Commit graph

52 commits

Author SHA1 Message Date
Ronald Cron a120146afe
Merge pull request #3962 from gilles-peskine-arm/psa-storage-format-test-strategy
Keystore format stability test strategy
2021-01-25 16:44:23 +01:00
Gilles Peskine ff457506d3 Remind the reader of what is done about old formats
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-19 14:25:20 +01:00
Gilles Peskine 697ee190b5 Add a section about non-default lifetimes
Alternative locations should be covered. We don't yet support
alternative persistence levels.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-18 23:38:21 +01:00
Gilles Peskine 528144f523 Clarify the methods of key storage testing
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-18 23:36:18 +01:00
Gilles Peskine cf62f10d3f Clarify interoperability non-requirement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2021-01-05 11:49:18 +01:00
Gilles Peskine 739e08a68d Keystore format stability test strategy
Initial revision.

Save-compare-load approach: the test case data contains attributes of
the object under test and the expected file content. Create the
object, save it, check that the file has the expected content, load
the file and check that the new object has the expected attributes.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-14 18:51:47 +01:00
Gilles Peskine 24cebf6671 Add a section for transparent drivers
No strategy yet, just state some basic requirements.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-08 15:19:04 +01:00
Gilles Peskine f0e2853d46 Minimal update to mention unified-interface opaque drivers
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-12-08 15:19:04 +01:00
Gilles Peskine db6b03b4f2 Remove old-style accelerator and entropy driver interfaces
The driver interfaces described in crypto_accel_driver.h and
crypto_entropy_driver.h are no longer being worked on. We do not
intend to finish the design of these interfaces or to implement them
in Mbed TLS. They have been superseded by the unified driver
interface (docs/proposed/psa-driver-interface.md), which is being
actively worked on both to finalize the specification and to implement
it in Mbed TLS.

The partially implemented dynamic secure element interface is staying
for now.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-11-30 17:37:14 +01:00
Ronald Cron cf56a0a320 psa: Move from key handle to key identifier
Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.

Update the library modules using PSA crypto APIs
to get rid of key handles.

Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-11-10 16:00:41 +01:00
Torstein Nesse d9246559ca Update changelog entry, format specification, and correct test vectors
Signed-off-by: Torstein Nesse <torstein.nesse@silabs.com>
2020-10-21 11:17:09 +02:00
Torstein Nesse 162a1104be Changes PSA key storage format to include key bits
* Stores bits in psa_persistent_key_storage_format.
* psa_load_persistent_key_into_slot still imports plaintext keys which
  ensures that the bits value gets set.
* Updates key specification to match new implementation.
* Expands persistent store and load tests with to check for bits
  attribute.
* Removes bits storage from psa_se_key_data_storage_t.

Signed-off-by: Torstein Nesse <torstein.nesse@silabs.com>
2020-10-07 10:54:24 +02:00
Janos Follath 2a25904f45
Merge pull request #3568 from hanno-arm/tls13_experimental_key_schedule_1
TLS 1.3: Add HKDF-based key derivation functionality
2020-09-16 11:40:06 +01:00
Hanno Becker b11c3097a5 Update state of TLS 1.3 functionality in architecture document
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-09-08 10:28:29 +01:00
Ronald Cron 71016a9ea7 psa: Rename psa_key_file_id_t to mbedtls_svc_key_id_t
With PSA crypto v1.0.0, a volatile key identifier may
contain a owner identifier but no file is associated
to it. Thus rename the type psa_key_file_id_t to
mbedtls_svc_key_id_t to avoid a direct link with a
file when a key identifier involves an owner
identifier.

The new type name is prefixed by mbedtls to highlight
that the type is specific to Mbed TLS implementation
and not defined in the PSA Cryptography API
specification.

The svc in the type name stands for service as this
is the key identifier type from the point of view of
the service providing the Cryptography services.
The service can be completely provided by the present
library or partially in case of a multi-client service.

As a consequence rename as well:
. MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER to
  MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
. PSA_KEY_ID_INIT to MBEDTLS_SVC_KEY_ID_INIT
. PSA_KEY_FILE_GET_KEY_ID to MBEDTLS_SVC_KEY_ID_GET_KEY_ID
. psa_key_file_id_make to mbedtls_svc_key_id_make

