dde6a910bb
Optimize out psa_pake_computation_stage_t
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
ca8d2b2589
Add get-data functions for inputs + tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
7b730175b3
Simplify psa_pake_computation_stage_s structure
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:32 +01:00
b09c487546
Combine core pake computation stage(step,sequence,state) into single driver step
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
9a5b812aa8
Cleanup the code
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
fcd70e250f
Adapt pake driver wrapper tests for the new design
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
e12ed36a6c
Move JPAKE state machine logic from driver to core
...
- Add `alg` and `computation_stage` to `psa_pake_operation_s`.
Now when logic is moved to core information about `alg` is required.
`computation_stage` is a structure that provides a union of computation stages for pake algorithms.
- Move the jpake operation logic from driver to core. This requires changing driver entry points for `psa_pake_output`/`psa_pake_input` functions and adding a `computation_stage` parameter. I'm not sure if this solution is correct. Now the driver can check the current computation stage and perform some action. For jpake drivers `step` parameter is now not used, but I think it needs to stay as it might be needed for other pake algorithms.
- Removed test that seems to be redundant as we can't be sure that operation is aborted after failure.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
3f9dbac83f
Adapt ake driver tests to the new design
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
95629ab4ae
Add forced status for pake setup
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
c6b954686b
Adapt test_suite_psa_crypto_pake test for the new design
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:30:31 +01:00
51eac53b93
Divide pake operation into two phases collecting inputs and computation.
...
Functions that only set inputs do not have driver entry points.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
0c78180ee5
mbedtls_psa_pake_get_implicit_key: move psa_key_derivation_input_bytes call to upper layer
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
7658a0768b
Add pake driver wrapper tests
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
061a016c65
Add ALG_TLS12_PRF, TLS12_PSK_TO_MS, LG_TLS12_ECJPAKE_TO_PMS support to test driver extensions
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
6a9785f061
Add pake.h to test driver header
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
03790029a6
Add test components to test accelerated pake and fallback
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
d3da040f34
Add test driver impl for pake
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-22 11:25:30 +01:00
07d5085fcf
Skip ECDH ciphersuites for O->m pair
...
The mechanism of detecting unsupported ciphersuites
for OpenSSL client doesn't work on a modern OpenSSL.
At least, it fails on Travis CI which is installed
with OpenSSL 1.1.1f. So we need to skip ECDH cipher-
suites for O->m.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-02-22 12:18:48 +08:00
a64c277588
compat.sh: Skip all *ECDH_* ciphersuites
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-02-22 10:19:40 +08:00
ffb92b0789
Merge pull request #7105 from davidhorstmann-arm/fix-oid-printing-bug
...
Fix bugs in OID to string conversion
2023-02-21 23:16:44 +01:00
48c591cb56
Fix warning with GCC 12
...
Fix warning about variable being used uninitialised.
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-02-21 16:31:56 +00:00
250a5ac4cb
Merge pull request #7095 from paul-elliott-arm/interruptible_sign_hash_codestyle
...
Implement PSA interruptible sign/verify hash
2023-02-21 15:13:34 +01:00
d89360b87b
Fix and improve documentation, comments and logs
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-02-21 14:57:25 +01:00
d1c001aff7
Fix some dependencies in test_suite_psa_crypto
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-21 13:37:17 +01:00
a006f8c17b
Adapt dependencies for parsing rfc822Name test
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-21 13:36:56 +01:00
e91bcf31b6
Add comparison of accel_ecdh_use_psa against ref
...
With temporary exclusions to be lifted as follow-ups.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-21 13:07:19 +01:00
e42cedf256
Merge pull request #7077 from daverodgman/pkcs7-fixes-dm-rebased
...
Pkcs7 fixes
2023-02-21 11:53:30 +00:00
59a2b8fd57
Add component accel_ecdh_use_psa
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-21 12:42:31 +01:00
e3095e7cb0
Add comments to accel_ecdh component
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-21 12:19:06 +01:00
f65a059a64
Add test generation for ecp_mod_p224_raw
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-02-21 11:40:27 +01:00
66f88a9d22
Extract Secp224r1 from the prototype
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2023-02-21 11:32:29 +01:00
5e780df3e3
Only use standard cipher name
...
