Commit graph

619 commits

Author SHA1 Message Date
Dave Rodgman
05c5a91514
Merge pull request #7307 from Mbed-TLS/sphinx-versioned-documentation
Generate API documentation with Sphinx and Breathe
2023-03-29 12:01:59 +01:00
David Horstmann
2717f622b8 Add _build/ and api/ to gitignore
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-28 15:00:24 +01:00
David Horstmann
c1f2eef43a Clean the breathe-apidoc files with make clean
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-28 14:24:47 +01:00
David Horstmann
434fc5ecbd Remove make.bat for documentation
Building the docs on Windows is not supported in any case, as the apidoc
target in the main Makefile will not run on Windows.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-27 15:24:37 +01:00
David Horstmann
9bca03a2b2 Improve docs Makefile to do full build
Include the make apidoc and breathe-apidoc steps in the documentation
Makefile for ease of use. In this way, depart from the Makefile
generated automatically by Sphinx.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-27 15:21:27 +01:00
Manuel Pégourié-Gonnard
b38c9c888f Fix a typo
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
86efa852df Mention EC J-PAKE opaque passwords.
Unrelated to the other changes, other than I noticed it was missing
while making the other edits.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
2ca08c8409 Try again to clarify USE_PSA_CRYPTO
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
3dd9add294 Use PSA Crypto: try clarifying what it means
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
03cb87ea3c Update psa-limitations.md
For recent work and latest plans.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
52f7edb6ad Update psa-migration/strategy.md
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
David Horstmann
5158bd8ac8 Remove Exhale from requirements and regenerate
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-22 17:30:22 +00:00
David Horstmann
e84d61cb64 Add initial API doc configuration
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-16 18:01:58 +00:00
Manuel Pégourié-Gonnard
c9e0ad23c1 Update design document
- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for
now but might be added later (the architecture supports that).
- While we're using a void pointer for md_ctx, we don't need a union
here; the union will be useful only if & when we remove the indirection.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard
18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user
EC J-PAKE: partial fix for role vs user+peer
2023-03-15 09:37:30 +01:00
Przemek Stekiel
c0e6250ff9 Fix documentation and tests
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-14 11:49:36 +01:00
Manuel Pégourié-Gonnard
439dbc5c60 Fix dependency for TLS 1.3 as well
Turns out TLS 1.3 is using the PK layer for signature generation &
verification, and the PK layer is influenced by USE_PSA_CRYPTO.

Also update docs/use-psa-crypto.md accordingly.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-10 12:37:15 +01:00
Przemek Stekiel
e9254a0e55 Adapt driver dispatch documentation for user/peer getters
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-10 09:18:03 +01:00
Gilles Peskine
a4c6a3c355
Merge pull request #7237 from davidhorstmann-arm/move-getting-started-guide
Move docs/getting_started.md to docs repo
2023-03-09 23:31:25 +01:00
David Horstmann
369930dec2 Move docs/getting_started.md to docs repo
Delete docs/getting_started.md as it has been moved to the dedicated
documentation repo.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-03-09 09:52:13 +00:00
Przemek Stekiel
691e91adac Further pake code optimizations
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-08 09:54:00 +01:00
Przemek Stekiel
4dc83d40af Add check for pake operation buffer overflow
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-03-07 10:50:00 +01:00
Przemek Stekiel
6b64862ef7 Documentation fixes and code adaptation
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
251e86ae3f Adapt names to more suitable and fix conditional compilation flags
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
27cd488088 Update the documentation (v.3)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
33ea63d766 Minor updates of the documentation
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:32 +01:00
Przemek Stekiel
8c8ab26b2a Update documentation (handling inputs, function names)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:31 +01:00
Przemek Stekiel
d67a5b6320 Update PAKE driver documentation (v.2)
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:31 +01:00
Przemek Stekiel
d6eb11007f Add draft documentation for the PAKE driver dispatch logic
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2023-02-22 11:30:31 +01:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
Gilles Peskine
91af0f9c0e Minor clarifications
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-10 14:31:36 +01:00
Gilles Peskine
ff674d4c6f Typos
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-10 14:31:17 +01:00
Gilles Peskine
199ee456b1 Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-08 12:35:19 +01:00
Gilles Peskine
58e935fc6b add a missing
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-08 12:07:12 +01:00
Gilles Peskine
fad34a4f10 Support all legacy algorithms in PSA
This is not strictly mandatory, but it helps.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-07 20:37:56 +01:00
Manuel Pégourié-Gonnard
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
Dave Rodgman
17292f7823 Minor fixes
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-23 12:32:51 +00:00
Dave Rodgman
99ff0a7c50 Fix some additional over-long lines
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-23 12:31:01 +00:00
Manuel Pégourié-Gonnard
5a2e02635a Improve a few comments & documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-23 12:51:52 +01:00
Dave Rodgman
38699e5323 Update the getting-started doc
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-20 12:43:53 +00:00
Manuel Pégourié-Gonnard
6bbeba6a44 Add ssl-opt.sh support to outcome-analysis.sh
But make it optional as it makes things much slower.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard
222bc85c6c Update outcome analysis script & documentation
Now that the script only makes before-after comparison, it no longer
makes sense to ignore some test suites.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard
a6e0291c51 Update documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-21 09:59:33 +01:00
Gilles Peskine
3e30e1fb19 We haven't actually made hash accelerators initless in 3.3
It seems that it won't be necessary anyway.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:34:17 +01:00
Gilles Peskine
14239c6e2e Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT
It's a rare scenario, but it's currently possible: if you use
mbedtls_cipher_xxx() to encrypt the communication between the application
and the crypto service, changing those functions to call PSA will break your
system.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:32:48 +01:00
Gilles Peskine
22db9916fe The PSA cipher/AEAD API requires an initialized keystore
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:32:29 +01:00
Gilles Peskine
143ebcc1d6 PKCS#1v1.5 sign/verify uses hash metadata
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:30:10 +01:00
Gilles Peskine
cb93ac91bb Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:29:43 +01:00
Gilles Peskine
d167f16d55 Wording clarifications and typo fixes
No intended meaning change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-12-13 20:29:15 +01:00
Manuel Pégourié-Gonnard
55a188b420 Clarify the "restart vs use PSA" situation in TLS
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-09 10:09:33 +01:00