cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-05 03:24:17 -04:00
Code Issues Packages Projects Releases Wiki Activity
31,058 Commits 7 Branches 115 Tags
Commit Graph

361 Commits

Author SHA1 Message Date
Gilles Peskine
2bfd749e86 Dynamic key store: new compilation option 
Create a new compilation option for a dynamically resized key store. The
implementation will follow in subsequent commits.

This option is off by default with custom configuration files, which is best
for typical deployments on highly constrained platforms. This option is on
by default with the provided configuration file, which is best for typical
deployments on relatively high-end platforms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-09 13:52:30 +02:00
Gilles Peskine
3b41e1d2a5
Merge pull request #9403 from gilles-peskine-arm/psa-keystore-dynamic-prep-3.6 
Backport 3.6: prepare for dynamic key store
 2024-08-09 08:00:03 +00:00
Gilles Peskine
e7624cabfb Improve the documentation of MBEDTLS_PSA_KEY_SLOT_COUNT 
The description was misleading: setting the option doesn't “restrict” the
number of slots, that restriction exists anyway. Setting the option merely
determines the value of the limit.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-17 12:35:14 +02:00
Wenxing Hou
848bccf1ce Fix some typo for include folder 
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
 2024-07-12 11:38:53 +03:00
Tom Cosgrove
1b3b1743f5 Record size limit support is released, so remove warning about only for testing 
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2024-03-26 12:23:49 +00:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
Ronald Cron
27eb68d295 Enable TLS 1.3 by default 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-18 13:06:59 +01:00
Manuel Pégourié-Gonnard
c9db499299
Merge pull request #8930 from ronald-cron-arm/tls13-doc-update 
TLS 1.3: Documentation update for 3.6 release
 2024-03-15 16:41:52 +00:00
Ronald Cron
933aec86fd Remove experimental warnings related to early data 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 14:52:10 +01:00
Bence Szépkúti
567591eec7
Merge pull request #8923 from bensze01/drop-old-compilers 
Drop Support for MSVC 2013, 2015 and Arm Compiler 5
 2024-03-15 12:56:21 +00:00
Bence Szépkúti
e05b54229f Drop reference to Visual Studio 2013 from config 
All supported versions of Visual Studio support AESNI, so drop the
version number.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-03-15 12:19:39 +01:00
David Horstmann
4a48becdba Invert and rename config option 
Replace MBEDTLS_PSA_COPY_CALLER_BUFFERS with inverse:
!MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS. This ensures that buffer
protection is enabled by default without any change to the Mbed TLS
config file.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 14:47:48 +00:00
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Ryan Everett
32a6458880 Add a warning to the definition of MBEDTLS_PSA_CRYPTO_SE_C 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-05 18:16:18 +00:00
Tom Cosgrove
817772a6ca
Merge pull request #8716 from mschulz-at-hilscher/feature/gcm_largetable 
Use large GCM tables
 2024-02-23 16:25:38 +00:00
Yanray Wang
a8f8eb1e35 check_config: add missing dependency check for MBEDTLS_PK_WRITE_C 
MBEDTLS_PK_WRITE_C requires MBEDTLS_ASN1_WRITE_C, but there is no
corresponding check in check_config.h. In addition, corresponding
documentation for `Requires` is updated in mbedtls_config.h.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2024-02-14 16:00:35 +00:00
Yanray Wang
072a068f9f check_config: combine check for MBEDTLS_PK_PARSE_C 
- check_config.h: combine separate check for MBEDTLS_PK_PARSE_C
- mbedtls_config.h: update documentation for `Requires`

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2024-02-14 16:00:28 +00:00
Yanray Wang
5b118d4aed Check MBEDTLS_PK_{PARSE,WRITE}_C requires MBEDTLS_OID_C 
- check_config.h: add this dependency check
- mbedtls_config.h: update corresponding requirement documentation

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2024-02-14 15:56:02 +00:00
Matthias Schulz
a6ac0f1330 Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-09 17:11:54 +01:00
Matthias Schulz
f3116341e2
spelling 
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Matthias Schulz <140500342+mschulz-at-hilscher@users.noreply.github.com>
 2024-02-08 18:35:36 +01:00
Matthias Schulz
782667883a Fix: 
- Remove unnecessary tests.
- Update description of MBEDTLS_GCM_LARGETABLE parameter.
- Move acceleration defines from gcm.h to gcm.c.
- Remove unnecessary zero setting after shift.
- Fix implementation for big-endian architectures.

Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-08 13:59:15 +01:00
Matthias Schulz
0767fdadbf Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2024-02-07 13:17:50 +01:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
Valerio Setti
d5cab81405 mbedtls_config: update documentation for CIPHER_C and CRYPTO_C 
Adding auto-enablement sections.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 07:23:33 +01:00
Valerio Setti
c95ab2a1a0 mbedtls_config: extend documentation for MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-08 16:57:18 +01:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358 
G3-G4 wrap-up
 2024-01-04 10:48:00 +00:00
Valerio Setti
e98ad5931a mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 10:42:12 +01:00
Tomi Fontanilles
a70b3c24f6 rsa: minor comment/guard improvements 
This brings some improvements to comments/
function prototypes that relate to PKCS#1.

Signed-off-by: Tomi Fontanilles <129057597+tomi-font@users.noreply.github.com>
 2023-12-20 12:59:57 +02:00
David Horstmann
c09f36dd1b Invert note about buffer overlap support 
When MBEDTLS_PSA_COPY_CALLER_BUFFERS is disabled, it causes overlap to
not be supported.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-20 10:57:43 +00:00
David Horstmann
d20ffaf06f Remove accidental addition of MBEDTLS_TEST_HOOKS 
Remove MBEDTLS_TEST_HOOKS from the default config, to which it was
erroneously added.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-15 19:05:40 +00:00
David Horstmann
853f9f97eb Add missing newline at end of file 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-14 17:17:20 +00:00
David Horstmann
0d405d8bb9 Add note about support for buffer overlap 
Note that enabling MBEDTLS_PSA_COPY_CALLER_BUFFERS allows full buffer
overlap support, whereas without it, overlap support is reduced to that
documented in the function descriptions.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-14 16:20:18 +00:00
David Horstmann
513101b00f Add MBEDTLS_PSA_COPY_CALLER_BUFFERS config option 
This allows us to entirely remove copying code, where the convenience
macros are used for copying.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-12-11 17:58:56 +00:00
Valerio Setti
7ab90723c4 mbedtls_config: update descriptions of MBEDTLS_CTR_DRBG_C and MBEDTLS_PSA_CRYPTO_C 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-04 11:04:42 +01:00
Manuel Pégourié-Gonnard
11c3fd1f73
Merge pull request #8568 from yanrayw/issue/8356/block_cipher_no_decrypt_cleanup 
Driver-only: G1: clean up for BLOCK_CIPHER_NO_DECRYPT
 2023-11-28 08:49:48 +00:00
Dave Rodgman
9fbac381e6
Merge pull request #8326 from daverodgman/aesce-thumb2 
Support hw-accelerated AES on Thumb and Arm
 2023-11-27 09:58:58 +00:00
Yanray Wang
16b00f9522 mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-27 15:52:28 +08:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Jerry Yu
04fceb782b Add freshness check information into document 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:24 +08:00
Jerry Yu
cf9135100e fix various issues 
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
034a8b77d1 Update document of ticket age tolerance 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Tom Cosgrove
08ea9bfa1f
Merge pull request #8487 from yanrayw/issue/6909/rename_tls13_conf_early_data 
TLS 1.3: Rename early_data and max_early_data_size configuration function
 2023-11-10 19:35:46 +00:00
Dave Rodgman
9eb2abd1e0 Add docs re Everest license 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-08 11:40:17 +00:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function 
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:34 +08:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Yanray Wang
e367e47be0 mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
With the introduction of negative option
MBEDTLS_BLOCK_CIPHER_NO_DECRYPT, we don't need to implicitly enable
it through PSA.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-02 12:36:41 +08:00
Dave Rodgman
48b965d941 Update clang version requirements 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman
4b8e8dc043 Improve compiler version checking + docs + testing for armclang 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman
18838f6c1a Fix docs for MBEDTLS_AESCE_C 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-25 09:06:24 +01:00
Dave Rodgman
7821df3e8b Adjust use of deprecated in Doxygen 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-10-13 09:39:11 +01:00