Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						63826e684b 
					 
					
						
						
							
							Leave the spaces in psa-transition.md  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-08-27 19:24:10 +01:00 
						 
				 
			
				
					
						
							
							
								Elena Uziunaite 
							
						 
					 
					
						
						
							
						
						0c81fc2071 
					 
					
						
						
							
							Fix typo in psa-transition.md  
						
						... 
						
						
						
						Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com > 
						
						
					 
					
						2024-08-27 16:19:10 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						39c227207c 
					 
					
						
						
							
							The fully static key store will miss the 3.6.1 release  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-08-14 11:40:55 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						fc1b6f54a3 
					 
					
						
						
							
							Mention the option name for the dynamic key store  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-08-14 11:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						603b5b842b 
					 
					
						
						
							
							Documentation: point to key_custom instead of key_ext  
						
						... 
						
						
						
						Replace references to the deprecated functions `psa_generate_key_ext()` and
`psa_key_derivation_output_key_ext()` by their replacements
Implement `psa_generate_key_custom()` and
`psa_key_derivation_output_key_custom()`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-08-06 13:12:06 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						b49e884c87 
					 
					
						
						
							
							Merge pull request  #9309  from gilles-peskine-arm/psa-keystore-design-doc-3.6  
						
						... 
						
						
						
						Backport 3.6: Document the key store design 
						
						
					 
					
						2024-08-02 07:16:19 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						fd01bec6b6 
					 
					
						
						
							
							Miscellaneous clarifications  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 15:37:46 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						f13fdf8a80 
					 
					
						
						
							
							Expand on performance  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 15:37:39 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						1a0107bf1b 
					 
					
						
						
							
							Discuss why we have so many variants  
						
						... 
						
						
						
						Explain that the hybrid key store is the historical implementation and
neither alternative is a drop-in replacement. Discuss how we could
potentially reduce the number of variants after the next major release.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 15:36:13 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						dbd726bb45 
					 
					
						
						
							
							Link to issue about freeing empty slices  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 00:21:42 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						ac6b61077a 
					 
					
						
						
							
							Improve and fix explanation of next_free  
						
						... 
						
						
						
						In particular, fix an off-by-one error right after I explain how the number
is off by one from what you'd expect. State explicitly that the number can
be negative.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 00:12:46 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						7d8ababd0c 
					 
					
						
						
							
							Update macro name about the static key store  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 00:12:30 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						47f3fcd0f3 
					 
					
						
						
							
							Typos and minor clarifications  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-07-31 00:12:21 +02:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						4e7ca644ce 
					 
					
						
						
							
							Upgrade python dependencies in requirements file  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-07-15 16:35:50 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						c7d9b2b586 
					 
					
						
						
							
							psa_open_key does not lock the key in memory  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-06-24 18:31:37 +02:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						3343e78655 
					 
					
						
						
							
							Document the key store design  
						
						... 
						
						
						
						Include the proposed dynamic and fully-static key stores that are
currently proposed in https://github.com/Mbed-TLS/mbedtls/pull/9240 
and https://github.com/Mbed-TLS/mbedtls/pull/9302 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-06-24 16:59:45 +02:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						ea09152be9 
					 
					
						
						
							
							Update file paths for moved files  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-05-31 15:51:41 +01:00 
						 
				 
			
				
					
						
							
							
								Bence Szépkúti 
							
						 
					 
					
						
						
							
						
						29c4017007 
					 
					
						
						
							
							Merge pull request  #9131  from davidhorstmann-arm/move-mbedtls-dev-to-framework-3.6  
						
						... 
						
						
						
						[Backport 3.6] Move `mbedtls_dev` to framework submodule 
						
						
					 
					
						2024-05-28 15:50:56 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						89ef2fabb5 
					 
					
						
						
							
							Driver-only FFDH is not good enough for DHE support in TLS 1.2  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-05-14 12:06:20 +02:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						9638ca389b 
					 
					
						
						
							
							Update references to mbedtls_dev  
						
						... 
						
						
						
						Change these to point to the new mbedtls_framework module in the
framework submodule.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-05-13 14:44:37 +01:00 
						 
				 
			
				
					
						
							
							
								Valerio Setti 
							
						 
					 
					
						
						
							
						
						320180f043 
					 
					
						
						
							
							pk: add check_pair info to mbedtls_pk_setup_opaque() documentation  
						
						... 
						
						
						
						This also updates use-psa-crypto.md accordingly.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no > 
						
						
					 
					
						2024-04-04 09:42:01 +02:00 
						 
				 
			
				
					
						
							
							
								Minos Galanakis 
							
						 
					 
					
						
						
							
						
						b70f0fd9a9 
					 
					
						
						
							
							Merge branch 'development' into 'development-restricted'  
						
						... 
						
						
						
						Signed-off-by: Minos Galanakis <minos.galanakis@arm.com > 
						
						
					 
					
						2024-03-19 22:24:40 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						3147034457 
					 
					
						
						
							
							Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS  
						
						... 
						
						
						
						Explain this option and the way it relates to the copying macros.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 15:59:03 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						0ea8071bda 
					 
					
						
						
							
							Remove 'Question' line around testing  
						
						... 
						
						
						
						This question has been resolved, as we know that we can test
transparently.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 15:51:03 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						4d01066311 
					 
					
						
						
							
							Mention metatest.c  
						
						... 
						
						
						
						Add a note that validation of validation was implemented in metatest.c
and explain briefly what that program is for.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 15:02:08 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						872ee6ece0 
					 
					
						
						
							
							Mention MBEDTLS_TEST_MEMORY_CAN_POISON  
						
						... 
						
