Paul Elliott
16e6dcd72e
Add missing abort call to the end of tests
...
All tests should have an abort call in case of test failure to make sure
everything is cleaned up. Also removed unused define.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
72baf65819
Ensure operation id gets set even if failure
...
Although this deviates from the standard "auto-generated" code, the
M-AEAD setup functions set the key and thus allocate memory. If the
failure occurs after this (invalid tag size for example) then not having
the id set to the internal drivers means that abort does not get called,
and this causes the allocated data to leak.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
ac3c20013c
Prevent unsafe memcpy
...
Some tests cause a zero length input or output, which can mean the
allocated test output buffers can be zero length. Protect against
calling memcpy blindly in these situations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
d4e99ed40c
Fix mistyped buffer size variable
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
4bbe82bdcc
Add transparent driver tests for M-AEAD
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
0023e0a1de
Add tests for multipart AEAD
...
Just clone of one shot tests for now - all additional data and body data
is passed in in one go.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
fd3ca24e56
Move CCM ouput to update step.
...
Move CCM to update all data at update step, as final step can only
output at most a block length, so outputting all data at this step
significantly breaks the tests. Had to add unpleasant workaround for the
validate stage, but this is the only way I can do things without
breaking CCM Alt implementations.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
72c10082dd
Fix logic issues with state checks
...
Also fix missing return values.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
c4e1dcf006
Fix incorrect PSA key usage
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
811d8d462f
Fix incorrect enums being used
...
Fix memory leak due to aead_abort() using incorrect enums to identify
algorithm used. Fix incorrect return on failure to check tag on
aead_verify()
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
5653da0201
Fix errors with missing tests
...
Return not supported for the time being whilst we don't have the
transparent driver tests done.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
302ff6bdd6
Implement multipart AEAD PSA interface
...
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
6504aa6451
First pass addition of driver wrappers
...
Transparent driver test functions not yet implemented.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
adb8b16b16
Add internal implementation of multipart AEAD
...
For the time being CCM and GCM are not entirely implemented correctly
due to issues with their underlying implentations, which would be
difficult to fix in 2.x, and thus require all the AD and data to be
passed in in one go.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Paul Elliott
07a30c4c00
Convert oneshot AEAD over to multipart struct
...
Multipart AEAD operation struct has to be public as it's allocated by
the caller, so to save duplication of code, switch oneshot AEAD over to
using the multipart operation struct.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
2021-05-14 19:03:26 +01:00
Hanno Becker
59b97bbe06
Fixup glitch in ChangeLog entry
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 17:12:15 +01:00
Hanno Becker
8e184e2deb
Add migration guide
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 17:10:27 +01:00
Hanno Becker
a808ec3f0d
Add ChangeLog entry
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 17:10:15 +01:00
Hanno Becker
541af8575e
Use -1 instead of 1 as failure return value in internal SSL function
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 16:49:01 +01:00
Hanno Becker
fc1f4135c3
Use memset( x, 0, sizeof( x ) )
to clear local structure
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:57:54 +01:00
Hanno Becker
9caed14a21
Fix typo in ssl session cache documentation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:57:13 +01:00
Hanno Becker
78196e366f
Fix search for outdated entries in SSL session cache
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:55:15 +01:00
Hanno Becker
c3f4a97b8f
Don't infer last element of SSL session cache twice
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:54:24 +01:00
Hanno Becker
466ed6fd08
Improve local variable naming in SSL session cache implementation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:54:00 +01:00
Hanno Becker
5cf6f7eafe
Fix swapping of first and last entry in SSL session cache
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 14:45:04 +01:00
TRodziewicz
1cf33bf94d
Corrections o the migration guide
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-14 14:35:26 +02:00
TRodziewicz
95f8f22c27
Migration guide added and ChangeLog clarified
...
Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>
2021-05-14 14:07:51 +02:00
Hanno Becker
006f2cce2e
Fix compile-time guard in session cache implementation
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 04:57:44 +01:00
Hanno Becker
0d05f40222
Clarify that session cache query must return free-able session
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 04:57:43 +01:00
Hanno Becker
b94fdae3c3
Improve code structure for session cache query
...
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
2021-05-14 04:57:40 +01:00
gabor-mezei-arm
07a35f68ee
Update key type name
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 16:27:46 +02:00
gabor-mezei-arm
d5218df572
Enable fallback to software implementation in psa_sign/verify_message driver
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
f048618b43
Unify variable type and rename to be unambiguous
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
2b8373f856
Update documentation
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
4bc0edb919
Typo
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
041887bfc3
Update key usage determination for exercise key tests
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
4a6fcda031
Typo
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:01 +02:00
gabor-mezei-arm
256443e64e
Change the driver calling logic for psa_sign/verify_messsage
...
The changed logic is to try a sign-message driver (opaque or transparent);
if there isn't one, fallback to builtin sofware and do the hashing,
then try a sign-hash driver. This will enable to the opaque driver
to fallback to software.
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
6883fd248d
Rename sign/verify builtin functions called by driver wrapper functions
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
6e2a8daef4
Add new tests for psa_sign/verify_message
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
d785a79477
Fix test
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
e088985496
Fix test names
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
ce8804fd6e
Update tests dependencies
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:19:00 +02:00
gabor-mezei-arm
4fabc5666b
Use non-deterministic ecdsa algorithm for verify_hash/message tests
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
474a35f635
Return error if algorithm is not hash-then-sign for psa_sign_message
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
8b3e88614c
Use bool variable instead of enum values
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
12b4f34fff
Fix documentation
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
6cdf637f88
Use switch-case for error handling
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
6dcaa3b5a1
Update driver tests for psa_hash/verify_message
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00
gabor-mezei-arm
f9820f92cf
Fix for algorithms other than hash-then-sign
...
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
2021-05-13 11:18:59 +02:00