Gilles Peskine
b4362d2cc7
Merge pull request #8523 from tom-daubney-arm/modify_check_generated_files_script
...
Modify check generated files script to work with TF PSA Crypto too
2023-12-11 21:15:00 +00:00
Gilles Peskine
a211bb7f01
Merge pull request #8596 from xkqian/tls13_early_data_input_file
...
Change early data flag to input file
2023-12-11 21:14:57 +00:00
Joakim Andersson
c5b7285da9
library: Remove unused psa_crypto_core.h include
...
Remove unused psa_crypto_core.h include.
The PSA util file provides helper functions when using the PSA API.
It should not rely on PSA internal headers, and instead only use
public headers.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2023-12-11 21:25:44 +01:00
Xiaokang Qian
a9581d2d5f
Fix CI failure of uninitialized fp
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-11 01:50:34 +00:00
Tom Cosgrove
656d4b3c74
Avoid use of ip_len
as it clashes with a macro in AIX system headers
...
Fixes #8624
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-12-08 21:51:15 +00:00
David Horstmann
e04a97a1eb
Move MPI initialization to start of function
...
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-08 18:34:15 +00:00
Paul Elliott
0f60c673f0
Merge pull request #8619 from davidhorstmann-arm/fix-selftest-doublefree
...
Fix potential double-free in calloc selftest
2023-12-08 12:23:13 +00:00
Xiaokang Qian
aedfc0932b
Revert to ae952174a7
and addressing some comments
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-08 10:43:24 +00:00
Thomas Daubney
f05b768457
Use existing variable containing full path
...
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-12-08 09:47:48 +00:00
Pengyu Lv
f75893bb36
Update comments
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:40:00 +08:00
Pengyu Lv
d90fbf7769
Adjuest checks in generate_key_rsa suite
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:33 +08:00
Pengyu Lv
e9efbc2aa5
Error out when get domain_parameters is not supported
...
From time being, domain_parameters could not be extracted
from driver. We need to return error to indicate this
situation. This is temporary and would be fixed after #6494 .
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:26 +08:00
David Horstmann
64cd2f21ed
Fix potential double-free in calloc selftest
...
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-07 14:26:44 +00:00
Ryan Everett
177a45f556
Small clarifications in documentation
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44
Update cipher light -> block cipher definition
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442
Move psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8
Add graph
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4
Update psa-thread-safety.md
...
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16
Fix a typo
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:05:07 +01:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst
...
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8
Remove test_psa_crypto_config_accel_rsa_signature
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542
Fix various issue
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2
Remove the duplicate cases and add early_data_file option
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 09:22:38 +00:00
Xiaokang Qian
963468035d
Add the test framework of early data
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 09:19:43 +00:00
Xiaokang Qian
daddfb520d
Open the file once read in the file path
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 08:14:30 +00:00
Xiaokang Qian
864c62a906
Add one test case with early_data_file
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 06:11:38 +00:00
Xiaokang Qian
35c026c09e
Read early data file
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 06:10:34 +00:00
Xiaokang Qian
dd8a7f8acf
Revert the early data test case
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:58:05 +00:00
Xiaokang Qian
2a8035b495
Add read early data code
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:54:40 +00:00
Xiaokang Qian
57db590586
Rework to revert the early_data enabled flag
...
We have two options for early data.
early_data to indicate early data enable or not.
early_data_file to provide path file to read early data from
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:29:22 +00:00
Pengyu Lv
3cd16c47bd
Add analyze_driver_vs_reference_rsa for analyze_outcomes
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:24:29 +08:00
Pengyu Lv
9e976f3649
Conditionally check the attribute of generated RSA key
...
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
f1cacad870
Correctly use asymmetric encrypt/decrypt driver
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
e705f572f9
Add components to test crypto_full w/wo accelerated RSA
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:03 +08:00
Gilles Peskine
f3ccfddb45
Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow
...
Fix possible integer overflows
2023-12-07 00:42:10 +00:00
Dave Rodgman
779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies
...
Do not run Valgrind tests in PR jobs
2023-12-06 19:18:24 +00:00
Gilles Peskine
42d78c73b7
Merge pull request #8550 from gabor-mezei-arm/tf_psa_crypto_change_log_support
...
Modify changelog assembly to work with tf-psa-crypto
2023-12-06 18:25:49 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441
...
[G4] Make CTR-DRBG fall back on PSA when AES not built in
2023-12-06 18:25:44 +00:00
David Horstmann
4749007f64
Fix possible integer overflows before widening
...
When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-06 17:22:53 +00:00
Valerio Setti
202bb71dcd
ssl_tls12_server: do not export/import opaque keys
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 17:05:24 +01:00
Bence Szépkúti
0354d04d3c
Do not run Valgrind tests in PR jobs
...
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-06 16:14:37 +01:00
Valerio Setti
acd7bafcbb
driver-only-build: update AEADs section
...
Note: this section shouldn't actually be updated in #8357 , but
rather in #8358 which is the wrapup related to cipher and AEADs
accelaration. As a consequence we start the AEAD section with
a disclaimer explaining that the information written there will
be updated soon by a follow up PR.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 15:17:12 +01:00
Manuel Pégourié-Gonnard
d9c69d12ac
Merge pull request #8513 from mschulz-at-hilscher/feature/explicitly-accessing-private-fields-in-benchmark
...
Explicitly accessing private fields in benchmark
2023-12-06 11:06:32 +00:00
Manuel Pégourié-Gonnard
ad4f0ada37
Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg
...
Fix uninitialized variable warnings in ssl_msg.c
2023-12-06 11:06:03 +00:00
Valerio Setti
1e3fcc5692
config-tfm: fix typo in comment
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:56:08 +01:00
Valerio Setti
69402fd6a2
changelog: fix typos and working
...
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:32:10 +01:00
Xiaokang Qian
ae952174a7
Enable early data depend on whether the early data file exist
...
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-06 10:27:27 +00:00
Valerio Setti
2bd53667d6
pk: guard key enrollment function with PSA_CRYPTO_CLIENT
...
Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT
is enabled, i.e. when the Mbed TLS implementation of PSA Crypto
is being used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:24:50 +01:00
Jerry Yu
750e06743f
remove misbehavior tests and code
...
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:22:15 +08:00
Jerry Yu
95648b0134
Some minor improvement
...
- move early data check to `prepare`
- avoid `((void) output_len)
- replace check with `session_ticket_allow` in 2nd place
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:21:16 +08:00