yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
18782 commits 1 branch 0 tags 94 MiB
Commit graph

12 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
c70013e4bc Clarify the trailer field situation 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 13:16:50 +01:00
Manuel Pégourié-Gonnard
c7f3254379 Clarify a sentence 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 13:00:33 +01:00
Manuel Pégourié-Gonnard
58d101b721 Fix a few more typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-10 12:58:09 +01:00
Manuel Pégourié-Gonnard
839bb8a238 Fix an inaccuracy 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 10:33:41 +01:00
Manuel Pégourié-Gonnard
80759c4917 Fix a few more typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-08 10:33:11 +01:00
Manuel Pégourié-Gonnard
8ebed21216 Fix a few typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-07 10:23:49 +01:00
Manuel Pégourié-Gonnard
539b9a52f9 Fix discussion of RSA-PSS salt length 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-07 10:19:08 +01:00
Manuel Pégourié-Gonnard
8e559daaa8 Misc updates to psa-limitations.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-02-01 10:26:07 +01:00
Manuel Pégourié-Gonnard
5218774efb Add note about HKDF for TLS 1.3 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-01-18 09:13:14 +01:00
Manuel Pégourié-Gonnard
e459be2ed1 Complete discussion of RSASSA-PSS 
Update to latest draft of PSA Crypto 1.1.0: back to strict verification
by default, but ANY_SALT introduced.

Commands used to observe default values of saltlen:

    openssl genpkey -algorithm rsa-pss -out o.key
    openssl req -x509 -new -key o.key -subj "/CN=CA" -sha256 -out o.crt

    certtool --generate-privkey --key-type rsa-pss --outfile g.key
    certtool --generate-self-signed --load-privkey g.key --outfile g.crt

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-01-18 09:13:14 +01:00
Manuel Pégourié-Gonnard
f5ee4b3da4 Add data about RSA-PSS test files 
Data gathered with:

    for c in server9*.crt; do echo $c; openssl x509 -noout -text -in $c |
        grep '^    Signature Algorithm: rsassaPss' -A3 | sed '1d'; done
    for c in crl-rsa-pss-*; do echo $c; openssl crl -noout -text -in $c |
        grep '^    Signature Algorithm: rsassaPss' -A3 | sed '1d'; done
    for c in server9.req.*; do echo $c; openssl req -noout -text -in $c |
        grep '^    Signature Algorithm: rsassaPss' -A3 | sed '1d'; done

Unfortunately there is no record of how these files have been generated.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-01-18 09:13:14 +01:00
Manuel Pégourié-Gonnard
d9edd56bf8 Document PSA limitations that could be problems 
(WIP: the study of RSA-PSS is incomplete.)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2022-01-18 09:13:14 +01:00