					
						2015-05-28 16:45:23 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							fd6d8978f9 
							
						 
					 
					
						
						
							
							Add new submodule ssl_ticket  
						
						
						
						
					 
					
						2015-05-20 11:14:57 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							a27b1979dc 
							
						 
					 
					
						
						
							
							Update generated file  
						
						
						
						
					 
					
						2015-05-12 16:09:34 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							975d5fa206 
							
						 
					 
					
						
						
							
							Remove option HAVE_LONGLONG  
						
						
						
						
					 
					
						2015-04-10 11:34:22 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							7b53889f05 
							
						 
					 
					
						
						
							
							Remove support for HAVE_INT8 and HAVE_INT16  
						
						
						
						
					 
					
						2015-04-10 11:34:22 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
						
						
							
						
						
							b31424c86a 
							
						 
					 
					
						
						
							
							Make HAVE_IPV6 non-optional  
						
						
						
						
					 
					
						2015-04-09 16:42:38 +02:00