If the server during a TLS 1.3 handshake selects
the PSK key exchange mode, it does not matter
if it did not find in the key share extension
a key share for a group it supports. Such a
key share is used and necessary only in the
case of the ephemeral or PSK ephemeral key
exchange mode. This is a possible scenario in
the case of a server that supports only the PSK
key exchange mode and a client that also
supports a key exchange mode with ephemeral keys.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
New scripts have updated executable permissions to be consistent with
project requirements.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
For tests running the ecp_fast_mod with MBEDTLS_ECP_DP_SECPXXXR1 the
dependency MBEDTLS_ECP_NIST_OPTIM has been added as this gives the
curves the optimised reduction function that ecp_fast_mod tests.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
A few negative test cases in test_suite_pem.data rely on DES
(“invalid iv”, “malformed”). DES is deprecated.
Construct similar test cases using AES.
Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Don't link to the proposed specifications: they aren't good entry points
because they describe what we want to achieve, not what exists today. The
guide links to them, that's enough.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Besides being unnecessary, it was causing problem when build SSL test
programs, which include this header, then in turn trying to include the
internal header from library, which didn't work.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
ECC macros used in the following files:
library/pk.c
library/pk_wrap.c
library/pkparse.c
library/pkwrite.c
library/ssl_misc.h
library/ssl_tls12_client.c
FFDH macro use only in library/ssl_misc.h so could possibly be moved
there, but it seems cleaner to keep it close to the ECC macros are they
are very similar in nature.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Fixes an "unused static function" warning in builds with
DEPRECATED_REMOVED.
While at it, remove an include that's now useless.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
