mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-16 22:20:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30,665 Commits 170 Branches 263 Tags 198 MiB
1a827a3422
Commit Graph

950 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
1a827a3422 Start documenting test-driver framework. 
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
 2024-04-12 12:40:00 +02:00
Bence Szépkúti
a376f84eb1
Merge pull request #8937 from valeriosetti/issue8712 
Clarify the documentation of mbedtls_pk_setup_opaque
 2024-04-04 13:40:57 +00:00
Valerio Setti
ac81e23c33 pk: add check_pair info to mbedtls_pk_setup_opaque() documentation 
This also updates use-psa-crypto.md accordingly.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-03-22 14:36:41 +01:00
Minos Galanakis
b70f0fd9a9 Merge branch 'development' into 'development-restricted' 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
 2024-03-19 22:24:40 +00:00
David Horstmann
3147034457 Mention MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS 
Explain this option and the way it relates to the copying macros.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:59:03 +00:00
David Horstmann
0ea8071bda Remove 'Question' line around testing 
This question has been resolved, as we know that we can test
transparently.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:51:03 +00:00
David Horstmann
4d01066311 Mention metatest.c 
Add a note that validation of validation was implemented in metatest.c
and explain briefly what that program is for.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:02:08 +00:00
David Horstmann
872ee6ece0 Mention MBEDTLS_TEST_MEMORY_CAN_POISON 
The configuration of memory poisoning is now performed via
compile-time detection setting MBEDTLS_MEMORY_CAN_POISON. Update
the design to take account of this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 15:00:08 +00:00
David Horstmann
12b35bf3c2 Discuss test wrappers and updating them 
Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:48:52 +00:00
David Horstmann
5ea99af0f2 Add discussion of copying conveience macros 
Namely LOCAL_INPUT_DECLARE() and friends

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 14:12:12 +00:00
David Horstmann
1c3b227065 Abstractify example in design exploration 
Since this is just an example, remove specific-sounding references to
mbedtls_psa_core_poison_memory() and replace with more abstract and
generic-sounding memory_poison_hook() and memory_unpoison_hook().

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:37:59 +00:00
David Horstmann
3f2dcdd142 Rename mbedtls_psa_core_poison_memory() 
The actual functions were called mbedtls_test_memory_poison()
and mbedtls_test_memory_unpoison(). Update the design section to
reflect this.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:32:57 +00:00
David Horstmann
331b2cfb31 Clarify design decision in light of actions 
We were successful in adding transparent memory-poisoning testing, so
simplify to the real design decision we made.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-18 13:17:25 +00:00
Dave Rodgman
5ce1577629
Merge pull request #8928 from Ryan-Everett-arm/update-psa-thread-safety-docs 
Update psa-thread-safety.md to reflect version 3.6 changes
 2024-03-18 12:06:39 +00:00
Ryan Everett
765b75f2f8
Update docs/architecture/psa-thread-safety/psa-thread-safety.md 
Co-authored-by: Paul Elliott <62069445+paul-elliott-arm@users.noreply.github.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-18 10:20:43 +00:00
Ryan Everett
f266b51e3f Respond to feedback on psa-thread-safety.md 
A few typo fixes, extrapolations and extra details.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:30:31 +00:00
Ryan Everett
c408ef463c Update slot transition diagram 
Adds missing transition and italicises internal functions

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-15 17:29:46 +00:00
Ronald Cron
a9bdc8fbb8 Improve tls13-support.md 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 15:52:04 +01:00
Ronald Cron
d514d9c798 tls13-early-data.md: Fix reading early data documentation 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
0fce958f17 tls13-early-data.md: Adapt code examples to new coding style 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
b372b2e5bb docs: Move TLS 1.3 early data doc to a dedicated file 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
d76a2d8b98 tls13-support.md: Stop referring to the prototype 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
1b606d8835 tls13-support.md: Early data supported now 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
Ronald Cron
124ed8a775 tls13-support.md: Some fixes 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
 2024-03-15 10:41:52 +01:00
David Horstmann
24c269fd4a Rewrite section on PSA copy functions 
The finally implemented functions were significantly different from the
initial design idea, so update the document accordingly.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
 2024-03-14 18:03:35 +00:00
Ryan Everett
d4d6a7a20d Rework and update psa-thread-safety.md 
I have restructured this file, and updated it to reflect changes in design/designs now being implemented.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 15:22:06 +00:00
Ryan Everett
c9515600fd Fix state transition diagram 
This now represents the implemented model

