yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
26939 commits 1 branch 0 tags 94 MiB
Commit graph

708 commits

Author SHA1 Message Date
Gilles Peskine
6f784dff49 Reflect the fact p256-m has been integrated into Mbed TLS 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:32:30 +02:00
Gilles Peskine
33291ba35f
Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc 
PSA thread safety requirements
 2023-08-10 16:21:55 +02:00
Manuel Pégourié-Gonnard
0b6d021069 Adjust presence of warning/link. 
- the codegen migration document is already a migration document, so
doesn't need the extra warning about work in progress;
- the driver interface can use a link to the more practical guide too.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-08 09:37:11 +02:00
Gilles Peskine
9aa93c8e78 Added a note about new primitives for secure destruction 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:32:09 +02:00
Gilles Peskine
584bf985f5 Elaborate on psa_destroy_key requirements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:29:19 +02:00
Manuel Pégourié-Gonnard
de24ba6cfd Add link to examples in relevant places 
Some documents about driver describe a state of things that is ahead of
the reality. They already contain a warning about it, but no way to know
that the current reality is; add a pointer to a document that describes
it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:36:14 +02:00
Manuel Pégourié-Gonnard
b61484947a Fix error in the guide to drivers 
There is no export_key entry point for transparent drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:32:51 +02:00
Gilles Peskine
d3a797710a psa_is_key_slot_occupied: change to using the key identifier 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 18:36:06 +02:00
Valerio Setti
ab02d391cb test: use only rev-parse for getting the current branch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 16:47:07 +02:00
Valerio Setti
ccb0344969 test: add GIT alternative commands for older GIT versions 
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 15:07:49 +02:00
Manuel Pégourié-Gonnard
1c739ec277
Merge pull request #7900 from mpg/doc-driver-only 
ECPf wrap-up
 2023-07-26 10:25:54 +02:00
Manuel Pégourié-Gonnard
fb22c27f1d Misc wording fixes and improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-18 10:40:56 +02:00
Manuel Pégourié-Gonnard
1937cf8143 Improve wording & fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:14:15 +02:00
Manuel Pégourié-Gonnard
c97775162e Fix inaccurate information about FFDH 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:11:20 +02:00
Dave Rodgman
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases 
Record the outcome of each test case in compat.sh
 2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard
7a82e27a10 Add documentation on driver-only ECC 
Just one part left for later.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Manuel Pégourié-Gonnard
6d5f4946e6 Add docs/driver-only-builds.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Gilles Peskine
0ca2a1f51b
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec 
Storage resilience with stateful secure elements: design document
 2023-06-29 18:25:52 +02:00
Manuel Pégourié-Gonnard
417ce2c574 Rename _USE to _BASIC 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-16 10:36:44 +02:00
Manuel Pégourié-Gonnard
1cae90bf50 Update PSA_WANT spec for new KEY_PAIR scheme 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-14 12:19:13 +02:00
Gilles Peskine
34a201774e More about whether to have the driver key id in the transaction list 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
009c06b973 Discuss the cost of a get_key_attributes entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
265ce7c1da
Merge pull request #5451 from gilles-peskine-arm/psa-driver-kdf-spec 
PSA drivers: specification for key derivation
 2023-06-06 11:37:28 +02:00
Gilles Peskine
f4ba0013e2 Clarify when key derivation entry points are mandatory/permitted 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:24:14 +02:00
Gilles Peskine
8dd1e623e1 Copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:14:41 +02:00
Gilles Peskine
7df8ba6a10 Rework the description of key derivation output/verify key 
Some of the fallback mechanisms between the entry points were not described
corrrectly.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:16:02 +02:00
Gilles Peskine
dcaf104eef Note that we may want to rename derive_key 
... if we think of a better name

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:41 +02:00
Gilles Peskine
f96a18edc7 Probably resolve concern about the input size for derive_key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 18:02:15 +02:00
Gilles Peskine
1414bc34b9 Minor copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-02 17:54:32 +02:00
Gilles Peskine
24f52296f1 Key agreement needs an attribute structure for our key 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:44:04 +02:00
Gilles Peskine
e52bff994c Note possible issue with derive_key: who should choose the input length? 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:43:29 +02:00
Gilles Peskine
b319ed69c4 State explicitly that cooked key derivation uses the export format 
This is the case for all key creation in a secure element, but state it
explicitly where relevant.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:45 +02:00
Gilles Peskine
f787879a14 Clarify sequencing of long inputs 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:29 +02:00
Gilles Peskine
d2fe1d5498 Rationale on key derivation inputs and buffer ownership 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:42:17 +02:00
Gilles Peskine
4e94fead86 Key derivation dispatch doesn't depend on the key type 
At least for all currently specified algorithms.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:56 +02:00
Gilles Peskine
66b96e2d87 Copyediting 
Fix some typos and copypasta. Some very minor wording improvements.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-31 00:40:27 +02:00
Gilles Peskine
4e5088476e Finish test strategy 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-30 23:34:07 +02:00
Gilles Peskine
44bbf29597 Write up the transaction/recovery processess 
Still missing: details of part of the testing

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 20:35:49 +02:00
Gilles Peskine
76a852f8fb Design document for storage resilience 
Explore possibilities for implementing stateful secure elements with
storage. Choose one.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-24 09:37:30 +02:00
Gilles Peskine
63df4ec3ca
Merge pull request #7589 from daverodgman/pr4990 
Replace references to Mbed Crypto (rebase)
 2023-05-16 19:14:51 +02:00
Gilles Peskine
7e37aa85a2
Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism 
Check list for implementing a new mechanism in PSA crypto
 2023-05-16 14:04:15 +02:00
Gilles Peskine
de4cbc54d3 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-05-16 12:04:57 +02:00
Fredrik Hesse
95bd5a5004 Minor adjustments after review. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:01:59 +01:00
Fredrik Hesse
0ec8a90d48 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 15:00:45 +01:00
Fredrik Hesse
cc207bc379 Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. 
Signed-off-by: Fredrik Hesse <fredrik@hesse.se>
 2023-05-12 14:59:01 +01:00
Bence Szépkúti
e06d863267
Merge pull request #7538 from bensze01/in-tree-redirects 
Add in-tree configuration file for Readthedocs redirects
 2023-05-11 15:07:06 +02:00
Bence Szépkúti
09f8df86ac Reword the API token explanation in redirects.yaml 
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-09 21:07:30 +02:00
Gilles Peskine
d3ca5e5897
Merge pull request #7328 from mprse/ec-jpake-fix1 
Fix the JPAKE driver interface for user+peer
 2023-05-02 20:42:25 +02:00
Bence Szépkúti
7ce8fba3cb Add post-build step to update redirects 
This allows us to maintain the list of redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 20:16:12 +02:00
Bence Szépkúti
4f4c87b01e Add readthedocs-cli to requirements.in 
This will allow us to manage our redirects in-tree.

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2023-05-02 19:59:34 +02:00