Ronald Cron
93ba625b96
Remove MBEDTLS_PSA_CRYPTO_CONFIG configuration option
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-11-21 15:52:06 +01:00
Ronald Cron
7e5d61c41a
Adjust more paths to PSA headers
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-06-13 09:51:20 +02:00
Gilles Peskine
3f557ad59c
Wording improvement
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-07 11:22:16 +01:00
Gilles Peskine
30a303f1a8
ECDSA signature conversion: put bits first
...
Metadata, then inputs, then outputs.
https://github.com/Mbed-TLS/mbedtls/pull/8703#discussion_r1474697136
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-06 19:45:11 +01:00
Manuel Pégourié-Gonnard
f1562a7217
Merge pull request #8657 from gilles-peskine-arm/pk-psa-bridge-design
...
PK-PSA bridge design document
2024-01-31 09:51:43 +00:00
Gilles Peskine
36dee75368
Update ECDSA signature conversion based on experimentation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-30 16:15:17 +01:00
Gilles Peskine
dd77343381
Open question for ECDSA signature that can be resolved during implementation
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:33:32 +01:00
Gilles Peskine
d5b04a0c63
Add a usage parameter to mbedtls_pk_get_psa_attributes
...
Let the user specify whether to use the key as a sign/verify key, an
encrypt/decrypt key or a key agreement key. Also let the user indicate if
they just want the public part when the input is a key pair.
Based on a discussion in
https://github.com/Mbed-TLS/mbedtls/pull/8682#discussion_r1444936480
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 14:31:57 +01:00
Gilles Peskine
702d9f65f6
Resolve several open questions as nothing special to do
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:58:25 +01:00
Gilles Peskine
42a025dc9c
Reference filed issues
...
All PK-related actions are now covered.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 12:35:31 +01:00
Gilles Peskine
5a64c42693
Reference ongoing work
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:09:16 +01:00
Gilles Peskine
89ca6c7e72
typo
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:08:56 +01:00
Gilles Peskine
32294044e1
Generalize mbedtls_pk_setup_opaque beyond MBEDTLS_USE_PSA_CRYPTO
...
It's useful in applications that want to use some PSA opaque keys regardless
of whether all pk operations go through PSA.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-17 10:07:55 +01:00
Manuel Pégourié-Gonnard
0f45a1aec5
Fix typos / improve syntax
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-10 09:43:30 +01:00
Manuel Pégourié-Gonnard
60c9eee267
Improve wording & fix typos
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-09 10:09:17 +01:00
Manuel Pégourié-Gonnard
d0c6f70e58
Update architecture doc for cipher dual dispatch
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2024-01-08 11:35:01 +01:00
Gilles Peskine
9fe1c699a8
Clarify PSA-to-PK copy intent
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:16:31 +01:00
Gilles Peskine
f80dcc5f8b
Resolve ECDSA conversion API: don't use an ASN.1 interface
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:47 +01:00
Gilles Peskine
a7226a1f60
Our TLS 1.3 API doesn't actually require PSA key identifiers
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:14 +01:00
Gilles Peskine
93cdb77835
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 13:15:04 +01:00
Gilles Peskine
8f1307adcd
Asymmetric cryptography: rough draft
...
Still many open questions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-25 21:42:23 +01:00
Manuel Pégourié-Gonnard
69b290589b
Merge pull request #8057 from mpg/cipher-study
...
[G2] Tentative definition of Cipher light
2023-12-22 08:53:30 +00:00
Manuel Pégourié-Gonnard
4dde0b293c
md-cipher-dispatch: editorial improvements
...
Fix a typo, add a reference.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-14 12:09:38 +01:00
Manuel Pégourié-Gonnard
b8c4254f44
Update cipher light -> block cipher definition
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:12:39 +01:00
Manuel Pégourié-Gonnard
303121eb16
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:05:07 +01:00
Gilles Peskine
7ee4cc302a
Create legacy-API bridge API design document
...
Do the analysis for hashes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-11-28 16:08:26 +01:00
Dave Rodgman
16799db69a
update headers
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2023-11-02 19:47:20 +00:00
Manuel Pégourié-Gonnard
4823d2c94e
Extend design discussion
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-26 12:56:39 +02:00
Manuel Pégourié-Gonnard
6b3643117b
Document chosen goals and priorities for 3.x
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-26 11:02:17 +02:00
Manuel Pégourié-Gonnard
3bcda449c0
Things forgotten in the previous commit
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-26 10:03:49 +02:00
Manuel Pégourié-Gonnard
f1878d8974
Update to only serve GCM and CCM
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-12 11:19:00 +02:00
Manuel Pégourié-Gonnard
301d2a29a7
Update to MD light section
...
Mostly to reflect this has been implemented, and remove references to
temporary remains from the previous strategy (hash_info, legacy_or_psa)
which would probably be more confusing than helpful at this point.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard
2daee0410e
Update list of modules using hashes
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard
ca18b7747e
Update definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-10 10:04:07 +02:00
Manuel Pégourié-Gonnard
839d3580bd
Update details of modules using cipher operations
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-10-10 09:22:59 +02:00
Manuel Pégourié-Gonnard
36cd3f9f8e
Add tentative definition of Cipher light
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-08-11 10:06:42 +02:00
Manuel Pégourié-Gonnard
948137be59
Add details on use of ciphers from other modules
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-08-10 16:58:30 +02:00
Valerio Setti
ab02d391cb
test: use only rev-parse for getting the current branch
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 16:47:07 +02:00
Valerio Setti
ccb0344969
test: add GIT alternative commands for older GIT versions
...
The Docker container used for the CI has Git version 2.7.4 which
does not support the "git branch --show-current" command since this
was added in version 2.22.
Therefore this commit adds an alternative version for old Git versions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-07-31 15:07:49 +02:00
valerio
0b0486452c
improve syms.sh script for external dependencies analysis
...
It is now possible to analyze also modules and not only
x509 and tls libraries.
Signed-off-by: valerio <valerio.setti@nordicsemi.no>
2023-04-24 10:34:08 +02:00
Manuel Pégourié-Gonnard
5c8c9e068e
Minor improvements
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-29 10:33:03 +02:00
Manuel Pégourié-Gonnard
b38c9c888f
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
03cb87ea3c
Update psa-limitations.md
...
For recent work and latest plans.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
52f7edb6ad
Update psa-migration/strategy.md
...
- Update for the new hashes strategy, in part by adding references to
md-cipher-dispatch.md
- General update about the status of things since the last update
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-24 10:44:59 +01:00
Manuel Pégourié-Gonnard
c9e0ad23c1
Update design document
...
- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for
now but might be added later (the architecture supports that).
- While we're using a void pointer for md_ctx, we don't need a union
here; the union will be useful only if & when we remove the indirection.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-16 09:46:51 +01:00
Manuel Pégourié-Gonnard
6778ddf657
Merge pull request #6549 from gilles-peskine-arm/psa-migration-md-cipher-strategy
...
Dual-API hash dispatch strategy
2023-02-15 12:50:13 +01:00
Gilles Peskine
91af0f9c0e
Minor clarifications
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-10 14:31:36 +01:00
Gilles Peskine
ff674d4c6f
Typos
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-10 14:31:17 +01:00
Gilles Peskine
199ee456b1
Summarize how to improve MBEDTLS_PSA_CRYPTO_CLIENT
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-08 12:35:19 +01:00
Gilles Peskine
58e935fc6b
add a missing
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-02-08 12:07:12 +01:00