The function reset_checksum() can be called more than once with the same
handshake context (this happens with DTLS clients, and perhaps in other
cases as well). When that happens, we need to free the old MD contexts
before setting them up again.
Note: the PSA path was already doing the right thing by calling abort,
we just needed to do the same on the MD path.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
With the introduction of #7047, ssl_tls.c uses
mbedtls_md_error_from_psa. This complicates
the dependencies for compiling in psa_to_md_errors,
since now these should be ifdeffed also by
MBEDTLS_USE_PSA_CRYPTO followed by a series of or'ed
MBEDTLS_HAS_ALG_SHA_XXX_VIA_MD_OR_PSA_BASED_ON_USE_PSA.
Since this mechanism will be removed soon, we can simplify it to
just MBEDTLS_USE_PSA_CRYPTO.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
GCC 4.6+ complains if a deprecated function calls another.
Working around this universally would require a lot of
preprocessing, this seems to be an easier solution.
Copy mbedtls_pk_error_from_psa code without duplicates
instead of calling the function.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Move all error translation utilities to psa_util.c.
Introduce macros and functions to avoid having
a local copy of the error translating function in
each place.
Identify overlapping errors and introduce a
generic function.
Provide a single macro for all error translations
(unless one file needs a couple of different ones).
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Changes for interruptible {sign|verify} hash were not merged at the time of the
previous clang 15 /retval fixes, thus this fixes code added at that time.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This reverts commit 73e855327370372d0d1619126700d542d1ac1cfb.
Removes the second round of carry reduction from p224.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
The first round of carry reduction can not generate a carry thus the
secound round is not needed. The comments illustrating when the
carry is 1. The reduction is simmetric so the case when the carry is
-1 is similar.
The illustration is trying to calculate the input value starting with
setting the carry to 1 before the second round of the carry reduction.
It calculates backwords and tries to determine the value range of
each word. It ends up with a contradiction that A10 must have the
value of 0 and UINT32_MAX.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
