Paul Elliott
42d5e51a98
Make test function name more accurate
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 19:41:28 +00:00
Paul Elliott
27b0d94e25
Use mbedtls_ssl_is_handshake_over()
...
Switch over to using the new function both internally and in tests.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-24 14:43:52 +00:00
Jerry Yu
72d81e56b6
Add cert_sig_algs into offered list
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-24 22:13:57 +08:00
Jerry Yu
7de79850c9
Add cert_sig_algs for compat generate script
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-24 20:09:00 +08:00
Tom Cosgrove
226aca195f
Fix running of all.sh on macOS
...
Was getting 'dd: unknown operand status'
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-03-23 21:40:56 +00:00
Tom Cosgrove
87fbfb5d82
SECLIB-667: Accelerate SHA-512 with A64 crypto extensions
...
Provide an additional pair of #defines, MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT
and MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY. At most one of them may be
specified. If used, it is necessary to compile with -march=armv8.2-a+sha3.
The MBEDTLS_SHA512_PROCESS_ALT and MBEDTLS_SHA512_ALT mechanisms
continue to work, and are mutually exclusive with SHA512_USE_A64_CRYPTO.
There should be minimal code size impact if no A64_CRYPTO option is set.
The SHA-512 implementation was originally written by Simon Tatham for PuTTY,
under the MIT licence; dual-licensed as Apache 2 with his kind permission.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-03-23 21:40:53 +00:00
Jerry Yu
f8aa9a44aa
fix various issues
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-23 20:54:38 +08:00
Jerry Yu
5fb7d176f3
Replace rsakey to 2048bits for test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-23 11:16:53 +08:00
Jerry Yu
cef3f33012
Guard rsa sig algs with rsa_c and pkcs1_v{15,21}
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 23:16:42 +08:00
Jerry Yu
701656fb29
fix redefine error
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 21:52:05 +08:00
Jerry Yu
e2c882518c
Add pk_sign_ext unit tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 21:24:19 +08:00
Jerry Yu
5512ad9df8
fix genkey fail
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
92339d25b4
Add more unit test for pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
b3bfe9f5d2
Add verify for pk_sign_ext test
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:14:53 +08:00
Jerry Yu
5a0afc8a12
fix test fail for pk_sign_ext
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
20f9f819bb
Remove use_psa_crypto in test scripts
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:35 +08:00
Jerry Yu
1f45b67474
Add unit tests
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
79c004148d
Add PSA && TLS1_3 check_config
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
3a58b462b6
add pss_rsae_sha{384,512}
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:34 +08:00
Jerry Yu
919130c035
Add rsa_pss_rsae_sha256 support
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-03-22 15:13:33 +08:00
Gabor Mezei
1e64f7a643
Use MBEDTLS_USE_PSA_CRYPTO macro guard for testing instead of MBEDTLS_PSA_CRYPTO_C
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Gabor Mezei
892c4aa295
Update hkdf test cases to handle PSA code
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-21 17:00:54 +01:00
Paul Elliott
21bbb7a888
Add simple test to ensure accessor is working
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:28:05 +00:00
Paul Elliott
b9af2db4cf
Add accessor for timing final delay
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2022-03-21 15:26:19 +00:00
Manuel Pégourié-Gonnard
f4042f076b
Merge pull request #5573 from superna9999/5176-5177-5178-5179-tsl-record-hmac
...
TLS record HMAC
2022-03-21 11:36:44 +01:00
Manuel Pégourié-Gonnard
706f6bae27
Merge pull request #5518 from superna9999/5274-ecdsa-signing
...
PK: ECDSA signing
2022-03-21 09:57:57 +01:00
Manuel Pégourié-Gonnard
472044f21e
Merge pull request #5525 from superna9999/5161-pk-rsa-encryption
...
PK: RSA encryption
2022-03-21 09:57:38 +01:00
Przemek Stekiel
a677b5f6c7
Fix minor issues
...
- parameter name in function description
- test_suite_ecp.data: add new line at the end of file
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-21 09:49:40 +01:00
Neil Armstrong
c23d2e3ef1
Wrap unused declaration in #if/#endif when USE_PSA is set in x509_csr_check()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 15:31:59 +01:00
Przemek Stekiel
4b30feb32e
Add test for ECP export
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-18 13:58:26 +01:00
Neil Armstrong
0ab7a232b5
Add non-PSA and PSA variant of test_XXXX_constant_flow all.sh tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Neil Armstrong
8f92bf3a26
Only make PSA HMAC key exportable when NULL or CBC & not EtM in build_transforms()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-18 11:10:09 +01:00
Manuel Pégourié-Gonnard
8d4bc5eeb9
Merge pull request #5481 from gabor-mezei-arm/5401_implement_hkdf_extract_based_on_psa_hmac
...
