Janos Follath
a0b67c2f3e
Bignum: Deprecate mbedtls_mpi_is_prime()
...
When using a primality testing function the tolerable error rate depends
on the scheme in question, the required security strength and wether it
is used for key generation or parameter validation. To support all use
cases we need more flexibility than what the old API provides.
2018-10-09 16:36:53 +01:00
Janos Follath
f301d23ceb
Bignum: Improve primality test for FIPS primes
...
The FIPS 186-4 RSA key generation prescribes lower failure probability
in primality testing and this makes key generation slower. We enable the
caller to decide between compliance/security and performance.
This python script calculates the base two logarithm of the formulas in
HAC Fact 4.48 and was used to determine the breakpoints and number of
rounds:
def mrpkt_log_2(k, t):
if t <= k/9.0:
return 3*math.log(k,2)/2+t-math.log(t,2)/2+4-2*math.sqrt(t*k)
elif t <= k/4.0:
c1 = math.log(7.0*k/20,2)-5*t
c2 = math.log(1/7.0,2)+15*math.log(k,2)/4.0-k/2.0-2*t
c3 = math.log(12*k,2)-k/4.0-3*t
return max(c1, c2, c3)
else:
return math.log(1/7.0)+15*math.log(k,2)/4.0-k/2.0-2*t
2018-10-09 16:33:27 +01:00
Janos Follath
7c025a9f50
Generalize dh_flag in mbedtls_mpi_gen_prime
...
Setting the dh_flag to 1 used to indicate that the caller requests safe
primes from mbedtls_mpi_gen_prime. We generalize the functionality to
make room for more flags in that parameter.
2018-09-21 16:30:07 +01:00
Simon Butcher
53546ea099
Update library version number to 2.13.1
2018-09-06 19:10:26 +01:00
Simon Butcher
5d40f67138
Merge remote-tracking branch 'public/pr/1927' into development-restricted
2018-09-06 16:24:48 +01:00
Hanno Becker
d2ef25478e
Don't define _POSIX_C_SOURCE in header file
2018-09-06 14:53:25 +01:00
Hanno Becker
f5106d54eb
Don't declare and define gmtime()-mutex on Windows platforms
2018-09-06 12:09:56 +01:00
Hanno Becker
323d8019bf
Correct preprocessor guards determining use of gmtime()
...
The previous code erroneously used gmtime_r() to implement
mbedtls_platform_gmtime() in case of a non-windows, non-unix system.
2018-09-06 11:30:57 +01:00
Hanno Becker
03b2bd4a06
Correct documentation of mbedtls_platform_gmtime_r()
...
Previous documentation stated that gmtime_r() was from the standard library,
but it's POSIX.
2018-09-06 09:08:55 +01:00
Hanno Becker
a50fed9910
Correct typo in documentation of mbedtls_platform_gmtime_r()
2018-09-06 09:08:39 +01:00
Hanno Becker
6f70581c4a
Correct POSIX version check to determine presence of gmtime_r()
...
Recent versions of POSIX move gmtime_r to the base.
2018-09-06 09:06:33 +01:00
Hanno Becker
c52ef407ba
Improve documentation of mbedtls_platform_gmtime_r()
2018-09-05 16:36:31 +01:00
Hanno Becker
7dd82b4f51
platform_utils.{c/h} -> platform_util.{c/h}
2018-09-05 16:26:04 +01:00
Hanno Becker
5a7fe14590
Don't include platform_time.h if !MBEDTLS_HAVE_TIME
...
platform_time.h includes time.h, which is not assumed to be present
on a system where MBEDTLS_HAVE_TIME is not defined.
2018-09-05 16:24:44 +01:00
Hanno Becker
9fbbf1c1f0
Improve wording of documentation of MBEDTLS_PLATFORM_GMTIME_R_ALT
2018-09-05 16:23:02 +01:00
Hanno Becker
c9468885a8
Fix typo in documentation of MBEDTLS_PLATFORM_GMTIME_R_ALT
2018-09-05 16:22:10 +01:00
Hanno Becker
921b76d056
Replace 'thread safe' by 'thread-safe' in the documentation
2018-09-05 16:21:36 +01:00
Hanno Becker
9a51d01984
Improve documentation of MBEDTLS_HAVE_TIME_DATE
2018-09-05 16:20:09 +01:00
Hanno Becker
4e67cca1d9
Improve documentation of MBEDTLS_HAVE_TIME_DATE
2018-09-05 16:18:38 +01:00
Hanno Becker
48a816ff26
Minor documentation improvements
2018-09-05 15:22:22 +01:00
Hanno Becker
651d586ccf
Style: Add missing period in documentation in threading.h
2018-09-05 15:17:43 +01:00
Hanno Becker
6a739789f3
Rename mbedtls_platform_gmtime() to mbedtls_platform_gmtime_r()
...
