lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-21 23:05:55 +03:00
Code
31,953 Commits 172 Branches 267 Tags
Commit Graph

995 Commits

Author SHA1 Message Date
David Horstmann
20220f09b4 Reword slightly to be more tentative 
We don't guarantee ABI stability, but we do try to maintain it where we
can.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-03-14 10:51:22 +00:00
David Horstmann
235dfc2b8c Add note about MBEDTLS_PRIVATE() in 3.6 
Note that in the Mbed TLS 3.6 LTS, users can generally rely on being
able to access struct members through the MBEDTLS_PRIVATE() macro, since
we try to maintain ABI stability within an LTS version.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-03-13 17:01:35 +00:00
David Horstmann
cd5053465a Fix typos in the 3.0 migration guide 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2025-03-13 17:01:35 +00:00
Valerio Setti
1a2d07d83a docs: update md-cipher-dispatch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2025-02-21 14:15:36 +01:00
Harry Ramsey
65e9bef19f Update documentation regarding test_zeroize 
This commit updates the paths in documentation for test_zeroize since it
has been moved to MbedTLS Framework.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
 2025-02-20 14:51:26 +00:00
Manuel Pégourié-Gonnard
19f17e402a Stop recommended deprecated function in migration guide 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2025-01-14 12:36:50 +01:00
Gilles Peskine
4f65e1f075 Distinguish between MBEDTLS_PSA_CRYPTO_C and MBEDTLS_PSA_CRYPTO_CLIENT 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-12-04 18:05:46 +01:00
Gilles Peskine
d78d695c46 FFDH in TLS: it's only a limitation for TLS 1.2, not TLS 1.3 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-12-04 18:04:55 +01:00
Ronald Cron
83d21cc8f4 Move back *config_test_driver* headers from the framework 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-11-20 13:22:54 +01:00
David Horstmann
bfbe5b4e37 Reverse accidental docs PSA test wrappers path 
These were accidentally documented incorrectly in the PSA shared memory
documentation due to a global find and replace.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-11-14 14:19:50 +00:00
David Horstmann
dcf42a0b53 Update references to test helpers 
Replace:
* tests/src -> framework/tests/src
* tests/include -> framework/tests/include

Except for occurrences of:
* tests/src/test_helpers (since this only contains ssl_helpers.c)
* tests/src/test_certs.h
* tests/include/alt_dummy

