| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libmbedcrypto16 | Distribution: openSUSE Tumbleweed |
| Version: 3.6.5 | Vendor: openSUSE |
| Release: 1.2 | Build date: Sun Nov 9 15:54:59 2025 |
| Group: Unspecified | Build host: reproducible |
| Size: 650794 | Source RPM: mbedtls-3.6.5-1.2.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://tls.mbed.org | |
| Summary: Cryptographic base library for mbedtls | |
This subpackage of mbedtls contains a library that exposes cryptographic ciphers, hashes, algorithms and format support such as AES, MD5, SHA, Elliptic Curves, BigNum, PKCS, ASN.1, BASE64.
Apache-2.0 OR GPL-2.0-or-later
* Sun Nov 09 2025 Jaime Marquínez Ferrándiz <jaime.marquinez.ferrandiz@fastmail.net>
- Update to version 3.6.5:
* Resolves CVE-2025-59438 boo#1252454
* Resolves CVE-2025-54764 boo#1252341
* Update BRANCHES.md
* Added generated files
* Updated framework pointer
* Version bump for mbedtls-3.5.6
* Assemble ChangeLog
* Be more precise about the user/peer ID limitation
* Add storage format test case for JPAKE
* Document JPAKE limitations
* Backport time_t type conversions
* Remove sentence about 1.0 that should not have been backported
* Fix comment too long for pylint
* Prevent unnecessary submodule fetches
* Eliminate use of git worktree prune
* Use f-string literal
* Update some references to the future
* Improve explanations of configuration translation
* Copyediting
* update 1.0.0/4.0.0 release bullet point
* Update asymmetric cryptography
* Miscellaneous improvements
* Fix section names
* A few updates for 3.6
* Fix includes in udp_proxy.c
* Use worktrees instead of fetches for submodules
* Update framework to the merge of the merge PR
* Qualify "reference implementation" wording
* The PSA implementation is production-quality
* We have a CVE ID
* Fix copypasta
* Improve documentation
* Announce psa_can_do_cipher()
* Declare psa_can_do_cipher() in a public header
* Be explicit about modinv output range
* Remove redundant memset on freshly initialized buffer
* Changelog entry for PSA CBC-PKCS7 padding oracle fix
* psa_cipher_decrypt: treat status and output length as sensitive
* psa_cipher_finish: treat status and output length as sensitive
* Return PSA_ERROR_INVALID_PADDING in constant time
* Use mbedtls_psa_cipher_finish() in PSA
* Add BUFFER_TOO_SMALL testing
* Factor API calls into auxiliary functions
* Add constant-time AES-CBC encrypt and decrypt tests through PSA
* Improve documentation of MBEDTLS_THREADING_ALT
* Improve documentation of mutex primitives
* Update framework: support threading internal interface 4.0.0.0
* Upgrade packages in requirements.txt
* Add ChangeLog entry for SSBleed and M-Step
* Single-threaded test of nominal mutex usage
* Expand on why and how we bypass the quiet wrapper
* Fix code style
* Typo
* Create threading_internal.h
* Test invalid_padding against all-bits-one
* Minor grammar fix in comment
* ecdsa: rm unused variable
* dhm: remove unused variable (and improve comment)
* Explain the near-duplication of test function for constant-flow tests
* Minor documentation improvements
* Clarify use of CC and friends for file generation
* RSA: use CT gcd-modinv in deduce_private_exponent()
* RSA: refactor: avoid code duplication
* RSA: use constant-time modinv in deduce_crt()
* RSA: use constant-time GCD in deduce_primes()
* ecdsa: use CT modinv
* ECP: use CT modinv
* DHM: use CT modinv for blinding
* RSA: use CT gcd-modinv in prepare_blinding()
* bignum: gcd: improve comments
* bignum: fix memory leak in GCD with 0 as an input
* Make mbedtls_mpi_gcd() more consistent
* bignum: use CT gcd for mbedtls_mpi_gcd()
* bignum: follow customs for ret initialisation
* Fix a few typos
* bignum: make mbedtls_mpi_lsb() less leaky
* bignum: remove dead variable-time inv_mod code
* bignum: use CT modinv when A is odd (any range)
* bignum: use CT modinv when A is odd and in [2, N)
* bignum: use CT modinv when N is odd
* Expand testing for mbedtls_mpi_inv_mod() again
* We now run some tests with MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND
* Changelog entry for mbedtls_cipher_finish_padded()
* Expand the ignore patterns for test_full_block_cipher_psa_dispatch
* Improve outcome reporting of additional valgrind_cf testing
* Note that the decrypted length is sensitive when there was padding
* Switch legacy cipher to constant-time invalid padding reporting
* New function mbedtls_cipher_finish_padded
* Constant-flow tests for mbedtls_cipher_crypt
* Constant-flow AES-CBC multipart decrypt tests
* Do dedicated constant-time testing in a few more configurations
* Move constant-time padding tests to a separate suite
* More variety of CBC decrypt tests
* More meaningful test case names
* Update framework submodule pointer to merged Framework PR#194
* Backport: add AES PBES2 test cases matching 3DES (including wrong and missing password)
* Backport: add AES PBES2 test cases matching 3DES (correct password only)
* Improve mpi_gcd_invmod_odd() tests when I/G has more limbs than N
* Adjust mpi_gcd_modinv_odd() internals
* Add gcd_invmod_odd() tests where G/I are initialized to large numbers
* Change A=0 (null) handling in mpi_gcd_invmod_odd()
* Update mpi_gcd_invmod_odd() related comments/documentation
* Fix gcd_invmod_odd wrapper when A is 0 (null)
* Fix memory leak
* Add handful of manual gcd_modinv_odd test cases
* Add mpi_gcd_modinv_odd test functions
* Adjust mpi_gcd_modinv_odd docs and precondition checking
* bignum: add mpi wrapper for gcd_modinv
* Update framework pointer
* Add GCD tests for (0, negative) inputs
* Test that make lib can build generated files even when GEN_FILES is off
* Also test `make clean` in library
* Fix make lib doing too much when GEN_FILES is off
* Test make lib with GEN_FILES off
* Add GCD tests that return negative when b=0
* Revert "Remove manual GCD tests that are now generated"
* Clarify mpi_gdc() documentation when B is 0
* Remove manual GCD tests that are now generated
* Rework misleading comment
* Add more manual inv_mod tests
* Fix pointer aliasing in bignum tests
* Improve invmod and gcd handwritten tests
* Clarify parameter documentation
* Use more meaningful names in test function
* Use precise sizes for temporaries in test
* Remove tests for 0 limbs
* Improve testing of mbedtls_mpi_gcd() and mbedtls_mpi_inv_mod()
* Try again to clarify connection with the paper
* Gracefully handle A_limbs > N_limbs and test it
* Tune comment about paper vs our code again
* Expand comment about adaptations from the paper
* Clarify preconditions and impact if not met
* Add change log
* cmake: library: Add custom targets for generated files
* Add test case exercising (almost) max iterations
* Forbid uninteresting edge cases
* Unit-test mpi_core_div2_mod_odd()
* Make sure the whole temporary array is non-zero
* Reduce clutter & improve readbility in test func
* Relax number-of-limbs requirement on test data
* Relax and test aliasing rules
* bignum_core: Add mbedtls_mpi_core_gcd_modinv_odd()
* Restrict CI-specific python requirements to Linux
* Don't install cryptography on the FreeBSD CI
* Freeze cryptography version on the CI at 35.0.0
* Update note about the first 4.x LTS
* Revert "Added generated files"
* Properly initialize SSL endpoint objects
* Fix accidentally skipped test assertion
* Turn Wunterminated-string-initialization back into an error
* Fixed the same typo in ssl-opt.sh
* Fixed some minor typos in comments.
* typo
* Add a build with NV seed as the only entropy source
* We do support builds where NV seed is the only entropy source
* cmake: library: Remove unnecessary link_to_source
* Tue Jul 01 2025 Jaime Marquínez Ferrándiz <jaime.marquinez.ferrandiz@fastmail.net>
- Update to version 3.6.4:
* Added generated files
* Version bump 3.6.4
* Assemble ChangeLog
* Properly initialize SSL endpoint objects
* Fix accidentally skipped test assertion
* Update framework pointer (release-sync)
* fix: additional MSVC v142 build issue with tls1.3 configuration enabled.
* Remove blank line
* Simplify changelog
* Add a note about processor memory reordering
* Add changelog
* Replace __attribute__((nonstring)) with macro MBEDTLS_ATTRIBUTE_UNTERMINATED_STRING
* Improve some explanations
* Don't mutate dst_size
* Add __attribute__ ((nonstring)) to remove unterminated-string-initialization warning
* Note that GCM is also impacted
* Adjust test case with invalid base64
* Fix race condition in mbedtls_aesni_has_support
* mbedtls_base64_decode: test dst=NULL with dlen>0
* Explain some aspects of the tests
* mbedtls_base64_decode: insist on correct padding
* Added CVE's to ChangeLogs
* lms.c: Updated documentation
* test_suite_lms.data: Updated comments
* Fix mbedtls_base64_decode() accepting invalid inputs with 4n+1 digits
* mbedtls_base64_decode: assert sloppy behavior with bad number of =
* mbedtls_base64_decode: test the reported output length
* test_suite_lms: Added negative test for corrupted Merkle path
* test_suite_lms: Added a test for importing invalid sized key
* Added changelog for check return of merkle leaf
* Added changelog for lms enum casting
* Added changelog for lms overread
* Fix change log entry
* Fix build test programs in MSVC (due to a warning treated as error in winbase.h)
* Built-in lms driver: always zeroize output-buffer in create_merkle_leaf_value
* Built-in lms driver:Check return values of Merkle node creation
* Built-in lms/lmots driver: Harden public key import against enum truncation
* Built-in lms driver: Added input guard
* Add changelog
* Add fix for PEM underflow
* Add test using underflow-causing PEM keyfile
* Update framework with additional operation initialization checks
* Fix possible UB in mbedtls_asn1_write_raw_buffer()
* Fix psa_pake_operation_s member types
* Move PAKE size calculation macros, cipher suite and operation structs
* Add change log
* Move the inclusion of crypto_sizes.h and crypto_struct.h in crypto.h
* Add ChangeLog entry
* Improve unit tests for mbedtls_asn1_store_named_data
* Fix bug in mbedtls_asn1_store_named_data()
* Add tests for bug in mbedtls_x509_string_to_names()
* Restore standard initializers in _init tests
* Use short initializers for multipart operation structures
* Avoid a useless copy in cert_{req,write}
* Mark ssl_tls12_preset_suiteb_sig_algs const
* Mark ssl_tls12_preset_default_sig_algs const
* Fix type in ChangeLog
* Add comment on apparent type mismatch
* Remove redundant free loop
* Fix ECDSA documentation: blinding is no longer optional
* ECDSA is a special flower
* Note functions that store the RNG callback in a context
* Reference mbedtls_f_rng_t in public documentation
* Name and document the type of random generator callbacks
* Add credit to the reporters of the PKCS7 issue
* Grammar in comments
* Remove .gitmodules
* Changelog entry for the union initialization fixes
* Test with GCC 15 with sloppy union initialization
* Initialize MAC context in internal functions for one-shot MAC
* Initialize MAC context in internal functions for KDF
* Initialize driver context in setup functions
* Add unit test for new behaviour of string_to_names()
* Fix memory leak in cert_write & cert_req
* Fix runtime error in cert_write & cert_req
* Restore behaviour of mbedtls_x509write_set_foo_name()
* Fix undocumented free() in x509_string_to_names()
* Improve comments
* Update framework
* Allow gcc-15 to be in $PATH
* Enable drivers when testing with GCC 15
* GCC 15: Silence -Wunterminated-string-initialization
* Test with GCC 15
* Disable warning from gcc -pedantic on dlsym/dlopen
* Move persistent key tests to a separate .data file
* Move concurrent tests to a separate .data file
* Update obsolete section title
* Complain about a missing comma in multiline lists of strings
* Prepare framework for pylint check-str-concat-over-line-jumps
* framework: update reference
* Constify cipher_wrap:mbedtls_cipher_base_lookup_table
* Fix some test helper functions returning 0 on some failures
* Check the status of mbedtls_ssl_set_hostname()
* Add missing ifdef for mbedtls_ssl_tls13_exporter
* Add label_len argument to non-PSA tls_prf_generic
* Fix dependencies for TLS-Exporter tests
* Fix doxygen for MBEDTLS_SSL_KEYING_MATERIAL_EXPORT
* Fix mistake in previous comment change
* Fix HkdfLabel comment
* Allow maximum label length in Hkdf-Expand-Label
* Exporter: Add min. and max. label tests
* Fix max. label length in key material exporter
* Document BAD_INPUT_DATA error in key material exporter
* Fix requirements for TLS 1.3 Exporter compat test
* Use mbedtls_calloc, not regular calloc
* Add fixed compatibility test for TLS 1.3 Exporter
* Remove exporter compatibility test for TLS 1.3
* Fix openssl s_client invocation
* Print names of new tests properly
* Fix memory leak in example programs
* ssl-opt.sh: Add tests for keying material export
* mbedtls_test_ssl_do_handshake_with_endpoints: Zeroize endpoints
* Exporter tests: Don't use unavailbable constant
* Exporter tests: Add missing depends-ons
* Use one maximum key_len for all exported keys
* Exporter tests: Reduce key size in long key tests
* Exporter tests: Free endpoints before PSA_DONE()
* Exporter tests: Fix possible uninitialized variable use
* Coding style cleanup
* Exporter tests: Initialize allocated memory
* Exportert tests: Free endpoints and options
* Fix output size check for key material exporter
* Increase allowed output size of HKDF-Expand-Label
* Add more tests for keying material export
* Mention MBEDTLS_SSL_KEYING_MATERIAL_EXPORT in change log
* Fix #endif comment
* Enable MBEDTLS_SSL_KEYING_MATERIAL_EXPORT by default
* Create MBEDTLS_SSL_KEYING_MATERIAL_EXPORT option
* Remove TLS 1.2 Exporter if we don't have randbytes
* Revert "Store randbytes for TLS 1.2 TLS-Exporter"
* Fix typos in comments
* Use fewer magic numbers in TLS-Exporter functions
* Add label length argument to tls_prf_generic()
* Store randbytes for TLS 1.2 TLS-Exporter
* Fix coding style
* Fix build when one of TLS 1.2 or 1.3 is disabled
* Fix coding style
* Fix TLS exporter changelog entry
* Fix doxygen comment parameter name
* Fix typos in comment
* Fix mismatches in function declarations
* Fix key_len check in TLS-Exporter
* Actually set exporter defaults in ssl_client2
* Simplify mbedtls_ssl_tls13_exporter
* Add test for TLS-Exporter in TLS 1.3
* Fix commented out function declaration
* Add changelog entry for TLS-Exporter feature
* Add TLS-Exporter options to ssl_client2
* Add TLS-Exporter options to ssl_server2
* Implement TLS-Exporter feature
* programs: demo: do not source project_detection.sh directly
* Fix record insertion
* programs: demo: source project_detection.sh
* framework: update reference
* Update feature macro for 3.6
* Use HANDSHAKE_OVER in nominal test cases
* Improve comments
* Adapt dependencies to the 3.6 branch
* Use same dependencies for helper functions
* Tighten dependencies again
* Improve dependency declarations
* Tighten dependency declarations
* Improve documentation
* Remove redundant setup
* Fix copypasta
* Simulate closing the connection mid-message
* Also test inserting non-empty, non-handshake records
* Fix the build without MBEDTLS_DEBUG_C
* Fix the build in PSK-only configurations
* Fix printf of enum
* Pacify ancient clang -Wmissing-initializer
* Test split, coalesced-split and empty handshake records
* Create handshake record coalescing tests
* Document gotcha of move_handshake_to_state
* Add a log message on every SSL state transition
* Always call mbedtls_ssl_handshake_set_state
* Document assumption of mbedtls_get_pkcs_padding
* Modify ChangeLog entry to full plaintext recovery
* Add testcase for maximum padding length
* Remove unnecessary TEST_CF_PUBLIC macro call
* Update to the new name in usages as well
* Add missing credit for set_hostname issue
* cmake: Generate test_keys.h and test_certs.h in the build tree
* Update framework pointer
* Revert "Add auto-generated files"
* Restored framework as a submodule
* Deleted flattened framework dir.
* Appease check-names with prefix
* Disable check-names for static padding function
* Add ChangeLog entry for PKCS#7 side channel fix
* Fix timing side-channel in PKCS7 padding
* Add constant-flow testing for PKCS7 padding
* Wed May 07 2025 Yoshio Sato <vasua.ukraine@gmail.com>
- Update _service file to easier obtain new sources.
- Update to version 3.6.3:
* Add auto-generated files
* Added framework as a flattened directory
* Unlinked framework as a submodule.
* Updated BRANCHES.md
* Finalise ChangeLog
* Version Bump for 3.6.3
* Assemble Changelog
* Changelog: Added CVE.
* ssl-opt: Added 4 and 128 bytes tests to HS defragmentation for server initiated reneg
* ssl-opt: Fixed a minor typo.
* Reword slightly to be more tentative
* Re-introduce log asserts on positive cases
* Improve a test assertion
* Fix a typo
* Add test cases for EOF in the middle of fragments
* Adjust logic around log pattern
* Add test for length larger than 2^16
* Adapt "large ClientHello" tests to incremental
* Cleanly reject non-HS in-between HS fragments
* Reduce the level of logging used in tests
* Move new tests to their own data file
* Fix dependency issues
* New test function for large ClientHello
* Fix hash dependencies for TLS 1.2 tests
* Fix curve dependencies
* Add missing dependency declaration
* Fix dependency issues
* Add test with non-HS record in-between HS fragments
* Add test to TLS 1.3 ClientHello fragmentation
* Add reference tests with 1.3 ClientHello
* Add supported_curves/groups extension
* New test function inject_client_content_on_the_wire()
* ssl-opt: Disabled the renegotiation delay for fragmented HS renegotiation.
* ssl-opt: Updated documentation.
* ssl-opt: Added client-initiated server-rejected renegotation test.
* ssl-opt: Updated O_NEXT_CLI_RENEGOTIATE used by fragmented HS renegotiation with certificates.
* ssl-opt: Fragmented HS renegotiation, removed -legacy_renegotiation argument.
* ssl-opt: Fragmented HS renegotiation, removed requires_certificate_authentication dependency.
* ssl-opt: Fragmented HS renegotiation, removed requires_openssl_3_x dependency.
* ssl-opt: Fragmented HS renegotiation, adjusted test names for consistency.
* ssl-opt: Fragmented HS renegotiation, updated matching regex
* ssl-opt: Added coverage for client-initiated fragmented HS renegotiation tests.
* ssl-opt: Refactored fragmented HS renegotiation tests.
* ssl-opt: Fragmented HS renegotiation, updated documentation.
* ssl-opt: Removed mock-tests from HS renegotiation.
* sll-opt: Added refence fix for the Mock HS Defrag test using renegotitiation delay
* programs -> ssl_client2.c: Added option renego_delay to set record buffer depth.
* Added Mock Renegotiation negative test for testing.
* ssl-opt: Added fragmented HS tests for server-initiated renegotiation.
* ssl-opt: Added fragmented HS tests for client-initiated renegotiation.
* ssl-opt: Added fragmented HS tests for SSL_VARIABLE_BUFFER_LENGTH.
* Add note about MBEDTLS_PRIVATE() in 3.6
* Fix typos in the 3.0 migration guide
* mbedtls_net_send API description typo fix
* Use an array of strings instead of pointer smuggling
* Use dummy typedef instead of macro
* Clarify changelog
* Updated framework pointer.
* Update the location of defragmentation limitations
* State globally that the limitations don't apply to DTLS
* Clarify DTLS
* ClientHello may be fragmented in renegotiation
* Move the defragmentation documentation to mbedtls_ssl_handshake
* Refer to the API documentation for details
* Document the limitations of TLS handshake message defragmentation
* Add changelog entry for TLS 1.2 Finished fix
* More generally, what needs psa_crypto_init also needs threading
* PSA core: Allow enabling one volatile/builtin key
* Cleanly reject non-HS in-between HS fragments
* Replace zero by PSA_ALG_NONE in key derivation input functions
* Fix comments
* Update changelog to call out MinGW
* TLS1.2: Check for failures in Finished calculation
* Never use %zu on MinGW
* Remove Everest VS2010 compatibility headers
* Fix MSVC version guard for C99 format size specifiers
* Disable fatal assertions in Windows printf tests
* Add testcase for MBEDTLS_PRINTF_MS_TIME
* Test handling of format macros defined in debug.h
* Run test_suite_debug without MBEDTLS_SSL_TLS_C
* Fix a log message
* Note unused variables when debugging is disabled
* Pacify uncrustify
* Fix uninitialized variable
* Unify handshake fragment log messages
* Fix handshake defragmentation when the record has multiple messages
* Fix end check before memmove
* Zeroize temporary heap buffers used when deriving an ECC key
* Zeroize temporary heap buffers used in PSA operations
* Update framework
* Make conversion explicit to silence MSVC warning
* Fix dodgy printf calls
* Handshake defragmentation: reassemble incrementally
* mbedtls_ssl_prepare_handshake_record(): log offsets after decryption
* mbedtls_ssl_prepare_handshake_record(): refactor first fragment prep
* Tweak handshake fragment log message
* Tweak "waiting for more handshake fragments" log message
* Fix Doxygen markup
* Update framework
* Generate handshake defragmentation test cases: update analyze_outcomes
* Switch to generated handshake tests
* Normalize requirements in defragmentation test cases
* Normalize messages in defragmentation test cases
* Normalize whitespace in defragmentation test cases
* Move most TLS handshake defragmentation tests to a separate file
* New generated file: tests/opt-testcases/handshake-generated.sh
* Fix code style for key derivation input function
* Replace zero by PSA_ALG_NONE in key derivation test function
* Replace zero by PSA_ALG_NONE in key derivation testing
* Simplify testing psa_key_derivation_input_*() bad state
* Fix psa_key_derivation_input_integer() not detecting bad state
* framework: update reference
* ssl-opt: Re-introduce certificate dependency for HS negative tests.
* ssl-opt: Removed dependencies for HS defrag negative tests.
* ssl-opt: Adjusted reference hs defragmentation tests.
* ssl-opt: Minor typos and documentation fixes.
* analyze_outcomes: Temporary disabled 3 HS Degragmentation tests.
* ssl-opt: Updated documentation of HS-Defrag tests.
* ssl-opt: Removed redundant dependencies: requires_openssl_3_x
* ssl-opt.sh: Disabled HS Defrag Tests for TLS1.2 where len < 16
* ssl-opt: Replaced max_send_frag with split_send_frag
* ssl-opt: Added coverage for hs defragmentation TLS 1.2 tests.
* ChangeLog: Updated the entry for tls-hs-defragmentation
* ssl-opt: Updated documentation.
* ssl-opt: Added negative tests for handshake fragmentation.
* ssl-opt: Added handshake fragmentation tests for 4 byte fragments.
* ssl-opt: Added negative-assertion testing, (HS Fragmentation disabled)
* ssl-opt: Added tls 1.2 tests for HS defragmentation.
* ssl-opt: Dependency resolving set to use to requires_protocol_version HS deframentation tests.
* ssl-opt: Adjusted the wording on handshake fragmentation tests.
* ssl-opt: Added requires_openssl_3_x to defragmentation tests.
* ssl-opt: Updated the keywords to look up during handshake fragmentation tests.
* Add missing client certificate check in handshake defragmentation tests
* Test Handshake defragmentation only for TLS 1.3 only for small values
* Add guard to handshake defragmentation tests for client certificate
* Add a comment to elaborate using split_send_frag in handshake defragmentation tests
* Enforce client authentication in handshake fragmentation tests
* Remove unneeded mtu option from handshake fragmentation tests
* Add client authentication to handshake defragmentation tests
* Require openssl to support TLS 1.3 in handshake defragmentation tests
* Remove unnecessary string check in handshake defragmentation tests
* Fix typo in TLS Handshake defrafmentation tests
* Improve TLS handshake defragmentation tests
* Add TLS Hanshake defragmentation tests
* Document the need to call mbedtls_ssl_set_hostname
* Improve documentation of mbedtls_ssl_set_hostname
* Expand and rectify the documentation of mbedtls_ssl_context::hostname
* Changelog entries for requiring mbedls_ssl_set_hostname() in TLS clients
* Add a note about calling mbedtls_ssl_set_hostname to mbedtls_ssl_setup
* Run part of ssl-opt.sh in full_no_deprecated
* changelog: add note for MD changes
* crypto_extra: improve description of psa_can_do_hash()
* psa: move definition of psa_can_do_hash() to crypto_extra.h
* docs: update md-cipher-dispatch
* adjust_legacy_crypto: improve enablement of MBEDTLS_MD_xxx_VIA_PSA
* md: allow dispatch to PSA whenever CRYPTO_CLIENT is enabled
* adjust_legacy_crypto: move auto-enabling of CRYPTO_CLIENT when CRYPTO_C
* Document PSA's need for threading
* Update framework pointer
* Update documentation regarding metatest
* Update documentation regarding test_zeroize
* Update path to demo_common.sh
* Update path for moved test_zeroize.gdb script
* Update paths for moved programs in generate_visualc_files.pl
* Update paths for moved dlopen_demo.sh
* Update paths for moved program files in CMakeLists
* Update include paths in C files
* Update paths for moved program files in makefiles
* Remove unused variable in ssl_server.c
* Update the changelog message
* Remove obselete checks due to the introduction of handhsake defragmen...
* Add a note about badmac_seen's new name in ssl_context_info
* Fix Doxygen misuse
* Add MBEDTLS_FRAMEWORK_DIR variable to CMake
* Don't reset badmac_seen on a DTLS client reconnect
* Merge in_hsfraglen with badmac_seen_or_in_hsfraglen
* Change the type of in_hsfraglen to unsigned
* Rename badmac_seen to badmac_seen_or_in_hsfraglen
* Minor readability improvement
* Remove in_hshdr
* Add a safety check for in_hsfraglen
* Allow fragments less HS msg header size (4 bytes)
* Remove mbedtls_ssl_reset_in_out_pointers
* Review comments
* Update ChangeLog.d/tls-hs-defrag-in.txt
* Defragment incoming TLS handshake messages
* Move programs out of Mbed TLS
* mbedtls_ssl_set_hostname tests: add tests with CA callback
* Call mbedtls_ssl_set_hostname in the generic endpoint setup in unit tests
* Require calling mbedtls_ssl_set_hostname() for security
* Create configuration option to bypass the mbedtls_ssl_set_hostname check
* Create error code for mbedtls_ssl_set_hostname not called
* Keep track of whether mbedtls_ssl_set_hostname() has been called
* Update the documentation of ssl->hostname
* Access ssl->hostname through abstractions
* mbedtls_ssl_set_hostname tests: baseline
* Automate MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK dependency
* Make guards more consistent between X.509-has-certs and SSL-has-certs
* Fix Doxygen markup
* framework: update reference
* components-compliance.sh: update references to test_psa_compliance.py
* components-configuration.sh: update references to test_psa_constant_names.py
* Move files out of Mbed TLS
* test_suite_ssl: update description for conf_curve and conf_gruop tests
* test_suite_ssl: add ECDHE-RSA case for handshake_fragmentation()
* test_suite_ssl: add new ECDHE-RSA tests
* Update tf-psa-crypto/drivers/builtin/src/ecp.c
* Fix missing-word typo
* Add paragraph on undefined behaviour
* Add X.509 formatting validation to SECURITY.md
* Fix incorrect test function
* Remove useless dependency from test function
* Add ignore list entries for ECDH/FFDH algorithm without key type
* Remove test coverage exceptions that are no longer needed
* Update framework
* Update framework pointer
* Stop recommended deprecated function in migration guide
* config.py: Simplify crypto config default path setting
* framework: update reference
* components-build-system.sh: align component_test_cmake_as_package
* Move files out of Mbed TLS
* framework: update reference
* scripts: add new min_requirements.py script
* Move files out of Mbed TLS
* PSA interruptible sign/verify: detect invalid curve family in start
* framework: update reference
* component-basic-checks: fix paths of files moved to framework
* Move files out of Mbed TLS
* framework: updated reference
* scripts: fix paths for files moved to framework
* Move files out of Mbed TLS
* Update framework submodule
* Remove test coverage exceptions that are no longer needed
* crypto_config.h: Don't list mechanisms that are not implemented
* Update submodule
* Update submodule with the merge
* Update submodule
* Adujst paths
* Move files out of Mbed TLS
* Update submodule with the merge
* Update submodule
* Adjust paths
* Move files out of Mbed TLS
* Add change log entry on AES-NI asm block fixes
* Specify previously missed XMM register clobbers in AES-NI asm blocks
* Specify register clobbers in mbedtls_aesni_crypt_ecb()
* Update framework to the merge of #99
* Update framework
* Create a new Python module used by generate_psa_tests.py
* Fix `make dir/file` not rebuilding existing files
* Remove Invalid import/export key test
* Fix export public-key opaque key test paramters
* make: Add missing dependency
* Move test_keys.h to include/test
* Fix incorrect submodule error message in CMake
* Fix incorrect submodule error message in Makefile
* Update submodule with the merge
* Added debug print in tls13 ssl_tls13_write_key_share_ext
* Update submodule
* Adapt paths for scripts/quiet
* Adapt paths for output_env.sh
* Move files out of Mbed TLS
* Refactor scripts to use config.py instead of config.pl
* Remove obsolete tcp_client.pl
* Remove obsolete Travis CI scripts
* Remove obsolete Docker CI scripts
* Distinguish between MBEDTLS_PSA_CRYPTO_C and MBEDTLS_PSA_CRYPTO_CLIENT
* FFDH in TLS: it's only a limitation for TLS 1.2, not TLS 1.3
* Fix copypasta
* reworked changelog according to suggestion
* Added changelog
* Make mbedTLS compile with MS-DOS DJGPP
* Update submodule to point to main
* Define FRAMEWORK
* Fix paths
* Use new functions
* Add project and branch detection in shell
* p256-m: allow deterministic ECDSA verification
* PSA interruptible sign/verify: detect unsupported mechanism in start
* Add missing resource cleanup on test failure
* Fix edge case with half-supported ECDSA (manual test cases)
* Move back *config_test_driver* headers from the framework
* Add some missing test case dependencies
* Update framework submodule
* import_not_supported: edge case of unsupported curves
* PSA sign/verify: more uniform error on an unsupported hash
* Update framework to add ported test helper changes
* Update framework submodule
* Update framework submodule
* Update framework submodule
* Properly clean instrument_record_status.h
* Reverse accidental docs PSA test wrappers path
* Add missing dependency to hash testsuite
* Disable test hooks when checking missing symbols
* Move mbedtls_test_hook_error_add from error.c to helpers.c
* Add missing include path to visual C script
* Update test_keys.h path on Windows
* Update paths to generated PSA test wrappers
* Update generate path to instrument_record_status.h
* Update path to PSA crypto alt headers
* Add extra paths to generate_visualc_files.pl
* Update make clean target with moved test helpers
* Update test_keys.h generation in Makefile
* Update libtestdriver paths in tests/Makefile
* Add tests/Makefile targets for moved test helpers
* Update common.mk with test helper object paths
* Add framework test include path to common.mk
* Add SSL-related test includes to ssl programs
* Add the framework/tests/include path to testsuites
* Re-add tests/include and tests/src paths to tests
* Add missing extra include path to fuzzer programs
* Re-add tests/include path for test helpers
* Update references to test helpers
* Move some test helpers out of Mbed TLS
* Update framework pointer
* Fix documentation for GCM decryption functions
* Fix issue where input data could be length 0
* Fix check_names errorr for MBEDTLS_GCM_ALT comment
* Update path to all-core.sh
* Update framework pointer
* Move all-{core,helpers}.sh out of Mbed TLS
* Fix TEST_CALLOC issues with GCM buffer overlap tests
* Add test cases for AES GCM input and output buffer overlap
* Update GCM buffer overlap documentation
* Fix MD_PSA_INIT called before initializing some data structures
* Update submodule with the merge
* all.sh: improve check for clean config files
* all.sh: rationalize relative path usage
* Fix undefined variable in CMakeLists.txt
* Fix undefined variable in makefile
* Improve makefile error message
* Improve submodule error messages for Github archives
* Add a Python utility function to get the 3.6 feature macro
* Skip slowest FFDH tests against GnuTLS with MSan or Valgrind
* Don't use Unicode in .function file
* More explanation of what we do and do not test
* Add changelog entry
* mbedtls_psa_ecp_generate_key: don't calculate the public key
* Basic statistical tests for mbedtls_psa_ecp_generate_key()
* Unit tests for mbedtls_psa_ecp_generate_key()
* Rm forgotten armc5
* Drop building with armcc5 in all.sh
* Add override arguments for new gcc targets
* Clarify GCC version requirement
* Split up the Thumb-1 test component
* Remove superfluous invocations of make clean
* Update component speed estimates
* Initialize result caching variables
* Use true/false in place of integers
* Ignore missing temporary files during cleanup
* Fix copypasta in gcc_version
* Add AArch64 default config test
* Add Arm eabi default config tests
* Changelog entry for ECDSA conversion functions called with bits=0
* Remove unreachable assignments
* Assert non-empty data when needed
* Initialize CCM context before doing anything fallible
* mbedtls_ecdsa_raw_to_der and mbedtls_ecdsa_der_to_raw: reject bits==0
* Document errors for mbedtls_ecdsa_raw_to_der and mbedtls_ecdsa_der_to_raw
* mbedtls_mpi_write_binary{,_le}: test 0-size output
* Modernize mpi_write_binary and mpi_write_binary_le
* Disentangle 3.6/4.0 *_PSA_INIT/DONE variants
* Pair inits with declarations
* Move AES_PSA_INIT to after drbg init
* CMakeLists: use -O2 as ASAN_FLAG only in GCC versions before 7.0
* Revert "Temporarily comment out tests that are clogging the CI"
* Fix double free in case of test failure
* Add missing check of return
* Add const specifiers to pacify armclang
* Fix tests where tests were done prior to init
* Harmonise names of MBEDTLS_TEST_HAVE_ macros
* Tidy up header guards
* net/mbedtls_net_connect: Preventing double close problem
* fix PR9302 backporting issues
* changelog: fix typo
* changelog: updated description
* changelog: updated description
* changelog: describe support for static key slot buffers
* Documentation: fix some nits
* psa: move definition of MBEDTLS_PSA_KEY_BUFFER_MAX_SIZE
* test_suite_psa_crypto.data: fix some depends_on
* psa_crypto_helpers: add guard for MBEDTLS_TEST_STATIC_KEY_SLOTS_SUPPORT_RSA_xxx
* components-basic-checks: add new exception for MBEDTLS_CTR_DRBG_MAX_REQUEST
* test_suite_psa_crypto: use finer grained checks on the key slot buffer size
* psa_crypto_helpers: enhance definitions for static key slot related test symbols
* psa_crypto_helpers: add MBEDTLS_TEST_ prefix to newly created symbols
* psa: move default definition of MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
* test: disable dynamic key store in test_crypto_with_static_key_slots
* check_config: prevent fully dynamic and static key stores to be enabled simultaneously
* psa: zeroize static key buffer content when key slot is freed
* test_suite_psa_crypto_storage_format: improve input bit length specification for static key buffer
* test: properly select MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE value
* mbedtls_config: fix/improve descriptions of PSA_STATIC_KEY_SLOT symbols
* psa: fix some macro definition
* test: add test with persitent key whose length is larger than MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
* test: extend component_test_crypto_with_static_key_slots
* psa-core: remove unnecessary element in psa_key_slot_t
* psa_crypto_core: take also cipher's key length into account when sizing static key buffer
* test: revert fixes for PSA entropy
* test_suite_psa_crypto_driver_wrappers: revert changes and fix validate_key()
* psa-core: properly set PSA_CRYPTO_MAX_STORAGE_SIZE
* test: disable all legacy symbols in test_psa_crypto_without_heap
* test: minor fixes to test_psa_crypto_without_heap and test_crypto_with_static_key_slots
* mbedtls_config: fix descriptions for PSA static key slots
* mbedtls_config: move MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE to the correct place
* test: add new component to test core library without calloc/free
* test: add new component to test MBEDTLS_PSA_STATIC_KEY_SLOTS
* psa: allow to use static key buffers instead of dynamic ones
* Re-add special case for 3.6
* Only guard with CRYPTO_CLIENT when version >= 4
* Regenerate PSA test wrappers
* Align 3.6 tests/{src,include} with development PR
* Update framework
* Fix a typo in a comment
* all.sh: fix missing quotes
* Update framework to main
* Update submodule after the merge
* all.sh: adjust for when tf-psa-crypto is absent
* all.sh: re-instate 3.6-specific code
* all.sh: update documentation
* all.sh: move top-level code to a function
* all.sh: document new file structure
* all.sh: move definitions to all-core.sh
* all.sh: wrap main code into main() function
* all.sh: move clang_version() to helpers file
* all.sh: move component helpers to separate file
* all.sh: Move some functions to the right section
* all.sh: rename a helper function
* all.sh: extract repeated code to a function
* all.sh: group psasim helpers
* all.sh: rm obsolete functions
* all.sh: first define functions, then call them.
* all.sh: temporary alignment with development
* all.sh: align-dev: PSAsim functions
* all.sh: align-dev: tf-psa-crypto stuff
* all.sh: align-dev: move functions to the right place
* all.sh: align with development: whitespace
* Add "common.h"
* Update submodule
* Adjust file path for translate_ciphers.py
* Adjust file path for generate_tls13_compat_tests.py
* Adjust file path for generate_ssl_debug_helpers.py
* Move some files to framework repository
* Declare a generated file that was added after 3.6.1
* Revert "Add generated files"
* Temporarily comment out tests that are clogging the CI
* Work around GCC 5 performance problem with Asan+UBSan and -O3
* Improve support for submodules in code_style.py
* Minor readability improvements
* Remove ignore list entries that don't apply in 3.6
* framework: Fix overly lenient config tests for PSA_WANT_xxx
* Switch outcome analysis to enforcing that all tests are executed
* Add ALT-adjacent config option to the test coverage ignore list
* Add missing algorithm in the test driver configuration
* Add ignore list entries for configurations that are not tested
* Add ignore list entries for crypto tests that are not executed
* Add ignore list entries for TLS tests that are not executed
* Remove test case involving SECP224K1 in PSA
* In PSA generated tests, ignore patterns for which an issue has been raised
* In PSA generated tests, don't ignore not-implemented in some negative tests
* In PSA generated tests, ignore mechanisms that are not implemented
* Fix driver schema json default type requirements
* Update framework to the branch with collect_test_cases.py and outcome_analysis.py
* Default to allowing partial test coverage
* Downgrade mypy to a version that works with our code base
* Upgrade mypy to the last version supporting Python 3.6
* Move test case analysis modules to framework repository
* Adjust paths for impending moves to the framework
* Separate code and data of outcome analysis
* Pass KNOWN_TASKS as an argument to main
* Typecheck main
* Don't reuse a variable name inside a function
* Missing NotImplementedError in abstract method
* Remove sample ignore list elements for coverage
* Create a module to split branch-independent code out of analyze_outcomes.py
* Split test case collection from checks
* Create a module to split test case collection from checks
* check_test_cases.py: make 3.6 identical with development
* Don't use the "allow list" terminology any longer
* Switch coverage analysis to IGNORE_TESTS for its allowlist
* Simplify sub-test-suite handling in is_test_case_ignored
* Move test case ignore list to the master Task class
* Remove now-useless level of method call indirection
* Move analysis functions into their respective classes
* Remove dead code that was handling stringly typed data
* Replace stringly typed data by class: driver vs reference (data)
* Replace stringly typed data by class: driver vs reference (code)
* Replace stringly typed data by class: coverage
* Replace stringly typed data by class: prepare
* Allow running pylint and mypy on a single file
* Remove "error" allowance in dtls_server
* dtls_server: allow unexpected messages during handshake
* Update submodule
* Update submodule to the head of framework PR
* Expand on block cipher modes/derivatives
* Update framework to the main branch
* Expand on key derivations
* Clarify the superset rule
* Update and refine notes on restartable ECC and 4.0
* Skip ssl_server in config-suite-b
* Use OPENSSL_NEXT for a test case that uses IPv6 when available
* Note known issue about test cases skipped in TLS 1.3-only builds
* Test SSL sample programs against each other and ssl_client2, ssl_server2
* dtls_client: don't force the use of IPv6
* ssl_server: Allow the client to close the connection first
* Compatibiliy with older OpenSSL and GnuTLS
* Declare GnuTLS version dependency for TLS 1.3 test cases
* Declare OpenSSL version dependency for TLS 1.3 test cases
* Test dtls_server
* Test ssl_fork_server
* Test ssl_pthread_server
* Test ssl_server
* Test dtls_client
* Test ssl_client1
* Allow test cases to use a specific port
* Prepare to test SSL sample programs
* ssl_client1: Exit with an error status if the TLS connection failed
* Don't pass the section name to adapters
* Change "realfull" to activate everything
* Change "full" to affect boolean settings rather than use sections
* Pass the setting's value to adapters
* Have `make ssl-opt` generate `tls13-compat.sh` (make edition)
* Have `make ssl-opt` generate `tls13-compat.sh`
* Fix copypasta
* armv8 AES, SHA: simplify structure and fix copypasta
* Use .s extension for assembly
* Ignore and clean generated assembly
* Add target to compile to assembly
* Use -O2 for build+test with earliest compilers
* Fix spurious * in regex
* Don't set LD to a path with a typo for mingw
* Remove PSA macros usage from adapters
* CMake: generate tls13-compat.sh in the default build target
* Move generation of tls13-compat.sh to tests/CMakeLists.txt
* Print a "Gen" line when generating a file
* Remove obsolete requirement for GnuTLS %DISABLE_TLS13_COMPAT_MODE
* Reduce level of non-error debug message
* Remove transitional always-on internal option
* Changelog entry: fix #9551
* Fix sensitivity of tls13-compat.sh to the exact generation method
* Automatically generate tests/opt-testcases/tls13-compat.sh
* generate_tls13_compat_tests: change default mode to all
* Remove obsolete requirements on middlebox compatibility mode: generated
* Remove obsolete requirements on middlebox compatibility mode: manual
* Remove mid-stanza blank lines
* Adapt middlebox compatibility tests for always-on acceptance
* Separate accepting TLS 1.3 middlebox compatibility from sending it
* Avoid multiline requires_all_configs_xxx
* Remove test-ref-configs.pl, which no longer does anything
* Move config-tfm.h testing to separate all.sh component
* Move config-symmetric-only.h testing to separate all.sh components
* Move config-thread.h testing to separate all.sh components
* Move config-suite-b.h testing to separate all.sh components
* Move config-ccm-psk-dtls1_2.h testing to separate all.sh components
* Move config-ccm-psk-tls1_2.h testing to separate all.sh components
* Move config-no-entropy.h testing to separate all.sh component
* make: support "make ssl-opt" to just build what ssl-opt.sh needs
* CMake: support "make ssl-opt" to just build what ssl-opt.sh needs
* CMake: support "make programs"
* Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
* Update framework
* Remove unused `CombinedConfig` class
* Update old class names
* Use MbedTLSConfig for config handling to keep campatibility
* Apply the parameter change
* Fix documentation
* Update member variable names
* Fix documentation
* Update `config.py` to use `config_common.py` from the framework
* Document the C compiler requirement
* Make the file a bit more readable
* Remove some dependencies
* Add PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT
* Replace MBEDTLS_PK_CAN_ECDSA_SOME with MBEDTLS_PK_CAN_ECDSA_SIGN
* Add missing ALG_SHA_1
* opt-testcases/*.sh are not executable
* requires_certificate_authentication: prioritize TLS 1.3
* Documentation improvements
* Fix detection of TLS 1.2 PSK-ephemeral key exchange modes
* Improve some comments
* Remove unused auth_mode parameter on a PSK test case
* Fix weirdly quoted invocations of requires_any_configs_enabled
* Also activate PSK-only mode when PSK-ephemeral key exchanges are available
* Unify the two requires-key-exchange-with-certificate function
* Detect PSK-only mode in TLS 1.3 as well
* Fix PSK-only mode doing less than it should
* Detect more cases where certificates are required
* ssl-opt: Fix GnuTLS PSK injection
* Use CONFIGS_ENABLED instead of repeatedly calling query_compile_time_config
* Fix "Renegotiation: openssl server, client-initiated" with OpenSSL 3
* tests: add a test for pkg-config files
* Update framework to the merge of #45
* Update framework
* Clarify summary of PSA limitations
* Misc minor clarifications in transition-guards.md
* Clarify a comment in all.sh
* Fix some typos & markdown
* Add links and missing )
* Minor updates in doc/comments/debug
* Add transition-guards.md
* Update psa-migration/strategy.md
* Update psa-limitations.md and add summary
* Use libary default in ssl_client2 for new_session_tickets
* Add guard on internal 1.2-only function
* Misc improvements to comments
* Make error line consistent with the header
* Fix code style (for real this time, hopefully)
* Fix guards on #include
* Fix code style
* Prepare codepath tests for early termination
* Fix incorrect test result
* Move bignum code path testing out of the library
* Explain the choice of the value of MBEDTLS_MPI_IS_PUBLIC
* Initial local variables to secure default
* Introduce MBEDTLS_MPI_IS_TEST
* Add tests for optionally safe code paths in RSA
* Add tests for optionally safe code paths in bignum
* Revert "Add generated files"
* Leave the spaces in psa-transition.md
* Fix typo in psa-transition.md
* ccm.c: Return early when ccm* is used without tag.
