psa_raw_key_agreement() returned PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_BUFFER_TOO_SMALL when the output buffer was too small for ECDH,
the only algorithm that is currently implemented. Make it return the correct
error code.
The reason for the wrong error code is that ecdh.c returns
MBEDTLS_ERR_ECP_BAD_INPUT_DATA, presumably for similarith with dhm.c. It
might make sense to change ecdh.c to use MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL,
but dhm.c doesn't have an existing BUFFER_TOO_SMALL error. To minimize the
impact of the fix, handle this in the PSA layer.
Fixes#5735.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Remaining hits seem to be hex data, certificates,
and other miscellaneous exceptions.
List generated by running codespell -w -L
keypair,Keypair,KeyPair,keyPair,ciph,nd
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct
but the following derivations output data is incorrect.
This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key()
since commit 03faf5d2c1.
Fixes: 03faf5d2c1 ("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage")
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
It doesn't make sense for psa_mac_verify() to return
PSA_ERROR_BUFFER_TOO_SMALL since it doesn't have an output buffer. But this
was happening when requesting the verification of an unsupported algorithm
whose output size is larger than the maximum supported MAC size, e.g.
HMAC-SHA-512 when building with only SHA-256 support. Arrange to return
PSA_ERROR_NOT_SUPPORTED instead.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Otherwise the systematically generated algorithm-not-supported tests
complain when they try to start an operation and succeed.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use conditional compilation flags for building ECC key derivation code consistent with flags used for mbedtls_ecc_group_of_psa().
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
Perform the following optimizations:
- fix used flags for conditional compilation
- remove redundant N variable
- move loop used to generate valid k value to helper function
- fix initial value of status
- fix comments
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
The following error was reported by CI for win32/release builds:
37>Done Building Project "C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\gen_entropy.vcxproj.metaproj" (Rebuild target(s)).
67>c:\builds\workspace\mbed-tls-pr-head_pr-5139-head\worktrees\tmp_nn5muy8\library\psa_crypto.c(4840): fatal error C1001: An internal error has occurred in the compiler. [C:\builds\workspace\mbed-tls-pr-head_PR-5139-head\worktrees\tmp_nn5muy8\visualc\VS2010\key_ladder_demo.vcxproj]
(compiler file 'f:\dd\vctools\compiler\utc\src\p2\main.c', line 228)
To work around this problem, try simplifying or changing the program near the locations listed above.
Please choose the Technical Support command on the Visual C++
Help menu, or open the Technical Support help file for more information
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
