mbedtls

Author	SHA1	Message	Date
Manuel Pégourié-Gonnard	b8c4254f44	Update cipher light -> block cipher definition Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-12-07 12:12:39 +01:00
Manuel Pégourié-Gonnard	303121eb16	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-12-07 12:05:07 +01:00
Manuel Pégourié-Gonnard	4823d2c94e	Extend design discussion Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-26 12:56:39 +02:00
Manuel Pégourié-Gonnard	6b3643117b	Document chosen goals and priorities for 3.x Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-26 11:02:17 +02:00
Manuel Pégourié-Gonnard	3bcda449c0	Things forgotten in the previous commit Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-26 10:03:49 +02:00
Manuel Pégourié-Gonnard	f1878d8974	Update to only serve GCM and CCM Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-12 11:19:00 +02:00
Manuel Pégourié-Gonnard	301d2a29a7	Update to MD light section Mostly to reflect this has been implemented, and remove references to temporary remains from the previous strategy (hash_info, legacy_or_psa) which would probably be more confusing than helpful at this point. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard	2daee0410e	Update list of modules using hashes Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard	ca18b7747e	Update definition of Cipher light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard	839d3580bd	Update details of modules using cipher operations Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-10-10 09:22:59 +02:00
Manuel Pégourié-Gonnard	36cd3f9f8e	Add tentative definition of Cipher light Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-08-11 10:06:42 +02:00
Manuel Pégourié-Gonnard	948137be59	Add details on use of ciphers from other modules Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-08-10 16:58:30 +02:00
Valerio Setti	ab02d391cb	test: use only rev-parse for getting the current branch Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 16:47:07 +02:00
Valerio Setti	ccb0344969	test: add GIT alternative commands for older GIT versions The Docker container used for the CI has Git version 2.7.4 which does not support the "git branch --show-current" command since this was added in version 2.22. Therefore this commit adds an alternative version for old Git versions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 15:07:49 +02:00
Dave Rodgman	e183ecef3d	Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases Record the outcome of each test case in compat.sh	2023-07-10 12:08:32 +01:00
Gilles Peskine	0ca2a1f51b	Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec Storage resilience with stateful secure elements: design document	2023-06-29 18:25:52 +02:00
Gilles Peskine	34a201774e	More about whether to have the driver key id in the transaction list Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	009c06b973	Discuss the cost of a get_key_attributes entry point Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	4e5088476e	Finish test strategy Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-30 23:34:07 +02:00
Gilles Peskine	44bbf29597	Write up the transaction/recovery processess Still missing: details of part of the testing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 20:35:49 +02:00
Gilles Peskine	76a852f8fb	Design document for storage resilience Explore possibilities for implementing stateful secure elements with storage. Choose one. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 09:37:30 +02:00
Gilles Peskine	63df4ec3ca	Merge pull request #7589 from daverodgman/pr4990 Replace references to Mbed Crypto (rebase)	2023-05-16 19:14:51 +02:00
Gilles Peskine	7e37aa85a2	Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism Check list for implementing a new mechanism in PSA crypto	2023-05-16 14:04:15 +02:00
Gilles Peskine	de4cbc54d3	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-16 12:04:57 +02:00
Fredrik Hesse	95bd5a5004	Minor adjustments after review. Signed-off-by: Fredrik Hesse <fredrik@hesse.se>	2023-05-12 15:01:59 +01:00
Fredrik Hesse	0ec8a90d48	Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. Signed-off-by: Fredrik Hesse <fredrik@hesse.se>	2023-05-12 15:00:45 +01:00
Fredrik Hesse	cc207bc379	Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments. Signed-off-by: Fredrik Hesse <fredrik@hesse.se>	2023-05-12 14:59:01 +01:00
valerio	0b0486452c	improve syms.sh script for external dependencies analysis It is now possible to analyze also modules and not only x509 and tls libraries. Signed-off-by: valerio <valerio.setti@nordicsemi.no>	2023-04-24 10:34:08 +02:00
Ronald Cron	4d31496294	Update TLS 1.3 documentation and add change log Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-04-06 10:26:18 +02:00
Ronald Cron	e6e6b75ad3	psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option The support for the PSA crypto driver interface is not optional anymore as the implementation of the PSA cryptography interface has been restructured around the PSA crypto driver interface (see psa-crypto-implementation-structure.md). There is thus no purpose for the configuration options MBEDTLS_PSA_CRYPTO_DRIVERS anymore. Signed-off-by: Ronald Cron <ronald.cron@arm.com>	2023-03-31 09:07:54 +02:00
Manuel Pégourié-Gonnard	5c8c9e068e	Minor improvements Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-29 10:33:03 +02:00
Manuel Pégourié-Gonnard	b38c9c888f	Fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	03cb87ea3c	Update psa-limitations.md For recent work and latest plans. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	52f7edb6ad	Update psa-migration/strategy.md - Update for the new hashes strategy, in part by adding references to md-cipher-dispatch.md - General update about the status of things since the last update Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard	c9e0ad23c1	Update design document - Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for now but might be added later (the architecture supports that). - While we're using a void pointer for md_ctx, we don't need a union here; the union will be useful only if & when we remove the indirection. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-03-16 09:46:51 +01:00
Yanray Wang	7fc349e903	test-framework.md: document compat.sh Signed-off-by: Yanray Wang <yanray.wang@arm.com>	2023-02-28 14:30:26 +08:00
Manuel Pégourié-Gonnard	6778ddf657	Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy Dual-API hash dispatch strategy	2023-02-15 12:50:13 +01:00
Gilles Peskine	91af0f9c0e	Minor clarifications Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-10 14:31:36 +01:00
Gilles Peskine	ff674d4c6f	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-10 14:31:17 +01:00
Gilles Peskine	199ee456b1	Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:35:19 +01:00
Gilles Peskine	58e935fc6b	add a missing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-08 12:07:12 +01:00
Gilles Peskine	fad34a4f10	Support all legacy algorithms in PSA This is not strictly mandatory, but it helps. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-02-07 20:37:56 +01:00
Manuel Pégourié-Gonnard	5a2e02635a	Improve a few comments & documentation Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-23 12:51:52 +01:00
Manuel Pégourié-Gonnard	6bbeba6a44	Add ssl-opt.sh support to outcome-analysis.sh But make it optional as it makes things much slower. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-05 12:55:08 +01:00
Manuel Pégourié-Gonnard	222bc85c6c	Update outcome analysis script & documentation Now that the script only makes before-after comparison, it no longer makes sense to ignore some test suites. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-01-05 12:55:08 +01:00
Gilles Peskine	3e30e1fb19	We haven't actually made hash accelerators initless in 3.3 It seems that it won't be necessary anyway. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:34:17 +01:00
Gilles Peskine	14239c6e2e	Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT It's a rare scenario, but it's currently possible: if you use mbedtls_cipher_xxx() to encrypt the communication between the application and the crypto service, changing those functions to call PSA will break your system. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:32:48 +01:00
Gilles Peskine	22db9916fe	The PSA cipher/AEAD API requires an initialized keystore Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:32:29 +01:00
Gilles Peskine	143ebcc1d6	PKCS#1v1.5 sign/verify uses hash metadata Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:30:10 +01:00
Gilles Peskine	cb93ac91bb	Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2022-12-13 20:29:43 +01:00

1 2 3 4 5

249 commits