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-11-14 14:19:40 +00:00
David Horstmann
78542bf85d
Merge pull request #9698 from gilles-peskine-arm/3.6.2-rc2-mergeback-3 
Merge 3.6.2 into 3.6 (updated cmake gcc+Asan build flags)
 2024-10-15 14:00:21 +00:00
David Horstmann
93d421e751 Defer static keystore to 3.6.3 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-10-14 11:08:07 +02:00
Gilles Peskine
1171697235
Merge pull request #9669 from gilles-peskine-arm/analyze_outcome-split-3.6 
Backport 3.6: Split check_test_cases.py and outcome_analysis.py
 2024-10-10 12:23:50 +00:00
Gilles Peskine
738a597953 Adjust paths for impending moves to the framework 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-10-09 14:19:31 +02:00
Manuel Pégourié-Gonnard
9fc3b7d243 Expand on block cipher modes/derivatives 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-26 11:00:02 +02:00
Manuel Pégourié-Gonnard
83f62ffc09 Expand on key derivations 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-26 10:14:55 +02:00
Manuel Pégourié-Gonnard
60769762d2 Clarify the superset rule 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-26 09:57:22 +02:00
Manuel Pégourié-Gonnard
4ceb71f53d Update and refine notes on restartable ECC and 4.0 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-26 09:45:45 +02:00
Manuel Pégourié-Gonnard
a0465779c9 Clarify summary of PSA limitations 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 11:01:57 +02:00
Manuel Pégourié-Gonnard
4975232436 Misc minor clarifications in transition-guards.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:51 +02:00
Manuel Pégourié-Gonnard
3342e80010 Fix some typos & markdown 
Co-authored-by: Gilles Peskine <gilles.peskine@arm.com>
Signed-off-by: Manuel Pégourié-Gonnard <mpg@elzevir.fr>
 2024-09-10 10:58:49 +02:00
Manuel Pégourié-Gonnard
4837f726d1 Add links and missing ) 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:48 +02:00
Manuel Pégourié-Gonnard
32bdf19a01 Minor updates in doc/comments/debug 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:47 +02:00
Manuel Pégourié-Gonnard
06adca465b Add transition-guards.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:46 +02:00
Manuel Pégourié-Gonnard
7237563d4b Update psa-migration/strategy.md 
Just reflecting recent/on-going work.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:45 +02:00
Manuel Pégourié-Gonnard
42a1453d14 Update psa-limitations.md and add summary 
Just reflecting recent/on-going work.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-09-10 10:58:44 +02:00
Elena Uziunaite
63826e684b Leave the spaces in psa-transition.md 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-27 19:24:10 +01:00
Elena Uziunaite
0c81fc2071 Fix typo in psa-transition.md 
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
 2024-08-27 16:19:10 +01:00
Gilles Peskine
39c227207c The fully static key store will miss the 3.6.1 release 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:40:55 +02:00
Gilles Peskine
fc1b6f54a3 Mention the option name for the dynamic key store 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-14 11:40:20 +02:00
Gilles Peskine
603b5b842b Documentation: point to key_custom instead of key_ext 
Replace references to the deprecated functions `psa_generate_key_ext()` and
`psa_key_derivation_output_key_ext()` by their replacements
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-08-06 13:12:06 +02:00
Gilles Peskine
b49e884c87
Merge pull request #9309 from gilles-peskine-arm/psa-keystore-design-doc-3.6 
Backport 3.6: Document the key store design
 2024-08-02 07:16:19 +00:00
Gilles Peskine
fd01bec6b6 Miscellaneous clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 15:37:46 +02:00
Gilles Peskine
f13fdf8a80 Expand on performance 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 15:37:39 +02:00
Gilles Peskine
1a0107bf1b Discuss why we have so many variants 
Explain that the hybrid key store is the historical implementation and
neither alternative is a drop-in replacement. Discuss how we could
potentially reduce the number of variants after the next major release.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 15:36:13 +02:00
Gilles Peskine
dbd726bb45 Link to issue about freeing empty slices 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 00:21:42 +02:00
Gilles Peskine
ac6b61077a Improve and fix explanation of next_free 
In particular, fix an off-by-one error right after I explain how the number
is off by one from what you'd expect. State explicitly that the number can
be negative.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 00:12:46 +02:00
Gilles Peskine
7d8ababd0c Update macro name about the static key store 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 00:12:30 +02:00
Gilles Peskine
47f3fcd0f3 Typos and minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-07-31 00:12:21 +02:00
David Horstmann
4e7ca644ce Upgrade python dependencies in requirements file 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-07-15 16:35:50 +01:00
Gilles Peskine
c7d9b2b586 psa_open_key does not lock the key in memory 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-24 18:31:37 +02:00
Gilles Peskine
3343e78655 Document the key store design 
Include the proposed dynamic and fully-static key stores that are
currently proposed in https://github.com/Mbed-TLS/mbedtls/pull/9240
and https://github.com/Mbed-TLS/mbedtls/pull/9302

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-06-24 16:59:45 +02:00
David Horstmann
ea09152be9 Update file paths for moved files 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-31 15:51:41 +01:00
Bence Szépkúti
29c4017007
Merge pull request #9131 from davidhorstmann-arm/move-mbedtls-dev-to-framework-3.6 
[Backport 3.6] Move `mbedtls_dev` to framework submodule
 2024-05-28 15:50:56 +00:00
Gilles Peskine
89ef2fabb5 Driver-only FFDH is not good enough for DHE support in TLS 1.2 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-05-14 12:06:20 +02:00
David Horstmann
9638ca389b Update references to mbedtls_dev 
Change these to point to the new mbedtls_framework module in the
framework submodule.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-05-13 14:44:37 +01:00
Valerio Setti
320180f043 pk: add check_pair info to mbedtls_pk_setup_opaque() documentation 
This also updates use-psa-crypto.md accordingly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-04-04 09:42:01 +02:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
David Horstmann
3147034457 Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 
Explain this option and the way it relates to the copying macros.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:59:03 +00:00