HKDF 1a: Implement Extract in TLS 1.3 based on PSA HMAC
2022-03-17 11:55:48 +01:00
Manuel Pégourié-Gonnard
15c0e39fff
Merge pull request #5519 from superna9999/5150-pk-rsa-decryption
...
PK: RSA decryption
2022-03-17 11:02:13 +01:00
Manuel Pégourié-Gonnard
7c92fe966a
Merge pull request #5614 from gabor-mezei-arm/5203_tls_cipher_tickets_use_psa_for_protection
...
TLS Cipher 2a: tickets: use PSA for protection
2022-03-17 09:50:09 +01:00
Gabor Mezei
88f3b2e502
Update old style test function parameter handling
...
Use data_t type for hex string parameters.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-16 16:53:23 +01:00
Dave Rodgman
2cecd8aaad
Merge pull request #3624 from daxtens/timeless
...
RFC: Fix builds with MBEDTLS_HAVE_TIME disabled and test
2022-03-15 16:43:19 +00:00
Dave Rodgman
868d38f50f
Merge pull request #5547 from tom-cosgrove-arm/seclib-667-sha256-acceleration-mbedtls-internal
...
SECLIB-667: Accelerate SHA-256 with A64 crypto extensions
2022-03-14 12:57:37 +00:00
Manuel Pégourié-Gonnard
c11bffe989
Merge pull request #5139 from mprse/key_der_ecc
...
PSA: implement key derivation for ECC keys
2022-03-14 09:17:13 +01:00
Gilles Peskine
afb482897b
Merge pull request #5292 from mprse/asym_encrypt
...
Driver dispatch for PSA asymmetric encryption + RSA tests
2022-03-10 20:07:38 +01:00
Gabor Mezei
49c8eb3a5a
Enable chachcapoly cipher for SSL tickets
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-10 17:09:59 +01:00
Gabor Mezei
2fa1c311cd
Remove test dependency
...
The SSL ticket rotation test case is enabled when PSA is used.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2022-03-10 17:09:59 +01:00
Manuel Pégourié-Gonnard
10e5cdbbbf
Merge pull request #5454 from gstrauss/cert_cb-user_data
...
server certificate selection callback
2022-03-10 11:51:42 +01:00
Dave Rodgman
73e91e13a6
Merge pull request #2229 from RonEld/fix_test_md_api_violation
...
Fix test md api violation
2022-03-10 09:21:47 +00:00
Paul Elliott
17f452aec4
Merge pull request #5448 from lhuang04/tls13_alpn
...
Port ALPN support for tls13 client from tls13-prototype
2022-03-08 17:53:38 +00:00
Przemek Stekiel
c85f0912c4
psa_crypto.c, test_suite_psa_crypto.function: fix style
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-08 11:37:54 +01:00
Przemek Stekiel
f8614a0ec2
asymmetric_encryption.h: trim trailing spaces
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-08 10:48:35 +01:00
Przemek Stekiel
b6bdebde5e
asymmetric_encrypt: handle forced output
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-08 10:32:18 +01:00
Przemek Stekiel
d5e5c8b58d
asymmetric_encrypt: add remining test driver cases
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-08 10:31:07 +01:00
Gilles Peskine
c9c967c812
Fix RSA sanity checks for asymmetric_encrypt
...
* Remove expected_output_data: since asymmetric encryption is randomized,
it can't be useful.
* The decryption check needs the private exponent, not the public exponent.
* Use PSA macro for the expected ciphertext buffer size.
* Move RSA sanity checks to their own function for clarity.
* For RSAES-PKCS1-v1_5, check that the result of the private key operation
has the form 0x00 0x02 ... 0x00 M where M is the plaintext.
* For OAEP, check that the result of the private key operation starts with
0x00. The rest is the result of masking which it would be possible to
check here, but not worth the trouble of implementing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-03-07 21:18:37 +01:00
Gilles Peskine
44311f5c98
Merge pull request #5571 from superna9999/5162-pk-rsa-signing
...
PK: RSA signing
2022-03-07 17:09:14 +01:00
Gilles Peskine
6bf5c8cb1d
Merge pull request #5506 from superna9999/4964-extend-psa-one-shot-multipart
...
Extend PSA operation setup tests to always cover both one-shot and multipart
2022-03-07 17:04:37 +01:00
Gilles Peskine
fdfc10b250
Merge pull request #4408 from gilles-peskine-arm/storage-format-check-mononicity
...
Check storage format tests for regressions
2022-03-07 17:02:34 +01:00
Przemek Stekiel
72373f3819
WIP: Add asymmetric_encrypt test case
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-07 16:48:18 +01:00
Przemek Stekiel
7a58208809
Change names rsa->asymmetric_encryption
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-07 10:49:04 +01:00
Neil Armstrong
fd4c259a7b
Use PSA_INIT() in mac_multipart_internal_func()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-07 10:11:11 +01:00
Ron Eldor
0df1ecd5fd
Fix test_suite_md API violation
...
