Log - refs/heads/mbedtls-2.17 - mirror/mbed-tls

84d9d27 Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
353a6f0 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
accc599 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
3acc9b9 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
6b8fbab Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
0056eab Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
b9d4479 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
e682457 Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
b6c5eca Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
13c327d Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
6d1986e Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
a274753 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
7517312 Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
3dad311 Parse and verify peer CRT chain in local variable by Hanno Becker · 6 years ago
177475a Mitigate triple handshake attack by comparing digests only by Hanno Becker · 6 years ago
6bbd94c Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
9198ad1 Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 6 years ago
52055ae Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
c7bd780 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
6863619 Introduce helper function for peer CRT chain verification by Hanno Becker · 6 years ago
fcd9e71 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 6 years ago
28f2fcd Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
7177a88 Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 6 years ago
2148993 Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 6 years ago
6bdfab2 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 6 years ago
7a955a0 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 6 years ago
4a55f63 Introduce helper to check for no-CRT notification from client by Hanno Becker · 6 years ago
a028c5b Introduce CRT counter to CRT chain parsing function by Hanno Becker · 6 years ago
1294a0b Introduce helper function to clear peer CRT from session structure by Hanno Becker · 6 years ago
f852b1c Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 6 years ago
60848e6 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 6 years ago
86016a0 Merge remote-tracking branch 'origin/pr/2338' into development by Jaeden Amero · 6 years ago
461bd3d Merge remote-tracking branch 'origin/pr/2454' into development by Jaeden Amero · 6 years ago
9f47f82 Merge remote-tracking branch 'origin/pr/2391' into development by Jaeden Amero · 6 years ago
3497323 Initialize PSA Crypto operation contexts by Jaeden Amero · 6 years ago
4a63ed4 Implement ClientKeyExchange writing in PSA-based ECDHE suites by Hanno Becker · 7 years ago
46f34d0 Fix style issue and wording by Hanno Becker · 6 years ago
c1e18bd Fix memory leak by Hanno Becker · 6 years ago
e2734e2 Improve formatting of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
84879e3 Add compile-time guards around helper routine by Hanno Becker · 6 years ago
def9bdc Don't store the peer CRT chain twice during renegotiation by Hanno Becker · 6 years ago
8a2e97c Merge development-psa commit 80b5662 into development-psa-merged branch by Andrzej Kurek · 6 years ago
80b5662 Merge remote-tracking branch 'origin/pr/2386' into development-psa by Jaeden Amero · 6 years ago archive/development-psa development-psa
65408c5 Merge remote-tracking branch 'origin/pr/2355' into development-psa by Jaeden Amero · 6 years ago
de5a007 Merge development commit f352f7 into development-psa by Andrzej Kurek · 6 years ago
c470b6b Merge development commit 8e76332 into development-psa by Andrzej Kurek · 6 years ago
2ad2297 ssl_tls: add psa_hash_abort when reseting checksum by Andrzej Kurek · 6 years ago
972fba5 ssl_tls: rename sha_512_psa to sha_384_psa by Andrzej Kurek · 6 years ago
eb34224 ssl_tls: use PSA to compute running handshake hash for TLS 1.2 by Andrzej Kurek · 6 years ago
2d4faa6 ssl_tls: remove redundant status check by Andrzej Kurek · 6 years ago archive/iotssl-2690-tls-prf-generic iotssl-2690-tls-prf-generic
2f76075 ssl_tls: adjust to the new key policy initialization and key allocation by Andrzej Kurek · 6 years ago
ac5dc34 Fix key allocation for tls_prf_generic by Andrzej Kurek · 7 years ago
3317126 ssl_tls: add missing return brackets by Andrzej Kurek · 7 years ago
70737ca ssl_tls: add key destruction upon generator failure by Andrzej Kurek · 7 years ago
