Commit graph

462 commits

Author SHA1 Message Date
Gilles Peskine
66b96e2d87 Copyediting
Fix some typos and copypasta. Some very minor wording improvements.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-05-31 00:40:27 +02:00
Gilles Peskine
fd094081e1 Pass attributes alongside key buffer
This is the generic way of going adapting a psa_key_id_t argument in the
application interface to the driver interface. Thanks Hannes Lindström.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-20 20:24:17 +01:00
Gilles Peskine
635b779cfd Fix math character used in text mode
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-12 14:33:44 +01:00
Gilles Peskine
4e346bd569 Fix entry point name
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-12 14:33:22 +01:00
Gilles Peskine
eda71ce535 Key derivation: improve overview of the problem space
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-01-12 14:32:56 +01:00
Gilles Peskine
d9645c847e Fix naming confusion with opaque key derivation
"key_derivation_derive_key" should have been "key_derivation_output_key".

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 18:19:51 +02:00
Gilles Peskine
54eb0686b3 New function psa_crypto_driver_key_derivation_get_input_type
The new function psa_crypto_driver_key_derivation_get_input_type() allows
drivers to retrieve the effective type of each input step, and thus to call
the correct get-data function. This is simpler than the previous scheme
which required a somewhat contrived dance with get_key() and get_bytes() for
inputs that can be passed either as a key or as a byte buffer at the
application's choice.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-30 18:13:31 +02:00
Gilles Peskine
3fc9e04bc4 Be more consistent with raw/cooked key derivation terminology
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-03 17:48:46 +02:00
Gilles Peskine
1a5b83007c Fix typos and copypasta
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-03 17:47:40 +02:00
Gilles Peskine
c2e29108f0 Fix internal links
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-06-03 17:07:19 +02:00
Gilles Peskine
220bda7f76 Rename a function parameter to avoid confusion
Don't use “output” for an input of the KDF. It's correct in context (it's
the output of a function that copies the input of the KDF from core-owned
memory to driver-owned memory) but confusing.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-25 12:03:34 +01:00
Gilles Peskine
a2b41598d6 Draft specification for key derivation
Pass all the initial inputs in a single structure. It's impossible to pass
the inputs as soon as the application makes them available because the core
cannot know which driver to call until it receives the SECRET input.

Do support hiding the key material inside a secure element if the relevant
driver has all the requisite entry points.

Do cooked key derivation (i.e. derivation of non-raw keys) and key agreement
separately.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-01-24 14:52:59 +01:00
Archana
21b20c72d3
Add Changelog and update documentation
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-19 10:35:15 +05:30
Archana
c08248d650
Rename the template file from .conf to .jinja
Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-19 10:35:15 +05:30
Archana
a8939b6da3
Restructure scripts' folder alignment
Moved python script generate_driver_wrappers.py under scripts and
corresponding template file under script/data_files.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-18 12:57:15 +05:30
Archana
1f1a34a226
Rev 1.0 of Driver Wrappers code gen
The psa_crypto_driver_wrappers.c is merely rendered with no real
templating in version 1.0.

