352095ca86
Simplify the relaxed output-output rule
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-10-13 19:56:22 +02:00
60c453ee72
Expand explanations of the vulnerabilities
...
Add a few more examples.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-10-13 19:07:56 +02:00
8daedaeac9
Fix typos and copypasta
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-10-13 18:47:29 +02:00
f7806ca782
Analyze requirements for protection of arguments in shared memory
...
Propose a dual-approach strategy where some buffers are copied and others
can remain shared.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-10-12 16:00:11 +02:00
f1878d8974
Update to only serve GCM and CCM
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-12 11:19:00 +02:00
bb5d907aa9
Automatically pick up all Markdown files
...
Assume GNU make. We already do with the toplevel makefile.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-10-11 20:47:44 +02:00
28b4da954b
Add PSA threading design
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-10-10 15:15:55 +01:00
301d2a29a7
Update to MD light section
...
Mostly to reflect this has been implemented, and remove references to
temporary remains from the previous strategy (hash_info, legacy_or_psa)
which would probably be more confusing than helpful at this point.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
2daee0410e
Update list of modules using hashes
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
ca18b7747e
Update definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 10:04:07 +02:00
839d3580bd
Update details of modules using cipher operations
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-10-10 09:22:59 +02:00
32743619a2
Merge pull request #8114 from yanesca/threading_requirements_update
...
Refine thread safety requirements
2023-10-09 11:22:59 +00:00
db3035b8bc
Fix a typo in psa-crypto-implementation-structure.md
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
76e55a20dd
Change the documenti about psa_crypto_driver_wrappers.c{h}
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
1198e43644
Change the description of auto-generated driver dispatch files
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
845693c513
Change comments to psa_crypto_driver_wrappers.h
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com >
2023-09-26 09:09:20 +00:00
b4527fbd82
Add clarifications to the threading requirements
...
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 14:01:24 +01:00
b6954730f0
Fix typo
...
Co-authored-by: Ronald Cron <ronald.cron@arm.com >
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 13:54:21 +01:00
35633dd977
Add threading non-requirement
...
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:31:19 +01:00
15d9ec29be
Improve thread safety presentation
...
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-31 08:22:21 +01:00
0385c2815c
Tighten thread safety requirements
...
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.
With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.
These are desirable properties even in the short term.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-30 16:44:04 +01:00
7ec993d804
Refine thread safety requirements
...
Split and refine short term requirements for key deletion.
Signed-off-by: Janos Follath <janos.follath@arm.com >
2023-08-23 16:04:48 +01:00
36cd3f9f8e
Add tentative definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-08-11 10:06:42 +02:00
948137be59
Add details on use of ciphers from other modules
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-08-10 16:58:30 +02:00
33291ba35f
Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc
...
PSA thread safety requirements
2023-08-10 16:21:55 +02:00
9aa93c8e78
Added a note about new primitives for secure destruction
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-07 16:32:09 +02:00
584bf985f5
Elaborate on psa_destroy_key requirements
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-07 16:29:19 +02:00
d3a797710a
psa_is_key_slot_occupied: change to using the key identifier
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-08-02 18:36:06 +02:00
ab02d391cb
test: use only rev-parse for getting the current branch
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-31 16:47:07 +02:00
ccb0344969
test: add GIT alternative commands for older GIT versions
...
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2023-07-31 15:07:49 +02:00
e183ecef3d
Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases
...
Record the outcome of each test case in compat.sh
2023-07-10 12:08:32 +01:00
0ca2a1f51b
Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec
...
Storage resilience with stateful secure elements: design document
2023-06-29 18:25:52 +02:00
34a201774e
More about whether to have the driver key id in the transaction list
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-06-13 21:11:43 +02:00
009c06b973
Discuss the cost of a get_key_attributes entry point
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-06-13 21:11:43 +02:00
4e5088476e
Finish test strategy
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-05-30 23:34:07 +02:00
44bbf29597
Write up the transaction/recovery processess
...
Still missing: details of part of the testing
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-05-24 20:35:49 +02:00
76a852f8fb
Design document for storage resilience
...
Explore possibilities for implementing stateful secure elements with
storage. Choose one.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-05-24 09:37:30 +02:00
63df4ec3ca
Merge pull request #7589 from daverodgman/pr4990
...
Replace references to Mbed Crypto (rebase)
2023-05-16 19:14:51 +02:00
7e37aa85a2
Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism
...
Check list for implementing a new mechanism in PSA crypto
2023-05-16 14:04:15 +02:00
de4cbc54d3
Fix copypasta
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-05-16 12:04:57 +02:00
95bd5a5004
Minor adjustments after review.
...
Signed-off-by: Fredrik Hesse <fredrik@hesse.se >
2023-05-12 15:01:59 +01:00
0ec8a90d48
Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments.
...
Signed-off-by: Fredrik Hesse <fredrik@hesse.se >
2023-05-12 15:00:45 +01:00
cc207bc379
Replace references to Mbed Crypto with Mbed TLS through-out documentation and comments.
...
Signed-off-by: Fredrik Hesse <fredrik@hesse.se >
2023-05-12 14:59:01 +01:00
0b0486452c
improve syms.sh script for external dependencies analysis
...
It is now possible to analyze also modules and not only
x509 and tls libraries.
Signed-off-by: valerio <valerio.setti@nordicsemi.no >
2023-04-24 10:34:08 +02:00
4d31496294
Update TLS 1.3 documentation and add change log
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-04-06 10:26:18 +02:00
e6e6b75ad3
psa: Remove MBEDTLS_PSA_CRYPTO_DRIVERS configuration option
...
The support for the PSA crypto driver interface
is not optional anymore as the implementation of
the PSA cryptography interface has been restructured
around the PSA crypto driver interface (see
psa-crypto-implementation-structure.md). There is
thus no purpose for the configuration options
MBEDTLS_PSA_CRYPTO_DRIVERS anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-03-31 09:07:54 +02:00
5c8c9e068e
Minor improvements
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-29 10:33:03 +02:00
b38c9c888f
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:44:59 +01:00
03cb87ea3c
Update psa-limitations.md
...
For recent work and latest plans.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:44:59 +01:00
52f7edb6ad
Update psa-migration/strategy.md
...
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-03-24 10:44:59 +01:00
