mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 12:32:48 +00:00

Author	SHA1	Message	Date
Gilles Peskine	a3ce6437bf	Typos Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-16 15:39:37 +02:00
Gilles Peskine	1f2802c403	Suggest validating copy by memory poisoning Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 21:49:17 +02:00
Gilles Peskine	6998721c69	Add a section skeleton for copy bypass It's something we're likely to want to do at some point. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:05:32 +02:00
Gilles Peskine	7bc1bb65e9	Short explanations of what is expected in the design sections Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:05:25 +02:00
Gilles Peskine	35de1f7a7d	Distinguish whole-message signature from other asymmetric cryptography Whole-message signature may process the message multiple times (EdDSA signature does it). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:04:16 +02:00
Gilles Peskine	9cad3b3a70	Design change for cipher/AEAD There are many reasons why a driver might violate the security requirements for plaintext or ciphertext buffers, so mandate copying. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:03:18 +02:00
Gilles Peskine	2859267a27	Clarify terminology: built-in driver Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 20:02:00 +02:00
Gilles Peskine	db00543b3a	Add a section on write-read feedback It's a security violation, although it's not clear whether it really needs to influence the design. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:57:53 +02:00
Gilles Peskine	352095ca86	Simplify the relaxed output-output rule Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:56:22 +02:00
Gilles Peskine	60c453ee72	Expand explanations of the vulnerabilities Add a few more examples. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 19:07:56 +02:00
Gilles Peskine	8daedaeac9	Fix typos and copypasta Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-13 18:47:29 +02:00
Gilles Peskine	f7806ca782	Analyze requirements for protection of arguments in shared memory Propose a dual-approach strategy where some buffers are copied and others can remain shared. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>	2023-10-12 16:00:11 +02:00

1 2

62 Commits