* Remove test_valgrind_constant_flow_psa_no_asm
* Tiny fix in library/constant_time_impl.h
* Remove the hack in library/constant_time_impl.h
* Edit component_release_test_valgrind_constant_flow_no_asm
* Change valgrind constant flow testing to test without asm
* Disable asm in component_test_memsan
* Alter constant-flow memsan testing
* Corrected header line of analyze_driver_vs_reference
* ssl_client2: Add Host to HTTP GET request
* Tue May 06 2025 Yoshio Sato <vasua.ukraine@gmail.com>
- Enable SRTP protocol needed by some software.
* Add patch mbedtls-enable-srtp.patch
* Thu Oct 17 2024 Pedro Monreal <pmonreal@suse.com>
- Update to version 3.6.2: [bsc#1231708, CVE-2024-49195]
* test_suite_pkwrite: extend coverage of wrong output buffer
sizes in pk_write_check_common()
* pkwrite: fix buffer overrun
* Sat Sep 07 2024 cunix@mail.de
- Update to version 3.6.1:
* Move some ChangeLog entries to a different section
* Add CVE IDs to security ChangeLog
* Update BRANCHES.md
* Add generated files
* Finalise ChangeLog
* Bump version to 3.6.1
* Assemble ChangeLog
* Don't clean test_keys.h and test_certs.h
* Fix typos in make clean target for Windows
* Fix/Improve documentation
* Rename some "new_session_tickets" symbols
* Fix change log
* Improve documentation
* Move session tickets getter functions to ssl_misc.h
* Add change logs
* Improve debug logs
* Move MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET doc
* Do not add a new field in the SSL config
* ssl_client2: Fix new_session_tickets option parsing
* Document NewSessionTicket handling being disabled by default
* Improve MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET documentation
* Document MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET.
* Enable TLS 1.3 ticket handling in resumption tests
* TLS 1.3: Ignore tickets if disabled at runtime
* Add mbedtls_ssl_conf_enable_new_session_tickets() API
* TLS 1.3 server: move crypto_init after protocol negotiation
* Changelog entry for psa_crypto_init potentially being called from TLS
* Clarify "negotiating"
* Error translation and init are needed in PSK-only builds as well
* Call psa_crypto_init in the library when required for TLS 1.3
* Don't call psa_crypto_init in test programs when not required for TLS 1.3
* Don't call psa_crypto_init in unit tests when not required for TLS 1.3
* Call psa_crypto_init in the library when required for TLS 1.3: doc
* Fix the capitalisation in the changelog entry
* Reduce the wording in changelog entry
* Improve the changelog entry for fixing legacy compression issue
* Add chanelog entry for fixing legacy comprssion methods issue
* Remove redundant legacy compression test
* Improve legacy compression regression testing
* Add regression testing to handling Legacy_compression_methods
* Improve comments explaining legacy_methods_compression handling
* Correct a small typo in ssl_tls13_parse_client_hello()
* Improve handling of legacy_compression_methods in ssl_tls13_parse_client_hello()
* Fix issue in handling legacy_compression_methods in ssl_tls13_parse_client_hello()
* Fix Changelog formatting
* Add header for mbedtls_mpi_exp_mod_unsafe()
* Improve ChangeLog
* Make mbedtls_mpi_exp_mod_unsafe internal
* Add changelog
* Tiny fix in ChangeLog pt 2
* Tiny fix in ChangeLog
* Changelog entry for the RSA memory leak
* Simplify and explain the overflow check for maximum slice length
* Add overflow check for maximum key slot length
* Tweak macro check to allow 3 extra key slices
* Fix incorrect comments on slice numbering
* Add a ChangeLog entry
* Fix guards around function now used by 1.3 as well
* Fix typos in comments
* Fix two dependency declarations in ssl-opt
* Improve some comments
* Merge 1.2 and 1.3 certificate verification
* Minor refactoring of generic SSL certificate verif
* Add support for context f_vrfy callback in 1.3
* Improve a variable's name
* Restrict the scope of a few variables
* ssl-opt.sh: Test trusted certificate callback in TLS 1.3
* tls13: Add support for trusted certificate callback
* ssl-opt.sh: Fix test case titles
* Allow no authentication of the server in 1.3
* Reorder some tests in ssl-opt.sh
* Allow optional authentication of the server in 1.3
* Add comments about 1.3 server sending no cert
* Rm translation code for unused flag
* Simplify certificate curve check for 1.2
* Make mbedtls_ssl_check_cert_usage() work for 1.3
* Clean up mbedtls_ssl_check_cert_usage()
* Test cert alert REVOKED -> CERT_REVOKED
* Test cert alert NOT_TRUSTED -> UNKNOWN_CA
* Fix ordering of a test case in ssl-opt.sh
* Add test forcing TLS 1.2 for clearer coverage
* Fix memory corruption in exp_mod tests
* Edit ChangeLog entry
* Clean up initialization in _core_exp_mod()
* Disable optionally safe test hook in threading builds
* Fix optionally safe hooks declarations
* Update ChangeLog
* Free allocated memory where methods were returning without freeing
* Add test cases for extKeyUsage
* Optimise public RSA operations
* Fix mpi_core_exp_mod documentation
* Rationalize extKeyUsage tests
* Fix Mbed-TLS build when WIN32_LEAN_AND_MEAN macro is defined globally
* The fully static key store will miss the 3.6.1 release
* Mention the option name for the dynamic key store
* Add tests for optionally unsafe code paths
* Update framework to the head of the main branch
* Add tests for optionally safe codepaths
* Use actual exponent size for window calculation
* Move _public parameters next to their target
* Make MBEDTLS_MPI_IS_PUBLIC thumb friendly
* Move MBEDTLS_MPI_IS_* macros to bignum_core.h
* Move mixed security code to small local functions
* Make _optionally_safe functions internal
* Improve documentation of MBEDTLS_MPI_IS_PUBLIC
* PSA PAKE wasn't in 2.28
* entropy.h is also going away
* Use P_CLI when O_CLI's status is not reliable
* Mention interfaces replaced by PSA drivers
* Update the submodule to the head of PR in the framework repository
* Changelog entry
* Remove MBEDTLS_PSA_UTIL_HAVE_ECDSA so that functions are only enabled when PSA enabled
* Clarify some internal documentation
* Make integer downsizing explicit
* Changelog entry for MBEDTLS_PSA_KEY_STORE_DYNAMIC
* Add test components with the PSA static key store
* Dynamic key store: make full-key-store tests work effectively
* Microoptimizations when MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled
* Dynamic key store: implementation
* psa_key_slot_t: different fields in free vs occupied slots
* Dynamic key store: disable full-key-store tests
* Dynamic key store: preparatory refactoring
* Dynamic key store: new compilation option
* Improve documentation in some tests
* Revised presentation of cipher suites
* More relevant characterisation of PSA being from before 3.0
* Improve mechanism grouping
* Fix missing bits in crypto mechanisms
* Rationalize keyUsage testing, round 2
* Always print detailed cert errors in test programs
* Fix 1.3 failure to update flags for (ext)KeyUsage
* Rationalize ssl-opt tests for keyUsage
* Test cert alert KEY_USAGE -> UNSUPPORTED_CERT
* Mention the PSA transition guide
* Announce the main removals planned for 4.0
* PSA_DONE: account for MBEDTLS_TEST_PSA_INTERNAL_KEYS
* Fix inverted assertion message
* Call in_mbedtls_repo
* Move some proj detection code inside pre_check_environment
* Match spacing in pointer types in documentation with the code style
* Rename one more deprecated identifier
* Documentation improvements
* Rename internal function psa_key_production_parameters_are_default
* key_custom: update analyze_outcomes.py
* Test cpp_dummy_build in pedantic mode
* Changelog entry for the move from key_ext to key_custom functions
* Remove some tests of psa_generate_key_ext
* Document the key_ext functions as deprecated
* Documentation: point to key_custom instead of key_ext
* Update PSA wrappers
* Implement psa_generate_key_custom
* Fix missing-prototype error for the print_buf functions in sample programs
* Revert commit 33af72df in order to not depend on test code
* Fix format-pedantic error in programs/test/metatest.c
* Use correct conditionals in programs/ssl (fix unused-function errors)
* Add missing include in tests/src/psa_memory_poisoning_wrappers.c to fix missing-prototype error
* Fix Uncrustify errors in modified tests/suites to satisfy check_code_style test
* Use correct test case conditionals for helper functions in tests/suites
* Fix tests build with MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS enabled
* Move the -Wmissing-prototypes option from library/CMakeLists.txt to the top-level CMakeLists.txt for GCC & Clang
* Adjust spacing in tests/suites function sources
* Fix missing-prototype errors in tests/suites
* Fix unused-function error for ecjpake_operation_setup in test_suite_psa_crypto.function
* Adjust spacing in sample programs
* Fix missing-prototype errors in sample programs
* Fix missing-prototype error in programs/fuzz by moving LLVMFuzzerTestOneInput prototype to common.h
* Move print_buf into mbedtls_test_print_buf helper function in sample programs
* Add missing include in tests/src/asn1_helpers.c
* Add -Wmissing-prototypes to component_build_no_ssl_srv and component_build_no_ssl_cli in all.sh
* Fix build of v3.6 with unset MBEDTLS_DHM_C but MBEDTLS_USE_PSA_CRYPTO set (fixes #9188)
* Fix server mode only build of v3.6 with MBEDTLS_SSL_CLI_C unset (fixes #9186)
* all.sh/components: Removed components.sh
* all.sh/components: Moved build_aes_via_padlock to platform component.
* all.sh/components: Moved driver components to configuration crypto.
* all.sh/components: Moved more components to configuration crypto.
* all.sh/components: Fixed a typo in configuration-tls.
* all.sh/components: Moved more components to configuration tls.
* Extract sanitizer components into a separate file.
* Extract platform components into a separate file.
* Extract configuration components into a separate file.
* Extract configuration-x509 components into a separate file.
* Extract configuration-platform components into a separate file.
* Extract configuration-crypto-components into a separate file.
* Extract compliance-components into a separate file.
* Extract compiler-components into a separate file.
* Extract build-components into a separate file.
* Extract basic-components into a separate file.
* Separate all.sh from components.
* Applied consistent style.
* Created placeholder component files.
* Update framework
* Add functions to detect project
* Introduce project_name.txt
* Miscellaneous clarifications
* Expand on performance
* Discuss why we have so many variants
* Link to issue about freeing empty slices
* Improve and fix explanation of next_free
* Update macro name about the static key store
* Typos and minor clarifications
* Improve description of who is affected
* More diversified sizes in tests
* Fix stack buffer overflow in ECDSA signature format conversions
* Force MBEDTLS_PSA_HMAC_DRBG_MD_TYPE based on CTR_DRBG
* Document that MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not force HMAC
* Update auto-generated psa_test_wrappers.
* Update the framework submodule to the merge of PR38
* Update framework as in PR 9394
* programs: fuzz: Fix comment
* tests: CMake: Align/fix config test suite generation
* CMake: Include CMakePrintHelpers
* Fix copypasta
* Keep track of PSA keys used interally
* Fix spurious test case failure with accelerated AES
* Improve full-key-store tests
* Improve the documentation of MBEDTLS_PSA_KEY_SLOT_COUNT
* Update invalid key id in a test case
* Fix overlap between volatile keys and built-in keys
* Assert that the key ID range for volatile keys is large enough
* Assert that key ID ranges don't overlap
* Add a test for the built-in key range
* Prevent mbedtls_psa_register_se_key with volatile keys
* Reorder blocks to avoid double negations
* Make it possible to enable CTR_DRBG/PSA without a PSA AES driver
* MBEDTLS_STATIC_ASSERT: make it work outside of a function
* Add TLS: password protected... to ignored_tests list
* Reverted requires_cipher_enabled AES
* Changed some tests to use requires_cipher_enabled
* Added support for MD5 in `requires_hash_alg`
* Upgrade python dependencies in requirements file
* tests/ssl_helpers: Check that message queue is popped
* psa: fix parameters' names of psa_key_derivation_verify_bytes()
* Fix some typo for include folder
* Fix typo in platform_util.c
* Update framework submodule
* Update the framework submodule to the merge of PR18
* Update framework submodule
* Update generated tls13 testcase script
* Move variable into generated bash
* Simplify path in audit-validity-dates.py
* Simplify data_files path in compat test generation
* Use variable for data_files path in ssl-opt.sh
* Replace data_files path with variable in compat.sh
* Correct redundant framework/../framework paths
* Fix line-too-long in generate_tls13_compat_tests.py
* Update directory-climbing path in context-info.sh
* Update paths pointing to tests/data_files
* Move some files to framework repository
* psa_cipher_decrypt CCM*: fix rejection of messages shorter than 3 bytes
* Update framework after merge of #28
* psa_open_key does not lock the key in memory
* Document the key store design
* changelog: add changelog
* config_psa: do not update legacy symbols in client-only PSA build
* Update generate_config_tests.py
* Add some missing handling for generated test_suite_config.*.data
* Anchor relative paths
* Driver vs referenee: ignore relevant configuration differences
* Generate config test cases for single options
* New test suite to report configuration options
* Clean up generated files enumeration
* Recognize that a double-inclusion guard is not a config setting
* Update framework submodule to the merge of PR22
* test_when_no_ciphersuites_have_mac: Fix logs
* tests: src: Fix PSA test wrappers for PAKE
* Add optionally unsafe variant of exp_mod for perf
* Update framework
* Changelog Fix
* Add ChangeLog
* Add and update some .gitignore files
* all.sh: Fix clean-up of Makefiles generated by CMake
* Code style fix
* Fix compiler warnings in test_suite_pk.function
* Use CMAKE_C_SIMULATE_ID when available to determine compiler
* Silence gcc 12.2.0 warning
* Fix incorrect array length in function prototype
* Set psk to NULL in ssl_psk_remove -backpor to 3.6
* Extend python checks to framework scripts
* Remove multi-type variable
* Allow code_style.py to work from a git hook
* Use unsigned long rather than size_t for format string readability
* Fix uint32_t printed as unsigned int
* Update framework to latest
* crypto.h: fix documentation for some functions
* changelog: add changelog for PSA CMAC fix
* adjust_legacy_crypto: enable CIPHER_C when PSA CMAC is builtin
* Update framework submodule
* Update file paths for moved files
* Move some test generation files to framework
* Make abi_check.py look in both locations
* Guard configuration-specific code
* ssl-opt.sh, compat.sh: Error out if not executing any tests
* Do not use --recurse-submodules
* Extend C code style check to framework files
* Extend basic checks of files to framework files
* Error on unexpectedly defined symbols
* Tweak wording
* Update framework submodule to the merge of #15
* fix typo
* Document that there is now an error for dangerous inclusions
* Warn if mbedtls_config.h is included manually
* Error out if *adjust* headers are included manually
* Macros to indicate the finalization level of the configuration
* Belated changelog entry for not including check_config.h
* Document check-config.h and *adjust*.h as internal headers
* Pacify pylint
* Generate test data before coverage analysis
* Improve test-ref-configs.pl
* Fix crypto_adjust_config_dependencies.h documentation
* Fix PBKDF2_AES_CMAC_PRF_128 dependencies
* Fix the resolution of dependencies on HMAC
* Fix "maybe-uninitialized" warning with GCC 11.3
* Resolve PBKDF2_AES_CMAC_PRF_128 dependencies
* Resolve some HMAC dependencies automatically
* test-ref-configs.pl: Detect automatically test with USE_PSA enabled
* Fix compat.sh filters
* config-symmetric-only.h: Add SHA3
* config-symmetric-only.h: Remove obsolete comment
* Add missing dependency that isn't autodetected
* Remove redundant RSA dependency
* Explicitly use TLS 1.2 on <=1.2-specific keyUsage/extKeyusage tests
* Fix PSK invocation: GnuTLS PSK length (more)
* Driver-only FFDH is not good enough for DHE support in TLS 1.2
* Add seme missing dependencies on renegotiation support
* Default NEXT versions to be the base executables
* Force some test cases to use TLS 1.2
* Add some missing dependencies on crypto features
* Fix PSK invocation: GnuTLS PSK length
* Fix PSK invocation: GnuTLS prompting
* Fix PSK invocation: OpenSSL client
* Require RSA when using server1* key or certificate
* Fix a compilation warning in pk.c when PSA is enabled and RSA is disabled
* Fix skipped tests in configurations without RSA
* Add invalid `padding_len` check in `get_pkcs_padding`
* Rename framework_path to framework_scripts_path
* Update framework submodule to tip of branch
* Add mbedtls_framework to mypy checks
* Add framework_path module
* Update references to mbedtls_dev
* Add framework/scripts to scripts_path.py
* Move some files to framework repository
* gitignore: ignore .vscode folder in main repo
* gitignore: ignore test_keys.h and test_certs.h
* Add note explaining component purpose
* Add all.sh component for programs without tests
* Move test generated files to main CMakeLists.txt
* generate_test_keys: move code for arrays and LUT generation to a separate function
* check-generated-files: move check for generate_test_cert_macros.py
* generate_test_[keys/cert_macros]: minor fixes
* generate_test_keys: move output file writing to a separate function
* generate_test_keys: sort keys before processing them
* check-generated-files: add test_certs.h file to the list of checked items
* generate_test_cert_macros: minor fixes
* generated_test_keys: minor fixes
* generate_test_keys: remove left-over variable
* tests/CMakeLists: fix indentation
* generate_test_keys: do not quit script if output file already exists
* generate_test_keys: add missing flush at the end of script
* test_suite_pk: use explicit key bit size instead of RSA_KEY_SIZE
* generate_test_keys: use build_tree to guess the MbedTLS root path
* generate_test_cert_macros: minor fixes
* cmake: relocate custom commands for test_certs.h and test_keys.h generation
* generate_test_cert_macros: embed input args
* tests/Makefile: minor fix: specify Python binary to be used
* fix "make generated_files" for test_keys.h and test_certs.h
* generate_test_keys: add default output file option
* tests: remove test_certs.h and test_keys.h as they are auto-generated
* test: automatically generate test_certs.h and test_keys.h
* tests: update Makefile to generate tests/src/test_keys.h
* Fix Changelog formatting
* md: fix guards for mbedtls_md_error_from_psa()
* ChangeLog: Add missing reference to CVE in security entry
* Fixed issue of redefinition warning messages for _GNU_SOURCE
* Add changelog
* Clarify psa_get_and_lock_key_slot return behaviour
* Explicitly document return behaviour
* Fix potential non-NULL slot return on failure
* ssl_mail_client: Fix code style issue
* ssl_mail_client: Check return value of mbedtls_snprintf
* ssl_mail_client: Replace snprintf with mbedtls_snprintf
* ssl_mail_client: Fix unbounded write of sprintf()
* Rewrite changelog
* Add changelog
* Fix error handling for secure element keys in `psa_start_key_creation`
* Add Changelog entry
* Add early exit if zero length AEAD AD passed in.
* Convert recent RSA key files in PEM format from PKCS8 to PKCS1
* Fix rsa_pkcs1_*_clear.der to actually be PKCS#1 files
* Use large enough keys when testing parsing of non-word-aligned RSA sizes
* Add some test RSA keys of sizes 768 and up
* Cleartext RSA keys: also make DER formats available
* Fix misspelled dependency: there is no MBEDTLS_PEM_C
* Allow PSA to not support RSA keys with non-byte-aligned sizes
* Remove redundant dependency
* Fix full invocation of ssl-opt.sh
* generate_test_keys: split group_id and key bitsize in the generated structure
* test_suite_pk: fix some descriptions in data file
* generate_test_keys: minor improvements
* changelog: fix text
* add changelog
* adjust_legacy_crypto: enable ASN1_[PARSE|WRITE]_C when RSA_C
* Simplify full invocation of compat.sh
* test_suite_pk: fix guards for pk_psa_setup()
* test_suite_pk: remove PK_PARSE_C unnecessary dependencies
* test_suite_pk: remove RSA key generation/size dependencies
* test_suite_pk: enhance pk_psa_setup() to support all key types
* test_suite_pk: use pk_setup() instead of mbedtls_rsa_gen_key() in pk_psa_wrap_sign_ext()
* test_suite_pk: use predefined RSA keys in pk_setup_for_type()
* test_suite_pk: rename pk_genkey() and pk_psa_genkey()
* test_suite_pk: fix get_predefined_key_data() return value
* generate_test_keys: generate also look-up table in script
* generate_test_keys: generate arrays for all keys in asymmetric_key_data.py
* generate_test_keys: generate also RSA public key arrays
* generate_test_keys: minor improvements
* asymmetric_key_data: fix public RSA-2048 key
* generate_test_keys: fix mypy issue for imported path
* generate_test_keys: use keys from asymmetric_key_data.py
* test_suite_pk: minor code fixes and comments improvements
* generate_test_keys.py: minor improvements
* test_suite_pk: fix guards
* pk: fix unused variable in copy_from_psa()
* test_suite_pk: add python script to generate predefined keys
* test_suite_pk: simplify pk_psa_genkey()
* test_suite_pk: simplify pk_genkey()
* test_suite_pk: fix key_id initialization value
* test_suite_pk: use look-up table instead of file for the predefined keys
* test_suite_pk: remove PSA_WANT_KEY_TYPE_[ECC/RSA]_KEY_PAIR_GENERATE dependencies
* test_suite_pk: modify pk_psa_genkey() in order to use predefined keys
* test_suite_pk: use a single helper function to generate PSA keys
* test_suite_pk: modify pk_genkey() in order to use predefined keys
* test-data: add predefined RSA and EC keys
* ssl-opt.sh: Fix some test dependencies
* Use latest installed OpenSSL 3 as OPENSSL_NEXT
* ssl-opt.sh: Adapt tests to OpenSSL 3
* Add RSA key certificates
* compat.sh: properly skip unsupported DTLS 1.2
* compat.sh: properly report skipped tests
* Add change log
* tls13: Do not initiate at all resumption if tickets not supported
* tls13: Fix doc of mbedtls_ssl_session_set() - 2
* tls13: Fix doc of mbedtls_ssl_session_set() - 1
* tls13: Fix doc of mbedtls_ssl_session_get() - 2
* tls13: Fix doc of mbedtls_ssl_session_get() - 1
* tls: Fix doc of mbedtls_ssl_session_save()
* ssl_msg.c: Rename _check_new_session_ticket to _is_new_session_ticket
* all.sh: Use full instead of default as the base for the new component
* tests: ssl: Fix dependencies of SRV TLS 1.3 session serialization tests
* ssl-opt.sh: Add tests where tickets are ignored
* tls13: cli: Ignore tickets if not supported
* ssl-opt.sh: Add missing MBEDTLS_SSL_SESSION_TICKETS dependencies
* all.sh: Add component testing default minus session tickets
* tests: ssl: Fix dependencies of TLS 1.3 session serialization tests
* tests: ssl: Add hostname checks in session serialization tests
* tests: ssl: Remove redundant test
* tests: ssl: Fix session field guards
* Constify parameter of ssl_tls13_session_load
* Enable ssl_tls13_get_ciphersuite_hash_alg only if macro is active
* Unconditionally define session variable
* tls13: srv: Fix guards of _is_psk_(ephemeral_)available
* Guard ticket specific TLS 1.3 function with macro
* Fix closing comment to match opening guard
* Fix style of preprocessor expression
* Fix failures in psa_cryto_driver_wrappers suite
* Add missing dependency of fallback test in driver wrappers suite
* Add missing definition of AT_LEAST_ONE_BUILTIN_KDF
* Fix wrong dependency in psa_crypto_driver_wrappers suite
* Fix wrong dependency in psa_crypto_pake suite
* Fix typo in ssl test suite
* Correct dependancy on `MBEDTLS_X509_INFO` for x509parse
* We now have two LTS branches to backport to.
* pk: fix documentation of mbedtls_pk_setup_opaque()
* pk: fix typos in description of mbedtls_pk_setup_opaque()
* pk: add check_pair info to mbedtls_pk_setup_opaque() documentation
* test_suite_pk: add failing check for sign_ext() in pk_psa_wrap_sign_ext()
* pk: simplify mbedtls_pk_sign_ext()
* pk: fix description of mbedtls_pk_setup_opaque for sign_ext()
* pk: fix indentation in description of mbedtls_pk_setup_opaque()
* pk: fix description of mbedtls_pk_setup_opaque()
* pk: update documentation of mbedtls_pk_setup_opaque() based on #8951
* pk: fix documentation for mbedtls_pk_setup_opaque()
* pk: improve documentation of mbedtls_pk_setup_opaque()
* pk: fix documentation for mbedtls_pk_setup_opaque()
* test_suite_pk: test check_pair() also with opaque RSA keys
* Fix NULL handling in mbedtls_ssl_config.free() function
* Fix compilation of ssl_tls13_generic.c when memcpy() is a function-like macro
* Revert "Autogenerated files for 3.6.0"
* Fix NULL argument handling in mbedtls_xxx_free() functions
* ssl-opt.sh: Improve version selection test titles
* test_suite_pk: simplify pk_copy_from_psa_success()
* Check C/C++ compilers separately for AppleClang ranlib
* Fix compilation on macOS without apple-clang
* Remove the workarround for G->m dtls12 tests
* Align the case listing with case running in compat.sh
* Thu Apr 04 2024 Martin Pluskal <mpluskal@suse.com>
- Update baselibs.conf
* Wed Apr 03 2024 guillaume.gardet@opensuse.org
- Update to version 3.6.0 (new LTS):
* Fix typo in psa_key_production_parameters_t doc: 65535 should be 65537
* Record size limit support is released, so remove warning about only for testing
* Autogenerated files for 3.6.0
* Fix some Changelog typos
* Version Bump for 3.6.0
* Assemble Changelog
* Fix #ifdef guard in driver wrapper template
* test_suite_pk: fix guards in pk_psa_sign()
* add changelog
* pkwrite: add new internal symbol for the max supported public key DER length
* test_suite_pk: uniformly generate RSA and EC keys in pk_psa_sign()
* test_suite_pk: fix guards in pk_psa_sign()
* test_suite_pk: test also RSA OAEP in pk_wrap_rsa_decrypt_test_vec()
* pk_wrap: fix algorithm selection in rsa_opaque_decrypt()
* test_suite_pk: fix guards in pk_psa_sign()
* test_suite_pk: properly size buffers for public keys in pk_psa_sign()
* test_suite_pk: test also RSA keys with PKCS1 v2.1 padding mode in pk_psa_sign()
* pk_wrap: fix algorithm selection in rsa_opaque_sign_wrap()
* test_suite_pk: fix RSA issue in pk_psa_sign() when !PK_[PARSE|WRITE]_C are defined
* test_suite_pk: rename some variables in pk_psa_sign()
* test_suite_pk: reshape pk_psa_sign()
* tls13: srv: Fix potential stack buffer overread
* test_suite_pk: always test verify_ext with opaque keys in pk_psa_wrap_sign_ext()
* add changelog
* Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
* Remove 'Question' line around testing
* Replace reference to master
* pk: check PK context type in mbedtls_pk_verify_ext() before trying RSA PSS
* test_suite_pk: extend pk_psa_wrap_sign_ext()
* Mention metatest.c
* Mention MBEDTLS_TEST_MEMORY_CAN_POISON
* Discuss test wrappers and updating them
* Update BRANCHES
* Add discussion of copying conveience macros
* Add issues fixed to changelog entry
* Abstractify example in design exploration
* Rename mbedtls_psa_core_poison_memory()
* Clarify design decision in light of actions
* Minor relaxation to auto-gen regex
* all.sh: Add TLS 1.2 only component
* all.sh: Adapt/Fix some components
* all.sh: Disable TLS 1.3 when pre-requisites are not meet
* Enable TLS 1.3 by default
* line length fix
* Check file content to see if it looks auto-generated
* Update docs/architecture/psa-thread-safety/psa-thread-safety.md
* Add changelog entry for threading MVP
* Respond to feedback on psa-thread-safety.md
* Update slot transition diagram
* Add explanatory comment for init flags
* Add comments about RNG mutex requirements
* Start subsystem IDs at 1 instead of 0
* Improve tls13-support.md
* Fix documentation about anti-replay defenses
* Improve the change log
* Remove experimental warnings related to early data
* Fix minor style issues
* pk_import_into_psa: test persistent keys
* Add ALPN checking when accepting early data
* Fix bug in ALPN negotiating
* Drop reference to Visual Studio 2013 from config
* Update changelog
* Document that we do not implement the anti-replay defenses
* tls13-early-data.md: Fix reading early data documentation
* tls13-early-data.md: Adapt code examples to new coding style
* docs: Move TLS 1.3 early data doc to a dedicated file
* tls13-support.md: Stop referring to the prototype
* tls13-support.md: Early data supported now
* tls13-support.md: Some fixes
* Add change log for early data feature
* ssl-opt.sh: Add m->m resumption and early data tests
* ssl-opt.sh: Rework m->m resumption tests
* ssl-opt.sh: Move m->m resumption tests
* ssl-opt.sh: Rework O->m placeholder test
* ssp-opt.sh: Expand G->m resumption and early data tests
* ssl-opt.sh: Group TLS 1.3 resumption and early data G->m tests
* ssl-opt.sh: Rework m->O resumption and early data tests
* ssl-opt.sh: Remove m->O early data test based on external PSK
* ssl-opt.sh: Expand m->G resumption and early data tests
* ssl-opt.sh: Remove redundant early data test
* ssl-opt.sh: Group TLS 1.3 resumption and early data m->G tests
* ssl-opt.sh: Group TLS 1.3 resumption and early data compat tests
* ssl_server2: Split early data enablement from max_early_data_size setting
* Rewrite section on PSA copy functions
* Document unsupported concurrency scenario in psa_exercise_key
* Add missing PSA_ASSERT in mbedtls_test_psa_raw_key_agreement_with_self
* Use TEST_FAIL in threaded tests
* Fix typo in thread_import_key
* Document security weakness in concurrent execution of psa_destroy_key
* Rework and update psa-thread-safety.md
* Preserve alphabetical sorting of config options
* Remove MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS from full
* Update wrapper generation script and regenerate
* Invert and rename config option
* tls13: Use a flag not a counter for CCS and HRR handling
* Fix state transition diagram
* Add change log
* Add CVE IDs to Changelog
* Fix code style in ssl_tls.c
* Increase ALPN length in saved session to 2 bytes
* Add code improvments and refactoring in dealing with ALPN
* Fix possible overflow in ALPN length when saving session
* Fix code style in ssl_tls.c
* Update serialized session description with ALPN information
* Add ALPN bit flag to session header
* Add mbedtls_ssl_session_set_alpn() function
* Add ALPN information in session tickets
* Work around a bug in ancient lcov
* Add test cases for concurrently_use_same_persistent_key
* Add test function for concurrently using the same persistent key
* Add key_destroyable parameter to key export smoke tests
* Add key_destroyable parameter to non-raw key agreement smoke tests
* Reference issue #3266
* Use the exact phrase 'shared memory'
* Mention the CVE number that is fixed
* Reword ChangeLog entry. Specifically:
* Add PSA threaded init tests
* Protect the key slot management initialised flag
* Add mbedtls_psa_crypto_init_subsystem()
* fix code style
* missing word
* Remove further instance of LOCAL_OUTPUT_WITH_COPY
* Update compilers list in docs and changelog
* Update the MSBuild toolset versions to VS2017
* Rename solution files to referece VS2017
* Check gcc version
* pk: uniformly guard set/get enrollment algorithm calls with CRYPTO_C
* psa_crypto_stubs: extend stub functions for the CRYPTO_CLIENT tests
* all.sh: modify/add test components for CRYPTO_CLIENT
* pk: use CRYPTO_CLIENT as guard for PK-PSA bridge functions instead of CRYPTO_C
* Fix copypasta
* Regenerate PSA wrappers for new PSA functions
* Remove LOCAL_OUTPUT_ALLOC_WITH_COPY
* Add key_destroyable parameter to raw key agreement smoke tests
* Add key_destroyable parameter to key derivation smoke tests
* Add key_destroyable parameter to exercise_asymmetric_encryption_key
* Add key_destroyable parameter to exercise_signature_key
* Add key_destroyable parameter to exercise_aead_key
* Add key_destroyable parameter to psa_exercise_cipher_key
* Add key_destroyable parameter to exercise_mac_key
* Add key_destroyable parameter to check_key_attributes_sanity
* Add key_destroyable parameter to mbedtls_test_psa_exercise_key
* Add bugfix section about buffer sharing
* tls13: cli: Rename STATUS_NOT_SENT to STATUS_NOT_INDICATED
* tls13: cli: Fix comment
* tls13: cli: Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz
* tls13: cli: Re-order early data states
* tls13: cli: Rename STATE_SENT to STATE_IND_SENT
* tls13: cli: Rename STATE_NOT_SENT to STATE_NO_IND_SENT
* tls13: cli: Rename STATUS_NOT_SENT to STATUS_NO_IND_SENT
* tls13: cli: Rename STATE_UNKNOWN to STATE_IDLE
* tls13: cli: Split early data user status and internal state
* Reword ChangeLog entry for shared memory work
* Fix gcc -O3 warnings
* Fix missing semicolon
* ssl-opt.sh: Add O->m server version selection tests
* Fix removed space in merge resolution
* Change goto exit into direct return
* ssl-opt.sh: Expand MbedTLS only version negotiation tests
* ssl-opt.sh: Change MbedTLS only version negotiation tests
* ssl-opt.sh: Group MbedTLS only version negotiation tests
* ssl-opt.sh: Group cli ver nego tests against GnuTLS and OpenSSL
* ssl-opt.sh: Expand G->m server version selection tests
* ssl-opt.sh: Change G->m server version selection tests
* ssl-opt.sh: Group G->m server version selection checks
* Protect PSA drivers_initialized with mutex
* Protect PSA global rng data with mutex.
* Protect PSA global initialized flag with mutex.
* Add new mutex for PSA global rng data
* Add new global mutex for PSA global_data
* Fix copypasta
* Fix and test pk_copy_from_psa with an unsupported algorithm
* Test mbedtls_pk_copy_public_from_psa on non-exportable keys
* New function mbedtls_pk_copy_public_from_psa
* Simplify locating original tool
* Remove unnecessary use of export
* MBEDTLS_USE_PSA_CRYPTO: most pk bridge functions don't require it
* Remind the reader that PK doesn't support DH
* Discuss mbedtls_pk_copy_public_from_psa
* test_suite_pk: revert erroneous missing initialization of PSA key IDs
* test_suite_pk: add comment for pk_copy_from_psa_builtin_fail
* changelog: fix text
* mbedtls_pk_decrypt/encrypt actually check the padding mode
* Add ChangeLog for PSA buffer sharing fix
* Do not attempt to wipe output buffer if it is NULL
* Flip logic of generate_psa_wrappers.py
* Generate memory poisoning in wrappers
* Add buffer copying to psa_verify_hash_start()
* Add buffer copying to psa_sign_hash_start/complete
* Fix IAR warning
* Fix and improve the change log
* Fix code style
* pk: improve mbedtls_pk_copy_from_psa()
* test_suite_pk: fix some comments
* pk: fix documentation for mbedtls_pk_copy_from_psa()
* changelog: fix text and typos
* changelog: enhance description
* test_suite_pk: when ANY_HASH is used then pick any available MD alg in the build
* test_suite_pk: improve PSA alg selection in pk_copy_from_psa_success()
* test_suite_pk: destroy original xkey after pk_copy_from_psa() in pk_copy_from_psa_success()
* test_suite_pk: add description for psa_pub_key_from_priv()
* test_suite_pk: minor fixes for test failures
* rsa: rsa_rsassa_pss_sign() to check MD alg both in parameters and RSA context
* test_suite_pk: add new test case for an algorithm only avaible in driver
* pk: pk_copy_from_psa() performs the conversion even if the algorithm doesn't match
* test_suite_pk: add more test cases for pk_copy_from_psa_success()
* test_suite_pk: various minor fixes
* pk: fixed documentation of mbedtls_pk_copy_from_psa()
* add changelog
* test_suite_pk: extend testing in pk_copy_from_psa()
* pk_wrap: use correct PSA alg in rsa_encrypt_wrap() when USE_PSA
* test_suite_pk: rename PK context variables
* test_suite_pk: add key pair check in pk_copy_from_psa_success()
* pk: let psa_export_key() check if the key is exportable or not
* all.sh: keep RSA_C enabled in component_full_no_pkparse_pkwrite()
* Changelog: Added entry for ssl_session accessors.
* Remove volatile from declaration
* Fix use of volatile
* Fix typo
* test_suite_pk: fix typos
* pk_ecc: fix documentation
* pk: replace CRYPTO_CLIENT guards with CRYPTO_C
* all.sh: add test component based on full config without PK_[PARSE|WRITE]_C
* pk: move ECC setters to a separate file
* test_suite_pk: add some initial testing for mbedtls_pk_copy_from_psa()
* pk: add mbedtls_pk_copy_from_psa()
* pkparse: make EC/RSA setup functions internally available
* tls13: cli: Discard ticket with zero lifetime
* tls13: srv: Fail connection if ticket lifetime exceed 7 days
* Fix potential bug in psa_destroy_key where multiple threads can return PSA_SUCCESS
* Improve style
* Avoid implementation defined behaviour
* Hinder unwanted optimisations
* tests: ssl: early data: Fix comments
* ssl_ticket.c: Fix ticket lifetime when parsing
* ssl_ticket.h: Fix note in API documentation
* ssl_client2: Fix early data log
* tests: suite: early data: Add comments
* tests: ssl: Improve early data test code
* tests: ssl: Improve test code for very small max_early_data_size
* ssl_msg.c: Fix log position
* ssl-opt.sh: Fix early data test option
* tls13: srv: Fix/Improve debug logs
* tls13: srv: Fix/Improve comments
* tls13: srv: Fix initialization value
* tls13: srv: Code improvements
* tls13: srv: Add/Improve comments
* tls13: srv: Move PSK ciphersuite selection up
* tls13: srv: Simplify resumption detection
* tls13: srv: Simplify kex availability checks
* tls13: srv: Improve key exchange mode determination
* tls13: srv: Fix resume flag in case of cancelled PSK
* tls13: srv: Determine best key exchange mode for a PSK
* tls13: srv: Factorize ciphersuite selection code
* tls13: srv: Fix MBEDTLS_SSL_SESSION_TICKETS guard position
* tls13: srv: Always parse the pre-shared key extension
* tls13: srv: Stop earlier identity check
* tls13: srv: Improve ticket identity check return values
* tls13: srv: Fix return value
* tls13: srv: Define specific return macros for binder check
* Avoid recursion for relative paths
* Follow-up for less verbose logging
* Do not forget about TLS 1.2 disabled at runtime aspect
* tls13: Improve comment about cast to uint32_t
* Improve change log
* Add change log
* Remove MBEDTLS_THREADING_C check in check_test_dependencies
* Allow the use of threading dependancies in PSA tests.
* Disable MBEDTLS_SELF_TEST in the TSan config
* Add test cases for concurrently_generate_keys
* Add a concurrent key generation test function
* Fix issue with large allocation in tests
* test_suite_ssl: Added ssl_session_id_accessors_check.
* Ensure blocksize is compile-time const when DES not present
* Improve PBKDF2 with CMAC perf by ~16%
* library: psa_crypto: Explicitly initialize shared_secret
* Add a warning to the definition of MBEDTLS_PSA_CRYPTO_SE_C
* test_suite_x509parse: Added test-case for legacy certificate
* Ensure drivers have threading enabled if required
* Explicitely remove the deprecated driver interface from the TSan config
* Document deprecated transaction system as non thread safe
* tls13: Remove unnecessary cast from size_t to uint32_t
* x509: Reworded documentation bits.
* List ECDSA signature conversion functions
* Document mbedtls_pk_setup_opaque and mbedtls_pk_copy_from_psa
* Document mbedtls_pk_import_into_psa
* Mention psa_generate_key_ext()
* Adjust defaults
* Fix intended code blocks that were not suitably indented
* Fix merge
* Update submodule after PR merge
* In library, with make, only require the framework for generated files
* Show guidance if the framework is not found
* Note the need to tell git to set up the submodule
* Add docstrings to pacify pylint
* Tell ReadTheDocs to include framework submodule
* Support Git submodules
* Framework submodule: fix the libtestdriver1 build
* Add framework submodule with makefiles
* ssl: Added session getter for ciphersuite_id.