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2020-09-02 14:27:07 +02:00
danh-arm 0ca6d38bc3
Merge pull request #3493 from gilles-peskine-arm/psa-unified-driver-specs
PSA unified driver specification
2020-08-06 16:10:17 +01:00
Gilles Peskine abeb58e814 Add a directory for proposed specifications
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-07-13 13:27:42 +02:00
Gilles Peskine fb4f933f8e Rename Python scripts to use '_' and not '-'
You can't import a Python script whose name includes '-'.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-25 14:22:06 +02:00
Janos Follath bba4c17b7a
Merge pull request #3315 from hanno-arm/tls13-experimental-macro
Add support for TLS 1.3 record protection routines
2020-06-04 15:51:54 +01:00
Hanno Becker 5a83d29114 Mention HKDF in TLS 1.3 feature document
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-06-02 06:33:00 +01:00
Hanno Becker 0c3bebfa15 Fix typo in header of TLS 1.3 experimental features document
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-06-02 06:32:43 +01:00
Hanno Becker 9338f9f718 Add documentation on state of upstreaming of TLS 1.3 prototype
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2020-05-31 08:51:29 +01:00
Gilles Peskine 24ba42cef7 Fix explanation of rules for function substitution
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:42 +02:00
Gilles Peskine 688f6cc591 There are test programs, not just unit tests
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:07:40 +02:00
Gilles Peskine 5925183b8a Fix explanation of PSA_DONE
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:06:37 +02:00
Gilles Peskine 2182585776 Introduction: present the top-level sections
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:33 +02:00
Gilles Peskine d04b9ed7dd Spelling
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-05-11 23:03:24 +02:00
Gilles Peskine fa51820e39 Expand the rule for internal functions exposed for tests only
Clarify that using a header in library/ rather than include/ for
internal functions is a rule, not just a possibility.

As suggested by Manuel, state a rule for functions that need to be
static for best optimization but that we want to unit-test.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:38 +01:00
Gilles Peskine 4b7279e5d9 Write up some solutions
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:31 +01:00
Gilles Peskine dff10c773b Add a note that TLS requires further consideration
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:22 +01:00
Gilles Peskine ab4b9b4165 New test strategy document: invasive testing
Evaluate possible approaches for invasive testing.

State some rules.

This commit was originally written for Mbed Crypto only.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-03-24 22:56:15 +01:00
Gilles Peskine 9afbfdc833 Merge remote-tracking branch 'myfork-public/development' into merge-crypto-development-20191115
First deal with deleted files.

* Files deleted by us: keep them deleted.
* Files deleted by them, whether modified by us or not: keep our version.

```
git rm $(git status -s | sed -n 's/^DU //p')
git reset -- $(git status -s | sed -n 's/^D  //p')
git checkout -- $(git status -s | sed -n 's/^ D //p')
git add -- $(git status -s | sed -n 's/^UD //p')
```

Individual files with conflicts:

* `3rdparty/everest/library/Hacl_Curve25519_joined.c`: spurious conflict because git mistakenly identified this file as a rename. Keep our version.
* `README.md`: conflict due to their change in a paragraph that doesn't exist in our version. Keep our version of this paragraph.
* `docs/architecture/Makefile`: near-identical additions. Adapt the definition of `all_markdown` and include the clean target.
* `doxygen/input/docs_mainpage.h`: conflict in the version number. Keep our version number.
* `include/mbedtls/config.h`: two delete/modify conflicts. Keep the removed chunks out.
* `library/CMakeLists.txt`: discard all their changes as they are not relevant.
* `library/Makefile`:
    * Discard the added chunk about the crypto submodule starting with `INCLUDING_FROM_MBEDTLS:=1`.
    * delete/modify: keep the removed chunk out.
    * library build: This is almost delete/modify. Their changes are mostly not applicable. Do keep the `libmbedcrypto.$(DLEXT): | libmbedcrypto.a` order dependency.
    * `.c.o`: `-o` was added on both sides but in a different place. Change to their place.
* `library/error.c`: to be regenerated.
* `library/version_features.c`: to be regenerated.
* `programs/Makefile`: Most of the changes are not relevant. The one relevant change is in the `clean` target for Windows; adapt it by removing `/S` from our version.
* `programs/test/query_config.c`: to be regenerated.
* `scripts/config.py`: added in parallel on both sides. Keep our version.
* `scripts/footprint.sh`: parallel changes. Keep our version.
* `scripts/generate_visualc_files.pl`: one delete/modify conflict. Keep the removed chunks out.
* `tests/Makefile`: discard all of their changes.
* `tests/scripts/all.sh`:
    * `pre_initialize_variables` add `append_outcome`: add it.
    * `pre_initialize_variables` add `ASAN_CFLAGS`: already there, keep our version.
    * `pre_parse_command_line` add `--no-append-outcome`: add it.
    * `pre_parse_command_line` add `--outcome-file`: add it.
    * `pre_print_configuration`: add `MBEDTLS_TEST_OUTCOME_FILE`.
    * Several changes in SSL-specific components: keep our version without them.
    * Several changes where `config.pl` was changed to `config.py` and there was an adjacent difference: keep our version.
    * Changes regarding the inclusion of `MBEDTLS_MEMORY_xxx`: ignore them here, they will be normalized in a subsequent commit.
    * `component_test_full_cmake_gcc_asan`: add it without the TLS tests.
    * `component_test_no_use_psa_crypto_full_cmake_asan`: keep the fixed `msg`, discard other changes.
    * `component_test_memory_buffer_allocator_backtrace`, `component_test_memory_buffer_allocator`: add them without the TLS tests.
    * `component_test_m32_everest`: added in parallel on both sides. Keep our version.
* `tests/scripts/check-names.sh`, `tests/scripts/list-enum-consts.pl`, `tests/scripts/list-identifiers.sh`, ``tests/scripts/list-macros.sh`: discard all of their changes.
* `tests/scripts/test-ref-configs.pl`: the change in the conflict is not relevant, so keep our version there.
* `visualc/VS2010/*.vcxproj`: to be regenerated.

