yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
29466 commits 1 branch 0 tags 94 MiB
Commit graph

314 commits

Author SHA1 Message Date
Gilles Peskine
3f557ad59c Wording improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8 ECDSA signature conversion: put bits first 
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design 
PK-PSA bridge design document
 2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368 Update ECDSA signature conversion based on experimentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 16:15:17 +01:00
Gilles Peskine
dd77343381 Open question for ECDSA signature that can be resolved during implementation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63 Add a usage parameter to mbedtls_pk_get_psa_attributes 
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.

Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6 Resolve several open questions as nothing special to do 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:58:25 +01:00
Gilles Peskine
42a025dc9c Reference filed issues 
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:35:31 +01:00
Gilles Peskine
5a64c42693 Reference ongoing work 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:09:16 +01:00
Gilles Peskine
89ca6c7e72 typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:08:56 +01:00
Gilles Peskine
32294044e1 Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO 
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:07:55 +01:00
Manuel Pégourié-Gonnard
0f45a1aec5 Fix typos / improve syntax 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-10 09:43:30 +01:00
Manuel Pégourié-Gonnard
60c9eee267 Improve wording & fix typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-09 10:09:17 +01:00
Manuel Pégourié-Gonnard
d0c6f70e58 Update architecture doc for cipher dual dispatch 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-08 11:35:01 +01:00
Gilles Peskine
9fe1c699a8 Clarify PSA-to-PK copy intent 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:16:31 +01:00
Gilles Peskine
f80dcc5f8b Resolve ECDSA conversion API: don't use an ASN.1 interface 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:47 +01:00
Gilles Peskine
a7226a1f60 Our TLS 1.3 API doesn't actually require PSA key identifiers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:14 +01:00
Gilles Peskine
93cdb77835 Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:04 +01:00
Gilles Peskine
8f1307adcd Asymmetric cryptography: rough draft 
Still many open questions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-25 21:42:23 +01:00
Manuel Pégourié-Gonnard
69b290589b
Merge pull request #8057 from mpg/cipher-study 
[G2] Tentative definition of Cipher light
 2023-12-22 08:53:30 +00:00
Ryan Everett
3dd6cde0d8 Mention functional correctness explicitly 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 16:47:57 +00:00
Ryan Everett
f5e135670b Clarify key generation and memory-management correctness 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 15:24:47 +00:00
Ryan Everett
c1c6e0d906 Justify linearization points 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-15 12:33:26 +00:00
Ryan Everett
6ecb9ce5fc Link directly to the state transition diagram 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:31 +00:00
Ryan Everett
acfd774bca Add some clarifications in thread_safety.md 
Make it clearer how it is possible to reason here using linearization

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:31 +00:00
Ryan Everett
3eb4274a57 Fix transitions in diagram 
Move the finish_key_creation transition
Neaten the diagram
Add transitions for the key loading functions in psa_get_and_lock_key_slot
Add psa_wipe_key_slot transition
Change file to be a png

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:01 +00:00
Ryan Everett
b461b8731c Change how the state transition diagram is stored 
Store the source of the diagram as a url instead of an xml file.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 14:40:45 +00:00
Manuel Pégourié-Gonnard
4dde0b293c md-cipher-dispatch: editorial improvements 
Fix a typo, add a reference.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-14 12:09:38 +01:00
Ryan Everett
177a45f556 Small clarifications in documentation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44 Update cipher light -> block cipher definition 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442 Move psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8 Add graph 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4 Update psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:05:07 +01:00
Gilles Peskine
7ee4cc302a Create legacy-API bridge API design document 
Do the analysis for hashes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-28 16:08:26 +01:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Manuel Pégourié-Gonnard
4823d2c94e Extend design discussion 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-26 12:56:39 +02:00
Janos Follath
a365efc6f1 Threading design: fix internal links 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-26 10:22:55 +01:00
Manuel Pégourié-Gonnard
6b3643117b Document chosen goals and priorities for 3.x 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-26 11:02:17 +02:00
Manuel Pégourié-Gonnard
3bcda449c0 Things forgotten in the previous commit 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-10-26 10:03:49 +02:00
Janos Follath
54bd71b40f Update operation threading strategy 
The library does not need to provide protection, leave it to the crypto
service.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:30:50 +01:00
Janos Follath
e604269a59 Threading Design: emphasise performance requirement 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:16:58 +01:00
Janos Follath
23f7e41633
Threading design: improve language 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-23 10:11:18 +01:00
Janos Follath
49d467c37d Threading design: update and clarify 3.6 plan 
- Separation of attr and slot state is added
- Driver support is cut back

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:41:40 +01:00
Janos Follath
de0e3e352d Threading design: Update empty slot tracking 
Using a dedicated field allows clean separatin between key attributes
and slot state. This allows us to use the same mechanics for attributes
and key content. Which in turn means lower code size and easier
maintenance.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 15:12:42 +01:00
Janos Follath
52586895f7 Clarify threading design document structure 
Separate design analysis from plans and make the distinction clear
between what is implemented, what is planned to be implemented soon,
what is planned to be implemented in the future, and what is ideas that
are rejected.

(The distinction between the last two categories doesn't have to be
clear, we can't and shouldn't plan that far ahead.)

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 14:26:57 +01:00
Janos Follath
19192a5158 Clarify reentrancy requirements for drivers 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-20 13:16:48 +01:00
Janos Follath
d7a39ae21e Add plan for 3.6 to threading design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 14:34:26 +01:00
Janos Follath
574100bb0d Add clarifications to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:28 +01:00
Janos Follath
811a954383 Add reentrancy section to thread safety design 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-10-17 12:50:21 +01:00