Merge pull request #4826 from RcColes/development
Add LMS implementation
diff --git a/ChangeLog.d/fix_aead_psa_driver_build.txt b/ChangeLog.d/fix_aead_psa_driver_build.txt
new file mode 100644
index 0000000..a6d11d3
--- /dev/null
+++ b/ChangeLog.d/fix_aead_psa_driver_build.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix compilation errors when trying to build with
+ PSA drivers for AEAD (GCM, CCM, Chacha20-Poly1305).
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5a02182..09b1dfc 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -1188,6 +1188,10 @@
uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */
unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN];
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && defined(MBEDTLS_SSL_CLI_C)
+ char *MBEDTLS_PRIVATE(hostname); /*!< host name binded with tickets */
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION && MBEDTLS_SSL_CLI_C */
+
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C)
mbedtls_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */
#endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 7e2b686..2ce5e43 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3705,39 +3705,34 @@
return( status );
}
-static psa_status_t psa_validate_tag_length( psa_aead_operation_t *operation,
- psa_algorithm_t alg ) {
- uint8_t tag_len = 0;
- if( psa_driver_get_tag_len( operation, &tag_len ) != PSA_SUCCESS )
- {
- return( PSA_ERROR_INVALID_ARGUMENT );
- }
+static psa_status_t psa_validate_tag_length( psa_algorithm_t alg ) {
+ const uint8_t tag_len = PSA_ALG_AEAD_GET_TAG_LENGTH( alg );
switch( PSA_ALG_AEAD_WITH_SHORTENED_TAG( alg, 0 ) )
{
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
+#if defined(PSA_WANT_ALG_CCM)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.*/
if( tag_len < 4 || tag_len > 16 || tag_len % 2 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CCM */
+#endif /* PSA_WANT_ALG_CCM */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
+#if defined(PSA_WANT_ALG_GCM)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16. */
if( tag_len != 4 && tag_len != 8 && ( tag_len < 12 || tag_len > 16 ) )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_GCM */
+#endif /* PSA_WANT_ALG_GCM */
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
/* We only support the default tag length. */
if( tag_len != 16 )
return( PSA_ERROR_INVALID_ARGUMENT );
break;
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305 */
+#endif /* PSA_WANT_ALG_CHACHA20_POLY1305 */
default:
(void) tag_len;
@@ -3788,6 +3783,9 @@
.core = slot->attr
};
+ if( ( status = psa_validate_tag_length( alg ) ) != PSA_SUCCESS )
+ goto exit;
+
if( is_encrypt )
status = psa_driver_wrapper_aead_encrypt_setup( operation,
&attributes,
@@ -3803,9 +3801,6 @@
if( status != PSA_SUCCESS )
goto exit;
- if( ( status = psa_validate_tag_length( operation, alg ) ) != PSA_SUCCESS )
- goto exit;
-
operation->key_type = psa_get_key_type( &attributes );
exit:
diff --git a/library/psa_crypto_aead.c b/library/psa_crypto_aead.c
index 76d95bc..48969b3 100644
--- a/library/psa_crypto_aead.c
+++ b/library/psa_crypto_aead.c
@@ -45,7 +45,6 @@
size_t key_bits;
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_id_t cipher_id;
- size_t full_tag_length = 0;
( void ) key_buffer_size;
@@ -62,7 +61,6 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CCM)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CCM, 0 ):
operation->alg = PSA_ALG_CCM;
- full_tag_length = 16;
/* CCM allows the following tag lengths: 4, 6, 8, 10, 12, 14, 16.
* The call to mbedtls_ccm_encrypt_and_tag or
* mbedtls_ccm_auth_decrypt will validate the tag length. */
@@ -81,7 +79,6 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_GCM)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_GCM, 0 ):
operation->alg = PSA_ALG_GCM;
- full_tag_length = 16;
/* GCM allows the following tag lengths: 4, 8, 12, 13, 14, 15, 16.
