yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
29777 commits 89 branches 205 tags 114 MiB
Commit graph

856 commits

Author SHA1 Message Date
Janos Follath 49d467c37d Threading design: update and clarify 3.6 plan 
- Separation of attr and slot state is added
- Driver support is cut back

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:41:40 +01:00
Janos Follath de0e3e352d Threading design: Update empty slot tracking 
Using a dedicated field allows clean separatin between key attributes
and slot state. This allows us to use the same mechanics for attributes
and key content. Which in turn means lower code size and easier
maintenance.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:12:42 +01:00
Janos Follath 52586895f7 Clarify threading design document structure 
Separate design analysis from plans and make the distinction clear
between what is implemented, what is planned to be implemented soon,
what is planned to be implemented in the future, and what is ideas that
are rejected.

(The distinction between the last two categories doesn't have to be
clear, we can't and shouldn't plan that far ahead.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 14:26:57 +01:00
Janos Follath 19192a5158 Clarify reentrancy requirements for drivers 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 13:16:48 +01:00
Janos Follath d7a39ae21e Add plan for 3.6 to threading design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 14:34:26 +01:00
Janos Follath 574100bb0d Add clarifications to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:28 +01:00
Janos Follath 811a954383 Add reentrancy section to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:21 +01:00
Manuel Pégourié-Gonnard f1878d8974 Update to only serve GCM and CCM 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-12 11:19:00 +02:00
Janos Follath 28b4da954b Add PSA threading design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-10 15:15:55 +01:00
Manuel Pégourié-Gonnard 301d2a29a7 Update to MD light section 
Mostly to reflect this has been implemented, and remove references to
temporary remains from the previous strategy (hash_info, legacy_or_psa)
which would probably be more confusing than helpful at this point.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard 2daee0410e Update list of modules using hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard ca18b7747e Update definition of Cipher light 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard 839d3580bd Update details of modules using cipher operations 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-10 09:22:59 +02:00
Gilles Peskine 32743619a2
Merge pull request #8114 from yanesca/threading_requirements_update 
Refine thread safety requirements
 2023-10-09 11:22:59 +00:00
Manuel Pégourié-Gonnard 8c40f3dfad Formatting fixes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:06:09 +02:00
Manuel Pégourié-Gonnard 140c08e325 Minor clarifications. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard 89ae266e5a Update docs/driver-only-builds.md 
Latest changes:
- logic about the relationship between curves, key types and algs (8075)
- building without bignum is no longer "coming soon", it's there :)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard dfa42b34ab Improve documentation about driver-only p256-m. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard 789000b2be Update list of p256-m entry points 
There was a bit of a race condition between #8041 which introduced the
new entry points, and #8203 which documented the list of entry points.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman 0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
Manuel Pégourié-Gonnard f7dc6cfef1 Document limitation on "mixed" builds 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-27 10:34:52 +02:00
Xiaokang Qian db3035b8bc Fix a typo in psa-crypto-implementation-structure.md 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 76e55a20dd Change the documenti about psa_crypto_driver_wrappers.c{h} 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 1198e43644 Change the description of auto-generated driver dispatch files 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 845693c513 Change comments to psa_crypto_driver_wrappers.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Manuel Pégourié-Gonnard 030f11b0b1 Type fixes and wording improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:47 +02:00
Manuel Pégourié-Gonnard 1f61b7b8ea Document driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:46 +02:00
Gilles Peskine efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Gilles Peskine 452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production 
Declare p256-m as ready for production
 2023-09-20 09:36:05 +00:00
Paul Elliott 3d0bffb257 Improve statement in driver-only-builds.md 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-09-13 15:15:37 +01:00
Gilles Peskine 6f784dff49 Reflect the fact p256-m has been integrated into Mbed TLS 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:32:30 +02:00
Valerio Setti 7373a6644d driver-only-builds.md: fix text 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-04 16:16:11 +02:00
Janos Follath b4527fbd82 Add clarifications to the threading requirements 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 14:01:24 +01:00
Janos Follath b6954730f0
Fix typo 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 13:54:21 +01:00
Janos Follath 35633dd977 Add threading non-requirement 
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:31:19 +01:00
Janos Follath 15d9ec29be Improve thread safety presentation 
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:22:21 +01:00
Janos Follath 0385c2815c Tighten thread safety requirements 
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.

