The explanation of the dispatch layer's state machine should not be in
the file containing the software implementation and a better
understanding can be had by reading the dispatch layer's code.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Take advantage of the contiguous nature of XYZ_KEY_SHARE, XYZ_ZK_PUBLIC
and XYZ_ZK_PROOF to simplify the conversion code.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
The psa_jpake_computation_stage_t is already initialized in
psa_pake_setup(), so does not need initializing again in
psa_pake_complete_inputs().
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Keep track of the J-PAKE internal state in a more intuitive way.
Specifically, replace the current state with a struct of 5 fields:
* The round of J-PAKE we are currently in, FIRST or SECOND
* The 'mode' we are currently working in, INPUT or OUTPUT
* The number of inputs so far this round
* The number of outputs so far this round
* The PAKE step we are expecting, KEY_SHARE, ZK_PUBLIC or ZK_PROOF
This should improve the readability of the state-transformation code.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Given the size of ciL is set dependant on MBEDTLS_HAVE_INT32 /
MBEDTLS_HAVE_INT64, clang rightfully reports this as unreachable code in
32 bit builds. Fix this by using #define guards instead.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Use a switch instead of an array. The array was very hollow for some enum
types such as mbedtls_ssl_protocol_version (which formerly used small
values, but switched to using the protocol encoding as enum values in Mbed
TLS 3.2.0). Optimizing compilers know how to compile a switch into a lookup
table when the range warrants it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This allows also to:
- removing the dependency on ECP_C for these functions and only rely
on PSA symbols
- removing extra header inclusing from crypto_extra.h
- return MBEDTLS_PK_USE_PSA_EC_DATA and MBEDTLS_PK_HAVE_ECC_KEYS to
their original position in pk.h
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Note: both MBEDTLS_PK_USE_PSA_EC_DATA and MBEDTLS_PK_HAVE_ECC_KEYS
has been move on top of the pk.h file because we need these symbols
when crypto.h is evaluated otherwise functions like
mbedtls_ecc_group_of_psa() won't be available.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
