Move the default definition of MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
from psa_crypto_core.h to the public header crypto_extra.h in order
to solve documentation build issues.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Instead of checking for "in_use" to be true/false or "key.data"
to be not NULL, simply check that "key.bytes" is 0/not-0.
psa_allocate_buffer_to_slot() will update this value whenever
a new slot is allocated (for the fully static case "allocated"
actually mean "taken").
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
If MBEDTLS_PSA_STATIC_KEY_SLOTS is set then limit PSA_CRYPTO_MAX_STORAGE_SIZE
to MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE, otherwise keep the previous
PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS) size.
This commit also removes changes to test_suite_psa_crypto_persistent_key.data
done previously since MBEDTLS_PSA_STATIC_KEY_SLOTS is always up to date
with key buffer size.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit fixes potential buffer overrun in:
- pk_write_rsa_der
- pk_write_ec_pubkey
In both functions, when dealing with opaque keys, there was no
check that the provided buffer was large enough to contain the
key being exported. This commit fixes this problem and it also
adds some testing in test_suite_pkwrite to trigger these checks.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The compile-time option MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE gates both
support for interoperability with a peer that uses middlebox compatibility
mode, and support for activating that mode ourselves. Change code that is
only needed for interoperability to be guarded by
MBEDTLS_SSL_TLS1_3_ACCEPT_COMPATIBILITY_MODE.
As of this commit, MBEDTLS_SSL_TLS1_3_ACCEPT_COMPATIBILITY_MODE is always
enabled: there is no way to disable it, and there are no tests with it
disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The rest of the file uses mbedtls_mpi_uint_t unconditionally, so its
definition should also be #include'd unconditionally.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Without this, it's not at all obvious that turning on MBEDTLS_TEST_HOOKS
doesn't change the functional behavior of the code.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Unfortunately compilers aren't good at analyzing whether variables are
analyzed on all code paths, and it is better to initialize to the
safe-path values.
Signed-off-by: Janos Follath <janos.follath@arm.com>
A + B + 1 is not a good way to get a number that's neither A nor B.
This can be a problem for example if values later are changed to
A = 0 and B = -1.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add mbedtls_ssl_conf_enable_new_session_tickets() API
to be able to enable and disable the handling of TLS 1.3
NewSessionTicket messages.
The TLS 1.2 equivalent function is named
mbedtls_ssl_conf_session_tickets() thus the most
natural name would have been
mbedtls_ssl_conf_new_session_tickets() but it is
already used on server side thus rather
mbedtls_ssl_conf_enable_new_session_tickets().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This reduces the workflows where psa_crypto_init is called when not
necessary: it won't be called when a dual-version server receives a 1.2-only
ClientHello.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For backward compatibility with Mbed TLS <=3.5.x, applications must be able
to make a TLS connection with a peer that supports both TLS 1.2 and TLS 1.3,
regardless of whether they call psa_crypto_init(). Since Mbed TLS 3.6.0,
we enable TLS 1.3 in the default configuration, so we must take care of
calling psa_crypto_init() if needed. This is a change from TLS 1.3 in
previous versions, where enabling MBEDTLS_SSL_PROTO_TLS1_3 was a user
choice and could have additional requirement.
This commit makes the library call psa_crypto_init() when it needs PSA
crypto in a situation where the application might not have called it,
namely, when starting a TLS 1.3 connection.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