Signed-off-by: Archana <archana.madhavan@silabs.com>
2021-12-18 12:22:06 +05:30
Ronald Cron
b1822efe22 docs: TLS 1.3: Improve wording
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 14:28:13 +01:00
Ronald Cron
7aa6fc1992 docs: TLS 1.3: Update prototype upstreaming status
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
653d5bc781 docs: TLS 1.3: Swap prototype upstreaming status and MVP definition
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
43ffc9d659 docs: TLS 1.3: Update TLS 1.3 documentation file name
Update TLS 1.3 documentation file name and its
overview section.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Ronald Cron
0abf07ca2c Make PSA crypto mandatory for TLS 1.3
As we want to move to PSA for cryptographic operations
let's mandate PSA crypto from the start.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-12-10 13:22:21 +01:00
Dave Rodgman
d7c091060f
Merge pull request #5242 from paul-elliott-arm/explain_TLS13_decision
TLS1.3: Edit docs to explain not changing curve order.
2021-12-07 11:01:04 +00:00
Paul Elliott
cce0f5a085 Fix typo
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-12-03 16:13:30 +00:00
Paul Elliott
c0d335bc1e Second draft of explanation
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-12-02 16:38:05 +00:00
Paul Elliott
fe08944246 Fix spelling error
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-11-30 10:55:53 +00:00
Paul Elliott
89c8e098ee Convert tabs to spaces
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-11-30 10:54:52 +00:00
Paul Elliott
66491c7d08 Edit docs to explain not changing curve order
TLS1.3 MVP would benefit from a different curve group preference order
in order to not cause a HelloRetryRequest (which are not yet handled),
however changing the curve group preference order would affect both
TLS1.2 and TLS1.3, which is undesirable for something rare that can
be worked around.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-11-29 10:39:44 +00:00
Xiaofei Bai
746f9481ea Fix 1_3/13 usages in macros and function names
Signed-off-by: Xiaofei Bai <xiaofei.bai@arm.com>
2021-11-26 08:08:36 +00:00
Andrzej Kurek
e3ed82473a Fix duplicate variable name in getting_started.md
Rename the key id variables to not clash with the raw key data.
This was introduced in cf56a0a3.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2021-11-19 13:40:20 +01:00
Manuel Pégourié-Gonnard
9a7cf9a196
Merge pull request #5045 from gilles-peskine-arm/rm-PSACryptoDriverModelSpec-development
Remove the old driver model specification draft
2021-10-29 09:36:15 +02:00
Dave Rodgman
c8aaac89d0 Fix naming examples in TLS 1.3 style guide
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-10-18 13:00:51 +01:00
Gilles Peskine
4086159910 Remove obsolete specification draft
See https://armmbed.github.io/mbed-crypto/psa/#hardware-abstraction-layer
instead.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-10-07 19:14:01 +02:00
Manuel Pégourié-Gonnard
0729885c2b
Merge pull request #4963 from ronald-cron-arm/tls13-mvp
Define TLS 1.3 MVP and document coding rules
2021-09-29 10:32:49 +02:00
Ronald Cron
7fc96c1a57 Fix test description
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-28 16:29:04 +02:00
Ronald Cron
fb877215b5 Fix supported signature documentation
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-28 16:29:04 +02:00
Ronald Cron
8ee9ed6785 Fix and improve the documentation of supported groups
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-28 16:28:58 +02:00
Ronald Cron
f164b6a7ff Add an overview section
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:48:09 +02:00
Ronald Cron
847c3580b8 Expend coding rules
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:48:09 +02:00
Ronald Cron
3e7c4036b4 Miscellaneous improvements
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:48:09 +02:00
Ronald Cron
fecda8ddb4 Improve the description of common macros usage
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:48:02 +02:00
Ronald Cron
99733f0511 Amend vector variables
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
b194466e99 Amend TLS 1.3 prefix
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
72064b30cf Fix usage of backticks
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
660c723b09 Add paragraph about expected quality
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
7a7032a4ba Remove out of MVP scope items
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
c3b510f096 Amend supported groups and signatures based on spec 9.1 section
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:37 +02:00
Ronald Cron
3160d70049 Add comments about key_share and supported_versions support
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 15:39:29 +02:00
Ronald Cron
85e51083d8 Add support for server_name extension
Section 9.2 of the specification defines server_name
extension as mandatory if not specified otherwise by
an application profile. Thus add its support to the
MVP scope.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 13:42:39 +02:00
Ronald Cron
004df8ad5f Improve comment about handshake failure with HRR and CertificateRequest
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 13:42:39 +02:00
Ronald Cron
1fa5088c0b Improve comment about PSK TLS 1.3 configuration options
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2021-09-27 13:42:27 +02:00