Commit graph

89 commits

Author SHA1 Message Date
Gilles Peskine
daf9d82b75 Correct usage of key_derivation_output_key
Add the mention of key_derivation_output_key in the section about the
key derivation entry point family.

Rename "derive_key" to "key_derivation_output_key". At this point,
there's no reason to deviate from the naming convention.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:33 +02:00
Gilles Peskine
a58d225d62 Add deep links to the API specification in a few places
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:33 +02:00
Gilles Peskine
d4e6927614 Change "function" to "entry point" in more places
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:33 +02:00
Gilles Peskine
53ba94c968 Clarify how the headers are used
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:33 +02:00
Gilles Peskine
e72e4de070 Clarify what the headers do
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:33 +02:00
Gilles Peskine
7a1e4f926a Minor wording improvements
Clarify some sentences. There is no change in intended meaning.

Fix typos. Change British spelling to American spelling.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-06 22:20:32 +02:00
danh-arm
0ca6d38bc3
Merge pull request #3493 from gilles-peskine-arm/psa-unified-driver-specs
PSA unified driver specification
2020-08-06 16:10:17 +01:00
Gilles Peskine
404e1dbd5a Clarify updates to the persistent state in storage
Rename psa_crypto_driver_update_persistent_state to
psa_crypto_driver_commit_persistent_state.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:37:29 +02:00
Gilles Peskine
5001da4aee With multiple applicable transparent drivers, the order is unspecified
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:32:36 +02:00
Gilles Peskine
b320d0833d Minor clarifications
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:27:41 +02:00
Gilles Peskine
ea739f0814 Give some examples of purpsoses of pure-software transparent driver
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:27:41 +02:00
Gilles Peskine
e265b9d183 Fix typos
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:27:41 +02:00
Gilles Peskine
3d1bcc68cb Add a link to the PSA API specification
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:20:09 +02:00
Gilles Peskine
929ab8af2b Explain locations vs lifetimes
Locations aren't in the official PSA API specification yet (they've
only be made public in Mbed TLS). Until version 1.0.1 of the API
specification is out, this document needs to explain locations.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-05 22:18:38 +02:00
Gilles Peskine
ab808e7592 Update open question section about public key storage
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 13:43:02 +02:00
Gilles Peskine
c93c4ed653 Remove the paragraph about declaring application needs
It's out of scope.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 13:38:03 +02:00
Gilles Peskine
c1d388ae54 Change driver persistent data to a callback interface
Rather than have some functions take the in-memory copy of the
persistent data as argument, allow all of them to access the
persistent data, including modifying it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 12:04:46 +02:00
Gilles Peskine
8d06ad0177 Rework and expand key management in opaque drivers
Opaque drivers only have a destroy function if the key is stored in
the secure element.

Expand on how key creation works. Provide more explanations of
allocate_key in drivers for secure elements with storage. Discuss key
destruction as well.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 12:04:46 +02:00
Gilles Peskine
921492625c Fix typos and copypasta
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 12:04:45 +02:00
Gilles Peskine
b6c43f61a4 Call driver entry point functions "entry point"
Call the functions listed in the driver description "entry points".
It's more precise than "functions", which could also mean any C
function defined in the driver code.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-08-03 11:21:07 +02:00
Gilles Peskine
bcce2eff27 Transparent drivers may have init functions too
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:45 +02:00
Gilles Peskine
71db60bd11 Automatically define location/lifetime constants
PSA_KEY_LOCATION_acme, PSA_KEY_LIFETIME_acme

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:45 +02:00
Gilles Peskine
278e5ebf78 Start Mbed TLS guides to PSA drivers
Driver developer's guide: introduction on how to write a driver.

