When compiling some PSA core files of the
PSA cryptography repository, both the
Mbed TLS library and the PSA cryptography
core common.h are included and if they
define the same inline functions (same name),
the compilation fails.
Thus, inline functions prefixed by psa_crypto_
instead of mbedtls_ are defined in the
PSA cryptography core common.h header.
To ease the maintenance of the PSA cryptography
repository, introduce those symbols in Mbed TLS
as well and use them in PSA crypto core code
files instead of their Mbed TLS equivalent.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix psa_key_derivation_output_key not being able to derive ECC keys
without MBEDTLS_BUILTIN ECC key types enabled.
The PSA crypto drivers can generate these keys without requiring the
builtin key types.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This will be used in the next commit.
While at it, move driver initialization before RNG init - this will be
handy when the entropy module wants to use drivers for hashes.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This is only partial support. Only 'client' and 'server' values are accepted for peer and user.
Remove support for role.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Move the global variable to the PSA layer, and just set that when calling PSA
level functions.
Move the internal ecp set to before each ecp call.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Change name and document to ensure suitability only for "tags" is explicit. Add
support for output size of zero in PSA_SUCCESS case.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Also in the core part change stage to computation after return from psa_driver_wrapper_pake_setup() regardless of the result. At this point driver context is active even if init has failed.
Additionally handle deallocation of password on failure in mbedtls_psa_pake_setup(). The plan was to handle deallocation on core level by calling abort on failure.
Unfortunately in this case when mbedtls_psa_pake_setup() fails with an unsupported result the built-in implementation is executed (if available) and it will reallocate the password leading to the memory leak.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Adapt pake test (passing NULL buffers is not allowed).
Passing the null buffer to psa_pake_output results in a hard fault.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
In the future key attributes will be available for opaque driver via psa_crypto_driver_pake_get_password_key().
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
