Commit graph

89 commits

Author SHA1 Message Date
Dave Rodgman
2bc3bdf37a README improvements to 3rdparty section
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:25:51 +00:00
Dave Rodgman
a334690973 Update license for p256-m
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:25:45 +00:00
Dave Rodgman
2c9049c406 Update documentation
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-03 12:25:20 +00:00
Tom Cosgrove
f884e603b9 Have a single source of truth for licensing information
We had information in both README.md and CONTRIBUTING.md about Mbed TLS licensing,
but the information in CONTRIBUTING.md was missing that authors still need to
accept that their contributions may be distributed under both Apache 2.0 and
GPLv2-or-later.

Move all but the most high-level “Mbed TLS files are provided under the
Apache-2.0 license” statement to CONTRIBUTING.md, and tidy up the text a bit.

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-26 11:46:31 +01:00
Tom Cosgrove
e0ac2ffbf0 Clarify in README.md that 'the project' is Mbed TLS
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-07-26 11:46:31 +01:00
Dave Rodgman
1917ee7cd1
Merge pull request #7867 from gilles-peskine-arm/readme-python3.8
Officially require Python 3.8
2023-07-07 09:58:15 +01:00
Dave Rodgman
aa00e81901
Merge pull request #7492 from gilles-peskine-arm/psa-driver-doc-entry-point
README: add section about drivers
2023-07-06 15:35:18 +01:00
Gilles Peskine
e1d5b07304 Link to the guide for writing a driver
Don't link to the proposed specifications: they aren't good entry points
because they describe what we want to achieve, not what exists today. The
guide links to them, that's enough.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-06 13:13:43 +02:00
Gilles Peskine
958346917c Officially require Python 3.8
Our code is still compatible with Python 3.5 at the time of writing, but we
don't want to commit to that.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-03 17:59:37 +02:00
Gilles Peskine
552c9ab8c4 Correct Python requirements in releases
The wording wasn't quite right for 3.0.0 and up: there's nothing special
about Python and sample programs (that was true in the end times of 2.x, but
not since 3.0). Python is not needed in a release unless you want to build
the tests or you want to integrate PSA drivers without writing your own C
wrappers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-07-03 17:54:26 +02:00
Aditya Deshpande
f100f00679 Add warnings to documentation stating that p256-m code may be out of date with upstream, plus other minor grammatical fixes.
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-04-28 17:54:15 +01:00
Aditya Deshpande
8d99f2590c Add 3rdparty license information to the README
Signed-off-by: Aditya Deshpande <aditya.deshpande@arm.com>
2023-04-28 17:54:15 +01:00
Gilles Peskine
17467c59b2 README: add section about drivers
Everything discussed in "Upcoming features" section is now available as a
usable, but incomplete feature (except "wider set of cryptographic
algorithms", but that doesn't need to be said). So replace it by a section
that briefly presents these features: drivers, and MBEDTLS_PSA_CRYPTO_CONFIG
which is primarily useful with drivers and thus doesn't get its own section.

Include an explicit note that the driver interface can still change. At this
time, it's the only place where we say that the driver interface is not
covered by the (application) interface stability promise.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-04-25 21:17:03 +02:00
Gilles Peskine
429e90153c Improve pip instructions
Our build scripts invoke `python3` in preference to `python`, so make the
default instruction use `python3`. On many systems (macOS, some Linux),
`python` invokes Python 2 which our scripts do not support.

Suggest --user by default. It's usually the right thing outside of venvs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-03-07 20:40:04 +01:00
Dave Rodgman
37296a413a Document SIZE_MAX requirement in README.md
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-02-10 15:39:22 +00:00
Dave Rodgman
05bdb13be3 Update README and add changelog entry
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-01-11 18:56:11 +00:00
Manuel Pégourié-Gonnard
59626b6179 Point to docker images used in the CI
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-12-15 10:08:26 +01:00
Dave Rodgman
28f424f238 Clarify support for mixed-endian platforms
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-12-01 09:49:44 +00:00
Dave Rodgman
12cee78ea7 Update PSA links in README.md
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-10-31 15:34:11 +00:00
Andrzej Kurek
29c002ebdf Remove unused perl dependency scripts
curves.pl, depends-hashes.pl, key-exchanges.pl and depends-pkalgs.pl are now superseded by depends.py.
Update all references to them accordingly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-10-26 08:26:58 -04:00
Dave Rodgman
7dbfed3b44
Improve wording re: PSA Crypto
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-10-12 17:27:32 +01:00
Dave Rodgman
7c195160df Update documentation links
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-10-12 16:27:14 +01:00
Manuel Pégourié-Gonnard
2dc436d6e7 Tune description of PSA crypto implementation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-04 12:44:37 +02:00
Manuel Pégourié-Gonnard
cbc03f5377 Update README about USE_PSA_CRYPTO
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2022-07-04 12:44:37 +02:00
Dave Rodgman
017a19997a Update references to old Github organisation
Replace references to ARMmbed organisation with the new
org, Mbed-TLS, following project migration.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2022-03-31 14:43:16 +01:00
minosgalanakis
0f2a46c1cf readme: Addressed review comments #2
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
Co-authored-by: davidhorstmann-arm <70948878+davidhorstmann-arm@users.noreply.github.com>
2021-12-09 17:11:30 +00:00
Minos Galanakis
d7547fcb5d readme: Addressed review comments
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-09 15:06:16 +00:00
Minos Galanakis
c42cadb54a Updated readme
This patch adds explicit implementation requirements for
platforms architecture dependencies

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2021-12-09 13:21:20 +00:00
Gilles Peskine
87485a3f28 Add requirement on Jinja to integrate drivers
Driver implementers need to regenerate wrappers. This will use Jinja2 as
discussed in
https://github.com/ARMmbed/mbedtls/pull/5067#discussion_r738794607

On the development branch, driver integration is always needed to generate
the driver wrapper and thus to build the library, so this requirement
applies to everyone, not just driver implementers. In releases, we plan to
include a default driver wrapper with support for basic use cases only,
meaning that the line `-r driver.requirements.txt` should be removed from
`basic.requirements.txt` in releases.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-11-17 19:27:45 +01:00
Harmen Stoppels
01ef723bba DT_NEEDED for shared builds in makefile
The makefile build specifies -L. -lmbedx509 -lmbedcrypto flags first,
and only then object files referencing symbols from those libraries.