* ssl_ciphersuite: Added getter methods for ciphersuite id.
* ssl: Added getter methods for session id and len.
* ssl_helpers: Restore rng_seed incrementation
* Added changelog
* tests: Added test for `mbedtls_x509_crt_get_ca_istrue()`
* x509: Added `mbedtls_x509_crt_get_ca_istrue()` API accessor.
* Changelog: Added changelog for `mbedtls_ecdh_get_grp_id`.
* tests: ssl: Free write/read test buffers
* tests: write early data: Improve tls13_cli_max_early_data_size
* tests: write early data: Allocate buffer to write/read
* psa_crypto_stubs/changelog: fix typos
* tests: Set the default conf then customize
* tests: ssl_helpers: Rename rng_get to mbedtls_test_random
* Adjust default unroll settings
* tls13: cli: Fix error code not checked
* tls13: Rename early_data_count to total_early_data_size
* tests: ssl: Test enforcement of maximum early data size
* tls13: cli: Enforce maximum size of early data
* ssl: Add early_data_count field
* tests: ssl: Add max_early_data_size option
* Fix code style
* Fixup: add peer_cert_digest_type to comment
* Add ChangeLog entry for ssl serialization bitflags
* Fix naming inconsistencies in config bits
* tests: ssl: Restore write_early_data test function
* tests: ssl: Improve tls13_srv_max_early_data_size()
* tls13: Rename early_data_count to total_early_data_size
* tls13: generic: Fix log
* tests: srv max early data size: Add reach_max test arg
* Enforce maximum size of early data in case of HRR
* Enforce maximum size of early data when rejected
* tests: ssl: Test enforcement of maximum early data size
* tls13: srv: Enforce maximum size of early data
* tls13: srv: Do not forget to include max_early_data_size in the ticket
* ssl: Add early_data_count field
* tests: ssl: Add max_early_data_size option
* Fix formatting
* Fix missing fields in ssl session struct comment
* Move session descriptions into a single comment
* Add config guards to session struct comments
* Move session functions to same part of file
* Update ssl session serialization config bitflag
* Add session config bit for KEEP_PEER_CERTIFICATE
* Require framework directory to exist when building
* changelog: fix description
* psa_util: change guard for mbedtls_psa_get_random() to CRYPTO_CLIENT
* blank line for readability
* Use export to set VERBOSE_LOGS
* add changelog
* Fix docs
* simplify printf call
* improve docs
* Add editor hint for emacs
* Rename quiet to quiet.sh
* add changelog
* tests: Added test for `mbedtls_ecdh_context_grp`
* echd: Added `mbedtls_ecdh_get_grp_id` getter.
* Fix incorrect conflict resolution
* Do not copy the content to the local output buffer with allocation
* Remove write check in driver wrappers tests
* Fix buffer protection handling for `cipher_generate_iv`
* Update test wrapper functions for ciper buffer protection
* Add buffer protection for `cipher_generate_iv` and `cipher_set_iv`
* Move local buffer allocation just before usage
* Add `LOCAL_OUTPUT_ALLOC_WITH_COPY` macro if buffer protection is disabled
* Fix ASAN error for `psa_cipher_update`
* Add test wrapper functions for cipher buffer protection
* Add buffer protection for cipher functions
* Add missing guards around exit label
* mbedtls_ecp_write_key_ext(): Upgrade import_pair_into_psa as well
* mbedtls_ecp_write_key_ext(): make key const
* mbedtls_ecp_write_key_ext: document error for no private key set
* mbedtls_ecp_write_key(): deprecate the old function
* mbedtls_ecp_write_key_ext(): migrate internally
* mbedtls_ecp_write_key_ext(): recommend over the old function in documentation
* mbedtls_ecp_write_key_ext(): new function
* Fix code style
* ssl_test_lib: add guards for pk_wrap_as_opaque()
* pk: fix alg selection in mbedtls_pk_sign_ext() for opaque keys
* psa_crypto_random_impl: minor fixes
* Get rid of flags in attributes
* In attributes, keep track of slot number through a dedicated field
* Get rid of psa_core_key_attributes_t
* Don't access psa_key_attributes_t.core
* Get rid of intermediate full-attributes local variables
* Switch key slots to psa_key_attributes_t
* psa_key_attributes_t: move slot_number to core structure
* Use attribute accessor functions in driver wrappers
* test_suite_pk: initialize all PSA key IDs and attributes
* ssl_helpers: minor fix in mbedtls_test_ssl_endpoint_certificate_init()
* pk: completely remove mbedtls_pk_wrap_as_opaque
* Add missing casts
* pk: deprecate mbedtls_pk_wrap_as_opaque()
* programs: remove usage of mbedtls_pk_wrap_as_opaque() from tests
* test: remove usage of mbedtls_pk_wrap_as_opaque() from tests
* Simplify pi rolled-up variant
* Test all unroll variations
* Send printed command to stderr
* remove trailing space from printed command
* Improve simplified quoting
* remove shebang from quiet
* Improve docs
* Quote directory name from cmake wrapper
* Undo not-needed change
* Allow wrappers to be missing; quote directory name from make
* Generate test wrappers for psa_generate_random()
* Add buffer copying to psa_generate_random()
* Finish cleaning up override that's no longer needed
* Remove domain parameters from psa_key_attributes_t
* Un-unrestore mbedtls_x509_string_to_names()
* Suppress pylint
* Avoid infinite loop
* Extract common parts of quiet wrapper
* psa: simplify management of mbedtls_psa_drbg_context_t
* Tidy up quiet wrappers
* Move quiet wrapper setup
* psa: let mbedtls_psa_get_random() always use psa_generate_random()
* Remove domain parameters from the public API
* Rename variables
* Ignore domain parameters in RSA key generation
* psa: move mbedtls_psa_get_random() to psa_util.c
* typo
* Improve documentation / comments
* Remove cruft
* Changelog entry for benchmark improvement
* Improve changelog
* Improve validation in mpi_exp_mod_min_RR
* Use TEST_EQUAL instead of TEST_ASSERT in new code
* Benchmark only one side of ECDH, both static and ephemeral
* tests: write early data: Improve get_early_data_status testing
* tls13: Improve sanity check in get_early_data_status
* ssl_context_info: explicitly note accesses to private fields
* Don't authorize private access to fields where not actually needed
* fuzz_dtlsserver: explicitly note the one access to a private field
* Decouple if statements in psa_raw_key_agreement exit.
* fuzz_pubkey, fuzz_privkey: no real need to access private fields
* tls13: Improve documentation
* tests: read early data: Use write API to send early data
* tests: read early data: Add no early data indication sent scenario
* Make psa_open_key threadsafe
* tests: ssl: Rename tls13_early_data to tls13_read_early_data
* Make multi-part AEAD operations thread-safe
* Make multi-part PAKE operations thread-safe
* Make multi-part key derivation operations thread-safe
* Make multi-part cipher operations thread-safe
* Make restartable signature verifications thread-safe
* Make restartable signature operations thread-safe
* Make multi-part MAC operations thread-safe
* Benchmark: not using private fields anymore
* Benchmark: remove the legacy-context ECDH block
* tls13: cli: Add mbedtls_ssl_get_early_data_status() API
* tls13: cli: Add missing MBEDTLS_SSL_EARLY_DATA guards
* tests: write early data: Inverse loop over state logic
* tests: write early data: Check we can complete handshake after writing
* ssl_client2: Improve loop writing early data
* ssl_client2: Default to library default for early data enablement
* Improve comments/documentation
* Revise how output allocation is checked
* tls13: write_early_data: Add endpoint check
* Rework check for failed output allocation
* Fix style
* Fix MBEDTLS_MPI_WINDOW_SIZE documentation
* Exp mod: handle negative zero
* Use mbedtls_ct_condition_t in mpi_core_check_zero
* Remove unnecessary ChangeLog entry
* Unrestore mbedtls_x509_string_to_names()
* Exp mod: tidy up temporary storage allocation
* Clarify which unregister operation needs to be used
* More renaming: method -> production parameters
* project: set version
* Rename "key generation method" to "key production parameters"
* Exp mod: Make sure RR has enough limbs
* Check output allocated before randomising
* Remove initialization function for variable-length struct
* Fix copypasta
* fix changelog
* add changelog
* rsa: remove leftovers from mbedtls_rsa_parse_[pub]key()
* pem: zeroize the entire buffer in case of errors in mbedtls_pem_read_buffer()
* test_suite_pk: fix data in some RSA related test cases
* pk: fix documentation for RSA sign/verify and encrypt/decrypt
* test_suite_pk: remove leftover comment
* pem: fix return values in pem_check_pkcs_padding()
* test_suite_pem: fix comment in test case
* ECP write/export key: document that these functions don't detect unset data
* mbedtls_ecp_write_key: document and test smaller output buffer
* mbedtls_ecp_write_key: document and test larger output buffer
* mbedtls_ecp_write_key: no FEATURE_UNAVAILABLE error
* Improve style
* Exp mod: clarify preprocessing
* Add ChangeLog entry for restoring X509 functions
* Exp mod: simplify 0 exponent handling
* Restore X509 functions erroneously made private
* Exp mod: use assignment instead memcpy
* Exp mod: move declarations before use
* Bignum: Remove/update obsolete comments
* test_suite_pem: solve driver test disparities
* pem: do not parse ASN1 data after decryption (removes ASN1 dependency)
* test_suite_pem: add more test cases for invalid padding data
* pk: fix documentation for sign/verify and encrypt/decrypt
* test_suite_pk: add test cases for RSA keys (sign/verify & crypt/decrypt)
* pem: reject empty PEM contents
* To check if client random number is unchanged while receiving HRR
* mbedtls_pk_import_into_psa: fix Montgomery keys in the legacy case
* After pk_import_into_psa, test that the keys match
* New test helper: mbedtls_test_key_consistency_psa_pk
* tests: ssl: early data: Add systematic default case in scenario switches
* tls13: Improve declaration and doc of early data status
* tls13: Fix/Improve comments
* tls13: client: Add comment about early data in 2nd ClientHello
* tls13: Use a flag not a counter for CCS and HRR handling
* Fix copypasta
* Test mbedtls_pk_import_into_psa with different bits
* Improve quote_args output readability
* pk_wrap: set proper PSA algin rsa wrappers based on padding mode set in RSA context
* Improve output from make/cmake wrapper
* Conditionally include exit label
* Generate test wrappers
* Add buffer protection to psa_key_derivation_key_agreement
* Lock test mutex before doing mutex usage check
* Add buffer protection to psa_raw_key_agreement
* Fix missing mutex lock for mutex usage error
* Rename internal test info data accessors
* Use named constants FROM_PAIR/FROM_PUBLIC for readability
* Always display make/cmake invocation command
* Fix encrypt/decrypt confusion
* Rename identifier for consistency
* Only test custom-e RSA key generation when built in
* generate key ext: skip driver invocation with non-default method
* generate/derive key ext: pass method_data_length rather than method_length
* psa_generate_key_ext: RSA: support custom public exponent
* Add Changelog
* Increase default exponentiation window size
* Bignum: remove unused functions
* Use mpi_core_exp_mod in bignum.
* Implement psa_generate_key_ext, psa_key_derivation_output_key_ext
* Refactoring: extract rsa_test_e
* Document new functions psa_generate_key_ext, psa_key_derivation_output_key_ext
* check_config: add missing dependency check for MBEDTLS_PK_WRITE_C
* check_config: combine check for MBEDTLS_PK_PARSE_C
* Check MBEDTLS_PK_{PARSE,WRITE}_C requires MBEDTLS_OID_C
* pk: remove duplicate define of MBEDTLS_PK_HAVE_ECC_KEYS
* test_suite_pk.function: add correct dependency
* Add checks for PK_[PARSE/WRITE]_C when PK_HAVE_ECC_KEYS is set
* Make internal test info accessor functions static.
* Add metatests for failing TEST_EQUAL and TEST_LE_*
* Comment on locking strategy in psa_fail_key_creation
* Revert psa_reserve_free_key_slot changes, lock in start_key_creation instead
* Make psa_fail_key_creation thread safe
* Make psa_finish_key_creation thread safe
* Make psa_reserve_free_key_slot thread safe
* Docs; minor tidy-up
* roll up chi loop for gcc -Os
* pacify check-names
* roll-up chi loop on clang
* pacify check-names
* Improve docs; pacify check-names
* tls13: client: Improve CCS handling
* add changelog
* test_suite_psa_crypto: fix some test descriptions
* test_suite_pem: add more test cases for encrypted PEM buffers
* pem: check data padding in DES/AES decrypted buffers
* Roll/unroll various bits
* newline at end of changelog file
* fix cast warning
* Read pi table in 4-byte chunks
* Read rho table in 4-byte chunks
* Rotate right instead of left
* Pack the iota round constants
* fill out missing dot in changelog
* Update ChangeLog.d/pkg-config-files-addition.txt
* Fix deadlock with test failures
* Fix remaining warnings from -Wshorten-64-to-32
* Fix IAR cast warning
* changelog for bugfix
* Prioritize SHA2 over MD5 for KNOWN_SUPPORTED_HASH_ALG
* Don't exercise if the algorithm is not supported
* Fix some preprocessor guards
* Don't define pk_sign_verify in configurations where it's unused
* depends.py: set unique configuration names in outcome file
* mbedtls_pk_import_into_psa: positive tests with pkparse output
* mbedtls_pk_import_into_psa: negative tests for different ECC curve
* mbedtls_pk_import_into_psa: implement and test
* exercise_key: fix asymmetric encrypt/decrypt with >2028-bit RSA
* exercise_key: allow SIGN_MESSAGE/VERIFY_MESSAGE with PSA_ALG_ANY_HASH
* Also check the RSA length for public keys
* Cosmetic fix
* Generate all test wrappers
* Generate test wrappers
* Implement safe buffer copying in asymm. encryption
* Fix return code error when locking mutex
* Change condition on wiping tag buffer
* Modify allocation and buffer wiping in sign_finish
* Fix code style
* Conditionally include exit label
* Generate test wrappers for mac functions
* Implement safe buffer copying in MAC API
* Fix code style
* Conditionally include exit label
* Generate test wrappers for hash functions
* Implement buffer copy code in psa_hash_compare
* Make new internal function static
* Implement safe buffer copying in hash API
* Add missing dependency on PEM
* Fix mbedtls_pk_get_bitlen() for RSA with non-byte-aligned sizes
* New function mbedtls_rsa_get_bitlen()
* adjust indentation
* move entropy init prior arguments number recognition
* mbedtls_pk_import_into_psa: documentation
* Choose a curve for tests at compile time
* Remove unnecessary setting of status variable
* test_suite_pem: more tests for ASN.1 parsing after decoding
* Replaced MBEDTLS_GCM_LARGETABLE by MBEDTLS_GCM_LARGE_TABLE. Removed empty comment line in doc block.
* Fix error path in `psa_key_derivation_output_bytes`
* Fix typo / improve documentation for test step fns
* Fix issue with lock failures returning CORRUPTION_DETECTED
* Fix mutex unlock error handling in psa_destroy_key
* Reduce analyze_block_cipher_dispatch exceptions
* Use NULL for pointer initialization
* Ajdusted change log.
* tls12: Fix documentation of TLS 1.2 session serialized data
* Add change log for mbedtls_ssl_session_get_ticket_creation_time()
* tests: ssl: Improve test parameter sanity check
* ssl_session: Reorder some fields to reduce padding
* Add change log
* test_suite_[pkparse|x509parse]: fix return values of some PEM related error tests
* pem: fix valid data length returned by mbedtls_pem_read_buffer()
* asn1: enable mbedtls_asn1_get_tag() when PEM_PARSE_C is defined
* rsa: reject buffers with data outside main SEQUENCE when parsing keys
* Remove useless overly strong dependency
* Remove comments referencing private defines.
* Add changelog.
* spelling
* Reformat AES encryption test data in pkcs5 tests
* Add PKCS5/12 exceptions to analyze_block_cipher_dispatch
* Fix: - Remove unnecessary tests. - Update description of MBEDTLS_GCM_LARGETABLE parameter. - Move acceleration defines from gcm.h to gcm.c. - Remove unnecessary zero setting after shift. - Fix implementation for big-endian architectures.
* Remove redundant check
* Move config adjustment to config_adjust
* Remove temporary macros that are not needed
* Fix wrong dependency of ECJPAKE_C
* Fix dependency on low-level hash modules
* Simplify and fix dependency of MD_C on a hash
* Remove redundant helper macros in check_config.h
* ssl-opt.sh: Establish TLS 1.3 then TLS 1.2 session
* ssl-opt.sh: Establish TLS 1.2 then TLS 1.3 connection
* tls: Reset TLS maximum negotiable version
* build_info should look for MBEDTLS_PSA_CRYPTO_CLIENT as well
* Inline the SHA3 parameters table into a switch
* Reformat wrapper generation code
* Guard memcpy so that it won't fail on null input pointer
* Guard the exit to stop unused label warning
* Restructure wrapper script
* Generate test wrappers for key derivation
* Fix psa_key_derivation_output_bytes
* Protect key_derivation_output_bytes
* Protect psa_key_derivation_input_bytes
* Fix trailing parenthesis
* psa_util: improve leading zeros check in convert_der_to_raw_single_int()
* Fix confusing comment in ctr drbg thread test
* test_suite_psa_crypto_util: add more test for raw->der
* psa_util: update documentation for mbedtls_ecdsa_raw_to_der()
* Add MBEDTLS_CIPHER_C dependencies to new pkparse tests
* Make check_config aware of MBEDTLS_PSA_CRYPTO_CLIENT
* Enhance GCM throughput using larger precalculated tables. Also refactored the code for shorter tables and moved the check for available accelerators to the context initialization code.
* Slightly soften force-push suggestion
* Remove comments about rebasing vs merging; link to longer RTD document
* Remind contributors not to force-push
* Wording improvement
* tests: write early data: Add HRR scenario
* tests: write early data: Add "server rejects" scenario
* tests: write early data: Add "not sent" scenario
* tests: ssl: Add write early data unit test
* Add test case for early data writing
* ssl_client2: Add support for early data writing
* ssl_client2: Add buffer overflow check
* ssl_client2: Switch from int to size_t
* ssl_client2: Move code to build http request
* ssl_client2: Simplify early_data option
* tls13: cli: Add mbedtls_ssl_write_early_data() API
* rsa: remove unnecessary check in priv/pub key parsing
* ECDSA signature conversion: put bits first
* Stop platform test failures with GCC and TSAN
* Update buffer start and length in multipart test
* Add testcase to fail multipart cipher tests
* Remove mutex calls in psa_wipe_all_key_slots
* add changelog
* pk_wrap: use proper raw buffer length in ecdsa_sign_psa()
* psa_util: smarter raw length check in mbedtls_ecdsa_raw_to_der()
* Revert "psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()"
* tests: early data status: Add HRR scenario
* tests: early data status: Add "server rejects" scenario
* tests: early data status: Add "not sent" scenario
* tests: ssl: Add scenario param to early data status testing function
* tests: ssl: Add early data status unit test
* tls13: cli: Refine early data status
* tls13: Send dummy CCS only once
* tests: ssl: Use get TLS 1.3 ticket helper for early data test
* tests: ssl: Add helper function to get a TLS 1.3 ticket
* tests: ssl: Add early data handshake option
* tests: ssl: First reset to all zeroes options in init
* tests: ssl: Move group list to options
* suite_psa_crypto_util: use 521 bits data and bit-size instead of 528
* Add comment to set/increment step functions
* Pacify check-names
* suite_psa_crypto_util: make ecdsa_raw_to_der_incremental() more readable
* Improve docs
* add changelog
* Generate poisoning wrappers for AEAD
* Prevent unused warnings in psa_aead_set_nonce()
* Add buffer copying to psa_aead_verify()
* Add buffer copying to psa_aead_finish()
* Add buffer copying to psa_aead_update()
* Add buffer copying to psa_aead_update_ad()
* Refactor: Use wrapper around internal set_nonce()
* Add buffer copying to psa_aead_set_nonce()
* Fix bug in PSA AEAD test
* Add buffer copying to psa_aead_generate_nonce()
* Add buffer copying to psa_aead_decrypt()
* Copy buffers in psa_aead_encrypt()
* Use struct not union
* Improve docs
* Improve gcc guards
* Fix missed case for removing accessor
* Change unaligned access method for old gcc
* tests: early data: Complete the handshake
* Fix builds with secp224k1 as the only curve
* Reduce many unnecessary static memory consumption
* adjust_legacy_from_psa: use groups instead of curves for DH
* psa_util: allow larger raw buffers in mbedtls_ecdsa_raw_to_der()
* rsa: handle buffer length similarly in private and public key parsing
* tests: early data: Switch to mnemonics for test scenarios
* test_suite_psa_crypto_util: improve ecdsa_der_to_raw()
* Fix pkcs5 aes test data
* Add missing dependencies for pkparse tests
* test_suite_psa_crypto_util: add more test cases
* tls13: ssl_msg.c: Improve/add comments
* tls13: srv: Improve coding
* pkg-config: add initial pkg-config files
* test_suite_psa_util: use more generic symbols for test case dependencies
* psa_util: enhance checks on leading zeros in convert_der_to_raw_single_int()
* psa_util: minor performance improvement in mbedtls_ecdsa_der_to_raw()
* psa_util: convert_der_to_raw_single_int() accepts also all zero integers
* psa_util: improve check of raw_len in mbedtls_ecdsa_raw_to_der()
* psa_util: improve documentation for convert_raw_to_der_single_int()
* psa_util: update documentation for mbedtls_ecdsa_der_to_raw()
* psa_util: improve convert_raw_to_der_single_int()
* Correct the ENCODES_OWNER macro name in comment
* psa_util: change parameters order in ECDSA conversion functions
* psa_util: fix documentation of ECDSA conversion functions
* test_suite_rsa: fix data for "extra integer outside the SEQUENCE"
* rsa_internal: fix documentation for mbedtls_rsa_parse_key()
* Revert accidental formatting change
* Restore mutex lock for mbedtls_test_set_step()
* Add calls to BLOCK_CIPHER_PSA_INIT / BLOCK_CIPHER_PSA_DONE
* tests: tls13: Run early data test only in TLS 1.3 only config
* Ignore early data app msg before 2nd client hello
* tls13: srv: Do not allow early data indication in 2nd ClientHello
* tls13: cli: Indicate early data only in first ClientHello
* tls13: srv: Deprotect and discard early data records
* tls13: srv: Add discard_early_data_record SSL field
* Adjust check order
* test_suite_x509parse: remove useless include of rsa.h
* pkparse: fix check for ASN1 errors in mbedtls_pk_parse_subpubkey()
* Add a client view layout for interruptible hash and pake
* Add comments in psa/crypto_struct.h for id layout
* changelog: fix typo
* Smoke tests for mbedtls_pk_get_psa_attributes after parsing
* Fix handling of ECC public keys under MBEDTLS_PK_USE_PSA_EC_DATA
* test_suite_psa_crypto_util: add missing new line at the end of file
* test_suite_rsa: improve key parsing tests for extra data
* Remove unnecessary dependencies from psa_crypto_helpers.h
* Fix line-too-long in script
* Conditionally guard exit label to deter unused label error
* Re-add cipher_encrypt to test wrapper script
* Generate test wrappers for key management
* Protect buffer in psa_export_public_key
* Protect the buffer in psa_export_key
* Protect buffer in psa_import_key
* test_suite_rsa: improve rsa_key_write_incremental()
* pkparse: keep legacy PK error codes when RSA key parsing fails
* Add missing implied usage
* Fix typo in dependency
* mbedtls_pk_get_psa_attributes: opaque: require specified usage
* Fix comment
* Clearer variable names
* Use PSA_INIT with test that requires PSA
* Copypasta
* Copypasta
* Don't use mbedtls_pk_ec in our own code
* Create auxiliary function for repeated code
* Test enrollment algorithm for the non-OPAQUE case
* Minor documentation improvements
* tests: ssl: Adjust early data test
* tls13: srv: Do not use early_data_status
* Revert "tls13: Introduce early_data_state SSL context field"
* tls13: early data: Improve, add comments
* test_suite_rsa: improve rsa_parse_write_pkcs1_key() and rsa_key_write_incremental()
* rsa_internal: update documentation for parse/write functions
* rsa: simplify mbedtls_rsa_parse_pubkey() input parameters
* rsa: rename parse/write functions in order to follow the standard format
* rsa: set parse/write functions out of !RSA_ALT guard
* tls13: srv: Simplify mbedtls_ssl_read_early_data() API
* tls13: early data: Improve documentation
* ssl.h: Fix comments
* tls13: Introduce early_data_state SSL context field
* ssl.h: Simplify guard
* tls13: srv: Reject early data in case of HRR
* Update early data test
* ssl_server2: Add read early data support
* tls13: srv: Add mbedtls_ssl_read_early_data() API
* Update mbedtls_ssl_read_early_data() definition
* Add MBEDTLS_ERR_SSL_RECEIVED_EARLY_DATA error code
* tls13: srv: Move early data size check placeholder
* tls: Add internal function ssl_read_application_data()
* tls13: srv: Refine early data status
* ssl.h: Fix comment
* psa_crypto_rsa: remove unnecessary casting
* changelog: improve descriptions
* test_suite_psa_crypto_util: fix tests for 0-length and one 0x00 byte for r and s
* psa_util: convert_der_to_raw_single_int: ensure the input DER integers have valid length
* Fix test dependencies
* Fix accidental copy paste mistake
* Fix style issues
* Refactor to help future other implementations
* Fix compile warning in tests
* Fix code style issues
* Disable poisoning with PSA_CRYPTO_DRIVER_TEST
* Use TEST_EQUAL instead of TEST_ASSERT where possible
* Fix and add comments in ticket and early data test function
* Make one shot operations thread safe
* Fix PSA init and done macros in TLS unit tests
* Make psa_get_and_lock_X_with_policy threadsafe
* Add a wrapper function for psa_unregister_read
* Explain purpose of test specific write/parse ticket functions
* Make psa_get_and_lock_key_slot threadsafe
* Update psa_get_and_lock_key_slot_in_memory
* psa_util: invert check order for leading zeros in convert_der_to_raw_single_int()
* test_suite_psa_crypto_util: add test with 0-length s
* test_suite_rsa: add test for key write with incremental output size
* Remove state transitions in psa_load_X_key_into_slot
* Fix race condition with test comparison functions
* Wrap get_and_lock_key_slot_in_memory calls in mutex
* test_suite_rsa: add more test cases for RSA key parsing
* Support SHA-512 hwcap detection on old libc
* test_suite_bignum: add test function: mpi_zero_length_buffer_is_null()
* aria: remove leftover in comments
* test_suite_aria: remove NOT_DEFINED dependency from aria_invalid_param()
* Changelog for building SHA-256 and 512 with old libc
* Update ECDSA signature conversion based on experimentation
* test_suite_psa_crypto_util: add test with 0-length for r
* test_suite_psa_crypto_util: alloc/free buffer inside loop in ecdsa_raw_to_der_incremental()
* psa_util: minor improvements to convert_der_to_raw_single_int()
* Refactor all.sh clang version detection code
* Fix comment about verison of clang required for 'build_aes_armce'
* fix build for midipix
* Conditionally guard exit label
* Generate test wrappers
* Implement safe buffer copying in asymmetric signature API
* Switch pk_setup_for_type() to return MBEDTLS_ERR_xxx
* Always call psa_crypto_init when testing mbedtls_pk_get_psa_attributes
* Update preprocessor guard comment
* Update some msg descriptions
* test_psa_compliance: use the last upstream release of psa-arch-tests
* Comment on locking strategy in psa_destroy_key
* suite_psa_crypto_util: add more test cases for DER->RAW
* Make psa_destroy_key threadsafe
* psa_util: remove raw_len param from convert_der_to_raw_single_int()
* suite_psa_crypto_util: add more testing for mbedtls_ecdsa_raw_to_der()
* psa_util: some code improvement to convert_der_to_raw_single_int()
* Update psa_wipe_all_key_slots and document non-thread safety
* Make psa_purge_key thread safe
* Make psa_close_key thread safe
* Use constant_time module from cmac
* bignum: removing usage of MPI_VALIDATE_RET()
* aria: replace ARIA_VALIDATE_RET() with a simple "if" block
* lib: remove NULL pointer checks performed with MBEDTLS_INTERNAL_VALIDATE[_RET]
* test_psa_compliance: add exception for tests using wrong RSA pub key format
* platform_util: remove declarations of MBEDTLS_INTERNAL_VALIDATE[_RET]()
* psa_crypto_ffdh: fix typos
* adjust_legacy_from_psa: use EC pattern for enabling builtin elements of DH
* adjust_legacy_from_psa: optimize legacy enablement also for EC key types
* programs_benchmark: Updated to use `mbedtls_dhm_read_public()`.
* programs_benchmark: Updated to use `mbedtls_dhm_set_group()` & `mbedtls_dhm_get_len()`
* programs_dh_server: Updated to use `mbedtls_dhm_set_group()` & `mbedtls_dhm_get_len()`.
* driver-only-builds: improve a sentence in the HMAC section
* analyze_outcomes: fix typo
* all.sh: fix comment in check_test_dependencies()
* adjust_legacy_crypto: add parenthesis to improve clarity
* Remove already-assmebled Changelog entry
* adjust_legacy_from_psa: improve pattern for enabling internal symbols
* psa_crypto_ffdh: move dhm.h inclusion to c file
* tests: fix `calloc()` argument list (`gcc-14` fix)
* Fix magic numbers in more J-PAKE tests
* Remove now-redundant guard
* Fix 1 forgotten separate input/output buffer
* Use separate input/output buffer. Explain why error is expected
* all.sh: remove MBEDTLS_PEM_PARSE_C exception from check_test_dependencies()
* Depend on legacy RSA key generation for test code
* Implement pick-a-curve when ECP_LIGHT is disabled
* mbedtls_pk_get_psa_attributes: require MBEDTLS_PSA_CRYPTO_C
* Fix Make issues with Everest enabled
* Refactor common PThreads CMake code
* changelog: document RSA parse/write improvements
* test_suite_rsa: extend rsa_parse_pkcs1_key adding tests for public key
* test_suite_[pkparse/rsa]: move RSA private key parsing tests
* test_suite_rsa: improve rsa_parse_write_pkcs1_key() adding more checks
* Generate poisoning in PAKE test wrappers
* Fix magic number buffer length in J-PAKE tests
* Add copying to PAKE input and output
* Add copying in PAKE set peer and user functions
* all.sh: remove MBEDTLS_ASN1_PARSE_C exception from check_test_dependencies()
* asn1: use the new symbol to guard dependencies of ECDSA conversion functions
* psa_util: guard ECDSA conversion functions with proper (internal) symbol
* test_suite_psa_crypto_util: add comments to 512/521 bit size test cases
* test_suite_psa_crypto_util: change curve type for 256bits tests
* psa_util: add variable casting in convert_raw_to_der_single_int()
* psa_util: skip leading zeros in der format with "if" instead of "while"
* all.sh: add exception for ASN1_PARSE_C in check_test_dependencies
* test_suite_psa_crypto_util: split ECDSA test function in two
* psa_util: remove CRYPTO_C guard from ECDSA conversion functions
* psa_util: add include asn1write.h in public header
* test_suite_psa_crypto_util: increase the size of tested integers
* psa_util: minor code improvements
* psa_util: improve description for ECDSA conversion functions
* test_suite_psa_crypto_util: add test function and data for ECDSA conversion functions
* pk_wrap: use PSA util functions for ECDSA conversion instead of PK ones
* psa_util: add raw<->DER ECDSA conversion functions
* test_suite_psa_crypto: fix typo in description
* adjust_legacy_from_psa: use intermediate symbol to enable builtin support
* driver-only-builds: add documentation for HMAC acceleration
* Put the id field at the end of the psa_key_attributes_s structure
* Refactor macros
* all.sh: disable legacy hash support in test_psa_crypto_config_accel_hmac()
* Add test cases on GCM AD, input, IV length
* Add allocate and copy style output buffer handling
* rsa: write documentation of new functions for parse/writing RSA priv/pub keys
* pk_wrap: use RSA module functions to write priv/pub key in RSA wrappers
* all.sh: update common_test_psa_crypto_config_accel_ecc_some_curves()
* config_adjust_legacy: do not auto-enable PK when RSA is enabled in PSA
* rsa: update return values of priv/pub parse/write functions
* Disable MBEDTLS_PSA_CRYPTO_CLIENT in no-PSA builds
* Missing dependency for MBEDTLS_PK_ECDSA
* Minor fixes to locking macros
* Fix the build with MBEDTLS_RSA_ALT
* Allow context types with an ALT version to be linked in Doxygen
* Unify want_private detection
* mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_USE_PSA_EC_DATA
* Allow building with MBEDTLS_PK_USE_PSA_EC_DATA && MBEDTLS_ECP_C
* mbedtls_pk_get_psa_attributes: support MBEDTLS_PK_OPAQUE
* mbedtls_pk_get_psa_attributes: test bad usage value
* mbedtls_pk_get_psa_attributes: ECC support
* mbedtls_pk_get_psa_attributes: RSA support
* mbedtls_pk_get_psa_attributes: force enrollment algorithm off
* Introduce mbedtls_pk_get_psa_attributes
* Add ..._GOTO_EXIT macro
* Add ..._GOTO_RETURN macro
* psa_crypt_rsa: remove dependency from the PK module
* test_suite_psa_crypto: remove tests for importing an RSA key in PEM format
* test_suite_rsa: add some basic testing of new parse/write priv/pub keys
* pk/rsa: move RSA parse/write private/public key functions to rsa module
* Handle sizeof(size_t) > sizeof(uint64_t)
* Fix comment typo
* Update ChangeLog.d/8726.txt
* Limit compiler hint to compilers that are known to benefit from it
* pkwrite: split pk_write_rsa_der() with a dedicated function for non-opaque RSA key
* pkparse: rename RSA key and pubkey parsing functions
* test_suite_entropy: relax MD_C dependency to MD_LIGHT
* cert_[req/write]: add MD_C dependency
* analyze_outcomes: add task for HMAC coverage
* all.sh: add accelerated and reference components for HMAC
* Update the initialization macros
* Add comment on impossible overflows
* Add back restriction on AD length of GCM
* Create 8726.txt changelog entry
* Add a client view of the multipart contexts
* Update entropy_poll.c
* tests: tls13: Run early data test only in TLS 1.3 only config
* tests: tls13: Add early data unit test
* tests: ssl: Move setting of debug callback
* tests: tls13: Add session resume with ticket unit test
* ssl_helpers.c: Add ticket write/parse test functions
* tls13: cli: Fix setting of early data transform
* Access the test data mutex via accessor
* Make test data static now it has accessors
* Remove include of build_info.h
* Fix documentation typos.
* Remove unneeded lines from fuzz/Makefile
* Move MBEDTLS_COMPILER_IS_GCC & MBEDTLS_GCC_VERSION into build_info
* Improve comments
* Add changelog entry
* Set preferences before finding Threads in CMake
* Improve mbedtls_xor docs
* Make mbedtls_xor always inline
* Make unaligned accessors always inline
* Fix unaligned access on old compilers
* programs_dh_client/server: Updated config guards.
* programs_dh_client/server: Changed mdlen type to unsigned integer.
* Move MBEDTLS_COMPILER_IS_GCC defn into alignment.h
* Improve mbedtls_xor for IAR
* Fix typo
* Add empty line in register_read comment
* Move key_slot_mutex to threading.h
* pk: move mbedtls_pk_load_file to pk_internal
* x509: move internal functions declarations to a private header
* debug: move internal functions declarations to an internal header file
* programs_dh_client/server: Updated to query digest size using `mbedtls_md_info_from_type()`.
* programs_rsa_rsa_verify: Updated program to use `mbedtls_rsa_get_len()`
* programs_rsa_rsa_sign: Updated program to use `mbedtls_rsa_get_len()`
* programs_rsa_encrypt/decrypt: Updated programs to use `mbedtls_rsa_get_len()`
* programs_dh_client/server: Updated programs to use `mbedtls_rsa_get_len()`
* programs/dh_client/server: Added entropy source to `mbedtls_rsa_pkcs1_sign()`
* programs/dh_client/server: Replaced mbedtls_sha1 with mbedtls_sha256
* ssl_ciphersuites: move internal functions declarations to a private header
* Document the thread safety of the primitive key slot functions
* Support PSA_ERROR_SERVICE_FAILURE
* Initialize and free the key slot mutex
* Define key_slot_mutex
* generate_tls13_compat_tests: add DH group dependency when FFDH is used
* ssl-opt: add DH groups requirements in test cases using FFDH
* test_driver_key_management: keep mbedtls_test_opaque_wrap_key() private
* changelog: fix typo
* Add underflow check to UNPOISON counter decrement
* Pacify check_files
* Spelling fix
* Use quiet make wrappers from all.sh
* Create quiet wrappers for make and cmake
* all.sh: fix tests with accelerated FFDH
* crypto_config_test_driver_extension: support accelaration of DH groups
* tests: add guards for DH groups
* all.sh: add new component with only DH 2048 bits.
* psa_crypto: do not validate DH groups which are not enabled
* ssl_test_lib: add guards for enabled DH groups
* ssl_tls: add guards for enabled DH key types
* crypto_sizes: adjust PSA_VENDOR_FFDH_MAX_KEY_BITS based on the supported groups
* psa_crypto_ffdh: add guards for enabled domain parameters
* config_adjust: fix adjustments between legacy and PSA
* Separate memory poisoning tests from generic ASan
* Change memory poisoning flag to a count
* Clarify psa_destroy_key documentation
* Request C11 in CMake (but only for tests)
* Open question for ECDSA signature that can be resolved during implementation
* Add a usage parameter to mbedtls_pk_get_psa_attributes
* Resolve several open questions as nothing special to do
* Extend psa_wipe_key_slot documentation
* Implement delayed deletion in psa_destroy_key and some cleanup
* Reference filed issues
* Add header guards
* crypto_config: define feature macros for DH keys
* Reference ongoing work
* typo
* Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO
* add changelog
* Fix test dependencies
* Fix error in ctr_drbg
* Fix ASAN error in test
* Migrate to new RTD redirect format
* Add Changelog
* Add NIST AES-CTR test vectors
* add test for multipart AES-CTR
* Fix parsing of C line comments
* Disable PSA wrappers psa_collect_statuses builds
* PSA wrappers: don't poison buffers when buffer copying is disabled
* Add review exception warning
* Remove the manually written poisoning wrapper
* Update generated PSA wrappers
* Generated PSA wrappers: poison/unpoison buffer parameters
* Enable generated PSA wrappers
* Declare the outputs from generate_psa_wrappers.py as generated files
* Commit generated PSA wrappers
* PSA wrapper generator
* Guard the macro definition
* C function wrapper generator
* Python module to parse function declarations from a header file
* test_suite_psa_crypto: revert known failing checks for [en|de]cryption with opaque keys
* test_driver_asymmetric_encryption: implement opaque [en/de]cryption functions
* test_driver_key_management: make opaque [un]wrapping functions public
* Make gcm counter increment more efficient
* Save 14 bytes in CTR-DRBG
* Use optimised counter increment in AES-CTR and CTR-DRBG
* Add tests for mbedtls_ctr_increment_counter
* Introduce mbedtls_ctr_increment_counter
* Revert change to psa_destroy_key documentation
* Revert change to return behaviour in psa_reserve_free_key_slot
* Return CORRUPTION_DETECTED instead of BAD_SLOT when the slot's state is wrong
* Relax psa_wipe_key_slot to allow states other than SLOT_PENDING_DELETION
* Iterate in 16-byte chunks
* psa_crypto: allow asymmetric encryption/decryption also with opaque keys
* test_suite_psa_crypto: test asymmetric encryption/decryption also with opaque keys
* ssl_tls.c: Factorize save/load of endpoint and ciphersuite
* ssl_ticket.c: Base ticket age check on the ticket creation time
* Add ticket creation time to TLS 1.2 session serialization
* Define ticket creation time in TLS 1.2 case as well
* Fix TLS 1.2 session serialization on server side
* Add endpoint in TLS 1.2 session serialization data
* ssl_session: Define unconditionally the endpoint field
* ssl_ticket.c: Fix ticket lifetime enforcement
* ssl_ticket.c: Remove pedantic server endpoint check
* ssl_ticket.c: Remove TLS server guard
* ssl_ticket.c: Remove client code
* Disable ticket module when useless
* add support for AES-CTR to benchmark
* Only run memory poisoning metatests when poisoning
* Use thread-local flag to enable memory poisoning
* Stop enforcing C99 in CMakeLists.txt
* Add minor cosmetic changes to record size limit changelog and comments
* Change renegotiation test to use G_NEXT_SRV
* Mention PK parse in changelog
* Restore previous version of rsa_pkcs8_pbes2_pbkdf2_2048_3des_sha384.pem
* Do not generate new random number while receiving HRR
* change values to ULL
* Change test data for pkparse aes
* Update Marvin fix Changelog entry
* Improve record size limit changelog wording
* psa_crypto_ecp: remove support for secp224k1
* Change renegotiation tests to work with TLS 1.2 only
* Add AES tests to test_suite_pkparse
* Add more details to comments
* Fix dependencies in pkcs5 aes-128-cbc tests
* fix depends on condition
* add test cases with different hash algs
* add depends on for capacity tests and fix code style
* correct test data
* fix unused variable warning and other fixes
* add bugfix changelog entry
* disable pbkdf2_hmac set max capacity test
* Add tests for derive_full for hkdf_extract, hkdf_expand and ecjpake_to_pms
* Add tests for derive_set_capacity for pbkdf and ecjpake_to_pms
* Change error status for invalid HKDF alg
* Add hkdf_extract, hkdf_expand and ecjpake_to_pms cases
* Increase input parameter type and buffer size
* Add kdf_set_max_capacity function
* Reorder and correct comment
* add tests for derive_full and derive_set_capacity
* Fix psa_key_derivation_setup_kdf
* Fix warning in ssl_tls13_generic.c
* Change order of checking of record size limit client tests
* Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to config_adjust_ssl.h
* Revert "Make sure record size limit is not configured without TLS 1.3"
* Make sure record size limit is not configured without TLS 1.3
* Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to full config
* Move record size limit testing to tls13 component
* Add tests for client complying with record size limit
* Improve comments across record size limit changes
* update record size limit tests to be more consistent
* Add Changlog entry for record size extension
* Improve record size limit tests
* Fix issue in checking in writing extensions
* remove mbedtls_ssl_is_record_size_limit_valid function
* Stop sending record size limit extension if it's not sent from client
* Change record size limit writing function
* TLS1.3: SRV/CLI: add support for sending Record Size Limit extension
* tls13: server: write Record Size Limit ext in EncryptedExtensions - add the support in library - update corresponding test cases.
