Merge pull request #7351 from gabor-mezei-arm/7109_ecp_fast_reduction_testing
Test unlikely cases of ECC modular reduction
diff --git a/.readthedocs.yaml b/.readthedocs.yaml
new file mode 100644
index 0000000..cef07bf
--- /dev/null
+++ b/.readthedocs.yaml
@@ -0,0 +1,26 @@
+# .readthedocs.yaml
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the version of Python and other tools you might need
+build:
+ os: ubuntu-20.04
+ tools:
+ python: "3.9"
+ jobs:
+ pre_build:
+ - make apidoc
+ - breathe-apidoc -o docs/api apidoc/xml
+
+# Build documentation in the docs/ directory with Sphinx
+sphinx:
+ builder: dirhtml
+ configuration: docs/conf.py
+
+# Optionally declare the Python requirements required to build your docs
+python:
+ install:
+ - requirements: docs/requirements.txt
diff --git a/ChangeLog.d/add-directoryname-san.txt b/ChangeLog.d/add-directoryname-san.txt
new file mode 100644
index 0000000..e116298
--- /dev/null
+++ b/ChangeLog.d/add-directoryname-san.txt
@@ -0,0 +1,3 @@
+Features
+ * Add parsing of directoryName subtype for subjectAltName extension in
+ x509 certificates.
diff --git a/ChangeLog.d/add-milliseconds-time-api.txt b/ChangeLog.d/add-milliseconds-time-api.txt
new file mode 100644
index 0000000..d9e939f
--- /dev/null
+++ b/ChangeLog.d/add-milliseconds-time-api.txt
@@ -0,0 +1,5 @@
+API changes
+ * Add new millisecond time type `mbedtls_ms_time_t` and `mbedtls_ms_time()`
+ function, needed for TLS 1.3 ticket lifetimes. Alternative implementations
+ can be created using an ALT interface.
+
diff --git a/ChangeLog.d/some-max-size-macro-are-too-small-when-psa-ecc-is-accelerated.txt b/ChangeLog.d/some-max-size-macro-are-too-small-when-psa-ecc-is-accelerated.txt
new file mode 100644
index 0000000..8cc6e5e
--- /dev/null
+++ b/ChangeLog.d/some-max-size-macro-are-too-small-when-psa-ecc-is-accelerated.txt
@@ -0,0 +1,5 @@
+Bugfix
+ * Fix proper sizing for PSA_EXPORT_[KEY_PAIR/PUBLIC_KEY]_MAX_SIZE and
+ PSA_SIGNATURE_MAX_SIZE buffers when at least one accelerated EC is bigger
+ than all built-in ones and RSA is disabled.
+ Resolves #6622.
diff --git a/docs/.gitignore b/docs/.gitignore
index 23f832b..11f197b 100644
--- a/docs/.gitignore
+++ b/docs/.gitignore
@@ -1,2 +1,4 @@
*.html
*.pdf
+_build/
+api/
diff --git a/docs/Makefile b/docs/Makefile
new file mode 100644
index 0000000..47510f9
--- /dev/null
+++ b/docs/Makefile
@@ -0,0 +1,40 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS ?=
+SPHINXBUILD ?= sphinx-build
+SOURCEDIR = .
+BUILDDIR = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+ @$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help clean apidoc breathe_apidoc Makefile
+
+# Intercept the 'clean' target so we can do the right thing for apidoc as well
+clean:
+ @# Clean the apidoc
+ $(MAKE) -C .. apidoc_clean
+ @# Clean the breathe-apidoc generated files
+ rm -rf ./api
+ @# Clean the sphinx docs
+ @$(SPHINXBUILD) -M clean "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+apidoc:
+ @# Generate doxygen from source using the main Makefile
+ $(MAKE) -C .. apidoc
+
+breathe_apidoc: apidoc
+ @# Remove existing files - breathe-apidoc skips them if they're present
+ rm -rf ./api
+ @# Generate RST file structure with breathe-apidoc
+ breathe-apidoc -o ./api ../apidoc/xml
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile breathe_apidoc
+ @# Build the relevant target with sphinx
+ @$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md
index 60203a0..d461394 100644
--- a/docs/architecture/mbed-crypto-storage-specification.md
+++ b/docs/architecture/mbed-crypto-storage-specification.md
@@ -354,7 +354,7 @@
* [Persistent keys](#key-file-format-for-mbed-tls-2.25.0) designated by a [key identifier and owner](#key-names-for-mbed-tls-2.25.0). Keys can be:
* Transparent, stored in the export format.
- * Opaque, using the unified driver interface with statically registered drivers (`MBEDTLS_PSA_CRYPTO_DRIVERS`). The driver determines the content of the opaque key blob.
+ * Opaque, using the PSA driver interface with statically registered drivers. The driver determines the content of the opaque key blob.
* Opaque, using the deprecated secure element interface with dynamically registered drivers (`MBEDTLS_PSA_CRYPTO_SE_C`). The driver picks a slot number which is stored in the place of the key material.
* [Nonvolatile random seed](#nonvolatile-random-seed-file-format-for-mbed-tls-2.25.0) on ITS only.
diff --git a/docs/architecture/psa-migration/psa-limitations.md b/docs/architecture/psa-migration/psa-limitations.md
index b81aeb4..29d7c53 100644
--- a/docs/architecture/psa-migration/psa-limitations.md
+++ b/docs/architecture/psa-migration/psa-limitations.md
@@ -15,7 +15,7 @@
----------------------------------------------
Support for interruptible ECDSA sign/verify was added to PSA in Mbed TLS 3.4.
-However support for interruptible ECDH is not present yet. Also, PK, X.509 and
+However, support for interruptible ECDH is not present yet. Also, PK, X.509 and
TLS have not yet been adapted to take advantage of the new PSA APIs. See:
- <https://github.com/Mbed-TLS/mbedtls/issues/7292>;
- <https://github.com/Mbed-TLS/mbedtls/issues/7293>;
diff --git a/docs/conf.py b/docs/conf.py
new file mode 100644
index 0000000..41c50c7
--- /dev/null
+++ b/docs/conf.py
@@ -0,0 +1,34 @@
+# Configuration file for the Sphinx documentation builder.
+#
+# For the full list of built-in configuration values, see the documentation:
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Project information -----------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
+import glob
+
+project = 'Mbed TLS Versioned'
+copyright = '2023, Mbed TLS Contributors'
+author = 'Mbed TLS Contributors'
+
+# -- General configuration ---------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
+
+extensions = ['breathe', 'sphinx.ext.graphviz']
+
+templates_path = ['_templates']
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+
+breathe_projects = {
+ 'mbedtls-versioned': '../apidoc/xml'
+}
+breathe_default_project = 'mbedtls-versioned'
+
+primary_domain = 'c'
+highlight_language = 'c'
+
+# -- Options for HTML output -------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output
+
+html_theme = 'sphinx_rtd_theme'
+html_static_path = ['_static']
diff --git a/docs/index.rst b/docs/index.rst
new file mode 100644
index 0000000..33a9722
--- /dev/null
+++ b/docs/index.rst
@@ -0,0 +1,20 @@
+.. Mbed TLS Versioned documentation master file, created by
+ sphinx-quickstart on Thu Feb 23 18:13:44 2023.
+ You can adapt this file completely to your liking, but it should at least
+ contain the root `toctree` directive.
+
+Mbed TLS API documentation
+==========================
+
+.. doxygenpage:: index
+ :project: mbedtls-versioned
+
+.. toctree::
+ :caption: Contents
+ :maxdepth: 1
+
+ Home <self>
+ api/grouplist.rst
+ api/filelist.rst
+ api/structlist.rst
+ api/unionlist.rst
diff --git a/docs/proposed/psa-driver-developer-guide.md b/docs/proposed/psa-driver-developer-guide.md
index b39f559..d004483 100644
--- a/docs/proposed/psa-driver-developer-guide.md
+++ b/docs/proposed/psa-driver-developer-guide.md
@@ -7,7 +7,7 @@
This document focuses on behavior that is specific to Mbed TLS. For a reference of the interface between Mbed TLS and drivers, refer to the [PSA Cryptoprocessor Driver Interface specification](psa-driver-interface.html).
-The interface is not fully implemented in Mbed TLS yet and is disabled by default. You can enable the experimental work in progress by setting `MBEDTLS_PSA_CRYPTO_DRIVERS` in the compile-time configuration. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code when `MBEDTLS_PSA_CRYPTO_DRIVERS` is enabled.
+The interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code.
## Introduction
diff --git a/docs/proposed/psa-driver-integration-guide.md b/docs/proposed/psa-driver-integration-guide.md
index bfd765e..3d12ec6 100644
--- a/docs/proposed/psa-driver-integration-guide.md
+++ b/docs/proposed/psa-driver-integration-guide.md
@@ -5,7 +5,7 @@
This document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow the PSA cryptoprocessor driver interface.
-The interface is not fully implemented in Mbed TLS yet and is disabled by default. You can enable the experimental work in progress by setting `MBEDTLS_PSA_CRYPTO_DRIVERS` in the compile-time configuration. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code when `MBEDTLS_PSA_CRYPTO_DRIVERS` is enabled.
+The interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code.
## Introduction
@@ -19,21 +19,14 @@
To build Mbed TLS with drivers:
-1. Activate `MBEDTLS_PSA_CRYPTO_DRIVERS` in the library configuration.
-
- ```
- cd /path/to/mbedtls
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- ```
-
-2. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library.
+1. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library.
```
cd /path/to/mbedtls
make PSA_DRIVERS="/path/to/acme/driver.json /path/to/nadir/driver.json" lib
```
-3. Link your application with the implementation of the driver functions.
+2. Link your application with the implementation of the driver functions.
```
cd /path/to/application
diff --git a/docs/requirements.in b/docs/requirements.in
new file mode 100644
index 0000000..a523188
--- /dev/null
+++ b/docs/requirements.in
@@ -0,0 +1,2 @@
+sphinx-rtd-theme
+breathe
diff --git a/docs/requirements.txt b/docs/requirements.txt
new file mode 100644
index 0000000..4b9f3a6
--- /dev/null
+++ b/docs/requirements.txt
@@ -0,0 +1,66 @@
+#
+# This file is autogenerated by pip-compile with Python 3.9
+# by the following command:
+#
+# pip-compile requirements.in
+#
+alabaster==0.7.13
+ # via sphinx
+babel==2.12.1
+ # via sphinx
+breathe==4.35.0
+ # via -r requirements.in
+certifi==2022.12.7
+ # via requests
+charset-normalizer==3.1.0
+ # via requests
+docutils==0.17.1
+ # via
+ # breathe
+ # sphinx
+ # sphinx-rtd-theme
+idna==3.4
+ # via requests
+imagesize==1.4.1
+ # via sphinx
+importlib-metadata==6.0.0
+ # via sphinx
+jinja2==3.1.2
+ # via sphinx
+markupsafe==2.1.2
+ # via jinja2
+packaging==23.0
+ # via sphinx
+pygments==2.14.0
+ # via sphinx
+requests==2.28.2
+ # via sphinx
+snowballstemmer==2.2.0
+ # via sphinx
+sphinx==4.5.0
+ # via
+ # breathe
+ # sphinx-rtd-theme
+sphinx-rtd-theme==1.2.0
+ # via -r requirements.in
+sphinxcontrib-applehelp==1.0.4
+ # via sphinx
+sphinxcontrib-devhelp==1.0.2
+ # via sphinx
+sphinxcontrib-htmlhelp==2.0.1
+ # via sphinx
+sphinxcontrib-jquery==2.0.0
+ # via sphinx-rtd-theme
+sphinxcontrib-jsmath==1.0.1
+ # via sphinx
+sphinxcontrib-qthelp==1.0.3
+ # via sphinx
+sphinxcontrib-serializinghtml==1.1.5
+ # via sphinx
+urllib3==1.26.15
+ # via requests
+zipp==3.15.0
+ # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools
diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md
index 4d72f99..9d783d5 100644
--- a/docs/use-psa-crypto.md
+++ b/docs/use-psa-crypto.md
@@ -15,6 +15,13 @@
`psa_crypto_init()` before calling any function from the SSL/TLS, X.509 or PK
module.
+**Why enable this option:** to fully take advantage of PSA drivers in PK,
+X.509 and TLS. For example, enabling this option is what allows use of drivers
+for ECDSA, ECDH and EC J-PAKE in those modules. However, note that even with
+this option disabled, some code in PK, X.509, TLS or the crypto library might
+still use PSA drivers, if it can determine it's safe to do so; currently
+that's the case for hashes.
+
**Relationship with other options:** This option depends on
`MBEDTLS_PSA_CRYPTO_C`. These two options differ in the following way:
- `MBEDTLS_PSA_CRYPTO_C` enables the implementation of the PSA Crypto API.
@@ -22,7 +29,7 @@
`psa_crypto_init()` before you call any other `psa_xxx()` function. Other
modules in the library (non-PSA crypto APIs, X.509, TLS) may or may not use
PSA Crypto but you're not required to call `psa_crypto_init()` before calling
-non-PSA functions, unless when explicitly documented (TLS 1.3).
+non-PSA functions, unless explicitly documented (TLS 1.3).
- `MBEDTLS_USE_PSA_CRYPTO` means that X.509 and TLS will use PSA Crypto as
much as possible (that is, everywhere except for features that are not
supported by PSA Crypto, see "Internal Changes" below for a complete list of
diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile
index 5e79743..393fd41 100644
--- a/doxygen/mbedtls.doxyfile
+++ b/doxygen/mbedtls.doxyfile
@@ -18,6 +18,7 @@
HTML_TIMESTAMP = YES
SEARCHENGINE = YES
GENERATE_LATEX = NO
+GENERATE_XML = YES
MACRO_EXPANSION = YES
EXPAND_ONLY_PREDEF = YES
INCLUDE_PATH = ../include
@@ -42,3 +43,12 @@
# \retval #PSA_ERROR_INSUFFICIENT_MEMORY \emptydescription
# This avoids writing redundant text and keeps Clang happy.
ALIASES += emptydescription=""
+
+# Define away Mbed TLS macros that make parsing definitions difficult.
+# MBEDTLS_DEPRECATED is not included in this list as it's important to
+# display deprecated status in the documentation.
+PREDEFINED = "MBEDTLS_CHECK_RETURN_CRITICAL=" \
+ "MBEDTLS_CHECK_RETURN_TYPICAL=" \
+ "MBEDTLS_CHECK_RETURN_OPTIONAL=" \
+ "MBEDTLS_PRINTF_ATTRIBUTE(a,b)=" \
+
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index b1d4b88..5c2c843 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -1005,7 +1005,7 @@
* This must point to an initialized MPI.
* \param rounds The number of bases to perform the Miller-Rabin primality
* test for. The probability of returning 0 on a composite is
- * at most 2<sup>-2*\p rounds</sup>.
+ * at most 2<sup>-2*\p rounds </sup>.
* \param f_rng The RNG function to use. This must not be \c NULL.
* \param p_rng The RNG parameter to be passed to \p f_rng.
* This may be \c NULL if \p f_rng doesn't use
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index 8ffa51a..12a8544 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -1,5 +1,5 @@
/**
- * \file build_info.h
+ * \file mbedtls/build_info.h
*
* \brief Build-time configuration info
*
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 5eadc0c..8e1accd 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -315,6 +315,17 @@
#endif
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+/* Helper for curve SECP256R1 */
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(PSA_WANT_ECC_SECP_R1_256)
+#define MBEDTLS_PK_HAVE_CURVE_SECP256R1
+#endif
+#else /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#define MBEDTLS_PK_HAVE_CURVE_SECP256R1
+#endif
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(MBEDTLS_PK_HAVE_ECDH) || \
!defined(MBEDTLS_PK_HAVE_ECDSA) || \
@@ -369,8 +380,8 @@
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) && \
- ( !defined(MBEDTLS_PK_HAVE_JPAKE) || \
- !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) )
+ ( !defined(MBEDTLS_PK_HAVE_JPAKE) || \
+ !defined(MBEDTLS_PK_HAVE_CURVE_SECP256R1) )
#error "MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED defined, but not all prerequisites"
#endif
@@ -495,6 +506,16 @@
#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\
+ ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites"
+#endif
+
+#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \
+ ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
+#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites"
+#endif
+
#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
@@ -798,14 +819,14 @@
#endif
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
-#if !( defined(MBEDTLS_PK_HAVE_ECDH) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
+#if !( defined(PSA_WANT_ALG_ECDH) && defined(MBEDTLS_X509_CRT_PARSE_C) && \
( defined(MBEDTLS_PK_HAVE_ECDSA) || defined(MBEDTLS_PKCS1_V21) ) )
#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites"
#endif
#endif
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED)
-#if !( defined(MBEDTLS_PK_HAVE_ECDH) )
+#if !( defined(PSA_WANT_ALG_ECDH) )
#error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites"
#endif
#endif
@@ -1119,6 +1140,7 @@
#undef MBEDTLS_MD_HAVE_SHA256
#undef MBEDTLS_MD_HAVE_SHA384
#undef MBEDTLS_MD_HAVE_SHA512
+#undef MBEDTLS_PK_HAVE_CURVE_SECP256R1
/*
* Avoid warning from -pedantic. This is a convenient place for this
diff --git a/include/mbedtls/debug.h b/include/mbedtls/debug.h
index 2b0d00e..74f5d55 100644
--- a/include/mbedtls/debug.h
+++ b/include/mbedtls/debug.h
@@ -131,6 +131,10 @@
#endif \
/* (defined(__MINGW32__) && __USE_MINGW_ANSI_STDIO == 0) || (defined(_MSC_VER) && _MSC_VER < 1800) */
+#if !defined(MBEDTLS_PRINTF_MS_TIME)
+#define MBEDTLS_PRINTF_MS_TIME PRId64
+#endif /* MBEDTLS_PRINTF_MS_TIME */
+
#ifdef __cplusplus
extern "C" {
#endif
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index ef3cf24..89d5659 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -238,6 +238,7 @@
//#define MBEDTLS_PLATFORM_VSNPRINTF_ALT
//#define MBEDTLS_PLATFORM_NV_SEED_ALT
//#define MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT
+//#define MBEDTLS_PLATFORM_MS_TIME_ALT
/**
* \def MBEDTLS_DEPRECATED_WARNING
@@ -801,7 +802,7 @@
*
* Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C
+ * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -899,7 +900,9 @@
*
* Enable the ECDHE-RSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_PKCS1_V15,
+ * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
+ * MBEDTLS_RSA_C
+ * MBEDTLS_PKCS1_V15
* MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
@@ -922,7 +925,9 @@
*
* Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C,
+ * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
+ * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
+ * MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -944,7 +949,9 @@
*
* Enable the ECDH-ECDSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_ECDSA_C, MBEDTLS_X509_CRT_PARSE_C
+ * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
+ * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
+ * MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -966,7 +973,9 @@
*
* Enable the ECDH-RSA based ciphersuite modes in SSL / TLS.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_RSA_C, MBEDTLS_X509_CRT_PARSE_C
+ * Requires: MBEDTLS_ECDH_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDH)
+ * MBEDTLS_RSA_C
+ * MBEDTLS_X509_CRT_PARSE_C
*
* This enables the following ciphersuites (if other requisites are
* enabled as well):
@@ -992,7 +1001,7 @@
* Thread v1.0.0 specification; incompatible changes to the specification
* might still happen. For this reason, this is disabled by default.