Driver integration guide: how to build Mbed TLS with drivers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:45 +02:00
Gilles Peskine
2e66aca372 PSA unified driver interface
Working draft of the PSA cryptography unified interface specification.
Eventually this document will be under Arm PSA architecture ownership,
but for the time being this draft is maintained in Mbed TLS.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:45 +02:00
Gilles Peskine
abeb58e814 Add a directory for proposed specifications
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:42 +02:00
Manuel Pégourié-Gonnard
fafe8553c6
Merge pull request #3392 from paul-elliott-arm/psa_ecc_dh_macros
PSA: update EC curve and DH group family macros
2020-07-07 09:20:44 +02:00
Paul Elliott
8ff510ac26 Rename ECC Family Macros According to PSA Spec
Rename PSA_ECC_CURVE_xxx to PSA_ECC_FAMILY_xxx, also rename
PSA_KEY_TYPE_GET_CURVE to PSA_KEY_TYPE_ECC_GET_FAMILY and rename
psa_ecc_curve_t to psa_ecc_family_t. Old defines are provided in
include/crypto_compat.h for backward compatibility.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2020-07-02 16:59:30 +01:00
Gilles Peskine
fb4f933f8e Rename Python scripts to use '_' and not '-'
You can't import a Python script whose name includes '-'.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-25 14:22:06 +02:00
Janos Follath
bba4c17b7a
Merge pull request #3315 from hanno-arm/tls13-experimental-macro
Add support for TLS 1.3 record protection routines
2020-06-04 15:51:54 +01:00
Hanno Becker
5a83d29114 Mention HKDF in TLS 1.3 feature document
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-06-02 06:33:00 +01:00
Hanno Becker
0c3bebfa15 Fix typo in header of TLS 1.3 experimental features document
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-06-02 06:32:43 +01:00
Hanno Becker
9338f9f718 Add documentation on state of upstreaming of TLS 1.3 prototype
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-31 08:51:29 +01:00
Gilles Peskine
24ba42cef7 Fix explanation of rules for function substitution
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:42 +02:00
Gilles Peskine
688f6cc591 There are test programs, not just unit tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:40 +02:00
Gilles Peskine
5925183b8a Fix explanation of PSA_DONE
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:06:37 +02:00
Gilles Peskine
2182585776 Introduction: present the top-level sections
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:33 +02:00
Gilles Peskine
d04b9ed7dd Spelling
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:24 +02:00
Gilles Peskine
fa51820e39 Expand the rule for internal functions exposed for tests only
Clarify that using a header in library/ rather than include/ for
internal functions is a rule, not just a possibility.

As suggested by Manuel, state a rule for functions that need to be
static for best optimization but that we want to unit-test.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:38 +01:00
Gilles Peskine
4b7279e5d9 Write up some solutions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:31 +01:00
Gilles Peskine
dff10c773b Add a note that TLS requires further consideration
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:22 +01:00
Gilles Peskine
ab4b9b4165 New test strategy document: invasive testing
Evaluate possible approaches for invasive testing.

State some rules.

This commit was originally written for Mbed Crypto only.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:15 +01:00
Gilles Peskine
228abc5773 Define EC curve family constants
Define constants for ECC curve families and DH group families. These
constants have 0x0000 in the lower 16 bits of the key type.

Support these constants in the implementation and in the PSA metadata
tests.

Switch the slot management and secure element driver HAL tests to the
new curve encodings. This requires SE driver code to become slightly
more clever when figuring out the bit-size of an imported EC key since
it now needs to take the data size into account.

Switch some documentation to the new encodings.

Remove the macro PSA_ECC_CURVE_BITS which can no longer be implemented.
2020-01-31 10:15:32 +01:00
Gilles Peskine
89d8c5c447 Rename some signature-related identifiers
Rename some macros and functions related to signature which are
changing as part of the addition of psa_sign_message and
psa_verify_message.

perl -i -pe '%t = (
PSA_KEY_USAGE_SIGN => PSA_KEY_USAGE_SIGN_HASH,
PSA_KEY_USAGE_VERIFY => PSA_KEY_USAGE_VERIFY_HASH,
PSA_ASYMMETRIC_SIGNATURE_MAX_SIZE => PSA_SIGNATURE_MAX_SIZE,
PSA_ASYMMETRIC_SIGN_OUTPUT_SIZE => PSA_SIGN_OUTPUT_SIZE,
psa_asymmetric_sign => psa_sign_hash,
psa_asymmetric_verify => psa_verify_hash,
); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files . ':!:**/crypto_compat.h')
2019-11-26 18:20:59 +01:00
Gilles Peskine
9afbfdc833 Merge remote-tracking branch 'myfork-public/development' into merge-crypto-development-20191115
First deal with deleted files.

* Files deleted by us: keep them deleted.
* Files deleted by them, whether modified by us or not: keep our version.

```
git rm $(git status -s | sed -n 's/^DU //p')
git reset -- $(git status -s | sed -n 's/^D  //p')
git checkout -- $(git status -s | sed -n 's/^ D //p')
git add -- $(git status -s | sed -n 's/^UD //p')
```

Individual files with conflicts:

* `3rdparty/everest/library/Hacl_Curve25519_joined.c`: spurious conflict because git mistakenly identified this file as a rename. Keep our version.
* `README.md`: conflict due to their change in a paragraph that doesn't exist in our version. Keep our version of this paragraph.
* `docs/architecture/Makefile`: near-identical additions. Adapt the definition of `all_markdown` and include the clean target.
* `doxygen/input/docs_mainpage.h`: conflict in the version number. Keep our version number.
* `include/mbedtls/config.h`: two delete/modify conflicts. Keep the removed chunks out.
* `library/CMakeLists.txt`: discard all their changes as they are not relevant.
* `library/Makefile`:
    * Discard the added chunk about the crypto submodule starting with `INCLUDING_FROM_MBEDTLS:=1`.
    * delete/modify: keep the removed chunk out.
    * library build: This is almost delete/modify. Their changes are mostly not applicable. Do keep the `libmbedcrypto.$(DLEXT): | libmbedcrypto.a` order dependency.
    * `.c.o`: `-o` was added on both sides but in a different place. Change to their place.
* `library/error.c`: to be regenerated.
* `library/version_features.c`: to be regenerated.
* `programs/Makefile`: Most of the changes are not relevant. The one relevant change is in the `clean` target for Windows; adapt it by removing `/S` from our version.
* `programs/test/query_config.c`: to be regenerated.
* `scripts/config.py`: added in parallel on both sides. Keep our version.
* `scripts/footprint.sh`: parallel changes. Keep our version.
* `scripts/generate_visualc_files.pl`: one delete/modify conflict. Keep the removed chunks out.
* `tests/Makefile`: discard all of their changes.
* `tests/scripts/all.sh`:
    * `pre_initialize_variables` add `append_outcome`: add it.
    * `pre_initialize_variables` add `ASAN_CFLAGS`: already there, keep our version.
    * `pre_parse_command_line` add `--no-append-outcome`: add it.
    * `pre_parse_command_line` add `--outcome-file`: add it.
    * `pre_print_configuration`: add `MBEDTLS_TEST_OUTCOME_FILE`.
    * Several changes in SSL-specific components: keep our version without them.
    * Several changes where `config.pl` was changed to `config.py` and there was an adjacent difference: keep our version.
    * Changes regarding the inclusion of `MBEDTLS_MEMORY_xxx`: ignore them here, they will be normalized in a subsequent commit.
    * `component_test_full_cmake_gcc_asan`: add it without the TLS tests.
    * `component_test_no_use_psa_crypto_full_cmake_asan`: keep the fixed `msg`, discard other changes.
    * `component_test_memory_buffer_allocator_backtrace`, `component_test_memory_buffer_allocator`: add them without the TLS tests.
    * `component_test_m32_everest`: added in parallel on both sides. Keep our version.
* `tests/scripts/check-names.sh`, `tests/scripts/list-enum-consts.pl`, `tests/scripts/list-identifiers.sh`, ``tests/scripts/list-macros.sh`: discard all of their changes.
* `tests/scripts/test-ref-configs.pl`: the change in the conflict is not relevant, so keep our version there.
* `visualc/VS2010/*.vcxproj`: to be regenerated.

Regenerate files:

```
scripts/generate_visualc_files.pl
git add visualc/VS2010/*.vcxproj
scripts/generate_errors.pl
git add library/error.c
scripts/generate_features.pl
git add library/version_features.c
scripts/generate_query_config.pl
git add programs/test/query_config.c
```

Rejected changes in non-conflicting files:

* `CMakeLists.txt`: discard their addition which has already been side-ported.
* `doxygen/mbedtls.doxyfile`: keep the version number change. Discard the changes related to `../crypto` paths.

Keep the following changes after examination:

* `.travis.yml`: all of their changes are relevant.
* `include/mbedtls/error.h`: do keep their changes. Even though Crypto doesn't use TLS errors, it must not encroach on TLS's allocated numbers.
* `tests/scripts/check-test-cases.py`: keep the code dealing with `ssl-opt.sh`. It works correctly when the file is not present.
2019-11-15 11:47:14 +01:00
Jaeden Amero
fbdf150080 getting_started: Make it clear that keys are passed in
It was not obvious before that `AES_KEY` and `RSA_KEY` were shorthand
for key material. A user copy pasting the code snippet would run into a
compilation error if they didn't realize this. Make it more obvious that
key material must come from somewhere external by making the snippets
which use global keys into functions that take a key as a parameter.
2019-11-08 10:22:15 +00:00
Gilles Peskine
7334462278 Make hyperlink a hyperlink in every markdown flavor 2019-10-01 10:36:10 +02:00
Gilles Peskine
e94bc87ebe Document test case descriptions 2019-09-27 20:24:33 +02:00
Gilles Peskine
508caf528a Document the test outcome file 2019-09-24 19:21:19 +02:00
Gilles Peskine
d46b0869f4 Create infrastructure for architecture documents in Markdown 2019-09-24 19:21:19 +02:00
Jaeden Amero
3f20efc030
Merge pull request #246 from gilles-peskine-arm/psa-se_driver-interface_test_strategy
Secure element driver interface test strategy
2019-09-12 14:31:26 +01:00