Change wording from "failed" since this implied the
function had returned an error status instead of
producing the wrong result.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Remove the mbedtls and psa prefixes from variable
names in order to make clearer what is part of
the API and what is just part of the demo program.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Replace MBEDTLS_SHA256_C for PSA_WANT_ALG_SHA_256
everywhere, including comments and print statements.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
Running clang-16 on mbedtls reports warnings of type "-Wstrict-prototypes".
This patch fixes these warnings by adding void to functions with no
arguments. The generate_test_code.py is modified to insert void into test
functions with no arguments in *.function files.
Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>
Define HALH_ALG to the desired PSA algorithm
to demostrate the ease of swapping algorithms
with the PSA API.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This PR was originally created before the code
style was changed. This commit updates the style.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit adds the example program for PSA
hash as well as the relevant changes to
CMakeLists.txt and the Makefile.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
These anchors encapsulate gitignore patterns which typically ignore
files generated, so that scripts can be used to comment and uncomment
these patterns for releases when we need the generated files in the
repository.
Signed-off-by: Agathiyan Bragadeesh <agabra02@e127300.arm.com>
crypt_and_hash decryption fails when used with a stream cipher
mode of operation due to the input not being multiple of block
size, this only applies to block cipher modes and not stream
ciphers.This change exempts CTR, CFB & OFB modes from this check.
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
This will be used for comparison in unit tests.
Add a possibility to write certificates with SAN
in cert_write.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
We don't commit *.o files anywhere, not even as test data. So ignore them
everywhere.
This resolves *.o files not being ignored under 3rdparty/p256-m.
Also remove a redundant ignore of *.exe in a subdirectory.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The fuzz programs were returning a nonzero status if they failed to load the
reproducer, but that's discreet and not informative. Make them also print an
error message.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Allow demo scripts to be run from the build directory for out-of-tree
builds.
If the executable is not found in the source tree then search in the
current directory in case the script is being run from a build
directory.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When mbedtls_entropy_free() is called without mbedtls_entropy_init() entropy is uninitialized and contains garbage which may lead to segmentation fault.
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Changes in test_suite_psa_crypto are to enforce the dependency
on ECP_C which is mandatory for some key's derivation.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Increasing heap memory size of SSL_Client2 and SSL_Server2, because the original value is not enough to handle some certificates. The AuthorityKeyId and SubjectKeyId are also parsed now increasing the size of some certificates
Signed-off-by: toth92g <toth92g@gmail.com>
Unless I missed something, all remaining instance of all macros are in
files where it makes sense to use these. I went over the output of:
git grep -c -E 'MBEDTLS_(MD5|RIPEMD160|SHA[0-9]*)_C'
and I think all the files listed fall into one of the following
acceptable categories:
- documentation and historical documents: Changelog, docs/**/*.md
- config files and related: mbedtls_config.h, configs/*.h,
check_config.h, config_psa.h, etc.
- scripts that build/modify configs: all.sh, depends.py,
set_psa_test_dependencies.py, etc.
- implementation of MD or PSA or related: md.h, psa_util.h, etc. and
corresponding test suites
- implementation of hashes: md5.c, sha256.h, etc. and corresponding test
suites
- two example programs using a low-level hash API: hash/hello.c,
pkey/ecdsa.c
- test/benchmark.c, test/selftest.c: actually want our built-in
implementations
- a function in test_suite_psa_crypto_storage_format that is
specifically for checking if the hash is built in.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
sed -i -f md.sed include/mbedtls/ssl.h library/hmac_drbg.c programs/pkey/*.c programs/x509/*.c tests/scripts/generate_pkcs7_tests.py tests/suites/test_suite_random.data
Then manually revert programs/pkey/ecdsa.c as it's using a low-level
hash API.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
1. Change USE_PSA_CRYPTO_INIT/DONE to MD_OR_USE.
2. Add missing occurrences - some of these were already necessary in
principle (in one form or another) but where missing and this was not
detected so far as `psa_hash` doesn't complain in case of a missing
init, but now MD makes it visible.
3. Add missing include in ssl_test_lib.h.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
