The only real contraint on the raw buffer is that it is large
enough to contain 2 coordinates. Larger buffers are therefore
allowed and the extra data will simply be ignored.
Note = trying to impose a strict sizing on the raw buffer causes
several failures in test suites. This suggests that it is
quite common to use larger buffer to store raw signatures.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Allow the function to support DER buffers than what it is nominally
required by the provided coordinates. In other words let's ignore
padding zeros in the raw number.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Add discard_early_data_record in SSL context for
the record layer to know if it has to discard
some potential early data record and how.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add a client view layout (and update related initializers)
for PSA sign/verify hash interruptible operation struct and
PAKE operation struct
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Make sure the layout of psa_key_attributes_s is commented
enough so that it does not accidentally get reorganized
by mistake in the future.
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
The test code to construct test keys and the implementation had matching
errors: both assumed that there was a PSA public key object. Fix this.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the MBEDTLS_PK_OPAQUE, have mbedtls_pk_get_psa_attributes() require the
specified usage to be enabled for the specified key. Otherwise the following
call to mbedtls_pk_import_into_psa() is unlikely to result in a key with a
useful policy, so the call to mbedtls_pk_get_psa_attributes() was probably
an error.
Adjust the existing test cases accordingly and add a few negative test
cases.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Due to the scope reduction for
mbedtls_ssl_read_early_data(), on
server as early data state variable
we now only need a flag in the
handshake context indicating if
the server has accepted early data
or not.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This reverts commit 0883b8b625.
Due to the scope reduction of mbedtls_ssl_read_early_data()
it is not necessary anymore to refine the usage
of early_data_status/state rather the opposite.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Do not progress the handshake in the API, just
read early data if some has been detected by
a previous call to mbedtls_ssl_handshake(),
mbedtls_ssl_handshake_step(),
mbedtls_ssl_read() or mbedtls_ssl_write().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Introduce early_data_state SSL context field to
distinguish better this internal state from
the status values defined for the
mbedtls_ssl_get_early_data_status() API.
Distinguish also between the client and
server states. Note that the client state
are going to be documented and reworked
as part of the implementation of
mbedtls_ssl_write_early_data().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
MBEDTLS_SSL_EARLY_DATA implies
MBEDTLS_SSL_PROTO_TLS1_3 thus
MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_EARLY_DATA
is equivalent to MBEDTLS_SSL_EARLY_DATA.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Ideally this and other pk functions would work with
MBEDTLS_PSA_CRYPTO_CLIENT (i.e. whether PSA API functions are implemented
locally or via client-server communication). However, at the moment, some
helper functions are missing when MBEDTLS_PSA_CRYPTO_C is disabled, at least
mbedtls_ecc_group_to_psa(). For the time being, don't provide
mbedtls_pk_get_psa_attributes() when MBEDTLS_PSA_CRYPTO_C is disabled. We
can improve later, looking generally at a group of functions to generalize,
not mixed with delivering new APIs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