* tls13: cli: write Record Size Limit ext in ClientHello
* ssl_tls13_generic: check value of RecordSizeLimit in helper function
* tls13: add generic function to write Record Size Limit ext
* Add new lines before lists
* Fix typos / improve syntax
* Add ability to exclude mutex from tests
* Protect test info access with mutex
* Move bignum flag for negative zero into test_info
* Add required dependency to the testcase
* Remove unneeded testcase
* Update test-data to use SIZE_MAX
* Add missing newline at the end of test_suite_x509write.data
* Update fix to be more platform-independent
* Fix Issue #8687
* Add tests for Issue #8687
* psa_util: rename parameter of mbedtls_ecc_group_from_psa
* psa_util: update documentation for PSA conversion functions
* changelog: improve wording
* changelog: improve wording
* psa_crypto_ecp: fix comment for secp224k1 in check_ecc_parameters
* test_suite_psa_crypto: test also MBEDTLS_ECP_DP_MAX in ecc_conversion_functions_fail()
* psa_util: update documentation of EC conversion functions
* psa_util: remove support for secp224k1 in EC conversion functions
* psa_crypto_ecp: return unsupported for secp224k1 in check_ecc_parameters()
* test_suite_psa_crypto: improve failing tests for EC conversion functions
* test_suite_psa_crypto: add test case for ECP conversion with null values
* psa-transition: update "Elliptic curve mechanism selection" section
* changelog: fix working
* psa_util: properly handle secp224r1 private key size
* changelog: add missing newline
* test_suite_psa_crypto: explicitly check return values of conversion functions
* psa: let mbedtls_ecc_group_from_psa() accept only exact bit lengths
* psa-transition: extend "Elliptic curve mechanism selection"
* changelog: added documentation for the 2 new public functions
* test_suite_psa_crypto: add test functions and cases for ECC conversion functions
* psa_util: update the documentation of ECC conversion functions
* psa_crypto_ecp: add helper for checking EC parameters
* psa: remove bits_is_sloppy parameter from mbedtls_ecc_group_from_psa()
* psa: rename "mbedtls_ecc_group_of_psa" to "mbedtls_ecc_group_from_psa"
* Improve wording & fix typos
* Revert "psa_util: add algorithm's availability checks for MD conversion functions"
* Revert "test_suite_md: improve md_to_from_psa() test function and related data"
* Revert "psa_util: fix typo in comment"
* mbedtls_config: update documentation for CIPHER_C and CRYPTO_C
* adjust_legacy_crypto: auto-enable CIPHER_C when any builtin cipher is enabled in PSA
* Revert "check_config: add check for PSA builtin unauthenticated ciphers"
* mbedtls_config: extend documentation for MBEDTLS_PSA_CRYPTO_C
* check_config: add check for PSA builtin unauthenticated ciphers
* Update architecture doc for cipher dual dispatch
* Quickly mention the status of RSA accel
* Rename tests components for clarity
* Rename test components to better reflect content
* Clarify CCM/CM with partial accel
* Update ChangeLog for CCM/GCM improvements
* Consolidate ChangeLog entries about CIPHER_C
* Allow programs/fuzz to be linked against pthread
* Enable common.make to be included by programs/fuzz
* Link programs with pthread via cmake
* Use new thread abstraction for ctr_drbg tests
* Add test thread create/join abstraction
* Migrate to threading_helpers.h
* Use mbedtls_test_info accessors internally as well
* Add accessor helpers for mbedtls_test_info
* psa_util: fix typo in comment
* Update mbedtls_ssl_get_output_record_size_limit signature
* changelog: improve wording
* Update mbedtls_psa_get_stats
* Update psa_wipe_all_key_slots
* Replace psa_unlock_key_slot calls in operations which act on FULL slots
* Update psa_load_X_key_into_slot
* Update psa_destroy_key, psa_purge_key and psa_close_key
* Update psa_get_and_lock_key_slot_X functions
* Update key creation functions to use the new key slot states
* Update and rename psa_get_empty_key_slot
* Implement psa_key_slot_state_transition
* Implement psa_register_read and psa_unregister_read
* Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied
* Update psa_wipe_key_slot
* Update psa_key_slot_t
* Add config dependencies to record size tests
* changelog: improve wording
* changelog: rename changelog file to reflect the number of the related issue
* Indicate which curves Mbed TLS supports
* Note unusual curve size
* Fix typo in curve name
* Add test data for secp192r1
* Fix mixup between secp224r1 and secp224k1 in test scripts
* driver-only-builds: fix typo
* Remove useless guards on MBEDTLS_BIGNUM_C
* Move MBEDTLS_CIPHER modification to appropriate section
* Fix MBEDTLS_NO_PLATFORM_ENTROPY for baremetal aarch64 with armclang
* Update check_files.py to accomodate non-standard license headers in TF-M config files
* minor tidy-up
* Mention copyright in the readme
* Use verbatim TF-M configs from upstream
* Add supporting files to enable use of verbatim TF-M config
* Unify MBEDTLS_TEST_OBJS
* Fix name in documentation
* Minor readability improvement
* Finish unifying LOCAL_CFLAGS
* Improve readability of null-argument tests
* Make input parameter const
* adjust_legacy_from_psa: relax condition for legacy block cipher auto-enabling
* cipher_wrap: fix guards for some CCM/GCM functions
* psa-transition: update with MD translation functions
* changelog: document MD's conversion functions
* test_suite_md: improve md_to_from_psa() test function and related data
* psa_util: add algorithm's availability checks for MD conversion functions
* library/tests: replace md_psa.h with psa_util.h as include file for MD conversion
* md: move PSA conversion functions from md_psa.h to psa_util.h
* Clarify PSA-to-PK copy intent
* Resolve ECDSA conversion API: don't use an ASN.1 interface
* Our TLS 1.3 API doesn't actually require PSA key identifiers
* Minor clarifications
* all.sh: keep PSA_WANT_ALG_[CCM/GCM] enabled in common_block_cipher_dispatch()
* Fix Max fragmen length test to use TLS 1.2 maximum output size
* Fix TLS 1.2 test to use TLS 1.2 maximum output size
* all.sh: keep DES_C and CTR_DRBG_C enabled in test_full_no_cipher_with_crypto()
* Adjust TLS 1.3 tests to new maximum output changes
* oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
* all.sh: keep PKCS[5/12] enabled in full_no_cipher test components
* changelog: enhance description
* driver-only-builds: enhancing cipher related sections
* driver-only-builds: fix typos
* analyze_outcomes: ignore only test concerning AES/ARIA/Camellia in CMAC
* test_suite_cmac: add used key type to all test cases
* Add warning for PKCS 1.5 decryption
* Improve Record size limit testing
* Refactor and improve Record size limit handling
* analyze_outcomes: update skipped tests following latest changes to all.sh
* all.sh: keep legacy cipher modes enabled in test_full_block_cipher_legacy_dispatch()
* psa: add key_type as input parameter of psa_can_do_cipher()
* test_suite_block_cipher.psa: remove misleading initial comment
* check_config/block_cipher: minor improvements
* analyze_outcomes: update comments of skipped tests
* driver-only-builds: updated ciphers and AEADs related sections
* changelog: update description
* all.sh: fix messages in test_psa_crypto_config_accel_des
* mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C
* use mbedtls_ssl_session_init() to init session variable
* Fix typo
* RSA: improve readability
* RSA: remove unneeded temporaries
* RSA: document Montgomery trick in unblind
* Asymmetric cryptography: rough draft
* Changelog entry for the new ECP functions
* Add ECP-heavy-only test cases to the driver parity analysis ignore list
* Declare dependency on bignum in sample programs
* Use new mbedtls_ecp_keypair functions in sample programs
* New function mbedtls_ecp_write_public_key
* Rename variable that's a C++ keyword
* mbedtls_ecp_read_key: explain how to set the public key
* New function mbedtls_ecp_keypair_calc_public
* New function mbedtls_ecp_set_public_key
* Promise mbedtls_ecp_read_key doesn't overwrite the public key
* Support partial export from mbedtls_ecp_keypair
* New function mbedtls_ecp_keypair_get_group_id
* Correct name and documentation of preprocessor symbol check function
* Allow *.make to contain tabs
* Explain the use of control
* Revert "Add option to pass make variables to depends.py"
* Revert "Add ability to pass make variables to psa_collect_statuses.py"
* Auto-detect the need to link with pthread on Unix-like platforms
* Unify some common rules of programs/Makefile and tests/Makefile
* Unify common variables of programs/Makefile and tests/Makefile
* Create common.make with LOCAL_CFLAGS and friends
* Partly unify LOCAL_CFLAGS
* Unify treatment of MBEDTLS_TEST_OBJS
* Indent nested conditionals
* driver-only-builds: update documentation
* fix line length
* all.sh: keep PKCS[5/12] enabled in accel_cipher_aead tests
* check_config: remove CIPHER_C requirement for PKCS[5/12]
* pkcs[5/12]: add CIPHER_C for [en/de]crypting functions
* driver-only-builds: fix typos
* Fix code style in ssl_tls.c
* Refactor record size limit extension handling
* Mention functional correctness explicitly
* driver-only-builds: add Restrictions section
* Clarify key generation and memory-management correctness
* changelog: enhancing descriptions
* driver-only-builds: enhancing section on removing CIPHER_C
* driver-only-builds: fix typos
* Only poison memory when buffer copying is enabled
* Add all.sh coponent to test with copying disabled
* fix/work around dependency issues when !MBEDTLS_ECP_C
* changelog: fix missing newline at end of file
* pk_*: remove remaining references to MBEDTLS_PSA_CRYPTO_C
* non-psa-pk-implementation: rephrase the changelog entry
* pk: remove last references to MBEDTLS_PSA_CRYPTO_C
* pk_wrap: remove last references to MBEDTLS_PSA_CRYPTO_C
* pk test suite: rename the parameter named parameter
* rsa: introduce rsa_internal_rsassa_pss_sign_no_mode_check()
* pk: implement non-PSA mbedtls_pk_sign_ext()
* gitignore: add clangd index files
* rsa: minor comment/guard improvements
* driver-only-build: remove paragraph about RSA/DH deterministic key generation
* Invert note about buffer overlap support
* analyze_outcomes: add exceptions to disparities for block_cipher dispatch
* analyze_outcomes: allow ignored test suites to have a dot in the name
* test_suite_ccm: add missing BLOCK_CIPHER_PSA_[INIT/DONE]()
* tests: use new CCM/GCM capability macros in tests
* adjust_legacy_crypto: add macros for CCM/GCM capabilities with key types
* cipher_wrap: fix guards for alloc/free functions of CCM/GCM
* all.sh: disable legacy AES/ARIA/CAMELLIA in test_full_block_cipher_psa_dispatch
* Work around clang 3.8 bug
* Don't use full path for setting CC
* Use gcc in test_full_deprecated_warning
* Disable automatic setting of clang target flags on old clang
* Add -O2 to some CFLAGS which were not setting it
* Don't specify gcc unless the test requires it
* Use clang -O2 in common_block_cipher_no_decrypt
* Enable -O2 in depends.py
* Note that domain parameters are not supported with drivers
* Remove DSA and DH domain parameters from the documentation
* all.sh: rename test_psa_crypto_config_accel_cipher to accel_des
* changelog: add changelog for accelerated ciphers and AEADs
* pkwrite: add newlines when calling mbedtls_pem_write_buffer()
* Revert "pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()"
* Use gcc in test_psa_compliance
* Ensure test_psa_compliance uses gcc
* Document the domain_parameters_size==SIZE_MAX hack
* Ensure clang is present
* Use clang by default
* Add AES_PSA_INIT() to thread test case
* Add missing newline at end of file
* Add extra MBEDTLS_PSA_CRYPTO_C guard for header
* driver-only-builds: add section for accelerated ciphers/AEADs
* Move test dependancies to function file
* Remove unnecessary check
* Improve make pthread linking mechanism
* Remove requirement for SHA512 from ctr_drbg test
* Remove explicit linking of PThread in make
* Add ability to pass make variables to psa_collect_statuses.py
* Add option to pass make variables to depends.py
* Remove warning with GCC 12 and TSan
* Make TSan test run operate on full config
* Make number of threads a test argument
* Increase entropy buffer sizes
* Guard tests correctly
* Fix code style
* Explicitly link tests with pthreads
* Fix false claim of variables used unitialised
* Add TsanDbg, standardise Tsan with other sanitisers
* Add re-seeding option to test
* Fix missing include
* Fix failing multi-threaded unit test
* Add multi-threaded unit test
* Add tsan to all.sh
* Add cmake build type for tsan
* Set OpenSSL/GnuTLS variables in release components
* all.sh: Parse arguments before checking if a test is supported
* Remove accidental addition of MBEDTLS_TEST_HOOKS
* Improve guards around memory poisoning setup
* Document release components in all.sh
* block_cipher: remove psa_key_type from mbedtls_block_cipher_context_t
* Make check_files ignore png files in docs
* Justify linearization points
* Undo accidental change
* Add explanatory comment
* Fix a typo
* Use gcc for -m32 Asan builds
* Fix unused function/variable warnings from clang
* Use clang as default compiler for Asan
* Tweak the behaviour of copy handling macros
* Add missing newline at end of file
* analyze_outcomes/all.sh: add reference component and entry for coverage comparison
* all.sh: keep CIPHER_C enabled in test_full_block_cipher_psa_dispatch()
* ccm/gcm: use BLOCK_CIPHER whenever possible
* adjust_legacy_crypto: enable BLOCK_CIPHER also when a driver is available
* test_suite_block_cipher: fix unused variable when !MBEDTLS_BLOCK_CIPHER_SOME_PSA
* config_adjust_legacy_crypto: fix typo
* block_cipher: use PSA_BITS_TO_BYTES() in mbedtls_block_cipher_setkey()
* block_cipher: add MBEDTLS_PRIVATE to new PSA fields in mbedtls_block_cipher_context_t
* all.sh: keep PSA_WANT_ALG_[GCM/CCM] enabled in test_full_block_cipher_psa_dispatch()
* block_cipher: remove useless use of psa_cipher_operation_t
* test_suite_block_cipher: add new data file for PSA/legacy dispatch test
* tests: add PSA_INIT/PSA_DONE to CCM and GCM test suites
* all.sh: add new component for block_cipher dispatch to PSA
* crypto_builtin_composites: add missing guards for includes
* check_config: use new helpers for legacy GCM_C/CCM_C
* adjust_legacy_crypto: add helpers for block ciphers capabilities
* psa_crypto: add internal helper to signal that cipher driver is ready
* psa_util: add error translations from PSA to cipher
* block_cipher: add PSA dispatch if possible
* Build with -O2, but without assembly
* Revert back checking on handshake messages length
* Revert "Skip checking on maximum fragment length during handshake"
* Add note about support for buffer overlap
* Move wrapper include to psa_crypto_helpers.h
* Move test hook setup and teardown to helpers.c
* Move test hook setup functions into a C file
* Redesign local copy handling macros
* changelog: add changelog for move of mbedtls_ecc psa helper functions
* Link directly to the state transition diagram
* Add some clarifications in thread_safety.md
* Fix transitions in diagram
* Remove redundant use of -O2 with ASAN_FLAGS
* Make clienthello comment clear
* Change how the state transition diagram is stored
* library: Move mbedtls_ecc helper functions to psa_util
* Fix compile warning from IAR
* Add MBEDTLS_BSWAPxx intrinsics for IAR
* Better definition of MBEDTLS_IS_BIG_ENDIAN for IAR
* md-cipher-dispatch: editorial improvements
* Put local output status in scope
* Remove spaces around token-pasting macro operator
* Clarify psa_constant_names
* Correct and clarify discussion of AES-CMAC-PRF-128
* Fix some MAC-related function names
* library: Remove unused psa_crypto_core.h include
* Make return statuses unique in FREE_LOCAL_OUTPUT()
* Improve FREE_LOCAL_INPUT() and FREE_LOCAL_OUTPUT()
* Add comment explaining the purpose of header
* Add more information to comment on test hooks
* Add missing license header
* Remove unnecessary include directory from CMake
* Add MBEDTLS_PSA_COPY_CALLER_BUFFERS config option
* Use macros to manage buffer copies
* Remove write check in driver wrappers tests
* Change to use test-hook-based approach
* Copy input and output in psa_cipher_encrypt()
* Create memory poisoning wrapper for cipher encrypt
* Add explicit UNPOISON calls to memory tests
* Add memory poisoning hooks
* Fix CI failure of uninitialized fp
* Avoid use of `ip_len` as it clashes with a macro in AIX system headers
* Move MPI initialization to start of function
* Revert to ae952174a7 and addressing some comments
* Use existing variable containing full path
* Update comments
* Adjuest checks in generate_key_rsa suite
* Error out when get domain_parameters is not supported
* Fix style
* Make local function static
* Add Changelog for the Marvin attack fix
* Error out if script is missing when collecting test cases
* Revert "Catch ScriptOutputError in analyze_outcomes.py"
* Add tls13 in ticket flags helper function names
* fix-tls13-server-min-version-check.txt: rephrase ChangeLog
* tl13: srv: improve comment
* tls13: srv: return BAD_PROTOCOL_VERSION if chosen unsupported version
* tls13: srv: improve DEBUG_MSG in case of TLS 1.2 disabled
* tls13: srv: replace with internal API to check is_tls12_enabled
* Fix wrong format in the function doc
* Reword return value description for mbedtls_ssl_tls13_is_kex_mode_supported
* Add "_is_" to functions ssl_tls13_key_exchange_.*_available
* Consistent renaming
* tls13: srv: rename mbedtls_ssl_tls13_check_kex_modes
* Consistent renaming
* tls13: rename mbedtls_ssl_session_check_ticket_flags
* tls13: srv: rename ssl_tls13_ticket_permission_check
* tls13: rename mbedtls_ssl_conf_tls13_check_kex_modes
* tls13: change return value of mbedtls_ssl_conf_tls13_check_kex_modes
* tls13: rename ssl_tls13_check_*_key_exchange functions
* Skip checking on maximum fragment length during handshake
* Fix potential double-free in calloc selftest
* Small clarifications in documentation
* Update cipher light -> block cipher definition
* Move psa-thread-safety.md
* Add graph
* Update psa-thread-safety.md
* Fix a typo
* Remove test_psa_crypto_config_accel_rsa_signature
* Fix various issue
* Remove the duplicate cases and add early_data_file option
* Add the test framework of early data
* Open the file once read in the file path
* Add one test case with early_data_file
* Read early data file
* Revert the early data test case
* Add read early data code
* Rework to revert the early_data enabled flag
* Add analyze_driver_vs_reference_rsa for analyze_outcomes
* Conditionally check the attribute of generated RSA key
* Correctly use asymmetric encrypt/decrypt driver
* Add components to test crypto_full w/wo accelerated RSA
* Fix possible integer overflows before widening
* ssl_tls12_server: do not export/import opaque keys
* Add record size checking during handshake
* Comply with the received Record Size Limit extension
* Do not run Valgrind tests in PR jobs
* driver-only-build: update AEADs section
* config-tfm: fix typo in comment
* changelog: fix typos and working
* Enable early data depend on whether the early data file exist
* pk: guard key enrollment function with PSA_CRYPTO_CLIENT
* remove misbehavior tests and code
* Some minor improvement
* change prototype of `write_early_data_ext`
* remove assignment for `session->max_early_data_size`
* fix various issue
* Add missing debug message
* add ticket max_early_data_size check
* share write_early_data_ext function
* improve comments of new session ticket
* set max_early_data_size of ticket to keep consistent
* Add max_early_data_size check
* Revert "change max_early_data_size source"
* Revert "set init value for max_early_data_size in session"
* change max_early_data_size source
* set init value for max_early_data_size in session
* improve early data comments
* replace ticket permission set
* replace early data permission check
* add early data flag check function
* fix various issues
* rename nst early data write function
* Add tests for ticket early data permission bit
* Enable multi max_early_data_size value for connections
* Add early data permission check
* add early data extension of NST
* ssl_tls12_server: export/import PK parsed key in TLS side
* Sync the early_data option with internal parameters in ssl_client2
* pkparse: do not set key algorithm for Montgomery keys in pk_ecc_set_key()
* Remove the generic file read functions and simply the early data read
* Refine the detect code to enable early data or not
* Rename the generic read functions to ssl_read_file_text
* Improve the comments of early data input
* Add a section about ALT implementations
* revert output message which used by testing
* ChangeLog: add fix-tls13-server-min-version-check.txt
* pk_wrap: try both ECDSA signature schemes in ecdsa_sign_psa()
* Change early data flag to input file
* fix ci test failure
* fix various issues
* Add a generic section about key management
* More information about output buffer sizes
* Diffie-Hellman: several clarifications and corrections
* Note a few things about PAKE (thanks Manuel)
* Use "workflow" rather than "flow" for clarity
* typos and minor clarifications
* fixup! Correct function names prefixes where they diverge from module names
* pkwrite: minor code reshape
* config-tfm: disable CIPHER_C
* test_suite_block_cipher: fix depends_on for Camellia tests
* driver-only-builds: update documentation for AEADs
* changelog: add changelog for AEAD support without CIPHER_C
* Remove leftover code from initial changelog support
* test_driver_key_management: rename counter for export_public_key() hits
* test_driver_cipher: add forced return status for encrypt and set_iv
* test_suite_psa_crypto_driver_wrappers: add counter for failing psa_cipher_update()
* crypto_extra: revert changes to mbedtls_psa_random_free()
* test_suite_psa_crypto_driver_wrappers: fix missing hit counter reset before test
* test_suite_psa_crypto_slot_management: modify check on open key slots
* mbedtls_config: update descriptions of MBEDTLS_CTR_DRBG_C and MBEDTLS_PSA_CRYPTO_C
* test_suite_psa_crypto_driver_wrappers: add counter for cipher_update()
* test_suite_psa_crypto_driver_wrappers: improving driver access counters
* test_suite_psa_crypto_slot_management: some fix for available key slots
* test_suite_[ctr_drbg/random]: initialize/close PSA in tests
* psa: free RNG implementation before checking for remaining open key slots
* ctr_drbg: add alternative PSA implementation when AES_C is not defined
* check_config: fix requirements for CTR_DRBG
* all.sh: keep CTR_DRBG enabled in test_psa_crypto_config_accel_cipher_aead()
* ssl-opt: test handshake for TLS 1.2 only cli with TLS 1.3 only srv
* tls13: srv: check tls version in ClientHello with min_tls_version
* test_suite_debug.function: check return value for _config_defaults
* ssl_helpers: remove guard for rng_get()
* tls12 & tls13 server: remove RNG check in `write_server_hello`
* ssl_client: remove RNG check in `write_client_hello`
* test_suite_debug.function: configure RNG to address test failure
* test_suite_ssl.function: configure RNG to address test failure
* ssl_helpers: make rng_get available for other test cases
* send unexpected alert when not received eoed or app during reading early data
* Send decode error alert when EOED parsing fail
* fix various issues
* Fix bad whitespace in keyword argument assignment
* Use guess_mbedtls_root in Mbed-TLS-only script
* Modify crypto_core_directory to also return a relative path
* pkcs[5|12]: use cipher enums for encrypt and decrypt
* tls13: early_data: cli: check a PSK has been selected in EE
* Remove unused code
* Shortening a comment line Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562
* Remove trailing whitespace
* tls13: early_data: cli: improve comment
* tls13: early_data: cli: improve comment
* improve comments and output message
* print received early application data
* switch inbound transform to handshake
* implement parser of eoed
* implement coordinate of eoed
* Add dummy framework of eoed state
* empty process_end_of_early_data
* tls: check RNG in ssl_conf_check when calling mbedtls_ssl_setup
* re-introduce process_wait_flight2
* remove wait_flight2 state
* tls13: early_data: cli: improve comment
* tls13: early_data: cli: remove guard to fix failure
* Minor clarification
* typo
* Update PBKDF2 availability for 3.5
* Correct function names prefixes where they diverge from module names
* Be more informative about "No change"
* Introduce guess_tf_psa_crypto_root
* Introduce guess_mbedtls_root
* Rename variable for better clarity
* Improve documentation of crypto_core_directory
* Rename project_crypto_name
* That's not what mbedtls_ecdh_get_params does
* Correct lists of sign/verify functions
* Corrections and clarifications around asymmetric key formats
* Editorial corrections
* Remove redundant check
* Explain interruptible operations
* Use MBEDTLS_HAVE_NEON_INTRINSICS in aesce
* tidy up macros in mbedtls_xor
* Catch ScriptOutputError in analyze_outcomes.py
* Move script outputs handling to collect_from_script
* tls13: early_data: cli: rename early_data parser in nst
* Revert "tls13: early_data: cli: remove nst_ prefix"
* itls13: early_data: cli: improve comment
* pkwrite: fix return value in pk_get_type_ext()
* pkparse: make pk_internal.h always available
* tls13: early_data: cli: assign ciphersuite properly
* Say who to contact
* Fix typos and make minor style improvements
* Allow PSA test cases to depend on test conditions
* Use the existing definition of __func__
* Protect against compiler optimizations
* Memory poisoning: meta-test writes as well as reads
* Avoid unused variable warnings in some plausible usage
* Use the existing definition of MBEDTLS_TEST_HAVE_ASAN
* Port to platforms where printf doesn't have %zu
* Fix MSVC build failure
* Basic functional test for memory poisoning
* Fix memory poisoning with Asan on arbitrary byte boundaries
* Add memory poisoning framework
* New files for memory-related test functions
* pkwrite: some reshaping for Montgomery keys in mbedtls_pk_write_pubkey_der()
* pkwrite: simplify management of opaque keys
* Some improvements
* Automatically set MBEDTLS_NO_PLATFORM_ENTROPY in TF-M config
* Move MBEDTLS_BLOCK_CIPHER_NO_DECRYPT to correct section
* Remove references to 3.4
* Add rules to check script test case listing
* fix wrong gcc version check
* add non-gcc arm_neon support
* pk_internal: small renaming for mbedtls_pk_get_group_id()
* improve document
* Use the outputs as keys if the test case is defined in a script
* Print suite name when listing test cases
* Guards neon path
* Revert "fix build warning with arm64 gcc 5.4"
* Use boolean `hit` instead of int `hits`
* Expand on the removal of RNG boilerplate
* Add links to newly added functions
* typos
* Align forced ciphersuite with test description
* ssl-opt.sh: Remove unnecessary symmetric crypto dependencies
* Use common license header
* Update tests to refer to our tf-m config wrapper
* Clarify "functions that facilitate the transition"
* pk: move functions to verify RFC8410 group ID to pk_internal
* Create legacy-API bridge API design document
* ssl-opt.sh: Fix some symmetric crypto dependencies
* ssl-opt.sh: Add a check of the list of supported ciphersuites
* Disable hw AES on Arm for IAR
* pkwrite: add internal defines for proper key buffer sizes
* pkwrite: reorganize code
* check_config: fix guards for PSA builtin implementation of cipher/AEAD
* adjust_psa_from_legacy: add required CIPHER_C dependencies
* all.sh: re-enable CCM/GCM in test_full_no_cipher_with_crypto[_config]()
* Use latest TF-M config with bare-minimum changes
* We no longer need to undef ALT defines
* Simplify test for building P256-M
* Update tf-m tests in all.sh for P256-M
* Add comment to read_outcome_file in analyze_outcomes.py
* Add type annotations to analyze_outcomes.py
* pk: use common header/footer macros for pkwrite and pkparse
* pem: auto add newlines to header/footer in mbedtls_pem_write_buffer()
* Run tests for ref_vs_driver outside task function
* fix build warning with arm64 gcc 5.4
* Define named tuple for component outcomes
* Use mutable set all the time
* Check if driver_component is missing
* Break the loop when case hits
* Improve readability of the script
* Extend the pattern of pkparse test on encrypted keys
* Skip calloc overallocation test case
* tf-m config: update and enable BLOCK_CIPHER_NO_DECRYPT
* mbedtls_config: improve documentation for BLOCK_CIPHER_NO_DECRYPT
* Add better documentation for mbedtls_test_mutex_mutex
* Revert change that removed in_tf_psa_crypto_repo variable
* Remove unused variable
* Make function calls consistent
* Add documentation for new public functions
* Use os.path.join in crypto_core_directory
* Fixed compilation for Haiku OS Related to: https://github.com/Mbed-TLS/mbedtls/issues/8562
* Fix comment typos
* Ensure mutex test mutex gets free'd
* Revert "Refactor `psa_load_persistent_key_into_slot` to remove bad `goto`"
* Refactor `psa_load_persistent_key_into_slot` to remove bad `goto`
* ssl-opt.sh: Fix getting the list of supported ciphersuites.
* Improve description of psa_crypto_input_copy_alloc
* Use initializers in alloc functions
* Add casts to local input / output initializers
* all.sh: export LC_COLLATE=C for sorting in ASCII order
* tls13: early_data: cli: remove nst_ prefix
* Introduce project_crypto_name in build_tree.py
* Make use of crypto_core_directory function in script
* tls13: early_data: cli: optimize code
* block_cipher_no_decrypt: improve comment
* all.sh: check_test_dependencies: add one more option
* Improve comments and variable naming
* Restruct the structure of outcome file presentation
* Share parsed outcomes among tasks when ananlyzing
* Rename guess_mbedtls_root to guess_project_root
* MSan and TSan complain as well, not just ASan
* Improve implementation of crypto_core_directory
* Disable check_mbedtls_calloc overallocation under ASan
* Detect enabled GCC/Clang sanitizers
* Remove initial changelog entry creation support
* Replace repo_root with project_root
* Make use of new crypto_core_directory function
* Remove useless line
* prepare_release: sed querry change to strip whitespace
* tls13: early_data: fix wrong debug_ret message
* tls13: nst early_data: remove duplicate code
* TLS Suite B fix: add ChangeLog entry
* ssl_tls: improve readability in ssl_*_preset_*_sig_algs
* Update tests to the code status
* Add server side end-of-early-data handler
* Add wait flight2 state.
* Add early transform computation when accepted
* tls13: fix a wrong RFC reference section
* ssl_tls: remove RSA sig-algs in ssl_tls12_preset_suiteb_sig_algs
* ssl_tls: remove RSA sig-algs in ssl_preset_suiteb_sig_algs
* ssl_tls: remove unnecessary guard
* ssl_tls: return correct error code if mbedtls_calloc fails
* tls13-misc: cli: check parser of max_early_data_size ext
* tls13: early_data: support to parse max_early_data_size ext
* Add casts for NEON
* misc type fixes in ssl
* Use standard byte conversion fns in lms
* Use MBEDTLS_GET_UINTxx_BE macro
* Fix types in entropy_poll.c
* Use size_t cast for pointer subtractions
* Enable to specify the name of the project in the changelog
* Initial changelog support for changelog assembling
* Fix the build with gcc-12 -Wuse-after-free
* Fix status assignments when loading persistent keys
* Extend blinding to RSA result check
* Make RSA unblinding constant flow
* Change if to switch case
* replace check string
* various improvement
* improve readability
* improve code style
* Guards ticket_creation_time
* improve document
* Add freshness check information into document
* Add maximum ticket lifetime check
* fix build failure
* fix various issues
* rename ticket received
* rename `ticket_creation` to `ticket_creation_time`
* Add maximum ticket lifetime check
* Update document of ticket age tolerance
* Change the bottom of tolerance window
* Cleanup ticket negative tests.
* improve comments
* guards ticket creation field
* update tests
* Replace `start` with `ticket_creation`
* Add ticket_creation field
* fix various issues
* Replace c99 fmt macro
* Add changelog entry for anti_replay_fail
* change time unit of ticket to milliseconds
* Rename "output_copy" -> "local_output"
* Rename "input_copy" -> "local_input"
* ccm/gcm: improve code maintainability
* De-abbreviate "len" -> "length"
* Change psa_crypto_copy_output error code
* Add initializers for input / output copies
* [cipher.h] Arithmetic overflow in binary left shift operation (MBEDTLS_KEY_BITLEN_SHIFT)
* added changelog
* Remove unnecessary checks for NULL-ness of copies
* Check for len == 0 rather than buffer == NULL
* Fix code style in psa_crypto_core.h
* Compare buffers even for zero-length cases
* Use TEST_CALLOC_NONNULL
* Change data pattern to simpler one
* Introduce demo script for PSA hash program
* Introduce function to return library/core directory
* Explicitly indicating when private fields are accessed in benchmark.c.
* Alternative Timing compatible benchmark.c
* Rename mutex->is_valid to mutex->state
* Make threading helpers tests thread safe
* Move handling of mutex->is_valid into threading_helpers.c
* Add benchmark for RSA 3072.
* Improve explanations of what bad thing a metatest does
* Uniformly use MBEDTLS_THREADING_C guards
* Only set slot to OCCUPIED on successful key loading
* ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones
* tls: fix unused parameter in mbedtls_ssl_cipher_to_psa
* check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C
* adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined
* Change the test messages
* ssl: move MBEDTLS_SSL_HAVE_XXX to config_adjust_legacy_crypto.h
* all.sh: re-enable CCM/GCM in test_full_no_cipher()
* ssl_tls: add missing guard for mbedtls_ssl_cipher_to_psa
* Add missing PSA init
* Remove redundant NULL check
* Skip call to memcpy if buffer length is zero
* Make copy functions static-testable
* Rename variables in script
* Fix unintentional direct use of memcpy()
* Readability improvement
* Update PSA init for md-ligt
* Update to TEST_EQUAL macros for easier debuggability
* all.sh: enable compat.sh testing in psa_crypto_config_[accel/reference]_cipher_aead
* psa_exercise_key: add missing #else for KNOWN_SUPPORTED_BLOCK_CIPHER
* ssl_misc: remove DES from the list of key types supporting CBC
* changelog: use better wording and modify changelog section
* all.sh: disable CCM_STAR_NO_TAG in test_psa_crypto_config_accel_aead()
* ChangeLog: add change log for CCM/CCM* coupling removal
* psa_exercise_key: replace legacy symbols with PSA_WANT ones
* all.sh: improve components for without CCM/CCM*
* adjust_legacy_from_psa: fix comment
* test_driver_extension: fix acceleration support for CCM and CCM*
* all.sh: accelerate also CCM* in test_psa_crypto_config_accel_cipher_aead
* all.sh: add test components for no-CCM and no-CCM*
* adjust_legacy_from_psa: treat CCM and CCM* separately
* adjust_config_synonyms: make CCM and CCM* indipendent
* improve document
* improve document
* Remove trailing whitespace
* Call the right function
* Update library/constant_time_impl.h
* Update library/constant_time_impl.h
* Stylise TF-PSA-Crypto correctly
* Refactor repository detection
* Apply correct license to generate_driver_wrappers.py
* Remove further extraneous whitespace in lcov script
* Further modify check-generated-files.sh
* Modify generate_driver_wrappers.py to work in both repos
* aesce: fix unused parameter
* Updated comments.
* Simplified check.
* Modify check-generated-files.sh to work in both repos
* ssl-opt: fix wrong CCM dependencies with GCM
* Move enum definition to satisfy `check_names.py`
* all.sh: remove redundant make in test_psa_crypto_config_accel_cipher_aead()
* Remove superfluous leading whitespace
* psa_information: improve code readability
* all.sh: add config_block_cipher_no_decrypt to simplify code
* all.sh: block_cipher_no_decrypt: clean up cflags
* all.sh: block_cipher_no_decrypt: simplify code
* all.sh: block_cipher_no_decrypt: fix various issues
* Added proposed fixes
* Pop only when pushed.
* improve brief description of conf_sig_algs
* Add documentation
* Temporary hack to pacify check_names.py
* block_cipher: add encrypt()
* block_cipher: add setkey()
* Uninitialized read: make the pointer non-volatile rather than the buffer
* padlock.c: guard mbedtls_padlock_xcryptcbc by CIPHER_MODE_CBC
* Start adding internal module block_cipher.c
* all.sh: more comments in check_test_cases()
* More consistent usage of volatile
* all.sh: robustness improvement
* all.sh: add diff to can_keep_going_after_failure
* cipher.c: remove checks for CBC,XTS,KW,KWP in cipher_setkey
* ssl-opt: set proper cipher dependencies in tests using ticket_aead parameters
* ssl_server2: remove usage of mbedtls_cipher_info_from_string()
* ssl: move MBEDTLS_SSL_HAVE internal symbols to ssl.h
* ssl-opt: set proper dependencies on tests with encrypted server5 key
* all.sh: enable ssl-opt testing in psa_crypto_config_[accel/reference]_cipher_aead
* all.sh: disable CIPHER_C in test_psa_crypto_config_accel_cipher_aead
* BLOCK_CIPHER_NO_DECRYPT: call encrypt direction unconditionally
* all.sh: resue support_build_armcc for *_armcc test
* all.sh: check additional symbols in asece for block_cipher_no_decrypt
* all.sh: refine and simplify component for block_cipher_no_decrypt
* Strengthen against possible compiler optimizations
* Fixes https://github.com/Mbed-TLS/mbedtls/issues/6910 as proposed in https://github.com/Mbed-TLS/mbedtls/issues/6910#issuecomment-1573301661
* Fix preprocessor syntax error.
* fixes invalid default choice of thumb assembler syntax.
* Fix compiler error on gcc 4.5.2.
* Fix uninitialized variable warnings.
* BLOCK_CIPHER_NO_DECRYPT: rephrase ChangeLog
* psa_information: compile a regex instead of using string directly
* tls1.3: early data: rephrase ChangeLog
* aes.c: guard RSb and RTx properly
* Improve documents
* Update license
* Add output round-trip testcase
* Add input round-trip testcase
* Add psa_crypto_output_copy_free() implementation
* Add testcase for psa_crypto_output_copy_free()
* Add implementation of psa_crypto_output_alloc()
* Add testcase for psa_crypto_output_copy_alloc()
* Add function prototypes for psa_crypto_output fns
* Add implementation of psa_crypto_input_copy_free()
* Add testcase for psa_crypto_input_copy_free()
* Add psa_crypto_input_copy_alloc() implementation
* Make empty key slots explicit
* test_driver_extension: use same def/undef pattern for all accelerated symbols
* Add check about legacy dependencies in PSA tests
* Add docs re Everest license
* Update BRANCHES
* Restore bump version
* Restore 3.5.1 ChangeLog
* Revert back to v3.5.0
* No more limitations accelerated algorithms using a built-in hash
* Rm unjustified MD_C dependencies in PSA test
* Rm unjustified PK_C dependencies in PSA tests
* Rm redundant ECC dependencies in psa_crypto tests
* Fix incorrect RSA dependencies in psa_crypto tests
* Rm unneeded dep on PK_PARSE_C in psa crypto tests
* check_config: make error message in BLOCK_CIPHER_NO_DECRYPT clearer
* aes.c: remove non-functional code
* tls1.3: early data: rephrase ChangeLog
* Remove unused *.cocci files
* ssl: replace MBEDTLS_SSL_HAVE_*_CBC with two seperate macros
* ssl: use MBEDTLS_SSL_HAVE_* in tests
* tls1.3: early data: add ChangeLog entry
* ssl: MBEDTLS_SSL_HAVE_* in ssl_misc.h
* ssl: use MBEDTLS_SSL_HAVE_* in ssl_ciphersuites.c
* ssl: add macro to indicate CBC mode is available
* ssl: add macro for available key types
* ssl-opt.sh: fix typo
* ssl_helper: fix missin initialization of cli_log_obj
* config-tfm.h: License Change
* Add testcase for psa_crypto_input_copy_alloc()
* Changed notes in x509_csr.h to better describe the behavior of mbedtls_x509_csr_parse_der and mbedtls_x509_csr_parse_der_with_ext_cb.
* New test cases requested in https://github.com/Mbed-TLS/mbedtls/pull/8378#discussion_r1383779861
* cipher.c: return error for ECB-decrypt under BLOCK_CIPHER_NO_DECRYPT
* move ext print to the end of write client hello
* Revert "fix miss sent extensions mask"
* fix various issues
* check the ticket version unconditional
* max_early_data_size: rename configuration function
* early data: rename configuration function
* tls13-misc: Do not check kex mode for some cases
* Revert "TLS 1.3: SRV: Don't select ephemeral mode on resumption"
* Change base config to full
* programs/test/metatest indirectly includes library/common.h
* Add missing program to .gitignore
* Add metatests for mutex usage
* Don't use %llx in printf
* Fix cast from pointer to integer of different size
* Don't cast a function pointer to a data pointer
* Use casts when doing nonstandard pointer conversions
* Run metatests in selected components
* Strengthen against Clang optimizations
* Metatests for basic Asan and Msan features
* Script to run all the metatests (with platform filtering)
* Metatests for null pointer dereference
* Validate that test_fail causes a test failure
* Add a metatest program
* Add prototypes for psa_crypto_input_copy API
* Remove psa_crypto_alloc_and_copy() API
* Remove extra blank line at end of file
* all.sh: test BLOCK_CIPHER_NO_DECRYPT in build_aes_variations
* Revert "ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only"
* Add test-suite parameter to filter tests
* ChangeLog: rewrite ChangeLog for block-cipher-no-decrypt
* Return an error if asking for decrypt under BLOCK_CIPHER_NO_DECRYPT
* check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT with PSA
* all.sh: add components to test BLOCK_CIPHER_NO_DECRYPT with PSA
* cipher_wrap.c: remove unnecessary NO_DECRYPT guard for DES
* dh_client.c: modify prompt message
* config.py: exclude MBEDTLS_BLOCK_CIPHER_NO_DECRYPT from full
* Pacify mypy
* Also complain if licenses are mentioned
* Check copyright statements and SPDX license identifier
* Sort imports
* Move buffer copy tests into new testsuite
* Switch error code to more appropriate value
* Switch to TEST_CALLOC_NONNULL()
* Switch from ret to status as naming convention
* Switch from int to psa_status_t for test args
* Remove psa_crypto_ prefix from test functions
* Remove superfluous comment
* Remove not-needed sentence
* Standardise some more headers
* Update license and copyright in config files
* README improvements to 3rdparty section
* Fix typos in changelog
* Fix header in ssl_tls13_keys.c
* psa_information.py: generate dep for AES/ARIA/CAMELLIA ECB test case
* Update license for p256-m
* Replace compound-initializers with memset
* Fix overlooked files
* Add Changelog for license
* Update documentation
* update headers
* Refactor: move buffer pattern fills into helper
* Add full round-trip tests for buffer copying
* Add test case for overlapping buffers
* Reject zero-lengths in psa_crypto_copy_and_free()
* Reject NULL original_output with non-NULL output
* Add implementation of psa_crypto_copy_and_free()
* Add testcases for psa_crypto_copy_and_free()
* Simplify zero-length buffers to always be NULL
* Zero-length test for psa_crypto_alloc_and_copy()
* Add extra testcases for buffer copying
* Add implementation of psa_crypto_alloc_and_copy()
* Add testcases for psa_crypto_alloc_and_copy()
* Add buffers struct and prototypes for alloc API
* Add implementation of psa_crypto_copy_output()
* Add testcases for psa_crypto_copy_output()
* Add implementation of psa_crypto_copy_input()
* Add testcases for psa_crypto_copy_input()
* ssl_server2: small improvement of code readability
* Update comment to mention IAR
* test_suite_psa_crypto: add dependency for decrypt test cases
* all.sh: modify components to test BLOCK_CIPHER_NO_DECRYPT
* check_config: add checks for MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
* mbedtls_config: add new config option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
* test: tls13: change server output check
* move psk check to EE message on client side
* Add selected key and ciphersuite check
* move ticket version check
* fix various issues
* Simplify use of __has_builtin
* Add case for MSVC
* Use non-empty definition for fallback
* tidy up comments
* Reduce code size in mbedtls_cipher_validate_values
* Restructure mbedtls_cipher_validate_values
* Introduce MBEDTLS_ASSUME
* Fix broken link to psa-driver-example-and-guide in psa-driver-wrappers-codegen-migration-guide.md
* Remove auto-generation of test wrappers
* Downgrade auto testing testing to a nice-to-have
* all.sh: remove leftover loc_curve_list usage
* test_suite_x509write: use plaintext key file
* Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
* Change base config to full minus SSL
* Move common config to common function
* tls13: add helpers to check if psk[_ephemeral] allowed by ticket
* tls13: server: fully check ticket_flags with available kex mode.