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
 2024-03-14 13:22:05 +00:00
Manuel Pégourié-Gonnard
fb84c7681c
Merge pull request #8889 from gilles-peskine-arm/pk-psa-bridge-3.6-doc 
Document PK-PSA bridge functions
 2024-03-13 10:55:36 +00:00
Gilles Peskine
e29b4b42b7 Fix copypasta 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-13 09:33:03 +01:00
David Horstmann
93fa4e1b87 Merge branch 'development' into buffer-sharing-merge 2024-03-12 15:05:06 +00:00
Gilles Peskine
e4220fef2f MBEDTLS_USE_PSA_CRYPTO: most pk bridge functions don't require it 
mbedtls_setup_pk_opaque does require it.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:03:12 +01:00
Gilles Peskine
0cff1116f7 Remind the reader that PK doesn't support DH 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:58 +01:00
Gilles Peskine
7caf2dc964 Discuss mbedtls_pk_copy_public_from_psa 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-12 13:02:45 +01:00
Gilles Peskine
8462146d01
Merge pull request #8867 from gilles-peskine-arm/psa_key_attributes-remove_core 
Merge psa_core_key_attributes_t back into psa_key_attributes_t
 2024-03-05 09:59:24 +00:00
Gilles Peskine
634d60ce0a List ECDSA signature conversion functions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:13 +01:00
Gilles Peskine
0612adc0f7 Document mbedtls_pk_setup_opaque and mbedtls_pk_copy_from_psa 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:13 +01:00
Gilles Peskine
9d04f0872f Document mbedtls_pk_import_into_psa 
Explain how to use mbedtls_pk_get_psa_attributes() and
mbedtls_pk_import_into_psa() to make a PSA key from a PK key.

Remove the discussion of how to do the same manually.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:29:11 +01:00
Gilles Peskine
492d4a8ef9 Mention psa_generate_key_ext() 
Replaces the recommendation to use mbedtls_rsa_gen_key() for RSA key
generation with a custom public exponent.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-03-04 19:28:19 +01:00
Gilles Peskine
acdc52e154 mbedtls_ecp_write_key_ext(): recommend over the old function in documentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 13:19:42 +01:00
Gilles Peskine
8988767b0e Use attribute accessor functions in driver wrappers 
Fully automated:
```
perl -i -pe 's/(\w+)->core\.(\w+)/psa_get_key_$2($1)/g' scripts/data_files/driver_templates/*.jinja docs/psa-driver-example-and-guide.md
```

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-28 01:29:13 +01:00
Gilles Peskine
3ea9450463
Merge pull request #8734 from valeriosetti/issue8564 
Add test for driver-only HMAC
 2024-02-14 13:43:40 +00:00
Gilles Peskine
3f557ad59c Wording improvement 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8 ECDSA signature conversion: put bits first 
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design 
PK-PSA bridge design document
 2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368 Update ECDSA signature conversion based on experimentation 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2024-01-30 16:15:17 +01:00
Valerio Setti
18be2fb9df driver-only-builds: improve a sentence in the HMAC section 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-26 15:07:02 +01:00
Dave Rodgman
047c724c22 Merge remote-tracking branch 'restricted/development-restricted' into update-development-r 
Conflicts:
	programs/Makefile
	tests/scripts/check-generated-files.sh
 2024-01-26 12:42:51 +00:00
Valerio Setti
9f521056bc driver-only-builds: add documentation for HMAC acceleration 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2024-01-24 15:44:24 +01:00
Gilles Peskine
4d4891e18a
Merge pull request #8666 from valeriosetti/issue8340 
Export the mbedtls_md_psa_alg_from_type function
 2024-01-18 13:58:55 +00:00
Gilles Peskine
c9077cccd3
Merge pull request #8664 from valeriosetti/issue7764 
Conversion function from ecp group to PSA curve
 2024-01-18 10:28:55 +00:00