An initialization vector IV can have any number of bits between 1 and
2^64. So it should be filled to the lower 64-bit in the last step
when computing ghash.
Signed-off-by: openluopworld <luopengxq@gmail.com>
An initialization vector IV can have any number of bits between 1 and
2^64. So it should be filled to the lower 64-bit in the last step
when computing ghash.
Signed-off-by: openluopworld <luopengxq@gmail.com>
An initialization vector IV can have any number of bits between 1 and
2^64. So it should be filled to the lower 64-bit in the last step
when computing ghash.
Signed-off-by: openluopworld <luopengxq@gmail.com>
This parameter was set but not used, which was pointless. Clang 14 detects
this and legitimately complains.
Remove the parameter. This is an internal function, only called once. The
caller already has a sufficient check on the output buffer size which
applies in more cases, so there is no real gain in robustness in adding the
same check inside the internal function.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix opaque key test vector dependency to PSA_CRYPTO_DRIVER_TEST
instead of MBEDTLS_PSA_CRYPTO_DRIVERS while validating with
test drivers.
Signed-off-by: Archana <archana.madhavan@silabs.com>
The target attributes for key copy could have key bits and
type zeroed. If so, they need to be overwritten/ inherited
from the source key.
This is now forcefully overwritten after validating the
optional attributes. As a result assigning attributes type
and bits after copy are no longer necessary.
Signed-off-by: Archana <archana.madhavan@silabs.com>
A minimal test driver extension is added to support
copy of opaque keys within the same location.
Test vector support is extended to cover opaque keys.
Signed-off-by: Archana <archana.madhavan@silabs.com>
The validation against key width and max key bits is extended to
all key types from the existing validation for only symmetric keys.
Signed-off-by: Archana <archana.madhavan@silabs.com>
-Add test driver support to import/export while wrapping keys
meant to be stored in the PSA core as opaque( emulating an
SE without storage ).
-Export validate_unstructured_key_bit_size as
psa_validate_unstructured_key_bit_size, thereby changing its scope.
-Improve the import/export test cases in test_suite_psa_crypto to also
cover opaque keys, thereby avoiding duplication.
Signed-off-by: Archana <archana.madhavan@silabs.com>
Create a new sizing function for determining the size required for key
storage based on the input key data.
This is required for key imports where the key length might need to be
derived from the data.
Signed-off-by: Archana <archana.madhavan@silabs.com>
The report of RSA public exponent for opaque keys is not
supported. Do not attempt to compute the RSA public
exponent of an RSA opaque key associated to a driver
implementing the new driver interface when
MBEDTLS_PSA_CRYPTO_SE_C is disabled.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Slot number key attribute is specific of dynamically
registered drivers and should thus not be computed/
returned in case of keys associated to drivers
implementing the new unified driver interface.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Clarify the purpose of
psa_get_and_lock_transparent_key_slot_with_policy() and
define it even when MBEDTLS_PSA_CRYPTO_SE_C is disabled
for the purpose of static drivers.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
TLS 1.3 : add tls13 client hello msg -- part 1
When running the ssl-opt.sh "TLS1.3: Test client hello msg work" test with the library compiled in default configuration plus MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL, the openssl server responds with a ServerHello which is the validation we were looking for the work in this PR. Thus, merging.
cleanup `ssl_tls13_write_client_hello_body`, fix comments issues.
And move ciphersuites to separate function
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This reverts commit cc88b34f7942f57ea0fd27ee4b3e29f49c91f10e.
It causes many test fail. It should be re-considered.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