*
- * Requires: MBEDTLS_ECJPAKE_C
+ * Requires: MBEDTLS_ECJPAKE_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_JPAKE)
* SHA-256 (via MBEDTLS_SHA256_C or a PSA driver)
* MBEDTLS_ECP_DP_SECP256R1_ENABLED
*
@@ -1221,18 +1230,6 @@
*/
//#define MBEDTLS_PSA_CRYPTO_CLIENT
-/** \def MBEDTLS_PSA_CRYPTO_DRIVERS
- *
- * Enable support for the experimental PSA crypto driver interface.
- *
- * Requires: MBEDTLS_PSA_CRYPTO_C
- *
- * \warning This interface is experimental. We intend to maintain backward
- * compatibility with application code that relies on drivers,
- * but the driver interfaces may change without notice.
- */
-//#define MBEDTLS_PSA_CRYPTO_DRIVERS
-
/** \def MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
*
* Make the PSA Crypto module use an external random generator provided
@@ -1645,8 +1642,11 @@
*
* Enable TLS 1.3 ephemeral key exchange mode.
*
- * Requires: MBEDTLS_ECDH_C, MBEDTLS_X509_CRT_PARSE_C, MBEDTLS_ECDSA_C or
- * MBEDTLS_PKCS1_V21
+ * Requires: PSA_WANT_ALG_ECDH
+ * MBEDTLS_X509_CRT_PARSE_C
+ * and at least one of:
+ * MBEDTLS_ECDSA_C or (MBEDTLS_USE_PSA_CRYPTO and PSA_WANT_ALG_ECDSA)
+ * MBEDTLS_PKCS1_V21
*
* Comment to disable support for the ephemeral key exchange mode in TLS 1.3.
* If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not have any
@@ -1660,7 +1660,7 @@
*
* Enable TLS 1.3 PSK ephemeral key exchange mode.
*
- * Requires: MBEDTLS_ECDH_C
+ * Requires: PSA_WANT_ALG_ECDH
*
* Comment to disable support for the PSK ephemeral key exchange mode in
* TLS 1.3. If MBEDTLS_SSL_PROTO_TLS1_3 is not enabled, this option does not
@@ -1933,9 +1933,12 @@
* \warning If you enable this option, you need to call `psa_crypto_init()`
* before calling any function from the SSL/TLS, X.509 or PK modules.
*
- * \note Even with this option disabled, some code in PK, X.509, TLS or the
- * crypto library might still use PSA drivers, if it can determine it's safe
- * to do so.
+ * \note An important and desirable effect of this option is that it allows
+ * PK, X.509 and TLS to take advantage of PSA drivers. For example, enabling
+ * this option is what allows use of drivers for ECDSA, ECDH and EC J-PAKE in
+ * those modules. However, note that even with this option disabled, some code
+ * in PK, X.509, TLS or the crypto library might still use PSA drivers, if it
+ * can determine it's safe to do so; currently that's the case for hashes.
*
* \note See docs/use-psa-crypto.md for a complete description this option.
*
@@ -2967,8 +2970,8 @@
* Enable dynamic secure element support in the Platform Security Architecture
* cryptography API.
*
- * \deprecated This feature is deprecated. Please switch to the driver
- * interface enabled by #MBEDTLS_PSA_CRYPTO_DRIVERS.
+ * \deprecated This feature is deprecated. Please switch to the PSA driver
+ * interface.
*
* Module: library/psa_crypto_se.c
*
@@ -3661,6 +3664,8 @@
//#define MBEDTLS_PLATFORM_VSNPRINTF_MACRO vsnprintf /**< Default vsnprintf macro to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_platform_std_nv_seed_read /**< Default nv_seed_read function to use, can be undefined */
//#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_platform_std_nv_seed_write /**< Default nv_seed_write function to use, can be undefined */
+//#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t //#define MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO int64_t /**< Default milliseconds time macro to use, can be undefined. MBEDTLS_HAVE_TIME must be enabled. It must be signed, and at least 64 bits. If it is changed from the default, MBEDTLS_PRINTF_MS_TIME must be updated to match.*/
+//#define MBEDTLS_PRINTF_MS_TIME PRId64 /**< Default fmt for printf. That's avoid compiler warning if mbedtls_ms_time_t is redefined */
/** \def MBEDTLS_CHECK_RETURN
*
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 3de7a8f..5d2cf34 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -197,6 +197,11 @@
#define MBEDTLS_PK_CAN_ECDSA_SOME
#endif
+#if (defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_ECDH)) || \
+ (!defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C))
+#define MBEDTLS_PK_CAN_ECDH
+#endif
+
/**
* \brief Types for interfacing with the debug module
*/
diff --git a/include/mbedtls/platform_time.h b/include/mbedtls/platform_time.h
index eae6f5f..c7973d9 100644
--- a/include/mbedtls/platform_time.h
+++ b/include/mbedtls/platform_time.h
@@ -39,6 +39,29 @@
typedef time_t mbedtls_time_t;
#endif /* MBEDTLS_PLATFORM_TIME_TYPE_MACRO */
+#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO)
+typedef MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO mbedtls_ms_time_t;
+#else
+#include <stdint.h>
+#include <inttypes.h>
+typedef int64_t mbedtls_ms_time_t;
+#endif /* MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO */
+
+/**
+ * \brief Get time in milliseconds.
+ *
+ * \return Monotonically-increasing current time in milliseconds.
+ *
+ * \note Define MBEDTLS_PLATFORM_MS_TIME_ALT to be able to provide an
+ * alternative implementation
+ *
+ * \warning This function returns a monotonically-increasing time value from a
+ * start time that will differ from platform to platform, and possibly
+ * from run to run of the process.
+ *
+ */
+mbedtls_ms_time_t mbedtls_ms_time(void);
+
/*
* The function pointers for time
*/
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index e011b1a..7d526a7 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -40,11 +40,7 @@
#include "mbedtls/dhm.h"
#endif
-/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
- * to guards in TLS code. There is a gap in functionality that access to
- * ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not seem correct.
- */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_ECDH_C)
#include "mbedtls/ecdh.h"
#endif
diff --git a/include/mbedtls/timing.h b/include/mbedtls/timing.h
index 2d4a19c..830dcee 100644
--- a/include/mbedtls/timing.h
+++ b/include/mbedtls/timing.h
@@ -39,7 +39,7 @@
* \brief timer structure
*/
struct mbedtls_timing_hr_time {
- unsigned char MBEDTLS_PRIVATE(opaque)[32];
+ uint64_t MBEDTLS_PRIVATE(opaque)[4];
};
/**
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index bd1947e..8dfd1f3 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -294,7 +294,8 @@
int type; /**< The SAN type, value of MBEDTLS_X509_SAN_XXX. */
union {
mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
- mbedtls_x509_buf unstructured_name; /**< The buffer for the unconstructed types. Only rfc822Name, dnsName and uniformResourceIdentifier are currently supported */
+ mbedtls_x509_name directory_name;
+ mbedtls_x509_buf unstructured_name; /**< The buffer for the unstructured types. rfc822Name, dnsName and uniformResourceIdentifier are currently supported. */
}
san; /**< A union of the supported SAN types */
}
@@ -378,7 +379,10 @@
/**
* \brief This function parses an item in the SubjectAlternativeNames
- * extension.
+ * extension. Please note that this function might allocate
+ * additional memory for a subject alternative name, thus
+ * mbedtls_x509_free_subject_alt_name has to be called
+ * to dispose of this additional memory afterwards.
*
* \param san_buf The buffer holding the raw data item of the subject
* alternative name.
@@ -406,6 +410,12 @@
*/
int mbedtls_x509_parse_subject_alt_name(const mbedtls_x509_buf *san_buf,
mbedtls_x509_subject_alternative_name *san);
+/**
+ * \brief Unallocate all data related to subject alternative name
+ *
+ * \param san SAN structure - extra memory owned by this structure will be freed
+ */
+void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san);
/** \} addtogroup x509_module */
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index d739237..6c86a66 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -75,7 +75,7 @@
mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */
- mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName, uniformResourceIdentifier and OtherName are listed). */
+ mbedtls_x509_sequence subject_alt_names; /**< Optional list of raw entries of Subject Alternative Names extension (currently only dNSName, uniformResourceIdentifier, DirectoryName and OtherName are listed). */
mbedtls_x509_sequence certificate_policies; /**< Optional list of certificate policies (Only anyPolicy is printed and enforced, however the rest of the policies are still listed). */
diff --git a/include/psa/build_info.h b/include/psa/build_info.h
new file mode 100644
index 0000000..34a138d
--- /dev/null
+++ b/include/psa/build_info.h
@@ -0,0 +1,32 @@
+/**
+ * \file psa/build_info.h
+ *
+ * \brief Build-time PSA configuration info
+ *
+ * Include this file if you need to depend on the
+ * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE
+ * in PSA cryptography core specific files.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_BUILD_INFO_H
+#define PSA_CRYPTO_BUILD_INFO_H
+
+#include "mbedtls/build_info.h"
+
+#endif /* PSA_CRYPTO_BUILD_INFO_H */
diff --git a/include/psa/crypto_builtin_composites.h b/include/psa/crypto_builtin_composites.h
index 932c503..c280360 100644
--- a/include/psa/crypto_builtin_composites.h
+++ b/include/psa/crypto_builtin_composites.h
@@ -7,10 +7,10 @@
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
- * \note This header and its content is not part of the Mbed TLS API and
+ * \note This header and its content are not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the Mbed TLS software-based PSA drivers. The
- * definition of these objects are then used by crypto_struct.h to define the
+ * definitions of these objects are then used by crypto_struct.h to define the
* implementation-defined types of PSA multi-part state objects.
*/
/*
@@ -36,6 +36,11 @@
#include <psa/crypto_driver_common.h>
+#include "mbedtls/cmac.h"
+#include "mbedtls/gcm.h"
+#include "mbedtls/ccm.h"
+#include "mbedtls/chachapoly.h"
+
/*
* MAC multi-part operation definitions.
*/
@@ -57,8 +62,6 @@
#define MBEDTLS_PSA_HMAC_OPERATION_INIT { 0, PSA_HASH_OPERATION_INIT, { 0 } }
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC */
-#include "mbedtls/cmac.h"
-
typedef struct {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
union {
diff --git a/include/psa/crypto_builtin_key_derivation.h b/include/psa/crypto_builtin_key_derivation.h
new file mode 100644
index 0000000..1913a9b
--- /dev/null
+++ b/include/psa/crypto_builtin_key_derivation.h
@@ -0,0 +1,109 @@
+/*
+ * Context structure declaration of the Mbed TLS software-based PSA drivers
+ * called through the PSA Crypto driver dispatch layer.
+ * This file contains the context structures of key derivation algorithms
+ * which need to rely on other algorithms.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content are not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the Mbed TLS software-based PSA drivers. The
+ * definitions of these objects are then used by crypto_struct.h to define the
+ * implementation-defined types of PSA multi-part state objects.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
+#define PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H
+#include "mbedtls/private_access.h"
+
+#include <psa/crypto_driver_common.h>
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
+typedef struct {
+ uint8_t *MBEDTLS_PRIVATE(info);
+ size_t MBEDTLS_PRIVATE(info_length);
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+ uint8_t MBEDTLS_PRIVATE(offset_in_block);
+ uint8_t MBEDTLS_PRIVATE(block_number);
+ unsigned int MBEDTLS_PRIVATE(state) : 2;
+ unsigned int MBEDTLS_PRIVATE(info_set) : 1;
+ uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
+ uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE];
+ struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac);
+} psa_hkdf_key_derivation_t;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
+ MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
+ MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
+typedef struct {
+ uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
+} psa_tls12_ecjpake_to_pms_t;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
+
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+typedef enum {
+ PSA_TLS12_PRF_STATE_INIT, /* no input provided */
+ PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
+ PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
+ PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
+ PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
+ PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
+} psa_tls12_prf_key_derivation_state_t;
+
+typedef struct psa_tls12_prf_key_derivation_s {
+#if PSA_HASH_MAX_SIZE > 0xff
+#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
+#endif
+
+ /* Indicates how many bytes in the current HMAC block have
+ * not yet been read by the user. */
+ uint8_t MBEDTLS_PRIVATE(left_in_block);
+
+ /* The 1-based number of the block. */
+ uint8_t MBEDTLS_PRIVATE(block_number);
+
+ psa_tls12_prf_key_derivation_state_t MBEDTLS_PRIVATE(state);
+
+ uint8_t *MBEDTLS_PRIVATE(secret);
+ size_t MBEDTLS_PRIVATE(secret_length);
+ uint8_t *MBEDTLS_PRIVATE(seed);
+ size_t MBEDTLS_PRIVATE(seed_length);
+ uint8_t *MBEDTLS_PRIVATE(label);
+ size_t MBEDTLS_PRIVATE(label_length);
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+ uint8_t *MBEDTLS_PRIVATE(other_secret);
+ size_t MBEDTLS_PRIVATE(other_secret_length);
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+ uint8_t MBEDTLS_PRIVATE(Ai)[PSA_HASH_MAX_SIZE];
+
+ /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */
+ uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
+} psa_tls12_prf_key_derivation_t;
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
+ * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+
+#endif /* PSA_CRYPTO_BUILTIN_KEY_DERIVATION_H */
diff --git a/include/psa/crypto_builtin_primitives.h b/include/psa/crypto_builtin_primitives.h
index c76bc78..f3e438d 100644
--- a/include/psa/crypto_builtin_primitives.h
+++ b/include/psa/crypto_builtin_primitives.h
@@ -7,10 +7,10 @@
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
- * \note This header and its content is not part of the Mbed TLS API and
+ * \note This header and its content are not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the Mbed TLS software-based PSA drivers. The
- * definition of these objects are then used by crypto_struct.h to define the
+ * definitions of these objects are then used by crypto_struct.h to define the
* implementation-defined types of PSA multi-part state objects.
*/
/*
diff --git a/include/psa/crypto_driver_contexts_composites.h b/include/psa/crypto_driver_contexts_composites.h
index 6c56a51..068a193 100644
--- a/include/psa/crypto_driver_contexts_composites.h
+++ b/include/psa/crypto_driver_contexts_composites.h
@@ -9,10 +9,10 @@
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
- * \note This header and its content is not part of the Mbed TLS API and
+ * \note This header and its content are not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the PSA drivers included in the cryptographic
- * library. The definition of these objects are then used by crypto_struct.h
+ * library. The definitions of these objects are then used by crypto_struct.h
* to define the implementation-defined types of PSA multi-part state objects.
*/
/* Copyright The Mbed TLS Contributors
diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/include/psa/crypto_driver_contexts_key_derivation.h
new file mode 100644
index 0000000..39754cc
--- /dev/null
+++ b/include/psa/crypto_driver_contexts_key_derivation.h
@@ -0,0 +1,61 @@
+/*
+ * Declaration of context structures for use with the PSA driver wrapper
+ * interface. This file contains the context structures for key derivation
+ * operations.
+ *
+ * Warning: This file will be auto-generated in the future.
+ *
+ * \note This file may not be included directly. Applications must
+ * include psa/crypto.h.
+ *
+ * \note This header and its content are not part of the Mbed TLS API and
+ * applications must not depend on it. Its main purpose is to define the
+ * multi-part state objects of the PSA drivers included in the cryptographic
+ * library. The definitions of these objects are then used by crypto_struct.h
+ * to define the implementation-defined types of PSA multi-part state objects.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H
+#define PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H
+
+#include "psa/crypto_driver_common.h"
+
+/* Include the context structure definitions for the Mbed TLS software drivers */
+#include "psa/crypto_builtin_key_derivation.h"
+
+/* Include the context structure definitions for those drivers that were
+ * declared during the autogeneration process. */
+
+typedef union {
+ unsigned dummy; /* Make sure this union is always non-empty */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
+ psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf);
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
+ defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
+ psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf);
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
+ psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms);
+#endif
+} psa_driver_key_derivation_context_t;
+
+#endif /* PSA_CRYPTO_DRIVER_CONTEXTS_KEY_DERIVATION_H */
+/* End of automatically generated file. */
diff --git a/include/psa/crypto_driver_contexts_primitives.h b/include/psa/crypto_driver_contexts_primitives.h
index 620a4b3..7f81f62 100644
--- a/include/psa/crypto_driver_contexts_primitives.h
+++ b/include/psa/crypto_driver_contexts_primitives.h
@@ -8,10 +8,10 @@
* \note This file may not be included directly. Applications must
* include psa/crypto.h.
*
- * \note This header and its content is not part of the Mbed TLS API and
+ * \note This header and its content are not part of the Mbed TLS API and
* applications must not depend on it. Its main purpose is to define the
* multi-part state objects of the PSA drivers included in the cryptographic
- * library. The definition of these objects are then used by crypto_struct.h
+ * library. The definitions of these objects are then used by crypto_struct.h
* to define the implementation-defined types of PSA multi-part state objects.
*/
/* Copyright The Mbed TLS Contributors
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 4920508..7ff90eb 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -29,8 +29,6 @@
#define PSA_CRYPTO_EXTRA_H
#include "mbedtls/private_access.h"
-#include "mbedtls/platform_util.h"
-
#include "crypto_types.h"
#include "crypto_compat.h"
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index e8d241b..ee41c89 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -34,13 +34,14 @@
#define PSA_CRYPTO_PLATFORM_H
#include "mbedtls/private_access.h"
-/* Include the Mbed TLS configuration file, the way Mbed TLS does it
- * in each of its header files. */
-#include "mbedtls/build_info.h"
-
-/* Translate between classic MBEDTLS_xxx feature symbols and PSA_xxx
- * feature symbols. */
-#include "mbedtls/config_psa.h"
+/*
+ * Include the build-time configuration information file. Here, we do not
+ * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
+ * is basically just an alias to it. This is to ease the maintenance of the
+ * PSA cryptography repository which has a different build system and
+ * configuration.
