lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
32,233 Commits 176 Branches 276 Tags
824a8dcde33814ced5afb0c0f55a27219cf24ec2
Commit Graph

426 Commits

Author SHA1 Message Date
Ronald Cron
d76a2d8b98 tls13-support.md: Stop referring to the prototype 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
1b606d8835 tls13-support.md: Early data supported now 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
124ed8a775 tls13-support.md: Some fixes 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
David Horstmann
24c269fd4a Rewrite section on PSA copy functions 
The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 18:03:35 +00:00
Ryan Everett
d4d6a7a20d Rework and update psa-thread-safety.md 
I have restructured this file, and updated it to reflect changes in design/designs now being implemented.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 15:22:06 +00:00
Ryan Everett
c9515600fd Fix state transition diagram 
This now represents the implemented model

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 13:22:05 +00:00
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Gilles Peskine
3f557ad59c Wording improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8 ECDSA signature conversion: put bits first 
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217 Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design 
PK-PSA bridge design document
 2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368 Update ECDSA signature conversion based on experimentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 16:15:17 +01:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
Gilles Peskine
dd77343381 Open question for ECDSA signature that can be resolved during implementation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63 Add a usage parameter to mbedtls_pk_get_psa_attributes 
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.

Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6 Resolve several open questions as nothing special to do 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:58:25 +01:00
Gilles Peskine
42a025dc9c Reference filed issues 
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 12:35:31 +01:00
Gilles Peskine
5a64c42693 Reference ongoing work 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:09:16 +01:00
Gilles Peskine
89ca6c7e72 typo 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:08:56 +01:00
Gilles Peskine
32294044e1 Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO 
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-17 10:07:55 +01:00
Manuel Pégourié-Gonnard
0f45a1aec5 Fix typos / improve syntax 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-10 09:43:30 +01:00
Manuel Pégourié-Gonnard
60c9eee267 Improve wording & fix typos 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-09 10:09:17 +01:00
Manuel Pégourié-Gonnard
d0c6f70e58 Update architecture doc for cipher dual dispatch 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-01-08 11:35:01 +01:00
Gilles Peskine
9fe1c699a8 Clarify PSA-to-PK copy intent 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:16:31 +01:00
Gilles Peskine
f80dcc5f8b Resolve ECDSA conversion API: don't use an ASN.1 interface 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:47 +01:00
Gilles Peskine
a7226a1f60 Our TLS 1.3 API doesn't actually require PSA key identifiers 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:14 +01:00
Gilles Peskine
93cdb77835 Minor clarifications 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-02 13:15:04 +01:00
Gilles Peskine
8f1307adcd Asymmetric cryptography: rough draft 
Still many open questions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-12-25 21:42:23 +01:00
Manuel Pégourié-Gonnard
69b290589b Merge pull request #8057 from mpg/cipher-study 
[G2] Tentative definition of Cipher light
 2023-12-22 08:53:30 +00:00
Ryan Everett
3dd6cde0d8 Mention functional correctness explicitly 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 16:47:57 +00:00
Ryan Everett
f5e135670b Clarify key generation and memory-management correctness 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-20 15:24:47 +00:00
Ryan Everett
c1c6e0d906 Justify linearization points 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-15 12:33:26 +00:00
Ryan Everett
6ecb9ce5fc Link directly to the state transition diagram 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:31 +00:00
Ryan Everett
acfd774bca Add some clarifications in thread_safety.md 
Make it clearer how it is possible to reason here using linearization

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:31 +00:00
Ryan Everett
3eb4274a57 Fix transitions in diagram 
Move the finish_key_creation transition
Neaten the diagram
Add transitions for the key loading functions in psa_get_and_lock_key_slot
Add psa_wipe_key_slot transition
Change file to be a png

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 15:19:01 +00:00
Ryan Everett
b461b8731c Change how the state transition diagram is stored 
Store the source of the diagram as a url instead of an xml file.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-14 14:40:45 +00:00
Manuel Pégourié-Gonnard
4dde0b293c md-cipher-dispatch: editorial improvements 
Fix a typo, add a reference.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-14 12:09:38 +01:00
Ryan Everett
177a45f556 Small clarifications in documentation 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44 Update cipher light -> block cipher definition 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442 Move psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8 Add graph 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4 Update psa-thread-safety.md 
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16 Fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-12-07 12:05:07 +01:00
Gilles Peskine
7ee4cc302a Create legacy-API bridge API design document 
Do the analysis for hashes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-28 16:08:26 +01:00
Gilles Peskine
b86873e6eb Merge remote-tracking branch 'development' into development-restricted 2023-11-20 18:43:21 +01:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
David Horstmann
f63a52ed63 Remove auto-generation of test wrappers 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-31 14:26:00 +00:00
David Horstmann
413dd07a49 Downgrade auto testing testing to a nice-to-have 
Automatic testing of our testing is not essential, as our testing
framework may be manually tested. Having automated tests to test our
tests may be left to future work.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-31 12:20:19 +00:00
David Horstmann
2531dab296 Add auto-generation of test wrappers to design 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 18:27:10 +00:00
David Horstmann
15b5beea0c Add note on platform-specific barriers 
Describe the approach of platform-specific code and draw a comparison
with the constant-time module.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 17:13:54 +00:00
David Horstmann
e045b55c65 Add sections on validation of validation 
These cover the fact that we need to test our test framework to make
sure it really detects incorrect accesses.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2023-10-30 17:00:16 +00:00