mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 04:20:12 +00:00

Author	SHA1	Message	Date
Valerio Setti	7373a6644d	driver-only-builds.md: fix text Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-09-04 16:16:11 +02:00
Janos Follath	b4527fbd82	Add clarifications to the threading requirements Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 14:01:24 +01:00
Janos Follath	b6954730f0	Fix typo Co-authored-by: Ronald Cron <ronald.cron@arm.com> Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 13:54:21 +01:00
Janos Follath	35633dd977	Add threading non-requirement State explicitly the non-requirement that it's ok for psa_destroy_key to block waiting for a driver. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 08:31:19 +01:00
Janos Follath	15d9ec29be	Improve thread safety presentation - Use unique section titles so that there are unique anchors - Make list style consistent between similar sections Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-31 08:22:21 +01:00
Janos Follath	0385c2815c	Tighten thread safety requirements We shouldn't violate the requirement that the key identifier can be reused. In practice, a key manager may destroy a key that's in use by another process, and the privileged world containing the key manager and the crypto service should not be perturbed by an unprivileged process. With respect to blocking, again, a key manager should not be blocked indefinitely by an unprivileged application. These are desirable properties even in the short term. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-30 16:44:04 +01:00
Janos Follath	7ec993d804	Refine thread safety requirements Split and refine short term requirements for key deletion. Signed-off-by: Janos Follath <janos.follath@arm.com>	2023-08-23 16:04:48 +01:00
Valerio Setti	d31b28485b	driver-only-builds: update EC and FFDH sections Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-08-17 12:36:40 +02:00
Gilles Peskine	33291ba35f	Merge pull request #5538 from gilles-peskine-arm/psa-thread_safety-doc PSA thread safety requirements	2023-08-10 16:21:55 +02:00
Manuel Pégourié-Gonnard	0b6d021069	Adjust presence of warning/link. - the codegen migration document is already a migration document, so doesn't need the extra warning about work in progress; - the driver interface can use a link to the more practical guide too. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-08-08 09:37:11 +02:00
Gilles Peskine	9aa93c8e78	Added a note about new primitives for secure destruction Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-07 16:32:09 +02:00
Gilles Peskine	584bf985f5	Elaborate on psa_destroy_key requirements Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-07 16:29:19 +02:00
Manuel Pégourié-Gonnard	de24ba6cfd	Add link to examples in relevant places Some documents about driver describe a state of things that is ahead of the reality. They already contain a warning about it, but no way to know that the current reality is; add a pointer to a document that describes it. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-08-07 11:36:14 +02:00
Manuel Pégourié-Gonnard	b61484947a	Fix error in the guide to drivers There is no export_key entry point for transparent drivers. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-08-07 11:32:51 +02:00
Gilles Peskine	d3a797710a	psa_is_key_slot_occupied: change to using the key identifier Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-08-02 18:36:06 +02:00
Valerio Setti	ab02d391cb	test: use only rev-parse for getting the current branch Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 16:47:07 +02:00
Valerio Setti	ccb0344969	test: add GIT alternative commands for older GIT versions The Docker container used for the CI has Git version 2.7.4 which does not support the "git branch --show-current" command since this was added in version 2.22. Therefore this commit adds an alternative version for old Git versions. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2023-07-31 15:07:49 +02:00
Manuel Pégourié-Gonnard	1c739ec277	Merge pull request #7900 from mpg/doc-driver-only ECPf wrap-up	2023-07-26 10:25:54 +02:00
Manuel Pégourié-Gonnard	fb22c27f1d	Misc wording fixes and improvements Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-18 10:40:56 +02:00
Manuel Pégourié-Gonnard	1937cf8143	Improve wording & fix a typo Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-11 11:14:15 +02:00
Manuel Pégourié-Gonnard	c97775162e	Fix inaccurate information about FFDH Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-11 11:11:20 +02:00
Dave Rodgman	e183ecef3d	Merge pull request #7136 from yanrayw/5692-record-compatsh-test-cases Record the outcome of each test case in compat.sh	2023-07-10 12:08:32 +01:00