+ */
+#include "psa/build_info.h"
/* PSA requires several types which C99 provides in stdint.h. */
#include <stdint.h>
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index 3d6bb2c..37f7205 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -40,9 +40,14 @@
#ifndef PSA_CRYPTO_SIZES_H
#define PSA_CRYPTO_SIZES_H
-/* Include the Mbed TLS configuration file, the way Mbed TLS does it
- * in each of its header files. */
-#include "mbedtls/build_info.h"
+/*
+ * Include the build-time configuration information file. Here, we do not
+ * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
+ * is basically just an alias to it. This is to ease the maintenance of the
+ * PSA cryptography repository which has a different build system and
+ * configuration.
+ */
+#include "psa/build_info.h"
#define PSA_BITS_TO_BYTES(bits) (((bits) + 7) / 8)
#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8)
@@ -192,31 +197,31 @@
/* The maximum size of an ECC key on this implementation, in bits.
* This is a vendor-specific macro. */
-#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
+#if defined(PSA_WANT_ECC_SECP_R1_521)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 521
-#elif defined(MBEDTLS_ECP_DP_BP512R1_ENABLED)
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_512)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 512
-#elif defined(MBEDTLS_ECP_DP_CURVE448_ENABLED)
+#elif defined(PSA_WANT_ECC_MONTGOMERY_448)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 448
-#elif defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_R1_384)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
-#elif defined(MBEDTLS_ECP_DP_BP384R1_ENABLED)
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_384)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 384
-#elif defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_R1_256)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_K1_256)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_BP256R1_ENABLED)
+#elif defined(PSA_WANT_ECC_BRAINPOOL_P_R1_256)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 256
-#elif defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED)
+#elif defined(PSA_WANT_ECC_MONTGOMERY_255)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 255
-#elif defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_R1_224)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
-#elif defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_K1_224)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 224
-#elif defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_R1_192)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
-#elif defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED)
+#elif defined(PSA_WANT_ECC_SECP_K1_192)
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 192
#else
#define PSA_VENDOR_ECC_MAX_CURVE_BITS 0
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 934bc17..125a73d 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -70,11 +70,6 @@
* in each of its header files. */
#include "mbedtls/build_info.h"
-#include "mbedtls/cmac.h"
-#include "mbedtls/gcm.h"
-#include "mbedtls/ccm.h"
-#include "mbedtls/chachapoly.h"
-
/* Include the context definition for the compiled-in drivers for the primitive
* algorithms. */
#include "psa/crypto_driver_contexts_primitives.h"
@@ -177,96 +172,15 @@
return v;
}
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
-typedef struct {
- uint8_t *MBEDTLS_PRIVATE(info);
- size_t MBEDTLS_PRIVATE(info_length);
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
- uint8_t MBEDTLS_PRIVATE(offset_in_block);
- uint8_t MBEDTLS_PRIVATE(block_number);
- unsigned int MBEDTLS_PRIVATE(state) : 2;
- unsigned int MBEDTLS_PRIVATE(info_set) : 1;
- uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
- uint8_t MBEDTLS_PRIVATE(prk)[PSA_HASH_MAX_SIZE];
- struct psa_mac_operation_s MBEDTLS_PRIVATE(hmac);
-} psa_hkdf_key_derivation_t;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF ||
- MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
- MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
-typedef struct {
- uint8_t MBEDTLS_PRIVATE(data)[PSA_TLS12_ECJPAKE_TO_PMS_DATA_SIZE];
-} psa_tls12_ecjpake_to_pms_t;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
-typedef enum {
- PSA_TLS12_PRF_STATE_INIT, /* no input provided */
- PSA_TLS12_PRF_STATE_SEED_SET, /* seed has been set */
- PSA_TLS12_PRF_STATE_OTHER_KEY_SET, /* other key has been set - optional */
- PSA_TLS12_PRF_STATE_KEY_SET, /* key has been set */
- PSA_TLS12_PRF_STATE_LABEL_SET, /* label has been set */
- PSA_TLS12_PRF_STATE_OUTPUT /* output has been started */
-} psa_tls12_prf_key_derivation_state_t;
-
-typedef struct psa_tls12_prf_key_derivation_s {
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
-
- /* Indicates how many bytes in the current HMAC block have
- * not yet been read by the user. */
- uint8_t MBEDTLS_PRIVATE(left_in_block);
-
- /* The 1-based number of the block. */
- uint8_t MBEDTLS_PRIVATE(block_number);
-
- psa_tls12_prf_key_derivation_state_t MBEDTLS_PRIVATE(state);
-
- uint8_t *MBEDTLS_PRIVATE(secret);
- size_t MBEDTLS_PRIVATE(secret_length);
- uint8_t *MBEDTLS_PRIVATE(seed);
- size_t MBEDTLS_PRIVATE(seed_length);
- uint8_t *MBEDTLS_PRIVATE(label);
- size_t MBEDTLS_PRIVATE(label_length);
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
- uint8_t *MBEDTLS_PRIVATE(other_secret);
- size_t MBEDTLS_PRIVATE(other_secret_length);
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
-
- uint8_t MBEDTLS_PRIVATE(Ai)[PSA_HASH_MAX_SIZE];
-
- /* `HMAC_hash( prk, A( i ) + seed )` in the notation of RFC 5246, Sect. 5. */
- uint8_t MBEDTLS_PRIVATE(output_block)[PSA_HASH_MAX_SIZE];
-} psa_tls12_prf_key_derivation_t;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) ||
- * MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
+/* Include the context definition for the compiled-in drivers for the key
+ * derivation algorithms. */
+#include "psa/crypto_driver_contexts_key_derivation.h"
struct psa_key_derivation_s {
psa_algorithm_t MBEDTLS_PRIVATE(alg);
unsigned int MBEDTLS_PRIVATE(can_output_key) : 1;
size_t MBEDTLS_PRIVATE(capacity);
- union {
- /* Make the union non-empty even with no supported algorithms. */
- uint8_t MBEDTLS_PRIVATE(dummy);
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
- psa_hkdf_key_derivation_t MBEDTLS_PRIVATE(hkdf);
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
- psa_tls12_prf_key_derivation_t MBEDTLS_PRIVATE(tls12_prf);
-#endif
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
- psa_tls12_ecjpake_to_pms_t MBEDTLS_PRIVATE(tls12_ecjpake_to_pms);
-#endif
- } MBEDTLS_PRIVATE(ctx);
+ psa_driver_key_derivation_context_t MBEDTLS_PRIVATE(ctx);
};
/* This only zeroes out the first byte in the union, the rest is unspecified. */
diff --git a/library/alignment.h b/library/alignment.h
index a518a8a..4182348 100644
--- a/library/alignment.h
+++ b/library/alignment.h
@@ -27,8 +27,6 @@
#include <string.h>
#include <stdlib.h>
-#include "mbedtls/build_info.h"
-
/*
* Define MBEDTLS_EFFICIENT_UNALIGNED_ACCESS for architectures where unaligned memory
* accesses are known to be efficient.
diff --git a/library/bignum.c b/library/bignum.c
index d3a1b00..2421c1a 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1136,7 +1136,8 @@
MPI_VALIDATE_RET(A != NULL);
MPI_VALIDATE_RET(B != NULL);
- mbedtls_mpi_init(&TA); mbedtls_mpi_init(&TB);
+ mbedtls_mpi_init(&TA);
+ mbedtls_mpi_init(&TB);
if (X == A) {
MBEDTLS_MPI_CHK(mbedtls_mpi_copy(&TA, A)); A = &TA;
@@ -1166,13 +1167,7 @@
MBEDTLS_MPI_CHK(mbedtls_mpi_grow(X, i + j));
MBEDTLS_MPI_CHK(mbedtls_mpi_lset(X, 0));
- for (size_t k = 0; k < j; k++) {
- /* We know that there cannot be any carry-out since we're
- * iterating from bottom to top. */
- (void) mbedtls_mpi_core_mla(X->p + k, i + 1,
- A->p, i,
- B->p[k]);
- }
+ mbedtls_mpi_core_mul(X->p, A->p, i, B->p, j);
/* If the result is 0, we don't shortcut the operation, which reduces
* but does not eliminate side channels leaking the zero-ness. We do
diff --git a/library/bignum_core.c b/library/bignum_core.c
index e50f043..c6d92fb 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -448,6 +448,17 @@
return c;
}
+void mbedtls_mpi_core_mul(mbedtls_mpi_uint *X,
+ const mbedtls_mpi_uint *A, size_t A_limbs,
+ const mbedtls_mpi_uint *B, size_t B_limbs)
+{
+ memset(X, 0, (A_limbs + B_limbs) * ciL);
+
+ for (size_t i = 0; i < B_limbs; i++) {
+ (void) mbedtls_mpi_core_mla(X + i, A_limbs + 1, A, A_limbs, B[i]);
+ }
+}
+
/*
* Fast Montgomery initialization (thanks to Tom St Denis).
*/
@@ -629,8 +640,6 @@
return ret;
}
-/* BEGIN MERGE SLOT 1 */
-
static size_t exp_mod_get_window_size(size_t Ebits)
{
size_t wsize = (Ebits > 671) ? 6 : (Ebits > 239) ? 5 :
@@ -780,14 +789,6 @@
} while (!(E_bit_index == 0 && E_limb_index == 0));
}
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
mbedtls_mpi_uint mbedtls_mpi_core_sub_int(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A,
mbedtls_mpi_uint c, /* doubles as carry */
@@ -838,34 +839,4 @@
mbedtls_mpi_core_montmul(X, A, &Rinv, 1, N, AN_limbs, mm, T);
}
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
-
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
-
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
-
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
-
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/bignum_core.h b/library/bignum_core.h
index 05bc923..b3d05a3 100644
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@@ -399,6 +399,26 @@
mbedtls_mpi_uint b);
/**
+ * \brief Perform a known-size multiplication
+ *
+ * \p X may not be aliased to any of the inputs for this function.
+ * \p A may be aliased to \p B.
+ *
+ * \param[out] X The pointer to the (little-endian) array to receive
+ * the product of \p A_limbs and \p B_limbs.
+ * This must be of length \p A_limbs + \p B_limbs.
+ * \param[in] A The pointer to the (little-endian) array
+ * representing the first factor.
+ * \param A_limbs The number of limbs in \p A.
+ * \param[in] B The pointer to the (little-endian) array
+ * representing the second factor.
+ * \param B_limbs The number of limbs in \p B.
+ */
+void mbedtls_mpi_core_mul(mbedtls_mpi_uint *X,
+ const mbedtls_mpi_uint *A, size_t A_limbs,
+ const mbedtls_mpi_uint *B, size_t B_limbs);
+
+/**
* \brief Calculate initialisation value for fast Montgomery modular
* multiplication
*
@@ -549,8 +569,6 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
-/* BEGIN MERGE SLOT 1 */
-
/**
* \brief Returns the number of limbs of working memory required for
* a call to `mbedtls_mpi_core_exp_mod()`.
@@ -604,14 +622,6 @@
const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T);
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
/**
* \brief Subtract unsigned integer from known-size large unsigned integers.
* Return the borrow.
@@ -734,34 +744,4 @@
mbedtls_mpi_uint mm,
mbedtls_mpi_uint *T);
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
-
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
-
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
-
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
-
#endif /* MBEDTLS_BIGNUM_CORE_H */
diff --git a/library/bignum_mod.c b/library/bignum_mod.c
index e986865..d4b24de 100644
--- a/library/bignum_mod.c
+++ b/library/bignum_mod.c
@@ -171,12 +171,6 @@
return ret;
}
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
int mbedtls_mpi_mod_mul(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B,
@@ -202,9 +196,6 @@
return 0;
}
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
int mbedtls_mpi_mod_sub(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B,
@@ -309,13 +300,7 @@
return ret;
}
-/* END MERGE SLOT 3 */
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
int mbedtls_mpi_mod_add(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B,
@@ -329,9 +314,6 @@
return 0;
}
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
int mbedtls_mpi_mod_random(mbedtls_mpi_mod_residue *X,
mbedtls_mpi_uint min,
@@ -345,9 +327,6 @@
return mbedtls_mpi_mod_raw_random(X->p, min, N, f_rng, p_rng);
}
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_read(mbedtls_mpi_mod_residue *r,
const mbedtls_mpi_mod_modulus *N,
const unsigned char *buf,
@@ -417,18 +396,5 @@
return ret;
}
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/bignum_mod.h b/library/bignum_mod.h
index d4c1d5d..db177ed 100644
--- a/library/bignum_mod.h
+++ b/library/bignum_mod.h
@@ -220,12 +220,6 @@
*/
void mbedtls_mpi_mod_modulus_free(mbedtls_mpi_mod_modulus *N);
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
/** \brief Multiply two residues, returning the residue modulo the specified
* modulus.
*
@@ -260,9 +254,6 @@
const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N);
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
/**
* \brief Perform a fixed-size modular subtraction.
*
@@ -321,13 +312,6 @@
int mbedtls_mpi_mod_inv(mbedtls_mpi_mod_residue *X,
const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_modulus *N);
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
/**
* \brief Perform a fixed-size modular addition.
*
@@ -358,9 +342,6 @@
const mbedtls_mpi_mod_residue *A,
const mbedtls_mpi_mod_residue *B,
const mbedtls_mpi_mod_modulus *N);
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
/** Generate a random number uniformly in a range.
*
@@ -395,9 +376,6 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
/** Read a residue from a byte buffer.
*
* The residue will be automatically converted to the internal representation
@@ -464,18 +442,5 @@
unsigned char *buf,
size_t buflen,
mbedtls_mpi_mod_ext_rep ext_rep);
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
#endif /* MBEDTLS_BIGNUM_MOD_H */
diff --git a/library/bignum_mod_raw.c b/library/bignum_mod_raw.c
index bf0cb25..7919211 100644
--- a/library/bignum_mod_raw.c
+++ b/library/bignum_mod_raw.c
@@ -104,12 +104,6 @@
}
}
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
void mbedtls_mpi_mod_raw_sub(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B,
@@ -143,10 +137,6 @@
N->rep.mont.mm, T);
}
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
size_t mbedtls_mpi_mod_raw_inv_prime_working_limbs(size_t AN_limbs)
{
/* mbedtls_mpi_mod_raw_inv_prime() needs a temporary for the exponent,
@@ -178,13 +168,6 @@
RR, T + AN_limbs);
}
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
void mbedtls_mpi_mod_raw_add(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B,
@@ -195,9 +178,6 @@
borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs);
(void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) (carry ^ borrow));
}
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
int mbedtls_mpi_mod_raw_canonical_to_modulus_rep(
mbedtls_mpi_uint *X,
@@ -240,9 +220,6 @@
return mbedtls_mpi_mod_raw_canonical_to_modulus_rep(X, N);
}
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
int mbedtls_mpi_mod_raw_to_mont_rep(mbedtls_mpi_uint *X,
const mbedtls_mpi_mod_modulus *N)
{
@@ -289,18 +266,5 @@
mbedtls_mpi_uint borrow = mbedtls_mpi_core_sub(X, X, N->p, N->limbs);
(void) mbedtls_mpi_core_add_if(X, N->p, N->limbs, (unsigned) borrow);
}
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
#endif /* MBEDTLS_BIGNUM_C */
diff --git a/library/bignum_mod_raw.h b/library/bignum_mod_raw.h
index a32500f..c5ff937 100644
--- a/library/bignum_mod_raw.h
+++ b/library/bignum_mod_raw.h
@@ -187,12 +187,6 @@
size_t output_length,
mbedtls_mpi_mod_ext_rep ext_rep);
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
/** \brief Subtract two MPIs, returning the residue modulo the specified
* modulus.
*
@@ -250,10 +244,6 @@
const mbedtls_mpi_mod_modulus *N,
mbedtls_mpi_uint *T);
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
/**
* \brief Returns the number of limbs of working memory required for
* a call to `mbedtls_mpi_mod_raw_inv_prime()`.
@@ -303,13 +293,6 @@
const mbedtls_mpi_uint *RR,
mbedtls_mpi_uint *T);
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
/**
* \brief Perform a known-size modular addition.
*
@@ -332,9 +315,6 @@
const mbedtls_mpi_uint *A,
const mbedtls_mpi_uint *B,
const mbedtls_mpi_mod_modulus *N);
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
/** Convert an MPI from canonical representation (little-endian limb array)
* to the representation associated with the modulus.
@@ -404,9 +384,6 @@
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng);
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
/** Convert an MPI into Montgomery form.
*
* \param X The address of the MPI.
@@ -447,18 +424,5 @@
void mbedtls_mpi_mod_raw_neg(mbedtls_mpi_uint *X,
const mbedtls_mpi_uint *A,
const mbedtls_mpi_mod_modulus *N);
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
#endif /* MBEDTLS_BIGNUM_MOD_RAW_H */
diff --git a/library/ecp_curves.c b/library/ecp_curves.c
index 14c390c..30ae79e 100644
--- a/library/ecp_curves.c
+++ b/library/ecp_curves.c
@@ -5309,39 +5309,6 @@
MBEDTLS_ECP_DP_SECP256R1_ENABLED ||
MBEDTLS_ECP_DP_SECP384R1_ENABLED */
-#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C)
-MBEDTLS_STATIC_TESTABLE
-void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits)
-{
- size_t i;
-
- /* Set N := 2^bits - 1 - N. We know that 0 <= N < 2^bits, so
- * set the absolute value to 0xfff...fff - N. There is no carry
- * since we're subtracting from all-bits-one. */
- for (i = 0; i <= bits / 8 / sizeof(mbedtls_mpi_uint); i++) {
- N->p[i] = ~(mbedtls_mpi_uint) 0 - N->p[i];
- }
- /* Add 1, taking care of the carry. */
- i = 0;
- do {
- ++N->p[i];
- } while (N->p[i++] == 0 && i <= bits / 8 / sizeof(mbedtls_mpi_uint));
- /* Invert the sign.
- * Now N = N0 - 2^bits where N0 is the initial value of N. */
- N->s = -1;
-
- /* Add |c| * 2^bits to the absolute value. Since c and N are
- * negative, this adds c * 2^bits. */
- mbedtls_mpi_uint msw = (mbedtls_mpi_uint) -c;
-#if defined(MBEDTLS_HAVE_INT64)
- if (bits == 224) {
- msw <<= 32;
- }
-#endif
- N->p[bits / 8 / sizeof(mbedtls_mpi_uint)] += msw;
-}
-#endif /* MBEDTLS_TEST_HOOKS & MBEDTLS_ECP_C */
-
#if defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED)
/* Size of p521 in terms of mbedtls_mpi_uint */
#define P521_WIDTH (521 / 8 / sizeof(mbedtls_mpi_uint) + 1)
diff --git a/library/ecp_invasive.h b/library/ecp_invasive.h
index 05522b6..8b8ac8a 100644
--- a/library/ecp_invasive.h
+++ b/library/ecp_invasive.h
@@ -33,19 +33,6 @@
#if defined(MBEDTLS_TEST_HOOKS) && defined(MBEDTLS_ECP_C)
-#if defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-/* Preconditions:
- * - bits is a multiple of 64 or is 224
- * - c is -1 or -2
- * - 0 <= N < 2^bits
- * - N has room for bits plus one limb
- *
- * Behavior:
- * Set N to c * 2^bits + old_value_of_N.
