mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	b38c9c888f	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	86efa852df	Mention EC J-PAKE opaque passwords. Unrelated to the other changes, other than I noticed it was missing while making the other edits. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	2ca08c8409	Try again to clarify USE_PSA_CRYPTO Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	3dd9add294	Use PSA Crypto: try clarifying what it means Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	03cb87ea3c	Update psa-limitations.md For recent work and latest plans. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	52f7edb6ad	Update psa-migration/strategy.md - Update for the new hashes strategy, in part by adding references to md-cipher-dispatch.md - General update about the status of things since the last update Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	c9e0ad23c1	Update design document - Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for now but might be added later (the architecture supports that). - While we're using a void pointer for md_ctx, we don't need a union here; the union will be useful only if & when we remove the indirection. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard	18336dace2	Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user EC J-PAKE: partial fix for role vs user+peer	2023-03-15 09:37:30 +01:00
Przemek Stekiel	c0e6250ff9	Fix documentation and tests Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-14 11:49:36 +01:00
Manuel Pégourié-Gonnard	439dbc5c60	Fix dependency for TLS 1.3 as well Turns out TLS 1.3 is using the PK layer for signature generation & verification, and the PK layer is influenced by USE_PSA_CRYPTO. Also update docs/use-psa-crypto.md accordingly. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-10 12:37:15 +01:00
Przemek Stekiel	e9254a0e55	Adapt driver dispatch documentation for user/peer getters Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com> Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-10 09:18:03 +01:00
Gilles Peskine	a4c6a3c355	Merge pull request #7237 from davidhorstmann-arm/move-getting-started-guide Move docs/getting_started.md to docs repo	2023-03-09 23:31:25 +01:00
David Horstmann	369930dec2	Move docs/getting_started.md to docs repo Delete docs/getting_started.md as it has been moved to the dedicated documentation repo. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-03-09 09:52:13 +00:00
Przemek Stekiel	691e91adac	Further pake code optimizations Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-08 09:54:00 +01:00
Przemek Stekiel	4dc83d40af	Add check for pake operation buffer overflow Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-03-07 10:50:00 +01:00
Przemek Stekiel	6b64862ef7	Documentation fixes and code adaptation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	251e86ae3f	Adapt names to more suitable and fix conditional compilation flags Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	27cd488088	Update the documentation (v.3) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	33ea63d766	Minor updates of the documentation Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:32 +01:00
Przemek Stekiel	8c8ab26b2a	Update documentation (handling inputs, function names) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	d67a5b6320	Update PAKE driver documentation (v.2) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Przemek Stekiel	d6eb11007f	Add draft documentation for the PAKE driver dispatch logic Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-02-22 11:30:31 +01:00
Manuel Pégourié-Gonnard	6778ddf657	Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy Dual-API hash dispatch strategy	2023-02-15 12:50:13 +01:00
Gilles Peskine	91af0f9c0e	Minor clarifications Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-10 14:31:36 +01:00
Gilles Peskine	ff674d4c6f	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-10 14:31:17 +01:00
Gilles Peskine	199ee456b1	Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:35:19 +01:00
Gilles Peskine	58e935fc6b	add a missing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:07:12 +01:00
Gilles Peskine	fad34a4f10	Support all legacy algorithms in PSA This is not strictly mandatory, but it helps. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-07 20:37:56 +01:00
Manuel Pégourié-Gonnard	00d3e96042	Merge pull request #6855 from mpg/driver-only-ecdsa-starter Driver-only ECDSA starter	2023-01-24 13:06:17 +01:00
Dave Rodgman	17292f7823	Minor fixes Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-23 12:32:51 +00:00
Dave Rodgman	99ff0a7c50	Fix some additional over-long lines Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-23 12:31:01 +00:00
Manuel Pégourié-Gonnard	5a2e02635a	Improve a few comments & documentation Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-23 12:51:52 +01:00
Dave Rodgman	38699e5323	Update the getting-started doc Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-01-20 12:43:53 +00:00
Manuel Pégourié-Gonnard	6bbeba6a44	Add ssl-opt.sh support to outcome-analysis.sh But make it optional as it makes things much slower. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard	222bc85c6c	Update outcome analysis script & documentation Now that the script only makes before-after comparison, it no longer makes sense to ignore some test suites. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard	a6e0291c51	Update documentation Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-12-21 09:59:33 +01:00
Gilles Peskine	3e30e1fb19	We haven't actually made hash accelerators initless in 3.3 It seems that it won't be necessary anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:34:17 +01:00
Gilles Peskine	14239c6e2e	Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT It's a rare scenario, but it's currently possible: if you use mbedtls_cipher_xxx() to encrypt the communication between the application and the crypto service, changing those functions to call PSA will break your system. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:32:48 +01:00
Gilles Peskine	22db9916fe	The PSA cipher/AEAD API requires an initialized keystore Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:32:29 +01:00
Gilles Peskine	143ebcc1d6	PKCS#1v1.5 sign/verify uses hash metadata Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:30:10 +01:00
Gilles Peskine	cb93ac91bb	Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:29:43 +01:00
Gilles Peskine	d167f16d55	Wording clarifications and typo fixes No intended meaning change. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:29:15 +01:00
Manuel Pégourié-Gonnard	55a188b420	Clarify the "restart vs use PSA" situation in TLS Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2022-12-09 10:09:33 +01:00
Gilles Peskine	4eefade8bf	Sketch some optimizations relevant to MD light Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 23:05:14 +01:00
Gilles Peskine	f634fe10e7	Sketch the work to migrate to MD light Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 23:04:51 +01:00
Gilles Peskine	188e900a6d	Specify MD light based on the interface requirements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 23:04:16 +01:00
Gilles Peskine	382b34ca84	Work out the hash interface requirements Finish working out the RSA-PSS example in terms of what it implies about the interface. The key takeaway is that a mixed-domain module must support algorithms if they are available through either interface, and that's all there is to it. The details of how dispatch is done don't matter, what matters is only the availability, and it's just the disjunction of availabilities. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-11-25 22:57:18 +01:00
Ronald Cron	4a8c9e2cff	tls13: Add definition of mbedtls_ssl_{write,read}_early_data Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2022-11-23 14:29:37 +01:00
Manuel Pégourié-Gonnard	ef25a99f20	Merge pull request #6533 from valeriosetti/issue5847 Use PSA EC-JPAKE in TLS (1.2) - Part 2	2022-11-23 13:27:30 +01:00
Manuel Pégourié-Gonnard	ba7c006222	Merge pull request #6466 from mprse/driver-only-hash-ci Driver-only hashes: test coverage in the CI	2022-11-18 09:31:13 +01:00

1 2 3 4 5 ...

612 commits