Manuel Pégourié-Gonnard	7a82e27a10	Add documentation on driver-only ECC Just one part left for later. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-07 17:09:14 +02:00
Manuel Pégourié-Gonnard	6d5f4946e6	Add docs/driver-only-builds.md Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-07-07 17:09:14 +02:00
Gilles Peskine	0ca2a1f51b	Merge pull request #7646 from gilles-peskine-arm/psa-driver-transaction-testing-spec Storage resilience with stateful secure elements: design document	2023-06-29 18:25:52 +02:00
Manuel Pégourié-Gonnard	417ce2c574	Rename _USE to _BASIC Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-16 10:36:44 +02:00
Manuel Pégourié-Gonnard	1cae90bf50	Update PSA_WANT spec for new KEY_PAIR scheme Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>	2023-06-14 12:19:13 +02:00
Gilles Peskine	34a201774e	More about whether to have the driver key id in the transaction list Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	009c06b973	Discuss the cost of a get_key_attributes entry point Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-13 21:11:43 +02:00
Gilles Peskine	265ce7c1da	Merge pull request #5451 from gilles-peskine-arm/psa-driver-kdf-spec PSA drivers: specification for key derivation	2023-06-06 11:37:28 +02:00
Gilles Peskine	f4ba0013e2	Clarify when key derivation entry points are mandatory/permitted Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-05 14:24:14 +02:00
Gilles Peskine	8dd1e623e1	Copyediting Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-05 14:14:41 +02:00
Gilles Peskine	7df8ba6a10	Rework the description of key derivation output/verify key Some of the fallback mechanisms between the entry points were not described corrrectly. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-02 18:16:02 +02:00
Gilles Peskine	dcaf104eef	Note that we may want to rename derive_key ... if we think of a better name Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-02 18:02:41 +02:00
Gilles Peskine	f96a18edc7	Probably resolve concern about the input size for derive_key Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-02 18:02:15 +02:00
Gilles Peskine	1414bc34b9	Minor copyediting Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-06-02 17:54:32 +02:00
Gilles Peskine	24f52296f1	Key agreement needs an attribute structure for our key Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:44:04 +02:00
Gilles Peskine	e52bff994c	Note possible issue with derive_key: who should choose the input length? Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:43:29 +02:00
Gilles Peskine	b319ed69c4	State explicitly that cooked key derivation uses the export format This is the case for all key creation in a secure element, but state it explicitly where relevant. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:42:45 +02:00
Gilles Peskine	f787879a14	Clarify sequencing of long inputs Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:42:29 +02:00
Gilles Peskine	d2fe1d5498	Rationale on key derivation inputs and buffer ownership Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:42:17 +02:00
Gilles Peskine	4e94fead86	Key derivation dispatch doesn't depend on the key type At least for all currently specified algorithms. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:40:56 +02:00
Gilles Peskine	66b96e2d87	Copyediting Fix some typos and copypasta. Some very minor wording improvements. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-31 00:40:27 +02:00
Gilles Peskine	4e5088476e	Finish test strategy Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-30 23:34:07 +02:00
Gilles Peskine	44bbf29597	Write up the transaction/recovery processess Still missing: details of part of the testing Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 20:35:49 +02:00
Gilles Peskine	76a852f8fb	Design document for storage resilience Explore possibilities for implementing stateful secure elements with storage. Choose one. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-24 09:37:30 +02:00
Gilles Peskine	63df4ec3ca	Merge pull request #7589 from daverodgman/pr4990 Replace references to Mbed Crypto (rebase)	2023-05-16 19:14:51 +02:00
Gilles Peskine	7e37aa85a2	Merge pull request #5904 from gilles-peskine-arm/psa-doc-implementing-new-mechanism Check list for implementing a new mechanism in PSA crypto	2023-05-16 14:04:15 +02:00
Gilles Peskine	de4cbc54d3	Fix copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-05-16 12:04:57 +02:00
Fredrik Hesse	95bd5a5004	Minor adjustments after review. Signed-off-by: Fredrik Hesse <fredrik@hesse.se>	2023-05-12 15:01:59 +01:00

1 2 3 4 5 ...

765 Commits