Replace HTML files by redirection to the official spec hosting
Use HTML redirects since we can't do HTTP redirects on GitHub pages.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/docs/1.0.1/html/overview/sample-arch.html b/docs/1.0.1/html/overview/sample-arch.html
index e799241..d1b225a 100644
--- a/docs/1.0.1/html/overview/sample-arch.html
+++ b/docs/1.0.1/html/overview/sample-arch.html
@@ -1,211 +1 @@
-
-<!DOCTYPE html>
-
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta charset="utf-8" />
- <title>4. Sample architectures — PSA Crypto API 1.0.1 documentation</title>
- <link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
- <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
- <script type="text/javascript" id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
- <script type="text/javascript" src="../_static/jquery.js"></script>
- <script type="text/javascript" src="../_static/underscore.js"></script>
- <script type="text/javascript" src="../_static/doctools.js"></script>
- <script type="text/javascript" src="../_static/language_data.js"></script>
- <link rel="author" title="About these documents" href="../about.html" />
- <link rel="index" title="Index" href="../genindex.html" />
- <link rel="search" title="Search" href="../search.html" />
- <link rel="next" title="5. Library conventions" href="conventions.html" />
- <link rel="prev" title="3. Functionality overview" href="functionality.html" />
-
- <link rel="stylesheet" href="../_static/custom.css" type="text/css" />
-
-
- <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
-
- </head><body>
-
-
- <div class="document">
- <div class="documentwrapper">
- <div class="bodywrapper">
-
-
- <div class="body" role="main">
-
- <div class="section" id="sample-architectures">
-<span id="architectures"></span><h1>4. Sample architectures</h1>
-<p>This section describes some example architectures that can be used for
-implementations of the interface described in this specification. This list is
-not exhaustive and the section is entirely non-normative.</p>
-<div class="section" id="single-partition-architecture">
-<h2>4.1. Single-partition architecture</h2>
-<p>In the single-partition architecture, there is no security boundary inside the system. The
-application code can access all the system memory, including the memory used by
-the cryptographic services described in this specification. Thus, the
-architecture provides <a class="reference internal" href="goals.html#isolation"><span class="std std-ref">no isolation</span></a>.</p>
-<p>This architecture does not conform to the Arm <em>Platform Security Architecture
-Security Model</em>. However, it is useful for providing cryptographic services
-that use the same interface, even on devices that cannot support any security
-boundary. So, while this architecture is not the primary design goal of the API
-defined in the present specification, it is supported.</p>
-<p>The functions in this specification simply execute the underlying algorithmic
-code. Security checks can be kept to a minimum, since the cryptoprocessor cannot
-defend against a malicious application. Key import and export copy data inside
-the same memory space.</p>
-<p>This architecture also describes a subset of some larger systems, where the
-cryptographic services are implemented inside a high-security partition,
-separate from the code of the main application, though it shares this
-high-security partition with other platform security services.</p>
-</div>
-<div class="section" id="cryptographic-token-and-single-application-processor">
-<span id="isolated-cryptoprocessor"></span><h2>4.2. Cryptographic token and single-application processor</h2>
-<p>This system is composed of two partitions: one is a cryptoprocessor and the
-other partition runs an application. There is a security boundary between the
-two partitions, so that the application cannot access the cryptoprocessor,
-except through its public interface. Thus, the architecture provides
-<a class="reference internal" href="goals.html#isolation"><span class="std std-ref">cryptoprocessor isolation</span></a>. The cryptoprocessor has
-some non-volatile storage, a TRNG, and possibly, some cryptographic accelerators.</p>
-<p>There are a number of potential physical realizations: the cryptoprocessor might
-be a separate chip, a separate processor on the same chip, or a logical
-partition using a combination of hardware and software to provide the isolation.
-These realizations are functionally equivalent in terms of the offered software
-interface, but they would typically offer different levels of security
-guarantees.</p>
-<p>The PSA crypto API in the application processor consists of a thin layer of code
-that translates function calls to remote procedure calls in the cryptoprocessor.
-All cryptographic computations are, therefore, performed inside the
-cryptoprocessor. Non-volatile keys are stored inside the cryptoprocessor.</p>
-</div>
-<div class="section" id="cryptoprocessor-with-no-key-storage">
-<h2>4.3. Cryptoprocessor with no key storage</h2>
-<p>As in the <a class="reference internal" href="#isolated-cryptoprocessor"><span class="secref">Cryptographic token and single-application processor</span></a> architecture, this system
-is also composed of two partitions separated by a security boundary and also
-provides <a class="reference internal" href="goals.html#isolation"><span class="std std-ref">cryptoprocessor isolation</span></a>.
-However, unlike the previous architecture, in this system, the cryptoprocessor
-does not have any secure, persistent storage that could be used to store
-application keys.</p>
-<p>If the cryptoprocessor is not capable of storing cryptographic material, then
-there is little use for a separate cryptoprocessor, since all data would have to
-be imported by the application.</p>
-<p>The cryptoprocessor can provide useful services if it is able to store at least
-one key. This might be a hardware unique key that is burnt to one-time
-programmable memory during the manufacturing of the device. This key can be used
-for one or more purposes:</p>
-<ul class="simple">
-<li><p>Encrypt and authenticate data stored in the application processor.</p></li>
-<li><p>Communicate with a paired device.</p></li>
-<li><p>Allow the application to perform operations with keys that are derived from
-the hardware unique key.</p></li>
-</ul>
-</div>
-<div class="section" id="multi-client-cryptoprocessor">
-<h2>4.4. Multi-client cryptoprocessor</h2>
-<p>This is an expanded variant of the <a class="reference internal" href="#isolated-cryptoprocessor"><span class="std std-ref">cryptographic token plus application
-architecture</span></a>. In this
-variant, the cryptoprocessor serves multiple applications that are mutually
-untrustworthy. This architecture provides <a class="reference internal" href="goals.html#isolation"><span class="std std-ref">caller
-isolation</span></a>.</p>
-<p>In this architecture, API calls are translated to remote procedure calls, which
-encode the identity of the client application. The cryptoprocessor carefully
-segments its internal storage to ensure that a client’s data is never leaked to
-another client.</p>
-</div>
-<div class="section" id="multi-cryptoprocessor-architecture">
-<h2>4.5. Multi-cryptoprocessor architecture</h2>
-<p>This system includes multiple cryptoprocessors. There are several reasons to
-have multiple cryptoprocessors:</p>
-<ul class="simple">
-<li><p>Different compromises between security and performance for different keys.