Add a call to `mbedtls_md_starts()` in the `mbedtls_md_process()`
test, as it violates the API usage. Fixes #2227 .
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-03-04 16:48:17 +00:00
Przemek Stekiel
f25b16cadd
test_psa_compliance: update tag to fix-pr-5139-3
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-04 14:25:09 +01:00
Andrzej Kurek
469fa95cbc
Add the timing test dependency on MBEDTLS_HAVE_TIME
...
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
2022-03-04 05:07:45 -05:00
David Horstmann
61faf665e6
Use $PWD instead of $(pwd) for consistency
...
Change the new baremetal all.sh tests to use $PWD rather than
calling pwd again directly.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2022-03-04 05:07:45 -05:00
Daniel Axtens
814c8133c8
tests: add baremetal full config build
...
To be able to test utility programs for an absence of time.h, we need a
baremetal config that is not crypto only. Add one.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Daniel Axtens
446af202f6
tests: prevent inclusion of time.h in baremetal compiles
...
baremetal compiles should not include time.h, as MBEDTLS_HAVE_TIME is
undefined. To test this, provide an overriding include directory that
has a time.h which throws a meaningful error if included.
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Daniel Axtens
09e34b78ee
Add header guard around malloc(0) returning NULL implementation
...
Make it safe to import the config multiple times without having
multiple definition errors.
(This prevents errors in the fuzzers in a later patch.)
Signed-off-by: Daniel Axtens <dja@axtens.net>
2022-03-04 05:07:45 -05:00
Neil Armstrong
502da11df1
Initialize PSA crypto in test_suite_pk pk_rsa_decrypt_test_vec() when USE_PSA_CRYPTO is enabled
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:52:47 +01:00
Neil Armstrong
5b32038ff0
Alternative CSR checks in x509_csr_check when USE_PSA_CRYPTO
...
The X509write x509_csr_check reference file depends on
mbedtls_test_rnd_pseudo_rand being used to match the pre-generated data.
This calls x509_crt_verifycsr() like in x509_csr_check_opaque() when
MBEDTLS_USE_PSA_CRYPTO is defined.
Notably using PSA_ALG_DETERMINISTIC_ECDSA() in ecdsa_sign_wrap() makes
this test run without these changes.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:44:06 +01:00
Neil Armstrong
5f8328b2f6
Initialize PSA crypto in test_suite_x509write for RSA signing tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:39:39 +01:00
Neil Armstrong
c921bfdf30
Fix 80 characters indentation in pk_rsa_encrypt_decrypt_test()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
7f1055223d
Remove pk_rsa_encrypt_test_vec() test in favor to pk_rsa_encrypt_decrypt_test()
...
Not checking the encrypt result with PSA makes the test useless.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
dac2f23a82
Stop checking against reference vector in pk_rsa_encrypt_test_vec when USE_PSA_CRYPTO
...
The pk_rsa_encrypt_test_vec() reference vector is calculated while using
mbedtls_test_rnd_pseudo_rand rng source, but since the RNG souce can't
be controlled when USE_PSA_CRYPTO is enabled we can't get the same
result.
The pk_rsa_encrypt_test_vec() fails when switching to mbedtls_test_rnd_std_rand
as rng source.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
e0df42cbb7
Introduce pk_rsa_encrypt_decrypt_test
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
445d2192d5
Initialize PSA crypto in test_suite_pk pk_rsa_encrypt_test_vec() & pk_rsa_alt() when USE_PSA_CRYPTO is enabled
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:33:39 +01:00
Neil Armstrong
fe6da1c35c
Fix style issues in mac_sign_verify_multi()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-03-03 16:29:14 +01:00
Gilles Peskine
052deb941f
Merge pull request #5554 from tom-daubney-arm/fix_uninitialised_buffers_in_tests
...
Fix uninitialised buffers in tests - Coverity issue
2022-03-03 13:30:58 +01:00
Gilles Peskine
d929dbbb25
Merge pull request #5368 from mfil/feature/additional_md_getters
...
Add function to get message digest info from context
2022-03-02 16:44:26 +01:00
Przemek Stekiel
38df86cc6c
Simplyfy asymmetric_decrypt() test function
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-02 09:11:04 +01:00
Gilles Peskine
a9b4c436ee
Merge pull request #5588 from gilles-peskine-arm/mypy-on-jenkins
...
Make mypy unconditional
2022-03-01 20:48:42 +01:00
Gilles Peskine
92e08fba4c
Merge pull request #5475 from miudr/fix_issue_5140
...
Fix AEAD multipart incorrect offset in test_suite_psa_crypto.function
2022-03-01 20:45:54 +01:00
Dave Rodgman
2cf0d4f072
Merge pull request #5584 from gilles-peskine-arm/cmake-Wunused-function
...