In this order the linker will not add the linked libraries to the
DT_NEEDED section because they are not referenced yet (at least that
happens for me on ubuntu 20.04 with the default gnu compiler tools).

By first specifying the object files and then the linked libraries, we
do end up with libmbedx509 and libmbedcrypto in the DT_NEEDED sections.

This way running dlopen(...) on libmedtls.so just works.

Note that the CMake build does this by default.

Signed-off-by: Harmen Stoppels <harmenstoppels@gmail.com>
2021-11-03 01:06:11 +01:00
David Horstmann
48a0553684 Document the CMake generated files capability
Add a line in the README explaining that CMake will generate
the files it needs automatically on non-Windows systems
when not cross-compiling.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2021-10-25 13:16:04 +01:00
Gilles Peskine
b6b15b26e9 Add contact information directly on the home page
This information was already present in SECURITY.md and SUPPORT.md, but that
wasn't very apparent.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-09-30 14:10:06 +02:00
Dave Rodgman
0703f694b8 Remove warning of development instability from README
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-07-01 17:06:26 +01:00
Bence Szépkúti
bb0cfeb2d4 Rename config.h to mbedtls_config.h
This commit was generated using the following script:

# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2021-06-28 09:28:33 +01:00
Dave Rodgman
10bda58b49
Merge pull request #4259 from CJKay/cmake-config
Add CMake package config file
2021-06-25 20:32:13 +01:00
Dave Rodgman
2f458d3dcc Update README to document minimum tool versions
Fixes #4379.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-06-07 09:18:50 +01:00
Chris Kay
d259e347e6 Add CMake package config file
This change enables automatic detection and consumption of Mbed TLS
library targets from within other CMake projects. By generating an
`MbedTLSConfig.cmake` file, consuming projects receive a more complete
view of these targets, allowing them to be used as dependencies which
properly inherit the transitive dependencies of the libraries.

This is fairly fragile, as it seems Mbed TLS's libraries do not appear
to properly model their dependencies on other targets, including
third-party dependencies. It is, however, sufficient for building and
linking the compiled Mbed TLS libraries when there are no third-party
dependencies involved. Further work is needed for more complex
use-cases, but this will likely meet the needs of most projects.

Resolves #298. Probably useful for #2857.

Signed-off-by: Chris Kay <chris.kay@arm.com>
2021-06-04 16:02:48 +01:00
Gilles Peskine
d05a588f19 Document how to build the generated source files
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-05-20 10:37:22 +02:00
Dave Rodgman
a00e8502c9 Documentation updates for Mbed TLS 3.0
Update documentation to reflect the branch changes.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2021-04-26 16:23:21 +01:00
Manuel Pégourié-Gonnard
80c02af03c Add cross-doc links, avoid redundancies
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2021-02-25 12:50:43 +01:00
Ronald Cron
cf56a0a320 psa: Move from key handle to key identifier
Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.

Update the library modules using PSA crypto APIs
to get rid of key handles.

Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Carlos Gomes Martinho
227a9db71e docs: show cross platform instructions
Signed-off-by: Carlos Gomes Martinho <carlos.gomes_martinho@siemens.com>
2020-04-03 09:44:54 +02:00
Manuel Pégourié-Gonnard
a4b99a2d5a
Fix extra coma in README.md
Co-Authored-By: Andrzej Kurek <andrzej.kurek@arm.com>
2020-03-19 12:36:02 +01:00
Gilles Peskine
260b31d3e0 Don't use the PSA specification as Mbed TLS documentation
The Doxygen-generated manual includes PSA interfaces, so we don't need
to tell people to read the specification instead. Do link to the
specification portal, but from the PSA API section, not from the Mbed
TLS documentation section.
2020-03-09 19:37:46 +01:00
Gilles Peskine
f6917cc26b config.py is Python, not Perl
We missed this when we changed config.pl to config.py.
2020-03-09 19:32:23 +01:00
Gilles Peskine
67698704e7 Add a note about supported compilers
Adapted from the section in Mbed Crypto, with the addition of specific
compiler versions. Only mention Python 3; Python 2 may still work but
it is no longer supported upstream so we will not maintain
compatibility anymore.
2020-03-09 19:30:08 +01:00
Gilles Peskine
cf63f59432 Improve the description of programs/
From Mbed Crypto.
2020-03-09 19:26:28 +01:00
Gilles Peskine
b05d89dced Move the lone paragraph under "Configurations" to "Configuration" 2020-03-09 19:26:27 +01:00
Gilles Peskine
a10cbda609 Adapt the "Documentation" section from Mbed Crypto 2020-03-09 19:26:27 +01:00
Gilles Peskine
ed3aa130e3 Remove references to Mbed Crypto 2020-03-09 19:26:27 +01:00