c929a82 Implement tls_prf_generic using the PSA API by Andrzej Kurek · 7 years ago
5615dab ssl_tls: remove line breaks from a debug message by Andrzej Kurek · 7 years ago archive/iotssl-2689-psa-tls1_2-get-key-exchange iotssl-2689-psa-tls1_2-get-key-exchange
e85414e ssl-opt: add a check for PSA computation of digest of ServerKeyExchange by Andrzej Kurek · 7 years ago
814feff Whitespace, logging and documentation fixes by Andrzej Kurek · 7 years ago
d6db9be Adapt mbedtls_ssl_get_key_exchange_md_tls1_2 to PSA hashing by Andrzej Kurek · 7 years ago
36e89b5 Fix #2370, minor typos and spelling mistakes by Antonin Décimo · 7 years ago
2349c4d Adapt to the new key allocation mechanism by Andrzej Kurek · 7 years ago
e1b1a2c Merge remote-tracking branch 'upstream-public/pr/2181' into development by Jaeden Amero · 7 years ago
3fbdada SSL: Make use of the new ECDH interface by Janos Follath · 7 years ago
a0a96a0 Merge branch 'psa_cipher_integration' into development-psa-proposed by Hanno Becker · 7 years ago
cb1cc80 Use PSA-based ciphers for record protections in TLS-1.2 only by Hanno Becker · 7 years ago
f704bef Setup PSA-based cipher context in mbedtls_ssl_derive_keys() by Hanno Becker · 7 years ago
7390c71 Share code for PSK identity configuration by Hanno Becker · 7 years ago
a63ac3f Safe-guard `ssl_conf_remove_psk()` for simultaneous raw-opaque PSKs by Hanno Becker · 7 years ago
f9ed7d5 Don't use 48 as a magic number in ssl_derive_keys() by Hanno Becker · 7 years ago
7d0a569 Implement PSA-based PSK-to-MS derivation in mbedtls_ssl_derive_keys by Hanno Becker · 7 years ago
35b23c7 Simplify master secret derivation in mbedtls_ssl_derive_keys() by Hanno Becker · 7 years ago
d20a8ca Implement API for configuration of opaque PSKs by Hanno Becker · 7 years ago
f6d6e30 Fix incomplete assertion in ssl_write_handshake_msg() by Hanno Becker · 7 years ago
2705bea Merge remote-tracking branch 'public/pr/2095' into development-proposed by Simon Butcher · 7 years ago
17a0fab Merge remote-tracking branch 'public/pr/2111' into development-proposed by Simon Butcher · 7 years ago
169712e Merge remote-tracking branch 'restricted/pr/390' into development by Simon Butcher · 7 years ago
dd3ab13 Fail when encountering invalid CBC padding in EtM records by Hanno Becker · 7 years ago
805f2e1 Add missing zeroization of buffered handshake messages by Hanno Becker · 7 years ago
748face ssl_tls: fix maximum output length by Andrzej Kurek · 7 years ago
ef43ce6 Dtls: change the way unlimited mtu is set for client hello messages by Andrzej Kurek · 7 years ago
6290dae Disable dtls fragmentation for ClientHello messages by Andrzej Kurek · 7 years ago
125af94 Merge branch 'development-restricted' into iotssl-1260-non-blocking-ecc-restricted by Manuel Pégourié-Gonnard · 7 years ago
0bbb4fc Merge branch 'development' into development by Simon Butcher · 7 years ago
552754a Merge remote-tracking branch 'public/pr/1988' into development by Simon Butcher · 7 years ago
68dbc94 Merge remote-tracking branch 'public/pr/1951' into development by Simon Butcher · 7 years ago
a591c48 Correct typo in debug message by Hanno Becker · 7 years ago
83ab41c Correct typo in comment by Hanno Becker · 7 years ago
cd9dcda Add const qualifier to handshake header reading functions by Hanno Becker · 7 years ago
39b8bc9 Change wording of debug message by Hanno Becker · 7 years ago
ef7afdf Rename another_record_in_datagram to next_record_is_in_datagram by Hanno Becker · 7 years ago
c573ac3 Fix typos in debug message and comment in ssl-tls.c by Hanno Becker · 7 years ago
3af567d Merge remote-tracking branch 'restricted/pr/437' into development-restricted by Simon Butcher · 7 years ago
7f85563 Merge remote-tracking branch 'restricted/pr/491' into development-restricted by Simon Butcher · 7 years ago
14dac09 Merge remote-tracking branch 'public/pr/1918' into development by Simon Butcher · 7 years ago
1846e40 Merge remote-tracking branch 'public/pr/1939' into development by Simon Butcher · 7 years ago
4613772 Merge remote-tracking branch 'public/pr/1915' into development by Simon Butcher · 7 years ago
0207e53 Style: Correct typo in ssl-tls.c by Hanno Becker · 7 years ago
d584777 Style: Group buffering-related forward declarations in ssl_tls.c by Hanno Becker · 7 years ago
360bef3 Reordering: Document that only HS and CCS msgs are buffered by Hanno Becker · 7 years ago
4f432ad Style: Don't use abbreviations in comments by Hanno Becker · 7 years ago