-Typically, this means a cryptoprocessor that runs on the same hardware as the
-main application and processes short-term secrets, a secure element or a
-similar separate chip that retains long-term secrets.</p></li>
-<li><p>Independent provisioning of certain secrets.</p></li>
-<li><p>A combination of a non-removable cryptoprocessor and removable ones, for
-example, a smartcard or HSM.</p></li>
-<li><p>Cryptoprocessors managed by different stakeholders who do not trust each
-other.</p></li>
-</ul>
-<p>The keystore implementation needs to dispatch each request to the correct
-processor. For example:</p>
-<ul class="simple">
-<li><p>All requests involving a non-extractable key must be processed in the
-cryptoprocessor that holds that key.</p></li>
-<li><p>Requests involving a persistent key must be processed in the cryptoprocessor
-that corresponds to the key’s lifetime value.</p></li>
-<li><p>Requests involving a volatile key might target a cryptoprocessor based on
-parameters supplied by the application, or based on considerations such as
-performance inside the implementation.</p></li>
-</ul>
-</div>
-</div>
-
-
- </div>
-
- </div>
- </div>
- <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
- <div class="sphinxsidebarwrapper"><h3><a href="../index.html"><b>PSA Crypto API</b></a></h3>
-IHI 0086<br/>
-Non-confidential<br/>
-Version 1.0.1
-<span style="color: red; font-weight: bold;"></span>
-<ul>
-<li class="toctree-l1"><a class="reference internal" href="../about.html">About this document</a></li>
-</ul>
-<ul class="current">
-<li class="toctree-l1"><a class="reference internal" href="intro.html">1. Introduction</a></li>
-<li class="toctree-l1"><a class="reference internal" href="goals.html">2. Design goals</a></li>
-<li class="toctree-l1"><a class="reference internal" href="functionality.html">3. Functionality overview</a></li>
-<li class="toctree-l1 current"><a class="current reference internal" href="#">4. Sample architectures</a><ul>
-<li class="toctree-l2"><a class="reference internal" href="#single-partition-architecture">4.1. Single-partition architecture</a></li>
-<li class="toctree-l2"><a class="reference internal" href="#cryptographic-token-and-single-application-processor">4.2. Cryptographic token and single-application processor</a></li>
-<li class="toctree-l2"><a class="reference internal" href="#cryptoprocessor-with-no-key-storage">4.3. Cryptoprocessor with no key storage</a></li>
-<li class="toctree-l2"><a class="reference internal" href="#multi-client-cryptoprocessor">4.4. Multi-client cryptoprocessor</a></li>
-<li class="toctree-l2"><a class="reference internal" href="#multi-cryptoprocessor-architecture">4.5. Multi-cryptoprocessor architecture</a></li>
-</ul>
-</li>
-<li class="toctree-l1"><a class="reference internal" href="conventions.html">5. Library conventions</a></li>
-<li class="toctree-l1"><a class="reference internal" href="implementation.html">6. Implementation considerations</a></li>
-<li class="toctree-l1"><a class="reference internal" href="usage.html">7. Usage considerations</a></li>
-<li class="toctree-l1"><a class="reference internal" href="../api/library/index.html">8. Library management reference</a></li>
-<li class="toctree-l1"><a class="reference internal" href="../api/keys/index.html">9. Key management reference</a></li>
-<li class="toctree-l1"><a class="reference internal" href="../api/ops/index.html">10. Cryptographic operation reference</a></li>
-</ul>
-<ul>
-<li class="toctree-l1"><a class="reference internal" href="../appendix/example_header.html">Example header file</a></li>
-<li class="toctree-l1"><a class="reference internal" href="../appendix/specdef_values.html">Example macro implementations</a></li>
-<li class="toctree-l1"><a class="reference internal" href="../appendix/history.html">Changes to the API</a></li>
-</ul>
-<ul>
-<li class="toctree-l1"><a class="reference internal" href="../psa_c-identifiers.html">Index of API elements</a></li>
-</ul>
-<div id="searchbox" style="display: none" role="search">
- <h3 id="searchlabel">Quick search</h3>
- <div class="searchformwrapper">
- <form class="search" action="../search.html" method="get">
- <input type="text" name="q" aria-labelledby="searchlabel" />
- <input type="submit" value="Go" />
- </form>
- </div>
-</div>
-<script type="text/javascript">$('#searchbox').show(0);</script>
- </div>
- </div>
- <div class="clearer"></div>
- </div>
- <div class="footer">
- © 2018-2020, Arm Limited or its affiliates. All rights reserved.
-
- |
- Powered by <a href="http://sphinx-doc.org/">Sphinx 2.1.2</a>
- & <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
-
- </div>
-
-
-
-
- </body>
-</html>
\ No newline at end of file
+<meta http-equiv="Refresh" content="0; url='https://arm-software.github.io/psa-api/crypto/1.0/overview/sample-arch.html'" />