yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
26727 commits 1 branch 0 tags 94 MiB
Commit graph

247 commits

Author SHA1 Message Date
Janos Follath
0385c2815c Tighten thread safety requirements 
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.

With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.

These are desirable properties even in the short term.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-30 16:44:04 +01:00
Janos Follath
7ec993d804 Refine thread safety requirements 
Split and refine short term requirements for key deletion.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-23 16:04:48 +01:00
Gilles Peskine
33291ba35f
Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc 
PSA thread safety requirements
 2023-08-10 16:21:55 +02:00
Gilles Peskine
9aa93c8e78 Added a note about new primitives for secure destruction 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:32:09 +02:00
Gilles Peskine
584bf985f5 Elaborate on psa_destroy_key requirements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:29:19 +02:00
Gilles Peskine
d3a797710a psa_is_key_slot_occupied: change to using the key identifier 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 18:36:06 +02:00
Valerio Setti
ab02d391cb test: use only rev-parse for getting the current branch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 16:47:07 +02:00
Valerio Setti
ccb0344969 test: add GIT alternative commands for older GIT versions 
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 15:07:49 +02:00
Dave Rodgman
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases 
Record the outcome of each test case in compat.sh
 2023-07-10 12:08:32 +01:00
Gilles Peskine
0ca2a1f51b
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec 
Storage resilience with stateful secure elements: design document
 2023-06-29 18:25:52 +02:00
Gilles Peskine
34a201774e More about whether to have the driver key id in the transaction list 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
009c06b973 Discuss the cost of a get_key_attributes entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
4e5088476e Finish test strategy 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-30 23:34:07 +02:00
Gilles Peskine
44bbf29597 Write up the transaction/recovery processess 
Still missing: details of part of the testing

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 20:35:49 +02:00
Gilles Peskine
76a852f8fb Design document for storage resilience 
Explore possibilities for implementing stateful secure elements with
storage. Choose one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 09:37:30 +02:00
Gilles Peskine
63df4ec3ca
Merge pull request #7589 from daverodgman/pr4990 
Replace references to Mbed Crypto (rebase)
 2023-05-16 19:14:51 +02:00
Gilles Peskine
7e37aa85a2
Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism 
Check list for implementing a new mechanism in PSA crypto
 2023-05-16 14:04:15 +02:00
Gilles Peskine
de4cbc54d3 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-16 12:04:57 +02:00
Fredrik Hesse
95bd5a5004 Minor adjustments after review. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:01:59 +01:00
Fredrik Hesse
0ec8a90d48 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:00:45 +01:00
Fredrik Hesse
cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 14:59:01 +01:00
valerio
0b0486452c improve syms.sh script for external dependencies analysis 
It is now possible to analyze also modules and not only
x509 and tls libraries.

Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-04-24 10:34:08 +02:00
Ronald Cron
4d31496294 Update TLS 1.3 documentation and add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
e6e6b75ad3 psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option 
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:54 +02:00
Manuel Pégourié-Gonnard
5c8c9e068e Minor improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-29 10:33:03 +02:00
Manuel Pégourié-Gonnard
b38c9c888f Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
03cb87ea3c Update psa-limitations.md 
For recent work and latest plans.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
52f7edb6ad Update psa-migration/strategy.md 
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
c9e0ad23c1 Update design document 
- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for
now but might be added later (the architecture supports that).
- While we're using a void pointer for md_ctx, we don't need a union
here; the union will be useful only if & when we remove the indirection.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-16 09:46:51 +01:00
Yanray Wang
7fc349e903 test-framework.md: document compat.sh 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-02-28 14:30:26 +08:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy 
Dual-API hash dispatch strategy
 2023-02-15 12:50:13 +01:00
Gilles Peskine
91af0f9c0e Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-10 14:31:36 +01:00
Gilles Peskine
ff674d4c6f Typos 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-10 14:31:17 +01:00
Gilles Peskine
199ee456b1 Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 12:35:19 +01:00
Gilles Peskine
58e935fc6b add a missing 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-08 12:07:12 +01:00
Gilles Peskine
fad34a4f10 Support all legacy algorithms in PSA 
This is not strictly mandatory, but it helps.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-02-07 20:37:56 +01:00
Manuel Pégourié-Gonnard
5a2e02635a Improve a few comments & documentation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-01-23 12:51:52 +01:00
Manuel Pégourié-Gonnard
6bbeba6a44 Add ssl-opt.sh support to outcome-analysis.sh 
But make it optional as it makes things much slower.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard
222bc85c6c Update outcome analysis script & documentation 
Now that the script only makes before-after comparison, it no longer
makes sense to ignore some test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-01-05 12:55:08 +01:00
Gilles Peskine
3e30e1fb19 We haven't actually made hash accelerators initless in 3.3 
It seems that it won't be necessary anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:34:17 +01:00
Gilles Peskine
14239c6e2e Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT 
It's a rare scenario, but it's currently possible: if you use
mbedtls_cipher_xxx() to encrypt the communication between the application
and the crypto service, changing those functions to call PSA will break your
system.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:32:48 +01:00
Gilles Peskine
22db9916fe The PSA cipher/AEAD API requires an initialized keystore 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:32:29 +01:00
Gilles Peskine
143ebcc1d6 PKCS#1v1.5 sign/verify uses hash metadata 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:30:10 +01:00
Gilles Peskine
cb93ac91bb Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:29:43 +01:00
Gilles Peskine
d167f16d55 Wording clarifications and typo fixes 
No intended meaning change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-12-13 20:29:15 +01:00
Manuel Pégourié-Gonnard
55a188b420 Clarify the "restart vs use PSA" situation in TLS 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-12-09 10:09:33 +01:00
Gilles Peskine
4eefade8bf Sketch some optimizations relevant to MD light 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-25 23:05:14 +01:00
Gilles Peskine
f634fe10e7 Sketch the work to migrate to MD light 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-25 23:04:51 +01:00
Gilles Peskine
188e900a6d Specify MD light based on the interface requirements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-25 23:04:16 +01:00
Gilles Peskine
382b34ca84 Work out the hash interface requirements 
Finish working out the RSA-PSS example in terms of what it implies about the
interface. The key takeaway is that a mixed-domain module must support
algorithms if they are available through either interface, and that's all
there is to it. The details of how dispatch is done don't matter, what
matters is only the availability, and it's just the disjunction of
availabilities.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2022-11-25 22:57:18 +01:00