* The call to mbedtls_gcm_crypt_and_tag or
* mbedtls_gcm_auth_decrypt will validate the tag length. */
@@ -100,7 +97,6 @@
#if defined(MBEDTLS_PSA_BUILTIN_ALG_CHACHA20_POLY1305)
case PSA_ALG_AEAD_WITH_SHORTENED_TAG( PSA_ALG_CHACHA20_POLY1305, 0 ):
operation->alg = PSA_ALG_CHACHA20_POLY1305;
- full_tag_length = 16;
/* We only support the default tag length. */
if( alg != PSA_ALG_CHACHA20_POLY1305 )
return( PSA_ERROR_NOT_SUPPORTED );
@@ -120,16 +116,9 @@
return( PSA_ERROR_NOT_SUPPORTED );
}
- if( PSA_AEAD_TAG_LENGTH( attributes->core.type,
- key_bits, alg )
- > full_tag_length )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
operation->key_type = psa_get_key_type( attributes );
- operation->tag_length = PSA_AEAD_TAG_LENGTH( operation->key_type,
- key_bits,
- alg );
+ operation->tag_length = PSA_ALG_AEAD_GET_TAG_LENGTH( alg );
return( PSA_SUCCESS );
}
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 12c649d..ee23b6f 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -226,10 +226,6 @@
const uint8_t *ciphertext, size_t ciphertext_length,
uint8_t *plaintext, size_t plaintext_size, size_t *plaintext_length );
-psa_status_t psa_driver_get_tag_len(
- psa_aead_operation_t *operation,
- uint8_t *tag_len );
-
psa_status_t psa_driver_wrapper_aead_encrypt_setup(
psa_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
diff --git a/library/ssl_client.c b/library/ssl_client.c
index d251391..90ec252 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -707,6 +707,7 @@
MBEDTLS_CLIENT_HELLO_RANDOM_LEN - gmt_unix_time_len );
return( ret );
}
+
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_prepare_client_hello( mbedtls_ssl_context *ssl )
{
@@ -864,6 +865,37 @@
}
}
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ if( ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 &&
+ ssl->handshake->resume )
+ {
+ int hostname_mismatch = ssl->hostname != NULL ||
+ session_negotiate->hostname != NULL;
+ if( ssl->hostname != NULL && session_negotiate->hostname != NULL )
+ {
+ hostname_mismatch = strcmp(
+ ssl->hostname, session_negotiate->hostname ) != 0;
+ }
+
+ if( hostname_mismatch )
+ {
+ MBEDTLS_SSL_DEBUG_MSG(
+ 1, ( "Hostname mismatch the session ticket, "
+ "disable session resumption." ) );
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+ }
+ else
+ {
+ return mbedtls_ssl_session_set_hostname( session_negotiate,
+ ssl->hostname );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 &&
+ MBEDTLS_SSL_SESSION_TICKETS &&
+ MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
return( 0 );
}
/*
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index afacb76..828937c 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -2494,4 +2494,13 @@
unsigned char *buf, unsigned char *end );
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
+ defined(MBEDTLS_SSL_CLI_C)
+MBEDTLS_CHECK_RETURN_CRITICAL
+int mbedtls_ssl_session_set_hostname( mbedtls_ssl_session *session,
+ const char *hostname );
+#endif
+
#endif /* ssl_misc.h */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3357cd6..c36729f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -235,10 +235,13 @@
{
mbedtls_ssl_session_free( dst );
memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
-
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
dst->ticket = NULL;
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ dst->hostname = NULL;
#endif
+#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
@@ -287,6 +290,18 @@
memcpy( dst->ticket, src->ticket, src->ticket_len );
}
+
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ if( src->endpoint == MBEDTLS_SSL_IS_CLIENT )
+ {
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ ret = mbedtls_ssl_session_set_hostname( dst, src->hostname );
+ if( ret != 0 )
+ return ( ret );
+ }
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 &&
+ MBEDTLS_SSL_SERVER_NAME_INDICATION */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
return( 0 );
@@ -1926,6 +1941,7 @@
/* Serialization of TLS 1.3 sessions:
*
* struct {
+ * opaque hostname<0..2^16-1>;
* uint64 ticket_received;
* uint32 ticket_lifetime;
* opaque ticket<1..2^16-1>;
@@ -1952,6 +1968,11 @@
size_t *olen )
{
unsigned char *p = buf;
+#if defined(MBEDTLS_SSL_CLI_C) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ size_t hostname_len = ( session->hostname == NULL ) ?