With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.

These are desirable properties even in the short term.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-30 16:44:04 +01:00
Janos Follath 7ec993d804 Refine thread safety requirements 
Split and refine short term requirements for key deletion.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-23 16:04:48 +01:00
Valerio Setti d31b28485b driver-only-builds: update EC and FFDH sections 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-17 12:36:40 +02:00
Manuel Pégourié-Gonnard 36cd3f9f8e Add tentative definition of Cipher light 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-11 10:06:42 +02:00
Manuel Pégourié-Gonnard 948137be59 Add details on use of ciphers from other modules 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-10 16:58:30 +02:00
Gilles Peskine 33291ba35f
Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc 
PSA thread safety requirements
 2023-08-10 16:21:55 +02:00
Manuel Pégourié-Gonnard 0b6d021069 Adjust presence of warning/link. 
- the codegen migration document is already a migration document, so
doesn't need the extra warning about work in progress;
- the driver interface can use a link to the more practical guide too.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-08 09:37:11 +02:00
Gilles Peskine 9aa93c8e78 Added a note about new primitives for secure destruction 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:32:09 +02:00
Gilles Peskine 584bf985f5 Elaborate on psa_destroy_key requirements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:29:19 +02:00
Manuel Pégourié-Gonnard de24ba6cfd Add link to examples in relevant places 
Some documents about driver describe a state of things that is ahead of
the reality. They already contain a warning about it, but no way to know
that the current reality is; add a pointer to a document that describes
it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:36:14 +02:00
Manuel Pégourié-Gonnard b61484947a Fix error in the guide to drivers 
There is no export_key entry point for transparent drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:32:51 +02:00
Gilles Peskine d3a797710a psa_is_key_slot_occupied: change to using the key identifier 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 18:36:06 +02:00
Valerio Setti ab02d391cb test: use only rev-parse for getting the current branch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 16:47:07 +02:00
Valerio Setti ccb0344969 test: add GIT alternative commands for older GIT versions 
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 15:07:49 +02:00
Manuel Pégourié-Gonnard 1c739ec277
Merge pull request #7900 from mpg/doc-driver-only 
ECPf wrap-up
 2023-07-26 10:25:54 +02:00
Manuel Pégourié-Gonnard fb22c27f1d Misc wording fixes and improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-18 10:40:56 +02:00
Manuel Pégourié-Gonnard 1937cf8143 Improve wording & fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:14:15 +02:00
Manuel Pégourié-Gonnard c97775162e Fix inaccurate information about FFDH 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:11:20 +02:00
Dave Rodgman e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases 
Record the outcome of each test case in compat.sh
 2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard 7a82e27a10 Add documentation on driver-only ECC 
Just one part left for later.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Manuel Pégourié-Gonnard 6d5f4946e6 Add docs/driver-only-builds.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Gilles Peskine 0ca2a1f51b
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec 
Storage resilience with stateful secure elements: design document
 2023-06-29 18:25:52 +02:00
Gilles Peskine 909cf5a3ec Show how to extract curve information from an ecp_keypair 
It's not pretty.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-20 23:38:39 +02:00
Gilles Peskine 603f0fca6e The ECP curve name is the one from TLS, not one we made up 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-20 23:38:21 +02:00
Manuel Pégourié-Gonnard 417ce2c574 Rename _USE to _BASIC 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-16 10:36:44 +02:00
Gilles Peskine 379ff8754d Cover ecp.h 
Also correct some statements about rsa/ecp/pk check functions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 21:15:21 +02:00
Gilles Peskine f75e65d90b Rename PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_USE to ..._BASIC 
per https://github.com/Mbed-TLS/mbedtls/issues/7439#issuecomment-1592673401
and https://github.com/Mbed-TLS/mbedtls/pull/7774#discussion_r1230658660

State that EXPORT implies BASIC.

