Move PSK ciphersuite selection up to the main
ClientHello parsing function. That way the
ciphersuite selection only happens in this
function.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Regarding the possibility of selecting a
key exchange mode, the check of the ticket
flags is now separated from the check of
the ClientHello content and server
configuration.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For PSK based key exchange modes do not check twice
anymore if they can be selected or not. Check it
only when looping over the offered PSKs to select
one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If an identity has been determined as a
ticket identity but the ticket is not
usable, do not try to check if the
identity is that of an external
provided PSK.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Improve the values returned by
ssl_tls13_offered_psks_check_identity_match_ticket().
Distinguish between the two following cases:
1) the PSK identity is not a valid ticket identity
2) the PSK identity is a valid ticket identity but
the ticket cannot be used for session resumption.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix the value returned by
ssl_tls13_offered_psks_check_identity_match_ticket()
when there is no ticket parser function defined
or no time.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Enabling this causes TSan warnings, as some self-tests use unprotected globals
(see X_count variables in ecp.c). This isn't an issue, as these globals are only
read in self tests, which do not use threads.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
For every generate_key test there is now a concurrently_generate_keys test.
8 threads per test, and 5 repetitions.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Split into n threads, each thread will repeatedly generate,
exercise and destroy a key.
Then join the threads, and ensure using PSA_DONE that no keys still exist.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
When building with -Og (specifically Zephyr with
CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning:
'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized]
Fix this by zero initializing 'shared_secret' similar to the issue
addressed in commit 2fab5c960 ("Work around for GCC bug").
Signed-off-by: Moritz Fischer <moritzf@google.com>
Not all of the writes to this field are protected by a mutex.
There is no also no protection in place to stop another thread from overwriting
the current transaction
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Explain how to use mbedtls_pk_get_psa_attributes() and
mbedtls_pk_import_into_psa() to make a PSA key from a PK key.
Remove the discussion of how to do the same manually.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Replaces the recommendation to use mbedtls_rsa_gen_key() for RSA key
generation with a custom public exponent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
