c8aaac89d0
Fix naming examples in TLS 1.3 style guide
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2021-10-18 13:00:51 +01:00
7fc96c1a57
Fix test description
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-28 16:29:04 +02:00
fb877215b5
Fix supported signature documentation
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-28 16:29:04 +02:00
8ee9ed6785
Fix and improve the documentation of supported groups
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-28 16:28:58 +02:00
f164b6a7ff
Add an overview section
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:48:09 +02:00
847c3580b8
Expend coding rules
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:48:09 +02:00
3e7c4036b4
Miscellaneous improvements
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:48:09 +02:00
fecda8ddb4
Improve the description of common macros usage
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:48:02 +02:00
99733f0511
Amend vector variables
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
b194466e99
Amend TLS 1.3 prefix
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
72064b30cf
Fix usage of backticks
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
660c723b09
Add paragraph about expected quality
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
7a7032a4ba
Remove out of MVP scope items
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
c3b510f096
Amend supported groups and signatures based on spec 9.1 section
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:37 +02:00
3160d70049
Add comments about key_share and supported_versions support
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 15:39:29 +02:00
85e51083d8
Add support for server_name extension
...
Section 9.2 of the specification defines server_name
extension as mandatory if not specified otherwise by
an application profile. Thus add its support to the
MVP scope.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 13:42:39 +02:00
004df8ad5f
Improve comment about handshake failure with HRR and CertificateRequest
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 13:42:39 +02:00
1fa5088c0b
Improve comment about PSK TLS 1.3 configuration options
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 13:42:27 +02:00
023987feef
Use GitHub table format
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 12:05:28 +02:00
def52c36e5
Remove obscure comment about TLS 1.3 renegotiation config option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-27 12:03:55 +02:00
3785c907c7
Define TLS 1.3 MVP and document coding rules
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-09-21 16:16:56 +02:00
8ec3c8f015
Do not require test data to be in the repository
...
What matters is that we validate that test data is not removed. Keeping the
test data is the most obvious way, but not the only way.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-07-15 16:22:14 +02:00
b91f81a55b
Discuss lifetimes, in particular persistence levels
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-07-15 16:22:14 +02:00
77f8e5cb59
Add considerations on key material representations
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-07-15 16:22:14 +02:00
d131e400f0
Clarification: forward and backward compatibility
...
The import-and-save and load-and-check parts of the tests don't have to be
actually the same test cases.
Introduce the terms “forward compatibility” and “backward compatibility” and
relate them to import-and-save and load-and-check actions.
These are clarifications of intent that do not represent an intended change
in the strategy or intended coverage.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-07-15 16:22:14 +02:00
f31c6c111e
Typo
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-07-15 16:22:14 +02:00
bb0cfeb2d4
Rename config.h to mbedtls_config.h
...
This commit was generated using the following script:
# ========================
#!/bin/sh
git ls-files | grep -v '^ChangeLog' | xargs sed -b -E -i '
s/((check|crypto|full|mbedtls|query)_config)\.h/\1\nh/g
s/config\.h/mbedtls_config.h/g
y/\n/./
'
mv include/mbedtls/config.h include/mbedtls/mbedtls_config.h
# ========================
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com >
2021-06-28 09:28:33 +01:00
cadd3d860e
Give examples of PLATFORM_XXX_ALT
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-06-15 00:14:28 +02:00
bf26bef157
Discuss the durability of PSA drivers vs ALT when introducing them
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-06-15 00:14:28 +02:00
a71db94c66
Document that contexts must be movable
...
Fix #4451 .
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-06-15 00:14:28 +02:00
f35c42bdb9
Document the remaining constraints on ALT context types
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-06-15 00:14:28 +02:00
b9ccb25f33
Starter-class documentation of alternative implementations
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-06-15 00:10:37 +02:00
12f93f4fc2
Merge pull request #4407 from ARMmbed/dev3_signoffs
...
Merge development_3.0 into development
2021-04-26 19:48:16 +01:00
835beffcf4
Fix typo in architecture docs
...
Signed-off-by: Tobias Nießen <tniessen@tnie.de >
2021-04-19 23:56:25 +02:00
73e3e2cb1a
Merge remote-tracking branch 'origin/development' into development_new
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
Conflicts:
include/mbedtls/check_config.h: nearby edits
library/entropy.c: nearby edits
programs/random/gen_random_havege.c: modification vs. removal
programs/ssl/ssl_test_lib.h: nearby edits
programs/test/cpp_dummy_build.cpp: nearby edits
visualc/VS2010/mbedTLS.vcxproj: automatically generated file,
regenerated with scripts/generate_visualc_files.pl
2021-04-07 16:31:09 +01:00
6f554e388e
Remove reference to include/mbedtls/*_internal.h files
...
Signed-off-by: Chris Jones <christopher.jones@arm.com >
2021-04-01 09:52:37 +01:00
7594c68049
Document status of MPS upstreaming
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com >
2021-03-29 14:20:18 +01:00
d9763466b7
Expand and improve psa-crypto-implementation-structure.md
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-02-02 11:49:14 +01:00
31520b4b1c
Fix psa-crypto-implementation-structure.md
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-02-02 11:38:50 +01:00
0dbbf1e27f
psa: Add architecture document
...
Add architecture document explaining how this
PR aim to restructure the PSA implementation (only
part of it) and why.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2021-02-02 11:29:07 +01:00
a120146afe
Merge pull request #3962 from gilles-peskine-arm/psa-storage-format-test-strategy
...
Keystore format stability test strategy
2021-01-25 16:44:23 +01:00
ff457506d3
Remind the reader of what is done about old formats
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-01-19 14:25:20 +01:00
697ee190b5
Add a section about non-default lifetimes
...
Alternative locations should be covered. We don't yet support
alternative persistence levels.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-01-18 23:38:21 +01:00
528144f523
Clarify the methods of key storage testing
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-01-18 23:36:18 +01:00
cf62f10d3f
Clarify interoperability non-requirement
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2021-01-05 11:49:18 +01:00
739e08a68d
Keystore format stability test strategy
...
Initial revision.
Save-compare-load approach: the test case data contains attributes of
the object under test and the expected file content. Create the
object, save it, check that the file has the expected content, load
the file and check that the new object has the expected attributes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2020-12-14 18:51:47 +01:00
24cebf6671
Add a section for transparent drivers
...
No strategy yet, just state some basic requirements.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2020-12-08 15:19:04 +01:00
f0e2853d46
Minimal update to mention unified-interface opaque drivers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2020-12-08 15:19:04 +01:00
db6b03b4f2
Remove old-style accelerator and entropy driver interfaces
...
The driver interfaces described in crypto_accel_driver.h and
crypto_entropy_driver.h are no longer being worked on. We do not
intend to finish the design of these interfaces or to implement them
in Mbed TLS. They have been superseded by the unified driver
interface (docs/proposed/psa-driver-interface.md), which is being
actively worked on both to finalize the specification and to implement
it in Mbed TLS.
The partially implemented dynamic secure element interface is staying
for now.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2020-11-30 17:37:14 +01:00
cf56a0a320
psa: Move from key handle to key identifier
...
Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.
Update the library modules using PSA crypto APIs
to get rid of key handles.
Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2020-11-10 16:00:41 +01:00