Also fix missing `WANT_` parts.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 18:39:14 +02:00
Gilles Peskine 5bd4f17e4e Cover ECDH and DHM 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 18:33:30 +02:00
Gilles Peskine b33d0ac532 Mention self-tests 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-15 18:33:15 +02:00
Manuel Pégourié-Gonnard 1cae90bf50 Update PSA_WANT spec for new KEY_PAIR scheme 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-14 12:19:13 +02:00
Gilles Peskine c7b53f3ab7 Mention mbedtls_psa_get_random 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:31:53 +02:00
Gilles Peskine 34a201774e More about whether to have the driver key id in the transaction list 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine 009c06b973 Discuss the cost of a get_key_attributes entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine 5ad8ca2a5f Legacy-to-PSA transition guide 
Covers most modules, but missing most of ecp, ecdh and dhm.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 19:52:31 +02:00
Gilles Peskine 265ce7c1da
Merge pull request #5451 from gilles-peskine-arm/psa-driver-kdf-spec 
PSA drivers: specification for key derivation
 2023-06-06 11:37:28 +02:00
Gilles Peskine f4ba0013e2 Clarify when key derivation entry points are mandatory/permitted 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:24:14 +02:00
Gilles Peskine 8dd1e623e1 Copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:14:41 +02:00
Gilles Peskine 7df8ba6a10 Rework the description of key derivation output/verify key 
Some of the fallback mechanisms between the entry points were not described
corrrectly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:16:02 +02:00
Gilles Peskine dcaf104eef Note that we may want to rename derive_key 
... if we think of a better name

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:41 +02:00
Gilles Peskine f96a18edc7 Probably resolve concern about the input size for derive_key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:15 +02:00
Gilles Peskine 1414bc34b9 Minor copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 17:54:32 +02:00
Gilles Peskine 24f52296f1 Key agreement needs an attribute structure for our key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:44:04 +02:00
Gilles Peskine e52bff994c Note possible issue with derive_key: who should choose the input length? 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:43:29 +02:00
Gilles Peskine b319ed69c4 State explicitly that cooked key derivation uses the export format 
This is the case for all key creation in a secure element, but state it
explicitly where relevant.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:45 +02:00
Gilles Peskine f787879a14 Clarify sequencing of long inputs 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:29 +02:00
Gilles Peskine d2fe1d5498 Rationale on key derivation inputs and buffer ownership 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:17 +02:00
Gilles Peskine 4e94fead86 Key derivation dispatch doesn't depend on the key type 
At least for all currently specified algorithms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:56 +02:00
Gilles Peskine 66b96e2d87 Copyediting 
Fix some typos and copypasta. Some very minor wording improvements.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:27 +02:00
Gilles Peskine 4e5088476e Finish test strategy 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-30 23:34:07 +02:00
Gilles Peskine 44bbf29597 Write up the transaction/recovery processess 
Still missing: details of part of the testing