- */
-void mbedtls_ecp_fix_negative(mbedtls_mpi *N, signed char c, size_t bits);
-#endif
-
#if defined(MBEDTLS_ECP_MONTGOMERY_ENABLED)
/** Generate a private key on a Montgomery curve (Curve25519 or Curve448).
*
diff --git a/library/platform_util.c b/library/platform_util.c
index f891cd4..e903f8e 100644
--- a/library/platform_util.c
+++ b/library/platform_util.c
@@ -219,3 +219,45 @@
extern inline uint64_t mbedtls_get_unaligned_uint64(const void *p);
extern inline void mbedtls_put_unaligned_uint64(void *p, uint64_t x);
+
+#if defined(MBEDTLS_HAVE_TIME) && !defined(MBEDTLS_PLATFORM_MS_TIME_ALT)
+
+#include <time.h>
+#if !defined(_WIN32) && \
+ (defined(unix) || defined(__unix) || defined(__unix__) || \
+ (defined(__APPLE__) && defined(__MACH__)))
+#include <unistd.h>
+#endif /* !_WIN32 && (unix || __unix || __unix__ || (__APPLE__ && __MACH__)) */
+#if (defined(_POSIX_VERSION) && _POSIX_VERSION >= 199309L)
+mbedtls_ms_time_t mbedtls_ms_time(void)
+{
+ int ret;
+ struct timespec tv;
+ mbedtls_ms_time_t current_ms;
+
+ ret = clock_gettime(CLOCK_MONOTONIC, &tv);
+ if (ret) {
+ return time(NULL) * 1000;
+ }
+
+ current_ms = tv.tv_sec;
+
+ return current_ms*1000 + tv.tv_nsec / 1000000;
+}
+#elif defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \
+ defined(__MINGW32__) || defined(_WIN64)
+#include <windows.h>
+mbedtls_ms_time_t mbedtls_ms_time(void)
+{
+ FILETIME ct;
+ mbedtls_ms_time_t current_ms;
+
+ GetSystemTimeAsFileTime(&ct);
+ current_ms = ((mbedtls_ms_time_t) ct.dwLowDateTime +
+ ((mbedtls_ms_time_t) (ct.dwHighDateTime) << 32LL))/10000;
+ return current_ms;
+}
+#else
+#error "No mbedtls_ms_time available"
+#endif
+#endif /* MBEDTLS_HAVE_TIME && !MBEDTLS_PLATFORM_MS_TIME_ALT */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index bc19ed0..9cccf53 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -19,6 +19,7 @@
*/
#include "common.h"
+#include "psa_crypto_core_common.h"
#if defined(MBEDTLS_PSA_CRYPTO_C)
@@ -377,11 +378,7 @@
/* Key management */
/****************************************************************/
-#if defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) || \
- defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) || \
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH)
+#if defined(MBEDTLS_ECP_C)
mbedtls_ecp_group_id mbedtls_ecc_group_of_psa(psa_ecc_family_t curve,
size_t bits,
int bits_is_sloppy)
@@ -473,11 +470,7 @@
(void) bits_is_sloppy;
return MBEDTLS_ECP_DP_NONE;
}
-#endif /* defined(PSA_WANT_KEY_TYPE_ECC_KEY_PAIR) ||
- defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) ||
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) ||
- defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) ||
- defined(MBEDTLS_PSA_BUILTIN_ALG_ECDH) */
+#endif /* defined(MBEDTLS_ECP_C) */
psa_status_t psa_validate_unstructured_key_bit_size(psa_key_type_t type,
size_t bits)
@@ -4234,7 +4227,7 @@
status = psa_driver_wrapper_cipher_encrypt(
&attributes, slot->key.data, slot->key.bytes,
alg, local_iv, default_iv_length, input, input_length,
- mbedtls_buffer_offset(output, default_iv_length),
+ psa_crypto_buffer_offset(output, default_iv_length),
output_size - default_iv_length, output_length);
exit:
diff --git a/library/psa_crypto_core_common.h b/library/psa_crypto_core_common.h
new file mode 100644
index 0000000..dd72ab1
--- /dev/null
+++ b/library/psa_crypto_core_common.h
@@ -0,0 +1,64 @@
+/**
+ * \file psa_crypto_core_common.h
+ *
+ * \brief Utility macros for internal use in the PSA cryptography core.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_CORE_COMMON_H
+#define PSA_CRYPTO_CORE_COMMON_H
+
+/** Return an offset into a buffer.
+ *
+ * This is just the addition of an offset to a pointer, except that this
+ * function also accepts an offset of 0 into a buffer whose pointer is null.
+ * (`p + n` has undefined behavior when `p` is null, even when `n == 0`.
+ * A null pointer is a valid buffer pointer when the size is 0, for example
+ * as the result of `malloc(0)` on some platforms.)
+ *
+ * \param p Pointer to a buffer of at least n bytes.
+ * This may be \p NULL if \p n is zero.
+ * \param n An offset in bytes.
+ * \return Pointer to offset \p n in the buffer \p p.
+ * Note that this is only a valid pointer if the size of the
+ * buffer is at least \p n + 1.
+ */
+static inline unsigned char *psa_crypto_buffer_offset(
+ unsigned char *p, size_t n)
+{
+ return p == NULL ? NULL : p + n;
+}
+
+/** Return an offset into a read-only buffer.
+ *
+ * Similar to mbedtls_buffer_offset(), but for const pointers.
+ *
+ * \param p Pointer to a buffer of at least n bytes.
+ * This may be \p NULL if \p n is zero.
+ * \param n An offset in bytes.
+ * \return Pointer to offset \p n in the buffer \p p.
+ * Note that this is only a valid pointer if the size of the
+ * buffer is at least \p n + 1.
+ */
+static inline const unsigned char *psa_crypto_buffer_offset_const(
+ const unsigned char *p, size_t n)
+{
+ return p == NULL ? NULL : p + n;
+}
+
+#endif /* PSA_CRYPTO_CORE_COMMON_H */
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index cb7fa59..a7cb9b5 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -438,14 +438,8 @@
(void) p_drv;
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
/* Key location for external keys gets checked by the wrapper */
return PSA_SUCCESS;
-#else /* MBEDTLS_PSA_CRYPTO_DRIVERS */
- /* No support for external lifetimes at all, or dynamic interface
- * did not find driver for requested lifetime. */
- return PSA_ERROR_INVALID_ARGUMENT;
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
} else {
/* Local/internal keys are always valid */
return PSA_SUCCESS;
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 9dc4021..14a3c7e 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -751,16 +751,9 @@
mbedtls_dhm_context dhm_ctx; /*!< DHM key exchange */
#endif
-/* Adding guard for MBEDTLS_ECDSA_C to ensure no compile errors due
- * to guards in client and server code. There is a gap in functionality that
- * access to ecdh_ctx structure is needed for MBEDTLS_ECDSA_C which does not
- * seem correct.
- */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
-#if !defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_ecdh_context ecdh_ctx; /*!< ECDH key exchange */
-#endif /* !MBEDTLS_USE_PSA_CRYPTO */
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+#endif /* MBEDTLS_ECDH_C && !MBEDTLS_USE_PSA_CRYPTO */
#if defined(PSA_WANT_ALG_ECDH) && \
(defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_SSL_PROTO_TLS1_3))
@@ -787,7 +780,7 @@
#endif
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+#if defined(MBEDTLS_PK_CAN_ECDH) || defined(MBEDTLS_PK_CAN_ECDSA_SOME) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
uint16_t *curves_tls_id; /*!< List of TLS IDs of supported elliptic curves */
#endif
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 890e9a9..d94d829 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -831,11 +831,9 @@
while (list_size > 0) {
if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
p[0] == MBEDTLS_ECP_PF_COMPRESSED) {
-#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C))
+#if !defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C)
ssl->handshake->ecdh_ctx.point_format = p[0];
-#endif /* !MBEDTLS_USE_PSA_CRYPTO &&
- ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */
+#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_ECDH_C */
#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx,
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 631331d..656c40d 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -140,7 +140,7 @@
return 0;
}
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+#if defined(MBEDTLS_PK_CAN_ECDH) || defined(MBEDTLS_PK_CAN_ECDSA_SOME) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
/*
* Function for parsing a supported groups (TLS 1.3) or supported elliptic
@@ -266,11 +266,9 @@
while (list_size > 0) {
if (p[0] == MBEDTLS_ECP_PF_UNCOMPRESSED ||
p[0] == MBEDTLS_ECP_PF_COMPRESSED) {
-#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- (defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C))
+#if !defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_ECDH_C)
ssl->handshake->ecdh_ctx.point_format = p[0];
-#endif /* !MBEDTLS_USE_PSA_CRYPTO &&
- ( MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ) */
+#endif /* !MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_ECDH_C */
#if !defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
mbedtls_ecjpake_set_point_format(&ssl->handshake->ecjpake_ctx,
@@ -286,7 +284,7 @@
return 0;
}
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+#endif /* MBEDTLS_PK_CAN_ECDH || MBEDTLS_PK_CAN_ECDSA_SOME ||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -662,7 +660,7 @@
/*
* Return 0 if the given key uses one of the acceptable curves, -1 otherwise
*/
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_check_key_curve(mbedtls_pk_context *pk,
uint16_t *curves_tls_id)
@@ -681,7 +679,7 @@
return -1;
}
-#endif /* MBEDTLS_ECDSA_C */
+#endif /* MBEDTLS_PK_CAN_ECDSA_SOME */
/*
* Try picking a certificate for this ciphersuite,
@@ -766,7 +764,7 @@
continue;
}
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
if (pk_alg == MBEDTLS_PK_ECDSA &&
ssl_check_key_curve(&cur->cert->pk,
ssl->handshake->curves_tls_id) != 0) {
@@ -830,7 +828,7 @@
#endif
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PK_CAN_ECDH) || defined(MBEDTLS_PK_CAN_ECDSA_SOME)
if (mbedtls_ssl_ciphersuite_uses_ec(suite_info) &&
(ssl->handshake->curves_tls_id == NULL ||
ssl->handshake->curves_tls_id[0] == 0)) {
@@ -1369,7 +1367,7 @@
break;
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+#if defined(MBEDTLS_PK_CAN_ECDH) || defined(MBEDTLS_PK_CAN_ECDSA_SOME) || \
defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
case MBEDTLS_TLS_EXT_SUPPORTED_GROUPS:
MBEDTLS_SSL_DEBUG_MSG(3, ("found supported elliptic curves extension"));
@@ -1389,7 +1387,7 @@
return ret;
}
break;
-#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+#endif /* MBEDTLS_PK_CAN_ECDH || MBEDTLS_PK_CAN_ECDSA_SOME ||
MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
@@ -1499,7 +1497,7 @@
if (!sig_hash_alg_ext_present) {
uint16_t *received_sig_algs = ssl->handshake->received_sig_algs;
const uint16_t default_sig_algs[] = {
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PK_CAN_ECDSA_SOME)
MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA,
MBEDTLS_SSL_HASH_SHA1),
#endif
diff --git a/library/x509.c b/library/x509.c
index 6f88f3f..c9524c9 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -1283,6 +1283,7 @@
return ret;
}
+ mbedtls_x509_free_subject_alt_name(&dummy_san_buf);
/* Allocate and assign next pointer */
if (cur->buf.p != NULL) {
if (cur->next != NULL) {
@@ -1434,6 +1435,29 @@
break;
/*
+ * directoryName
+ */
+ case (MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_X509_SAN_DIRECTORY_NAME):
+ {
+ size_t name_len;
+ unsigned char *p = san_buf->p;
+ memset(san, 0, sizeof(mbedtls_x509_subject_alternative_name));
+ san->type = MBEDTLS_X509_SAN_DIRECTORY_NAME;
+
+ ret = mbedtls_asn1_get_tag(&p, p + san_buf->len, &name_len,
+ MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE);
+
+ if (ret != 0) {
+ return ret;
+ }
+
+ if ((ret = mbedtls_x509_get_name(&p, p + name_len,
+ &san->san.directory_name)) != 0) {
+ return ret;
+ }
+ }
+ break;
+ /*
* Type not supported
*/
default:
@@ -1442,6 +1466,13 @@
return 0;
}
+void mbedtls_x509_free_subject_alt_name(mbedtls_x509_subject_alternative_name *san)
+{
+ if (san->type == MBEDTLS_X509_SAN_DIRECTORY_NAME) {
+ mbedtls_asn1_free_named_data_list_shallow(san->san.directory_name.next);
+ }
+}
+
#if !defined(MBEDTLS_X509_REMOVE_INFO)
int mbedtls_x509_info_subject_alt_name(char **buf, size_t *size,
const mbedtls_x509_sequence
@@ -1554,6 +1585,28 @@
break;
/*
+ * directoryName
+ */
+ case MBEDTLS_X509_SAN_DIRECTORY_NAME:
+ {
+ ret = mbedtls_snprintf(p, n, "\n%s directoryName : ", prefix);
+ if (ret < 0 || (size_t) ret >= n) {
+ mbedtls_x509_free_subject_alt_name(&san);
+ }
+
+ MBEDTLS_X509_SAFE_SNPRINTF;
+ ret = mbedtls_x509_dn_gets(p, n, &san.san.directory_name);
+
+ if (ret < 0) {
+ mbedtls_x509_free_subject_alt_name(&san);
+ return ret;
+ }
+
+ p += ret;
+ n -= ret;
+ }
+ break;
+ /*
* Type not supported, skip item.
*/
default:
@@ -1562,6 +1615,9 @@
break;
}
+ /* So far memory is freed only in the case of directoryName
+ * parsing succeeding, as mbedtls_x509_get_name allocates memory. */
+ mbedtls_x509_free_subject_alt_name(&san);
cur = cur->next;
}
diff --git a/scripts/config.py b/scripts/config.py
index 404a5ef..ac5f77c 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -230,7 +230,7 @@
Exclude alternative implementations of library functions since they require
an implementation of the relevant functions and an xxx_alt.h header.
"""
- if name == 'MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT':
+ if name in ('MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT', 'MBEDTLS_PLATFORM_MS_TIME_ALT'):
# Similar to non-platform xxx_ALT, requires platform_alt.h
return False
return name.startswith('MBEDTLS_PLATFORM_')
diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
index 08da774..32e6bfe 100644
--- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
+++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
@@ -37,7 +37,6 @@
#if defined(MBEDTLS_PSA_CRYPTO_C)
/* BEGIN-driver headers */
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS)
{% for driver in drivers -%}
/* Headers for {{driver.prefix}} {{driver.type}} driver */
{% if driver['mbedtls/h_condition'] is defined -%}
@@ -50,7 +49,6 @@
#endif
{% endif -%}
{% endfor %}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS */
/* END-driver headers */
/* Auto-generated values depending on which drivers are registered.
diff --git a/scripts/mbedtls_dev/bignum_common.py b/scripts/mbedtls_dev/bignum_common.py
index 5319ec6..b942070 100644
--- a/scripts/mbedtls_dev/bignum_common.py
+++ b/scripts/mbedtls_dev/bignum_common.py
@@ -68,7 +68,8 @@
def limbs_mpi(val: int, bits_in_limb: int) -> int:
"""Return the number of limbs required to store value."""
- return (val.bit_length() + bits_in_limb - 1) // bits_in_limb
+ bit_length = max(val.bit_length(), 1)
+ return (bit_length + bits_in_limb - 1) // bits_in_limb
def combination_pairs(values: List[T]) -> List[Tuple[T, T]]:
"""Return all pair combinations from input values."""
@@ -388,43 +389,3 @@
lambda test_object: test_object.is_valid,
chain(test_objects, special_cases)
))
-
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
-
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
-
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
-
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
-
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/scripts/mbedtls_dev/bignum_core.py b/scripts/mbedtls_dev/bignum_core.py
index 24d37cb..5801cae 100644
--- a/scripts/mbedtls_dev/bignum_core.py
+++ b/scripts/mbedtls_dev/bignum_core.py
@@ -230,6 +230,31 @@
yield cur_op.create_test_case()
+class BignumCoreMul(BignumCoreTarget, bignum_common.OperationCommon):
+ """Test cases for bignum core multiplication."""
+ count = 0
+ input_style = "arch_split"
+ symbol = "*"
+ test_function = "mpi_core_mul"
+ test_name = "mbedtls_mpi_core_mul"
+ arity = 2
+ unique_combinations_only = True
+
+ def format_arg(self, val: str) -> str:
+ return val
+
+ def format_result(self, res: int) -> str:
+ res_str = '{:x}'.format(res)
+ a_limbs = bignum_common.limbs_mpi(self.int_a, self.bits_in_limb)
+ b_limbs = bignum_common.limbs_mpi(self.int_b, self.bits_in_limb)
+ hex_digits = bignum_common.hex_digits_for_limb(a_limbs + b_limbs, self.bits_in_limb)
+ return bignum_common.quote_str(self.format_arg(res_str).zfill(hex_digits))
+
+ def result(self) -> List[str]:
+ result = self.int_a * self.int_b
+ return [self.format_result(result)]
+
+
class BignumCoreMontmul(BignumCoreTarget, test_data_generation.BaseTest):
"""Test cases for Montgomery multiplication."""
count = 0
@@ -749,7 +774,6 @@
i += 1
print(generated_inputs)
-# BEGIN MERGE SLOT 1
class BignumCoreExpMod(BignumCoreTarget, bignum_common.ModOperationCommon):
"""Test cases for bignum core exponentiation."""
@@ -771,13 +795,6 @@
# the modulus (see for example exponent blinding)
return bool(self.int_a < self.int_n)
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
-
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
class BignumCoreSubInt(BignumCoreTarget, bignum_common.OperationCommon):
"""Test cases for bignum core sub int."""
