52f7edb6ad
Update psa-migration/strategy.md
...
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:44:59 +01:00
b175b146a2
Remove driver_pake_get_role function
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 13:37:18 +01:00
fa1754e9ef
Update documentation of psa_pake_input
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-23 08:06:09 +01:00
5158bd8ac8
Remove Exhale from requirements and regenerate
...
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-22 17:30:22 +00:00
e84d61cb64
Add initial API doc configuration
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-16 18:01:58 +00:00
c9e0ad23c1
Update design document
...
- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for
now but might be added later (the architecture supports that).
- While we're using a void pointer for md_ctx, we don't need a union
here; the union will be useful only if & when we remove the indirection.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-16 09:46:51 +01:00
18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user
...
EC J-PAKE: partial fix for role vs user+peer
2023-03-15 09:37:30 +01:00
c0e6250ff9
Fix documentation and tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-14 11:49:36 +01:00
439dbc5c60
Fix dependency for TLS 1.3 as well
...
Turns out TLS 1.3 is using the PK layer for signature generation &
verification, and the PK layer is influenced by USE_PSA_CRYPTO.
Also update docs/use-psa-crypto.md accordingly.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-10 12:37:15 +01:00
e9254a0e55
Adapt driver dispatch documentation for user/peer getters
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
a4c6a3c355
Merge pull request #7237 from davidhorstmann-arm/move-getting-started-guide
...
Move docs/getting_started.md to docs repo
2023-03-09 23:31:25 +01:00
369930dec2
Move docs/getting_started.md to docs repo
...
Delete docs/getting_started.md as it has been moved to the dedicated
documentation repo.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-09 09:52:13 +00:00
691e91adac
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-08 09:54:00 +01:00
4dc83d40af
Add check for pake operation buffer overflow
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:00 +01:00
7fc349e903
test-framework.md: document compat.sh
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-02-28 14:30:26 +08:00
6b64862ef7
Documentation fixes and code adaptation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
251e86ae3f
Adapt names to more suitable and fix conditional compilation flags
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
27cd488088
Update the documentation (v.3)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
33ea63d766
Minor updates of the documentation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
8c8ab26b2a
Update documentation (handling inputs, function names)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
d67a5b6320
Update PAKE driver documentation (v.2)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
d6eb11007f
Add draft documentation for the PAKE driver dispatch logic
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
...
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
91af0f9c0e
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-10 14:31:36 +01:00
ff674d4c6f
Typos
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-10 14:31:17 +01:00
199ee456b1
Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-08 12:35:19 +01:00
58e935fc6b
add a missing
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-08 12:07:12 +01:00
fad34a4f10
Support all legacy algorithms in PSA
...
This is not strictly mandatory, but it helps.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-07 20:37:56 +01:00
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
...
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
17292f7823
Minor fixes
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-23 12:32:51 +00:00
99ff0a7c50
Fix some additional over-long lines
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-23 12:31:01 +00:00
5a2e02635a
Improve a few comments & documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-23 12:51:52 +01:00
fd094081e1
Pass attributes alongside key buffer
...
This is the generic way of going adapting a psa_key_id_t argument in the
application interface to the driver interface. Thanks Hannes Lindström.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-01-20 20:24:17 +01:00
38699e5323
Update the getting-started doc
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-20 12:43:53 +00:00
635b779cfd
Fix math character used in text mode
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-01-12 14:33:44 +01:00
4e346bd569
Fix entry point name
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-01-12 14:33:22 +01:00
eda71ce535
Key derivation: improve overview of the problem space
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-01-12 14:32:56 +01:00
6bbeba6a44
Add ssl-opt.sh support to outcome-analysis.sh
...
But make it optional as it makes things much slower.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-05 12:55:08 +01:00
222bc85c6c
Update outcome analysis script & documentation
...
Now that the script only makes before-after comparison, it no longer
makes sense to ignore some test suites.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-05 12:55:08 +01:00
a6e0291c51
Update documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-21 09:59:33 +01:00
3e30e1fb19
We haven't actually made hash accelerators initless in 3.3
...
It seems that it won't be necessary anyway.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:34:17 +01:00
14239c6e2e
Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT
...
It's a rare scenario, but it's currently possible: if you use
mbedtls_cipher_xxx() to encrypt the communication between the application
and the crypto service, changing those functions to call PSA will break your
system.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:32:48 +01:00
22db9916fe
The PSA cipher/AEAD API requires an initialized keystore
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:32:29 +01:00
143ebcc1d6
PKCS#1v1.5 sign/verify uses hash metadata
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:30:10 +01:00
cb93ac91bb
Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:29:43 +01:00
d167f16d55
Wording clarifications and typo fixes
...
No intended meaning change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:29:15 +01:00
55a188b420
Clarify the "restart vs use PSA" situation in TLS
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-09 10:09:33 +01:00
4eefade8bf
Sketch some optimizations relevant to MD light
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:05:14 +01:00
f634fe10e7
Sketch the work to migrate to MD light
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:04:51 +01:00
188e900a6d
Specify MD light based on the interface requirements
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:04:16 +01:00