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 20:35:49 +02:00
Gilles Peskine 76a852f8fb Design document for storage resilience 
Explore possibilities for implementing stateful secure elements with
storage. Choose one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 09:37:30 +02:00
Gilles Peskine 63df4ec3ca
Merge pull request #7589 from daverodgman/pr4990 
Replace references to Mbed Crypto (rebase)
 2023-05-16 19:14:51 +02:00
Gilles Peskine 7e37aa85a2
Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism 
Check list for implementing a new mechanism in PSA crypto
 2023-05-16 14:04:15 +02:00
Gilles Peskine de4cbc54d3 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-16 12:04:57 +02:00
Fredrik Hesse 95bd5a5004 Minor adjustments after review. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:01:59 +01:00
Fredrik Hesse 0ec8a90d48 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:00:45 +01:00
Fredrik Hesse cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 14:59:01 +01:00
Bence Szépkúti e06d863267
Merge pull request #7538 from bensze01/in-tree-redirects 
Add in-tree configuration file for Readthedocs redirects
 2023-05-11 15:07:06 +02:00
Bence Szépkúti 09f8df86ac Reword the API token explanation in redirects.yaml 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-09 21:07:30 +02:00
Gilles Peskine d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1 
Fix the JPAKE driver interface for user+peer
 2023-05-02 20:42:25 +02:00
Bence Szépkúti 7ce8fba3cb Add post-build step to update redirects 
This allows us to maintain the list of redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 20:16:12 +02:00
Bence Szépkúti 4f4c87b01e Add readthedocs-cli to requirements.in 
This will allow us to manage our redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 19:59:34 +02:00
Manuel Pégourié-Gonnard 8e076e4132
Merge pull request #6915 from aditya-deshpande-arm/example-driver-post-codestyle 
Document (with examples) how to integrate a third-party driver with Mbed TLS
 2023-05-02 12:13:42 +02:00
Aditya Deshpande 8225587fd7 Change from Mbed TLS 3.3.0 to 3.4.0 in driver documentation. 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:55:02 +01:00
Aditya Deshpande 641cb8914d Minor changes to documentation and code comments for clarity 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:55:02 +01:00
Aditya Deshpande bac592d53e Remove rand() from p256_generate_random() and move to an implementation based on mbedtls_ctr_drbg 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande f80b939096 Add information for driver points where auto-generation is implemented 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande 755b174fec Add example for integrating a driver alongside Mbed TLS for entrypoints where auto-generation of driver wrappers is not implemented yet. 
Using p256-m as the example driver/software accelerator.

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande abf4bf31cb Start the driver example write-up (p256-m integration) 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande 277690e944 Add step-by-step guide for writing and integrating drivers for entry points where auto-generation is not implemented 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande e41f7e457f Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example. 
(Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch)

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:09 +01:00
valerio 95e57c3517 doc: update use-psa-crypto.md 
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-04-24 13:47:18 +02:00
valerio 0b0486452c improve syms.sh script for external dependencies analysis 
It is now possible to analyze also modules and not only
x509 and tls libraries.

Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-04-24 10:34:08 +02:00
Paul Elliott 4359badbb2
Merge pull request #7331 from mprse/ec-jpake-fix2 
PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input
 2023-04-17 16:31:09 +01:00
Ronald Cron 4d31496294 Update TLS 1.3 documentation and add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron e6e6b75ad3 psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option 
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:54 +02:00
Manuel Pégourié-Gonnard 0ab380a8ae
Merge pull request #7354 from mpg/ecc-doc-update 
Ecc doc update
 2023-03-30 15:38:47 +02:00
Manuel Pégourié-Gonnard 9463e780c6 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-30 09:37:39 +02:00
Dave Rodgman 05c5a91514
Merge pull request #7307 from Mbed-TLS/sphinx-versioned-documentation 
Generate API documentation with Sphinx and Breathe
 2023-03-29 12:01:59 +01:00
Manuel Pégourié-Gonnard 5c8c9e068e Minor improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-29 10:33:03 +02:00
Manuel Pégourié-Gonnard 93b21e74f9 Update documentation to mention ECC drivers 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-29 10:30:26 +02:00
David Horstmann 2717f622b8 Add _build/ and api/ to gitignore 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-28 15:00:24 +01:00
David Horstmann c1f2eef43a Clean the breathe-apidoc files with make clean 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-28 14:24:47 +01:00
David Horstmann 434fc5ecbd Remove make.bat for documentation 
Building the docs on Windows is not supported in any case, as the apidoc
target in the main Makefile will not run on Windows.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-27 15:24:37 +01:00
David Horstmann 9bca03a2b2 Improve docs Makefile to do full build 
Include the make apidoc and breathe-apidoc steps in the documentation
Makefile for ease of use. In this way, depart from the Makefile
generated automatically by Sphinx.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-27 15:21:27 +01:00
Manuel Pégourié-Gonnard b38c9c888f Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard 86efa852df Mention EC J-PAKE opaque passwords. 
Unrelated to the other changes, other than I noticed it was missing
while making the other edits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard 2ca08c8409 Try again to clarify USE_PSA_CRYPTO 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard 3dd9add294 Use PSA Crypto: try clarifying what it means 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard 03cb87ea3c Update psa-limitations.md 
For recent work and latest plans.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard 52f7edb6ad Update psa-migration/strategy.md 
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Przemek Stekiel b175b146a2 Remove driver_pake_get_role function 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-23 13:37:18 +01:00
Przemek Stekiel fa1754e9ef Update documentation of psa_pake_input 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-23 08:06:09 +01:00
David Horstmann 5158bd8ac8 Remove Exhale from requirements and regenerate 
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-22 17:30:22 +00:00
David Horstmann e84d61cb64 Add initial API doc configuration 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-16 18:01:58 +00:00
Manuel Pégourié-Gonnard c9e0ad23c1 Update design document 
- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for
now but might be added later (the architecture supports that).
- While we're using a void pointer for md_ctx, we don't need a union
here; the union will be useful only if & when we remove the indirection.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard 18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user 
EC J-PAKE: partial fix for role vs user+peer
 2023-03-15 09:37:30 +01:00
Przemek Stekiel c0e6250ff9 Fix documentation and tests 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-14 11:49:36 +01:00
Manuel Pégourié-Gonnard 439dbc5c60 Fix dependency for TLS 1.3 as well 
Turns out TLS 1.3 is using the PK layer for signature generation &
verification, and the PK layer is influenced by USE_PSA_CRYPTO.

Also update docs/use-psa-crypto.md accordingly.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-10 12:37:15 +01:00
Przemek Stekiel e9254a0e55 Adapt driver dispatch documentation for user/peer getters 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-10 09:18:03 +01:00
Gilles Peskine a4c6a3c355
Merge pull request #7237 from davidhorstmann-arm/move-getting-started-guide 
Move docs/getting_started.md to docs repo
 2023-03-09 23:31:25 +01:00
David Horstmann 369930dec2 Move docs/getting_started.md to docs repo 
Delete docs/getting_started.md as it has been moved to the dedicated
documentation repo.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-03-09 09:52:13 +00:00
Przemek Stekiel 691e91adac Further pake code optimizations 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-08 09:54:00 +01:00
Przemek Stekiel 4dc83d40af Add check for pake operation buffer overflow 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-03-07 10:50:00 +01:00
Yanray Wang 7fc349e903 test-framework.md: document compat.sh 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-28 14:30:26 +08:00
Przemek Stekiel 6b64862ef7 Documentation fixes and code adaptation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:32 +01:00
Przemek Stekiel 251e86ae3f Adapt names to more suitable and fix conditional compilation flags 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:32 +01:00
Przemek Stekiel 27cd488088 Update the documentation (v.3) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:32 +01:00
Przemek Stekiel 33ea63d766 Minor updates of the documentation 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:32 +01:00
Przemek Stekiel 8c8ab26b2a Update documentation (handling inputs, function names) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:31 +01:00
Przemek Stekiel d67a5b6320 Update PAKE driver documentation (v.2) 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:31 +01:00
Przemek Stekiel d6eb11007f Add draft documentation for the PAKE driver dispatch logic 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
 2023-02-22 11:30:31 +01:00
Manuel Pégourié-Gonnard 6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy 
Dual-API hash dispatch strategy
 2023-02-15 12:50:13 +01:00
Gilles Peskine 91af0f9c0e Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-10 14:31:36 +01:00