1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-12 08:21:54 +03:00
Commit Graph

428 Commits

Author SHA1 Message Date
a9bdc8fbb8 Improve tls13-support.md
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-15 15:52:04 +01:00
b372b2e5bb docs: Move TLS 1.3 early data doc to a dedicated file
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-15 10:41:52 +01:00
d76a2d8b98 tls13-support.md: Stop referring to the prototype
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-15 10:41:52 +01:00
1b606d8835 tls13-support.md: Early data supported now
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-15 10:41:52 +01:00
124ed8a775 tls13-support.md: Some fixes
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-03-15 10:41:52 +01:00
24c269fd4a Rewrite section on PSA copy functions
The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2024-03-14 18:03:35 +00:00
d4d6a7a20d Rework and update psa-thread-safety.md
I have restructured this file, and updated it to reflect changes in design/designs now being implemented.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-14 15:22:06 +00:00
c9515600fd Fix state transition diagram
This now represents the implemented model

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-03-14 13:22:05 +00:00
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
3f557ad59c Wording improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-07 11:22:16 +01:00
30a303f1a8 ECDSA signature conversion: put bits first
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-06 19:45:11 +01:00
f1562a7217 Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design
PK-PSA bridge design document
2024-01-31 09:51:43 +00:00
36dee75368 Update ECDSA signature conversion based on experimentation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 16:15:17 +01:00
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
2024-01-26 12:42:51 +00:00
dd77343381 Open question for ECDSA signature that can be resolved during implementation
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:33:32 +01:00
d5b04a0c63 Add a usage parameter to mbedtls_pk_get_psa_attributes
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.

Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:31:57 +01:00
702d9f65f6 Resolve several open questions as nothing special to do
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:58:25 +01:00
42a025dc9c Reference filed issues
All PK-related actions are now covered.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:35:31 +01:00
5a64c42693 Reference ongoing work
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:09:16 +01:00
89ca6c7e72 typo
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:08:56 +01:00
32294044e1 Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:07:55 +01:00
0f45a1aec5 Fix typos / improve syntax
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-10 09:43:30 +01:00
60c9eee267 Improve wording & fix typos
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-09 10:09:17 +01:00
d0c6f70e58 Update architecture doc for cipher dual dispatch
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
9fe1c699a8 Clarify PSA-to-PK copy intent
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:16:31 +01:00
f80dcc5f8b Resolve ECDSA conversion API: don't use an ASN.1 interface
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:47 +01:00
a7226a1f60 Our TLS 1.3 API doesn't actually require PSA key identifiers
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:14 +01:00
93cdb77835 Minor clarifications
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:04 +01:00
8f1307adcd Asymmetric cryptography: rough draft
Still many open questions

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-25 21:42:23 +01:00
69b290589b Merge pull request #8057 from mpg/cipher-study
[G2] Tentative definition of Cipher light
2023-12-22 08:53:30 +00:00
3dd6cde0d8 Mention functional correctness explicitly
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-20 16:47:57 +00:00
f5e135670b Clarify key generation and memory-management correctness
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-20 15:24:47 +00:00
c1c6e0d906 Justify linearization points
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-15 12:33:26 +00:00
6ecb9ce5fc Link directly to the state transition diagram
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-14 15:19:31 +00:00
acfd774bca Add some clarifications in thread_safety.md
Make it clearer how it is possible to reason here using linearization

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-14 15:19:31 +00:00
3eb4274a57 Fix transitions in diagram
Move the finish_key_creation transition
Neaten the diagram
Add transitions for the key loading functions in psa_get_and_lock_key_slot
Add psa_wipe_key_slot transition
Change file to be a png

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-14 15:19:01 +00:00
b461b8731c Change how the state transition diagram is stored
Store the source of the diagram as a url instead of an xml file.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-14 14:40:45 +00:00
4dde0b293c md-cipher-dispatch: editorial improvements
Fix a typo, add a reference.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-14 12:09:38 +01:00
177a45f556 Small clarifications in documentation
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:24:30 +00:00
b8c4254f44 Update cipher light -> block cipher definition
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:12:39 +01:00
204c852442 Move psa-thread-safety.md
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
1e9733c6a8 Add graph
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
9f06681cb4 Update psa-thread-safety.md
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
303121eb16 Fix a typo
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:05:07 +01:00
7ee4cc302a Create legacy-API bridge API design document
Do the analysis for hashes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-28 16:08:26 +01:00
b86873e6eb Merge remote-tracking branch 'development' into development-restricted 2023-11-20 18:43:21 +01:00
16799db69a update headers
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
f63a52ed63 Remove auto-generation of test wrappers
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-31 14:26:00 +00:00
413dd07a49 Downgrade auto testing testing to a nice-to-have
Automatic testing of our testing is not essential, as our testing
framework may be manually tested. Having automated tests to test our
tests may be left to future work.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-31 12:20:19 +00:00
2531dab296 Add auto-generation of test wrappers to design
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-10-30 18:27:10 +00:00