Add tests for supplying inputs or requesting outputs when a J-PAKE
computation has already completed
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Test that extra calls to psa_pake_input() and psa_pake_output() during a
round return the correct error.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Keep track of the J-PAKE internal state in a more intuitive way.
Specifically, replace the current state with a struct of 5 fields:
* The round of J-PAKE we are currently in, FIRST or SECOND
* The 'mode' we are currently working in, INPUT or OUTPUT
* The number of inputs so far this round
* The number of outputs so far this round
* The PAKE step we are expecting, KEY_SHARE, ZK_PUBLIC or ZK_PROOF
This should improve the readability of the state-transformation code.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This includes also:
- auto enabling ECP_LIGHT when MBEDTLS_PK_PARSE_EC_COMPRESSED is
defined
- replacing ECP_LIGHT guards with PK_PARSE_EC_COMPRESSED in pkparse
- disabling PK_PARSE_EC_COMPRESSED in tests with accelarated EC curves
(it get disabled also in the reference components because we want
to achieve test parity)
- remove skipped checks in analyze_outcomes.py
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
ECP_LIGHT was never set as public symbol so it should not be
enabled/disabled using the config.py script.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is a temporary fix for not excluding tests which depend on
MBEDTLS_PSA_WANT_KEY_TYPE_[RSA/ECC]_KEY_PAIR_LEGACY. This fix
can be reverted as soon as those _LEGACY symbols will be removed
from the code.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is a temporary fix for replacing
PSA_WANT_KEY_TYPE_[RSA/ECC]_KEY_PAIR
with the temporary symbols
MBEDTLS_PSA_WANT_KEY_TYPE_[RSA/ECC]_KEY_PAIR_LEGACY.
Once new PSA_WANT_KEY_TYPE_[RSA/ECC]_KEY_PAIR_yyy will be used
both in library's code and tests, then this fix will be removed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- deprecate legacy PSA_WANT_KEY_TYPE_xxx_KEY_PAIR
- introduce new PSA_WANT_KEY_TYPE_xxx_KEY_PAIR_yyy where
- xxx is either RSA, DH or ECC
- yyy can be USE, IMPORT, EXPORT, GENERATE, DERIVE
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We no longer support TLS 1.0, TLS 1.1 or CBC record splitting since 3.0,
but those where still referenced here.
While at it, group things in a more logical way in this component.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Several components needed to remove it, with the same comment every
time. It's probably just chance that other components happened to work
despite it being enabled.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Compared to the previous scheme, this avoid the problem of having to
warn about adjusting PSA_WANT in the wrong place.
Also, it allows enabling MBEDTLS_PSA_CRYPTO_CONFIG in adjust_config
rather than having to repeat it in every single component.
It also plays more nicely with components that have an associated
reference component and use a common config function. (Some of them were
already using the new order.)
Finally, "configure, build, run the tests" seems more natural than
"configure, build, configure, build, test" (and, coming back to the
initial point, it avoid questions about what to configure when).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
