lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
30,107 Commits 176 Branches 276 Tags
820199a2ef1ced857798c33110d3ea01f9b2006d
Commit Graph

867 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
fb84c7681c Merge pull request #8889 from gilles-peskine-arm/pk-psa-bridge-3.6-doc 
Document PK-PSA bridge functions
 2024-03-13 10:55:36 +00:00
Gilles Peskine
e29b4b42b7 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 09:33:03 +01:00
Gilles Peskine
e4220fef2f MBEDTLS_USE_PSA_CRYPTO: most pk bridge functions don't require it 
mbedtls_setup_pk_opaque does require it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:03:12 +01:00
Gilles Peskine
0cff1116f7 Remind the reader that PK doesn't support DH 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:58 +01:00
Gilles Peskine
7caf2dc964 Discuss mbedtls_pk_copy_public_from_psa 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:45 +01:00
Gilles Peskine
8462146d01 Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core 
Merge psa_core_key_attributes_t back into psa_key_attributes_t
 2024-03-05 09:59:24 +00:00
Gilles Peskine
634d60ce0a List ECDSA signature conversion functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:13 +01:00
Gilles Peskine
0612adc0f7 Document mbedtls_pk_setup_opaque and mbedtls_pk_copy_from_psa 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:13 +01:00
Gilles Peskine
9d04f0872f Document mbedtls_pk_import_into_psa 
Explain how to use mbedtls_pk_get_psa_attributes() and
mbedtls_pk_import_into_psa() to make a PSA key from a PK key.

Remove the discussion of how to do the same manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:11 +01:00
Gilles Peskine
492d4a8ef9 Mention psa_generate_key_ext() 
Replaces the recommendation to use mbedtls_rsa_gen_key() for RSA key
generation with a custom public exponent.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:28:19 +01:00
Gilles Peskine
acdc52e154 mbedtls_ecp_write_key_ext(): recommend over the old function in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 13:19:42 +01:00
Gilles Peskine
8988767b0e Use attribute accessor functions in driver wrappers 
Fully automated:
```
perl -i -pe 's/(\w+)->core\.(\w+)/psa_get_key_$2($1)/g' scripts/data_files/driver_templates/*.jinja docs/psa-driver-example-and-guide.md
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 01:29:13 +01:00
Gilles Peskine
3ea9450463 Merge pull request #8734 from valeriosetti/issue8564 
Add test for driver-only HMAC
 2024-02-14 13:43:40 +00:00
Gilles Peskine
3f557ad59c Wording improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8 ECDSA signature conversion: put bits first 
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217 Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design 
PK-PSA bridge design document
 2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368 Update ECDSA signature conversion based on experimentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 16:15:17 +01:00
Valerio Setti
18be2fb9df driver-only-builds: improve a sentence in the HMAC section 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 15:07:02 +01:00
Valerio Setti
9f521056bc driver-only-builds: add documentation for HMAC acceleration 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 15:44:24 +01:00
Gilles Peskine
4d4891e18a Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Gilles Peskine
c9077cccd3 Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00
Gilles Peskine
dd77343381 Open question for ECDSA signature that can be resolved during implementation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63 Add a usage parameter to mbedtls_pk_get_psa_attributes 
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.

Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6 Resolve several open questions as nothing special to do 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:58:25 +01:00
Gilles Peskine
42a025dc9c Reference filed issues 
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:35:31 +01:00
Gilles Peskine
5a64c42693 Reference ongoing work 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:09:16 +01:00
Gilles Peskine
89ca6c7e72 typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:08:56 +01:00
Gilles Peskine
32294044e1 Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO 
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:07:55 +01:00
Bence Szépkúti
333ca8fdfc Migrate to new RTD redirect format 
Migrate to the new redirect format introduced by ReadTheDocs in
readthedocs/readthedocs.org#10881

Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
 2024-01-16 17:06:06 +01:00
Manuel Pégourié-Gonnard
e334486753 Add new lines before lists 
This is more portable markdown, and also for people who read the text,
it make the new lines after the list (but inside the same sentence) less
surprising I hope.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-10 10:24:31 +01:00
Manuel Pégourié-Gonnard
0f45a1aec5 Fix typos / improve syntax 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-10 09:43:30 +01:00
Valerio Setti
afa01c7394 psa-transition: update "Elliptic curve mechanism selection" section 
- add hyperlinks for the conversion functions.
- move conversion functions' description before the legacy<->PSA table.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Valerio Setti
dc33200b74 psa-transition: extend "Elliptic curve mechanism selection" 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-09 13:41:52 +01:00
Manuel Pégourié-Gonnard
60c9eee267 Improve wording & fix typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-09 10:09:17 +01:00
Manuel Pégourié-Gonnard
d0c6f70e58 Update architecture doc for cipher dual dispatch 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
c1cea63478 Quickly mention the status of RSA accel 
Not related to other commits in this PR, should have been done in #8616
really, but since I'm updating the document, might as well do it here.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
dc4103e9aa Clarify CCM/CM with partial accel 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-08 11:35:01 +01:00
Manuel Pégourié-Gonnard
5bad043c06 Merge pull request #8641 from valeriosetti/issue8358 
G3-G4 wrap-up
 2024-01-04 10:48:00 +00:00
Valerio Setti
7406b74fce driver-only-builds: fix typo 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-03 14:47:36 +01:00
Valerio Setti
a87cd17b35 psa-transition: update with MD translation functions 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-02 16:20:44 +01:00
Gilles Peskine
9fe1c699a8 Clarify PSA-to-PK copy intent 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:16:31 +01:00
Gilles Peskine
f80dcc5f8b Resolve ECDSA conversion API: don't use an ASN.1 interface 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:47 +01:00
Gilles Peskine
a7226a1f60 Our TLS 1.3 API doesn't actually require PSA key identifiers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:14 +01:00
Gilles Peskine
93cdb77835 Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:04 +01:00
Valerio Setti
045d680054 driver-only-builds: enhancing cipher related sections 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-29 15:42:22 +01:00
Valerio Setti
f333b3fbde driver-only-builds: fix typos 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-29 15:08:39 +01:00
Valerio Setti
92e5c693ba driver-only-builds: updated ciphers and AEADs related sections 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-28 13:28:03 +01:00
Gilles Peskine
8f1307adcd Asymmetric cryptography: rough draft 
Still many open questions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-25 21:42:23 +01:00
Manuel Pégourié-Gonnard
69b290589b Merge pull request #8057 from mpg/cipher-study 
[G2] Tentative definition of Cipher light
 2023-12-22 08:53:30 +00:00
Valerio Setti
49067d7d0e driver-only-builds: update documentation 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-12-21 17:07:10 +01:00