Build tests with -Wunused-function with cmake
2022-03-01 19:17:16 +00:00
Przemek Stekiel
4400be408b
Adapt test cases for invalid bits with and without ECC keys enabled
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 17:02:46 +01:00
Przemek Stekiel
dcab6ccb3b
Return PSA_ERROR_INVALID_ARGUMENT for a public key, and PSA_ERROR_NOT_SUPPORTED for a type that is not handled.
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2022-03-01 14:29:49 +01:00
Neil Armstrong
4766f99fe5
Add multi-part mac sign/verify test
...
The test is based on the AEAD multi-part test, re-using the
design on aead_multipart_internal_func() to test differnet
sequence of psa_mac_update() for MAC update or verify.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-28 18:37:30 +01:00
Gilles Peskine
254efe5f0c
Make mypy unconditional
...
Running mypy was optional for a transition period when it wasn't installed
on the CI. Now that it is, make it mandatory, to avoid silently skipping an
expected check if mypy doesn't work for some reason.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-28 16:06:36 +01:00
Neil Armstrong
60234f87a6
Revert "Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences"
...
This reverts commit 3ccd08b343
.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-28 15:21:38 +01:00
Gilles Peskine
9c656ec718
Fix unused function warning
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-26 19:56:12 +01:00
Gilles Peskine
d5438a5678
Enable -Wunused-function in cmake builds for tests
...
This has been the case when building with make since
d3d8a64dfa
. Be consistent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-26 19:54:41 +01:00
Glenn Strauss
6989407261
Add accessor to retrieve SNI during handshake
...
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-02-25 19:55:53 -05:00
Glenn Strauss
36872dbd0b
Provide means to reset handshake cert list
...
Extend mbedtls_ssl_set_hs_own_cert() to reset handshake cert list
if cert provided is null. Previously, mbedtls_ssl_set_hs_own_cert()
only provided a way to append to the handshake certificate list,
without providing a way to replace the handshake certificate list.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
2022-02-25 19:55:48 -05:00
Neil Armstrong
3ccd08b343
Introduce new mac_key_policy_multi() variant of mac_key_policy() testing multiple updates occurences
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 16:15:08 +01:00
Neil Armstrong
ee9686b446
Fix style issue in hash_setup()
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:47:34 +01:00
Neil Armstrong
e858996413
Use PSA version of mbedtls_ct_hmac() in mbedtls_ssl_decrypt_buf()
...
Due to mbedtls_ct_hmac() implementation the decryption MAC key
must be exportable.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:17:50 +01:00
Neil Armstrong
2968d306e4
Implement mbedtls_ct_hmac() using PSA hash API
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:50 +01:00
Neil Armstrong
cf8841a076
Remove non-PSA MAC keys in mbedtls_ssl_transform when MBEDTLS_USE_PSA_CRYPTO is defined
...
Also remove last usage of non-PSA MAC keys in ssl_decrypt_non_etm_cbc() SSL test.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
4f091290bd
Remove Obsolete SSLs tests with truncated MAC tags & NULL/CBC cipher
...
These tests are related to an obsolete feature removed from the library.
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
f4cc062935
Setup MAC PSA keys in build_transforms() to pass ssl_crypt_record() with PSA crypto
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Neil Armstrong
46a1760922
Allow USE_PSA_CRYPTO for handshake TLS tests
...
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
2022-02-25 15:16:49 +01:00
Jerry Yu
2ff6ba1df0
Remove rsa_pss_rsae_sha256 support.
...
Sign rsa is not thread safe. Remove it from current code.
And a thread-safe version should be re-introduce in future.
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-02-23 10:38:25 +08:00
Gilles Peskine
9216536415
Add storage format checks to the interface checker
...
Expand abi_check.py to look for backward incompatibilities not only in
the interface exposed to application code (and to some extent driver
code), but also to the interface exposed via the storage format, which
is relevant when upgrading Mbed TLS on a device with a PSA keystore.
Strictly speaking, the storage format checks look for regressions in
the automatically generated storage format test data. Incompatible
changes that are not covered by the generated tests will also not be
covered by the interface checker.
A known defect in this commit is that the --brief output is not brief
for storage format checks.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-02-22 14:54:03 +01:00
Przemyslaw Stekiel
aeaa4f0651
Code optimization
...
- fix codding style
- fix comments and descriptions
- add helper function for montgomery curve
- move N-2 calculation outside the loop
- fix access to <data> bytes: *data[x] -> (*data)[x]
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
f6c2c87492
Fix ECC derivation tests
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:27 +01:00
Przemyslaw Stekiel
7b6e61a132
Add test vectors for ECC key excercise
...
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
2022-02-22 13:35:26 +01:00