+ 0 : strlen( session->hostname ) + 1;
+#endif
size_t needed = 1 /* endpoint */
+ 2 /* ciphersuite */
+ 4 /* ticket_age_add */
@@ -1970,6 +1991,11 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ needed += 2 /* hostname_len */
+ + hostname_len; /* hostname */
+#endif
+
needed += 4 /* ticket_lifetime */
+ 2; /* ticket_len */
@@ -2007,6 +2033,17 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ MBEDTLS_PUT_UINT16_BE( hostname_len, p, 0 );
+ p += 2;
+ if( hostname_len > 0 )
+ {
+ /* save host name */
+ memcpy( p, session->hostname, hostname_len );
+ p += hostname_len;
+ }
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */
+
#if defined(MBEDTLS_HAVE_TIME)
MBEDTLS_PUT_UINT64_BE( (uint64_t) session->ticket_received, p, 0 );
p += 8;
@@ -2067,6 +2104,28 @@
#if defined(MBEDTLS_SSL_CLI_C)
if( session->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
+#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
+ defined(MBEDTLS_SSL_SESSION_TICKETS)
+ size_t hostname_len;
+ /* load host name */
+ if( end - p < 2 )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ hostname_len = MBEDTLS_GET_UINT16_BE( p, 0 );
+ p += 2;
+
+ if( end - p < ( long int )hostname_len )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ if( hostname_len > 0 )
+ {
+ session->hostname = mbedtls_calloc( 1, hostname_len );
+ if( session->hostname == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+ memcpy( session->hostname, p, hostname_len );
+ p += hostname_len;
+ }
+#endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION &&
+ MBEDTLS_SSL_SESSION_TICKETS */
+
#if defined(MBEDTLS_HAVE_TIME)
if( end - p < 8 )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -3668,6 +3727,10 @@
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+ mbedtls_free( session->hostname );
+#endif
mbedtls_free( session->ticket );
#endif
@@ -8790,4 +8853,54 @@
}
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && \
+ defined(MBEDTLS_SSL_SESSION_TICKETS) && \
+ defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
+ defined(MBEDTLS_SSL_CLI_C)
+int mbedtls_ssl_session_set_hostname( mbedtls_ssl_session *session,
+ const char *hostname )
+{
+ /* Initialize to suppress unnecessary compiler warning */
+ size_t hostname_len = 0;
+
+ /* Check if new hostname is valid before
+ * making any change to current one */
+ if( hostname != NULL )
+ {
+ hostname_len = strlen( hostname );
+
+ if( hostname_len > MBEDTLS_SSL_MAX_HOST_NAME_LEN )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+
+ /* Now it's clear that we will overwrite the old hostname,
+ * so we can free it safely */
+ if( session->hostname != NULL )
+ {
+ mbedtls_platform_zeroize( session->hostname,
+ strlen( session->hostname ) );
+ mbedtls_free( session->hostname );
+ }
+
+ /* Passing NULL as hostname shall clear the old one */
+ if( hostname == NULL )
+ {
+ session->hostname = NULL;
+ }
+ else
+ {
+ session->hostname = mbedtls_calloc( 1, hostname_len + 1 );
+ if( session->hostname == NULL )
+ return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
+
+ memcpy( session->hostname, hostname, hostname_len );
+ }
+
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 &&
+ MBEDTLS_SSL_SESSION_TICKETS &&
+ MBEDTLS_SSL_SERVER_NAME_INDICATION &&
+ MBEDTLS_SSL_CLI_C */
+
#endif /* MBEDTLS_SSL_TLS_C */
diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c
index db53310..3e54f38 100644
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@@ -2842,7 +2842,8 @@
* MAY treat a ticket as valid for a shorter period of time than what
* is stated in the ticket_lifetime.
