a9bdc8fbb8
Improve tls13-support.md
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 15:52:04 +01:00
b372b2e5bb
docs: Move TLS 1.3 early data doc to a dedicated file
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 10:41:52 +01:00
d76a2d8b98
tls13-support.md: Stop referring to the prototype
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 10:41:52 +01:00
1b606d8835
tls13-support.md: Early data supported now
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 10:41:52 +01:00
124ed8a775
tls13-support.md: Some fixes
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2024-03-15 10:41:52 +01:00
24c269fd4a
Rewrite section on PSA copy functions
...
The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-14 18:03:35 +00:00
d4d6a7a20d
Rework and update psa-thread-safety.md
...
I have restructured this file, and updated it to reflect changes in design/designs now being implemented.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 15:22:06 +00:00
c9515600fd
Fix state transition diagram
...
This now represents the implemented model
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2024-03-14 13:22:05 +00:00
93fa4e1b87
Merge branch 'development' into buffer-sharing-merge
2024-03-12 15:05:06 +00:00
3f557ad59c
Wording improvement
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-07 11:22:16 +01:00
30a303f1a8
ECDSA signature conversion: put bits first
...
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-02-06 19:45:11 +01:00
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design
...
PK-PSA bridge design document
2024-01-31 09:51:43 +00:00
36dee75368
Update ECDSA signature conversion based on experimentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-30 16:15:17 +01:00
047c724c22
Merge remote-tracking branch 'restricted/development-restricted' into update-development-r
...
Conflicts:
programs/Makefile
tests/scripts/check-generated-files.sh
2024-01-26 12:42:51 +00:00
dd77343381
Open question for ECDSA signature that can be resolved during implementation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 14:33:32 +01:00
d5b04a0c63
Add a usage parameter to mbedtls_pk_get_psa_attributes
...
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.
Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 14:31:57 +01:00
702d9f65f6
Resolve several open questions as nothing special to do
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 12:58:25 +01:00
42a025dc9c
Reference filed issues
...
All PK-related actions are now covered.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 12:35:31 +01:00
5a64c42693
Reference ongoing work
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 10:09:16 +01:00
89ca6c7e72
typo
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 10:08:56 +01:00
32294044e1
Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO
...
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-17 10:07:55 +01:00
0f45a1aec5
Fix typos / improve syntax
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2024-01-10 09:43:30 +01:00
60c9eee267
Improve wording & fix typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2024-01-09 10:09:17 +01:00
d0c6f70e58
Update architecture doc for cipher dual dispatch
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2024-01-08 11:35:01 +01:00
9fe1c699a8
Clarify PSA-to-PK copy intent
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-02 13:16:31 +01:00
f80dcc5f8b
Resolve ECDSA conversion API: don't use an ASN.1 interface
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-02 13:15:47 +01:00
a7226a1f60
Our TLS 1.3 API doesn't actually require PSA key identifiers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-02 13:15:14 +01:00
93cdb77835
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-01-02 13:15:04 +01:00
8f1307adcd
Asymmetric cryptography: rough draft
...
Still many open questions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-12-25 21:42:23 +01:00
69b290589b
Merge pull request #8057 from mpg/cipher-study
...
[G2] Tentative definition of Cipher light
2023-12-22 08:53:30 +00:00
3dd6cde0d8
Mention functional correctness explicitly
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-20 16:47:57 +00:00
f5e135670b
Clarify key generation and memory-management correctness
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-20 15:24:47 +00:00
c1c6e0d906
Justify linearization points
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-15 12:33:26 +00:00
6ecb9ce5fc
Link directly to the state transition diagram
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:31 +00:00
acfd774bca
Add some clarifications in thread_safety.md
...
Make it clearer how it is possible to reason here using linearization
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:31 +00:00
3eb4274a57
Fix transitions in diagram
...
Move the finish_key_creation transition
Neaten the diagram
Add transitions for the key loading functions in psa_get_and_lock_key_slot
Add psa_wipe_key_slot transition
Change file to be a png
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 15:19:01 +00:00
b461b8731c
Change how the state transition diagram is stored
...
Store the source of the diagram as a url instead of an xml file.
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-14 14:40:45 +00:00
4dde0b293c
md-cipher-dispatch: editorial improvements
...
Fix a typo, add a reference.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-14 12:09:38 +01:00
177a45f556
Small clarifications in documentation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:24:30 +00:00
b8c4254f44
Update cipher light -> block cipher definition
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-07 12:12:39 +01:00
204c852442
Move psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
1e9733c6a8
Add graph
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
9f06681cb4
Update psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com >
2023-12-07 11:05:37 +00:00
303121eb16
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-12-07 12:05:07 +01:00
7ee4cc302a
Create legacy-API bridge API design document
...
Do the analysis for hashes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2023-11-28 16:08:26 +01:00
b86873e6eb
Merge remote-tracking branch 'development' into development-restricted
2023-11-20 18:43:21 +01:00
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-11-02 19:47:20 +00:00
f63a52ed63
Remove auto-generation of test wrappers
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-10-31 14:26:00 +00:00
413dd07a49
Downgrade auto testing testing to a nice-to-have
...
Automatic testing of our testing is not essential, as our testing
framework may be manually tested. Having automated tests to test our
tests may be left to future work.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-10-31 12:20:19 +00:00
2531dab296
Add auto-generation of test wrappers to design
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-10-30 18:27:10 +00:00