* Add function prototypes for copying functions
* Add auto-generation of test wrappers to design
* Add note on platform-specific barriers
* Add sections on validation of validation
* Add portability consideration to careful-access
* Discuss plain-overwriting memory poisoning
* ssl_helpers: remove CIPHER_C guards in mbedtls_test_ssl_build_transforms()
* ssl_misc: ignore ALG_CBC_PKCS7 for MBEDTLS_SSL_HAVE_xxx_CBC
* test_suite_psa_crypto_metadata: remove unnecessary CIPHER_C dependencies
* test_suite_ssl: use new internal symbols in tests using CBC
* ssl_misc: add internal MBEDTLS_SSL_HAVE_[AES/ARIA/CAMELLIA]_CBC symbols
* ssl_context_info: add guards for CIPHER_C
* ssl_server2: support ticket_aead only when CIPHER_C is defined
* ssl_helpers: allow mbedtls_test_ssl_build_transforms to work without CIPHER_C
* check_config: let SSL_TLS depend on either CIPHER_C or USE_PSA_CRYPTO
* all.sh: enable SSL_TLS and SSL_TICKET in full_no_cipher with PSA_CRYPTO
* all.sh: fix test components using accelerated curves
* test_driver_extension: manage curves' acceleration the same as other PSA_WANT symbols
* fix various issues
* analyze_outcome: only warn on ignored tests that pass
* analyze_outcomes: use regexes for cipher/aead
* fix miss sent extensions mask
* disable stdout in require_*_configs_* functions
* Add translation ruler into document
* tls13: server: parse pre_shared_key only when some psk is selectable
* tests/scripts/all.sh: add test for 32-bit AES-NI intrinsics with clang
* AES-NI: use target attributes for x86 32-bit intrinsics
* check_test_cases: Minor documentation change
* compat.sh: Rename list_test_case to list_test_cases
* ssl-opt.sh: Make record_outcome record the ssl-opt.sh file only
* Avoid using print_name when --list-test-cases is used
* ssl-opt.sh: Correct print format for test cases' names
* Remove invalid -l option from test scripts
* check_test_cases: Avoid removing duplicated test cases
* check_test_cases: Unify walk_compat_sh and walk_opt_sh into one
* ssl-opt.sh: Don't affect the order at which functions are printed
* ssl-opt.sh: Simplify the implementation of the -l option
* Skip unnecessary logic when -l option is used
* Only use CONFIGS_ENABLED when not listing tests
* Get options at beginning of program
* Avoid skipping test when printing
* Remove formatted string to make pylint happy
* tests/check_test_cases: Use subprocess.check_output instead of run
* Use file_name parameter in walk_ssl_opt_sh()
* Revert "Add opt-testcases into check list"
* tests/check_test_cases: Use ssl-opt.sh -l option instead of parsing
* ssl-opt/run_test: Introduce -l option to list test case names
* Add deprecated flag in document for sig_hashes
* analyze_outcomes: ignore patterns apply to whole suite
* analyze_outcome: Simplify some code
* analyze_outcome: work around old Python in CI
* analyze_outcomes: minor output fix
* analyze_outcomes: use regexes with ECC components
* analyze_outcomes: remove useless ignore entries
* analyze_outcomes: useless ignores are now errors
* analyze_outcomes: add regex match for ignored tests
* analyze_outcomes: minor code cleanup
* all.sh: unset MBEDTLS symbols for modes/keys only when !PSA_CRYPTO_CONFIG
* all.sh: improve comments in common_test_full_no_cipher_with_psa_crypto
* all.sh: rename common config/test function
* all.sh: improve test_full_no_cipher()
* all.sh: keep symbols that don't depend on CIPHER_C (directly or indirectly)
* all.sh: fix comments in common_test_full_no_cipher_with_crypto()
* all.sh: replace minus sign in text messages with "no"
* psa_crypto_cipher: add guard for unused variable
* psa_crypto_cipher: add helper to validate PSA cipher values
* all.sh: add components as full_no_cipher with CRYPTO_C and CRYPTO_CONFIG
* psa_crypto_cipher: add mbedtls_cipher_values_from_psa()
* psa_crypto_aead: add guard for CIPHER_C dependency
* adjust_psa_from_legacy: enable ALG_STREAM_CIPHER on when CIPHER_C is defined
* check_config: fix dependency of PSA_CRYPTO_C on CIPHER_C
* disable tests when ecp is not available
* Add test case for writing early data in EE
* write early data indication in EE msg
* tls13: add more checks for server early data
* Fix test suite never executed due to an undefined symbol
* Fix builds in conda-forge, which doesn't have CLOCK_BOOTTIME
* Extend design discussion
* Threading design: fix internal links
* Document chosen goals and priorities for 3.x
* analyze_outcomes: update cipher/aead data
* Things forgotten in the previous commit
* cipher: improve code readibility in mbedtls_cipher_setup()
* Rename and specify config options
* Careful-access prototyping to design exploration
* Fix invocation with explicit .datax file
* Define try_chdir everywhere
* Remove references to new-test approach in design
* De-duplicate section titles
* Add blank lines before lists
* Fix broken links
* Support older IAR versions
* all.sh: accelerate ALG_[STREAM_CIPHER/ECB_NO_PADDING] in accel_cipher_aead()
* all.sh: accelerate CMAC in test_psa_crypto_config_accel_cipher_aead()
* test_suite_psa_crypto: replace builtin dependencies with PSA_WANT
* test_suite_cipher: use TEST_ASSUME() to evaluate supported ciphers
* analyze_oucomes.py: ignore line-too-long error for skipped tests
* all.sh: add a common configuration function for accel/reference components
* all.sh: keep PKCS5/12 enabled in the reference component
* all.sh: move [accel/reference]_cipher_aead to crypto_full
* cipher: check that ctx_alloc_func is not NULL before calling it
* cipher_wrap: fix guards for GCM/CCM AES
* pkparse: fix missing guards for pkcs5/12 functions
* all.sh: fix minor issues
* analyze_outcomes.py: skip tests that depends on builtin features
* test_suite_cipher: successfully quit test if no cipher is supported
* test: add component accelerating both ciphers and AEADs
* Remove dependency on asm/hwcap.h
* Clarify changelog
* Test for presence/absence of AES instructions
* Update Changelog to specify Armv8-A
* Use MBEDTLS_ARCH_IS_ARMV8_A not MBEDTLS_ARCH_IS_ARMV8
* Add volatile to prevent asm being optimised out
* Fix #error typo
* Share some definitions that are common for clang and GCC 5
* Don't fail tests if hwcap.h not present
* Tidy-up: move GCM code into one place
* Code style
* Don't use #ifdef on vreinterpretq_xxx
* Add link to ACLE docs in comment
* Update clang version requirements
* Fix tests for older versions of clang
* fix tabs
* Improve compiler version checking + docs + testing for armclang
* Fix behaviour for Armv8 targets without Neon
* Changelog
* Fix docs for MBEDTLS_AESCE_C
* Add build tests for AESCE on A32/T32
* Fix runtime detection on A32/T32
* Suppport AESCE on A32 and T32
* Clarify use of new tests for careful-access
* Add detailed design section for careful access
* Fix MBEDTLS_MAYBE_UNUSED for IAR
* Add check_ticket_flags helper function
* move script to `tests/scripts`
* improve document
* move asn1crypto to ci.requirements.txt
* Add exploration section on FVP testing
* Add lengths to convenience interface sketch
* Rewrite incorrect description of psa_exercise_key
* Add notes about configuration of poisoning tests
* Add reference to test hooks in detailed design
* Refactor note on preferred poison-test approach
* Use ASan for memory poisoning as well as Valgrind
* Add C language annotation to code block
* Fix broken reference
* Replace vague 'above' with a reference for ease-of-navigation
* Add example wrapper function implementation
* Add skeleton of detailed design rewrite
* Make lcov.sh run from the build directory
* Convert interruptible test over to using TEST_CALLOC
* Remove dependency on asm/hwcap.h
* all.sh: accelerate ALG_ECB_NO_PADDING in test_psa_crypto_config_accel_cipher()
* libtestdriver1: fix acceleration for ALG_STREAM_CIPHER/ALG_ECB_NO_PADDING
* all.sh: remove fixes in test components
* legacy_from_psa: fix support for PSA_ACCEL_ALG_[STREAM_CIPHER/ECB_NO_PADDING]
* Update operation threading strategy
* Threading Design: emphasise performance requirement
* Threading design: improve language
* fix various issues
* Rewrite design exploration of copy validation
* Add missing exit labels to MPS tests
* Explore sanitizers for memory poisoning
* Tweak compiler optimization evaluation section
* Add build preset full_no_platform
* Threading design: update and clarify 3.6 plan
* Threading design: Update empty slot tracking
* Clarify threading design document structure
* Clarify reentrancy requirements for drivers
* Add section on possible use of Valgrind tracing
* Expand design for validation of careful access
* Modify lcov.sh to work in tf-psa-crypto as well
* Added changelog.
* Modify optimize-testing instructions
* Move implementation by module table earlier
* Add more detail in design of memory poisoning
* Uncrustified
* Change unsigned int to uint8_t
* Fix some dependencies in ssl-opt.sh
* Reword the changelog entry
* test_suite_psa_crypto_driver_wrappers.data: fix dependency
* PBKDF2-AES-CMAC: remove not needed preprocessor directive
* CMAC: accelerate CMAC in accel_cipher
* all.sh: fix a typo in comment
* Fix dependency check for helper functions.
* Add a changelog entry
* all.sh: build_mingw: only test build lib without MBEDTLS_AESNI_C
* Fix #8372 - Error compiling AESNI in Mbed-TLS with clang on Windows
* all.sh: build_mingw: test default config without MBEDTLS_AESNI_C
* fix wrong typo
* Detailed design of memory protection strategy
* Fix code style
* Remove NULL-ing of passed in SSL context in ssl_populate_transform()
* Move initialisation in test to before first test
* analyze_outcomes: add new_section() method to the Results class
* analyze_outcomes: fix format interpolation errors
* Added parameters to add callback function to handle unsupported extensions. Similar to how the callback functions work when parsing certificates. Also added new test cases.
* fix various issues
* fix wrong typo and indent issue
* Add server9-bad-saltlen generate command
* Add asn1crypto to python maintainer requirements
* add script for server9_bad_saltlen
* analyze_outcomes: fix missing format for args/kwargs
* Close file on error path
* Use modern macros for calloc in test code
* Remove redundant null check
* Fix missing initializations on some error paths
* Convey that it's ok for mbedtls_ssl_session_save to fail
* Now handling critical extensions similarly to how its done in x509_get_crt_ext just without the callback function to handle unknown extensions.
* Reword error message on format of SAN arguments
* Reword error message on format of SAN arguments
* Add plan for 3.6 to threading design
* Add clarifications to thread safety design
* Add reentrancy section to thread safety design
* Added testcase with certificate that contains extensions with critical fields.
* analyze_oucomes: do not return Results instance passed as parameter
* analyze_outcomes: keep print_line() method non-static
* Added missing like between variables and function body.
* analyze_outcomes: code style improvement
* analyze_outcomes: fix return value in case of test failure
* Fixes #8377.
* cipher: reset MBEDTLS_CIPHER_HAVE_AEAD to MBEDTLS_CIPHER_MODE_AEAD
* all.sh: fix comment
* analyze_outcomes: fix newlines
* analyze_outcomes: reset name of TestLog to Results
* analyze_outcomes: use a single TestLog instance and do not delay output
* analyze_outcomes: exit immediately in case of invalid task
* Fix static initializer warning
* Require at least on curve for ECP_LIGHT
* analyze_outcomes: print task list directly to stdout
* Test for read-read inconsistency with mprotect and ptrace/gdb
* Fix editorial error with semantic consequences
* Typos
* Tidy-up
* Cleanup validation interface
* md: restore md.h includes in source files directly using its elements
* analyze_outcomes: minor improvements
* ssl: improve ssl_check_key_curve()
* Improve test for clang presence
* cipher_wrap: add VIA_LEGACY_OR_USE_PSA to new internal symbols
* cipher: reset MBEDTLS_CIPHER_HAVE_AEAD_LEGACY to previous naming
* Make component_build_aes_aesce_armcc silent
* cipher: fix guards in mbedtls_cipher_auth_[encrypt/decrypt]_ext()
* Fix check for format supported by PSA
* Use clearer function name
* Make code more robust
* Fix a typo in a comment
* Fix limitation in checking supported alg in pk_sign
* Fix unused warnings in dummy definition
* Abstract away MBEDTLS_PK_PARSE_EC_EXTENDED
* Fix and document return of pk_ecc_set_pubkey()
* Rework pk_ecc_set_pubkey()
* New signature for pk_ecc_set_pubkey()
* Rework pk_ecc_set_pubkey_psa_ecp_fallback()
* Tune body of pk_ecc_set_pubkey_from_prv()
* Rename and document pk_ecc_set_pubkey_from_prv()
* Document pk_ecc_set_group() and pk_ecc_set_key()
* Move code around again
* Merge two consecutive #ifs
* Start re-ordering functions in pkparse
* Minor improvements to pk_ecc_read_compressed()
* Avoid nested #ifs in body of pk_get_ecpubkey()
* Use helper macro for (deterministic) ECDSA
* Make macro definition more consistent with similar defns
* Simplify Windows-on-Arm macros
* Use new MBEDTLS_ARCH_IS_xxx macros
* Use MBEDTLS_HAVE_NEON_INTRINSICS instead of __ARM_NEON
* Introduce MBEDTLS_HAVE_NEON_INTRINSICS and simplify NEON header inclusion
* Enable 8-byte fastpath in mbedtls_xor on ARM64 and ARM64EC
* Support ARM64EC in the same way as ARM64 in sha256 and sha512
* Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS on Windows-on-Arm
* Factor similar code into pk_ecc_set_key()
* Group two versions of the same code
* Slightly simplify pk_derive_public_key()
* Factor common code into a function
* Further rationalize includes
* Minimize key-type-related includes
* Remove redundant include
* all.sh: revert changes in test_m32*
* Suggest validating copy by memory poisoning
* Add a section skeleton for copy bypass
* Short explanations of what is expected in the design sections
* Distinguish whole-message signature from other asymmetric cryptography
* Design change for cipher/AEAD
* Clarify terminology: built-in driver
* Add a section on write-read feedback
* Simplify the relaxed output-output rule
* Expand explanations of the vulnerabilities
* Fix typos and copypasta
* cipher: reintroduce symbol for legacy AEAD support
* Invert no_hwcap variable
* Stop IAR warning about goto skipping variable definition
* Tidy up logic for MBEDTLS_MAYBE_UNUSED
* Include existing Makefile
* Fix 3rdparty/Makefile.inc when included recursively
* Revert "Fix a few IAR warnings"
* Fix changelog code style issue
* Fix changelog style issue
* Fix hwcap test for CI
* Fix code style issue in cert_write program
* Fix code style issue in cert_req program
* Adjust use of deprecated in Doxygen
* Require asm/hwcap.h for testing
* Doxygen fixes
* check_config: fix typo causing build issues with only CCM enabled
* Use a block to save 12b
* Keep initialisation of p in its original location
* Fix IAR 'transfer of control bypasses initialization' warnings
* Adjust the full config
* Add changelog entry for x509 cert_req null dereference fix
* Fix possible NULL dereference issue in X509 cert_req program
* Analyze requirements for protection of arguments in shared memory
* Add changelog entry for x509 cert_write null dereference fix
* Fix possible NULL dereference issue in X509 cert_write program
* Fix test data dependencies
* Fix Changelog formatting
* Add Changelog
* Add Encryption test data for AES 128,196,256 PBES2
* Replace AES-CBC test data
* Restore array formatting
* Revert increase of test buffer size.
* Add AES encrypted keys support for PKCS5 PBES2
* Clarify changelog
* Alter program layout for better clarity
* Update to only serve GCM and CCM
* cipher: keep MBEDTLS_CIPHER_HAVE symbols private
* ssl: use MBEDTLS_SSL_HAVE_[CCM/GCM/CHACHAPOLY/AEAD] macros for ssl code
* Refer to Armv8-A (not Armv8) in comments
* analyze_outcomes: improve logging system
* fix test fail when ecp disabled
* Add early data disable tests
* Add data file for early data input
* Add early data status update
* Add not-received status
* Share `early_data_status` between server and client
* Add unit test for max_early_data_size of ticket
* Add max_early_data_size into copy list
* Add max_early_data_size into ticket
* Automatically pick up all Markdown files
* Remove extra blank line
* Test instructions built/not built
* Rename local variable in aes.c
* Remove superfluous comment
* Add missing newline
* Add variable for message length
* Adjust messages in all.sh
* Fix a couple of typos related to renaming options
* Add casting size_t to int
* Add casting size_t to int
* md: remove unnecessary inclusions of mbedtls/md.h
* ssl: reorganize guards surrounding ssl_get_ecdh_params_from_cert()
* cipher: fix missing spaces
* test: use full config in test_psa_crypto_config_accel_cipher
* cipher/tls: use new symbols for guarding AEAD code
* cipher: add internal symbols for AEAD capabilities
* test: keep SSL_TICKET_C and SSL_CONTEXT_SERIALIZATION enabled
* test: use full config in accelerated AEAD test
* Improve Changelog
* SHA256 renaming - fix some missed things
* Revert renaming of SHA512 options
* Remove trailing white space in documentation
* all.sh: Re-enable MBEDTLS_AESNI_C in some components
* aesni: select `__cpuid` impl based on compiler type
* Inform user when unknown hash algorithm supplied
* Update documentation
* Add PSA threading design
* Rename MBEDTLS_SHAxxx_USE_ARMV8_yyy to MBEDTLS_SHAxxx_USE_ARMV8_A_yyy
* Rename MBEDTLS_ARCH_IS_ARMV8 to MBEDTLS_ARCH_IS_ARMV8_A
* Refer to Armv8-A (not Armv8) in docs
* Code style
* More config option renaming
* Fix hwcap detection on 32-bit Arm
* Rename A64 config options
* aesni: declare cpuinfo as int
* aesni: support cpuid on WIN32
* Fix excess newline
* Make asm without side-effects not optimisable-out
* Update to MD light section
* Update list of modules using hashes
* Update definition of Cipher light
* Include psa/build_info.h instead of mbedtls/build_info.h
* Update details of modules using cipher operations
* Fix C++ build issue when MBEDTLS_ASN1_PARSE_C is not enabled
* analyze_outcomes: rename some variables for better readability
* benchmark: improve code readability
* sha256.h: add guard for is224 in sha256 context
* Adapt to new PSA Crypto repo name
* Fix arch detection for auto setting of clang flags
* Remove logically dead code
* Correct styling of Mbed TLS in documentation
* md: move definitions of MBEDTLS_MD_CAN to config_adjust_legacy_crypto.h
* ssl: fix getting group id in ssl_check_key_curve()
* pk_internal: change guards for mbedtls_pk_ec_[ro/rw]
* Fix 3rdparty target names for custom config
* test_suite_pkcs12: fix typo in test case description
* pkcs12: use mbedtls_cipher_crypt() instead of explicitly defining all steps
* Note about the lack of Windows support
* Print a notice if chdir fails
* Support running unit tests from another directory
* Fix IAR warnings
* Update baremetal config to exclude MBEDTLS_SHAxxx_USE_A64_CRYPTO_IF_PRESENT
* Fix cast errors on IAR
* code style
* Warn if using runtime detection and no Neon
* Add tests for runtime detection
* Enable run-time detection for Thumb and Arm
* Improve docs
* Update docs for MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
* Support MSVS with clang
* Revert "Auto-generated files for v3.5.0"
* require clang 4 for testing
* Get MBEDTLS_MAYBE_UNUSED to cover more compilers
* Code style
* Add Changelog
* Improve docs
* Improve behaviour on gcc targetting arm or thumb
* Fix indentation
* Add tests for SHA256 on ARMCE for thumb, arm and aarch64
* Support MBEDTLS_MAYBE_UNUSED in MSVC and IAR
* Use MBEDTLS_MAYBE_UNUSED to simplify aes.c and let compiler remove unused variables
* Introduce MBEDTLS_MAYBE_UNUSED
* tidy up
* Tidy-up
* Tidy up bash syntax
* Improve docs
* Use lower-case for local variables
* Make SHA256 depend on Armv8, not aarch64
* Introduce MBEDTLS_ARCH_IS_ARMV8
* Improve naming
* Use make to generate the test command
* Remove redundant test component
* Move check into list_files_to_merge
* rename function
* Check for incorrect changelog extensions
* Separate out a resuable option cross-product test function
* Remove not-needed edge-case
* Simplify makefile generation; don't use -j
* fix make issue
* Code style
* Use make to parellise tests
* Improve test speed
* Add testing for MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
* Fix some more incorrect guards in aes.c
* Extend testing of aes.o options
* Restore missing #if
* Improve AES hardware-only check
* analyze_outcomes: fix incorrect use of Results.log()
* analyze_outcomes: ignore asn1parse and asn1write in result analysis
* analyze_outcomes: escape {} in string format for test description
* Revert "test_suite_asn1parse.data: remove {} in test data description"
* test_suite_asn1parse.data: remove {} in test data description
* test_suite_pk: add extra dependency for pk_psa_sign
* all.sh: remove not needed #define in common_tfm_config
* check_config: add check of ASN1_[WRITE/PARSE]_C
* all.sh: remove define MD_C in common_tfm_config
* config-tfm.h: remove PK_[PARSE/WRITE]_C
* all.sh: fix a comment in common_tfm_config
* all.sh: simplify common_tfm_config
* config-tfm.h: include TF-M medium profile properly
* Keep the list in alphabetical order
* Documentation improvements
* Disable PK_PARSE and PK_WRITE
* Update location of TFM config files
* Fix broken test with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
* test-ref-configs: test config-tfm.h
* configs: add config_tfm.h which includes TFM configs
* configs: move TFM config to a subdirectory
* AESNI: improve comments on some guards in aesni.h
* test_suite_ssl: improve variable naming in ssl_set_hostname_twice
* benchmark: add AES_CFB8
* benchmark: add AES_CFB128
* all.sh: run make clean before make lib in armc6_build_test
* all.sh: make sure CIPHER_ENCRYPT_ONLY is enabled in tests
* Enable CIPHER_ENCRYPT_ONLY when DES is disabled
* all.sh: fix a typo
* des: don't consider DES for CIPHER_ENCRYPT_ONLY
* Revert "des: add CIPHER_ENCRYPT_ONLY dependency for test cases"
* Add ChangeLog entry for MBEDTLS_CIPHER_ENCRYPT_ONLY
* all.sh: ciper_encrypt_only: cover VIA PADLOCK
* all.sh: ciper_encrypt_only: cover baremetal build for AESCE
* all.sh: ciper_encrypt_only: cover AESNI and C Implementation
* aes: define internal macro to simplify #if Directive
* check_config.h: add checks for CIPHER_ENCRYPT_ONLY
* des: add CIPHER_ENCRYPT_ONLY dependency for test cases
* camellia: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases
* aria: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases
* AES-ECB: add CIPHER_ENCRYPT_ONLY dependency for DECRYPT test cases
* dh_client: removed under CIPHER_ENCRYPT_ONLY
* cipher_wrap: remove *setkey_dec_func in CIPHER_ENCRYPT_ONLY
* aria/camellia/des: guard setkey_dec by CIPHER_ENCRYPT_ONLY
* all.sh: add test case for CIPHER_ENCRYPT_ONLY
* PSA: auto-enable CIPHER_ENCRYPT_ONLY if cipher-decrypt is not needed
* AESNI: add macro guard of CIPHER_ENCRYPT_ONLY
* AESCE: add macro guard of CIPHER_ENCRYPT_ONLY
* aes.c: add config option to support cipher_encrypt_only
* Add clarifications to the threading requirements
* Fix typo
* Add threading non-requirement
* Improve thread safety presentation
* Tighten thread safety requirements
* ssl-opt.sh doesn't actually use OPENSSL_LEGACY: remove unused function
* compat.sh: add --preserve-logs option
* pkwrite: zeroize buf containing info of private key
* Remove GNUTLS_LEGACY and OPENSSL_LEGACY
* Stop using "legacy" OpenSSL and GnuTLS
* Minor robustness improvement
* ssl-opt.sh doesn't actually use OPENSSL_LEGACY, so remove it
* aes.c: provide finer guard for RSb
* aes.c: clean up and fix wrong comment in #endif
* Refine thread safety requirements
* pkwrite.c: write ChangeLog accurately
* pkwrite.c: call calloc and free properly
* pkwrite: add Changelog entry
* pkwrite.c: add a cleanup label to save code size
* pkwrite.c: save stack usage for pk_write_key_pem
* pkwrite.c: save stack usage for pk_write_pubkey_pem
* Add tentative definition of Cipher light
* Add details on use of ciphers from other modules
* Check length before calling memcmp
* Add new line at end of file to satisfy code style
* Implement cleanup label
* Remove further superfluous call to psa_hash_abort
* Add missing PSA init
* Update old dependency to MBEDTLS_MD_CAN
* Correct code style
* Stop hashing the null byte
* Add extra check to one-shot operation results
* Check result of multipart operation
* Restructure start of program
* Add clarifying comment to new program section
* Use memcmp instead of reinventing it
* Change hash output formatting
* Change wording in error message
* Clarify comments
* Remove mbedtls_ and psa_ prefix from var names
* Remove superfluous calls to psa_hash_abort
* Replace hash_size with hash_length
* Fix erroneous macro guards
* PermissionIssueTracker is obsoleted by ShebangIssueTracker
* Skip dlopen demo in static builds
* Use demo_common.sh in dlopen test script
* Pacify Pylint
* Make --quiet a little less quiet
* Error out if run from the wrong directory
* Add --quiet option to suppress demos' output
* Fix some mistakes in descriptive messages
* Minor readability improvements
* Explain why $root_dir needs a complicated calculation
* Print only missing dependencies
* cleanup is part of the external interface
* Run demo scripts in some builds
* Declare the dependencies of key_ladder_demo.sh
* Let demo scripts declare their dependencies
* Demo scripts: create a seedfile if the configuration requires it
* Move common code of demo scripts into a library
* Run demo scripts and check that they work
* Address review comments
* Fix code style
* Demonstrate algorithm agility
* Improve program from first round review comments
* Added ChangeLog entry
* Bring code-style up-to-date
* Add example program for PSA hash
* SSL programs: improve command-line error reporting
* SSL programs: allow invoking without arguments
* SSL programs: group options processing in 1 place
* Show how to extract curve information from an ecp_keypair
* The ECP curve name is the one from TLS, not one we made up
* Cover ecp.h
* Rename PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_USE to ..._BASIC
* Cover ECDH and DHM
* Mention self-tests
* Mention mbedtls_psa_get_random
* Legacy-to-PSA transition guide
* simplify helper function name
* refactor: move ticket_flags check into a function
* Revert "TLS 1.3: SRV: Validate kex modes when parsing psk"
* Add addition options to detect the correct kex mode
* TLS 1.3: SRV: Don't select ephemeral mode on resumption
* TLS 1.3: SRV: Validate kex modes when parsing psk
* TLS 1.3: SRV: Check ticket_flags in kex mode determination
* Wed Jan 31 2024 Martin Pluskal <mpluskal@suse.com>
- Update to version 3.5.2:
* Update BRANCHES.md
* Bump version
* Assemble Changelog
* Update Marvin fix Changelog entry
* Add warning for PKCS 1.5 decryption
* Fix typo
* RSA: improve readability
* RSA: remove unneeded temporaries
* RSA: document Montgomery trick in unblind
* Fix style
* Make local function static
* Add Changelog for the Marvin attack fix
* Extend blinding to RSA result check
* Make RSA unblinding constant flow
* Add Changelog for #8687
* Add required dependency to the testcase
* Remove unneeded testcase
* Update test-data to use SIZE_MAX
* Add missing newline at the end of test_suite_x509write.data
* Update fix to be more platform-independent
* Fix Issue #8687
* Add tests for Issue #8687
- Resolves CVE-2024-23170 boo#1219336
* Tue Jan 23 2024 Lubos Kocman <lubos.kocman@suse.com>
- Mbed TLS is now released under a dual Apache-2.0 OR GPL-2.0-or-later
* legalreview already raised this
* Tue Nov 14 2023 Martin Pluskal <mpluskal@suse.com>
- Update to version 3.5.1:
* Add docs re Everest license
* Update Changelog with bugfix entry
* Update BRANCHES
* Bump version
* Fix typos in changelog
* Fix 3rdparty target names for custom config
* assemble Changelog
* README improvements to 3rdparty section
* Update license for p256-m
* Add Changelog for license
* Update documentation
* Fix some non-standard headers
* Header updates
* Wed Oct 11 2023 Martin Pluskal <mpluskal@suse.com>
- Update to version 3.5.0 (resolves bsc#1216078 CVE-2023-45199 and bsc#1216076 CVE-2023-43615):
* Updated BRANCHES.MD
* Re-assemble changelog to add missing item, plus a couple of typo fixes.
* Bump library so-crypto, so-x509, so-tls versions.
* Ignore tests of built-in interfaces for driver-only testing parity
* Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE
* Auto-generated files for v3.5.0
* ChangeLog: Set release date
* Prepare ChangeLog for 3.5.0 release
* Bump version to 3.5.0
* check-generated-files: Added psa_crypto_driver_wrappers_no_static.c file
* Changelog: Added entry for psa_crypto_driver_wrappers rename
* Remove leftover local debug line
* ChangeLog: Added .txt extension to log entries.
* Avoid compiler warning about size comparison
* Improve some debug messages and error codes
* In TLS 1.2, only servers are affected
* Changelog entry for xxdh_psa_peerkey size validation
* Improve robustness of ECDH public key length validation
* Fix buffer overflow in TLS 1.2 ClientKeyExchange parsing
* Fix buffer overflow in TLS 1.3 ECDH public key parsing
* Add custom config logic to 3rdparty modules
* CMake: fix build with 3rdparty module enabled through a custom config
* Changelog entry for #7298
* Fix ChangeLog entry for FFDH in PSA
* Undo not-needed change
* Remove redundant code
* Assume get_num_ops cannot fail
* Always call get_num_ops
* Add MBEDTLS_TARGET_PREFIX to 3rdparty CMake
* Fix return type
* Fix IAR statement is unreachable warning
* Fix IAR control bypasses initialisation warning
* Fix error handling in psa_driver_wrapper_xxx_hash_get_num_ops
* Fix IAR pointless integer comparison
* Fix IAR control bypasses initialisation warning
* Fix IAR change of sign warning
* Remove components that partially accelerate ECC keys
* Update list of ECC key types in user-config-for-test.h
* Remove spurious comments
* Remove generated files in all cmake_as_x tests
* Fix lowercase comment start
* Formatting fixes
* Minor clarifications.
* Test only what's support with partial curves accel
* Add check for unsupported partial curves acceleration
* Add check for unsupported partial key type acceleration
* Fix typo: weiErstrass
* Use lowercase for local variables
* Adjust handling of special case for DERIVE
* Rename macros for consistency
* Update docs/driver-only-builds.md
* Improve documentation about driver-only p256-m.
* Remove now-redundant tests
* Auto-enable ACCEL macros for p256-m driver
* Update list of p256-m entry points
* Don't extend support for deprecated functions
* Update ChangeLog for ECC.BN EPIC
* Ensure tests will fail if CMake generation fails
* Update padding const-time fix changelog
* Put crypto_spe.h on the include search path where needed
* Document that MBEDTLS_PSA_CRYPTO_SPM needs crypto_spe.h
* Fix include path to psa/crypto_spe.h
* Add CMake include path for generated header
* Add ChangeLog entry for change in driver config API
* Document limitation on "mixed" builds
* Re-add python install of requirements to Travis CI.
* Add build with only some ECC key types accelerated
* Add build with some curves accelerated but not all
* Fix a typo in psa-crypto-implementation-structure.md
* Change the documenti about psa_crypto_driver_wrappers.c{h}
* No need to include the 3rd party entry point head file
* Change the description of auto-generated driver dispatch files
* Remove useless spaces in Makefile
* Remove useless empty line
* Remove the UN_USED_DISABLE attribute
* Change to os.path functions base on comment
* Move the dependency adjacent to the generated file
* Change include guards of psa_crypto_driver_wrappers_no_static.h
* Change comments to psa_crypto_driver_wrappers.h
* Change the extension type of the file psa_crypto_driver_wrapper
* Automaticly generate psa_crypto_driver_wrappers_no_static.c
* Dont't generate object file for file only include static functions
* Revert 3rd party p-256 entry file
* Revert the Makefile to remove the dependency of generate_files
* Move functions out of the static file
* Change code style
* Disable unused warning on visual studio and generate files before lib
* Enable build of non-static psa wrapper functions
* Move function psa_driver_wrapper_export_public_key out of auto-generated
* Remove static inline functions declare and make it only in c file
* Ensure build of P256 pass
* Surpress the unsed function warnings
* Remove useless declaration
* Define the psa wrapper functions as static inline
* Fix propagation of return value from parse_attribute_value_hex_der_encoded
* parse_attribute_value_hex_der_encoded: clean up length validation
* parse_attribute_value_hex_der_encoded test case fixups
* Add may-fail mode to mbedtls_x509_string_to_names output tests
* Fix integer overflow with an input buffer larger than INT_MAX
* Fix indentation
* Rewrite parse_attribute_value_hex_der_encoded()
* More test cases for parse_attribute_value_der_encoded
* Use modern test macros for ease of debugging
* Rename new header file
* Declare P-256 as accelerated in p256-m test
* Fix another rebasing mistake
* Fix rebasing mistake
* Be more subtle about key_type -> alg interaction
* Special-case KEYPAIR_DERIVE (no driver support yet)
* Fix dependencies of built-in ECC keypair types
* Fix deterministic ECDSA built-in dependencies
* Use consistent ordering for built-in activation
* Declare curves as accelerated in all.sh when needed
* Fix logic of ECC built-in activation again
* Remove components that are no longer needed
* Remove useless instances of MBEDTLS_SOME_BUILTIN_EC
* Implement new strategy for ECC accel/built-in
* Group all ECC-related things in legacy_from_psa.h
* Improve PSA config adjustment relate to keypair types
* Remove unnecessary block
* psa_crypto: fix guards in mbedtls_ecc_group_to_psa()
* adjust_legacy_from_psa: undef SOME_BUILTIN_EC when builtin curves are used
* config_psa: resolve symbol redefinition issue
* test: fix comment
* check_config: remove unnecessary check about builtin curve usage
* test_suite_psa_crypto: fix curve dependency in test
* Renaming all MBEDTLS_HAVE for curves to MBEDTLS_ECP_HAVE
* test: fix comments and functions' naming
* ssl: don't require MBEDTLS_ECP_DP with TLS1.3
* config_psa: moving PSA_WANT auto-enabling code
* config_psa: fix comment
* test: fix remaining disparities and remove debug leftovers
* test: fix test accelerating all curves keeping only 1 builtin
* lib/test: use new internal helpers in library's code and tests
* build_info: add helpers to signal some support for a specific curve
* check_config: include also ECJPAKE_C as usage for builtin curves
* tls/oid: add PSA_WANT_ECC_xxx guards together with existing MBEDTLS_ECP_DP_xxx
* test: fix test which are using accelerated ECC/DH keys
* check_config: request at least 1 builtin EC alg if there is at least 1 builtin curve
* config_psa: include builtin algs if there is at least 1 builtin curve
* config_psa: check curves' support before EC ALGs
* config_psa: add internal helper to signal that some curve is builtin
* config_psa: ensure PSA_WANT_ECC is enabled for each MBEDTLS_ECP_DP
* check_config: fix comment
* check_config: perform checks only when config_psa.h is evaluated
* check_config: skip check on SECP224K1 because the PSA is never enabled
* check_config: verify that each ECP_DP has the corresponding PSA_WANT_ECC
* x509_crt: Removed unused intsafe.h
* x509_crt: Removed length_as_int intermediate variable
* x509_crt: Adjusted the len of lpMultiByteStr arg in WideCharToMultiByte
* x509_crt: Set WideCharToMultiByte to use -1 for length.
* vs2013 templates: Set bcrypt to be the sole dependency.
* x509_crt: Removed checks for windows versions < WINXP
* entropy_poll: Removed checks for windows versions < WINXP
* ChangeLog: Adjusted the updated_windows_apis log
* pkey-random: Removed setting mbedtls_target in libs
* entropy_poll: Updated documentation for entropy_poll loop.
* program-random: Updated Cmake libs variable
* pkey Cmakelists: Updated the set libs to be consistent with others.
* entropy_poll.c: Added looping logic to `mbedtls_platform_entropy_poll()`.
* ChangeLog.d: Added mininum required Windows version.
* Removed unsupported Visual Studio related code in entropy_poll.c and x509_crt.c.
* ChangeLog.d: Reworded updated_windows_apis.txt.
* Changelog: Removed entry from root file
* entropy_poll/x509_crt: Added MBEDTLS_POP_TARGET_PRAGMA define guards.
* library Makefile: Moved -lbcrypt to LOCAL_LDFLAGS
* fuzzer Makefile: Added -lbcrypt linkage
* Code style fixes
* programs: Cleaned up bcrypt linking refererences.