*/
- ticket_lifetime %= 604800;
+ if( ticket_lifetime > 604800 )
+ ticket_lifetime = 604800;
MBEDTLS_PUT_UINT32_BE( ticket_lifetime, p, 0 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket_lifetime: %u",
( unsigned int )ticket_lifetime ) );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index 6377162..be474d4 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -405,6 +405,7 @@
" exchanges=%%d default: 1\n" \
" reconnect=%%d number of reconnections using session resumption\n" \
" default: 0 (disabled)\n" \
+ " reco_server_name=%%s default: localhost\n" \
" reco_delay=%%d default: 0 seconds\n" \
" reco_mode=%%d 0: copy session, 1: serialize session\n" \
" default: 1\n" \
@@ -498,6 +499,7 @@
int recsplit; /* enable record splitting? */
int dhmlen; /* minimum DHM params len in bits */
int reconnect; /* attempt to resume session */
+ const char *reco_server_name; /* hostname of the server (re-connect) */
int reco_delay; /* delay in seconds before resuming session */
int reco_mode; /* how to keep the session around */
int reconnect_hard; /* unexpectedly reconnect from the same port */
@@ -923,6 +925,7 @@
opt.recsplit = DFL_RECSPLIT;
opt.dhmlen = DFL_DHMLEN;
opt.reconnect = DFL_RECONNECT;
+ opt.reco_server_name = DFL_SERVER_NAME;
opt.reco_delay = DFL_RECO_DELAY;
opt.reco_mode = DFL_RECO_MODE;
opt.reconnect_hard = DFL_RECONNECT_HARD;
@@ -1119,6 +1122,8 @@
if( opt.reconnect < 0 || opt.reconnect > 2 )
goto usage;
}
+ else if( strcmp( p, "rec_server_name" ) == 0 )
+ opt.reco_server_name = q;
else if( strcmp( p, "reco_delay" ) == 0 )
{
opt.reco_delay = atoi( q );
@@ -3113,6 +3118,16 @@
goto exit;
}
+#if defined(MBEDTLS_X509_CRT_PARSE_C)
+ if( ( ret = mbedtls_ssl_set_hostname( &ssl,
+ opt.reco_server_name ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_set_hostname returned %d\n\n",
+ ret );
+ goto exit;
+ }
+#endif
+
if( ( ret = mbedtls_net_connect( &server_fd,
opt.server_addr, opt.server_port,
opt.transport == MBEDTLS_SSL_TRANSPORT_STREAM ?
diff --git a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
index a5ae6a2..8ef2e6d 100644
--- a/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
+++ b/scripts/data_files/driver_templates/psa_crypto_driver_wrappers.c.jinja
@@ -1616,22 +1616,6 @@
}
}
-psa_status_t psa_driver_get_tag_len( psa_aead_operation_t *operation,
- uint8_t *tag_len )
-{
- if( operation == NULL || tag_len == NULL )
- return( PSA_ERROR_INVALID_ARGUMENT );
-
-#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
-#if defined(PSA_CRYPTO_DRIVER_TEST)
- *tag_len = operation->ctx.transparent_test_driver_ctx.tag_length;
- return ( PSA_SUCCESS );
-#endif
-#endif
- *tag_len = operation->ctx.mbedtls_ctx.tag_length;
- return ( PSA_SUCCESS );
-}
-
psa_status_t psa_driver_wrapper_aead_encrypt_setup(
psa_aead_operation_t *operation,
const psa_key_attributes_t *attributes,
diff --git a/tests/include/test/drivers/crypto_config_test_driver_extension.h b/tests/include/test/drivers/crypto_config_test_driver_extension.h
index 8052a85..0bbca4a 100644
--- a/tests/include/test/drivers/crypto_config_test_driver_extension.h
+++ b/tests/include/test/drivers/crypto_config_test_driver_extension.h
@@ -142,6 +142,14 @@
#endif
#endif
+#if defined(PSA_WANT_ALG_CHACHA20_POLY1305)
+#if defined(MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305)
+#undef MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305
+#else
+#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
+#endif
+#endif
+
#if defined(PSA_WANT_KEY_TYPE_AES)
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_AES)
#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_AES
@@ -182,9 +190,16 @@
#endif
#endif
+#if defined(PSA_WANT_KEY_TYPE_CHACHA20)
+#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20)
+#undef MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20
+#else
+#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
+#endif
+#endif
+
#define MBEDTLS_PSA_ACCEL_ALG_CBC_MAC 1
#define MBEDTLS_PSA_ACCEL_ALG_CCM 1
-#define MBEDTLS_PSA_ACCEL_ALG_CHACHA20_POLY1305 1
#define MBEDTLS_PSA_ACCEL_ALG_CMAC 1
#define MBEDTLS_PSA_ACCEL_ALG_ECB_NO_PADDING 1
#define MBEDTLS_PSA_ACCEL_ALG_ECDH 1
@@ -217,7 +232,6 @@
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DERIVE 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_HMAC 1
-#define MBEDTLS_PSA_ACCEL_KEY_TYPE_CHACHA20 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_DES 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY 1
#define MBEDTLS_PSA_ACCEL_KEY_TYPE_RAW_DATA 1
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 2ee99b3..f1b2f0e 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -2106,6 +2106,41 @@
make test
}
+component_test_psa_crypto_config_accel_aead () {
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"
+
+ # Disable ALG_STREAM_CIPHER and ALG_ECB_NO_PADDING to avoid having
+ # partial support for cipher operations in the driver test library.
