Gilles Peskine
acdc52e154
mbedtls_ecp_write_key_ext(): recommend over the old function in documentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-28 13:19:42 +01:00
Gilles Peskine
3ea9450463
Merge pull request #8734 from valeriosetti/issue8564
...
Add test for driver-only HMAC
2024-02-14 13:43:40 +00:00
Gilles Peskine
3f557ad59c
Wording improvement
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8
ECDSA signature conversion: put bits first
...
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design
...
PK-PSA bridge design document
2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368
Update ECDSA signature conversion based on experimentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 16:15:17 +01:00
Valerio Setti
18be2fb9df
driver-only-builds: improve a sentence in the HMAC section
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-26 15:07:02 +01:00
Valerio Setti
9f521056bc
driver-only-builds: add documentation for HMAC acceleration
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-24 15:44:24 +01:00
Gilles Peskine
4d4891e18a
Merge pull request #8666 from valeriosetti/issue8340
...
Export the mbedtls_md_psa_alg_from_type function
2024-01-18 13:58:55 +00:00
Gilles Peskine
c9077cccd3
Merge pull request #8664 from valeriosetti/issue7764
...
Conversion function from ecp group to PSA curve
2024-01-18 10:28:55 +00:00
Gilles Peskine
dd77343381
Open question for ECDSA signature that can be resolved during implementation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63
Add a usage parameter to mbedtls_pk_get_psa_attributes
...
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.
Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6
Resolve several open questions as nothing special to do
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:58:25 +01:00
Gilles Peskine
42a025dc9c
Reference filed issues
...
All PK-related actions are now covered.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:35:31 +01:00
Gilles Peskine
5a64c42693
Reference ongoing work
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:09:16 +01:00
Gilles Peskine
89ca6c7e72
typo
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:08:56 +01:00
Gilles Peskine
32294044e1
Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO
...
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:07:55 +01:00
Bence Szépkúti
333ca8fdfc
Migrate to new RTD redirect format
...
Migrate to the new redirect format introduced by ReadTheDocs in
readthedocs/readthedocs.org#10881
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2024-01-16 17:06:06 +01:00
Manuel Pégourié-Gonnard
e334486753
Add new lines before lists
...
This is more portable markdown, and also for people who read the text,
it make the new lines after the list (but inside the same sentence) less
surprising I hope.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-10 10:24:31 +01:00
Manuel Pégourié-Gonnard
0f45a1aec5
Fix typos / improve syntax
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-10 09:43:30 +01:00
Valerio Setti
afa01c7394
psa-transition: update "Elliptic curve mechanism selection" section
...
- add hyperlinks for the conversion functions.
- move conversion functions' description before the legacy<->PSA table.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Valerio Setti
dc33200b74
psa-transition: extend "Elliptic curve mechanism selection"
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-09 13:41:52 +01:00
Manuel Pégourié-Gonnard
60c9eee267
Improve wording & fix typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-09 10:09:17 +01:00
Manuel Pégourié-Gonnard
d0c6f70e58
Update architecture doc for cipher dual dispatch
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
c1cea63478
Quickly mention the status of RSA accel
...
Not related to other commits in this PR, should have been done in #8616
really, but since I'm updating the document, might as well do it here.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
dc4103e9aa
Clarify CCM/CM with partial accel
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
...
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Valerio Setti
7406b74fce
driver-only-builds: fix typo
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-03 14:47:36 +01:00
Valerio Setti
a87cd17b35
psa-transition: update with MD translation functions
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-02 16:20:44 +01:00
Gilles Peskine
9fe1c699a8
Clarify PSA-to-PK copy intent
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:16:31 +01:00
Gilles Peskine
f80dcc5f8b
Resolve ECDSA conversion API: don't use an ASN.1 interface
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:47 +01:00
Gilles Peskine
a7226a1f60
Our TLS 1.3 API doesn't actually require PSA key identifiers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:14 +01:00
Gilles Peskine
93cdb77835
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:04 +01:00
Valerio Setti
045d680054
driver-only-builds: enhancing cipher related sections
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 15:42:22 +01:00
Valerio Setti
f333b3fbde
driver-only-builds: fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 15:08:39 +01:00
Valerio Setti
92e5c693ba
driver-only-builds: updated ciphers and AEADs related sections
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 13:28:03 +01:00
Gilles Peskine
8f1307adcd
Asymmetric cryptography: rough draft
...
Still many open questions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-25 21:42:23 +01:00
Manuel Pégourié-Gonnard
69b290589b
Merge pull request #8057 from mpg/cipher-study
...
[G2] Tentative definition of Cipher light
2023-12-22 08:53:30 +00:00
Valerio Setti
49067d7d0e
driver-only-builds: update documentation
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 17:07:10 +01:00
Valerio Setti
8c1e6bbcdc
driver-only-builds: fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-21 15:02:48 +01:00
Gilles Peskine
907cb020ef
Merge pull request #8618 from Ryan-Everett-arm/new-state-transition-documentation
...
Update thread safety state transition documentation
2023-12-21 12:09:58 +00:00
Ryan Everett
3dd6cde0d8
Mention functional correctness explicitly
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-20 16:47:57 +00:00
Valerio Setti
66134661cd
driver-only-builds: add Restrictions section
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 17:06:13 +01:00
Ryan Everett
f5e135670b
Clarify key generation and memory-management correctness
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-20 15:24:47 +00:00
Valerio Setti
af53132e44
driver-only-builds: enhancing section on removing CIPHER_C
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 15:56:09 +01:00
Valerio Setti
3fab8a4deb
driver-only-builds: fix typos
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 14:25:37 +01:00
Valerio Setti
5eb8de12cb
driver-only-build: remove paragraph about RSA/DH deterministic key generation
...
This feature is not supported at all in MbedTLS, driver or not.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-20 11:59:32 +01:00
Manuel Pégourié-Gonnard
9934f834af
Merge pull request #7766 from gilles-peskine-arm/psa-transition-doc-create
...
Legacy-to-PSA transition guide
2023-12-20 10:28:31 +00:00
Valerio Setti
7e11dd6ec6
driver-only-builds: add section for accelerated ciphers/AEADs
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-18 15:52:44 +01:00
Ryan Everett
c1c6e0d906
Justify linearization points
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-15 12:33:26 +00:00