Needs to be adapted for the clang -Wall -Wextra.
Requirea to explicitly initialize all the members of the struct that is the first member in the union.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key().
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Workaround for CI error:
Parsing source code...
Compiling...
=============
All symbols in header: PASS
Naming patterns of public_macros: PASS
Naming patterns of internal_macros: PASS
Naming patterns of enum_consts: FAIL
> include/psa/crypto_extra.h:1857: 'return' does not match the required
pattern '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$'.
|
1857 | return cipher_suite->algorithm;
| ^^^^^^
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
- Add `alg` and `computation_stage` to `psa_pake_operation_s`.
Now when logic is moved to core information about `alg` is required.
`computation_stage` is a structure that provides a union of computation stages for pake algorithms.
- Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms.
- Removed test that seems to be redundant as we can't be sure that operation is aborted after failure.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
If an error occurs, calling any function on the same operation should return
PSA_ERROR_BAD_STATE, and we were not honouring that for all errors. Add extra
failure tests to try and ratify this.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
For sign and verify, the pointer passed in to the hash is not guaranteed to
remain valid inbetween calls, thus we need to store the hash in the
operation. Added a test to ensure this is the case.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Make it clear that these functions reset the number of ops, and remove
statements that say they have no effect.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Also make previous changes apply to both interruptible sign hash operation
structures rather than just the one as it was.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Move to accumulate ops in context rather than attempting to read straight out
of structures due to structure ops getting reset per operation, and also
issues with _abort clearing internal data. Fix usage of size_t in structures
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Make public the versions of ECSDA sign and verify which return raw signatures
rather than returning ASN.1 encoded signatures, in order to use them for the
internal implemention of psa_sign/verify_hash_interruptible.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
A CMS signature can have internal data, but mbedTLS does not support
verifying such signatures. Reject them during parsing.
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>