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-02-21 14:19:27 +08:00
a4fad2ba67
Correct error code in test_suite_x509parse.data
...
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-02-20 14:57:47 +00:00
716163e824
Improve allocation bounds in testing
...
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com >
2023-02-20 14:46:51 +00:00
5b5a0b618c
Change error codes to more appropriate codes
...
The more precise error codes are borrowed from the ASN1 module.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2023-02-20 14:24:12 +00:00
5b9e4168cf
Add rfc822Name support in mbedtls_x509_info_subject_alt_name + adapt test
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-20 15:09:50 +01:00
608e3efc47
Add test for parsing SAN: rfc822Name
...
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com >
2023-02-20 15:09:50 +01:00
a30afe2216
ecp_curves: Minor refactoring.
...
This patch introduces the following changes:
* Documentation for `mbedtls_ecp_modulus_setup()`
moved to `ecp_invasive.h`.
* Added invalid modulus selector `MBEDTLS_ECP_MOD_NONE`.
* Adjusted negative tests to use invalid selectors.
* Reworded documentation.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-02-20 13:53:06 +00:00
36f7c0e69b
test_suite_ecp: Added .data for ecp_setup_test()
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-02-20 13:51:49 +00:00
9a1d02d738
test_suite_ecp: Added test for mbedtls_ecp_modulus_setup()
...
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com >
2023-02-20 13:51:48 +00:00
ec718afb41
Merge pull request #7051 from gabor-mezei-arm/6376_Secp521r1_fast_reduction
...
Add a raw entry point to Secp521r1 fast reduction
2023-02-20 13:03:12 +00:00
9e04b5bcfc
Disable MD-light in accel_hash_use_psa
...
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com >
2023-02-20 12:53:23 +01:00
4bb6773640
tls13: Apply same preference rules for ciphersuites as for TLS 1.2
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-02-20 11:42:19 +01:00
b18c67af5f
tls13: ssl-opt.sh: Add test of default crypto algo
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-02-20 11:42:19 +01:00
0a1c504156
tls13: Fix session resumption with 384 bits PSKs
...
MBEDTLS_PSK_MAX_LEN main purpose is to determine
a miximum size for the TLS 1.2 pre-master secret.
This is not relevant to TLS 1.3 thus disable in
TLS 1.3 case the check against MBEDTLS_PSK_MAX_LEN
when setting during the handshake the PSK through
mbedtls_ssl_set_hs_psk(). This fixes the session
resumption with 384 bits PSKs when MBEDTLS_PSK_MAX_LEN
is smaller than that.
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-02-20 11:42:19 +01:00
25e9ec61f0
tls13: server: Select preferred cipher suite
...
Signed-off-by: Ronald Cron <ronald.cron@arm.com >
2023-02-20 11:42:19 +01:00
718eb4f190
Merge pull request #7025 from AndrzejKurek/uri_san
...
Add the uniformResourceIdentifier subtype for the subjectAltName
2023-02-20 11:29:59 +01:00
1c0e4c013a
compat.sh: skip static ECDH cases if unsupported in openssl
...
This commit add support to detect if openssl used for testing
supports static ECDH key exchange. Skip the ciphersutes if
openssl doesn't support them.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com >
2023-02-20 18:05:21 +08:00
f8e5b56ad8
Fix get_num_ops internal code.
...
Previously calling get_num_ops more than once would have ended up with ops
getting double counted, and not calling inbetween completes would have ended up
with ops getting missed. Fix this by moving this to where the work is actually
done, and add tests for double calls to get_num_ops().
Signed-off-by: Paul Elliott <paul.elliott@arm.com >
2023-02-19 18:55:10 +00:00
f7a824b961
Add check, if the algorithm supports psa_sign_hash() before running the test.
...
Signed-off-by: Stephan Koch <koch@oberon.ch >
2023-02-17 11:26:51 +01:00
