Declare p256-m as ready for production #8203
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add some guidance as to whether and how to enable it. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
gilles-peskine-arm
added
needs-review
|
@d3zd3z Please review to indicate your approval of p256-m as a whole. |
mpg
reviewed
Sep 14, 2023
| (You need extra steps if you want to disable the built-in implementation of ECC algorithms, which includes more features than p256-m. Refer to the documentation of `MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED` for more information.) | ||
|
|
||
| The driver prefix for p256-m is `P256`/`p256`. | ||
| The p256-m driver implements four entry points: `generate_key`, `key_agreement`, `sign_hash`, `verify_hash`. |
There was a problem hiding this comment.
Note: #8041 adds the key management entry points. Depending on which one (of this PR and 8041) gets merged first, the other one will need updating.
daverodgman
approved these changes
Sep 14, 2023
3 tasks
gilles-peskine-arm
removed
the
needs-review
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 22, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 24, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 24, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
|
I approve of the p256-m code. This is probably the cleanest and most readable crypto code I've encountered. |
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 25, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 26, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 27, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
mpg
added a commit
to mpg/mbedtls
that referenced
this pull request
Sep 28, 2023
There was a bit of a race condition between Mbed-TLS#8041 which introduced the new entry points, and Mbed-TLS#8203 which documented the list of entry points. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I have reviewed the p256-m implementation and integration. The conclusion of my review is:
MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLEDis not a good name for a production feature. Filed as Rename MBEDTLS_P256M_EXAMPLE_DRIVER_ENABLED #8202.PR checklist
Note: Will need rebasing if #8041 gets merged first, see #8203 (comment)