This is possible because after #8740 RSA_C no longer depends on
PK to parse and write private/public keys.
This commit also solves related issues that arose after this change
in "pk.c" and "test_suite_pk". In particular now we can use
rsa's module functions for parsing and writing keys without need
to rely on pk_parse and pk_write functions.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Use of volatile is more an internal implementation detail (ensuring
const-time) than part of the contract (the caller doesn't care about
volatile as such).
Signed-off-by: Janos Follath <janos.follath@arm.com>
We need the pointer, A, to be volatile, to ensure the reads happen. bits
does not need to be volatile.
Signed-off-by: Janos Follath <janos.follath@arm.com>
- These functions are used both in pkparse.c for key parsing
as well as pk.c for managing copy_from_psa(). As as consequence
they should belong to pk.c, but that would make that module
messier, so that's why a new separate module is added.
- Their guard can be changed from PKPARSE_C to PK_C.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Threads lose the mutex between locking the slot and changing the slot's state.
Make it so that threads check if another thread has completed a destruction during this period.
Also fix the issue with the incorrect status variable being used.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The conversion back to signed short is an issue: the uint cast results
in (-1 + UINT_MAX), which is OK. But then that can't be cast back to a
signed value: "if the new type is signed and the value cannot be
represented in it; either the result is implementation-defined or an
implementation-defined signal is raised."
Signed-off-by: Janos Follath <janos.follath@arm.com>
This is the lifetime of the key used to decrypt
the ticket that should be used when parsing a
ticket, not the ticket module lifetime that
may have been changed since the key was
created.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move PSK ciphersuite selection up to the main
ClientHello parsing function. That way the
ciphersuite selection only happens in this
function.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Regarding the possibility of selecting a
key exchange mode, the check of the ticket
flags is now separated from the check of
the ClientHello content and server
configuration.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For PSK based key exchange modes do not check twice
anymore if they can be selected or not. Check it
only when looping over the offered PSKs to select
one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If an identity has been determined as a
ticket identity but the ticket is not
usable, do not try to check if the
identity is that of an external
provided PSK.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Improve the values returned by
ssl_tls13_offered_psks_check_identity_match_ticket().
Distinguish between the two following cases:
1) the PSK identity is not a valid ticket identity
2) the PSK identity is a valid ticket identity but
the ticket cannot be used for session resumption.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix the value returned by
ssl_tls13_offered_psks_check_identity_match_ticket()
when there is no ticket parser function defined
or no time.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When building with -Og (specifically Zephyr with
CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning:
'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized]
Fix this by zero initializing 'shared_secret' similar to the issue
addressed in commit 2fab5c960 ("Work around for GCC bug").
Signed-off-by: Moritz Fischer <moritzf@google.com>
Not all of the writes to this field are protected by a mutex.
There is no also no protection in place to stop another thread from overwriting
the current transaction
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
