yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2025-12-06 07:12:32 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
28365 commits 89 branches 205 tags 114 MiB
Commit graph

757 commits

Author SHA1 Message Date
Gilles Peskine 42a025dc9c Reference filed issues 
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:35:31 +01:00
Gilles Peskine 5a64c42693 Reference ongoing work 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:09:16 +01:00
Gilles Peskine 89ca6c7e72 typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:08:56 +01:00
Gilles Peskine 32294044e1 Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO 
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:07:55 +01:00
Gilles Peskine 9fe1c699a8 Clarify PSA-to-PK copy intent 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:16:31 +01:00
Gilles Peskine f80dcc5f8b Resolve ECDSA conversion API: don't use an ASN.1 interface 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:47 +01:00
Gilles Peskine a7226a1f60 Our TLS 1.3 API doesn't actually require PSA key identifiers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:14 +01:00
Gilles Peskine 93cdb77835 Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:04 +01:00
Gilles Peskine 8f1307adcd Asymmetric cryptography: rough draft 
Still many open questions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-25 21:42:23 +01:00
Gilles Peskine 7ee4cc302a Create legacy-API bridge API design document 
Do the analysis for hashes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-28 16:08:26 +01:00
Dave Rodgman 16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Tom Cosgrove 6dcb63bc6d Fix broken link to psa-driver-example-and-guide in psa-driver-wrappers-codegen-migration-guide.md 
Fixes #8453

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
 2023-10-31 15:39:25 +00:00
Janos Follath a365efc6f1 Threading design: fix internal links 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-26 10:22:55 +01:00
Janos Follath 54bd71b40f Update operation threading strategy 
The library does not need to provide protection, leave it to the crypto
service.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:30:50 +01:00
Janos Follath e604269a59 Threading Design: emphasise performance requirement 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:16:58 +01:00
Janos Follath 23f7e41633
Threading design: improve language 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:11:18 +01:00
Janos Follath 49d467c37d Threading design: update and clarify 3.6 plan 
- Separation of attr and slot state is added
- Driver support is cut back

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:41:40 +01:00
Janos Follath de0e3e352d Threading design: Update empty slot tracking 
Using a dedicated field allows clean separatin between key attributes
and slot state. This allows us to use the same mechanics for attributes
and key content. Which in turn means lower code size and easier
maintenance.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:12:42 +01:00
Janos Follath 52586895f7 Clarify threading design document structure 
Separate design analysis from plans and make the distinction clear
between what is implemented, what is planned to be implemented soon,
what is planned to be implemented in the future, and what is ideas that
are rejected.

(The distinction between the last two categories doesn't have to be
clear, we can't and shouldn't plan that far ahead.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 14:26:57 +01:00
Janos Follath 19192a5158 Clarify reentrancy requirements for drivers 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 13:16:48 +01:00
Janos Follath d7a39ae21e Add plan for 3.6 to threading design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 14:34:26 +01:00
Janos Follath 574100bb0d Add clarifications to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:28 +01:00
Janos Follath 811a954383 Add reentrancy section to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:21 +01:00
Janos Follath 28b4da954b Add PSA threading design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-10 15:15:55 +01:00
Gilles Peskine 32743619a2
Merge pull request #8114 from yanesca/threading_requirements_update 
Refine thread safety requirements
 2023-10-09 11:22:59 +00:00
Manuel Pégourié-Gonnard 8c40f3dfad Formatting fixes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:06:09 +02:00
Manuel Pégourié-Gonnard 140c08e325 Minor clarifications. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard 89ae266e5a Update docs/driver-only-builds.md 
Latest changes:
- logic about the relationship between curves, key types and algs (8075)
- building without bignum is no longer "coming soon", it's there :)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard dfa42b34ab Improve documentation about driver-only p256-m. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard 789000b2be Update list of p256-m entry points 
There was a bit of a race condition between #8041 which introduced the
new entry points, and #8203 which documented the list of entry points.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman 0fc86b2ddf
Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
Manuel Pégourié-Gonnard f7dc6cfef1 Document limitation on "mixed" builds 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-27 10:34:52 +02:00
Xiaokang Qian db3035b8bc Fix a typo in psa-crypto-implementation-structure.md 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 76e55a20dd Change the documenti about psa_crypto_driver_wrappers.c{h} 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 1198e43644 Change the description of auto-generated driver dispatch files 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian 845693c513 Change comments to psa_crypto_driver_wrappers.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Manuel Pégourié-Gonnard 030f11b0b1 Type fixes and wording improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:47 +02:00
Manuel Pégourié-Gonnard 1f61b7b8ea Document driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:46 +02:00
Gilles Peskine efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Gilles Peskine 452beb9076
Merge pull request #8203 from gilles-peskine-arm/p256-m-production 
Declare p256-m as ready for production
 2023-09-20 09:36:05 +00:00
Paul Elliott 3d0bffb257 Improve statement in driver-only-builds.md 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-09-13 15:15:37 +01:00
Gilles Peskine 6f784dff49 Reflect the fact p256-m has been integrated into Mbed TLS 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:32:30 +02:00
Valerio Setti 7373a6644d driver-only-builds.md: fix text 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-04 16:16:11 +02:00
Janos Follath b4527fbd82 Add clarifications to the threading requirements 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 14:01:24 +01:00
Janos Follath b6954730f0
Fix typo 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 13:54:21 +01:00
Janos Follath 35633dd977 Add threading non-requirement 
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:31:19 +01:00
Janos Follath 15d9ec29be Improve thread safety presentation 
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:22:21 +01:00
Janos Follath 0385c2815c Tighten thread safety requirements 
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.

With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.

These are desirable properties even in the short term.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-30 16:44:04 +01:00
Janos Follath 7ec993d804 Refine thread safety requirements 
Split and refine short term requirements for key deletion.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-23 16:04:48 +01:00
Valerio Setti d31b28485b driver-only-builds: update EC and FFDH sections 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-17 12:36:40 +02:00