mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 06:33:06 +00:00

Author	SHA1	Message	Date
David Horstmann	4e54abf182	Add section on possible use of Valgrind tracing Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 17:59:45 +01:00
David Horstmann	05ca3d9a1b	Expand design for validation of careful access Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 16:45:37 +01:00
David Horstmann	a72b4ca734	Modify optimize-testing instructions Mention -flto and whole-program optimization as this is the most important aspect. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 15:22:15 +01:00
David Horstmann	3f7e42a750	Move implementation by module table earlier Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 15:14:50 +01:00
David Horstmann	dae0ad439f	Add more detail in design of memory poisoning Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 15:12:34 +01:00
David Horstmann	0bd87f5959	Change unsigned int to uint8_t Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-19 13:45:21 +01:00
David Horstmann	23661cc232	Detailed design of memory protection strategy Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-10-18 18:20:33 +01:00
Gilles Peskine	df62f1a010	Merge pull request #1106 from gilles-peskine-arm/psa-shared-buffers-requirements PSA shared buffers requirements	2023-10-17 20:38:00 +02:00
Gilles Peskine	8ebeb9c180	Test for read-read inconsistency with mprotect and ptrace/gdb Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-16 18:37:02 +02:00
Gilles Peskine	87889ebe86	Fix editorial error with semantic consequences Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-16 15:40:02 +02:00
Gilles Peskine	a3ce6437bf	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-16 15:39:37 +02:00
Gilles Peskine	1f2802c403	Suggest validating copy by memory poisoning Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 21:49:17 +02:00
Gilles Peskine	6998721c69	Add a section skeleton for copy bypass It's something we're likely to want to do at some point. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:05:32 +02:00
Gilles Peskine	7bc1bb65e9	Short explanations of what is expected in the design sections Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:05:25 +02:00
Gilles Peskine	35de1f7a7d	Distinguish whole-message signature from other asymmetric cryptography Whole-message signature may process the message multiple times (EdDSA signature does it). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:04:16 +02:00
Gilles Peskine	9cad3b3a70	Design change for cipher/AEAD There are many reasons why a driver might violate the security requirements for plaintext or ciphertext buffers, so mandate copying. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:03:18 +02:00
Gilles Peskine	2859267a27	Clarify terminology: built-in driver Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:02:00 +02:00
Gilles Peskine	db00543b3a	Add a section on write-read feedback It's a security violation, although it's not clear whether it really needs to influence the design. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:57:53 +02:00
Gilles Peskine	352095ca86	Simplify the relaxed output-output rule Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:56:22 +02:00
Gilles Peskine	60c453ee72	Expand explanations of the vulnerabilities Add a few more examples. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:07:56 +02:00
Gilles Peskine	8daedaeac9	Fix typos and copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 18:47:29 +02:00
Gilles Peskine	f7806ca782	Analyze requirements for protection of arguments in shared memory Propose a dual-approach strategy where some buffers are copied and others can remain shared. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-12 16:00:11 +02:00
Gilles Peskine	bb5d907aa9	Automatically pick up all Markdown files Assume GNU make. We already do with the toplevel makefile. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-11 20:47:44 +02:00
Gilles Peskine	32743619a2	Merge pull request #8114 from yanesca/threading_requirements_update Refine thread safety requirements	2023-10-09 11:22:59 +00:00
Xiaokang Qian	db3035b8bc	Fix a typo in psa-crypto-implementation-structure.md Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-09-26 09:09:20 +00:00
Xiaokang Qian	76e55a20dd	Change the documenti about psa_crypto_driver_wrappers.c{h} Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-09-26 09:09:20 +00:00
Xiaokang Qian	1198e43644	Change the description of auto-generated driver dispatch files Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-09-26 09:09:20 +00:00
Xiaokang Qian	845693c513	Change comments to psa_crypto_driver_wrappers.h Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>	2023-09-26 09:09:20 +00:00
Janos Follath	b4527fbd82	Add clarifications to the threading requirements Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 14:01:24 +01:00
Janos Follath	b6954730f0	Fix typo Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 13:54:21 +01:00
Janos Follath	35633dd977	Add threading non-requirement State explicitly the non-requirement that it's ok for psa_destroy_key to block waiting for a driver. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 08:31:19 +01:00
Janos Follath	15d9ec29be	Improve thread safety presentation - Use unique section titles so that there are unique anchors - Make list style consistent between similar sections Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 08:22:21 +01:00
Janos Follath	0385c2815c	Tighten thread safety requirements We shouldn't violate the requirement that the key identifier can be reused. In practice, a key manager may destroy a key that's in use by another process, and the privileged world containing the key manager and the crypto service should not be perturbed by an unprivileged process. With respect to blocking, again, a key manager should not be blocked indefinitely by an unprivileged application. These are desirable properties even in the short term. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-30 16:44:04 +01:00
Janos Follath	7ec993d804	Refine thread safety requirements Split and refine short term requirements for key deletion. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-23 16:04:48 +01:00
Gilles Peskine	33291ba35f	Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc PSA thread safety requirements	2023-08-10 16:21:55 +02:00
Gilles Peskine	9aa93c8e78	Added a note about new primitives for secure destruction Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-07 16:32:09 +02:00
Gilles Peskine	584bf985f5	Elaborate on psa_destroy_key requirements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-07 16:29:19 +02:00
Gilles Peskine	d3a797710a	psa_is_key_slot_occupied: change to using the key identifier Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 18:36:06 +02:00
Valerio Setti	ab02d391cb	test: use only rev-parse for getting the current branch Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 16:47:07 +02:00
Valerio Setti	ccb0344969	test: add GIT alternative commands for older GIT versions The Docker container used for the CI has Git version 2.7.4 which does not support the "git branch --show-current" command since this was added in version 2.22. Therefore this commit adds an alternative version for old Git versions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 15:07:49 +02:00
Dave Rodgman	e183ecef3d	Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases Record the outcome of each test case in compat.sh	2023-07-10 12:08:32 +01:00
Gilles Peskine	0ca2a1f51b	Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec Storage resilience with stateful secure elements: design document	2023-06-29 18:25:52 +02:00
Gilles Peskine	34a201774e	More about whether to have the driver key id in the transaction list Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	009c06b973	Discuss the cost of a get_key_attributes entry point Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	4e5088476e	Finish test strategy Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-30 23:34:07 +02:00
Gilles Peskine	44bbf29597	Write up the transaction/recovery processess Still missing: details of part of the testing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 20:35:49 +02:00
Gilles Peskine	76a852f8fb	Design document for storage resilience Explore possibilities for implementing stateful secure elements with storage. Choose one. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 09:37:30 +02:00
Gilles Peskine	63df4ec3ca	Merge pull request #7589 from daverodgman/pr4990 Replace references to Mbed Crypto (rebase)	2023-05-16 19:14:51 +02:00
Gilles Peskine	7e37aa85a2	Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism Check list for implementing a new mechanism in PSA crypto	2023-05-16 14:04:15 +02:00
Gilles Peskine	de4cbc54d3	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-16 12:04:57 +02:00

1 2 3 4 5 ...

279 Commits