PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE is always greater
than 1 so no need for the workaround on the original patch
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Clear some confusion between `X` as the output variable and "X" as a name
given to the accumulator. Previous iterations of the code used the variable
`X` as the accumulator, but now that the accumulator is `W[x_index]`, some
of the comments didn't make sense.
Remove the copy of the initial value of `X` into `W[x_index]`, which was
meaningless: the initial value of an output variable should not, and did
not, matter. `W[x_index]` is later overridden unconditionally to take the
value `RR`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some of the error strings that should be printed with the
error preprocessor directive are missing quotes
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Applied the same change as in mbed-crypto for using this as a sub
project with the IAR toolchain. Use __asm generic ,and avoid empty
enum. Avoid declaration of array with null size. This is a porting
of the original patch contributed to trusted-firmware-m.
Signed-off-by: TTornblom <thomas.tornblom@iar.com>
Signed-off-by: Michel Jaouen <michel.jaouen@st.com>
Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
The link to the DRBG paper points to the March 2007 version, the same as the
original link (rather than the latest version).
The amended Rijndael paper has a two-page "Note on naming" prefix.
Fixes#7193
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
For the MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE variables,
check that they are non-empty and defined. This means they can be
unconditionally created in the cache, simplifying the CMakeLists.txt
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When -DMBEDTLS_CONFIG_FILE or -DMBEDTLS_USER_CONFIG_FILE are passed to
cmake, pass them through as compile definitions. This allows different
mbedtls configs to be passed at configure time without modifying any
cmake files.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When less than 1 RDN is successfully parsed in
mbedtls_x509_string_to_names(), return an error. Previously this
returned success when a string containing neither '=' or ',' was
supplied.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
To retain the ABI compatibility, we need the DER
data to be in the exact size of 520 bytes. So,
these data are regenerated by unsetting the
'critical' flag of 'basic_constraints' extension,
though the extension should be critical for this
CA according to RFC5280 section 4.2.1.9.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
Regenerate server5.crt[.der] until we got the
DER data in the size of 547 bytes to maintain
the ABI compatibility.
Signed-off-by: Pengyu Lv <pengyu.lv@arm.com>
