We need the pointer, A, to be volatile, to ensure the reads happen. bits
does not need to be volatile.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Threads lose the mutex between locking the slot and changing the slot's state.
Make it so that threads check if another thread has completed a destruction during this period.
Also fix the issue with the incorrect status variable being used.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
The conversion back to signed short is an issue: the uint cast results
in (-1 + UINT_MAX), which is OK. But then that can't be cast back to a
signed value: "if the new type is signed and the value cannot be
represented in it; either the result is implementation-defined or an
implementation-defined signal is raised."
Signed-off-by: Janos Follath <janos.follath@arm.com>
Move PSK ciphersuite selection up to the main
ClientHello parsing function. That way the
ciphersuite selection only happens in this
function.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Regarding the possibility of selecting a
key exchange mode, the check of the ticket
flags is now separated from the check of
the ClientHello content and server
configuration.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For PSK based key exchange modes do not check twice
anymore if they can be selected or not. Check it
only when looping over the offered PSKs to select
one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If we prefer ephemeral key exchange mode over
the pure PSK one, make sure the resume flag is
disabled as eventually we are not going to
resume a session even if we aimed to at some
point.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
If an identity has been determined as a
ticket identity but the ticket is not
usable, do not try to check if the
identity is that of an external
provided PSK.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Improve the values returned by
ssl_tls13_offered_psks_check_identity_match_ticket().
Distinguish between the two following cases:
1) the PSK identity is not a valid ticket identity
2) the PSK identity is a valid ticket identity but
the ticket cannot be used for session resumption.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Fix the value returned by
ssl_tls13_offered_psks_check_identity_match_ticket()
when there is no ticket parser function defined
or no time.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Enabling this causes TSan warnings, as some self-tests use unprotected globals
(see X_count variables in ecp.c). This isn't an issue, as these globals are only
read in self tests, which do not use threads.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
For every generate_key test there is now a concurrently_generate_keys test.
8 threads per test, and 5 repetitions.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Split into n threads, each thread will repeatedly generate,
exercise and destroy a key.
Then join the threads, and ensure using PSA_DONE that no keys still exist.
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
In test_suite_psa_crypto_op_fail.generated.function
the function key_agreement_fail was setting the
public_key_length variable to SIZE_MAX which meant that
a huge allocation was being attempted.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
When building with -Og (specifically Zephyr with
CONFIG_DEBUG_OPTIMIZATIONS=y) one observes the following warning:
'shared_secret' may be used uninitialized [-Werror=maybe-uninitialized]
Fix this by zero initializing 'shared_secret' similar to the issue
addressed in commit 2fab5c960 ("Work around for GCC bug").
Signed-off-by: Moritz Fischer <moritzf@google.com>