@@ -823,33 +840,3 @@
def result(self) -> List[str]:
result = 1 if self.int_a == 0 else 0
return [str(result)]
-
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
-
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
-
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/scripts/mbedtls_dev/bignum_mod.py b/scripts/mbedtls_dev/bignum_mod.py
index a83e136..77c7b1b 100644
--- a/scripts/mbedtls_dev/bignum_mod.py
+++ b/scripts/mbedtls_dev/bignum_mod.py
@@ -25,11 +25,6 @@
"""Target for bignum mod test case generation."""
target_basename = 'test_suite_bignum_mod.generated'
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
class BignumModMul(bignum_common.ModOperationCommon,
BignumModTarget):
@@ -51,9 +46,6 @@
result = (self.int_a * self.int_b) % self.int_n
return [self.format_result(self.to_montgomery(result))]
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
class BignumModSub(bignum_common.ModOperationCommon, BignumModTarget):
"""Test cases for bignum mpi_mod_sub()."""
@@ -105,13 +97,7 @@
# generated cases
return [self.format_result(mont_result), "0"]
-# END MERGE SLOT 3
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
class BignumModAdd(bignum_common.ModOperationCommon, BignumModTarget):
"""Test cases for bignum mpi_mod_add()."""
count = 0
@@ -125,26 +111,3 @@
# To make negative tests easier, append "0" for success to the
# generated cases
return [self.format_result(result), "0"]
-
-
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
-
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/scripts/mbedtls_dev/bignum_mod_raw.py b/scripts/mbedtls_dev/bignum_mod_raw.py
index d197b54..7121f2f 100644
--- a/scripts/mbedtls_dev/bignum_mod_raw.py
+++ b/scripts/mbedtls_dev/bignum_mod_raw.py
@@ -26,11 +26,6 @@
"""Target for bignum mod_raw test case generation."""
target_basename = 'test_suite_bignum_mod_raw.generated'
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
class BignumModRawSub(bignum_common.ModOperationCommon,
BignumModRawTarget):
@@ -101,9 +96,6 @@
result = (self.int_a * self.int_b) % self.int_n
return [self.format_result(self.to_montgomery(result))]
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
class BignumModRawInvPrime(bignum_common.ModOperationCommon,
BignumModRawTarget):
@@ -123,13 +115,6 @@
mont_result = self.to_montgomery(result)
return [self.format_result(mont_result)]
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
class BignumModRawAdd(bignum_common.ModOperationCommon,
BignumModRawTarget):
@@ -144,9 +129,6 @@
result = (self.int_a + self.int_b) % self.int_n
return [self.format_result(result)]
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
class BignumModRawConvertRep(bignum_common.ModOperationCommon,
BignumModRawTarget):
@@ -230,9 +212,6 @@
def result(self) -> List[str]:
return [self.format_result(self.int_a)]
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
class BignumModRawConvertToMont(bignum_common.ModOperationCommon,
BignumModRawTarget):
@@ -272,16 +251,3 @@
def result(self) -> List[str]:
result = (self.int_n - self.int_a) % self.int_n
return [self.format_result(result)]
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/tests/.gitignore b/tests/.gitignore
index b85d66a..40ad061 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -18,6 +18,7 @@
include/test/instrument_record_status.h
src/*.o
+src/test_helpers/*.o
src/drivers/*.o
src/libmbed*
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 7cdbd24..4228f45 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -337,6 +337,21 @@
server5-tricky-ip-san.crt: server5.key
$(OPENSSL) req -x509 -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS Tricky IP SAN" -set_serial 77 -config $(test_ca_config_file) -extensions tricky_ip_san -days 3650 -sha256 -key server5.key -out $@
+
+server5-directoryname.crt.der: server5.key
+ $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions directory_name_san -days 3650 -sha256 -key server5.key -out $@
+
+server5-two-directorynames.crt.der: server5.key
+ $(OPENSSL) req -x509 -outform der -new -subj "/C=UK/O=Mbed TLS/CN=Mbed TLS directoryName SAN" -set_serial 77 -config $(test_ca_config_file) -extensions two_directorynames -days 3650 -sha256 -key server5.key -out $@
+
+# directoryname sequence tag malformed
+server5-directoryname-seq-malformed.crt.der: server5-two-directorynames.crt.der
+ hexdump -ve '1/1 "%.2X"' $< | sed "s/62A4473045310B/62A4473145310B/" | xxd -r -p > $@
+
+# Second directoryname OID length malformed 03 -> 15
+server5-second-directoryname-oid-malformed.crt.der: server5-two-directorynames.crt.der
+ hexdump -ve '1/1 "%.2X"' $< | sed "s/0355040A0C0A4D414C464F524D5F4D45/1555040A0C0A4D414C464F524D5F4D45/" | xxd -r -p > $@
+
all_final += server5-tricky-ip-san.crt
rsa_single_san_uri.crt.der: rsa_single_san_uri.key
diff --git a/tests/data_files/server5-directoryname-seq-malformed.crt.der b/tests/data_files/server5-directoryname-seq-malformed.crt.der
new file mode 100644
index 0000000..4b0c325
--- /dev/null
+++ b/tests/data_files/server5-directoryname-seq-malformed.crt.der
Binary files differ
diff --git a/tests/data_files/server5-directoryname.crt.der b/tests/data_files/server5-directoryname.crt.der
new file mode 100644
index 0000000..4badea1
--- /dev/null
+++ b/tests/data_files/server5-directoryname.crt.der
Binary files differ
diff --git a/tests/data_files/server5-second-directoryname-oid-malformed.crt.der b/tests/data_files/server5-second-directoryname-oid-malformed.crt.der
new file mode 100644
index 0000000..7074fd8
--- /dev/null
+++ b/tests/data_files/server5-second-directoryname-oid-malformed.crt.der
Binary files differ
diff --git a/tests/data_files/server5-two-directorynames.crt.der b/tests/data_files/server5-two-directorynames.crt.der
new file mode 100644
index 0000000..c98a018
--- /dev/null
+++ b/tests/data_files/server5-two-directorynames.crt.der
Binary files differ
diff --git a/tests/data_files/test-ca.opensslconf b/tests/data_files/test-ca.opensslconf
index 8f8385a..a642b73 100644
--- a/tests/data_files/test-ca.opensslconf
+++ b/tests/data_files/test-ca.opensslconf
@@ -99,3 +99,17 @@
keyUsage = cRLSign
subjectAltName=otherName:1.3.6.1.5.5.7.8.4;SEQ:nonprintable_hw_module_name
nsCertType=client
+
+[directory_name_san]
+subjectAltName=dirName:dirname_sect
+
+[bad_second_directory_name_san]
+subjectAltName=dirName:dirname_sect, dirName:dirname_sect_bad
+
+[dirname_sect]
+C=UK
+O=Mbed TLS
+CN=Mbed TLS directoryName SAN
+
+[two_directorynames]
+O=MALFORM_ME
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index bafca0a..465f9bb 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2053,7 +2053,7 @@
}
component_test_psa_crypto_config_accel_ecdsa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
+ msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA"
# Algorithms and key types to accelerate
loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
@@ -2078,7 +2078,6 @@
# --------------------------------------
# Start from default config (no USE_PSA) + driver support + TLS 1.3
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py set MBEDTLS_SSL_PROTO_TLS1_3
@@ -2103,96 +2102,8 @@
make test
}
-# Auxiliary function to build config for ECDSA with and without drivers
-config_psa_crypto_config_ecdsa_use_psa () {
- DRIVER_ONLY="$1"
- # start with config full for maximum coverage (also enables USE_PSA)
- scripts/config.py full
- # enable support for drivers and configuring PSA-only algorithms
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- if [ "$DRIVER_ONLY" -eq 1 ]; then
- # Disable the module that's accelerated
- scripts/config.py unset MBEDTLS_ECDSA_C
- fi
- # Restartable feature is not yet supported by PSA. Once it will in
- # the future, the following line could be removed (see issues
- # 6061, 6332 and following ones)
- scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
- # Dynamic secure element support is a deprecated feature and needs to be disabled here.
- # This is done to have the same form of psa_key_attributes_s for libdriver and library.
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
-}
-
-# Keep in sync with component_test_psa_crypto_config_reference_ecdsa_use_psa
-component_test_psa_crypto_config_accel_ecdsa_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
-
- # Algorithms and key types to accelerate
- loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
-
- # Configure and build the test driver library
- # -------------------------------------------
-
- # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
- # partial support for cipher operations in the driver test library.
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
-
- loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
- # SHA-1 and all variants of SHA-2 are needed for ECDSA and X.509 tests
- loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_1"
- loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_224"
- loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_256"
- loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_384"
- loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_512"
- make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
-
- # Configure and build the main libraries with drivers enabled
- # -----------------------------------------------------------
-
- # Use the same config as reference, only without built-in ECDSA
- config_psa_crypto_config_ecdsa_use_psa 1
-
- # Build the library
- loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
- make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
-
- # Make sure ECDSA was not re-enabled by accident (additive config)
- not grep mbedtls_ecdsa_ library/ecdsa.o
-
- # Run the tests
- # -------------
-
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
- make test
-
- msg "test: ssl-opt.sh"
- tests/ssl-opt.sh
-}
-
-# Keep in sync with component_test_psa_crypto_config_accel_ecdsa_use_psa.
-# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
-component_test_psa_crypto_config_reference_ecdsa_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
-
- # To be aligned with the accel component that needs this
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
-
- config_psa_crypto_config_ecdsa_use_psa 0
-
- make
-
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDSA + USE_PSA"
- make test
-
- msg "test: ssl-opt.sh"
- tests/ssl-opt.sh
-}
-
component_test_psa_crypto_config_accel_ecdh () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
+ msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH"
# Algorithms and key types to accelerate
loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
@@ -2211,8 +2122,7 @@
# Configure and build the main libraries
# --------------------------------------
- # Start from default config (no USE_PSA or TLS 1.3) + driver support
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ # Start from default config (no USE_PSA or TLS 1.3)
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# Disable the module that's accelerated
@@ -2239,122 +2149,82 @@
make test
}
-# Auxiliary function to build config for ECDH with and without drivers.
+component_test_psa_crypto_config_accel_pake() {
+ msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated PAKE"
+
+ # Start with full
+ scripts/config.py full
+
+ # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+ # partial support for cipher operations in the driver test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ loc_accel_list="ALG_JPAKE"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+ # Make built-in fallback not available
+ scripts/config.py unset MBEDTLS_ECJPAKE_C
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
+
+ # Dynamic secure element support is a deprecated feature and needs to be disabled here.
+ # This is done to have the same form of psa_key_attributes_s for libdriver and library.
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
+
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+ not grep mbedtls_ecjpake_init library/ecjpake.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated PAKE"
+ make test
+}
+
+# Auxiliary function to build config for all EC based algorithms (EC-JPAKE,
+# ECDH, ECDSA) with and without drivers.
+# The input parameter is a boolean value which indicates:
+# - 0 keep built-in EC algs,
+# - 1 exclude built-in EC algs (driver only).
#
# This is used by the two following components to ensure they always use the
-# same config, except for the use of driver or built-in ECDH:
-# - component_test_psa_crypto_config_accel_ecdh_use_psa;
-# - component_test_psa_crypto_config_reference_ecdh_use_psa.
-# This support comparing their test coverage with analyze_outcomes.py.
-config_psa_crypto_config_ecdh_use_psa () {
+# same config, except for the use of driver or built-in EC algorithms:
+# - component_test_psa_crypto_config_accel_all_ec_algs_use_psa;
+# - component_test_psa_crypto_config_reference_all_ec_algs_use_psa.
+# This supports comparing their test coverage with analyze_outcomes.py.
+config_psa_crypto_config_all_ec_algs_use_psa () {
DRIVER_ONLY="$1"
# start with config full for maximum coverage (also enables USE_PSA)
scripts/config.py full
# enable support for drivers and configuring PSA-only algorithms
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
if [ "$DRIVER_ONLY" -eq 1 ]; then
- # Disable the module that's accelerated
+ # Disable modules that are accelerated
+ scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_ECDH_C
+ scripts/config.py unset MBEDTLS_ECJPAKE_C
fi
# Restartable feature is not yet supported by PSA. Once it will in
# the future, the following line could be removed (see issues
# 6061, 6332 and following ones)
scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
-}
-
-# Keep in sync with component_test_psa_crypto_config_reference_ecdh_use_psa
-component_test_psa_crypto_config_accel_ecdh_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
-
- # Algorithms and key types to accelerate
- loc_accel_list="ALG_ECDH KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
-
- # Configure and build the test driver library
- # -------------------------------------------
-
- # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
- # partial support for cipher operations in the driver test library.
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
-
- loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
- make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
-
- # Configure and build the main libraries
- # --------------------------------------
-
- # Use the same config as reference, only without built-in ECDH
- config_psa_crypto_config_ecdh_use_psa 1
-
- # Build the main library
- loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
- make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
-
- # Make sure this was not re-enabled by accident (additive config)
- not grep mbedtls_ecdh_ library/ecdh.o
-
- # Run the tests
- # -------------
-
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECDH + USE_PSA"
- make test
-
- msg "test: ssl-opt.sh"
- tests/ssl-opt.sh
-}
-
-# Keep in sync with component_test_psa_crypto_config_accel_ecdh_use_psa.
-# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
-component_test_psa_crypto_config_reference_ecdh_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
-
- # To be aligned with the accel component that needs this
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
- scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
-
- config_psa_crypto_config_ecdh_use_psa 0
-
- make
-
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECDH + USE_PSA"
- make test
-
- msg "test: ssl-opt.sh"
- tests/ssl-opt.sh
-}
-
-# Auxiliary function to build config for EC JPAKE with and without drivers.
-#
-# This is used by the two following components to ensure they always use the
-# same config, except for the use of driver or built-in ECJPAKE:
-# - component_test_psa_crypto_config_accel_ecjpake_use_psa;
-# - component_test_psa_crypto_config_reference_ecjpake_use_psa.
-# This support comparing their test coverage with analyze_outcomes.py.
-config_psa_crypto_config_ecjpake_use_psa () {
- DRIVER_ONLY="$1"
- # start with config full for maximum coverage (also enables USE_PSA)
- scripts/config.py full
- # enable support for drivers and configuring PSA-only algorithms
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
- if [ "$DRIVER_ONLY" -eq 1 ]; then
- # Disable the module that's accelerated
- scripts/config.py unset MBEDTLS_ECJPAKE_C
- fi
-
# Dynamic secure element support is a deprecated feature and needs to be disabled here.
# This is done to have the same form of psa_key_attributes_s for libdriver and library.
scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
}
-# Keep in sync with component_test_psa_crypto_config_reference_ecjpake_use_psa
-component_test_psa_crypto_config_accel_ecjpake_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECJPAKE + USE_PSA"
+# Keep in sync with component_test_psa_crypto_config_reference_all_ec_algs_use_psa
+component_test_psa_crypto_config_accel_all_ec_algs_use_psa () {
+ msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated EC algs + USE_PSA"
# Algorithms and key types to accelerate
- loc_accel_list="ALG_JPAKE KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
+ loc_accel_list="ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
+ ALG_ECDH \
+ ALG_JPAKE \
+ KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
# Configure and build the test driver library
# -------------------------------------------
@@ -2364,57 +2234,72 @@
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
- loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
- make -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+ # Things we wanted supported in libtestdriver1, but not accelerated in the main library:
+ # SHA-1 and all SHA-2 variants, as they are used by ECDSA deterministic.
+ loc_extra_list="ALG_SHA_1 ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512"
+ loc_accel_flags=$( echo "$loc_accel_list $loc_extra_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- # Configure and build the main libraries
- # --------------------------------------
+ # Configure and build the main libraries with drivers enabled
+ # -----------------------------------------------------------
- # Use the same config as reference, only without built-in JPAKE
- config_psa_crypto_config_ecjpake_use_psa 1
+ # Use the same config as reference, only without built-in EC algs
+ config_psa_crypto_config_all_ec_algs_use_psa 1
- # Build the main library
+ # Build the library
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
- make CFLAGS="$ASAN_CFLAGS -O -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
- # Make sure this was not re-enabled by accident (additive config)
+ # Make sure any built-in EC alg was not re-enabled by accident (additive config)
+ not grep mbedtls_ecdsa_ library/ecdsa.o
+ not grep mbedtls_ecdh_ library/ecdh.o
not grep mbedtls_ecjpake_ library/ecjpake.o
# Run the tests
# -------------
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated JPAKE + USE_PSA"
+ msg "test suites: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated EC algs + USE_PSA"
make test
- msg "test: ssl-opt.sh"
+ msg "ssl-opt: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated EC algs + USE_PSA"
tests/ssl-opt.sh
}
-# Keep in sync with component_test_psa_crypto_config_accel_ecjpake_use_psa.
-# Used by tests/scripts/analyze_outcomes.py for comparison purposes.
-component_test_psa_crypto_config_reference_ecjpake_use_psa () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA"
+# Keep in sync with component_test_psa_crypto_config_accel_all_ec_algs_use_psa
+component_test_psa_crypto_config_reference_all_ec_algs_use_psa () {
+ msg "build: MBEDTLS_PSA_CRYPTO_CONFIG with non-accelerated EC algs + USE_PSA"
- # To be aligned with the accel component that needs this
+ # To be aligned with component_test_psa_crypto_config_accel_all_ec_algs_use_psa()
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
- config_psa_crypto_config_ecjpake_use_psa 0
+ config_psa_crypto_config_all_ec_algs_use_psa 0
make
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with reference ECJPAKE + USE_PSA"
+ msg "test suites: MBEDTLS_PSA_CRYPTO_CONFIG with non-accelerated EC algs + USE_PSA"
make test
- msg "test: ssl-opt.sh"
+ msg "ssl-opt: MBEDTLS_PSA_CRYPTO_CONFIG with non-accelerated EC algs + USE_PSA"
tests/ssl-opt.sh
}
-component_test_psa_crypto_config_accel_ecc () {
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECC"
+# Helper function used in:
+# - component_test_psa_crypto_config_accel_all_curves_except_p192
+# - component_test_psa_crypto_config_accel_all_curves_except_x25519
+# to build and test with all accelerated curves a part from the specified one.
