Commit graph

28775 commits

Author SHA1 Message Date
Gilles Peskine
b4362d2cc7
Merge pull request #8523 from tom-daubney-arm/modify_check_generated_files_script
Modify check generated files script to work with TF PSA Crypto too
2023-12-11 21:15:00 +00:00
Gilles Peskine
a211bb7f01
Merge pull request #8596 from xkqian/tls13_early_data_input_file
Change early data flag to input file
2023-12-11 21:14:57 +00:00
Joakim Andersson
c5b7285da9 library: Remove unused psa_crypto_core.h include
Remove unused psa_crypto_core.h include.
The PSA util file provides helper functions when using the PSA API.
It should not rely on PSA internal headers, and instead only use
public headers.

Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2023-12-11 21:25:44 +01:00
Xiaokang Qian
a9581d2d5f Fix CI failure of uninitialized fp
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-11 01:50:34 +00:00
Tom Cosgrove
656d4b3c74 Avoid use of ip_len as it clashes with a macro in AIX system headers
Fixes #8624

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2023-12-08 21:51:15 +00:00
David Horstmann
e04a97a1eb Move MPI initialization to start of function
This prevents a call to mbedtls_mpi_free() on uninitialized data when
USE_PSA_INIT() fails.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-08 18:34:15 +00:00
Paul Elliott
0f60c673f0
Merge pull request #8619 from davidhorstmann-arm/fix-selftest-doublefree
Fix potential double-free in calloc selftest
2023-12-08 12:23:13 +00:00
Xiaokang Qian
aedfc0932b Revert to ae952174a7 and addressing some comments
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-08 10:43:24 +00:00
Thomas Daubney
f05b768457 Use existing variable containing full path
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2023-12-08 09:47:48 +00:00
Pengyu Lv
f75893bb36 Update comments
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:40:00 +08:00
Pengyu Lv
d90fbf7769 Adjuest checks in generate_key_rsa suite
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:33 +08:00
Pengyu Lv
e9efbc2aa5 Error out when get domain_parameters is not supported
From time being, domain_parameters could not be extracted
from driver. We need to return error to indicate this
situation. This is temporary and would be fixed after #6494.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-08 17:30:26 +08:00
David Horstmann
64cd2f21ed Fix potential double-free in calloc selftest
Where calloc returns two references to the same buffer, avoid calling
free() on both references by setting one to NULL.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-07 14:26:44 +00:00
Ryan Everett
177a45f556 Small clarifications in documentation
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:24:30 +00:00
Manuel Pégourié-Gonnard
b8c4254f44 Update cipher light -> block cipher definition
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:12:39 +01:00
Ryan Everett
204c852442 Move psa-thread-safety.md
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Ryan Everett
1e9733c6a8 Add graph
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Ryan Everett
9f06681cb4 Update psa-thread-safety.md
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2023-12-07 11:05:37 +00:00
Manuel Pégourié-Gonnard
303121eb16 Fix a typo
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-12-07 12:05:07 +01:00
Ronald Cron
90d07118ad
Merge pull request #6721 from yuhaoth/pr/tls13-early-data-extension-of-nst
TLS 1.3: EarlyData SRV: Write `early_data` extension of NewSessionTicket
2023-12-07 09:25:35 +00:00
Pengyu Lv
abeca020d8 Remove test_psa_crypto_config_accel_rsa_signature
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:25:15 +08:00
Pengyu Lv
98a90c6542 Fix various issue
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 17:23:25 +08:00
Xiaokang Qian
dce183f2e2 Remove the duplicate cases and add early_data_file option
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 09:22:38 +00:00
Xiaokang Qian
963468035d Add the test framework of early data
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 09:19:43 +00:00
Xiaokang Qian
daddfb520d Open the file once read in the file path
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 08:14:30 +00:00
Xiaokang Qian
864c62a906 Add one test case with early_data_file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 06:11:38 +00:00
Xiaokang Qian
35c026c09e Read early data file
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 06:10:34 +00:00
Xiaokang Qian
dd8a7f8acf Revert the early data test case
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:58:05 +00:00
Xiaokang Qian
2a8035b495 Add read early data code
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:54:40 +00:00
Xiaokang Qian
57db590586 Rework to revert the early_data enabled flag
We have two options for early data.
early_data to indicate early data enable or not.
early_data_file to provide path file to read early data from

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-07 03:29:22 +00:00
Pengyu Lv
3cd16c47bd Add analyze_driver_vs_reference_rsa for analyze_outcomes
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:24:29 +08:00
Pengyu Lv
9e976f3649 Conditionally check the attribute of generated RSA key
`psa_get_key_attributes` depends on some built-in
implementation of RSA. Guard the check with coresponding
macros.

Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
f1cacad870 Correctly use asymmetric encrypt/decrypt driver
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:35 +08:00
Pengyu Lv
e705f572f9 Add components to test crypto_full w/wo accelerated RSA
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
2023-12-07 10:22:03 +08:00
Gilles Peskine
f3ccfddb45
Merge pull request #8615 from davidhorstmann-arm/fix-cast-potential-overflow
Fix possible integer overflows
2023-12-07 00:42:10 +00:00
Dave Rodgman
779819a4dd
Merge pull request #8613 from bensze01/valgrind-only-in-nightlies
Do not run Valgrind tests in PR jobs
2023-12-06 19:18:24 +00:00
Gilles Peskine
42d78c73b7
Merge pull request #8550 from gabor-mezei-arm/tf_psa_crypto_change_log_support
Modify changelog assembly to work with tf-psa-crypto
2023-12-06 18:25:49 +00:00
Gilles Peskine
57e401b39f
Merge pull request #8521 from valeriosetti/issue8441
[G4] Make CTR-DRBG fall back on PSA when AES not built in
2023-12-06 18:25:44 +00:00
David Horstmann
4749007f64 Fix possible integer overflows before widening
When calculating a result to go into an mbedtls_ms_time_t, make sure
that arithmetic is performed at the final size to prevent overflow.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
2023-12-06 17:22:53 +00:00
Valerio Setti
202bb71dcd ssl_tls12_server: do not export/import opaque keys
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 17:05:24 +01:00
Bence Szépkúti
0354d04d3c Do not run Valgrind tests in PR jobs
Co-authored-by: Dave Rodgman <dave.rodgman@arm.com>
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
2023-12-06 16:14:37 +01:00
Valerio Setti
acd7bafcbb driver-only-build: update AEADs section
Note: this section shouldn't actually be updated in #8357, but
rather in #8358 which is the wrapup related to cipher and AEADs
accelaration. As a consequence we start the AEAD section with
a disclaimer explaining that the information written there will
be updated soon by a follow up PR.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 15:17:12 +01:00
Manuel Pégourié-Gonnard
d9c69d12ac
Merge pull request #8513 from mschulz-at-hilscher/feature/explicitly-accessing-private-fields-in-benchmark
Explicitly accessing private fields in benchmark
2023-12-06 11:06:32 +00:00
Manuel Pégourié-Gonnard
ad4f0ada37
Merge pull request #8514 from mschulz-at-hilscher/fixes/uninitialized-variable-in-ssl_msg
Fix uninitialized variable warnings in ssl_msg.c
2023-12-06 11:06:03 +00:00
Valerio Setti
1e3fcc5692 config-tfm: fix typo in comment
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:56:08 +01:00
Valerio Setti
69402fd6a2 changelog: fix typos and working
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:32:10 +01:00
Xiaokang Qian
ae952174a7 Enable early data depend on whether the early data file exist
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
2023-12-06 10:27:27 +00:00
Valerio Setti
2bd53667d6 pk: guard key enrollment function with PSA_CRYPTO_CLIENT
Use key enrollment function only when MBEDTLS_PSA_CRYPTO_CLIENT
is enabled, i.e. when the Mbed TLS implementation of PSA Crypto
is being used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-06 11:24:50 +01:00
Jerry Yu
750e06743f remove misbehavior tests and code
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:22:15 +08:00
Jerry Yu
95648b0134 Some minor improvement
- move early data check to `prepare`
- avoid `((void) output_len)
- replace check with `session_ticket_allow`  in 2nd place

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2023-12-06 18:21:16 +08:00