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_STREAM_CIPHER
+ scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_ECB_NO_PADDING
+
+ loc_accel_list="ALG_GCM ALG_CCM ALG_CHACHA20_POLY1305 KEY_TYPE_AES KEY_TYPE_CHACHA20 KEY_TYPE_ARIA KEY_TYPE_CAMELLIA"
+ loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' )
+ make -C tests libtestdriver1.a CFLAGS="$ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS"
+
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+
+ scripts/config.py unset MBEDTLS_GCM_C
+ scripts/config.py unset MBEDTLS_CCM_C
+ scripts/config.py unset MBEDTLS_CHACHAPOLY_C
+ # Features that depend on AEAD
+ scripts/config.py unset MBEDTLS_SSL_CONTEXT_SERIALIZATION
+ scripts/config.py unset MBEDTLS_SSL_TICKET_C
+
+ loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )"
+ make CFLAGS="$ASAN_CFLAGS -Werror -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS"
+
+ # There's a risk of something getting re-enabled via config_psa.h
+ # make sure it did not happen.
+ not grep mbedtls_ccm library/ccm.o
+ not grep mbedtls_gcm library/gcm.o
+ not grep mbedtls_chachapoly library/chachapoly.o
+
+ msg "test: MBEDTLS_PSA_CRYPTO_CONFIG with accelerated AEAD"
+ make test
+}
+
component_test_psa_crypto_config_no_driver() {
# full plus MBEDTLS_PSA_CRYPTO_CONFIG
msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
diff --git a/tests/src/drivers/test_driver_aead.c b/tests/src/drivers/test_driver_aead.c
index b561960..93a75f6 100644
--- a/tests/src/drivers/test_driver_aead.c
+++ b/tests/src/drivers/test_driver_aead.c
@@ -25,6 +25,10 @@
#include "test/drivers/aead.h"
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
+#include "libtestdriver1/library/psa_crypto_aead.h"
+#endif
+
mbedtls_test_driver_aead_hooks_t
mbedtls_test_driver_aead_hooks = MBEDTLS_TEST_DRIVER_AEAD_INIT;
@@ -46,7 +50,18 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_encrypt(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ plaintext, plaintext_length,
+ ciphertext, ciphertext_size, ciphertext_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_encrypt(
attributes, key_buffer, key_buffer_size,
@@ -94,7 +109,18 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_decrypt(
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size,
+ alg,
+ nonce, nonce_length,
+ additional_data, additional_data_length,
+ ciphertext, ciphertext_length,
+ plaintext, plaintext_size, plaintext_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_decrypt(
attributes, key_buffer, key_buffer_size,
@@ -139,7 +165,14 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_encrypt_setup( operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer,
+ key_buffer_size, alg );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_encrypt_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -171,7 +204,13 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_decrypt_setup( operation,
+ (const libtestdriver1_psa_key_attributes_t *)attributes,
+ key_buffer, key_buffer_size, alg );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_decrypt_setup( operation, attributes, key_buffer,
key_buffer_size, alg );
@@ -202,7 +241,11 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_set_nonce( operation, nonce, nonce_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_set_nonce( operation, nonce, nonce_length );
#else
@@ -230,7 +273,12 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_set_lengths( operation, ad_length,
+ plaintext_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_set_lengths( operation, ad_length,
plaintext_length );
@@ -259,7 +307,11 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_update_ad( operation, input, input_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_update_ad( operation, input, input_length );
#else
@@ -290,7 +342,13 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_update( operation, input,
+ input_length, output,
+ output_size, output_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_update( operation, input, input_length, output,
output_size, output_length );
@@ -326,7 +384,13 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_finish( operation, ciphertext,
+ ciphertext_size, ciphertext_length,
+ tag, tag_size, tag_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_finish( operation, ciphertext, ciphertext_size,
ciphertext_length, tag, tag_size,
@@ -364,9 +428,19 @@
else
{
uint8_t check_tag[PSA_AEAD_TAG_MAX_SIZE];
- size_t check_tag_length;
+ size_t check_tag_length = 0;
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_finish( operation,
+ plaintext,
+ plaintext_size,
+ plaintext_length,
+ check_tag,
+ sizeof( check_tag ),
+ &check_tag_length );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_finish( operation,
plaintext,
@@ -410,7 +484,11 @@
}
else
{
-#if defined(MBEDTLS_PSA_BUILTIN_AEAD)
+#if defined(MBEDTLS_TEST_LIBTESTDRIVER1) && \
