Visual Studio 2013 (_MSC_VER == 1800) doesn't support %zu - only use it
on 2015 and above (_MSC_VER >= 1900).
%ldd works on Visual Studio 2013, but this patch keeps the two macro
definitions together, for simplicity's sake.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
This allows any implementer of the PSA client interface to easily
include this header and therefore function's prototype.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The previous change that replaced CRYPTO_C with CRYPTO_CLIENT
caused an increase of the mbedtls_md struct in scenarios where
the hash related PSA_WANTs were enabled, but not accelerated.
This caused an ABI-API break which is not allowed for an LTS
branch.
Since the main goal here is to allow PSA dispatch in a "pure
crypto client" scenario, we partially revert the previous change
to config_adjust_legacy_crypto.h and add an extra condition
for "CRYPTO_CLIENT && !CRYPTO_C".
This commit also reverts changes done in analyze_outcomes.py
because they are no more necessary.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Instead of allowing PSA dispatching only when CRYPTO_C is set and
some MBEDTLS_PSA_ACCEL_ALG_xxx is set, we enable dispatching
when CRYPTO_CLIENT and PSA_WANT_ALG_xxx are set. This makes
the feature more useful in cases where the PSA support is
provided externally, like for example TF-M in Zephyr.
This commit also add proper guards for tests trying to use MD+PSA
dispatch.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move the auto-enabling of CRYPTO_CLIENT when CRYPTO_C at the
beginning of the file so that all that becomes later is aware
of this.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
In the `mbedtls_ssl_context` structure, merge the field `in_hsfraglen` into
`badmac_seen_or_in_hsfraglen`. This restores the ABI of `libmbedtls` as it
was in Mbed TLS 3.6.0 through 3.6.2.
The field `badmac_seen_or_in_hsfraglen` (formerly `badmac_seen`) was only
used for DTLS (despite being present in non-DTLS builds), and the field
`in_hsfraglen` was only used in non-DTLS TLS. Therefore the two values can
be stored in the same field.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In the `mbedtls_ssl_context` structure, change the type of `in_hsfraglen`
from `size_t` to `unsigned`. This is in preparation for merging
`in_hsfraglen` into `badmac_seen_or_in_hsfraglen`, which has the type
`unsigned` and cannot change since we do not want to change the ABI.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Prepare to unify two fields of the `mbedtls_ssl_context` structure:
`badmac_seen` (always present but only used in DTLS) and
`in_hsfraglen` (always present but only used in non-DTLS TLS).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The first fragment of a fragmented handshake message always starts at the beginning of the buffer so there's no need to store it.
Signed-off-by: Deomid rojer Ryabkov <rojer@rojer.me>
Use a special marker as ssl->hostname if mbedtls_ssl_set_hostname() has been
called with NULL. If mbedtls_ssl_set_hostname() has never been called, the
field is NULL, as before.
No behavior change apart from now emitting a different log message depending
on whether mbedtls_ssl_set_hostname() has been called with NULL or not at all.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Don't list mechanisms that are not implemented in
`include/psa/crypto_config.h`, even commented out. Uncommenting them
wouldn't help anyway: they don't work. Having them listed, even commented
out, causes `find_dependencies_not_implemented()` in `psa_test_case.py` to
consider those mechanisms to be implemented, and thus causes
`generate_psa_tests.py` to generate test cases that cannot be executed.
The affected mechanisms are:
* `PSA_ALG_CBC_MAC` (`PSA_WANT_ALG_CBC_MAC`)
* `PSA_ALG_XTS` (`PSA_WANT_ALG_XTS`)
* `PSA_ECC_FAMILY_SECP_K1` 224-bit (`PSA_WANT_ECC_SECP_K1_224`)
Also remove the affected mechanisms from configuration adjustment files,
since that is code that can never be triggered.
There were already no generated test cases for SECP224K1 because
`PSA_WANT_ECC_SECP_K1_224` was already detected as a dependency that cannot
be implemented, because that is not a valid size: PSA defines SECP224K1 as
225-bit, and `crypto_knowledge.py` follows suite, so `generate_psa_tests.py`
saw `PSA_WANT_ECC_SECP_K1_225` in its enumeration but skipped it because it
was never mentioned in `crypto_config.h`.
This causes generated PSA tests to no longer include positive test cases for
`PSA_ALG_CBC_MAC` and `PSA_ALG_XTS`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit fixes an issue with check_names failing due to not being
defined as a macro in Mbed TLS. This is instead defined by alternative
implementations of MBEDTLS_GCM.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit updates GCM buffer overlap documentation to explicitly
support overlapping encryption/decryption buffers for GCM.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
Document the return value of mbedtls_ecdsa_raw_to_der() and
mbedtls_ecdsa_der_to_raw().
Document that mbedtls_ecdsa_raw_to_der() has undefined behavior when the
output buffer parameter is null, even with a size of 0.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
- psa_crypto_helpers.h
mbedtls-3.6 branch misses some crypto client changes that has
been done in the development branch since the LTS release. Therefore
CRYPTO_C guard here is more accurate than CRYPTO_CLIENT.
- entropy.h
In the development branch MBEDTLS_ENTROPY_BLOCK_SIZE is defined
when PSA_WANT_ALG_SHA_[256/512] is defined while in the mbedtls-3.6
branch is guarded by MBEDTLS_MD_CAN_SHA[256/512] which is slightly
different. Since MBEDTLS_ENTROPY_BLOCK_SIZE is used in some tests's
data files, we need to have it defined also if the related test
is skipped. Therefore we add the PSA_WANT_ALG_SHA conditions together
with the MBEDTLS_MD_CAN_SHA ones to mimic the development behavior.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
MBEDTLS_PSA_KEY_BUFFER_MAX_SIZE is only used in tests so it should
not be defined in a public header such as "crypto_extra.h".
"psa_crypto_helpers.h" is a better option.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Instead of skipping some tests when !MBEDTLS_PSA_STATIC_KEY_SLOTS,
add a proper check in the depends_on to verify if
MBEDTLS_PSA_KEY_BUFFER_MAX_SIZE is actually large enough to contain
the key used in such test.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move the default definition of MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE
from psa_crypto_core.h to the public header crypto_extra.h in order
to solve documentation build issues.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
