lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity
27,549 Commits 176 Branches 276 Tags
db1ca8fc3344df9c5b065ea0247d2df7a65ee539
Commit Graph

733 Commits

Author SHA1 Message Date
Gilles Peskine
32743619a2 Merge pull request #8114 from yanesca/threading_requirements_update 
Refine thread safety requirements
 2023-10-09 11:22:59 +00:00
Manuel Pégourié-Gonnard
8c40f3dfad Formatting fixes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:06:09 +02:00
Manuel Pégourié-Gonnard
140c08e325 Minor clarifications. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 11:02:37 +02:00
Manuel Pégourié-Gonnard
89ae266e5a Update docs/driver-only-builds.md 
Latest changes:
- logic about the relationship between curves, key types and algs (8075)
- building without bignum is no longer "coming soon", it's there :)

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard
dfa42b34ab Improve documentation about driver-only p256-m. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:53:05 +02:00
Manuel Pégourié-Gonnard
789000b2be Update list of p256-m entry points 
There was a bit of a race condition between #8041 which introduced the
new entry points, and #8203 which documented the list of entry points.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-28 08:51:51 +02:00
Dave Rodgman
0fc86b2ddf Merge pull request #8075 from valeriosetti/issue8016 
driver-only ECC: curve acceleration macros
 2023-09-27 14:39:02 +00:00
Manuel Pégourié-Gonnard
f7dc6cfef1 Document limitation on "mixed" builds 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-27 10:34:52 +02:00
Xiaokang Qian
db3035b8bc Fix a typo in psa-crypto-implementation-structure.md 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian
76e55a20dd Change the documenti about psa_crypto_driver_wrappers.c{h} 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian
1198e43644 Change the description of auto-generated driver dispatch files 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Xiaokang Qian
845693c513 Change comments to psa_crypto_driver_wrappers.h 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
 2023-09-26 09:09:20 +00:00
Manuel Pégourié-Gonnard
030f11b0b1 Type fixes and wording improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:47 +02:00
Manuel Pégourié-Gonnard
1f61b7b8ea Document driver-only hashes 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-09-24 09:48:46 +02:00
Gilles Peskine
efaee9a299 Give a production-sounding name to the p256m option 
Now that p256-m is officially a production feature and not just an example,
give it a more suitable name.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-20 20:49:47 +02:00
Gilles Peskine
452beb9076 Merge pull request #8203 from gilles-peskine-arm/p256-m-production 
Declare p256-m as ready for production
 2023-09-20 09:36:05 +00:00
Paul Elliott
3d0bffb257 Improve statement in driver-only-builds.md 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-09-13 15:15:37 +01:00
Gilles Peskine
6f784dff49 Reflect the fact p256-m has been integrated into Mbed TLS 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-09-13 15:32:30 +02:00
Valerio Setti
7373a6644d driver-only-builds.md: fix text 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-09-04 16:16:11 +02:00
Janos Follath
b4527fbd82 Add clarifications to the threading requirements 
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 14:01:24 +01:00
Janos Follath
b6954730f0 Fix typo 
Co-authored-by: Ronald Cron <ronald.cron@arm.com>
Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 13:54:21 +01:00
Janos Follath
35633dd977 Add threading non-requirement 
State explicitly the non-requirement that it's ok for psa_destroy_key to
block waiting for a driver.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:31:19 +01:00
Janos Follath
15d9ec29be Improve thread safety presentation 
- Use unique section titles so that there are unique anchors
- Make list style consistent between similar sections

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-31 08:22:21 +01:00
Janos Follath
0385c2815c Tighten thread safety requirements 
We shouldn't violate the requirement that the key identifier can be
reused. In practice, a key manager may destroy a key that's in use by
another process, and the privileged world containing the key manager and
the crypto service should not be perturbed by an unprivileged process.

With respect to blocking, again, a key manager should not be blocked
indefinitely by an unprivileged application.