+ defined(LIBTESTDRIVER1_MBEDTLS_PSA_BUILTIN_AEAD)
+ mbedtls_test_driver_aead_hooks.driver_status =
+ libtestdriver1_mbedtls_psa_aead_abort( operation );
+#elif defined(MBEDTLS_PSA_BUILTIN_AEAD)
mbedtls_test_driver_aead_hooks.driver_status =
mbedtls_psa_aead_abort( operation );
#else
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 48dd89e..f6437f5 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -12873,6 +12873,47 @@
-c "Protocol is TLSv1.2" \
-c "HTTP/1.0 200 [Oo][Kk]"
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_DEBUG_C
+run_test "TLS 1.3: NewSessionTicket: servername check, m->m" \
+ "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \
+ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
+ "$P_CLI debug_level=4 server_name=localhost reco_mode=1 reconnect=1" \
+ 0 \
+ -c "Protocol is TLSv1.3" \
+ -c "got new session ticket." \
+ -c "Saving session for reuse... ok" \
+ -c "Reconnecting with saved session" \
+ -c "HTTP/1.0 200 OK" \
+ -s "=> write NewSessionTicket msg" \
+ -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET" \
+ -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH" \
+ -s "key exchange mode: ephemeral" \
+ -s "key exchange mode: psk_ephemeral" \
+ -s "found pre_shared_key extension"
+
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
+requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
+requires_config_enabled MBEDTLS_SSL_SRV_C
+requires_config_enabled MBEDTLS_SSL_CLI_C
+requires_config_enabled MBEDTLS_DEBUG_C
+run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \
+ "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \
+ sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
+ "$P_CLI debug_level=4 server_name=localhost rec_server_name=remote reco_mode=1 reconnect=1" \
+ 1 \
+ -c "Protocol is TLSv1.3" \
+ -c "got new session ticket." \
+ -c "Saving session for reuse... ok" \
+ -c "Reconnecting with saved session" \
+ -c "Hostname mismatch the session ticket, disable session resumption." \
+ -s "=> write NewSessionTicket msg" \
+ -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET" \
+ -s "server state: MBEDTLS_SSL_NEW_SESSION_TICKET_FLUSH"
+
# Test heap memory usage after handshake
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_MEMORY_DEBUG
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index f2478be..cded3a8 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -3643,15 +3643,15 @@
PSA Multipart AEAD verify: ChaCha20 - Poly1305, invalid tag length 0
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,0):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_INVALID_ARGUMENT
+aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,0):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD verify: ChaCha20 - Poly1305, invalid tag length 15
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,15):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_INVALID_ARGUMENT
+aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,15):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD verify: ChaCha20 - Poly1305, invalid tag length 17
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,17):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_NOT_SUPPORTED:PSA_ERROR_INVALID_ARGUMENT
+aead_multipart_verify:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,17):"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b6116":"1ae10b594f09e26a7e902ecbd0600690":1:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_INVALID_ARGUMENT
PSA Multipart AEAD verify: ChaCha20 - Poly1305 (RFC7539, bad tag)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
@@ -3951,7 +3951,7 @@
PSA AEAD setup: invalid algorithm (ChaCha20 - Poly1305 with short tag)
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,12):PSA_ERROR_NOT_SUPPORTED
+aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,12):PSA_ERROR_INVALID_ARGUMENT
PSA AEAD setup: AES - CCM, invalid tag length 0
depends_on:PSA_WANT_ALG_CCM:PSA_WANT_KEY_TYPE_AES
@@ -4031,15 +4031,15 @@
PSA AEAD setup: ChaCha20-Poly1305, invalid tag length 0
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,0):PSA_ERROR_NOT_SUPPORTED
+aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,0):PSA_ERROR_INVALID_ARGUMENT
PSA AEAD setup: ChaCha20-Poly1305, invalid tag length 15
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,15):PSA_ERROR_NOT_SUPPORTED
+aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,15):PSA_ERROR_INVALID_ARGUMENT
PSA AEAD setup: ChaCha20-Poly1305, invalid tag length 17
depends_on:PSA_WANT_ALG_CHACHA20_POLY1305:PSA_WANT_KEY_TYPE_CHACHA20
-aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,17):PSA_ERROR_NOT_SUPPORTED
+aead_multipart_setup:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CHACHA20_POLY1305,17):PSA_ERROR_INVALID_ARGUMENT
PSA Multipart State Checks, AES - GCM
depends_on:PSA_WANT_ALG_GCM:PSA_WANT_KEY_TYPE_AES