* Fix Visual Studio Release|x64 builds
* Fix coding style of length_as_int var in x509_crt.c
* Remove redundant Visual Studio 6 data files
* Add clarifying comment on use of MultiByteToWideChar() and CP_ACP
* Fix the tests build with mingw for the new Win32 APIs
* Fix formatting and detail of comments in PR #730
* Fix for building programs with mingw
* Correct check for WIN32 in cmake files for programs
* Update ChangeLog for PR #730 for Win32 API fixes
* Fix the build for mingw and CMake + VStudio
* Replace Windows APIs that are banned in Windows Store apps
* Set explicit version for the typing packages
* Fix SHA-3 dependencies in test_suite_md
* Type fixes and wording improvements
* Fix SHA-3 in accel tests that need it
* Fix dependencies for SHA-3 MD dispatch tests
* Document driver-only hashes
* Add SHA-3 support to libtestdriver1
* Remove all travis builds except for coverity_scan
* Remove invalid comment from mbedtls_cipher_set_padding_mode()
* Remove PK options
* Set MBEDTLS_MD_C
* Update changelog text
* Fix test error
* Add comment
* fix cast warning
* Use mbedtls_ct_error_if
* Add mbedtls_ct_error_if, with tests
* Remove tests for mbedtls_ct_int_if
* Remove mbedtls_ct_int_if
* Remove use of mbedtls_ct_int_if
* Improve implementation of mbedtls_ct_int_if
* Update library to use mbedtls_ct_int_if
* Improve testing for mbedtls_ct_int_if
* Generalise mbedtls_ct_error_if to mbedtls_ct_int_if
* Remove unused variable and unreachable return from mbedtls_pk_write_key_der()
* Fix compiler cast warning
* Add correct dependencies for AES-192/256 cipher tests
* Improve pkparse test dependencies and changelog
* Add more tests to check setting padding mode
* Add tests for mbedtls_ct_error_if
* Fix MSVC error C4703 about possibly uninitialized variable in pkwrite.c
* Use mbedtls_ct_error for CT error selection
* Add mbedtls_ct_error_if
* Reduce size of mbedtls_asn1_get_len
* Re-order mbedtls_ccm_context
* Changelog for padding CT fixes
* Fix code style in pkparse tests
* Add PKCS5/12 dependecies to pkparse tests
* Add a note about the code size benefits
* Rename option where concatenated with -D
* Add cast for MSVC
* Add test pkparse test dependencies
* Add a note about p256m near the option to enable secp256r1
* Move MBEDTLS_PSA_P256M_DRIVER_ENABLED to keep alphabetical order
* Give a production-sounding name to the p256m option
* Add changelog entry for switching pkparse to new pbe functions
* Add tests to test pkcs8 parsing of encrypted keys
* Fix codestyle issues in pkcs12.h & pkparse.c
* Switch pkparse to use new mbedtls_pkcs12_pbe_ext function
* Switch pkparse to use new mbedtls_pkcs5_pbes2_ext function
* Reinstate more robust return value handling
* rename dont_ignore to in_padding
* Move declaration for robustness against future edits
* Use more meaningful variable name in mbedtls_rsa_rsaes_oaep_decrypt
* Correct use of mbedtls_ct_mpi_uint_if_else_0
* Fix typo in variable declaration
* Work around a race condition in parallel builds
* Simplify unnecessarily complex error code handling
* Fix documentation of error codes
* Improve comments on key formats
* Improve return code
* Use properly typed versions of mbedtls_ct_xxx_if
* Add mbedtls_ct_bool_if and mbedtls_ct_bool_if_else_0
* Fix MSVC type complaint
* Fix error in handling of return value from mbedtls_nist_kw_unwrap
* code style
* Fix error in handling of return value from mbedtls_nist_kw_unwrap
* Simplify add_zeros_padding
* Use CT interface in get_zeros_padding
* Rename mbedtls_ct_bool_xor to mbedtls_ct_bool_ne
* Use CT interface in get_one_and_zeros_padding
* use CT interface in add_zeros_and_len_padding()
* Use CT interface in get_pkcs_padding
* Use const-time interface throughout mbedtls_rsa_rsaes_oaep_decrypt
* Make TEST_CALLOC_NONNULL more robust
* Simplify mbedtls_ct_memcmp_partial test
* Add docs for mbedtls_ct_memcmp_partial test
* Use exact bounds for allocations in mbedtls_ct_memcmp_partial test
* Introduce TEST_CALLOC_NONNULL
* Remove expected param from mbedtls_ct_memcmp_partial test
* Make padlen check const-time
* Simplify mbedtls_ct_memcmp_partial
* Add correct dependency to DES3 test
* Use mbedtls_ct_memcmp in mbedtls_rsa_rsaes_oaep_decrypt
* Improve const-timeness of mbedtls_nist_kw_unwrap
* Add tests for mbedtls_ct_memcmp_partial
* Add mbedtls_ct_memcmp_partial
* Eliminate duplicate ct memcmp
* mbedtls_ssl_decrypt_buf(): fix buffer overread with stream cipher
* Test mbedtls_ssl_decrypt_buf(): stream cipher, negative cases
* Adjust cipher tests to new requirement of specifying padding mode
* Refactoring: create mbedtls_test_ssl_prepare_record_mac()
* Add missing cleanup
* Refactoring: prepare to create mbedtls_test_ssl_prepare_record_mac()
* Move testing of mbedtls_ssl_decrypt_buf to a new test suite
* Add clarifying comment
* Fix preset shared between 1.2 and 1.3
* Improve a comment
* Remove extra copies of a block of comment/define
* Fix some issues in comments
* Fix issue #8215 : add missing requires documentation in mbedtls_config.h
* code style
* Fix poorly named function
* Remove unneeded setting of ret from ssl programs
* Adding changelog for log level message fix
* Reduce line size in new pkcs function changelog
* code style
* Fix some clang-18 warnings
* Move MBEDTLS_SSL_MAX_EARLY_DATA_SIZE to the correct section
* MBEDTLS_SSL_MAX_EARLY_DATA_SIZE: default value should be commented out in config
* cipher_wrap: remove 192- and 256-bit for AES_ONLY_128_BIT_KEY_LENGTH
* Fixes log level for got supported group message
* Improve statement in driver-only-builds.md
* Add a changelog entry for p256-m
* Reflect the fact p256-m has been integrated into Mbed TLS
* Modify changelog entry to add pkcs12 pbe functions
* Update p256-m to state that it's ready for production
* Improve use of ct interface in mbedtls_ssl_decrypt_buf
* More spelling corrections
* Update spelling "mbed TLS" to "Mbed TLS"
* Allow "Mbed TLS" as the project name in Doxygen
* Remove double blank line in x509_create.c
* Remove magic number in x509.c
* Update CMake minimum version(s) to match main CMakeLists.txt
* Add changelog entry for checking set_padding() before cipher_finish()
* Use the correct variable when tracking padding length
* Return back to modifying input parameters in pkcs12_parse_pbe_params
* Check set_padding has been called in mbedtls_cipher_finish
* Avoid implementation defined behaviour
* Prevent potential use of uninitialised data in pkcs7 tests
* Fix test under memsan
* Test INT_MAX rather than UINT_MAX
* Update comment, and replace bit-twiddling with #error
* code style
* Use macros for sizes in p256-m driver
* Add comment to p256-m driver JSON file
* Update list of ignored tests
* Move common things to common function
* Fix INVALID vs NOT_SUPPORTED issue in test suite
* Improve error codes in p256-m driver
* Disable ECP_C in component with p256-m driver
* Add JSON file for p256-m driver
* Add export_public_key entry point to p256-m driver
* Add import_key entry point to p256-m driver
* Add key management utilities to p256-m
* Ensure mbedtls_ct_memcpy behaves correctly with 16-bit int
* Add single-bit difference tests
* Fix type error
* Fix type-conversion error
* Eliminate duplicate of mbedtls_asn1_find_named_data
* Tidy up mbedtls_asn1_write_len
* Refactor out some common code
* code style
* Reduce code size in mbedtls_asn1_write_len
* Ensure all md_<hash>_finish functions perform zeroization
* Remove always-false null pointer check in sha3.c that Coverity complains about
* Reinforce warning about a significant comment
* Move comment to its intended location
* Fix `prepare_release.sh -u` with CMakeLists.txt
* Mark y as modified in x86 asm for mbedtls_ct_uint_lt
* Eliminate a redundant not from x86 asm
* Make variable name consistent in x86_64 asm
* Better register allocation for x86_64 asm
* Remove not-needed mov in x86_64 asm
* Add new mbedtls_pkcs12_pbe_ext function to replace old function
* In releases, turn off GEN_FILES in Makefile and CMakeLists.txt
* Prepare to generalize the script to do more than .gitignore
* Allow turning off re-generation of files with make
* Fix code style
* Fix bug with checking max dn length with hexpairs
* Move conditionals to keep doxygen with function
* Add missing hyphen
* Improve changelog
* wip
* Add reference to x86 asm
* Changelog
* Fix generate_query_config.pl usage
* Fix query_config.c generation with CMake build system
* Add correct dependencies to pkcs12 tests
* Fix identation error in pkcs12 tests
* Fix incorrect test dependencies in pkwrite tests
* Change pkcs12 test comparison macro to the new macro
* Modernize documentation of MBEDTLS_PLATFORM_ZEROIZE_ALT
* Change pkcs12 test allocation macros to the new macros
* PSA config: Add comment about HKDF
* pkwrite: Fix defined but not used warning
* Use the zeroize function from Mbed TLS
* Improve sanity checking of MBEDTLS_HAVE_INTxx
* Update bignum_core.c
* Comment out default definition
* Fix unused variable in some TLS 1.3 builds
* Fix some TLS 1.3 settings that were required in mbedtls_config.h
* TLS 1.3 support is mostly complete
* Fix boolean options in the wrong section
* Simplify fixes for unreachable code
* Fix warnings about unreachable code
* Improve pkcs12 pbe tests
* Introduce MBEDTLS_IGNORE_UNREACHABLE_BEGIN
* Improve & test legacy mbedtls_pkcs12_pbe * Prevent pkcs12_pbe encryption when PKCS7 padding has been disabled since this not part of the specs. * Allow decryption when PKCS7 padding is disabled for legacy reasons, However, invalid padding is not checked. * Document new behaviour, known limitations and possible security concerns. * Add tests to check these scenarios. Test data has been generated by the below code using OpenSSL as a reference:
* Set input cost as 1 for psa_key_exercise test
* Rename parse_binary_string function
* Split build_info.h: create and populate mbedtls/config_adjust_ssl.h
* Split build_info.h: create mbedtls/config_adjust_x509.h
* Split build_info.h: create and populate mbedtls/config_adjust_legacy_crypto.h
* Split config_psa.h: create and populate mbedtls/config_adjust_legacy_from_psa.h
* Split config_psa.h: create and populate mbedtls/config_adjust_psa_from_legacy.h
* Split config_psa.h: create and populate mbedtls/config_adjust_psa_superset_legacy.h
* Split config_psa.h: create and populate psa/crypto_adjust_auto_enabled.h
* Split config_psa.h: create and populate psa/crypto_adjust_config_synonyms.h
* Don't include configuration adjustment headers
* all.sh: fix comments
* Add round trip tests for x509 RDNs
* Add asn1 get tag and len to x509 create config
* Add asn1 write tag and len to x509 use c config
* driver-only-builds.md: fix text
* Use quotes include of psa_util_internal.h
* config-wrapper-zeroize-memset.h should be user-config-zeroize-memset.h and not include mbedtls_config.h
* Move the description of MBEDTLS_TEST_DEFINES_ZEROIZE to before its use
* Move zeroize-as-memset into a config file under tests/
* Add a build to all.sh to check mbedtls_platform_zeroize() calls
* Fix incorrect use of mbedtls_platform_zeroize() in tests
* Add the ability to verify mbedtls_platform_zeroize() calls with -Wsizeof-pointer-memaccess
* Update guard for ecp
* Add Everest to threat model
* Add Changelog entry
* Fix typo in pkcs5.c
* Avoid error from old gcc version
* Code style
* Fix gcc compile warnings
* Add more protection to mbedtls_platform_zeroize
* Define all PSA_xxx macros to 1 rather than have them empty, for consistency
* Covert PSA guards to MBEDTLS
* Use MBEDTLS_MD_LIGHT instead of MBEDTLS_MD_C
* Simplify camellia error conversion macros
* Add missing error conversion case
* Remove not-needed #include
* Explain the story about cryptography version requirements
* Call mbedtls_platform_zeroize via mbedtls_sha3_free
* Ensure mbedtls_sha3_finish zeroizes the context
* Regenerate coverity scan token
* Fix code style
* Fix unsafe behaviour in MBEDTLS_ASN1_IS_STRING_TAG
* Refactor parse_attribute_value_string
* Make hexpair_to_int take a char pointer
* Reword and reformat comments
* Add blank lines after variable declarations
* Fix unnecessary header prefixes in tests
* Fix mbedtls_pkcs5_pbes test function failure
* check_test_cases: add a comment to explain idx in walk_compat_sh
* Use '--target' instead of shortened '-t'
* Disable pylint error for non-uppercase names
* Fix use of mbedtls_psa_safer_memcmp in test code
* Add missing import in test_psa_compliance.py
* Fix pylint errors
* Move -B switch into a single argument
* Improve mbedtls_pkcs5_pbes2_ext changelog description
* Improve mbedtls_pkcs5_pbes2_ext function test data
* Fully replace mbedtls_psa_safer_memcmp
* Appease pylint by renaming variables
* Test PSA compliance: Build only the crypto target
* Tidy up reference to Mbed TLS in help message
* Disable p256-m asm on aarch64
* Disable pylint error in CMake command
* Remove or qualify references to Mbed TLS
* Rename 'mbedtls_dir' -> 'root_dir'
* Correctly detect presence of the built library
* Use repo detection functions at start of all.sh
* Separate directory discernment into 2 functions
* Improve directory coverage in PSA repo detection
* Typo fix
* Fix typo in doxygen for mbedtls_ct_memcpy_offset
* Improve docs in mbedtls_mpi_lt_mpi_ct
* Improve docs re duplicate declarations
* Whitespace - tidy up asm and make it more consistent
* Add x86 const-time assembly
* Add x86-64 const-time assembly
* improve various issues
* Rename is_psa_crypto -> in_psa_crypto_repo
* Rename psa_crypto_lib_filename to just crypto_lib_filename
* Parameterize out of source build directory
* Invert logic for repo detection in all.sh
* Tweak test_psa_compliance pylint annotations
* Support psa-crypto repo in psa_storage.py
* Modify test_psa_compliance.py for psa-crypto repo
* Modify build_tree.py for the PSA Crypto repo
* Make all.sh PSA-crypto-friendly
* Correct analyze_outcomes identation
* Announce that #7420 is fixed
* Add Changelog entry for DN changes
* Remove trailing whitespace in data file.
* Add test for rejecting empty AttributeValue
* Refactor previous fix
* Add guard for empty AttributeValue
* replace target arch macros in padlock
* replace aesni target detection macros
* replace arm64 macro and aesce enable flag
* Add target platform detection macros
* Fix code style
* Refactor reading AttributeValue in dn gets
* Prevent output of escaped null characters dn gets
* Rename parse_attribute_value_ber_encoded
* Add return for buffer too small when reading OIDs
* Remove questionable use of macro.
* Add corruption detected return when writing asn1
* Revert "Install cryptography only on linux platform"
* Remove IAR warning fixes to 2.28 from changelog
* Reword IAR changelog for fixing compiler warnings
* Correct analyze_outcomes.py identation
* Remove magic number for null tag
* Remove x509_oid_from_numericoid
* Add catch for alloc error x509_oid_from_numericoid
* Use mbedtls_calloc instead of calloc
* Fix oid memory leak
* Reject null bytes in DER encoded values in DNs
* Fix code style
* Make MBEDTLS_ASN1_IS_STRING_TAG to take signed int
* Amend test in test_suite_x509write
* Reject escaped null hexpairs in DNs
* Add malformatted DER test for string_to_names
* Alter MBEDTLS_ASN1_IS_STRING_TAG macro
* Remove redundant tests in test_suite_x509write
* Add test for non ascii x509 subject name
* Remove duplicate test in test_suite_x509write
* Accept short name/ber encoded data in DNs
* Change error from unknown oid to invalid name
* Add more comprehensive string to name tests
* Add test reject null characters in string to names
* Accept any valid oid in string_to_names
* Write numeric oid directly to buffer
* Remove duplicate '+' in comparison string
* Reword test in test_suite_x509write
* Refactor dn_gets use library function to write tag
* Fix style on left shift operations
* Use MBEDTLS_X509_MAX_DN_NAME_SIZE for buffer size
* Format preprocessor conditionals
* Rename in_tag to in_attr_type
* Fix code style in mbedtls_x509_string_to_names
* Fix Windows x64 build errors with type conversions
* Fix memory leak in alternative code route
* FIx memory leak in x509_attr_descr_from_numericoid;
* Move declaration of variables in dn_gets to top
* Alter conditions on hexstring output dn_gets
* Update x509 test for numericoid/hexstring output
* Fix code style on x509.c and x509_create.c
* Refactor AttributeType in mbedtls_x509_dn_gets
* Add preprocessor config guards
* Parse DER tag mbedtls_x509_string_to_names
* Add mbedtls_x509_dn_gets hexstring output
* Add more tests for RFC 4514
* Implement parse_attribute_value_ber_encoded
* Refactor mbedtls_x509_string_to_names
* Add x509 tests for upper and lowercase hexpairs
* Rewrite nibble_to_hex_digit for readability
* Rename x509_int_to_hexdigit to nibble_to_hex_digit
* Add and update tests for x509write and x509parse
* Escape hexpairs characters RFC 4514
* Escape special characters RFC 4514
* Fix off-by-one error
* Tidy up allow list definition
* Make non-executed tests that are not in the allow list an error
* Fix type annotation
* Remove dead code
* New test suite for the low-level hash interface
* Fix missing operand modifier
* Fixup incorrectly-formatted ChangeLog entry
* Move PSA information and dependency automation into their own module
* Avoid signed right shift UB
* Restore a comment and fix it
* Don't try to include mbedtls/config_*.h
* Remove obsolete header inclusions
* Fix condition to include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
* Move the inclusion of the PSA config file(s) into build_info.h
* Remove spurious extern "C"
* Simplify aarch64 asm for mbedtls_ct_uint_lt
* Move non-function-specific macro outside of function definition
* ssl_ciphersuites: fix typo
* Fix PBKDF2 with empty salt segment on platforms where malloc(0)=NULL
* Rename mbedtls_aesce_has_support macro to satisfy case rules
* Use -1 as uninitialised marker
* Make mbedtls_aesce_has_support more efficient
* Add ChangeLog entry for otherName SAN fixes
* Fix incorrect detection of HardwareModuleName
* Fix: Set type_id in x509_get_other_name()
* Add tests in derive_key for pbkdf2
* Add tests in derive_key_type for pbkdf2
* Add tests in derive_key_export for pbkdf2
* Add tests for derive_key_exercise for pbkdf2
* Move parse_binary_string function to psa_crypto_helpers Add test code for pbkdf2 in psa_exercise_key
* revert padlock from aesni module
* improve readability of error message
* Add missing check
* Modify test description
* Add tests with higher input costs for pbkdf2
* Add changelog entry for new mbedtls_pkcs5_pbe2_ext function
* Remove the workaround for psa_key_agreement_internal
* Improve mbedtls_pkcs5_pbes2_ext function signature comments
* Remove new bignum when not needed
* Fix unused parameters warnings when MBEDTLS_CIPHER_PADDING_PKCS7 is disabled
* Fix heap overflow issue in pkcs5_pbes2 testing functions
* Add new mbedtls_pkcs5_pbe2_ext function
* Fix formatting in changelog
* Add newline at end of changelog
* driver-only-builds: update EC and FFDH sections
* replace padlock_c with padlock_have_code
* improve readability
* Fix style
* Change document to match real status
* Add ChangeLog entry
* remove return-type when runtime detection enabled without plain c
* remove aesni + padlock - plain c tests
* add hardware only check for padlock
* Add via padlock detection macro
* Change the order of runtime detection
* exclude arm64ec mode for aesni
* Reduce code size in ccm
* Adjust struct layout for small size win
* add ifdefs to reduce size of mbedtls_to_psa_error
* add #ifdefs to reduce switch size
* Adjust layout of some stucts
* Reduce code-size to access key slots init flag
* Eliminate redundant version of mbedtls_ct_memcmp
* Use MBEDTLS_GET_UINT16_BE in mbedtls_ecp_tls_read_group_id
* Remove unnecessary const type qualifiers in casts
* Use asm instead of __asm in constant_time.c
* Fix error strings without quotes
* BUILD: Update For IAR support
* disable aesni for componets without cpu modifiers
* fix msvc build fail on i386 target
* Add compiler cflags error message
* fix build fail for via padlock test
* Add aesni test for i386
* enable runtime detection when padlock enabled and plain c disabled
* fix `-Werror=return-type` when runtime detection enabled and plain c disabled
* code_size_compare: handle deleted files and new files properly
* Restore aesni for i386
* Code styling
* Modify derive output test cases and add actual output
* analyze_outcomes: add case for "ECC+FFDH w/o BN"
* test: add accelerated and reference test for ECC+FFDH without BN
* Remove unnecessary include from constant_time.c
* Add EdDSA and XTS to the allow list
* Add a flag for requiring full coverage in coverage tests
* Add allow list for non-executed test cases
* Make naming more consistent
* Fix Changelog
* Changelog
* Fix compile fail for empty enum in cipher_wrap
* code_size_compare: add old text and data section in CSV output
* code_size_compare: add `+` in front of positive values
* code_size_compare: right-align numbers in the comparison result
* logging_util: support to tweak loglevel directed to stderr/stdout
* Fix logical dead code found by Coverity
* Add changelog
* Fix potential corruption of IV for AES CBC
* Fix incorrect size used for zeroization of buffer
* Fix resource leak in test failure case
* Add changelog entry
* Undo a change
* Perf improvement in memcpy_if
* Test CT asm under valgrind
* Fix unified asm syntax issue
* Add aarch32 const-time asm
* Add aarch64 const-time asm
* ssl-opt: remove redundant requirement for RSA_C
* test: use ASAN flags for testing the accelerated TFM configuration
* analyze_outcome: add new check for parity for TFM configuration
* test: update components' descriptions
* test: improve accelerated TFM configuration test and add reference
* p256m: minor fixes to the driver interface
* test: add component testing TFM configuration and P256M driver
* pk: return PK_USE_PSA_EC_DATA to pk.h
* analyze_outcomes: skip tests that depend on BIGNUM_C
* ssl-opt: add RSA_C requirement when RSA encryption is used in certificate
* ssl_tls13: fix guard for FFDH function
* test: enable TLS, key exchances and ssl-opt teting in ecc_no_bignum()
* Add gnu check for aseni assembly code
* mbedtls_mpi_exp_mod: remove spurious copy of the output variable
* pk: fix some comments
* Fix some renames that were missed
* test: solve test disparities for x509[parse/write] suites
* check_config: remove unnecessary BIGNUM_C requirements
* test: enable X509 testing in ecc_no_bignum component
* Fix mbedtls_ct_size_if_else_0 docs
* Improve docs
* Document and test mbedtls_ct_size_if_else_0
* Fix comment typo
* Rename ...if0 to ...else_0
* Rename uint->bool operators to reflect input types
* Reduce the size of the small primes table used by primality testing
* Remove redundant test component
* improve aesni check for x86_64
* pkwrite: fix internal buffer size in pk_write_ec_pubkey()
* improve check config option for i386
* pk: return PK_USE_PSA_EC_DATA to pk.h
* test: use unset-all option in config.py to optimize test code
* test: remove redundant code setting MBEDTLS_PSA_CRYPTO_CONFIG
* pk: move PK_HAVE_ECC_KEYS to build_info.h
* Remove asm check for aarch64 aesce
* pkwrite: add new internal symbol to properly size DER buffer
* pkparse: remove unnecessary header
* test: minor optimizations to ecc_no_bignum components
* test: remove BIGNUM dependencies from pk[parse/write] suites
* analyze_outcomes: skip tests that unavoidably depend on bignum
* test: disable BIGNUM support on the test ecc_no_bignum component
* test: disable FFDH support on the test ecc_no_bignum component
* test: disable RSA support on the test ecc_no_bignum component
* test: adding new components for testing and driver coverage analysis without BN
* debug: remove redundant variable assignments
* code style
* Reduce code size for exp_mod_get_window_size
* Remove redundant code in mbedtls_mpi_cmp_abs
* Use __builtin_ctz to count trailing zeros
* Generate smaller code for picking a sign value
* Fix copypasta
* Minor readability improvement
* More unsigned literal in size macros
* Add changelog
* replace strings command with grep
* Fix doc
* Remove "export_key" from transparent driver json
* Adjust presence of warning/link.
* improve test
* improve error message and config check for padlock
* test_suite_ecp: Moved curve bitlenth check after quasi reduction.
* test_suite_ecp: Fixed curve bit-length.
* Improve doc on special use of A in ecp group structure
* Added a note about new primitives for secure destruction
* Elaborate on psa_destroy_key requirements
* Update w.r.t. test macro name changes from #6253
* Add link to examples in relevant places
* Fix error in the guide to drivers
* remove unnecessary definition
* Add negative test for aesni only
* Remove trailing whitespace
* Put both gitignore modifications in one script
* Update links to Rijndael paper and NIST SP 800-90 DRBGs
* Remove unnecessary name check tag
* improve platform relative check
* remove padlock only mode
* fix unreachable code warnings
* Add aesce test string filter
* Add via padlock build test
* Add aesce build test
* Improve mbedtls_pkcs5_pbes2 function signature comments
* Remove trailing whitespace
* Add aesni only test
* Add MBEDTLS_AES_USE_HADWARE_ONLY for test_aesni
* Run aes tests only for test_aesni
* Remove test_aes_*
* ssl-opt: don't assume TLS 1.3 usage for external tool that don't have support
* tls: fix guards for ECDSA support
* tls: add new symbol for generic TLS 1.2 and 1.3 support
* Change tests to work on different MBEDTLS_RSA_GEN_KEY_MIN_BITS configs
* psa_is_key_slot_occupied: change to using the key identifier
* Clarify changelog not needed for compiler warnings
* Remove test vector
* De-duplicate ecp.c
* improve document about hardware only
* Improve error message and documents
* Mention the crash risk without runtime detection
* Fix code-style too-long line fail
* move accelerator checks to `aes.c`
* add changelog entry
* fix various issues
* Rename plain c option and update comments
* fix wrong checks
* Rename HAS_NO_PLAIN_C to DONT_USE_SOFTWARE_CRYPTO
* Update comments
* Add check for no aes implementation provided
* Rename plain c disable option
* Add std output information for AESCE in gcm
* Add accelerator only tests.
* Add option to disable built-in aes implementation.
* Fix missing check in mbedtls_ecp_read_key
* Move variant test to ecp_curves
* test: add new components for testing without ECDHE-ECDSA and TLS13
* crypto_config_profile_medium: add comment for new KEY_PAIR symbols
* tls: replace ECDSA_C and PK_CAN_ECDSA_SOME with key exchange related ones
* ssl_ciphersuites: adding new internal helper symbols
* Rename ADD_SUB_DEFAULT to ADD_SUB_DATA
* Use ADD_SUB_DEFAULT as test input for bignum tests
* Add default test cases for add/subtract in bignum
* Fix a few unchecked value issue
* Fix comment typo
* Tidy-up: move GCC warning fix to constant_time_impl.h
* Improve variable name in mbedtls_mpi_lt_mpi_ct
* Use mbedtls_zeroize_and_free() in psa_remove_key_data_from_memory()
* Sort full config exceptions in config.py
* Improve wording of MBEDTLS_ECP_WITH_MPI_UINT doc
* Update default variable values for compilers
* Fix test dependency
* Revert to not enabling asm under Memsan
* Revert "Move constant_flow.h into the main library"
* Revert "Fix doxygen error"
* Fix full config in config.py
* Add PSA_HAVE_SOFT_PBKDF2 to crypto_driver_context_key_derivation
* test: use only rev-parse for getting the current branch
* test: add GIT alternative commands for older GIT versions
* Fix doxygen error
* Move constant_flow.h into the main library
* Revert to old design for mbedtls_ct_memmove_left
* Make const-time test not depend on internal knowledge of mbedtls_ct_condition_t
* Improve docs for mbedtls_ct_memcmp
* Remove GCC redundant-decls workaround for mbedtls_ct_memcmp
* Fix docs grammar
* Clarify docs for mbedtls_ct_memcpy_if
* Improve docs for mbedtls_ct_compiler_opaque
* Improve comments in mbedtls_mpi_lt_mpi_ct
* Clarify comments in mbedtls_ct_memcpy_if
* Improve docs for mbedtls_mpi_core_cond_assign
* Move MBEDTLS_ECP_WITH_MPI_UINT to mbedtls_config.h
* crypto_sizes: use PSA_WANT_ALG for MAX signatures and key agreement sizes
* test: properly size output buffer in key_agreement_fail()
* Revert "crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE"
* Use config.py in all new bignum tests
* Fix new bignum tests
* Fix fast quasi-reduction modulo value of p192K1 in comments
* ecp_mod_p448 has been moved to ecp_mod_p_generic_raw, remove here
* Fix the type cast(size_t to unsigned short) warning
* Free P and N of the group cause they are dynamic allocated
* Declare mbedtls_ecp_fix_negative() always static to fix check_name failures
* Use new ECP_LIGHT symbol in ecp_curves.c
* Fix use of sizeof without brackets in ecp_curves.c
* Make ecp_mode_xxx functions depend on the new macro
* Revert ecp_curves.c to commit 449bd83 to save code size
* code style
* Fix asm Memsan workaround
* fix check for no-longer-used macro
* Use variables for selecting compilers
* Fix error in test vectors
* Use compgen to gather components in all.sh
* code style
* Enable testing of asm under Memsan
* Remove test_clang_opt check
* test: check exported length against proper MAX_SIZE
* Improve mbedtls_ct_memmove_left w.r.t. const-flow tests
* tls: fix definition of symbol KEY_EXCHANGE_SOME_XXDH_PSA_ANY
* Fix false-positive non-const-time errors in test
* crypto_sizes: check also if DH is enabled for PSA_SIGNATURE_MAX_SIZE
* debug: improve debug_print_psa_ec() as not to depend on bignum
* debug: use proper guard for PK_DEBUG_MPI items
* code_size_compare: add option '--show-all'
* code_size_compare: use '.md' suffix if '--markdown' enabled
* code_size_compare: track removed object as well
* Fix dependencies for pbkdf2 cmac
* Add ifdef for hmac and cmac set password
* crypto_sizes: change initial MAX_SIZE value to 1
* crypto_sizes: fix typo
* whitespace fix
* pylint tidy-up
* Make code_style.py -s default to -s=development
* Make code_style.py -s more precise
* crypto_sizes: size PSA max symbols according to actual support
* Add test cases for 16 byte and empty password
* Add issue link instead of issue number
* Add ifdef for hmac and cmac specific functions
* Replace AES_CMAC_128_PRF_OUTPUT_SIZE with PSA_MAC_LENGTH()
* Define PSA_ALG_IS_PBKDF2
* Replace MBEDTLS_PSA_BUILTIN_PBKDF2_XXX with PSA_HAVE_SOFT_PBKDF2
* Add PSA_HAVE_SOFT_PBKDF2
* Change config_psa.h PBKDF2_CMAC dependencies
* Add OID tests for HMAC-xxx
* Improve naming of mimimum RSA key size generation configurations
* Add OID for HMAC-RIPEMD160
* Add OIDs for HMAC-SHA3
* Fix pre-existing missing closing #endif comment
* Fix missing opening brace in comments
* Fix code style
* MBEDTLS_PSA_CRYPTO_CONFIG is ready for production
* Replace TEST_ASSERT("message" == 0) with TEST_FAIL
* code style
* Strengthen psa_mac_verify testing
* Use psa_mac_compare in tests; add some HMAC edge-cases
* Adapt tests to work on all possible minimum RSA key sizes
* Add a minimum rsa key size config to psa config
* Enforce minimum key size when generating RSA key size
* Fix overly specific description in public doc
* rsa_signature: Use heap memory to allocate DER encoded RSA private key
* crypto_legacy: fix initial comment
* generate_psa_tests: remove checks for DH's LEGACY symbols
* changelog: fix errors/typos
* ChangeLog: improving descriptions of KEY_PAIR changes
* test: accelerate all KEY_PAIR symbols in accel FFDH component
* psa: replace DH_KEY_PAIR_LEGACY with new symbols
* code_size_compare: change format for comparison result
* code_size_compare: remove column of percentage for code size change
* PSA_CRYPTO_DRIVER_TEST_ALL is incompatible with MBEDTLS_PSA_CRYPTO_CONFIG
* Add PSA HMAC MD5 test
* Add HMAC tests for other digest algorithms
* Add HMAC test-cases for SHA3
* Don't call psa_crypto_init with uninitialized local contexts (entropy)
* Fix warnings from clang-16
* Update test scripts to use latest/earliest compilers
* Add 32bit test component for ecp with new bignum interface
* Update CONTRIBUTING.md
* Have a single source of truth for licensing information
* Clarify in README.md that 'the project' is Mbed TLS
* code_size_compare: detect architecture of x86_32 properly
* code_size_compare: make sure _remove_worktree executed
* code_size_compare: check --record-dir properly
* Fix KeyType.can_do() for DH+FFDH
* Fix dependencies for DH (and RSA) key pairs
* Shorten DH_FAMILY just like ECC_FAMILY
* Enable DH in generate_psa_tests.py
* code_size_compare: remove unnecessary -r in cp command
* code_size_compare: simplify some code for python dictionary
* logging_util: rename argument
* code_size_compare: use `current` as default new Git revision
* code_size_compare: left align file names in markdown table
* code_size_compare: print prompt message under correct condition
* code_size_compare: set log level as ERROR in option --stdout
* code_size_compare: direct error message by logger.error
* Add PSA SHA3 tests for hash_verify and multipart
* Protect macro parameter expansion with parentheses
* Use a macro for mbedtls_mpi_zeroize_and_free()
* Remove remaining redundant casts
* Remove redundant casts
* test: remove GENPRIME dependency when RSA_KEY_PAIR_GENERATE
* psa_crypto_rsa: fix guards for importing the key
* tls12: check buffer size before memcpy-ing data into it
* tls: use TLS 1.3 guards in ssl_tls13 modules
* tls: fix a comment a rename a variable/symbol
* debug: keep ECDH_C guard for debug printf accessing ecdh_context's items
* tls: use TLS 1.2 macros in ssl_tls12_server.c
* code_size_compare: add comments to make code more readable
* code_size_compare: round percentage to an integer value
* Fix CI errors related pkcs5_pbe changes
* code_size_compare: print 'None' if comparing size for a new file
* code_size_compare: add extra indication if print to sys.stdout
* code_size_compare: simplify how to generate file name of code size
* code_size_compare: simplify CodeSizeGeneratorWithSize
* code_size_compare: make CodeSizeBuildInfo more flexible
* code_size_compare: replace SimpleNameSpace to a clearer data struct
* code_size_compare: clean up comments
* code_size_compare: clean up code to make it more readable
* code_size_compare: add logging module and tweak prompt message
* Fix server1.crt.der in makefile
* code_size_compare: add option --stdout to show result in sys.stdout
* code_size_compare: add --markdown to show result in a markdown table
* code_size_compare: generate text,data as comparison result
* code_size_compare: support to measure code size with multiple tools
* code_size_compare: introduce SimpleNamespace to store info
* code_size_compare: simplify methods in CodeSizeComparison
* code_size_compare: add CodeSizeCalculator to calculate code size
* code_size_compare: add a base class as CodeSizeGenerator
* code_size_compare: add a parser to generate code size with size tool
* Remove trailing backslash
* Simplify the logic in a test
* Fix some dependencies on symmetric crypto in some TLS 1.3 tests
* Fix PBKDF2 with empty salt on platforms where malloc(0)=NULL
* Make sure that size constants are unsigned
* Correct some msg messages in full config
* Simplify msg messages in full config
* When subtracting classic symbols from full, turn off PSA_CRYPTO_CONFIG
* Enable MBEDTLS_PSA_CRYPTO_CONFIG in "config.py full"
* Make malloc-0-null a user config file
* Fix inconsistencies in no-chachapoly test
* Fix typo in function name
* Remove comments that duplicate the 'msg' call just below
* Remove duplicated component
* For tests, rename TEST_BUFFERS_EQUAL() to TEST_MEMORY_COMPARE()
* Rename the length argument to TEST_CALLOC() to be the more accurate item_count
* For tests, rename TEST_CALLOC_OR_FAIL() to just TEST_CALLOC()
* Align ECP_MPI_INIT with mbedtls_mpi struct order in ecp_new.c
* Rework the clone of ecp_curves.c
* Enable build of ecp_curves_new.c
* Clone the ecp_curve.c file as ecp_curve_new.c
* For tests, rename ASSERT_ALLOC_WEAK() to TEST_CALLOC_OR_SKIP()
* Fix copypasta in function documentation
* For tests, rename ASSERT_ALLOC() to TEST_CALLOC_OR_FAIL()
* For tests, rename ASSERT_COMPARE() to TEST_BUFFERS_EQUAL()
* all.sh: Use consistently CONFIG_TEST_DRIVER_H
* all.sh: Use consistently CRYPTO_CONFIG_H
* all.sh: Use consistently CONFIG_H
* Fix PSA crypto configuration file name
* Robustness fix to MBEDTLS_LIKELY
* Improve & test legacy mbedtls_pkcs5_pbe2
* Use defined macros for MBEDTLS_MPI_UINT_MAX
* Internal function mbedtls_mpi_zeroize() can be mbedtls_mpi_zeroize_and_free()
* Better wording around passing NULL to mbedtls_zeroize_and_free()
* Use correct asm keyword for IAR compilers
* Explain why we check 65535 (not USHORT_MAX)
* Align ECP_MPI_INIT parameter order with mbedtls_mpi struct order
* Rename ASSERT_FALSE to TEST_FAIL
* Add ASSERT_FALSE macro for tests
* Misc wording fixes and improvements
* Fix IAR trying to use memset_s in platform_util
* Add cast in test macros.h
* Add cast in psa_crypto
* Move declarations in psa_crypto to top
* Make consistent suffix MBEDTLS_MPI_UINT_MAX
* Change MBEDTLS_MPI_UINT_MAX suffix
* Remove trailing whitespace bignum_core
* Provide and use internal function mbedtls_zeroize_and_free()
* Add enum type casts in lmots.c and lms.c
* Add enum casts in ssl_helpers.c
* Add type casts in rsa.c
* Add type casts in psa_exercise_key
* Add type casts in ssl library
* Refactor preprocessing for arm none
* Move declarations to top in ssl_helpers.c
* Move declaration in ecp_mod_koblitz to top
* Move declarations in mbedtls_mpi_add_abs to top
* Add change log and non-regression test
* Align guards of Windows specific configuration checks
* tests: Fix header inclusion
* Add dependency of builtin CCM* on builtin cipher
* Fix order of steps in DTLS server example program
* Remove tautology in mbedtls_mpi_core_clz
* Add macros for mpi uint max sizes
* Ensure constant values not known to compiler
* Fix gcc warnings when -Wredundant-decls set
* Fix comment
* Update test function dependencies
* Fix ecp variant check
* Improve the documentation of MBEDTLS_PLATFORM_MEMORY
* Reduce size of static data in gcm
* Don't force the _WIN32_WINT version
* Don't force the default windows version down
* Don't use FindFirstFileW() before Windows XP
* doxygen: \p commands misuse - review comments
* doxygen: fix parameter name typos and misused \p commands
* doxygen: fix misused \p commands in rsa.h
* doxygen: fix parameter name typos and misused \p commands
* Fix documentation - parameter name mistakes
* doxygen: remove unnecessary description
* Replace cpu modifier flags
* Update compiler versions requirement
* Add error message for old armclang
* update document and error message
* Add guards for arm_neon.h
* Add armclang version requirement for sha512
* fix armclang build fail for sha512.
* fix armclang compile fail
* fix compile fail for armclang
* Updated changelog
* Re-order mbedtls_mpi to save a few extra bytes with clang
* Use designated initializers for mbedtls_mpi
* psa: fix missed LEGACY symbols caused by the rebase
* config_psa: enable KEY_PAIR_GENERATE only when GENPRIME is defined
* Fix MBEDTLS_BSWAP32 on armcc 5
* psa: remove redundant GENPRIME when RSA_KEY_PAIR_GENERATE is defined
* config_psa: enable KEY_PAIR_[IMPORT/EXPORT] as soon as BASIC is enabled
* config_psa: enable GENPRIME when BUILTIN_KEY_TYPE_RSA_KEY_PAIR_GENERATE
* generate_psa_tests: fix automatically generated tests for RSA
* test: replace RSA_KEY_PAIR_LEGACY with proper symbols
* library: replace MBEDTLS_PSA_BUILTIN_KEY_TYPE_RSA_KEY_PAIR_LEGACY
* library: replace PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_LEGACY symbols with proper ones
* Remove getter functions of PAKE if no PAKE algorithms are required
* test: set MBEDTLS_ECP_DP dependency also for Montgomery curves
* test: add more tests for Montgomery's invalid masks
* test: verify that Montgomery keys can be fixed on parsing
* ecp: rearrange code in ecp_read_key()
* test: replace ECP_DP_CURVE25519_ENABLED with PSA_WANT_ECC_MONTGOMERY_255
* test: add proper key requirements in X25519 key parsing tests
* pkparse: always check all private keys on import
* pkparse: parse also Weierstrass private keys using ecp_read_key()
* analyze_outcomes: do not skip test about wrong Montgomery private key
* pkparse: use ecp_read_key() for parsing private key of Montgomery curves
* test: test of Montgomery keys with uncorrect bits whenever PK_HAVE_ECC_KEYS
* Improve wording & fix a typo
* Fix inaccurate information about FFDH
* Adapt names (curves -> groups) in a separately added test case
* tls: use already existing symbols to size the buffer for XXDḦ peer key
* Add a missing guard in cert_req.c
* Add missing resource deallocation in tests
* ssl_test_lib: fix rebase error
* ssl_test_lib: fix variable naming for curve group
* tls: replace numeric values with proper TLS IANA symbols
* ssl_test_lib: simplify function which prints supported curves
* ssl_test_lib: manage FFDH keys the same way as ECC ones
* debug: replace occurence of ECP_LIGHT with PK_HAVE_ECC_KEYS
* tls: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
* programs: add helper functions for supported EC curves
* test: fix message's text
* test: enabled ssl-opt testing in no_ecp_at_all components
* tls: replace ECP_LIGHT occurrencies with PK_HAVE_ECC_KEYS
* test: re-enable TLS and key exchanges in no_ecp_at_all component
* Add changelog entries
* Add test for cache timeout getter
* Add test for endpoint getter
* Add test for hostname getter
* Make endpoint getter parameter a pointer to const
* Add getter access to endpoint field in mbedtls_ssl_config
* Add getter access to hostname field in mbedtls_ssl_context
* ssl_cache: Add getter access to timeout field
* build_info: replace PK_CAN_ECDH with CAN_ECDH and fix comments
* tls: fix guards for legacy ECDH contexts
* ssl_misc: fix guards for PSA data used in XXDH key exchanges
* ssl: keep all helper definitions in ssl_ciphersuites.h
* ssl: improve/fix definitions for internal helpers
* pk: do not duplicate internal symbols for ECDH/ECDSA capabilities
* ssl: update new symbols to include also FFDH
* debug: replace ECDH_C symbol with key exchange one
* tls: replace PK_CAN_ECDH guards with new helpers
* tls: replace ECDH_C guards with new helpers
* ssl: add new helpers for TLS 1.2/1.3 ECDH(E) key exchanges
* Add Changelog for driver-only ECC so far
* Add ChangeLog entry for PK_OPAQUE extensions
* Add documentation on driver-only ECC
* Add docs/driver-only-builds.md
* Add change log
* tls13: server: Fix spurious HRR
* Changelog entry
* Unify csr and crt san writing functions
* Test x509 csr SAN DN and RFC822 generation
* Update comment
* Add ChangeLog entry for CMake config defines
* Support more SAN subtypes in cert_req.c
* Add support for x509 SAN RCF822 and DirectoryName for csr generation
* Fix code style
* Update file permissions
* Add script to manage gitignore anchors
* Add gitignore anchors to denote generated files
* Add dependency MBEDTLS_ECP_NIST_OPTIM for ECP test
* tests/test_suite_pem: Augment DES test cases with AES: PEM
* Link to the guide for writing a driver
* Use minimal include in test_suite_random
* Make the PSA-mbedtls RNG API public
* Fix missing includes
* Rationalize includes in psa_util
* Remove unnecessary (and harmful) include
* Move error functions to internal header
* Move ECC and FFDH macros to internal header
* Remove unused function from psa_util.h
* Use consistent guards for deprecated feature
* Remove unused function in cipher.c
* Make cipher functions static in cipher.c
* Create psa_util_internal.h
* Adapt function name: mbedtls_ssl_tls13_generate_and_write_dh_key_exchange
* parse_groups: curve -> group adaptations
* Provide additional comments for claryfication
* AES: fix mismatch comment in #endif
* Remove value assignment for enum entries
* Test OID lookup for every hash algorithm
* Use only `MBEDTLS_ECP_WITH_MPI_UINT` to switch between the ecp variants
* Add indent
* Add missed intermediate file
* Remove workaround code
* fix python lint fails
* Add commands for `test_certs.h`
* Add test_certs.h generate script
* Move certs/keys data to seperate file
* Fix test dependency
* Fix free before pointers initialised
* Add tests for MBEDTLS_MD_SHA3_xxx_VIA_PSA
* Support MBEDTLS_MD_SHA3_xxx_VIA_PSA
* fix missing include
* Improve testing of md/PSA alg identifier macro conversions
* Add OID tests for SHA-3
* Add SHA-3 cases in mbedtls_md_type_from_psa_alg, mbedtls_md_psa_alg_from_type
* Add OID definitions for SHA3
* Add a new test component to test the new bignum interface with `TEST_HOOKS`
* Fix comment
* Used preferred macro definition check
* Use emptiness-checks rather than DEFINED checks
* Use CONFIG_H variable rather than config file name
* all.sh component to test cmake custom config file
* Pass config file options to mbedtls_test(_helpers)
* Pass MBEDTLS_CONFIG_FILE defines through cmake
* Add msan and asan env variables to .travis.yml
* Disable msan errors on null allocation in all.sh
* Improve doxygen formatting
* Improve comments
* Fix formatting of explanatory commented code
* Cleanup the code
* Improve comment formatting
* Rename variables to more descriptive names
* Fix function name after rebase
* Adapt names: dh -> xxdh
* Adapt names (curves -> groups)
* Adapt functions names for ffdh
* Adapt handshake fields to ffdh
* Use valid size of peerkey buffer (EC vs FF)
* Minor adaptations after ffdh was enabled for tls1.3
* aesce: use correct target attribute when building with clang
* Add ffdh accel vs reference check to analyze_outcomes.py
* Enable TLS1.3 in FFDH alg build with drivers and add reference config(without drivers)
* tls: client: Improve writing of supported_groups ext
* Add changelog entry
* Add max iterations test case for cmac
* Add test case for zero input cost
* Add test cases for key and plain inputs
* FIx name of macro
* Define PSA_ALG_WANT_PBKDF2_AES_CMAC_PRF_128 and fix config
* Add test cases for output validation of pbkdf2 cmac
* Add test cases for input validation of pbkdf2 cmac
* Change mac_size parameter in driver_mac_compute to output length
* Add pbkdf2 cmac to key derivation output_bytes
* Add input password function for pbkdf2 cmac
* Add pbkdf2_cmac to key derivation setup
* Add AES_CMAC_PRF_128 output size macro
* Add builtin pbkdf2 cmac guard for all the pbkdf2 functions
* Define struct for pbkdf2_cmac
* Add define for builtin pbkdf2_cmac
* Rename some local variables
* Fix the command for server9-sha*.crt
* Add target for parse_input/cert_example_multi_nocn.crt
* Fix typo and long line format
* Update crl-rsa-pss-*.pem manually
* upgrade server9-bad-saltlen.crt
* Update server9*.crt
* Add server9-bad-{mgfhash,saltlen}.crt
* Add rules to generate server9*.crt
* Update server1-nospace.crt
* Update v1 crt files
* Update cert_example_multi_nocn.crt
* Add rules to generate cert_example_multi_nocn.crt
* Update server5.[e]ku-*.crt
* Add rules to generate server5.[e]ku-*.crt
* cert_write: Support write any for extended key usage
* Update server2.ku-*.crt
* Add rules to generate server2.ku-*.crt
* Add rule for server2-badsign.crt
* Update test-ca2.ku-*.crt
* Fix the rule for server5-ss-forgeca.crt
* Add the rule and update server6-ss-child.crt
* Update server5-selfsigned.crt
* code_size_compare.py: add comment for sys_arch
* code_size_compare.py: run make clean before build libraries
* tls13: fix guards for PSA error translating function
* Officially require Python 3.8
* Correct Python requirements in releases
* Add a dummy usage of a pointer in tests
* Enable certain documented defines only when generating doxygen
* pk: ignore opaque EC keys in pk_setup when they are not supported
* pk_wrap: fix: always clear buffer holding private key in eckey_check_pair_psa
* Add comments and remove unneeded defines
* pk_wrap: do not support opaque EC keys when !PK_HAVE_ECC_KEYS
* Change spaces to a tab in a makefile recipe
* Add check for the ecp module variants
* Enable testing the cloned ecp module
* Enable build of the new ecp_new.c file
* Clone the ecp.c file as ecp_new.c
* generate_psa_tests: fix docstring for tweak_key_pair_dependency function
* config_psa: enabled EC key derivation support when ECP_C is enabled
* generate_psa_tests: optimize code for key pair dependencies generation
* test: replace all KEY_TYPE_ECC_KEY_PAIR with proper symbols
* lib/test: replace BASIC_IMPORT_EXPORT internal symbol with BASIC,IMPORT,EXPORT
* psa: fix guards for EC key derivation
* test: use proper key pair symbols in accelerated list for EC curve test
* generate_psa_tests: minor fixes
* psa: fix wrong naming for ECC derive symbols in code
* configs: adapt to new symbols
* generate_psa_tests: improve script to handle all generated files
* psa: replace remaining ECC_KEY_PAIR_LEGACY symbols with proper ones
* generate_psa_tests: remove GENPRIME from dependencies of RSA key pair
* generate_psa_tests: improve code for key pairs dependency generation
* generate_psa_tests: fix comments
* test: reset proper guards for ECJPAKE tests
* psa_crypto_ecp: fix wrong comment in #endif
* test: rename function testing EC key generation in driver_wrappers
* psa: fix guards for EC key derivation
* test: remove useless accelerator intialization + minor restyling
* test: use better naming for new components
* library/test: replace LEGACY symbol with BASIC_IMPORT_EXPORT
* config_psa: introduce new internal KEY_PAIR symbol for BASIC+IMPORT+EXPORT
* test: properly handle new KEY_PAIR_yyy symbols in PSA generated test
* test: replace ECC_KEY_PAIR_LEGACY with GENERATE
* library: replace ECC_KEY_PAIR_LEGACY with GENERATE
* test: replace ECC_KEY_PAIR_LEGACY with DERIVE
* library: replace ECC_KEY_PAIR_LEGACY with DERIVE
* test: add new component to test with all KEY_PAIRs enabled but one
* Reduce the size of mbedtls_mpi
* fix fragile way to refer to server1.req.sha256
* Remove options not known to older gcc
* pk_wrap: use PK_HAVE_ECC_KEYS as guard for ecdsa_opaque_check_pair_wrap
* pk_wrap: guard all ECDSA function with MBEDTLS_PK_HAVE_ECC_KEYS
* pk_wrap: minor fixes for guards
* pk_wrap: always fill all the fields of the pk_info structures
* pk: uniform naming of functions and structures in pk/pk_wrap
* pk_wrap: share code for selecting the psa_alg in ECDSA sign
* pk_wrap: minor reorganization for opaque keys
* pk_wrap: add missing labels to #else and #endif
* pk_wrap: optimize eckey_check_pair()
* pk_wrap: name all the fields of the pk_info structs
* pk_wrap: add support for ECDSA verify for opaque keys
* pk_wrap: optimize code for ECDSA verify
* pk_wrap: optimize code for ECDSA sign
* Change build target as Cortex-A32 not supported on CI
* Nicer formatting
* Improve #endif comments
* Improve #endif comments
* Correct #endif comments
* Split armcc tests to separate component
* Correct comments on #endif's
* Add comment
* Test combinations of macros for aes.o
* Make parse_input targets depend on files in parse_input if possible
* Fix malformed directoryName extensions
* fix the command of server5-sha%.crt
* fix wrong dependency file path
* Revert "Extend TF-M build test to test all shipped configs"
* Extend TF-M build test to test all shipped configs
* Fix unused function warning in x509.c
* Change ffdh testing strategy
* fix trailing whitespace
* Changelog
* Add TF-M build test to all.sh
* Actually run MD<->PSA test, and fix it
* Fix description of functions
* test_suite_ecp: Changed to BITS_TO_LIMBS(224) * 2 in `ecp_mod_p_generic_raw`.