						
						
						The configuration of memory poisoning is now performed via
compile-time detection setting MBEDTLS_MEMORY_CAN_POISON. Update
the design to take account of this.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 15:00:08 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						12b35bf3c2 
					 
					
						
						
							
							Discuss test wrappers and updating them  
						
						... 
						
						
						
						Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 14:48:52 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						5ea99af0f2 
					 
					
						
						
							
							Add discussion of copying conveience macros  
						
						... 
						
						
						
						Namely LOCAL_INPUT_DECLARE() and friends
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 14:12:12 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						1c3b227065 
					 
					
						
						
							
							Abstractify example in design exploration  
						
						... 
						
						
						
						Since this is just an example, remove specific-sounding references to
mbedtls_psa_core_poison_memory() and replace with more abstract and
generic-sounding memory_poison_hook() and memory_unpoison_hook().
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 13:37:59 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						3f2dcdd142 
					 
					
						
						
							
							Rename mbedtls_psa_core_poison_memory()  
						
						... 
						
						
						
						The actual functions were called mbedtls_test_memory_poison()
and mbedtls_test_memory_unpoison(). Update the design section to
reflect this.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 13:32:57 +00:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						331b2cfb31 
					 
					
						
						
							
							Clarify design decision in light of actions  
						
						... 
						
						
						
						We were successful in adding transparent memory-poisoning testing, so
simplify to the real design decision we made.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-18 13:17:25 +00:00 
						 
				 
			
				
					
						
							
							
								Dave Rodgman 
							
						 
					 
					
						
						
							
						
						5ce1577629 
					 
					
						
						
							
							Merge pull request  #8928  from Ryan-Everett-arm/update-psa-thread-safety-docs  
						
						... 
						
						
						
						Update psa-thread-safety.md to reflect version 3.6 changes 
						
						
					 
					
						2024-03-18 12:06:39 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						765b75f2f8 
					 
					
						
						
							
							Update docs/architecture/psa-thread-safety/psa-thread-safety.md  
						
						... 
						
						
						
						Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com >
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-18 10:20:43 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						f266b51e3f 
					 
					
						
						
							
							Respond to feedback on psa-thread-safety.md  
						
						... 
						
						
						
						A few typo fixes, extrapolations and extra details.
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-15 17:30:31 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						c408ef463c 
					 
					
						
						
							
							Update slot transition diagram  
						
						... 
						
						
						
						Adds missing transition and italicises internal functions
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-15 17:29:46 +00:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						a9bdc8fbb8 
					 
					
						
						
							
							Improve tls13-support.md  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 15:52:04 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						d514d9c798 
					 
					
						
						
							
							tls13-early-data.md: Fix reading early data documentation  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						0fce958f17 
					 
					
						
						
							
							tls13-early-data.md: Adapt code examples to new coding style  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						b372b2e5bb 
					 
					
						
						
							
							docs: Move TLS 1.3 early data doc to a dedicated file  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						d76a2d8b98 
					 
					
						
						
							
							tls13-support.md: Stop referring to the prototype  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						1b606d8835 
					 
					
						
						
							
							tls13-support.md: Early data supported now  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								Ronald Cron 
							
						 
					 
					
						
						
							
						
						124ed8a775 
					 
					
						
						
							
							tls13-support.md: Some fixes  
						
						... 
						
						
						
						Signed-off-by: Ronald Cron <ronald.cron@arm.com > 
						
						
					 
					
						2024-03-15 10:41:52 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						24c269fd4a 
					 
					
						
						
							
							Rewrite section on PSA copy functions  
						
						... 
						
						
						
						The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.
Signed-off-by: David Horstmann <david.horstmann@arm.com > 
						
						
					 
					
						2024-03-14 18:03:35 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						d4d6a7a20d 
					 
					
						
						
							
							Rework and update psa-thread-safety.md  
						
						... 
						
						
						
						I have restructured this file, and updated it to reflect changes in design/designs now being implemented.
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 15:22:06 +00:00 
						 
				 
			
				
					
						
							
							
								Ryan Everett 
							
						 
					 
					
						
						
							
						
						c9515600fd 
					 
					
						
						
							
							Fix state transition diagram  
						
						... 
						
						
						
						This now represents the implemented model
Signed-off-by: Ryan Everett <ryan.everett@arm.com > 
						
						
					 
					
						2024-03-14 13:22:05 +00:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						fb84c7681c 
					 
					
						
						
							
							Merge pull request  #8889  from gilles-peskine-arm/pk-psa-bridge-3.6-doc  
						
						... 
						
						
						
						Document PK-PSA bridge functions 
						
						
					 
					
						2024-03-13 10:55:36 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						e29b4b42b7 
					 
					
						
						
							
							Fix copypasta  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-03-13 09:33:03 +01:00 
						 
				 
			
				
					
						
							
							
								David Horstmann 
							
						 
					 
					
						
						
							
						
						93fa4e1b87 
					 
					
						
						
							
							Merge branch 'development' into buffer-sharing-merge  
						
						
						
						
					 
					
						2024-03-12 15:05:06 +00:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						e4220fef2f 
					 
					
						
						
							
							MBEDTLS_USE_PSA_CRYPTO: most pk bridge functions don't require it  
						
						... 
						
						
						
						mbedtls_setup_pk_opaque does require it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-03-12 13:03:12 +01:00 
						 
				 
			
				
					
						
							
							
								Gilles Peskine 
							
						 
					 
					
						
						
							
						
						0cff1116f7 
					 
					
						
						
							
							Remind the reader that PK doesn't support DH  
						
						... 
						
						
						
						Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com > 
						
						
					 
					
						2024-03-12 13:02:58 +01:00