These are desirable properties even in the short term.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-30 16:44:04 +01:00
Janos Follath
7ec993d804 Refine thread safety requirements 
Split and refine short term requirements for key deletion.

Signed-off-by: Janos Follath <janos.follath@arm.com>
 2023-08-23 16:04:48 +01:00
Valerio Setti
d31b28485b driver-only-builds: update EC and FFDH sections 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-08-17 12:36:40 +02:00
Gilles Peskine
33291ba35f Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc 
PSA thread safety requirements
 2023-08-10 16:21:55 +02:00
Manuel Pégourié-Gonnard
0b6d021069 Adjust presence of warning/link. 
- the codegen migration document is already a migration document, so
doesn't need the extra warning about work in progress;
- the driver interface can use a link to the more practical guide too.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-08 09:37:11 +02:00
Gilles Peskine
9aa93c8e78 Added a note about new primitives for secure destruction 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:32:09 +02:00
Gilles Peskine
584bf985f5 Elaborate on psa_destroy_key requirements 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-07 16:29:19 +02:00
Manuel Pégourié-Gonnard
de24ba6cfd Add link to examples in relevant places 
Some documents about driver describe a state of things that is ahead of
the reality. They already contain a warning about it, but no way to know
that the current reality is; add a pointer to a document that describes
it.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:36:14 +02:00
Manuel Pégourié-Gonnard
b61484947a Fix error in the guide to drivers 
There is no export_key entry point for transparent drivers.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-08-07 11:32:51 +02:00
Gilles Peskine
d3a797710a psa_is_key_slot_occupied: change to using the key identifier 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-08-02 18:36:06 +02:00
Valerio Setti
ab02d391cb test: use only rev-parse for getting the current branch 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 16:47:07 +02:00
Valerio Setti
ccb0344969 test: add GIT alternative commands for older GIT versions 
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-07-31 15:07:49 +02:00
Manuel Pégourié-Gonnard
1c739ec277 Merge pull request #7900 from mpg/doc-driver-only 
ECPf wrap-up
 2023-07-26 10:25:54 +02:00
Manuel Pégourié-Gonnard
fb22c27f1d Misc wording fixes and improvements 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-18 10:40:56 +02:00
Manuel Pégourié-Gonnard
1937cf8143 Improve wording & fix a typo 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:14:15 +02:00
Manuel Pégourié-Gonnard
c97775162e Fix inaccurate information about FFDH 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-11 11:11:20 +02:00
Dave Rodgman
e183ecef3d Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases 
Record the outcome of each test case in compat.sh
 2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard
7a82e27a10 Add documentation on driver-only ECC 
Just one part left for later.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Manuel Pégourié-Gonnard
6d5f4946e6 Add docs/driver-only-builds.md 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-07-07 17:09:14 +02:00
Gilles Peskine
0ca2a1f51b Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec 
Storage resilience with stateful secure elements: design document
 2023-06-29 18:25:52 +02:00
Manuel Pégourié-Gonnard
417ce2c574 Rename _USE to _BASIC 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-16 10:36:44 +02:00
Manuel Pégourié-Gonnard
1cae90bf50 Update PSA_WANT spec for new KEY_PAIR scheme 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2023-06-14 12:19:13 +02:00
Gilles Peskine
34a201774e More about whether to have the driver key id in the transaction list 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
009c06b973 Discuss the cost of a get_key_attributes entry point 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-13 21:11:43 +02:00
Gilles Peskine
265ce7c1da Merge pull request #5451 from gilles-peskine-arm/psa-driver-kdf-spec 
PSA drivers: specification for key derivation
 2023-06-06 11:37:28 +02:00
Gilles Peskine
f4ba0013e2 Clarify when key derivation entry points are mandatory/permitted 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:24:14 +02:00
Gilles Peskine
8dd1e623e1 Copyediting 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-06-05 14:14:41 +02:00