* code style
* Fix comment
* More dependency fixes
* Fix unused variable
* Fix unused variable if MBEDTLS_AES_SETKEY_ENC_ALT and MBEDTLS_AES_DECRYPT_ALT set
* Fix unused fn when MBEDTLS_AES_SETKEY_DEC_ALT and MBEDTLS_AES_SETKEY_ENC_ALT set
* Fix unused function when MBEDTLS_AES_SETKEY_ENC_ALT set
* ecp.py: Extended EcpP224K1Raw tests for 32/64 bit architectures.
* bignum_common.py: Added `bits_to_limbs` method.
* test_suite_ecp: Updated ecp_mod_p_generic_raw to use the `BITS_TO_LIMBS` macro.
* Add ChangeLog entry for string_to_names() fix
* Add regression testcase for string_to_names()
* Return an error when no name is parsed
* Docs improvement
* Disable asan errors on null allocation in all.sh
* Move the overallocation test to test suites
* Add an mbedtls_calloc(SIZE_MAX/2, SIZE_MAX/2) test
* Add a description of how mbedtls_calloc is determined
* Add a calloc selftest for more than a page
* Documentation and cosmetic fixes
* Move the calloc buffer initialization test to selftest.c
* Extend mbedtls_calloc and mbedtls_free documentation
* Add a test for calloc zeroization
* Document mbedtls_calloc zeroization
* ecp_curves: Adjusted expected_width inputs to use `BITS_TO_LIMBS` macro.
* Move clarification to a separate note
* aes.c: use uint8_t for local x, y, z in aes_gen_tables to save RAM
* aes.c: use uint8_t for array of pow and log to save RAM
* Replace unnecessary '>=' with '=='
* Add PSA_JPAKE_FINISHED to EXPECTED_{IN,OUT}PUTS()
* Short too long lines
* remove parse input only files from `all_final`
* Replace MBEDTLS_ECDH_C dependency in ssl-opt tests
* fix wrong dependency file path
* Change path for the files only exits in parse_input
* Add explanatory comment
* copy command for parse_input/* when it exists in data_files
* Fix clang warning from -Wasm-operand-widths
* add test case for zero input cost
* Add test and test case for input cost greater than vendor maximum
* test_suite_ecp.data: Added test cases for modulo-1 in coordinate representation.
* bignum_mod_raw: Updated documentation for mpi_mod_raw_mul
* Fix incorrectly named macro
* Fix PSA_HMAC_MAX_HASH_BLOCK_SIZE and PSA_HASH_MAX_SIZE definitions
* Adapt guards in ssl_write_client_hello_body
* Add ssl-opt functions to check openssl with ffdh support and openssl ephemeral key exchange
* Update guards for supported groups
* test: solve disparities in driver coverage analysis for no_ecp_at_all()
* x509: update ECP_LIGHT dependencies to PK_HAVE_ECC_KEYS
* test: enable X509 testing in no_ecp_at_all() components
* Fix test dependencies
* Fix test dependencies
* code style
* Use more standard PSA macro names
* bignum_mod_raw: Fixed a documentation typo.
* test_suite_ecp.data: Limb aligned inputs
* Add PSA SHA-3 tests
* Add support for SHA-3 in PSA
* Handle deleted files correctly
* bignum_mod_raw: Adjusted OPT_RED limb size requirements for mod_raw_mul().
* ecp_curves: Added dataset for SECP224K1 Coordinate Modulus.
* ecp_curves: Fixed modp pointers on `mbedtls_ecp_modulus_setup`.
* Fix empty union when TLS is disabled
* Allow second run for ffdhe8192 ssl-opt tests
* aesce: do not specify an arch version when enabling crypto instructions
* Drop not-used items from the base look-up table
* Improve docs
* More struct re-ordering
* Adjust stuct order for better packing / smaller accessor code size
* Add casts for enums in cipher.c
* Fix direct use of cipher_info->type
* Fix direct reference to cipher_info->key_bitlen
* Fix some compiler type warnings
* Fix accidental mis-named field
* Dependency fixes
* Fix use of enum in a bitfield
* Use fewer bits for block_size
* code style
* Use look-up table for base
* Use fewer bits for iv_size
* Don't directly access iv_size
* Use fewer bits for key_bitlen
* Don't directly access key_bitlen
* Re-order mbedtls_cipher_info_t
* Use bit-fields
* Unify ssl_calc_finished_tls_sha{256,384}
* Unify ssl_calc_verify_sha{256,384}
* Reword the description of mbedtls_net_free()
* Fix extra character in debug string
* Change types in mbedtls_cipher_info_t
* Improve documentation in bn_mul.h
* Add --since option to check files modified since a given commit
* Clean up subprocess invocation in get_src_files
* Simplify directory name comparison in tests
* bignum_mod_raw: Updated documentation for mbedtls_mpi_mod_raw_mul
* test_suite_ecp: Extended `ecp_mul_inv` tests for optimised reduction.
* ecp_mod_raw: Enabled fast reduction.
* Refactor injecting errors in the second round
* Explain the sequence of mbedtls_psa_pake_ calls
* Test extra inputs and outputs at the end of J-PAKE
* Add testing for extra calls during a round
* Remove unnecessary checks in psa_jpake_prologue()
* Remove comment explaining the state machine
* Simplify logic of driver step conversion
* Tweak wording for clarity
* Remove unnecessary initialization of state
* Use memset for initialization
* Add "completed" clarification to struct comments
* Remove redundant structures from previous design
* Rename struct member mode to io_mode
* Rename function_mode to io_mode
* Properly namespace enum values within PSA_JPAKE_
* Change J-PAKE internal state machine
* bignum_mod: Added a typedef for OPT_RED function pointer.
* tls: always zeroize buffer on exit
* tls: keep buffer declaration in a single line
* Work around updating pointers from ILP32
* code style
* Remove redundant checks in constant_time.c
* Fix pointer constraint in bn_mul.h
* code style
* Improve changelog
* Use UINTPTR_MAX not SIZE_MAX
* Be strict about pointer size in mbedtls_get_unaligned_volatile_uint32
* Changelog
* Omit block_size when MD_C is not enabled
* test: remove duplicate PK_HAVE_ECC_KEYS dependency in pkparse suite
* Separate ILP32 and normal-aarch64 code paths
* Remove useless extern declarations and includes
* Docs improvement
* Fix for arm64_32 (aka ILP32) on Clang (attempt 2)
* Fix for arm64_32 (aka ILP32) on Clang
* Fix 32 bit unreachable code build failure
* Fix very high stack usage in SSL debug code
* Add a do-while loop around macros
* Pacify clang15 warnings about empty /retval
* Use DER format for x509 SAN tests
* MD: isolate strings to separate table
* test: ignore compressed points' tests when checking coverage without ECP at all
* pkwrite: fix wrong guard position for pk_get_opaque_ec_family()
* pk/psa: use PSA guard for mbedtls_ecc_group_to_psa() and mbedtls_ecc_group_of_psa()
* psa: move mbedtls_ecc_group_to_psa() from inline function to standard one
* build_info: do not enable ECP_LIGHT when PSA_WANT_ALG_ECDSA
* pk: remove useless internal function
* test: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
* library: replace occurencies of ECP_LIGHT with PK_HAVE_ECC_KEYS
* pk: add new symbol to state that PK has support for EC keys
* test: re-enable PK and RSA in component without ECP/ECP_LIGHT
* x509parse tests: Replace TEST_ASSERT with TEST_EQUAL
* Fix tests?
* Simplify aesni support test
* Fixed AlgorithmIdentifier parameters when used with ECDSA signature algorithm in x509 certificate
* Clarify support_test_aesni
* mbedtls_config: improved description of PK_PARSE_EC_COMPRESSED
* build_info: improved description of ECP_LIGHT auto-enabling symbols
* Improve logic for checking for presence of AESNI code
* Improve logic for checking for presence of AESNI code
* test: remove leftover paragraph in test_psa_crypto_config_accel_ecc_ecp_light_only
* Fix typo
* Fix test error
* fix CI failure
* Fix typo
* code style
* Address test review comments
* Remove not-needed compiler flags
* Add test for plain C path
* Simplify aesni test
* Improve changelog
* Only force O2 when hw acceleration available
* build_info: auto enable PK_PARSE_EC_COMPRESSED when PK_PARSE_C && ECP_C
* test: update depends.py with new dependencies
* test: fix bug for test without bugnum
* build_info: complete list of symbols that auto-enable ECP_LIGHT
* mbedtls_config: add new MBEDTLS_PK_PARSE_EC_COMPRESSED symbol
* pk: let PK_PARSE_EC_EXTENDED auto-enable ECP_LIGHT
* test: remove leftover from past PR development
* test: renaming component testing accelerated EC
* Only enable gcc -Os fix if we have AES hw support
* Improve comment
* Use valid guard for filling group list with EC groups
* Respect -Os for everything except XTS
* ecp_curves: Updated the optimised reduction function pointer.
* bignum_mod: Updated documentation.
* test_suite_ecp: Added `MBEDTLS_ECP_NIST_OPTIM` define guards.
* test_suite_ecp: Updated `ecp_mod_p_generic_raw` for optimised reduction.
* ecp_curves: Updated `mbedtls_ecp_modulus_setup` to use optimised reduction.
* ecp_curves: Updated input argument for `mbedtls_ecp_modulus_setup`.
* bignum_mod: Updated `optred_modulus_setup` to use function input.
* bignum_mod: Added `mbedtls_mpi_opt_red_struct` structure.
* bignum_mod: Fixed code-style
* bignum_mod: Added static `standard_modulus_setup()`.
* bignum_mod: Refactored `mbedtls_mpi_mod_modulus_setup()`
* test_suite_bignum: Removed `test_read_modulus()`.
* binum_mod: Added `mbedtls_mpi_mod_optred_modulus_setup()`.
* Don't use inet_pton() before Windows Vista
* Don't force the default windows version down
* Don't call wincrypt on builds older than Windows XP
* Allow all.sh to override intrinsics vs asm selection
* Test asm and intrinsics from all.sh
* tls: never destroy a priavte key that is not owned/created by TLS module
* config_psa: replace USE symbols with BASIC one for all KEY_PAIRs
* test: run all the test suite in the temporary component and grep outcome file
* test: add a temporary test for checking conversion for new symbols
* config_psa: only KEY_PAIR_USE includes PUBLIC_KEY
* config_psa: always enable PUBLIC_KEY when any KEY_PAIR is enabled
* test_driver_extension: manage public and private keys the same way
* config_psa: fix logic for updating legacy symbols
* config_psa: ECP_C do not enable ECC_KEY_PAIR_DERIVE
* crypto_config_test_driver_extension: remove leftover comment
* psa: move PSA_WANT checks to check_crypto_config
* config_psa: avoid repetitions when including MBEDTLS symbols
* changelog: added entries for explaining changes of this PR
* crypto: move legacy symbols support to a dedicated header file
* config_psa: add missing BUILTIN symbols when ECP_C is defined
* config_psa: fix comment for LEGACY symbols
* config_psa: remove support for PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE
* config_psa: remove GENPRIME from enabled symbols of PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_USE
* config_psa: remove leftover comment on ECC derivation
* psa: fixing psa_crypto_generate_key.generated
* test: fix python script for PSA test generation
* tests: replace deprecated symbols with temporary _LEGACY ones
* library: replace deprecated symbols with temporary _LEGACY ones
* config_psa: replace legacy symbols with new ones
* psa: add support for legacy symbols
* crypto_config: introducing new definitions for PSA_WANT KEY_PAIRs
* tls: optimize code in ssl_get_ecdh_params_from_cert()
* Rename MBEDTLS_OPTIMIZE_ALWAYS
* Improve readability of unrolled AESCE code
* Rename _USE to _BASIC
* code style
* Update changelog
* Use MBEDTLS_OPTIMIZE_ALWAYS for gcm
* Use MBEDTLS_OPTIMIZE_ALWAYS for ccm
* Use MBEDTLS_OPTIMIZE_ALWAYS in aesce
* use MBEDTLS_OPTIMIZE_ALWAYS in AES-XTS
* Use mbedtls_xor_no_simd from cmac and cbc
* Add a non-NEON variant of mbedtls_xor
* Introduce MBEDTLS_OPTIMIZE_ALWAYS
* Introduce MBEDTLS_COMPILER_IS_GCC
* Move mbedtls_ecp_modulus_type out of the public headers
* Add cleanup for intermediate buffer
* Split out mbedtls_ecp_mod_p448_raw()
* Unroll aesce_decrypt_block
* Unroll aesce_encrypt_block
* Add missing ECDH dependencies in ssl-opt tests
* Fix selection of default FFDH group
* Adapt remaining guards to FFDH
* Properly disable ECDH in only (psk) ephemeral ffdh key exchange components
* Rename NUL to null in x509 IP parsing description
* Reword changelog entry
* Add copyright (as agreed with Manuel)
* Fix unintentional config reduction in prev commit
* add return statement
* mbedtls_config.h: add description for CTR_DRBG about AES-128 only
* code style
* fix check-names failure
* Limit number ffdh test cases (ffdhe2048, ffdhe8192)
* Optimise final 2 rounds
* Do not use NEON for AES-CBC on aarch64
* Revert "improve cbc encrypt perf"
* Replace sizeof(mbedtls_mpi_uint) with ciL define
* Shorten encoding of version features
* Changelog entry for the MBEDTLS_CIPHER_BLKSIZE_MAX deprecation
* Officially deprecate MBEDTLS_CIPHER_BLKSIZE_MAX
* Rename MBEDTLS_CIPHER_BLKSIZE_MAX internally
* Replacement for MBEDTLS_CIPHER_BLKSIZE_MAX
* Explicitly document that Camellia and ARIA aren't supported
* Add not-supported test case for ARIA and for other Camellia key sizes
* Test consistency of cipher max-size macros
* Use predefined serial numer in certificates
* Remove PSA_TO_MD_ERR from ssl_tls.c
* Use output block as U_accumulator
* Update PSA_WANT spec for new KEY_PAIR scheme
* Disable MBEDTLS_DHM_C in component_test_tls13_only_psk
* all.sh: use clang for one test of AES_ONLY_128_BIT_KEY_LENGTH
* Add FFDH tests to ssl-opt
* pake: fixed warning for casting between different types
* Fix coding style issue
* More about whether to have the driver key id in the transaction list
* Discuss the cost of a get_key_attributes entry point
* Move corner test case into python framework
* Three round solution
* Add ffdh support yo generate_tls13_compat_tests.py
* Code cleanup #2
* Add missing guards in tls 1.3
* Move an include
* Fix wrong array size calculation in error translation code
* Move the ARRAY_LENGTH definition to common.h
* Add missing ifdefs
* Optimize error translation code size
* Fix ecp test
* Build the docs in realfull config
* Add test components: only PSK ephemeral ffdh, only ephemeral ffdh key exchange
* Code cleanup
* Fix special-case with all curves except one.
* Docs update
* Code style
* Make mbedtls_ct_zero non-static
* Add crypt_and_hash decrypt issue to Changelog
* Remove references to non-existing options
* Make -SE_C part of adjust_config
* Group both configuration steps
* Replace function calls in crypt_and_hash program with locals
* Re-enable MBEDTLS_DHM_C in tls13_only_psk, tls13_only_psk_ephemeral, tls13_only_psk_all
* Improve phrasing
* Changelog for SHA-384 max block size bug
* Fix typo in MBEDTLS_MD_CAN macros
* Use a single fast-path in mbedtls_xor, gains around 1% in benchmarks
* Code style
* Update Changelog
* Fix AES-XTS perf regression
* Fix error: comparison of integers of different signs: 'SOCKET' and 'int'
* x509_parse_time() perf
* Reuse time when verifying certificate chain
* mbedtls_x509_time_gmtime() read struct directly
* mbedtls_x509_time_gmtime() to fill struct w/ time
* mbedtls_x509_time_cmp() perf
* mbedtls_x509_time_cmp() compare mbedtls_x509_time
* Fix crypt_and_hash decrypt issue when used with stream cipher
* Remove unnecessary cast
* Remove the all.sh test for this, since armclang on CI is too old
* Fix armc5-bin-dir and armc6-bin-dir options to all.sh
* Merge the two ARM Compiler 6 - Target ARMv8.2-A - AArch64 builds
* Add an all.sh build test that catches the unterminated pragmas
* Fix "unterminated '#pragma clang attribute push'" in sha256/sha512.c
* Strengthen fall-back for mbedtls_ct_compiler_opaque
* Replace use of MBEDTLS_SHA3_C with MBEDTLS_MD_CAN_SHA3_xxx
* Fix definition of MBEDTLS_MD_MAX_SIZE and MBEDTLS_MD_MAX_BLOCK_SIZE
* Fix failing Ci
* Fix test dependencies
* Edit changelog
* Remove negative tests for input validation
* Use size of buffer for mac_size
* Use multipart mac operation for adding salt and counter
* Make MD<->PSA translation static inline
* Remove guarantee about converting NONE
* Simplify implementation of MD<->PSA translation
* Replace loop zeroise with memset
* Fix missing call to mbedtls_ssl_md_alg_from_hash()
* Change values of md_type enum
* Add comments to 448 optimised reduction
* Add corner case for p448 (A0+A1= full 1 of 448 bits)
* Restore accidentally removed comment
* Replace MBEDTLS_MD_CAN_SHA3 with MBEDTLS_MD_CAN_SHA3_xxx
* Fix error status for PSA RSA-OAEP unknown hash
* Change contract of MD<->PSA conversion
* Add size measurements per library
* Use helper_libtestdriver1_adjust_config more
* Fix some typos
* Fix for big-endian architectures
* Unify ABSORB and ABSORB8 to fix compile error
* Fix test dependency
* Correct minor merge mistakes
* Add HMAC DRBG SHA-3 tests
* Tidy-up
* Remove NULL checks
* Remove reference to SHAKE
* Use MBEDTLS_PRIVATE
* Spell as SHA-3 not SHA3
* Add tests for invalid paramters
* Tidy-up definition of mbedtls_sha3_context
* move mbedtls_sha3_family_functions out of public interface
* Use faster type for state index
* remove not-needed fields from SHA-3 context
* Consume input in 8-byte chunks
* Avoid possible NEON alignment issue
* Revert not-useful changes to AES-CBC decrypt
* improve cbc encrypt perf
* Extend NEON use to 32-bit Arm
* Add tests for xor over large blocks
* Add clangd compilation databases to gitignore
* Add a guard for IP parsing in cert_req app
* Fix param documentation for mbedtls_x509_crt_parse_cn_inet_pton
* Remove references to x509_invasive.h
* Use better IP parsing in x509 programs
* Remove redundant test and add tests: keyid only (without issuer)
* Adapt test (use path instead of bytes) after rebase
* Fix code style
* Further test improvements
* Fix after rebase (remove redundant variables in tests)
* Add more test cases
* Use RSA keys in generated certificates
* Add test for invalid KeyIdentifier tag length + adapt error code
* Use TEST_EQUAL instead of TEST_ASSERT in tests
* Test optional fields in authorityKeyId
* Check values in tests
* Use generated certs in DER format in tests
* Provide makefile rules to generate cerst for authorityKeyId, subjectKeyId tests
* Fix fall through warning
* ssl_client2, ssl_server2: code optimization + guards adaptation
* mbedtls_psa_ffdh_export_public_key: allow bigger output buffer
* Further code optimizations
* Adapt function names
* Combine mbedtls_ssl_tls13_generate_and_write_ecdh/ffdh_key_exchange functions
* Adapt guards, dependencies + optimizations
* Move FFDH helper functions and macros to more suitable locations
* Adapt guards for FFDH
* Replace deprecated functions
* Fix test configs
* Add changelog entry (FFDH in TLS 1.3)
* Compile out length check to silent the compiler warning
* ssl-opt.sh: Add FFDH tests
* Add FFDH support in client2, server2 applications
* Add support for FFDH in TLS 1.3
* Add FFDH definitions and translation functions
* ssl_write_supported_groups_ext(): add support for ffdh keys
* Add the DHE groups to the default list of supported groups
* Use safe snprintf
* Add test for invalid IP length (+use der format in tests)
* Fix parsing of SAN IP (use mbedtls_snprintf, validate buffer length)
* Add separate case for ip address
* Add test to parse ipV4 and ipV6 addresses
* Add support for parsing SAN IP address
* Fix code style
* Add changelog entry
* Add negative cases for pbkdf2 output
* Add RFC tests for pbkdf2 output
* Change derive_input test cases for implemented output_bytes
* Add cost and password steps to derive_output_test function
* Add pbkdf2 function to key_derivation_output_bytes
* Add pbkdf2_generate_block function
* Add additional members to pbkdf2 struct
* Update FFDH component
* Add documentation about libtestdriver1 usage
* all.sh: make libtestdriver1 components more uniform
* all.sh: add helper_libtestdriver1_make_main()
* all.sh: add helper_libtestdriver1_make_drivers()
* all.sh: add helper_libtestdriver1_adjust_config
* Add static check for macros that should be in sync
* Add comment on macros that should be kept in sync
* Remove mbedtls_psa_translate_md().
* Keep MD and PSA max size in sync
* Use PSA-neutral function for availability check
* Fix guard for PSA->MD error conversion
* Fix duplicated definition of a function
* Use function instead of macro for error conversion
* Add total when printing sizes in all.sh
* Add missing include
* Use general framework for PSA status conversion
* Formally deprecate mbedtls_psa_translate_md()
* Use actual function instead of static inline
* Remove hash_info.[ch]
* Use MD<->PSA functions from MD light
* Add MD <-> PSA translation functions to MD light
* Remove unused function
* Replace hash_info macro with MD macro
* Replace hash_info_get_type with MD function
* Add convenience inline function to md.h
* Restore rsa_single_san_uri.crt.der
* Mark all_intermediate as .SECONDARY
* Remove redundant PHONY targets
* Fix long line format
* server5-der*.crt: Simplify the size calculation
* Update cert macros in tests/src/certs.c
* Update crl-ec-sha*.pem, crl.pem, crl_cat_*.pem
* Add rules to generate crl_cat*
* Update server10*.crt
* Update server8*.crt
* Update server7*.crt
* Update pkcs7 files
* Extend the validity period of pkcs7-rsa-sha*.crt to 10 years
* Update test-int-ca*.crt
* Add rules to generate test-int-ca{2,3}.crt
* Update test-ca2_cat-*.crt and test-ca_cat*.crt
* Update server6.crt
* Update test-ca[1|2].crt[.der]
* Clarify when key derivation entry points are mandatory/permitted
* Copyediting
* Generate PEM pub key directly from DER prv key
* pk_internal: minor rearrangement in mbedtls_pk_get_group_id()
* test: add key pair check verification for opaque EC keys
* pk: allow key pair checking for opaque keys
* pk_wrap: add support for key pair check for EC opaque keys
* code_size_compare.py: change prompt message in code size measurement
* code_size_compare: clarify input and return types
* code_size_compare.py: integrate code with CodeSizeBase
* code_size_compare.py: add a CodeSizeBase class
* Comment tidy-up
* Rename MULADDC_PRESERVE_R1 etc to MULADDC_PRESERVE_SCRATCH etc
* Improve docs & check for non-gcc compilers
* Improve changelog
* Add armclang -O0 build test
* Add build tests for Thumb and Thumb2 with clang
* Do not use assembly on Thumb 1 / clang
* Rework the description of key derivation output/verify key
* Note that we may want to rename derive_key
* Probably resolve concern about the input size for derive_key
* Minor copyediting
* Fix bug in calculation of maximum possible bytes
* Allow subidentifiers of size UINT_MAX
* Fix spelling in Changelog
* Remove unnecessary addition to buffer size estimation
* Modify tests in response to review comments.
* Refactor code in cert_write.c
* Fix overflow checks in x509write_crt
* Change the name of the temporary san variable
* Update the descriptions of SANs
* code_size_compare.py: fix make command logic in default config
* Reword description and change NUL to null
* Rename minimum_mem to resized_mem
* Rearrange declarations for readability
* Change behaviour away from NUL-terminated strings
* Cosmetic fixes to doxygen comment
* Remove certain null pointer checks when only MD_LIGHT enabled
* Add docs for mbedtls_ecp_mod_p448()
* pk: minor code fixes
* pk: fix guard position
* test: remove debug echo in component
* pk: optimized/reshape code for writing private key PEM
* pk: optimized/reshape code for writing private key DER
* pk: extend pk_write_ec_private to support opaque keys
* pk: optimize/reshape public key writing
* pk: uniformmize public key writing functions
* pk: add internal helpers for opaque keys
* psa_util: add support for rfc8410's OIDs
* pk_internal: add support for opaque keys for getting EC curve ID
* test: optimizing test_suite_pkwrite code
* Hoist variable declarations to before goto
* Refactor while loop for simplicity
* Improve line spacing after variable declarations
* Reword function description slightly
* Reword ChangeLog entry for consistency
* Revert setting optimization flag(use O2)
* Adapt guards for psa_is_dh_key_size_valid
* Change input cost type to uint64_t and fix max iteration test case
* code_size_compare.py: classify arguments in parser
* code_size_compare.py: add prompt for unsupported arch and config
* Fix invalid commands for ec_x{25519,448}_{prv,pub}.{der,pem}
* Change coding style to fix multi lines into one line
* Key agreement needs an attribute structure for our key
* Note possible issue with derive_key: who should choose the input length?
* State explicitly that cooked key derivation uses the export format
* Clarify sequencing of long inputs
* Rationale on key derivation inputs and buffer ownership
* Key derivation dispatch doesn't depend on the key type
* Copyediting
* Finish test strategy
* Modify tests to suit new behaviour
* Add driver support for DH import key and export public key
* Revert "Handle simple copy import/export before driver dispatch"
* Update server5[-der*|-sha*].crt
* Add rules to generate test-ca2_cat-*.crt
* Add rules to generate server10*.crt
* Add rules to generate server8*.crt
* Add rules to generate server7*.crt
* Add rules to generate server6.crt
* Add rules to generate server5-sha*.crt
* Add server5-der*crt generate command
* Add rules to generate server5[-badsign].crt
* Update server3.crt and server4.crt
* Add rules to generate server4.crt
* Add rules to generate server3.crt
* Fix wrong target names in the Makefile in tests/data_files
* Mark all_intermediate as intermediate files
* change path of mbedtls_x509_crl_parse input data
* change path of mbedtls_x509_csr_parse_file input data
* change path of mbedtls_x509_csr_info input data
* change path of x509_parse_san input data
* change path of x509parse_crt_file input data
* change path of x509_cert_info input data
* change path of mbedtls_x509_crl_info input data
* code_size_compare.py: add armv8-m option for arch
* Add test code for big endian write/read
* Add intermediate variable to represent the bytes of big num
* code_size_compare.py: change default path of armclang
* Create bugfix_iar_typo.txt
* Fix typo in cmake file for IAR
* code style
* Move base64 test interfaces into base64_internal.h
* Remove references to rsa.h and ssl_misc.h from constant_time.c
* Fix RSA perf regression
* Document and test that memcpy_if may have src == dest
* Fix non-opaque use of mbedtls_ct_condition_t
* Improve tests for mbedtls_ct_uchar_in_range_if
* Whitespace etc
* Improve use of compiler_opaque
* Make memmove_left more efficient
* Rename mbedtls_ct_uint_if_new to mbedtls_ct_uint_if
* Remove old interface
* Use new CT interface in mbedtls_ct_memcpy_offset
* Use new CT interface in mbedtls_mpi_safe_cond_swap
* Use new CT interface in mbedtls_mpi_core_random
* Use new CT interface in mbedtls_mpi_core_add_if
* Use new CT interface in mbedtls_mpi_core_lt_ct
* Remove not-needed mbedtls_ct_mpi_uint_cond_assign
* Update mbedtls_mpi_core_uint_le_mpi to new CT interface
* Update mpi_select to use new CT interface
* Update mbedtls_mpi_lt_mpi_ct to new interface
* Update mbedtls_mpi_safe_cond_(assign|swap) part 2
* Update mbedtls_mpi_safe_cond_(assign|swap) to use new CT interface
* Use new CT interface in ssl_msg.c
* Add impl of mbedtls_ct_memcpy_if
* Use new CT interface in ssl_tls12_server.c
* Use new CT interface in rsa.c
* Use new interface in mbedtls_ct_memmove_left
* Remove old interface for mem_move_to_left
* Add impl of mbedtls_ct_zeroize_if
* Remove not-needed compiler_opaque in ct_if
* Improve const-timeness of mbedtls_ct_bool_lt
* Introduce new CT interface (retain old interface)
* tests
* Move some bignum functions out of constant_time module
* Move mbedtls_ct_rsaes_pkcs1_v15_unpadding into rsa.c
* Expose mbedtls_ct_size_gt and mbedtls_ct_mem_move_to_left in ct interface
* Move mbedtls_ct_hmac into ssl_msg.c
* Evolve mbedtls_ct_uchar_in_range_if interface
* Move mbedtls_ct_base64_(enc|dec)_char into base64.c
* Improve ISA detection
* Fix output width of mbedtls_ecp_mod_p448() to 448 bits
* Simplify ifdefs
* Restrict use of r7 in Thumb 1 code
* Don't use r7 in generic codepath
* Update Changelog
* Revert to detecting __GNUCC__ instead of armclang
* code_size_compare.py: add missing aes.o in code size comparison
* code_size_compare.py: add suffix to code size report
* code_size_compare.py: clean up worktree in errors of subprocess
* code_size_compare.py: support measurement of tfm-medium
* code_size_compare.py: add --arch and detection of host arch
* pkwrite: remove unnecessary code duplication
* Improve comments
* Move const result to the first parameter
* Update comments about how to generate mod_read_write data
* Add test data for function ecp_mod_random
* Add test function ecp_mod_random
* Add test data for ecp mod read write
* Add mod test functions for unit read write
* Give options clearer names
* Minor tidy-up
* Write up the transaction/recovery processess
* Add test case for PSA_VENDOR_PBKDF2_MAX_ITERATIONS
* Tidy-up macros and fix guards around option B
* Gate all arm asm on Armv6 or better architecture
* Change output length parameter in pbkdf2_hmac_set_password
* Restructure set salt function
* Correct comment header block
* First draft at fixing the choice of asm
* ecp_curves: Adjusted the expected limb size for `ecp_mod_p255()`.
* pkparse: avoid creating extra copy of the private key
* tls: use pk_get_group_id() instead of directly accessing PK's structure
* Fix Changelog formatting
* pk: minor code fixes/enhancements
* pk: fix key properties when importing private key
* Add build test for armclang / Cortex-M0 / -Os
* Add Changelog
* Disable bignum assembly for certain Arm M-class CPUs
* Fix code style and initialize status
* Design document for storage resilience
* Add tests with direct and key output
* Add HMAC specific function for setting password
* Add PSA_ALG_PBKDF2_HMAC_GET_HASH macro
* Restructure pbkdf2_set_salt function
* Define PSA_VENDOR_PBKDF2_MAX_ITERATIONS
* Change pbkdf2 password to array
* Use functions in alignment.h to get value
* Change assert to equal base one comments
* Fix missed renames from N to X
* pk: improve description for the new priv_id field
* ecp_curves: Adjusted input checking for `ecp_mod_p255`.
* test: add exception in analyze_outcomes.py and fix test for montgomery curves
* pk: fix eckey_check_pair_psa
* test_suite_pkparse: fix failure
* test: minor enhancement for using the new private key format
* tls/x509: minor enhancement for using the new private key format
* pk: improve sign, check_pair and wrap_as_opaque functions with new format
* pk: manage parse and write for the new format
* pk: manage allocate and free space when working with PSA private key
* pk: change location of Montgomery helpers
* pk: move PSA error translation macros to internal header
* ecp_curves: Extended documentation for CURVE25519.
* ecp_curves: Added documentation for mbedtls_ecp_mod_p255_raw
* ecp_curves: Reintroduced input checking for
* ecp_curves: Switched to dynamic memory for
* ecp_curves: Minor refactoring of `mbedtls_ecp_mod_p255_raw()`
* ecp.py: Fixed types for `arguments()` overrides.
* ecp.py: Added tests for `mbedtls_ecp_mod_p255_raw`
* Modify TFM files to allow them to build on baremetal with Mbed TLS and fix code style. Also change the include path of crypto_spe.h in crypto_platform.h to allow the former file to be included in library-only builds.
* Bring over both necessary medium config files (regular and PSA style) from TFM.
* Fix xor fail for large block size
* Add test data "modulus-1" and "modulus-2" for every curve
* Fix AES-CBC for in-place operation
* ecp_curves: Refactored `mbedtls_ecp_mod_p255`.
* fix: correct calling to time function in tls13 client&server
* Add missing AES_C dependency in x509 tests
* Changelog update
* Make AES-CBC more efficient
* Add NEON to mbedtls_xor
* pk: fix a return value and a typo in comment
* pk: add checks for the returned ECC family
* Fix wrong makefile target
* Remove extraneous check in for loop condition
* Update comments how to generate the randoms to make it reproducible
* Prefer intrinsics over asm for AES-NI
* build_info.h: rewrite comment
* Fix the comments of sum in ecp function
* mbedtls/platform.h: Avoid potential macro redefinition warnings.
* pk: fixing and improving comments
* XOR perf improvements
* Generate test data with special seed 2,3,4
* Fix the limb mismatch issue on 32-bit platform
* Compare the libs of two input value and add comments
* Remove useless parameters for ecp_mod_add_sub
* Refine code to align with the styles of ecp_mod_mul_inv
* Add test data for ecp_add_sub
* Add add_sub test data for named moduli curves
* Add add_sub test cases for named moduli curves
* Remove DIY SIZE_MAX definitions
* Both compare the least significant limb 1 and the left limbs 0
* Remove useless parameter iret for ecp mul_inv cases
* Check for overflows when writing x509 SANs
* Enable escaping ';' in cert_write.c SANs
* Add missing RFC822_NAME case to SAN setting
* Remove unnecessary zeroization
* Return an error on an unsupported SubjectAltName
* Fix a code style issue
* Fix temporary IP parsing error
* Update ip_string_to_bytes to cert_req version
* Fix subjectAltName test prerequisites
* Add missing memory deallocation
* Fix a copy-paste typo
* Add braces to a switch case
* Add documentation and a changelog entry
* Add a test for SubjectAltName writing to a certificate
* pk: minor fixes (guards and a wrong assignment)
* Add input parameter length check for the Koblitz reduction
* Add a possibility to write subject alt names in a certificate
* Add a certificate exercising all supported SAN types
* Move mbedtls_x509_san_list to x509.h
* Add documentation
* tests: fixes for using the new public key raw format
* test_suite_debug: fix USE_PSA_INIT/DONE guards in a test
* tls12: use the the raw format for the public key when USE_PSA is enabled
* debug: add support for printing the new EC raw format
* pkwrap: update ECDSA verify and EC pair check to use the new public key
* pk: update pkparse and pkwrite to use the new public key storing solution
* pk: adding a new field to store the public key in raw format
* Convert comments over to X rather than N
* pk: fix typos in description of mbedtls_pk_ec_[ro/rw]
* build_info.h: rewrite comment for inclusion of config_psa.h
* Compare final result with ASSERT_COMPARE
* Check all of the limbs of result
* Re-order the variable orders and rename them
* Refine error check for mbedtls_ecp_modulus_setup
* Remove the useless modulus validaty
* Remove modulus double free
* Add back 255 bit test data for SECP224K1 test cases
* Add comments to the data file for the cureve secp224k1
* Revert to 224bit random data no need leading bit "1"
* Increase bit size to 225 for SECP224K1 test cases
* Add comments about how the mod_inv data is generated
* Update ecp mul_inv test cases
* Change coding styles of white space
* Tidy up ecp mul_inv_test code
* Add ecp test cases for mont mul and inv after named moduli setup
* Add ecp test function for mont mul and inv
* Use valid MD5 dependency for test
* build_info.h: change location of including config_psa.h
* Use const where appropriate
* Group memory allocations earlier
* Convert over to using X, X_limbs
* Convert curve 448 to use ecp core functions
* bignum: Updated documentation for `mbedtls_mpi_shift_l()`
* bignum: Updated `mbedtls_mpi_shift_l` to use the core method.