For consistency, also rename MBEDTLS_PLATFORM_GMTIME_ALT to
MBEDTLS_PLATFORM_GMTIME_R_ALT.
2018-09-05 15:06:19 +01:00
Hanno Becker
be2e4bddd5
Guard decl and use of gmtime mutex by HAVE_TIME_DATE and !GMTIME_ALT
2018-09-05 14:44:31 +01:00
Hanno Becker
5f95c798a3
Remove another mentioning of IAR from config.h
2018-09-05 14:36:36 +01:00
Hanno Becker
272675f4c6
Correct documentation of mbedtls_platform_gmtime()
2018-09-05 14:03:02 +01:00
Hanno Becker
cfeb70c6b9
gmtime: Remove special treatment for IAR
...
Previous commits attempted to use `gmtime_s()` for IAR systems; however,
this attempt depends on the use of C11 extensions which lead to incompatibility
with other pieces of the library, such as the use of `memset()` which is
being deprecated in favor of `memset_s()` in C11.
2018-09-05 13:52:46 +01:00
Andres Amaya Garcia
94b540ac63
Avoid redefining _POSIX_C_SOURCE
2018-09-05 12:27:32 +01:00
Andres Amaya Garcia
45e30201a4
Document that IAR gmtime_s() is auto selected
2018-09-05 12:05:59 +01:00
Andres Amaya Garcia
433f911e59
Check for IAR in gmtime macros
2018-09-05 12:01:57 +01:00
Andres Amaya Garcia
e58088edb9
Clarify docs for MBEDTLS_HAVE_TIME_DATE
2018-09-05 11:55:49 +01:00
Andres Amaya Garcia
193fe893a6
Add missing _POSIX_C_SOURCE define in threading.h
2018-09-05 11:47:33 +01:00
Andres Amaya Garcia
ca04a01bb8
Document shorthand gmtime macros
2018-09-05 11:43:57 +01:00
Andres Amaya Garcia
c2f948b6c6
Fix grammar in docs for MBEDTLS_HAVE_TIME_DATE
2018-09-05 11:21:44 +01:00
Simon Butcher
4d075cd7d0
Update library version number to 2.13.0
2018-08-31 15:59:10 +01:00
Simon Butcher
552754a6ee
Merge remote-tracking branch 'public/pr/1988' into development
2018-08-30 00:57:28 +01:00
Simon Butcher
68dbc94720
Merge remote-tracking branch 'public/pr/1951' into development
2018-08-30 00:56:56 +01:00
Simon Butcher
07de4c0035
Merge remote-tracking branch 'public/pr/1920' into development
2018-08-30 00:56:08 +01:00
Hanno Becker
97a1c134b2
Correct typo in documentation of MBEDTLS_SSL_DTLS_MAX_BUFFERING
2018-08-28 14:42:15 +01:00
Hanno Becker
eefe084f72
Style: Spell out PMTU in ssl.h
2018-08-28 10:29:17 +01:00
Hanno Becker
bc2498a9ff
Style: Add numerous comments indicating condition guarded by #endif
2018-08-28 10:13:29 +01:00
Hanno Becker
280075104e
DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING
2018-08-28 09:46:44 +01:00
Hanno Becker
159a37f75d
config.h: Don't use arithmetical exp for SSL_DTLS_MAX_BUFFERING
...
The functions requires_config_value_at_least and requires_config_value_at_most
only work with numerical constants.
2018-08-24 15:07:29 +01:00
Hanno Becker
0e96585bdd
Merge branch 'datagram_packing' into message_reordering
2018-08-24 12:16:41 +01:00
Hanno Becker
eb57008d7d
Fix typo in documentation of mbedtls_ssl_set_datagram_packing()
2018-08-24 11:28:35 +01:00
Hanno Becker
1841b0a11c
Rename ssl_conf_datagram_packing() to ssl_set_datagram_packing()
...
The naming convention is that functions of the form mbedtls_ssl_conf_xxx()
apply to the SSL configuration.
2018-08-24 11:13:57 +01:00
Hanno Becker
98081a09e6
Don't use uint8_t for bitfields
...
Fixing a build failure using armcc.
2018-08-22 13:32:50 +01:00
Hanno Becker
3546201dbc
Merge branch 'datagram_packing' into message_reordering
2018-08-22 10:25:40 +01:00
Hanno Becker
a67dee256d
Merge branch 'iotssl-2402-basic-pmtu-adaptation' into datagram_packing
2018-08-22 10:06:38 +01:00
Manuel Pégourié-Gonnard
f47a4afea3
Fix a typo in comments
2018-08-22 10:50:30 +02:00
Manuel Pégourié-Gonnard
b8eec192f6
Implement PMTU auto-reduction in handshake
2018-08-22 10:50:30 +02:00