+psa_crypto_config_accel_all_curves_except_one () {
+ BUILTIN_CURVE=$1
- # Algorithms and key types to accelerate
- loc_accel_list="ALG_ECDH ALG_ECDSA ALG_DETERMINISTIC_ECDSA ALG_JPAKE KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
+ msg "build: PSA_CRYPTO_CONFIG + all accelerated EC algs (excl $BUILTIN_CURVE) + USE_PSA_CRYPTO"
+
+ # Accelerate all EC algs (all EC curves are automatically accelerated as
+ # well in the built-in version due to the "PSA_WANT_xxx" symbols in
+ # "crypto_config.h")
+ loc_accel_list="ALG_ECDH \
+ ALG_ECDSA ALG_DETERMINISTIC_ECDSA \
+ ALG_JPAKE \
+ KEY_TYPE_ECC_KEY_PAIR KEY_TYPE_ECC_PUBLIC_KEY"
# Configure and build the test driver library
# --------------------------------------------
@@ -2424,6 +2309,15 @@
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+ # RSA support is intentionally disabled on this test (see below for
+ # explanation) so lets disable it also on the driver side
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_KEY_PAIR
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY
+ for ALG in $(sed -n 's/^#define \(PSA_WANT_ALG_RSA_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do
+ echo $ALG
+ scripts/config.py -f include/psa/crypto_config.h unset $ALG
+ done
+
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
# These hashes are needed for some ECDSA signature tests.
loc_accel_flags="$loc_accel_flags -DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_ALG_SHA_224"
@@ -2435,39 +2329,85 @@
# Configure and build the main libraries
# ---------------------------------------
- # start with default + driver support
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ # full config (includes USE_PSA, TLS 1.3 and driver support)
+ scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ # Dynamic secure element support is a deprecated feature and needs to be disabled here.
+ # This is done to have the same form of psa_key_attributes_s for libdriver and library.
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
+
+ # restartable is not yet supported in PSA
+ scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
+
# disable modules for which we have drivers
scripts/config.py unset MBEDTLS_ECDSA_C
scripts/config.py unset MBEDTLS_ECDH_C
scripts/config.py unset MBEDTLS_ECJPAKE_C
- # dependencies
- #scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3 # not in default anyway
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+ # Ensure also RSA and asssociated algs are disabled so that the size of
+ # the public/private keys cannot be taken from there
+ scripts/config.py unset MBEDTLS_RSA_C
+ scripts/config.py unset MBEDTLS_PKCS1_V15
+ scripts/config.py unset MBEDTLS_PKCS1_V21
+ scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
+ # Also disable key exchanges that depend on RSA
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
- scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+
+ # Explicitly disable all SW implementation for elliptic curves
+ for CURVE in $(sed -n 's/#define \(MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED\).*/\1/p' <"$CONFIG_H"); do
+ scripts/config.py unset "$CURVE"
+ done
+ # Just leave SW implementation for the specified curve for allowing to
+ # build with ECP_C.
+ scripts/config.py set $BUILTIN_CURVE
+ # Accelerate all curves listed in "crypto_config.h" (skipping the ones that
+ # are commented out)
+ for CURVE in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do
+ loc_accel_list="$loc_accel_list $CURVE"
+ done
# build and link with test drivers
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
- # make sure these were not auto-re-enabled by accident
+ # make sure excluded modules were not auto-re-enabled by accident
not grep mbedtls_ecdh_ library/ecdh.o
not grep mbedtls_ecdsa_ library/ecdsa.o
not grep mbedtls_ecjpake_ library/ecjpake.o
+ if [ $BUILTIN_CURVE == "MBEDTLS_ECP_DP_SECP192R1_ENABLED" ]; then
+ # The only built-in curve is Short Weierstrass, so ECP shouldn't have
+ # support for Montgomery curves. Functions with mxz in their name
+ # are specific to Montgomery curves.
+ not grep mxz library/ecp.o
+ elif [ $BUILTIN_CURVE == "MBEDTLS_ECP_DP_CURVE25519_ENABLED" ]; then
+ # The only built-in curve is Montgomery, so ECP shouldn't have
+ # support for Short Weierstrass curves. Functions with mbedtls_ecp_muladd
+ # in their name are specific to Short Weierstrass curves.
+ not grep mbedtls_ecp_muladd library/ecp.o
+ else
+ err_msg "Error: $BUILTIN_CURVE is not supported in psa_crypto_config_accel_all_curves_except_one()"
+ exit 1
+ fi
# Run the tests
# -------------
-
- msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated ECC"
+ msg "test: PSA_CRYPTO_CONFIG + all accelerated EC algs (excl $BUILTIN_CURVE) + USE_PSA_CRYPTO"
make test
}
+component_test_psa_crypto_config_accel_all_curves_except_p192 () {
+ psa_crypto_config_accel_all_curves_except_one MBEDTLS_ECP_DP_SECP192R1_ENABLED
+}
+
+component_test_psa_crypto_config_accel_all_curves_except_x25519 () {
+ psa_crypto_config_accel_all_curves_except_one MBEDTLS_ECP_DP_CURVE25519_ENABLED
+}
+
component_test_psa_crypto_config_accel_rsa_signature () {
msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated RSA signature"
@@ -2516,7 +2456,6 @@
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
# Mbed TLS library build
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# Remove RSA support and its dependencies
@@ -2558,7 +2497,6 @@
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py unset MBEDTLS_MD5_C
scripts/config.py unset MBEDTLS_RIPEMD160_C
@@ -2596,7 +2534,6 @@
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
@@ -2612,7 +2549,6 @@
scripts/config.py full
# enable support for drivers and configuring PSA-only algorithms
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
if [ "$DRIVER_ONLY" -eq 1 ]; then
# disable the built-in implementation of hashes
scripts/config.py unset MBEDTLS_MD5_C
@@ -2702,7 +2638,6 @@
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# There is no intended accelerator support for ALG STREAM_CIPHER and
@@ -2743,7 +2678,6 @@
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
scripts/config.py unset MBEDTLS_GCM_C
@@ -2781,7 +2715,6 @@
loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
# Make build-in fallback not available
@@ -2801,20 +2734,6 @@
make test
}
-component_test_psa_crypto_config_no_driver() {
- # full plus MBEDTLS_PSA_CRYPTO_CONFIG
- msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
- scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_DRIVERS
- scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
- scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
- make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
-
- msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
- make test
-}
-
component_test_psa_crypto_config_chachapoly_disabled() {
# full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305
msg "build: full minus MBEDTLS_CHACHAPOLY_C without PSA_WANT_ALG_GCM and PSA_WANT_ALG_CHACHA20_POLY1305"
@@ -2835,7 +2754,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDH without MBEDTLS_ECDH_C"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py unset MBEDTLS_ECDH_C
@@ -2854,7 +2772,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_KEY_PAIR"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_KEY_PAIR 1
@@ -2869,7 +2786,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY 1
@@ -2884,7 +2800,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HMAC"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
# Need to define the correct symbol and include the test driver header path in order to build with the test driver
@@ -2898,7 +2813,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_HKDF without MBEDTLS_HKDF_C"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py unset MBEDTLS_HKDF_C
@@ -2914,7 +2828,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_MD5 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_RIPEMD160
@@ -2936,7 +2849,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RIPEMD160 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -2958,7 +2870,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_1 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -2980,7 +2891,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_224 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -2999,7 +2909,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_256 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -3018,7 +2927,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_384 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -3039,7 +2947,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_SHA_512 - other hashes"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_MD5
@@ -3061,7 +2968,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_CRYPT + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_CRYPT 1
@@ -3078,7 +2984,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PKCS1V15_SIGN + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PKCS1V15_SIGN 1
@@ -3095,7 +3000,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_OAEP + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_OAEP 1
@@ -3112,7 +3016,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_RSA_PSS + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
@@ -3129,7 +3032,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_KEY_PAIR + PSA_WANT_ALG_RSA_PSS"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
@@ -3144,7 +3046,6 @@
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_KEY_TYPE_RSA_PUBLIC_KEY + PSA_WANT_ALG_RSA_PSS"
scripts/config.py full
scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
scripts/config.py unset MBEDTLS_SSL_PROTO_TLS1_3
scripts/config.py -f include/psa/crypto_config.h set PSA_WANT_ALG_RSA_PSS 1
@@ -3472,9 +3373,8 @@
}
component_test_psa_crypto_drivers () {
- msg "build: MBEDTLS_PSA_CRYPTO_DRIVERS w/ driver hooks"
+ msg "build: full + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + test drivers"
scripts/config.py full
- scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
scripts/config.py set MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
loc_cflags="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST_ALL"
loc_cflags="${loc_cflags} '-DMBEDTLS_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
@@ -3482,7 +3382,7 @@
make CC=gcc CFLAGS="${loc_cflags}" LDFLAGS="$ASAN_CFLAGS"
- msg "test: full + MBEDTLS_PSA_CRYPTO_DRIVERS"
+ msg "test: full + MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS + test drivers"
make test
}
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index 800b744..60cf654 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -10,6 +10,8 @@
import sys
import traceback
import re
+import subprocess
+import os
import check_test_cases
@@ -51,6 +53,26 @@
"""
return len(self.successes) + len(self.failures)
+def execute_reference_driver_tests(ref_component, driver_component, outcome_file):
+ """Run the tests specified in ref_component and driver_component. Results
+ are stored in the output_file and they will be used for the following
+ coverage analysis"""
+ # If the outcome file already exists, we assume that the user wants to
+ # perform the comparison analysis again without repeating the tests.
+ if os.path.exists(outcome_file):
+ Results.log("Outcome file (" + outcome_file + ") already exists. " + \
+ "Tests will be skipped.")
+ return
+
+ shell_command = "tests/scripts/all.sh --outcome-file " + outcome_file + \
+ " " + ref_component + " " + driver_component
+ Results.log("Running: " + shell_command)
+ ret_val = subprocess.run(shell_command.split(), check=False).returncode
+
+ if ret_val != 0:
+ Results.log("Error: failed to run reference/driver components")
+ sys.exit(ret_val)
+
def analyze_coverage(results, outcomes):
"""Check that all available test cases are executed at least once."""
available = check_test_cases.collect_available_test_cases()
@@ -137,6 +159,9 @@
def do_analyze_driver_vs_reference(outcome_file, args):
"""Perform driver vs reference analyze."""
+ execute_reference_driver_tests(args['component_ref'], \
+ args['component_driver'], outcome_file)
+
ignored_suites = ['test_suite_' + x for x in args['ignored_suites']]
outcomes = read_outcome_file(outcome_file)
@@ -152,9 +177,12 @@
'test_function': do_analyze_coverage,
'args': {}
},
- # How to use analyze_driver_vs_reference_xxx locally:
- # 1. tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
- # 2. tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
+ # There are 2 options to use analyze_driver_vs_reference_xxx locally:
+ # 1. Run tests and then analysis:
+ # - tests/scripts/all.sh --outcome-file "$PWD/out.csv" <component_ref> <component_driver>
+ # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
+ # 2. Let this script run both automatically:
+ # - tests/scripts/analyze_outcomes.py out.csv analyze_driver_vs_reference_xxx
'analyze_driver_vs_reference_hash': {
'test_function': do_analyze_driver_vs_reference,
'args': {
@@ -168,13 +196,16 @@
}
}
},
- 'analyze_driver_vs_reference_ecdsa': {
+ 'analyze_driver_vs_reference_all_ec_algs': {
'test_function': do_analyze_driver_vs_reference,
'args': {
- 'component_ref': 'test_psa_crypto_config_reference_ecdsa_use_psa',
- 'component_driver': 'test_psa_crypto_config_accel_ecdsa_use_psa',
+ 'component_ref': 'test_psa_crypto_config_reference_all_ec_algs_use_psa',
+ 'component_driver': 'test_psa_crypto_config_accel_all_ec_algs_use_psa',
+ # ignore the suites of the accelerated components
'ignored_suites': [
- 'ecdsa', # the software implementation that's excluded
+ 'ecdsa',
+ 'ecdh',
+ 'ecjpake',
],
'ignored_tests': {
'test_suite_random': [
@@ -183,30 +214,6 @@
}
}
},
- 'analyze_driver_vs_reference_ecdh': {
- 'test_function': do_analyze_driver_vs_reference,
- 'args': {
- 'component_ref': 'test_psa_crypto_config_reference_ecdh_use_psa',
- 'component_driver': 'test_psa_crypto_config_accel_ecdh_use_psa',
- 'ignored_suites': [
- 'ecdh', # the software implementation that's excluded
- ],
- 'ignored_tests': {
- }
- }
- },
- 'analyze_driver_vs_reference_ecjpake': {
- 'test_function': do_analyze_driver_vs_reference,
- 'args': {
- 'component_ref': 'test_psa_crypto_config_reference_ecjpake_use_psa',
- 'component_driver': 'test_psa_crypto_config_accel_ecjpake_use_psa',
- 'ignored_suites': [
- 'ecjpake', # the software implementation that's excluded
- ],
- 'ignored_tests': {
- }
- }
- },
}
def main():
diff --git a/tests/src/drivers/hash.c b/tests/src/drivers/hash.c
index 7487e84..8fb1982 100644
--- a/tests/src/drivers/hash.c
+++ b/tests/src/drivers/hash.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_hash.h"
#include "test/drivers/hash.h"
@@ -208,4 +208,4 @@
return mbedtls_test_driver_hash_hooks.driver_status;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c
index 4bf2a86..8eb5547 100644
--- a/tests/src/drivers/test_driver_aead.c
+++ b/tests/src/drivers/test_driver_aead.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_aead.h"
#include "psa_crypto_core.h"
@@ -469,4 +469,4 @@
return mbedtls_test_driver_aead_hooks.driver_status;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_asymmetric_encryption.c b/tests/src/drivers/test_driver_asymmetric_encryption.c
index 8c5e207..cf0e90c 100644
--- a/tests/src/drivers/test_driver_asymmetric_encryption.c
+++ b/tests/src/drivers/test_driver_asymmetric_encryption.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "mbedtls/rsa.h"
#include "psa_crypto_rsa.h"
@@ -160,4 +160,4 @@
return PSA_ERROR_NOT_SUPPORTED;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_cipher.c b/tests/src/drivers/test_driver_cipher.c
index f0cb6b2..42e79c4 100644
--- a/tests/src/drivers/test_driver_cipher.c
+++ b/tests/src/drivers/test_driver_cipher.c
@@ -20,7 +20,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_cipher.h"
#include "psa_crypto_core.h"
@@ -433,4 +433,4 @@
(void) output_length;
return PSA_ERROR_NOT_SUPPORTED;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c
index d1fd891..b60c412 100644
--- a/tests/src/drivers/test_driver_key_agreement.c
+++ b/tests/src/drivers/test_driver_key_agreement.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
@@ -123,4 +123,4 @@
return PSA_ERROR_NOT_SUPPORTED;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_key_management.c b/tests/src/drivers/test_driver_key_management.c
index 4e340aa..a3ff2dd 100644
--- a/tests/src/drivers/test_driver_key_management.c
+++ b/tests/src/drivers/test_driver_key_management.c
@@ -20,7 +20,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
#include "psa_crypto_ecp.h"
@@ -748,4 +748,4 @@
return PSA_SUCCESS;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_mac.c b/tests/src/drivers/test_driver_mac.c
index ea09cf4..96c1685 100644
--- a/tests/src/drivers/test_driver_mac.c
+++ b/tests/src/drivers/test_driver_mac.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_mac.h"
#include "test/drivers/mac.h"
@@ -431,4 +431,4 @@
return mbedtls_test_driver_mac_hooks.driver_status;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_pake.c b/tests/src/drivers/test_driver_pake.c
index 9c72483..a8cf0d8 100644
--- a/tests/src/drivers/test_driver_pake.c
+++ b/tests/src/drivers/test_driver_pake.c
@@ -19,7 +19,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa_crypto_pake.h"
#include "test/drivers/pake.h"
@@ -209,4 +209,4 @@
return mbedtls_test_driver_pake_hooks.driver_status;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/test_driver_signature.c b/tests/src/drivers/test_driver_signature.c
