yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
26157 commits 1 branch 0 tags 94 MiB
Commit graph

688 commits

Author SHA1 Message Date
Dave Rodgman
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases 
Record the outcome of each test case in compat.sh
 2023-07-10 12:08:32 +01:00
Gilles Peskine
0ca2a1f51b
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec 
Storage resilience with stateful secure elements: design document
 2023-06-29 18:25:52 +02:00
Manuel Pégourié-Gonnard
417ce2c574 Rename _USE to _BASIC 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-16 10:36:44 +02:00
Manuel Pégourié-Gonnard
1cae90bf50 Update PSA_WANT spec for new KEY_PAIR scheme 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-14 12:19:13 +02:00
Gilles Peskine
34a201774e More about whether to have the driver key id in the transaction list 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
009c06b973 Discuss the cost of a get_key_attributes entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
265ce7c1da
Merge pull request #5451 from gilles-peskine-arm/psa-driver-kdf-spec 
PSA drivers: specification for key derivation
 2023-06-06 11:37:28 +02:00
Gilles Peskine
f4ba0013e2 Clarify when key derivation entry points are mandatory/permitted 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:24:14 +02:00
Gilles Peskine
8dd1e623e1 Copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:14:41 +02:00
Gilles Peskine
7df8ba6a10 Rework the description of key derivation output/verify key 
Some of the fallback mechanisms between the entry points were not described
corrrectly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:16:02 +02:00
Gilles Peskine
dcaf104eef Note that we may want to rename derive_key 
... if we think of a better name

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:41 +02:00
Gilles Peskine
f96a18edc7 Probably resolve concern about the input size for derive_key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:15 +02:00
Gilles Peskine
1414bc34b9 Minor copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 17:54:32 +02:00
Gilles Peskine
24f52296f1 Key agreement needs an attribute structure for our key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:44:04 +02:00
Gilles Peskine
e52bff994c Note possible issue with derive_key: who should choose the input length? 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:43:29 +02:00
Gilles Peskine
b319ed69c4 State explicitly that cooked key derivation uses the export format 
This is the case for all key creation in a secure element, but state it
explicitly where relevant.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:45 +02:00
Gilles Peskine
f787879a14 Clarify sequencing of long inputs 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:29 +02:00
Gilles Peskine
d2fe1d5498 Rationale on key derivation inputs and buffer ownership 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:17 +02:00
Gilles Peskine
4e94fead86 Key derivation dispatch doesn't depend on the key type 
At least for all currently specified algorithms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:56 +02:00
Gilles Peskine
66b96e2d87 Copyediting 
Fix some typos and copypasta. Some very minor wording improvements.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:27 +02:00
Gilles Peskine
4e5088476e Finish test strategy 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-30 23:34:07 +02:00
Gilles Peskine
44bbf29597 Write up the transaction/recovery processess 
Still missing: details of part of the testing

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 20:35:49 +02:00
Gilles Peskine
76a852f8fb Design document for storage resilience 
Explore possibilities for implementing stateful secure elements with
storage. Choose one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 09:37:30 +02:00
Gilles Peskine
63df4ec3ca
Merge pull request #7589 from daverodgman/pr4990 
Replace references to Mbed Crypto (rebase)
 2023-05-16 19:14:51 +02:00
Gilles Peskine
7e37aa85a2
Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism 
Check list for implementing a new mechanism in PSA crypto
 2023-05-16 14:04:15 +02:00
Gilles Peskine
de4cbc54d3 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-16 12:04:57 +02:00
Fredrik Hesse
95bd5a5004 Minor adjustments after review. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:01:59 +01:00
Fredrik Hesse
0ec8a90d48 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:00:45 +01:00
Fredrik Hesse
cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 14:59:01 +01:00
Bence Szépkúti
e06d863267
Merge pull request #7538 from bensze01/in-tree-redirects 
Add in-tree configuration file for Readthedocs redirects
 2023-05-11 15:07:06 +02:00
Bence Szépkúti
09f8df86ac Reword the API token explanation in redirects.yaml 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-09 21:07:30 +02:00
Gilles Peskine
d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1 
Fix the JPAKE driver interface for user+peer
 2023-05-02 20:42:25 +02:00
Bence Szépkúti
7ce8fba3cb Add post-build step to update redirects 
This allows us to maintain the list of redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 20:16:12 +02:00
Bence Szépkúti
4f4c87b01e Add readthedocs-cli to requirements.in 
This will allow us to manage our redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 19:59:34 +02:00
Manuel Pégourié-Gonnard
8e076e4132
Merge pull request #6915 from aditya-deshpande-arm/example-driver-post-codestyle 
Document (with examples) how to integrate a third-party driver with Mbed TLS
 2023-05-02 12:13:42 +02:00
Aditya Deshpande
8225587fd7 Change from Mbed TLS 3.3.0 to 3.4.0 in driver documentation. 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:55:02 +01:00
Aditya Deshpande
641cb8914d Minor changes to documentation and code comments for clarity 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:55:02 +01:00
Aditya Deshpande
bac592d53e Remove rand() from p256_generate_random() and move to an implementation based on mbedtls_ctr_drbg 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande
f80b939096 Add information for driver points where auto-generation is implemented 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande
755b174fec Add example for integrating a driver alongside Mbed TLS for entrypoints where auto-generation of driver wrappers is not implemented yet. 
Using p256-m as the example driver/software accelerator.

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande
abf4bf31cb Start the driver example write-up (p256-m integration) 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande
277690e944 Add step-by-step guide for writing and integrating drivers for entry points where auto-generation is not implemented 
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:15 +01:00
Aditya Deshpande
e41f7e457f Integrate p256-m as an example driver alongside Mbed TLS and write documentation for the example. 
(Reapplying changes as one commit on top of development post codestyle change instead of rewriting old branch)

Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
 2023-04-28 17:54:09 +01:00
valerio
95e57c3517 doc: update use-psa-crypto.md 
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-04-24 13:47:18 +02:00
valerio
0b0486452c improve syms.sh script for external dependencies analysis 
It is now possible to analyze also modules and not only
x509 and tls libraries.

Signed-off-by: valerio <valerio.setti@nordicsemi.no>
 2023-04-24 10:34:08 +02:00
Paul Elliott
4359badbb2
Merge pull request #7331 from mprse/ec-jpake-fix2 
PSA PAKE: Check input_length against PSA_PAKE_INPUT_SIZE() in psa_pake_input
 2023-04-17 16:31:09 +01:00
Ronald Cron
4d31496294 Update TLS 1.3 documentation and add change log 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-04-06 10:26:18 +02:00
Ronald Cron
e6e6b75ad3 psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option 
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2023-03-31 09:07:54 +02:00
Manuel Pégourié-Gonnard
0ab380a8ae
Merge pull request #7354 from mpg/ecc-doc-update 
Ecc doc update
 2023-03-30 15:38:47 +02:00
Manuel Pégourié-Gonnard
9463e780c6 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-03-30 09:37:39 +02:00