434fc5ecbd
Remove make.bat for documentation
...
Building the docs on Windows is not supported in any case, as the apidoc
target in the main Makefile will not run on Windows.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-27 15:24:37 +01:00
9bca03a2b2
Improve docs Makefile to do full build
...
Include the make apidoc and breathe-apidoc steps in the documentation
Makefile for ease of use. In this way, depart from the Makefile
generated automatically by Sphinx.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-27 15:21:27 +01:00
5158bd8ac8
Remove Exhale from requirements and regenerate
...
Regenerate the requirements.txt with Exhale removed and also with Python
3.9 instead of 3.8, for parity with Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-22 17:30:22 +00:00
e84d61cb64
Add initial API doc configuration
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-16 18:01:58 +00:00
18336dace2
Merge pull request #7196 from mprse/ecjpake-driver-dispatch-peer-user
...
EC J-PAKE: partial fix for role vs user+peer
2023-03-15 09:37:30 +01:00
c0e6250ff9
Fix documentation and tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-14 11:49:36 +01:00
439dbc5c60
Fix dependency for TLS 1.3 as well
...
Turns out TLS 1.3 is using the PK layer for signature generation &
verification, and the PK layer is influenced by USE_PSA_CRYPTO.
Also update docs/use-psa-crypto.md accordingly.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-10 12:37:15 +01:00
e9254a0e55
Adapt driver dispatch documentation for user/peer getters
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-10 09:18:03 +01:00
a4c6a3c355
Merge pull request #7237 from davidhorstmann-arm/move-getting-started-guide
...
Move docs/getting_started.md to docs repo
2023-03-09 23:31:25 +01:00
369930dec2
Move docs/getting_started.md to docs repo
...
Delete docs/getting_started.md as it has been moved to the dedicated
documentation repo.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-03-09 09:52:13 +00:00
691e91adac
Further pake code optimizations
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-08 09:54:00 +01:00
4dc83d40af
Add check for pake operation buffer overflow
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-03-07 10:50:00 +01:00
6b64862ef7
Documentation fixes and code adaptation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
251e86ae3f
Adapt names to more suitable and fix conditional compilation flags
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
27cd488088
Update the documentation (v.3)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
33ea63d766
Minor updates of the documentation
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
8c8ab26b2a
Update documentation (handling inputs, function names)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
d67a5b6320
Update PAKE driver documentation (v.2)
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
d6eb11007f
Add draft documentation for the PAKE driver dispatch logic
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
...
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
91af0f9c0e
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-10 14:31:36 +01:00
ff674d4c6f
Typos
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-10 14:31:17 +01:00
199ee456b1
Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-08 12:35:19 +01:00
58e935fc6b
add a missing
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-08 12:07:12 +01:00
fad34a4f10
Support all legacy algorithms in PSA
...
This is not strictly mandatory, but it helps.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-02-07 20:37:56 +01:00
00d3e96042
Merge pull request #6855 from mpg/driver-only-ecdsa-starter
...
Driver-only ECDSA starter
2023-01-24 13:06:17 +01:00
17292f7823
Minor fixes
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-23 12:32:51 +00:00
99ff0a7c50
Fix some additional over-long lines
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-23 12:31:01 +00:00
5a2e02635a
Improve a few comments & documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-23 12:51:52 +01:00
38699e5323
Update the getting-started doc
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-01-20 12:43:53 +00:00
6bbeba6a44
Add ssl-opt.sh support to outcome-analysis.sh
...
But make it optional as it makes things much slower.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-05 12:55:08 +01:00
222bc85c6c
Update outcome analysis script & documentation
...
Now that the script only makes before-after comparison, it no longer
makes sense to ignore some test suites.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-01-05 12:55:08 +01:00
a6e0291c51
Update documentation
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-21 09:59:33 +01:00
3e30e1fb19
We haven't actually made hash accelerators initless in 3.3
...
It seems that it won't be necessary anyway.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:34:17 +01:00
14239c6e2e
Switching to PSA can break things with MBEDTLS_PSA_CRYPTO_CLIENT
...
It's a rare scenario, but it's currently possible: if you use
mbedtls_cipher_xxx() to encrypt the communication between the application
and the crypto service, changing those functions to call PSA will break your
system.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:32:48 +01:00
22db9916fe
The PSA cipher/AEAD API requires an initialized keystore
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:32:29 +01:00
143ebcc1d6
PKCS#1v1.5 sign/verify uses hash metadata
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:30:10 +01:00
cb93ac91bb
Note that we can tweak the meaning of MBEDTLS_PSA_CRYPTO_CONFIG too
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:29:43 +01:00
d167f16d55
Wording clarifications and typo fixes
...
No intended meaning change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-12-13 20:29:15 +01:00
55a188b420
Clarify the "restart vs use PSA" situation in TLS
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2022-12-09 10:09:33 +01:00
4eefade8bf
Sketch some optimizations relevant to MD light
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:05:14 +01:00
f634fe10e7
Sketch the work to migrate to MD light
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:04:51 +01:00
188e900a6d
Specify MD light based on the interface requirements
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 23:04:16 +01:00
382b34ca84
Work out the hash interface requirements
...
Finish working out the RSA-PSS example in terms of what it implies about the
interface. The key takeaway is that a mixed-domain module must support
algorithms if they are available through either interface, and that's all
there is to it. The details of how dispatch is done don't matter, what
matters is only the availability, and it's just the disjunction of
availabilities.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-25 22:57:18 +01:00
4a8c9e2cff
tls13: Add definition of mbedtls_ssl_{write,read}_early_data
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2022-11-23 14:29:37 +01:00
ef25a99f20
Merge pull request #6533 from valeriosetti/issue5847
...
Use PSA EC-JPAKE in TLS (1.2) - Part 2
2022-11-23 13:27:30 +01:00
ba7c006222
Merge pull request #6466 from mprse/driver-only-hash-ci
...
Driver-only hashes: test coverage in the CI
2022-11-18 09:31:13 +01:00
93986645d8
Remove reference vs drivers test from outcome-analysis.sh
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2022-11-09 15:06:44 +01:00
c82050efdb
Starting to work out the RSA-PSS example
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2022-11-08 19:17:58 +01:00
e2977b6901
Remove TLS 1.2 exception about EC J-PAKE and PSA Crypto
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com >
2022-11-08 10:58:54 +01:00