index 11815b0..c312477 100644
--- a/tests/src/drivers/test_driver_signature.c
+++ b/tests/src/drivers/test_driver_signature.c
@@ -21,7 +21,7 @@
#include <test/helpers.h>
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#if defined(PSA_CRYPTO_DRIVER_TEST)
#include "psa/crypto.h"
#include "psa_crypto_core.h"
#include "psa_crypto_ecp.h"
@@ -414,4 +414,4 @@
return PSA_ERROR_NOT_SUPPORTED;
}
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
+#endif /* PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/suites/test_suite_bignum_core.function b/tests/suites/test_suite_bignum_core.function
index 408eb0b..e084b83 100644
--- a/tests/suites/test_suite_bignum_core.function
+++ b/tests/suites/test_suite_bignum_core.function
@@ -1057,7 +1057,71 @@
}
/* END_CASE */
-/* BEGIN MERGE SLOT 1 */
+/* BEGIN_CASE */
+void mpi_core_mul(char *input_A,
+ char *input_B,
+ char *result)
+{
+ mbedtls_mpi_uint *A = NULL;
+ mbedtls_mpi_uint *A_orig = NULL;
+ mbedtls_mpi_uint *B = NULL;
+ mbedtls_mpi_uint *B_orig = NULL;
+ mbedtls_mpi_uint *R = NULL;
+ mbedtls_mpi_uint *X = NULL;
+ size_t A_limbs, B_limbs, R_limbs;
+
+ TEST_EQUAL(mbedtls_test_read_mpi_core(&A, &A_limbs, input_A), 0);
+ TEST_EQUAL(mbedtls_test_read_mpi_core(&B, &B_limbs, input_B), 0);
+ TEST_EQUAL(mbedtls_test_read_mpi_core(&R, &R_limbs, result), 0);
+
+ TEST_EQUAL(R_limbs, A_limbs + B_limbs);
+
+ const size_t X_limbs = A_limbs + B_limbs;
+ const size_t X_bytes = X_limbs * sizeof(mbedtls_mpi_uint);
+ ASSERT_ALLOC(X, X_limbs);
+
+ const size_t A_bytes = A_limbs * sizeof(mbedtls_mpi_uint);
+ ASSERT_ALLOC(A_orig, A_limbs);
+ memcpy(A_orig, A, A_bytes);
+
+ const size_t B_bytes = B_limbs * sizeof(mbedtls_mpi_uint);
+ ASSERT_ALLOC(B_orig, B_limbs);
+ memcpy(B_orig, B, B_bytes);
+
+ /* Set result to something that is unlikely to be correct */
+ memset(X, '!', X_bytes);
+
+ /* 1. X = A * B - result should be correct, A and B unchanged */
+ mbedtls_mpi_core_mul(X, A, A_limbs, B, B_limbs);
+ ASSERT_COMPARE(X, X_bytes, R, X_bytes);
+ ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
+ ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
+
+ /* 2. A == B: alias A and B - result should be correct, A and B unchanged */
+ if (A_bytes == B_bytes && memcmp(A, B, A_bytes) == 0) {
+ memset(X, '!', X_bytes);
+ mbedtls_mpi_core_mul(X, A, A_limbs, A, A_limbs);
+ ASSERT_COMPARE(X, X_bytes, R, X_bytes);
+ ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
+ }
+ /* 3. X = B * A - result should be correct, A and B unchanged */
+ else {
+ memset(X, '!', X_bytes);
+ mbedtls_mpi_core_mul(X, B, B_limbs, A, A_limbs);
+ ASSERT_COMPARE(X, X_bytes, R, X_bytes);
+ ASSERT_COMPARE(A, A_bytes, A_orig, A_bytes);
+ ASSERT_COMPARE(B, B_bytes, B_orig, B_bytes);
+ }
+
+exit:
+ mbedtls_free(A);
+ mbedtls_free(A_orig);
+ mbedtls_free(B);
+ mbedtls_free(B_orig);
+ mbedtls_free(R);
+ mbedtls_free(X);
+}
+/* END_CASE */
/* BEGIN_CASE */
void mpi_core_exp_mod(char *input_N, char *input_A,
@@ -1138,14 +1202,6 @@
}
/* END_CASE */
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
/* BEGIN_CASE */
void mpi_core_sub_int(char *input_A, char *input_B,
char *input_X, int borrow)
@@ -1210,33 +1266,3 @@
mbedtls_free(X);
}
/* END_CASE */
-
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
-
-/* END MERGE SLOT 5 */
-
-/* BEGIN MERGE SLOT 6 */
-
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
-
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
diff --git a/tests/suites/test_suite_bignum_core.misc.data b/tests/suites/test_suite_bignum_core.misc.data
index 81a767a..b61d708 100644
--- a/tests/suites/test_suite_bignum_core.misc.data
+++ b/tests/suites/test_suite_bignum_core.misc.data
@@ -491,42 +491,3 @@
Fill random core: 42 bytes, 5 missing limbs
mpi_core_fill_random:42:0:-5:0:MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
-
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
-
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
-
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
-
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/tests/suites/test_suite_bignum_mod.function b/tests/suites/test_suite_bignum_mod.function
index ded4c0c..233d3a9 100644
--- a/tests/suites/test_suite_bignum_mod.function
+++ b/tests/suites/test_suite_bignum_mod.function
@@ -96,12 +96,6 @@
}
/* END_CASE */
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
/* BEGIN_CASE */
void mpi_mod_mul(char *input_A,
char *input_B,
@@ -238,9 +232,6 @@
}
/* END_CASE */
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
/* BEGIN_CASE */
void mpi_mod_sub(char *input_N,
char *input_A, char *input_B,
@@ -440,13 +431,7 @@
mbedtls_free(X_raw);
}
/* END_CASE */
-/* END MERGE SLOT 3 */
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
/* BEGIN_CASE */
void mpi_mod_add(char *input_N,
char *input_A, char *input_B,
@@ -549,13 +534,7 @@
mbedtls_free(X_raw);
}
/* END_CASE */
-/* END MERGE SLOT 5 */
-/* BEGIN MERGE SLOT 6 */
-
-/* END MERGE SLOT 6 */
-
-/* BEGIN MERGE SLOT 7 */
/* BEGIN_CASE */
void mpi_residue_setup(char *input_N, char *input_R, int ret)
{
@@ -762,16 +741,3 @@
mbedtls_free(obuf);
}
/* END_CASE */
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
diff --git a/tests/suites/test_suite_bignum_mod.misc.data b/tests/suites/test_suite_bignum_mod.misc.data
index e369211..780e0cf 100644
--- a/tests/suites/test_suite_bignum_mod.misc.data
+++ b/tests/suites/test_suite_bignum_mod.misc.data
@@ -7,11 +7,6 @@
Test mbedtls_mpi_mod_setup #7 (Montgomery representation)
mpi_mod_setup:MBEDTLS_MPI_MOD_REP_MONTGOMERY:0
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
Test mpi_mod_mul #1 N->limbs != A->limbs
mpi_mod_mul_neg:"1":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
@@ -20,9 +15,6 @@
Test mpi_mod_mul #3 N->limbs != X->limbs
mpi_mod_mul_neg:"1234567890abcdef1234567890abcdef":"00000000000000000000000000000000":"f0000000000000000000000000000000":"0":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
mpi_mod_sub base case for negative testing (N, a, b all >= 1 limb)
mpi_mod_sub:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"013fe57440828b4a0008aa4159":0
@@ -89,13 +81,6 @@
depends_on:MBEDTLS_HAVE_INT64
mpi_mod_inv_mont:"0000000000000000000000000000152d02c7e14af67fe0bf":"00000000000009545642424381c611fb":"000000000000000000000000000009545642424381c611fb":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
mpi_mod_add base case for negative testing (N, a, b all >= 1 limb)
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"00033b2e3c9fd0803ce8000f93":"00033b3096f574ee9a919c815a":0
@@ -116,13 +101,7 @@
mpi_mod_add with second input too short
mpi_mod_add:"014320a022ccb75bdf470ddf25":"000000025a55a46e5da99c71c7":"e8000f93":"00":MBEDTLS_ERR_MPI_BAD_INPUT_DATA
-# END MERGE SLOT 5
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
Test mbedtls_mpi_residue_setup #1 m > r
mpi_residue_setup:"fe":"01":0
diff --git a/tests/suites/test_suite_bignum_mod_raw.data b/tests/suites/test_suite_bignum_mod_raw.data
index 8cbd918..2af1d7d 100644
--- a/tests/suites/test_suite_bignum_mod_raw.data
+++ b/tests/suites/test_suite_bignum_mod_raw.data
@@ -179,42 +179,3 @@
mbedtls_mpi_mod_raw_cond_swap: copy half of the limbs
mpi_mod_raw_cond_swap:"00000000FFFFFFFF55555555AAAAAAAA":"FEDCBA9876543210FEDCBA9876543210":8
-# BEGIN MERGE SLOT 1
-
-# END MERGE SLOT 1
-
-# BEGIN MERGE SLOT 2
-
-# END MERGE SLOT 2
-
-# BEGIN MERGE SLOT 3
-
-# END MERGE SLOT 3
-
-# BEGIN MERGE SLOT 4
-
-# END MERGE SLOT 4
-
-# BEGIN MERGE SLOT 5
-
-# END MERGE SLOT 5
-
-# BEGIN MERGE SLOT 6
-
-# END MERGE SLOT 6
-
-# BEGIN MERGE SLOT 7
-
-# END MERGE SLOT 7
-
-# BEGIN MERGE SLOT 8
-
-# END MERGE SLOT 8
-
-# BEGIN MERGE SLOT 9
-
-# END MERGE SLOT 9
-
-# BEGIN MERGE SLOT 10
-
-# END MERGE SLOT 10
diff --git a/tests/suites/test_suite_bignum_mod_raw.function b/tests/suites/test_suite_bignum_mod_raw.function
index 24ecba3..bd5eea7 100644
--- a/tests/suites/test_suite_bignum_mod_raw.function
+++ b/tests/suites/test_suite_bignum_mod_raw.function
@@ -263,12 +263,6 @@
}
/* END_CASE */
-/* BEGIN MERGE SLOT 1 */
-
-/* END MERGE SLOT 1 */
-
-/* BEGIN MERGE SLOT 2 */
-
/* BEGIN_CASE */
void mpi_mod_raw_sub(char *input_A,
char *input_B,
@@ -482,10 +476,6 @@
}
/* END_CASE */
-/* END MERGE SLOT 2 */
-
-/* BEGIN MERGE SLOT 3 */
-
/* BEGIN_CASE */
void mpi_mod_raw_inv_prime(char *input_N, char *input_A, char *input_X)
{
@@ -559,14 +549,6 @@
}
/* END_CASE */
-/* END MERGE SLOT 3 */
-
-/* BEGIN MERGE SLOT 4 */
-
-/* END MERGE SLOT 4 */
-
-/* BEGIN MERGE SLOT 5 */
-
/* BEGIN_CASE */
void mpi_mod_raw_add(char *input_N,
char *input_A, char *input_B,
@@ -655,9 +637,7 @@
mbedtls_free(X);
}
/* END_CASE */
-/* END MERGE SLOT 5 */
-/* BEGIN MERGE SLOT 6 */
/* BEGIN_CASE */
void mpi_mod_raw_canonical_to_modulus_rep(const char *input_N, int rep,
const char *input_A,
@@ -711,9 +691,7 @@
mbedtls_free(X);
}
/* END_CASE */
-/* END MERGE SLOT 6 */
-/* BEGIN MERGE SLOT 7 */
/* BEGIN_CASE */
void mpi_mod_raw_to_mont_rep(char *input_N, char *input_A, char *input_X)
{
@@ -896,17 +874,3 @@
mbedtls_free(Z);
}
/* END_CASE */
-
-/* END MERGE SLOT 7 */
-
-/* BEGIN MERGE SLOT 8 */
-
-/* END MERGE SLOT 8 */
-
-/* BEGIN MERGE SLOT 9 */
-
-/* END MERGE SLOT 9 */
-
-/* BEGIN MERGE SLOT 10 */
-
-/* END MERGE SLOT 10 */
diff --git a/tests/suites/test_suite_ecp.data b/tests/suites/test_suite_ecp.data
index 3fbad92..1f6dfc1 100644
--- a/tests/suites/test_suite_ecp.data
+++ b/tests/suites/test_suite_ecp.data
@@ -855,130 +855,6 @@
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecp_muladd_restart:MBEDTLS_ECP_DP_SECP256R1:"CB28E0999B9C7715FD0A80D8E47A77079716CBBF917DD72E97566EA1C066957C":"2B57C0235FB7489768D058FF4911C20FDBE71E3699D91339AFBB903EE17255DC":"C3875E57C85038A0D60370A87505200DC8317C8C534948BEA6559C7C18E6D4CE":"3B4E49C4FDBFC006FF993C81A50EAE221149076D6EC09DDD9FB3B787F85B6483":"2442A5CC0ECD015FA3CA31DC8E2BBC70BF42D60CBCA20085E0822CB04235E970":"6FC98BD7E50211A4A27102FA3549DF79EBCB4BF246B80945CDDFE7D509BBFD7D":250:4:64
-ECP fix_negative: 0, -1, 224
-fix_negative:"00":-1:224
-
-ECP fix_negative: 1, -1, 224
-fix_negative:"01":-1:224
-
-ECP fix_negative: 2^32-1, -1, 224
-fix_negative:"ffffffff":-1:224
-
-ECP fix_negative: 2^32, -1, 224
-fix_negative:"0100000000":-1:224
-
-ECP fix_negative: 2^64-1, -1, 224
-fix_negative:"ffffffffffffffff":-1:224
-
-ECP fix_negative: 2^64, -1, 224
-fix_negative:"010000000000000000":-1:224
-
-ECP fix_negative: 2^128-1, -1, 224
-fix_negative:"ffffffffffffffffffffffffffffffff":-1:224
-
-ECP fix_negative: 2^128, -1, 224
-fix_negative:"0100000000000000000000000000000000":-1:224
-
-ECP fix_negative: 2^128+1, -1, 224
-fix_negative:"0100000000000000000000000000000001":-1:224
-
-ECP fix_negative: 2^224-1, -1, 224
-fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:224
-
-ECP fix_negative: 0, -2, 224
-fix_negative:"00":-2:224
-
-ECP fix_negative: 1, -2, 224
-fix_negative:"01":-2:224
-
-ECP fix_negative: 2^32-1, -2, 224
-fix_negative:"ffffffff":-2:224
-
-ECP fix_negative: 2^32, -2, 224
-fix_negative:"0100000000":-2:224
-
-ECP fix_negative: 2^64-1, -2, 224
-fix_negative:"ffffffffffffffff":-2:224
-
-ECP fix_negative: 2^64, -2, 224
-fix_negative:"010000000000000000":-2:224
-
-ECP fix_negative: 2^128-1, -2, 224
-fix_negative:"ffffffffffffffffffffffffffffffff":-2:224
-
-ECP fix_negative: 2^128, -2, 224
-fix_negative:"0100000000000000000000000000000000":-2:224
-
-ECP fix_negative: 2^128+1, -2, 224
-fix_negative:"0100000000000000000000000000000001":-2:224
-
-ECP fix_negative: 2^224-1, -2, 224
-fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:224
-
-ECP fix_negative: 0, -1, 256
-fix_negative:"00":-1:256
-
-ECP fix_negative: 1, -1, 256
-fix_negative:"01":-1:256
-
-ECP fix_negative: 2^32-1, -1, 256
-fix_negative:"ffffffff":-1:256
-
-ECP fix_negative: 2^32, -1, 256
-fix_negative:"0100000000":-1:256
-
-ECP fix_negative: 2^64-1, -1, 256
-fix_negative:"ffffffffffffffff":-1:256
-
-ECP fix_negative: 2^64, -1, 256
-fix_negative:"010000000000000000":-1:256
-
-ECP fix_negative: 2^128-1, -1, 256
-fix_negative:"ffffffffffffffffffffffffffffffff":-1:256
-
-ECP fix_negative: 2^128, -1, 256
-fix_negative:"0100000000000000000000000000000000":-1:256
-
-ECP fix_negative: 2^128+1, -1, 256
-fix_negative:"0100000000000000000000000000000001":-1:256
-
-ECP fix_negative: 2^256-1, -1, 256
-fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-1:256
-
-ECP fix_negative: 0, -2, 256
-fix_negative:"00":-2:256
-
-ECP fix_negative: 1, -2, 256
-fix_negative:"01":-2:256
-
-ECP fix_negative: 2^32-1, -2, 256
-fix_negative:"ffffffff":-2:256
-
-ECP fix_negative: 2^32, -2, 256
-fix_negative:"0100000000":-2:256
-
-ECP fix_negative: 2^64-1, -2, 256
-fix_negative:"ffffffffffffffff":-2:256
-
-ECP fix_negative: 2^64, -2, 256
-fix_negative:"010000000000000000":-2:256
-
-ECP fix_negative: 2^128-1, -2, 256
-fix_negative:"ffffffffffffffffffffffffffffffff":-2:256
-
-ECP fix_negative: 2^128, -2, 256
-fix_negative:"0100000000000000000000000000000000":-2:256
-
-ECP fix_negative: 2^128+1, -2, 256
-fix_negative:"0100000000000000000000000000000001":-2:256
-
-ECP fix_negative: 2^256-1, -2, 256
-fix_negative:"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff":-2:256
-
-# The first call to fix_negative in the test case of issue #4296.
-ECP fix_negative: #4296.1
-fix_negative:"8A4DD4C8B42C5EAED15FE4F4579F4CE513EC90A94010BF000000000000000000":-1:256
-
ECP export key parameters #1 (OK)
depends_on:MBEDTLS_ECP_DP_SECP256R1_ENABLED
ecp_export:MBEDTLS_ECP_DP_SECP256R1:"37cc56d976091e5a723ec7592dff206eee7cf9069174d0ad14b5f76822596292":"4ee500d82311ffea2fd2345d5d16bd8a88c26b770d55cd8a2a0efa01c8b4edff":"00f12a1320760270a83cbffd53f6031ef76a5d86c8a204f2c30ca9ebf51f0f0ea7":0:0
diff --git a/tests/suites/test_suite_ecp.function b/tests/suites/test_suite_ecp.function
index 78aca8a..4b51a9f 100644
--- a/tests/suites/test_suite_ecp.function
+++ b/tests/suites/test_suite_ecp.function
@@ -8,11 +8,6 @@
#include "ecp_invasive.h"
#include "bignum_mod_raw_invasive.h"
-#if defined(MBEDTLS_TEST_HOOKS) && \
- defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED)
-#define HAVE_FIX_NEGATIVE
-#endif
-
#define ECP_PF_UNKNOWN -1
#define ECP_PT_RESET(x) \
@@ -1091,36 +1086,6 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:HAVE_FIX_NEGATIVE */
-void fix_negative(data_t *N_bin, int c, int bits)
-{
- mbedtls_mpi C, M, N;
-
- mbedtls_mpi_init(&C);
- mbedtls_mpi_init(&M);
- mbedtls_mpi_init(&N);
-
- /* C = - c * 2^bits (positive since c is negative) */
- TEST_EQUAL(0, mbedtls_mpi_lset(&C, -c));
- TEST_EQUAL(0, mbedtls_mpi_shift_l(&C, bits));
-
- TEST_EQUAL(0, mbedtls_mpi_read_binary(&N, N_bin->x, N_bin->len));
- TEST_EQUAL(0, mbedtls_mpi_grow(&N, C.n));
-
- /* M = N - C = - ( C - N ) (expected result of fix_negative) */
- TEST_EQUAL(0, mbedtls_mpi_sub_mpi(&M, &N, &C));
-
- mbedtls_ecp_fix_negative(&N, c, bits);
-
- TEST_EQUAL(0, mbedtls_mpi_cmp_mpi(&N, &M));
-
-exit:
- mbedtls_mpi_free(&C);
- mbedtls_mpi_free(&M);
- mbedtls_mpi_free(&N);
-}
-/* END_CASE */
-
/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_MONTGOMERY_ENABLED */
void genkey_mx_known_answer(int bits, data_t *seed, data_t *expected)
{
@@ -1301,7 +1266,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP192R1_ENABLED */
void ecp_mod_p192_raw(char *input_N,
char *input_X,
char *result)
@@ -1344,7 +1309,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP224R1_ENABLED */
void ecp_mod_p224_raw(char *input_N,
char *input_X,
char *result)
@@ -1387,7 +1352,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
void ecp_mod_p256_raw(char *input_N,
char *input_X,
char *result)
@@ -1430,7 +1395,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP384R1_ENABLED */
void ecp_mod_p384_raw(char *input_N,
char *input_X,
char *result)
@@ -1473,7 +1438,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS */
+/* BEGIN_CASE depends_on:MBEDTLS_TEST_HOOKS:MBEDTLS_ECP_DP_SECP521R1_ENABLED */
void ecp_mod_p521_raw(char *input_N,
char *input_X,
char *result)
diff --git a/tests/suites/test_suite_pkcs7.function b/tests/suites/test_suite_pkcs7.function
index 016714b..3c93d0f 100644
--- a/tests/suites/test_suite_pkcs7.function
+++ b/tests/suites/test_suite_pkcs7.function
@@ -84,8 +84,8 @@
}
}
- ASSERT_ALLOC(crts, sizeof(*crts)*n_crts);
- ASSERT_ALLOC(crt_files_arr, sizeof(*crt_files_arr)*n_crts);
+ ASSERT_ALLOC(crts, n_crts);
+ ASSERT_ALLOC(crt_files_arr, n_crts);
for (i = 0; i < strlen(crt_files); i++) {
for (k = i; k < strlen(crt_files); k++) {
@@ -101,7 +101,7 @@
mbedtls_pkcs7_init(&pkcs7);
for (i = 0; i < n_crts; i++) {
- ASSERT_ALLOC(crts[i], sizeof(*crts[i]));
+ ASSERT_ALLOC(crts[i], 1);
mbedtls_x509_crt_init(crts[i]);
}
diff --git a/tests/suites/test_suite_platform.data b/tests/suites/test_suite_platform.data
new file mode 100644
index 0000000..557b586
--- /dev/null
+++ b/tests/suites/test_suite_platform.data
@@ -0,0 +1,12 @@
+
+Time: get milliseconds
+time_get_milliseconds:
+
+Time: get seconds
+time_get_seconds:
+
+Time: delay milliseconds
+time_delay_milliseconds:1000
+
+Time: delay seconds
+time_delay_seconds:1
diff --git a/tests/suites/test_suite_platform.function b/tests/suites/test_suite_platform.function
new file mode 100644
index 0000000..54ddd42
--- /dev/null
+++ b/tests/suites/test_suite_platform.function
@@ -0,0 +1,91 @@
+/* BEGIN_HEADER */
+
+/* This test module exercises the platform_* module. Since, depending on the
+ * underlying operating system, the time routines are not always reliable,
+ * this suite only performs very basic sanity checks of the timing API.
