The return value of snprintf() is the number of characters (excluding
the null terminator) which would have been written to the buffer if
enough space had been available. Thus, a return value of size or more
means the output was truncated.
Signed-off-by: Mingjie Shen <shen497@purdue.edu>
All current usages have this parameter set to 0 (meaning the behaviour
of these tests hasn't changed). We also now return the actual error code, not GENERIC_ERROR
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
All current usages have this parameter set to 0 (in this case the behaviour of
the test is unchanged)
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
If the key has been destroyed (and the new parameter is 1), we test that
psa_cipher_abort succeeds in this scenario.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
If the key has been destroyed (and the new parameter is 1) then we test that
psa_mac_abort succeeds in this scenario.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
This will allow us to use this smoke test to ensure that key slot content reads are
only performed when we are registered to read a full slot. We will destroy the key
on another thread while the key is being exercised, and fail the test if an unexpected
error code is hit. Future commits will incrementally implement this new parameter.
All current usages of this function have this parameter set to 0, in which case
the new behaviour must be the same as the old behaviour
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Mention that arbitrary overlap is now supported, except whenever
MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS is set.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Move definition of MBEDTLS_SSL_EARLY_DATA_STATE_xyz
from ssl.h(public) to ssl_misc.h(private) even if
that means we cannot use the enum type for
early_data_state in ssl.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Do not use the return values of
mbedtls_ssl_get_early_data_status()
(MBEDTLS_SSL_EARLY_DATA_STATUS_ macros)
for the state of the negotiation and
transfer of early data during the
handshake.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Specifically:
* Clarify that passing shared buffers is now secure by default (not
newly supported)
* Remove spurious hyphen
* Clarify that we do not guarantee copying, but rather guarantee
protection, allowing us to implement this differently in future if
required.
* Mention both protection of inputs from modification and outputs from
exposure of intermediate results.
* Invert the config option, from an enable-option to a disable-option.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Fix errors in merge conflict resolution - change
psa_generate_random_internal() to return directly rather than jumping to
an exit label and restore the variable psa_status_t status.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Reads and writes of rng_state in psa_crypto_init() and psa_crypto_free()
were already covered by mutex.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Unfortunately this requires holding the mutex for the entire
psa_crypto_init() function, as calling psa_crypto_free() from another
thread should block until init has ended, then run.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Fix mbedtls_pk_copy_from_psa() and mbedtls_pk_copy_public_from_psa() to
still work when the algorithm in the key policy is not an RSA
algorithm (typically PSA_ALG_NONE). Add a dedicated test case and adjust the
test code. Fixes the test case "Copy from PSA: non-exportable -> public, RSA"
when MBEDTLS_PKCS1_V15 is disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Document and implement mbedtls_pk_copy_public_from_psa() to export the
public key of a PSA key into PK.
Unit-test it alongside mbedtls_pk_copy_from_psa().
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