* Make use of MBEDTLS_STATIC_ASSERT
* Document minimum size for DEBUG_BUF_SIZE
* simplify code
* code style
* make code readable and change var name
* send debug msg if contains '\n'
* Update library/debug.c
* Fix: no newline when debug msg over DEBUG_BUF_SIZE
* Fix comment
* Add `_raw` function to P256K1
* Add `_raw` function to P224K1
* Add `_raw` function to P192K1
* bignum_core.py: Simplified result calculation for `BignumCoreShiftL`
* Fix compilation errors(unused variables, guards)
* Fix copypasta
* mbedtls_x509_crt_free: release authorityCertIssuer sequence
* Add test to cover memory leak in authorityCertIssuer case
* Fix comment
* pk: fix: explicilty set const in casted value in mbedtls_pk_ec_ro
* pk: fix build issues
* pk: align library and tests code to the new internal functions
* pk: make mbedtls_pk_ec internal when !ECP_C
* Minor adjustments after review.
* Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments.
* Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments.
* Ignore *.o everywhere
* Only include psa_pake_setup() and friends if some PAKE algorithms are required
* Fuzz programs: print an error if loading the reproducer fails
* Add test cases to test overflow in the Kobltz reduction
* Update comments
* Add another round in the Koblitz reduction
* all.sh: test AES built-in implementation in AES-128-bit key only
* Set LANGUAGES explicitly in CMakeLists.txt project()
* Add changelog entry (FFDH driver dispatch)
* nist_kw.c: remove non-128-bit data if aes_128bit_only enabled
* Handle simple copy import/export before driver dispatch
* Fix peer vs our key missmatch in ffdh key agreement transparent driver
* Adapt guards in ffdh driver
* Adapt test driver configuration for FFDH
* Add FFDH support for transparent drivers(generate, export public key)
* gcm.c: do not set length for some arrays in selftest
* gcm selftest: remove non-128-bit data if aes_128bit_only enabled
* cmac selftest: add macro for non-128-bit data/test
* aes selftest: determine selftest loop limit in runtime
* bignum_common.py: Addressed minor typos
* Add test component for accelerated FFDH
* Work around Readthedocs command parsing bug
* aes selftest: remove non-128-bit data if aes_128bit_only enabled
* Add partial support for URI SubjectAltNames
* ChangeLog: remove issue number as this is a new feature
* mbedtls_config.h: remove empty * line before closing */ line
* mbedtls_config.h: rewrite comment for AES_ONLY_128_BIT_KEY_LENGTH
* rewrite ChangeLog
* aes.h: rewrite comment for aes round key buf
* generate_psa_tests.py: fix typo
* cert_audit: Fix DER files missed from parsing
* cert_audit: Remove merge_auditdata
* cert_audit: Use dictionary to store parsed AuditData
* cert_audit: Output format improvement
* cert_audit: Calculate identifier for X.509 objects
* cert_audit: Fix bug in check_cryptography_version
* cert_audit: Sort the outputs by not_valid_after date
* cert_audit: Merge audit_data for identical X.509 objects
* cert_audit: Support parsing file with multiple PEMs
* Reword the API token explanation in redirects.yaml
* Use if statement for post_build control flow
* Fix demo scripts for out-of-tree builds
* Fix coding style.
* Install cryptography only on linux platform
* Clean up commented code
* Limit max input cost to 32bit
* Enable empty salt as input for pbkdf2
* Remove redundant code in key_derivation_abort()
* Code optimization
* Use int instead uint in test function arguments
* Fix parsing of KeyIdentifier (tag length error case) + test
* aesce.c: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
* Correct comment about mbedtls error codes
* fix wrong target detection
* Fix input parameter alignment in P256K1 test cases
* Determine special cases in-place in the common Koblitz function
* mbedtls_psa_export_ffdh_public_key: return fixed key size
* pk: improve description for the next opaque ID field
* pkwrite: removing unused/duplicated variables
* Remove `delay milliseconds` test
* pk: use better naming for the new key ID field
* pk: fix library code for using the new opaque key solution
* pk: store opaque key ID directly in the pk_context structure
* add ChangeLog entry
* all.sh: add test for AES-128bit only without MBEDTLS_CTR_DRBG_C
* Auto-enable CTR_DRBG_USE_128_BIT_KEY with AES_ONLY_128_BIT_KEY_LENGTH
* aes.h: add comment for round key buffer in aes context
* Fix code style
* mbedtls_config.h: paraphrase code size saving in comment
* mbedtls_psa_ffdh_generate_key: optimize code and return fixed key size
* mbedtls_config.h: fix issue in grammar
* generate_psa_tests.py: add extra dependencies based on key bit
* Add AES 128-bit key dependency in test_suite_ssl.data
* Add AES 128-bit key dependency in test_suite_psa_crypto.data
* Add AES 128-bit key dependency for tests data
* all.sh: add test for AES_ONLY_128_BIT_KEY_LENGTH
* Add checks if MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH enabled
* AES: adjust AES RAM usage according to config options
* AES: skip 192bit and 256bit key in selftest if 128bit_only enabled
* AES: add macro of MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH
* Minor cosmetic changes
* Update broken link to doxygen homepage
* Remove most of the doxygen mainpage
* bignum_core: Removed input checking for `mbedtls_mpi_core_shift_l`
* Update PR template
* Silence bad "maybe unitialized" warning for ec_grp_id
* Fix unsued variable in mbedtls_pk_write_pubkey_der in certain configurations
* Only use mbedtls_ecc_group_of_psa if defined(MBEDTLS_ECP_LIGHT)
* Fix bug in mbedtls_pk_wrap_as_opaque
* Add pkwrite tests for X25519/X448 DER
* Add derive public test for X25519/X448
* Refactor EC SPKI serialization
* Add comment about version 1 PKCS8 keys not containing a public key
* Read and write X25519 and X448 private keys
* Add FFDH alg to test driver extensions
* Fix failing CI
* Enable FFDH through PSA if it's enabled in the legacy interface
* Use TEST_EQUAL instead of TEST_ASSERT
* Fix cross-platform compilation issue
* Fix parsing of authorityCertSerialNumber (use valid tags)
* mbedtls_pem_write_buffer: Correctly report needed buffer size for all possible line lengths and counts
* Remove unrequired limb size calculation
* Correct max canonical multiplication result
* Fix pastapasta
* typo
* Document a known issue with testing of mbedtls_x509_crt_parse_path
* Improve testing of mbedtls_x509_crt_parse_file
* Make output_byte return not_supported for pbkdf2
* Explicitly exit IPv4 parsing on a fatal error
* Add test cases for pbkdf2 input functions
* Add pbkdf2 to psa_key_derivation_abort
* Enable can_output_key with PSA_KEY_DERIVATION_INPUT_PASSWORD
* Add pbkdf2 input functions to psa_key_derivation_input_internal
* Add input password function for pbkdf2
* add input salt function for pbkdf2
* Add input cost function for pbkdf2
* Add pbkdf2_hmac to is_kdf_alg_supported()
* Add pbkdf2 to ATLEAST_ONE_BUILTIN_KDF definition
* Add pbkdf2 to key_derivation context struct
* Add pbkdf2 struct to crypto_builtin_key_derivation.h
* Add psa_pbkdf2_key_derivation_state_t
* Add builtin PBKDF2_HMAC definition in config_psa.h
* Enable PSA_WANT_ALG_PBKDF2_HMAC in crypto_config.h
* Use mbedtls_ct_uint_if() rather than mbedtls_ct_cond_select_sign()
* Halve size of mbedtls_error_pair_t
* Add post-build step to update redirects
* Add readthedocs-cli to requirements.in
* test: check for exact length of returned pub key
* test: optimize code for pk_write_public_from_private()
* test: use better naming for the newly introduced test function
* pk: fix position for mbedtls_platform_zeroize
* test: fix makefile for ec_pub.[der/pem] generation
* test: fix wrong private key file
* test: add test function for public key derivation starting from private one
* pk: fix: clear buffer holding raw EC private key on exit
* test: align ec_pub public keyfile with its ec_prv.sec1 counterpart
* Add test for parse_binary_string
* Disallow leading zeroes when parsing IPv4 addresses
* MBEDTLS_PSA_INJECT_ENTROPY: ignore seed file
* MBEDTLS_PSA_INJECT_ENTROPY: check the seed file UID
* MBEDTLS_PSA_INJECT_ENTROPY: check the lifecycle of the seed file
* Modernize remove_seed_file()
* Test MBEDTLS_PSA_INJECT_ENTROPY
* MBEDTLS_PSA_INJECT_ENTROPY: Skip incompatible tests
* MBEDTLS_PSA_INJECT_ENTROPY: Make sure the seed file exist when running tests
* Tests: provide necessary functions for MBEDTLS_PSA_INJECT_ENTROPY
* Fix a build error when MBEDTLS_PSA_INJECT_ENTROPY is enabled
* Regroup component that had gotten separated from its close siblings
* Change from Mbed TLS 3.3.0 to 3.4.0 in driver documentation.
* Minor changes to documentation and code comments for clarity
* Add support for building p256-m alongside Mbed TLS with CMake. Also check if p256-m is enabled in the config before including the contents of p256-m.c
* Migrate p256-m_driver_entrypoints.[hc] to new code style
* Minor formatting change to driver wrapper jinja template
* Add warnings to documentation stating that p256-m code may be out of date with upstream, plus other minor grammatical fixes.
* Use psa_generate_random() instead of mbedtls_ctr_dbrg
* Add 3rdparty license information to the README
* Add SPDX license identifiers to driver entry point files
* Add README and license from the p256-m repo
* Remove rand() from p256_generate_random() and move to an implementation based on mbedtls_ctr_drbg
* Add README in p256-m/
* Remove unnecessary no-check-names comments
* Add information for driver points where auto-generation is implemented
* Add example for integrating a driver alongside Mbed TLS for entrypoints where auto-generation of driver wrappers is not implemented yet. Using p256-m as the example driver/software accelerator.
* Rename p256m to p256 for uniform function/macro prefixes
* Start the driver example write-up (p256-m integration)
* Add step-by-step guide for writing and integrating drivers for entry points where auto-generation is not implemented
* Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example.
* mbedtls_psa_ffdh_set_prime_generator: use switch instead if-else
* Fix definition of PSA_RAW_KEY_AGREEMENT_OUTPUT_MAX_SIZE (ECC vs FFDH max)
* Update config files to make PSA FFDH undependent on MBEDTLS_DHM_C
* Add guards for psa_is_dh_key_size_valid
* test: use define for initializing ssl_message_queue struct
* Fix naming: FFDH key -> DH key and fix guard in psa_validate_key_type_and_size_for_key_generation
* test: fix USE_PSA_INIT position in test_suite_ssl
* change binary_string_parser for big-endian input
* Update tests/suites/test_suite_psa_crypto.function
* change binary_string_parser for big-endian input
* Don't explicitly inline mbedtls_mpi_core_clz
* Add tests with INPUT_INTEGER as key_type_arg
* Use key_type_arg for determining input method
* Remove unrelated comment
* mbedtls_test_psa_exported_key_sanity_check: check for length equality for DH keys
* Fix FFDH tests dependencies
* Use import_with_data for testing FFDH invalid key length
* Add function to validate dh key size
* Use PSA_MAX_OF_THREE in PSA_EXPORT_KEY_PAIR_MAX_SIZE
* mbedtls_psa_ffdh_generate_key: Fix random number generation
* Optimize code (if-else format, action on error)
* mbedtls_psa_ffdh_set_prime_generator: check if key size is equal and use sizeof
* Adjust ChangeLog
* Add Curve 448 tests
* Enable curve 448 to be tested
* Make mbedtls_ecdsa_can_do definition unconditional
* Bug Fix: mbedtls_ecdsa_verify_restartable fails with ECDSA_SIGN_ALT
* Fix VS2022 build error
* Adjust code style for pointer types and casts
* typo
* Add test cases with a question mark
* Fix wrong comment
* Explain the format argument expected by the test functions
* Fix typos in test descriptions
* Test the line number returned by parse_test_data
* Remove string hack for mbedtls_mpi_mod_int testing
* Allow more signed integer types in test function arguments
* Support larger integer test arguments: C part
* parse_function_arguments: stricter type parsing
* Support (void) as an argument list of a test function
* parse_function_arguments: extract per-argument function
* parse_function_arguments: make local_vars a list
* Support different types in the parameter store
* Simplify parsing of integers in .datax files
* Exercise string parsing in the test framework
* Simplify string escapes
* Factor get_function_info out of gen_from_test_data
* Add line number to a few error messages
* printf testing: exercise integer parsing in the test framework
* Remove stdint.h substitute for older MSVC
* Remove declarations of the nonstandard function strcasecmp
* Stop supporting non-canonical case in mpi_write_string test data
* bignum_core.py: Add "BignumCoreShiftL()"
* Allocate the right amount of memory
* Remove unused macro
* Ignore carry since it can not be generated
* Fix value in comment
* Ensure input parameter size for Koblitz reduction
* Use core API in `ecp_mod_koblitz()`
* Add ChangeLog entry for string-to-OID parsing
* Limit OIDs to 128 components
* fix clang test fail
* Fix typos, comments, style, optimize macros
* Provide PSA_WANT_KEY_TYPE_FFDH_PUBLIC_KEY configuration
* psa_export_public_key_internal: add missing check for FFDH key type
* Move check of the key type to mbedtls_psa_key_agreement_ffdh
* Add psa_crypto_ffdh to build
* test driver: add support for FFDH key agreement
* Move FFDH layer to separate file
* Add sanity check for FFDH key excercise
* Remove redundant test case (PSA_ALG_FFDH key agreement is now supported)
* Add FFDH key agreement tests
* Add FFDH key generation tests
* Add import/export FFDH key tests
* Adapt import/export test for FFDH
* Adapt size macros for FFDH
* Add key generation for FFDH keys
* Add key agreement for FFDH keys
* Add import/export of FFDH keys
* Adapt config files for FFDH
* authorityCertIssuer and authorityCertSerialNumber MUST both be present or absent
* Add compiler version checks.
* Improve minimum compiler versions document
* README: add section about drivers
* Remove undesirable test
* Remove unnecessary if to save 16 bytes
* Use ASSERT_COMPARE for comapring buffers
* test_suite_ecp: Refactored `ecp_mod_p256k1` to alignt with `ecp_mod_p192k1`
* ecp_curves: Renamed `ecp_mod_p256k1` -> `mbedtls_ecp_mod_p256k1`
* ecp_curves: Added unit-tests for `secp256k1`
* Optimize code (pake role type, freeing buffers)
* bignum_core_test_suite: Added `mpi_core_shift_l()`
* bignum_core: Aligned `xxx_core_shift_l` to `xxx_core_shift_r`
* bignum_core: Extracted mbedtls_mpi_shift_l from prototype
* Add undfined role for ec j-pake
* cert_audit: Reword the options and their descriptions
* cert_audit: Check the version of cryptography
* Add msvc version document
* fix wrong compiler checks
* Revert increase of MEMORY_HEAP_SIZE in ssl_client2
* Fix documentation
* test: update guards also for pkwrite and pkparse
* test: fix max value in test_mx32
* test: minor fix for non-initialized variable
* doc: update use-psa-crypto.md
* test: proper positioning of USE_PSA_INIT + added missing exit labels
* doc: update USE_PSA_CRYPTO description
* test: fix USE_PSA_INIT/DONE for SSL test suite
* test: fix USE_PSA_INIT/DONE for x509 test suite
* test: fix USE_PSA_INIT/DONE for PK test suite
* improve syms.sh script for external dependencies analysis
* test_suite_pkwrite: replace memcpy with memmove
* fix typos
* Use do-while(0) format in macros
* Fix code-style
* fix new line difference in Windows
* Add guards for mbedtls_psa_crypto_free()
* Init PSA in fuzz programs
* Add changelog entry (PSA initialization in sample programs)
* cert_audit: Clarify the abstraction of Auditor
* cert_audit: Add simple parser of suite data file
* Use loop for two passes in the reduction
* Document undefined case. Clarify test code.
* Add link to review guideline fro contributors
* cert_audit: Improve the method to find tests folder
* cert_audit: Add data-files and suite-data-files options
* cert_audit: Enable logging module
* Remove test-case for all-zero
* Further size optimisation
* pk: pass pk_context pointer to wrappers intead of void one
* Change clock source to boottime on linux.
* Remove unnecessary check
* fix msvc fail on embed assembly code
* fix msvc type cast fail.
* Add msvc build for aesce module
* fix grammar issues
* Fix tests
* Change to using an alloc-realloc strategy
* Size/perf optimisation for mbedtls_mpi_core_clz
* Fix code style
* Fix hex_string converter
* Fix input_integer testing
* Init PSA in pkey programs
* Free psa crypto at the end of programs when initialized
* cert_audit: Reuse generate_test_code.FileWrapper
* New implementation for generate_test_code.FileWrapper
* Improve comments about the time_delay test.
* Remove trailing whitespace from ecdsa.c
* Split a complex condition into separate ones
* test_suite_ecp: Refactored `ecp_mod_p224k1` to alignt with `ecp_mod_p192k1`
* ecp_curves: Introduced `mbedtls_ecp_mod_p224k1()`
* ecp_curves: Added unit-tests for `secp224k1`
* Add an IPv4 mapped IPv6 test
* Refactor IPv6 parsing
* test: properly check written PEM buffer len
* test: fix extension in DER test files
* Further refactor IPv4 parsing
* test: fix dependencies in DER and PEM tests
* test: specify input file type through enum
* Add warning to reserve the reason
* test: add Makefile target for the generated DER files
* Update comments and remove delay seconds test
* cert_audit: Code refinement
* test: use proper macros for checks
* cert_audit: Improve documentation
* remove time delay tests
* Update gen_prvkey_mx paras to align with comments and c code
* test: add DER file format for pkwrite tests
* test: add support for DER format in pkwrite tests
* test: memory footprint optimization for pkwrite tests
* Fix code style
* Fix test case dependency
* Add claryfication for PSA_PAKE_INPUT/OUTPUT_MAX_SIZE macros
* test: remove useless ECP_LIGHT guard in psa_exercise_key
* test: add coverage's analysis framework for accel EC algs w/o ECP
* Remove print from mini_client
* Move psa_crypto_init() after other init calls
* fix comments issues
* ecdsa: fix `-missing-prototypes` warning when `MBEDTLS_ECDSA_SIGN_ALT` is defined - In `mbedtls/v3.4.0`, ECDSA restartable sign and verify functions (`ecdsa.c`) were made public. - But the `mbedtls_ecdsa_sign_det_restartable` function prototype was declared in the file `ecdsa.h`, only when `MBEDTLS_ECDSA_SIGN_ALT` is not defined.
* cert_app: init entropy unconditionally
* Init PSA in ssl and x509 programs
* Fix so that PSA_WANT_ALG_DETERMINISTIC_ECDSA implies PSA_HAVE_FULL_ECDSA.
* Code style
* Ensure variables initialised
* More fixes for big-endian
* Rename a variable in ipv4 and ipv6 parsing
* Refactor ipv6 parsing
* Rename ipv6 parsing variables, introduce one new one
* Introduce a test for a sw implementation of inet_pton
* Introduce an additional test for IPV4 parsing
* Replace old macro in test_suite_x509parse
* Improve x509_inet_pton_ipv4 readability
* Tidy-up
* Fix compile error
* Tidy-up
* Test fixes for big-endian
* Remove unneeded limb variables
* Add checks to guarantee positive input parameters
* Add dependency for P192K1 tests
* Fix function declaration
* Use macro guard for function declaration
* Add generated tests for ecp_mod_p192k1
* Add a testable function for ecp_mod_p192k1
* cert_audit: Output line/argument number for *.data files
* cert_audit: Make FILE as positional argument
* Fix derive_ecjpake_to_pms dependency to PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS.
* test_suite_ecp: Removed `MBEDTLS_ECP_DP_SECP_GENERIC_ENABLED` dependency.
* Update links in ecp.c
* Update SEC1 link in ecdsa.c
* Update SEC1 link in ecdh.c
* Updating makefile to document key generation
* Fix PSA AEAD ChaCha20 test dependency.
* test: resolve remaining disparities in test_suite_ssl
* Handle endianness in x509_inet_pton_ipv6()
* use MBEDTLS_PK_CAN_ECDSA_SOME
* use MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
* Add mbedtls_x509_crt_parse_cn_inet_pton() tests
* add IP SAN tests changes per mbedTLS standards
* x509 crt verify local implementation to parse IP
* x509 crt verify SAN iPAddress
* test: revert undesired debug change in ssl-opt
* remove KEY_TYPE_ECC_PUBLIC_KEY unnecessary requirement
* test: include also test_suite_ecp for the coverage analysis
* solve disparities for ECP_LIGHT between ref/accel
* psa: fix ECP guards for key derivation
* pk_wrap: fix guards in eckey_check_pair to only include 1 option at build time
* build_info: fixed comment
* test: fix remaining failures in test due to the ECP_LIGHT symbol
* test: let test_psa_crypto_config_accel_all_ec_algs_use_psa use ECP_LIGHT
* library: add remaining changes for the new ECP_LIGHT symbol
* pk: adapt to new ECP_LIGHT symbol
* ecp: introduce new ECP_LIGHT symbol
* BRANCHES.md: improve wording
* remove PSA_HAVE_FULL_JPAKE symbol
* remove PSA_HAVE_FULL_ECDSA symbol
* remove PSA_HAVE_FULL_ECDH symbol
* cert_audit: Disable pylint error for importing cryptography
* test: fix guards position in test_suite_pk
* test: fix error handling in the new pk_genkey_ec() function
* test: use proper macros for PSA init/done
* ecp: revert changes to ECP module and related tests/programs
* gen_key: limit EC key generation to when USE_PSA is disabled
* pk: add alternate function for keypair generation using PSA
* cert_audit: Fill validity dates in AuditData constructor
* workaround the assert fail with tollerance
* cert_audit: Introduce not-[before|after] option
* try to reproduce random assert fail
* ssh_cache: Add back description of other errors for cache getter
* updating test-ca.key to use AES instead of DES
* Fix the wrong debug _message function to _ret
* Update the todo comment of record size limits
* Update group ext debug message in ssl_tls13_server.c
* Wrap lines in library/ssl_tls13_client.c
* Wrap lines which exceed 80 chars in ssl_tls13_server.c
* Wrap lines which exceed 80 chars in ssl_tls13_client.c
* Wrap lines which exceed 80 chars in ssl_tls13_generic.c
* Improve code styles(line numbers) for tls13_key.c
* Update SEC1 link in ecp.c
* ssl_cache: Error renaming and document improvement
* Fix unused variable warning
* cert_audit: Parse more information from test suite data file
* pkparse: fix return value
* pk: fix return codes' precedence and code style
* Change the format of md.h include comments
* pk_wrap: simplify prototype of eckey_check_pair_psa()
* pkparse: fix guards position
* test: use proper macros for PSA init/done
* pkparse: use proper sizing for buffer
* pkparse: add new function for deriving public key from private using PSA
* pk_wrap: minor code optimizations
* ecp.py: Set test-dependencies as attributes.
* test_suite_ecp: Updated dependency macros for ecp_raw_generic.
* test_suite_ecp: Introduced `ecp_mod_p_generic_raw`
* Test key_derivation_input_integer function
* Add key_derivation_input_integer function
* Remove unnecessary include
* tests: ssl: Restore !MBEDTLS_SSL_PROTO_TLS1_3 dependency
* tls13: srv: Fix comment
* tls12: srv: Use sizeof() instead of constant
* Add downgrade protection mechanism
* Use specific pointer to loop over proposed cipher suites
* ssl-opt.sh: Improve description of server negotiation tests
* Improve and align variable names for supported versions data
* Check for TLS 1.3 version first
* Fix, improve and add comments
* Update TLS 1.3 documentation and add change log
* ssl-opt.sh: Add version selection by the server tests
* ssl-opt.sh: Remove some unnecessary forcing of TLS 1.3
* tls: srv: Set hybrid TLS 1.2/1.3 as default configuration
* tests: ssl: Extend move to handshake state tests
* tls: srv: Allow server hybrid TLS 1.2 and 1.3 configuration
* tls: Add logic in handshake step to enable server version negotiation
* tls: Initialize SSL context tls_version in mbedtls_ssl_setup()
* tls13: srv: Add detection to negotiate TLS 1.2
* tls13: srv: Parse supported versions extension early
* tls13: srv: Postpone cipher suite selection
* tls13: srv: Postpone legacy session id copy
* tls13: srv: Postpone client random copy
* tls13: srv: Move TLS version setting
* tls13: Add function to search for a supported_versions extension
* ssl-opt.sh: Force TLS 1.2 on TLS 1.2 specific tests
* ssl-opt.sh: Force TLS 1.2 version
* ssl-opt.sh: Extend scope of some tests to TLS 1.3
* ssl-opt.sh: Remove unnecessary explicit MBEDTLS_SSL_PROTO_TLS1_2 dep
* ssl-opt.sh: Remove unnecessary TLS 1.3 forcing on client side
* ssl-opt.sh: Remove dummy TLS 1.3 kex modes tests
* tests: ssl: Add some missing dependencies
* tests: ssl: Move min/max TLS version setting to endpoint init
* Add a changelog entry
* cert_audit: Support audit on test suite data files
* cert_audit: Initial script for auditing expiry date
* Add a justification for early md.h include in programs
* Revert to using MBEDTLS_SHA_1_C when mbedtls_sha1 is called directly
* Remove duplicated md.h includes
* bignum: Removed merge scaffolding.
* Fix code style
* Remove redundant memory relase for authorityCertIssuer
* Release memory for subject alt name in test
* Use MBEDTLS_MD_CAN_SHA1 macro as test dependency
* Fix after rebase
* Remove redundant test cases
* Adapt test for authority_key_id (parsing subject alt name)
* Fix parsing of authorityCertIssuer
* Add indication of extension error while parsing authority/subject key id
* x509_get_authority_key_id: add length check + test
* Fix tests dependencies
* Use MBEDTLS_ERROR_ADD() and tag macros
* Remove parsing of rfc822Name
* Remove duplicated function
* Remove generation of authorityKeyId_subjectKeyId.crt from makefile
* Rename back mbedtls_x509_parse_general_name->mbedtls_x509_parse_subject_alt_name
* Fix Subject Key Identifier, Authority Key Identifier entries in oid_x509_ext
* Adapt mbedtls_x509_crt_free after rebase
* Adding some comments for easier understand
* Removing obsolete test after merging and correcting missing macro
* Renaming x509_get_subject_alt_name to x509_get_general_names and mbedtls_x509_parse_subject_alt_name to mbedtls_x509_parse_general_name so they can be used not only to collect subject alt name, but the V3 authority cert issuer that is also GeneralName type. Also updated the x509_get_general_names function to be able to parse rfc822Names
* - Removing obsolete test files (DER strings are used instead of them to minimize resource usage) - Renaming test functions to match the naming conventions
* Correcting tests: - Wrong condition was checked (ref_ret != 0 instead of ref_ret == 0) - tags were not checked (nor lengths) - Using ASSERT_COMPARE where possible
* Correting findings: Using DER format instead of PEM while testing to minimize the resource usage. Comparation of byte arrays in test are now done via the dedicated ASSERT_COMPARE test macro for better understanding
* Correcting documentation issues: - Changelog entry is Feature instead of API Change - Correcting whitespaces around braces - Also adding defensive mechanism to x509_get_subject_key_id to avoid malfunction in case of trailing garbage
* x509parse tests used only last 16 bits of the return values. They are updated to check the whole 32 bit value
* Replacing hard-coded literals with macros of the library in the new x509parse tests
* Adding openssl configuration file and command to Makefile to be able to reproduce the certificate for testing Authority and Subject Key Id fields Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates
* Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId). A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.
* Add missing md.h includes
* ecp: revert changes to ECP module and test suite
* pk_wrap: fix sizing for private key buffer
* Fix memory allocations in pkcs7_verify test
* Fix documentation
* Multplication is simmetric so only generate unique combinations
* fixed guard position for doxygen
* pk: add an alternative function for checking private/public key pairs
* Fix code style issues
* adding missing newline at the end of changelog file
* Update BRANCHES.md
* add Changelog
* test: disable all RSA algs and fix tests
* Whitespace fix
* Test that setting reset actually does something
* Fix cast alignment warning in timing.c
* Fix documentation
* Add generated test for core_mul
* Fix 0 limb size for value 0
* Add unit tests for mbedtls_mpi_core_mul()
* Tidy up, remove MPI_CORE(), apply the naming convention, and use the new mbedtls_mpi_core_mul()
* Extract MPI_CORE(mul) from the prototype
* all.sh: Fix test component name
* Fix documentation
* psa: Introduce PSA crypto core common symbols
* Pacify doxygen.sh
* psa: Introduce psa/build_info.h
* psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option
* psa: include: Move key derivation builtin and driver contexts
* psa: include: Move some Mbed TLS headers
* psa: Remove unnecessary headers
* Clarify LTS lifetime
* Fix a typo
* Fix dependency check for TLS 1.3 ECDH
* Remove unnecessary tabs
* Clarify SAN structure memory management
* Fix rfc822name test arguments
* Add missing information about supported subjectAltName types
* Add missing deallocation of subject alt name
* Move an x509 malformation test
* Add changelog entry for directoryname SAN
* Add a test for a malformed directoryname sequence
* Switch from PEM to DER format for new x509 directoryname test
* Adjust error reporting in x509 SAN parsing
* Introduce a test for a malformed directoryname SAN
* Introduce proper memory management for SANs
* Add the original certificate to be malformed for x509 tests
* Add support for directoryName subjectAltName
* test: remove old component errouneously reintroduced during rebase
* Update documented dependencies on ECC algs
* Use proper log function
* Fix function description
* test: fix/improve comments in all.sh
* Minor improvements
* Update documentation to mention ECC drivers
* test: fix text output
* test: minor refactoring
* test: improve comments and code in newly added helper function
* check_config: add helper symbol for SECP256R1
* test: add a companion test for another curve (x25519) and fix issues
* test: use full config as test starting point and solve issues
* test: use BUILTIN symbols in as weierstrass key derivation guard
* test: disable proper key exchanges while testing accel EC algs
* test: minor fixes to all.sh
* psa: use only PSA_WANT symbols for PSA_VENDOR_ECC_MAX_CURVE_BITS
* test: add legacy dependency for weierstrass key derivation
* psa: set PSA_VENDOR_ECC_MAX_CURVE_BITS based on both SW and accelerated support
* test: add specific test with only accel EC curves and algs
* Remove obsolete ecp_fix_negative function
* tls12_client: remove unnecessary parentheses
* test: fix wrong accelerated SHA1 symbol
* test: simplify comment in test_psa_crypto_config_accel_all_ec_algs_use_psa()
* test: removing test with all accel EC algs without USE_PSA
* test: moving accel ECJPAKE test close to accel ECDH and ECDSA ones
* ssl: remove useless guard
* test: improve comment in the added test
* test: remove unused tasks in analyze_outcomes.py
* test: fix erroneous changes in all.sh
* psa_crypto: fix guard for mbedtls_ecc_group_of_psa()
* test: fix comments in test_psa_crypto_config_accel_ecc()
* test: remove previous tests for accelerated ECDSA/ECDH/ECJPAKE coverage analysis
* ssl_tls: fix guard symbols for EC accelerated tests
* test: add a test with all EC based algs accelerated
* Add _build/ and api/ to gitignore
* Fix comments
* Typo: reorder testing classes
* Add test cases for P256 fast reduction testing
* Add test cases for P384 fast reduction testing
* Typo: reformat numbers
* Clean the breathe-apidoc files with make clean
* Add test cases for P521 fast reduction testing
* Add test cases for P224 fast reduction testing
* Add test cases for P192 fast reduction testing
* Add a second round of carry reduction for P192 fast reduction
* Fix conflict between restricted and development
* Revert "Add generated files"
* ecp_mod_p224_raw: Added `MBEDTLS_ECP_DP_SECP224R1_ENABLED` as a dependency
* Revert "Add exemption for make.bat in checks for tabs"
* Remove make.bat for documentation
* Improve docs Makefile to do full build
* Prevent mpi_mod_write from corrupting the input
* ssl_cache: Add descriptions of returns of cache accessors
* tests/.gitignore: ignore *.o under tests/src/test_helpers
* Fix a typo
* Mention EC J-PAKE opaque passwords.
* Try again to clarify USE_PSA_CRYPTO
* Fix documented dependencies on TLS 1.2
* Add a ChangeLog entry for driver-only hashes
* Use PSA Crypto: try clarifying what it means
* Update psa-limitations.md
* Update psa-migration/strategy.md
* Fix typos
* Fix depends.py failure with correct TLS 1.2 deps
* Disable built-in SHA-256 in accel_hash too
* Fix and simplify TLS hash dependency declarations
* Use helper macros for hashes in check_config.h
* Fix failures in test_suite_random
* Manually fix two remaining instances of old macros
* Fix instances of old feature macros being used
* Fix entropy-related feature macros
* Force SHA-256 for entropy in libtestdriver1
* Test entropy.c with driver-only hashes
* Fix driver_wrappers test
* Use MD-light in entropy.c
* test: improve analyze_outcomes.py script
* Fix signed/unsigned comparison (windows compilation failure)
* Add change log entry (j-pake user/peer accept any values)
* Extend j-pake input getters tests for user and peer
* Remove driver_pake_get_role function
* Adapt pake tests
* Adapt J-PAKE built-in impl to use user/peer
* ecp_curves: Updated ecp_mod_p384_raw documentation
* ssl_tls: fix guard in ssl_misc.h
* ssl_cache: Return standard mbedtls error code
* Update documentation of psa_pake_input
* Add tests case for step with different buffer size
* psa_pake_input: validate buffer size using PSA_PAKE_INPUT_SIZE
* Improve function return value description
* Improve positioning of GENERATE_XML option
* Remove Exhale from requirements and regenerate
* ecp_curves: Re-introduced `mbedtls_ecp_fix_negative()`
* changelog: fix description for ECDH changes
* ssl_tls13: use PSA_WANT_ALG_ECDH as symbol for marking ECDH capability
* added changelog for accelerated ECDH changes
* ssl_tls: fix proper guards for accelerated ECDH
* ssl_tls13: fix guards for accel ECDH
* accelerated ecdh: re-enable TLS 1.3 key exchanges and fix guards in check_config
* fix typo
* ecdh: simplify guards for the newly created PSA_HAVE_FULL_ECDH symbol
* test_suite_ssl: remove redundant dependencies when the key exchange is specified
* ecdhe: solve disparities in accelerated ECDHE vs reference
* ecdhe: fix guards for accelerated ECDHE key exchanges
* test: enable ECDHE key exchanges for driver coverage tests
* EC-JPAKE: remove limitation for user/peer (alow any value)
* EcpP384R1Raw: Added test case for 2nd round of carry reduction.
* ecp_curves: Minor rework for p384
* ecp test generator: Added EcpPp384R1Raw().
* test_suite_ecp: Added ecp_mod_p384_raw() test case.
* Remove now-spurious dependencies
* Enable ECDSA-det in driver-only hashes component
* Enable HMAC-DRBG in driver-only hashes component
* Enable PKCS7 in driver-only hashes component
* Enable HKDF in driver-only hashes test
* ecp_curves: Ported prototypes
* Fix typos & improve wording in comments
* MD: use MD_CAN in test suite and check for parity
* Remove legacy_or_psa.h
* SSL: fix test failures
* SSL: use MD_CAN macros
* X.509: fix test failures
* X.509: use MD_CAN macros
* PK: fix test failures
* PK: use MD_CAN macros
* OID + misc crypto: use MD_CAN and fix failures
* test_suite_psa_crypto: use PSA_WANT
* PKCS5: use MD_CAN macros
* PKCS5: always use MD
* RSA: use MD_CAN macros
* RSA: always use MD light
* PEM: use MD_CAN macros
* PEM: always use MD light
* PKCS12: use MD_CAN macros
* PKCS12: always use MD light
* ECJPAKE: use MD_CAN macros
* ECJPAKE: always use MD light
* Make MD_PSA_INIT/DONE available to all suites
* PSA hash algs must be a superset of built-ins
* MD no longer depends on a built-in hash
* test_suite_ssl: remove redundant ECDH dependencies when the key exchange is specified
* ssl-opt: remove leftover debug commands and fix comment
* ecdh: solve disparities in accelerated ECDH vs reference
* ssl_tls: fix guards for accelerated ECDH
* ssl-opt: solve errors in ECDH reference tests
* test: enable ECDH key exchanges for driver coverage tests
* Add exemption for make.bat in checks for tabs
* Ignore mbedtls macros causing warnings
* Add configuration for Read The Docs
* Add initial API doc configuration
* Tell Doxygen to generate XML
* Add space to appease doxygen bug
* ssl_helpers.c: add mbedtls_test prefix for tweak_tls13_certificate*
* ssl_helpers.c: add mbedtls_test_ssl prefix for *_exchange_data
* ssl_helpers.c: add mbedtls_test prefix for mbedtls_mock_socket_init
* ssl_helpers.c: change prefix and move *queue_peek_info to static
* ssl_helpers.c: change prefix and move *certificate_free to static
* ssl_helpers.c: move some internal functions to static
* ssl_cache: Improve some comments
* ssl_helpers.c: move #define Directive to header file
* ssl_helpers.c: unify code format between source file and header file
* fix win32 ms time fail
* Adjust time delay tests to fix fails
* change the clock source to MONOTONIC
* remove extra spaces
* fix random fails
* Fix llvm error: variables may be used uninitialized
* Add time test with delay
* Update changelog
* compat.sh: return $? in option --list-test-case to handle error case
* check_test_cases.py: do not redirect stderr to stdout
* check_test_cases.py: use check_output to capture error and return
* Fix md test with sha3.
* Add tests for time rountine
* Add change log entry for `mbedtls_ms_time`
* check_test_cases.py: simplify how to store test case description
* compat.sh: uniform TITLE format for --list-test-case and run_client
* compat.sh: fix uncompatiable name of peers in --list-test-case
* ssl-opt.sh: support to parse --outcome-file
* test-framework.md: document compat.sh
* compat.sh: add support to record outcome of test cases
* compat.sh: call record_fail if test case fails
* compat.sh: uniform test description
* check_test_cases.py: support checking test coverage in compat.sh
* compat.sh: add --list-test-case
* Change free'd to freed for consistency
* Correct INT_MAX overflow check to UINT_MAX
* Revert minimal integer requests
* Return seconds when clock_gettime error
* Improve documents about ms_time
* Add negative test cases for OID parsing
* Clarify structure of parsing with comments:
* Remove superfluous sizeof(unsigned char)
* Fixup: Correct signedness of val local variable
* Use return for errors only in oid_parse_number()
* Improve header docs and rename parameter
* Correct error in processing of second component
* Change some error codes to be more accurate
* Add tests for OID parsing from string
* Add function to parse an OID from a string
* Improve readability
* Put *MS_TIME* into together.
* Improve code style
* Add check, if the algorithm supports psa_sign_hash() before running the test.
* Correct style.
* SHA3 cannot be tested alone, as ENTROPY_C needs also SHA256 enabled.
* Style.
* Bad merge. These tests are not used.
* Add std PRI macro for printing milliseconds
* fix comments issues
* Change type of mbedtls_ms_time_t
* Add more comment for mbedtls_ms_time
* Implement ms time with GetSystemTimeAsFile time.
* Pass attributes alongside key buffer
* Fix math character used in text mode
* Fix entry point name
* Key derivation: improve overview of the problem space
* Add milliseconds time function
* Add million seconds time type.
* Remove useless debug log of pk type from test cases
* typo
* Update library/sha3.c
* Add const to move variables to .rodata section
* Update mps_common.h
* Fix naming confusion with opaque key derivation
* New function psa_crypto_driver_key_derivation_get_input_type
* Add guide to implementing new cryptographic mechanisms
* List all markdown files in makefile
* Be more consistent with raw/cooked key derivation terminology
* Fix typos and copypasta
* Fix internal links
* Fix dependency of HMAC-SHA384 tests.
* Add sha3 streaming and reuse tests.
* Add self tests (taken from #1549).
* Fix travis build.
* Adding tests for MD SHA3 (taken from #1549).
* Fix when reusing the same context for another operation.
* Added SHA3 to benchmark.
* Added SHA3 to MD.
* olen parameter shall contain the length of the buffer.
* Remove sha3_alt.h
* Fix when no SHA3 family is found.
* olen = 0 is not allowed for SHA-3.
* SHA-3 does not use SHA3_ALT anymore.
* Aligning spaces
* Add test vectors (from NIST) for SHA-3.
* Add SHA-3 module.
* Use QueryPerformanceCounter as fallback timer on non-x86 mingw
* Clarify backward compatibility requirement
* Write up requirements
* Updated slot->attr and slot->key access
* Rename a function parameter to avoid confusion
* Draft specification for key derivation
* PSA thread safety analysis
* Mon Aug 07 2023 info@paolostivanin.com
- Update to version 3.4.1:
* Update more test dependencies when using test-ca.key
* Update test dependencies when using test-ca.key
* Add _build/ and api/ to gitignore
* Clean the breathe-apidoc files with make clean
* Revert "Add exemption for make.bat in checks for tabs"
* Remove make.bat for documentation
* Improve docs Makefile to do full build
* Improve positioning of GENERATE_XML option
* Remove Exhale from requirements and regenerate
* Add exemption for make.bat in checks for tabs
* Ignore mbedtls macros causing warnings
* Add configuration for Read The Docs
* Add initial API doc configuration
* Tell Doxygen to generate XML
* Add space to appease doxygen bug
* Announce a release for Friday
* Prepare changelog for release
* Bump version to 3.4.1
* Write changelog entry for the test data update
* Update failing unit tests to use the moved data files
* Copy test certificates files from development
* Add changelog entry
* Support compilation using CLang on Windows
* Mon May 29 2023 Arjen de Korte <suse+build@de-korte.org>
- Remove obsolete CMake options as these are not used in 3.0+
(USE_PKCS11_HELPER_LIBRARY, ENABLE_ZLIB_SUPPORT)
- Enable MBEDTLS_THREADING_C and MBEDTLS_THREADING_PTHREAD (boo#1211810)
+ mbedtls-enable-pthread.patch
- Parallel execution of ctest works just fine (no need to limit to
one job)
* Sun May 07 2023 Mariusz Fik <fisiu@opensuse.org>
- Enable THREADING with PTHREAD.
* Fri Apr 28 2023 Martin Pluskal <mpluskal@suse.com>
- Update to version 3.4.0:
* psa_util: fix for correctly computing elements in array
* Add generated files
* Update BRANCHES.md
* Bump library, libcrypto and libx509 versions
* Assemble Changelog for 3.4.0 release
* Add security entry to ChangeLog for AES-NI
* Add security entry to ChangeLog for AES-CE
* Add TLS1.2 Opaque ECJPAKE changelog entry
- Switch to scm service
* Wed Mar 08 2023 Martin Pluskal <mpluskal@suse.com>
- Build AVX2 enabled hwcaps library for x86_64-v3
/usr/lib64/libmbedcrypto.so.16 /usr/lib64/libmbedcrypto.so.3.6.5 /usr/share/licenses/libmbedcrypto16 /usr/share/licenses/libmbedcrypto16/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 7 22:50:00 2026