+ */
+
+#include <limits.h>
+
+#if defined(MBEDTLS_HAVE_TIME)
+#include "mbedtls/platform_time.h"
+
+#ifdef WIN32
+#include <windows.h>
+#elif _POSIX_C_SOURCE >= 199309L
+#include <time.h>
+#else
+#include <unistd.h>
+#endif
+void sleep_ms(int milliseconds)
+{
+#ifdef WIN32
+ Sleep(milliseconds);
+#elif _POSIX_C_SOURCE >= 199309L
+ struct timespec ts;
+ ts.tv_sec = milliseconds / 1000;
+ ts.tv_nsec = (milliseconds % 1000) * 1000000;
+ nanosleep(&ts, NULL);
+#else
+ usleep(milliseconds * 1000);
+#endif
+}
+#endif
+
+/* END_HEADER */
+
+/* BEGIN_DEPENDENCIES */
+
+/* END_DEPENDENCIES */
+
+
+
+/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */
+void time_get_milliseconds()
+{
+ mbedtls_ms_time_t current = mbedtls_ms_time();
+ (void) current;
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */
+void time_get_seconds()
+{
+ mbedtls_time_t current = mbedtls_time(NULL);
+ (void) current;
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */
+void time_delay_milliseconds(int delay_ms)
+{
+ mbedtls_ms_time_t current = mbedtls_ms_time();
+ mbedtls_ms_time_t elapsed_ms;
+
+ sleep_ms(delay_ms);
+
+ elapsed_ms = mbedtls_ms_time() - current;
+ TEST_ASSERT(elapsed_ms >= delay_ms && elapsed_ms < 4000 + delay_ms);
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_HAVE_TIME */
+void time_delay_seconds(int delay_secs)
+{
+ mbedtls_time_t current = mbedtls_time(NULL);
+ mbedtls_time_t elapsed_secs;
+
+ sleep_ms(delay_secs * 1000);
+
+ elapsed_secs = mbedtls_time(NULL) - current;
+ TEST_ASSERT(elapsed_secs >= delay_secs && elapsed_secs < 4 + delay_secs);
+ /* This goto is added to avoid warnings from the generated code. */
+ goto exit;
+}
+/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index c1d2667..3fab500 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1436,10 +1436,6 @@
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_LIFETIME_PERSISTENT:PSA_ERROR_INVALID_ARGUMENT
-Copy fail: AES, invalid lifetime (unknown location) in attributes
-depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C:!MBEDTLS_PSA_CRYPTO_DRIVERS
-copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION(PSA_KEY_PERSISTENCE_DEFAULT, 11):PSA_ERROR_INVALID_ARGUMENT
-
Copy fail: AES, copy to a readonly lifetime in attributes
depends_on:PSA_WANT_ALG_CTR:PSA_WANT_KEY_TYPE_AES:MBEDTLS_PSA_CRYPTO_STORAGE_C
copy_fail:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:0:PSA_KEY_TYPE_AES:"404142434445464748494a4b4c4d4e4f":PSA_KEY_TYPE_AES:0:PSA_KEY_USAGE_COPY | PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_EXPORT:PSA_ALG_CTR:0:1:PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_READ_ONLY, 0 ):PSA_ERROR_INVALID_ARGUMENT
@@ -6118,7 +6114,7 @@
derive_key_exercise:PSA_ALG_TLS12_PRF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_DERIVE:400:PSA_KEY_USAGE_DERIVE:PSA_ALG_HKDF(PSA_ALG_SHA_256)
PSA key derivation: HKDF-SHA-256 -> ECC secp256r1, exercise ECDSA
-depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_ALG_ECDSA:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
derive_key_exercise:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_VERIFY_HASH:PSA_ALG_ECDSA_ANY
PSA key derivation: HKDF-SHA-256 -> ECC curve25519, exercise ECDH
@@ -6150,11 +6146,11 @@
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_AES:256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf"
PSA key derivation: HKDF-SHA-256 -> ECC secp256r1
-depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5c0"
PSA key derivation: HKDF-SHA-256 -> ECC secp256r1 (1 redraw)
-depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_256:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_256
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):256:"46a5850b60ba10b0fd8e0feb8790e2819d46ea26fede564ff6dea94ef1945660"
PSA key derivation: HKDF-SHA-256 -> raw (same input as secp256r1+redraw)
@@ -6162,17 +6158,17 @@
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"4869212049276d20612074657374206b65792120486f772061726520796f753f":"":"e1ab5d0000000000":PSA_KEY_TYPE_RAW_DATA:256:"ffffffff55f60cea989fe02543c81b28aff09b5b51fdc43f91fe5c2511b0b9d9"
PSA key derivation: HKDF-SHA-256 -> ECC secp384r1
-depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_384:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_384
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):384:"3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993c"
# For secp521r1, the leading byte of the representation of the private key can
# be either 0 or 1. Have one test case where it's 0 and one where it's 1.
PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #0
-depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8f9":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"00b25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865b4b0a85a993b89b9b65683d60f0106d28fff039d0b6f3409"
PSA key derivation: HKDF-SHA-256 -> ECC secp521r1 #1
-depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521
+depends_on:PSA_WANT_ALG_HKDF:PSA_WANT_ALG_SHA_256:PSA_WANT_KEY_TYPE_ECC_KEY_PAIR:PSA_WANT_ECC_SECP_R1_521:MBEDTLS_PSA_BUILTIN_ECC_SECP_R1_521
derive_key_type:PSA_ALG_HKDF(PSA_ALG_SHA_256):"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":"000102030405060708090a0b0c":"f0f1f2f3f4f5f6f7f8fa":PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):521:"01122f37d10965c8455ecbd2bc73d5da5347d0ce772e54305d528295a64ffb7c567f5042e2d7e5803b407c08d1e110adcefc35564035d706582f723a2f76a32260da"
# For Curve25519, test a few different outputs to exercise masking (last byte of input_2 variation).
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index 311ce08..b74e020 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -690,7 +690,7 @@
asymmetric_encrypt_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:PSA_SUCCESS
PSA encrypt-decrypt transparent driver: fallback not available RSA PKCS#1 v1.5
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
asymmetric_encrypt_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED::PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA encrypt-decrypt transparent driver: encryption error RSA PKCS#1 v1.5
@@ -722,7 +722,7 @@
asymmetric_encrypt_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_SUCCESS:PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS:PSA_SUCCESS
PSA encrypt-decrypt transparent driver: fallback not available RSA OAEP-SHA-256
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP
asymmetric_encrypt_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED::PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA encrypt-decrypt transparent driver: encryption error RSA OAEP-SHA-256
@@ -746,7 +746,7 @@
asymmetric_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"2dfabbd0dd2cd9bd61f122615dae67d3952f6b6c169d924ae0ca452eb71bc2075875039b0bcf1781bbb42887e1d26b7727a294050ca3df9ea5b44c4b3052164f66a1ff8723393d64fb76afe86fc3dae97b1a86ddde6dd1aa697f20d81b5c559780c8f5c6b2919676203a52de10a5f6e76ac218642072f4868085555345f26a61":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA decrypt transparent driver: fallback not available RSA PKCS#1 v1.5
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
asymmetric_decrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"2dfabbd0dd2cd9bd61f122615dae67d3952f6b6c169d924ae0ca452eb71bc2075875039b0bcf1781bbb42887e1d26b7727a294050ca3df9ea5b44c4b3052164f66a1ff8723393d64fb76afe86fc3dae97b1a86ddde6dd1aa697f20d81b5c559780c8f5c6b2919676203a52de10a5f6e76ac218642072f4868085555345f26a61":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA decrypt transparent driver: in-driver RSA OAEP-SHA-256
@@ -762,7 +762,7 @@
asymmetric_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"13fd8220c266b34b894f916448d854f7438e075f55cc4df95edf7002bd88fd4b156305112f48362c1563a490ae56c29b546edb31dd5901db0c60197724d0a56ba1a33bfb0ed23bc806b0b2ca87ae9323ff86c7a06bf05108281a324b9f9af0bd50220aaf003606be1e5333fb53b97dff13261f8c6d2e4a5cefcd2b5589eb2a21":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA decrypt transparent driver: fallback not available RSA OAEP-SHA-256
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP
asymmetric_decrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"13fd8220c266b34b894f916448d854f7438e075f55cc4df95edf7002bd88fd4b156305112f48362c1563a490ae56c29b546edb31dd5901db0c60197724d0a56ba1a33bfb0ed23bc806b0b2ca87ae9323ff86c7a06bf05108281a324b9f9af0bd50220aaf003606be1e5333fb53b97dff13261f8c6d2e4a5cefcd2b5589eb2a21":"":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA encrypt transparent driver: in-driver RSA PKCS#1 v1.5
@@ -778,7 +778,7 @@
asymmetric_encrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA encrypt transparent driver: fallback not available RSA PKCS#1 v1.5
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_CRYPT:PSA_WANT_ALG_RSA_PKCS1V15_CRYPT
asymmetric_encrypt:PSA_ALG_RSA_PKCS1V15_CRYPT:"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA encrypt transparent driver: in-driver RSA OAEP-SHA-256
@@ -794,7 +794,7 @@
asymmetric_encrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_SUCCESS
PSA encrypt transparent driver: fallback not available RSA OAEP-SHA-256
-depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP
+depends_on:!MBEDTLS_PSA_BUILTIN_ALG_RSA_OAEP:PSA_WANT_ALG_RSA_OAEP
asymmetric_encrypt:PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"30818902818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc30203010001":"af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3":"874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1":"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad":"":"":PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_NOT_SUPPORTED
PSA AEAD encrypt setup, AES-GCM, 128 bytes #1
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 5105ef5..00ea6a5 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -484,7 +484,7 @@
/* END_HEADER */
/* BEGIN_DEPENDENCIES
- * depends_on:MBEDTLS_PSA_CRYPTO_C:MBEDTLS_PSA_CRYPTO_DRIVERS:PSA_CRYPTO_DRIVER_TEST
+ * depends_on:MBEDTLS_PSA_CRYPTO_C:PSA_CRYPTO_DRIVER_TEST
* END_DEPENDENCIES
*/
@@ -2130,7 +2130,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
void builtin_key_export(int builtin_key_id_arg,
int builtin_key_type_arg,
int builtin_key_bits_arg,
@@ -2181,7 +2181,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_DRIVERS:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
+/* BEGIN_CASE depends_on:PSA_CRYPTO_DRIVER_TEST:MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
void builtin_pubkey_export(int builtin_key_id_arg,
int builtin_key_type_arg,
int builtin_key_bits_arg,
diff --git a/tests/suites/test_suite_timing.function b/tests/suites/test_suite_timing.function
index 821ebd6..4143a1c 100644
--- a/tests/suites/test_suite_timing.function
+++ b/tests/suites/test_suite_timing.function
@@ -20,8 +20,20 @@
void timing_get_timer()
{
struct mbedtls_timing_hr_time time;
+
+ memset(&time, 0, sizeof(time));
+
(void) mbedtls_timing_get_timer(&time, 1);
+
+ /* Check that a non-zero time was written back */
+ int all_zero = 1;
+ for (size_t i = 0; i < sizeof(time); i++) {
+ all_zero &= ((unsigned char *) &time)[i] == 0;
+ }
+ TEST_ASSERT(!all_zero);
+
(void) mbedtls_timing_get_timer(&time, 0);
+
/* This goto is added to avoid warnings from the generated code. */
goto exit;
}
diff --git a/tests/suites/test_suite_x509parse.data b/tests/suites/test_suite_x509parse.data
index c025c3f..685b859 100644
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@@ -94,6 +94,14 @@
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
x509_cert_info:"data_files/server5-nonprintable_othername.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS non-printable othername SAN\nissued on \: 2022-09-06 15\:56\:47\nexpires on \: 2032-09-03 15\:56\:47\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n otherName \:\n hardware module name \:\n hardware type \: 1.3.6.1.4.1.17.3\n hardware serial number \: 3132338081008180333231\n"
+X509 CRT information EC, SHA256 Digest, directoryName SAN
+depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
+x509_cert_info:"data_files/server5-directoryname.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-10 16\:59\:29\nexpires on \: 2033-01-07 16\:59\:29\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n"
+
+X509 CRT information EC, SHA256 Digest, two directoryName SANs
+depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
+x509_cert_info:"data_files/server5-two-directorynames.crt.der":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\nissued on \: 2023-01-12 10\:34\:11\nexpires on \: 2033-01-09 10\:34\:11\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\nsubject alt name \:\n directoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n directoryName \: O=MALFORM_ME\n"
+
X509 CRT information EC, SHA256 Digest, Wisun Fan device
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
x509_cert_info:"data_files/server5-fan.crt":"cert. version \: 3\nserial number \: 4D\nissuer name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nsubject name \: C=UK, O=Mbed TLS, CN=Mbed TLS FAN\nissued on \: 2019-03-25 09\:03\:46\nexpires on \: 2029-03-22 09\:03\:46\nsigned using \: ECDSA with SHA256\nEC key size \: 256 bits\next key usage \: Wi-SUN Alliance Field Area Network (FAN)\n"
@@ -184,31 +192,43 @@
X509 SAN parsing otherName
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n"
+x509_parse_san:"data_files/server5-othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\n":0
X509 SAN parsing binary otherName
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n"
+x509_parse_san:"data_files/server5-nonprintable_othername.crt":"type \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 3132338081008180333231\n":0
+
+X509 SAN parsing directoryName
+depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
+x509_parse_san:"data_files/server5-directoryname.crt.der":"type \: 4\ndirectoryName \: C=UK, O=Mbed TLS, CN=Mbed TLS directoryName SAN\n":0
+
+X509 SAN parsing directoryName, seq malformed
+depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
+x509_parse_san:"data_files/server5-directoryname-seq-malformed.crt.der":"":MBEDTLS_ERR_ASN1_UNEXPECTED_TAG
+
+X509 SAN parsing two directoryNames, second DN OID malformed
+depends_on:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
+x509_parse_san:"data_files/server5-second-directoryname-oid-malformed.crt.der":"":MBEDTLS_ERR_X509_INVALID_NAME + MBEDTLS_ERR_ASN1_OUT_OF_DATA
X509 SAN parsing dNSName
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
+x509_parse_san:"data_files/cert_example_multi.crt":"type \: 2\ndNSName \: example.com\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n":0
X509 SAN parsing Multiple different types
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n"
+x509_parse_san:"data_files/multiple_san.crt":"type \: 2\ndNSName \: example.com\ntype \: 0\notherName \: hardware module name \: hardware type \: 1.3.6.1.4.1.17.3, hardware serial number \: 313233343536\ntype \: 2\ndNSName \: example.net\ntype \: 2\ndNSName \: *.example.org\n":0
X509 SAN parsing, no subject alt name
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256:MBEDTLS_PK_CAN_ECDSA_SOME
-x509_parse_san:"data_files/server4.crt":""
+x509_parse_san:"data_files/server4.crt":"":0
X509 SAN parsing, unsupported otherName name
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_PK_CAN_ECDSA_SOME:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/server5-unsupported_othername.crt":""
+x509_parse_san:"data_files/server5-unsupported_othername.crt":"":0
X509 SAN parsing rfc822Name
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_MD_CAN_SHA256
-x509_parse_san:"data_files/test_cert_rfc822name.crt.der":"type \: 1\nrfc822Name \: my@other.address\ntype \: 1\nrfc822Name \: second@other.address\n"
+x509_parse_san:"data_files/test_cert_rfc822name.crt.der":"type \: 1\nrfc822Name \: my@other.address\ntype \: 1\nrfc822Name \: second@other.address\n":0
X509 CRL information #1
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_MD_CAN_SHA1:MBEDTLS_RSA_C:!MBEDTLS_X509_REMOVE_INFO
diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index ed1dcaf..177bc97 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -289,6 +289,17 @@
*p++ = san->san.unstructured_name.p[i];
}
break;/* MBEDTLS_X509_SAN_RFC822_NAME */
+ case (MBEDTLS_X509_SAN_DIRECTORY_NAME):
+ ret = mbedtls_snprintf(p, n, "\ndirectoryName : ");
+ MBEDTLS_X509_SAFE_SNPRINTF;
+ ret = mbedtls_x509_dn_gets(p, n, &san->san.directory_name);
+ if (ret < 0) {
+ return ret;
+ }
+
+ p += ret;
+ n -= ret;
+ break;/* MBEDTLS_X509_SAN_DIRECTORY_NAME */
default:
/*
* Should not happen.
@@ -426,7 +437,7 @@
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */
-void x509_parse_san(char *crt_file, char *result_str)
+void x509_parse_san(char *crt_file, char *result_str, int parse_result)
{
int ret;
mbedtls_x509_crt crt;
@@ -439,8 +450,11 @@
mbedtls_x509_crt_init(&crt);
memset(buf, 0, 2000);
- TEST_ASSERT(mbedtls_x509_crt_parse_file(&crt, crt_file) == 0);
+ TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), parse_result);
+ if (parse_result != 0) {
+ goto exit;
+ }
if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
cur = &crt.subject_alt_names;
while (cur != NULL) {
@@ -450,7 +464,9 @@
* If san type not supported, ignore.
*/
if (ret == 0) {
- TEST_ASSERT(verify_parse_san(&san, &p, &n) == 0);
+ ret = verify_parse_san(&san, &p, &n);
+ mbedtls_x509_free_subject_alt_name(&san);
+ TEST_EQUAL(ret, 0);
}
cur = cur->next;
}