For negative testing of early data (tests
related to max_early_data_size in this PR), restore
the test function to write early data that was
first introduced to be able to test the reading
of early data with the writing part and was
removed (as not used anymore) by the PR 8760.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add the reach_max flag argument for the
test13_srv_max_early_data_size test
function. Non zero value only valid in case
of TEST_EARLY_DATA_ACCEPTED scenario.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The endpoint and version were factorized out into the main session.
Update the session struct comment to reflect these new fields, as was
previously missed.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Describe the TLS 1.2, TLS 1.3 and full session structs in the same
place for ease of reference.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Ensure that session save and load functions are not scattered
throughout ssl_tls.c but are in the same part of the file.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Add config bits for server name indication, early data and record size
limit, which all cause the serialized session to be structured
differently.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This config option decides whether the session stores the entire
certificate or just a digest of it, but was missing from the
serialization config bitflag.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This commit also:
- updates changelog
- add a stub function to be used in component_test_psa_crypto_client()
test
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Having a non-const `key` parameter was anotherf defect of
mbedtls_ecp_write_key(). Take this opportunity to fix it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Same as mbedtls_ecp_write_key(), but doesn't require the caller to figure out
the length of the output and possibly distinguish between Weierstrass and
Montgomery curves.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit also fixes pk_psa_wrap_sign_ext() setting the RSA padding
mode so that mbedtls_pk_get_psa_attributes() correctly guesses
the PSA alg to be used.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
- define mbedtls_psa_random_context_t even when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
is defined
- define mbedtls_psa_legacy_get_random as pointer to function instead
of #define to make "check_names" test happy.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
The `flags` field in `psa_key_attributes_t` was a general mechanism that
only ever got used for a single flag: to indicate that the `slot_number`
field has been set. We have switched to a dedicated indicator for that, so
we can now remove `flags`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