Regenerate files:

```
scripts/generate_visualc_files.pl
git add visualc/VS2010/*.vcxproj
scripts/generate_errors.pl
git add library/error.c
scripts/generate_features.pl
git add library/version_features.c
scripts/generate_query_config.pl
git add programs/test/query_config.c
```

Rejected changes in non-conflicting files:

* `CMakeLists.txt`: discard their addition which has already been side-ported.
* `doxygen/mbedtls.doxyfile`: keep the version number change. Discard the changes related to `../crypto` paths.

Keep the following changes after examination:

* `.travis.yml`: all of their changes are relevant.
* `include/mbedtls/error.h`: do keep their changes. Even though Crypto doesn't use TLS errors, it must not encroach on TLS's allocated numbers.
* `tests/scripts/check-test-cases.py`: keep the code dealing with `ssl-opt.sh`. It works correctly when the file is not present.
2019-11-15 11:47:14 +01:00
Gilles Peskine 7334462278 Make hyperlink a hyperlink in every markdown flavor 2019-10-01 10:36:10 +02:00
Gilles Peskine e94bc87ebe Document test case descriptions 2019-09-27 20:24:33 +02:00
Gilles Peskine 508caf528a Document the test outcome file 2019-09-24 19:21:19 +02:00
Gilles Peskine d46b0869f4 Create infrastructure for architecture documents in Markdown 2019-09-24 19:21:19 +02:00
Gilles Peskine 4b3db7382d Add "clean" rule 2019-09-09 18:26:20 +02:00
Gilles Peskine 1ff67cc65c Build the driver interface test strategy document 2019-09-09 18:25:13 +02:00
Gilles Peskine 8b193c10ca Check inputs too 2019-09-05 19:37:01 +02:00
Gilles Peskine 545c28bf70 Fix URL of ATECC driver 2019-09-04 19:41:16 +02:00
Gilles Peskine 92bcfdbb66 Write secure element driver interface test strategy 2019-09-04 19:26:50 +02:00
Gilles Peskine b26c8d8bb4 Create a driver interface test strategy document
Just the structure for now, no actual content.
2019-09-04 19:26:17 +02:00
Gilles Peskine 72c8c5b352 Merge remote-tracking branch 'upstream-crypto/development' into psa-api-1.0-beta-merge_development_20190801
Conflict resolution:
* `scripts/config.pl`:
  Take the exclusion of `MBEDTLS_PSA_CRYPTO_SE_C` from the API branch.
  Take the removal of `MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C` (obsolete) from
  the development branch.
* `tests/scripts/all.sh`:
  Multiple instances of factoring a sequence of `config.pl` calls into
  a mere `config.pl baremetal` in the development branch, and a change in
  the composition of `baremetal` in the API branch. In each case, take the
  version from development.
* `tests/suites/test_suite_psa_crypto_slot_management.function`:
  A function became non-static in development and disappeared in the API
  branch. Keep the version from the API branch. Functions need to be
  non-static if they're defined but unused in some configurations,
  which is not the case for any function in this file at the moment.
* `tests/suites/test_suite_psa_crypto.function`:
  Consecutive changes in the two branches, reconciled.
2019-07-31 17:47:49 +02:00
Gilles Peskine 831ac72338 Add transaction file and driver storage; new key file format
Update the storage architecture with the new features introduced for
secure element support:

* Lifetime field in key files.
* Slot number in key files for keys in a secure element.
* Transaction file (name and format).
* Persistent storage for secure element drivers (name and format).

The version number is not determined yet.
2019-07-23 19:32:21 +02:00
Gilles Peskine 2c8f909782 Correct version number for 1.1.0 format (formerly 1.0.1)
Update the 1.1.0 format description now that its version number has
been decided. This release turned out to be 1.1.0, not 1.0.1.
2019-07-10 17:19:46 +02:00
Gilles Peskine 131aa31c82 New key file format for 1.0.1
Add alg2 field and note that some encodings have changed.
2019-05-21 18:31:59 +02:00
Gilles Peskine 640273a35e Update key file format information for 1.0.0
The storage specification described a version tentatively called
0.2.0. This was actually released as 1.0.0 with the format as
described here.
2019-05-21 18:31:59 +02:00
Gilles Peskine 11eca7115e Update the encoding of owners in key file identifiers
Switch to the terminology "key file identifier", as has been done in
the code.

The owner uid is now in the upper 32 bits of the key file identifier,
which facilitates namespacing.
2019-02-20 15:44:22 +01:00
Gilles Peskine f02fbf4bbe Don't mention "crypto service" when discussing a library integration 2019-02-13 15:43:35 +01:00
Gilles Peskine b5a132f26c Minor clarifications 2019-02-12 16:47:20 +01:00