Merge pull request #5803 from paul-elliott-arm/travis_coverity_fix
Rotate coverity secret token in travis
diff --git a/ChangeLog.d/fix-undefined-memcpy-mbedtls_asn1_named_data.txt b/ChangeLog.d/fix-undefined-memcpy-mbedtls_asn1_named_data.txt
new file mode 100644
index 0000000..b30f7fa
--- /dev/null
+++ b/ChangeLog.d/fix-undefined-memcpy-mbedtls_asn1_named_data.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Fix undefined behavior in mbedtls_asn1_find_named_data(), where val is
+ not NULL and val_len is zero.
diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index dc808e8..5225c57 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h
@@ -922,28 +922,24 @@
* \warning This is a temporary utility function for tests. It might
* change or be removed at any time without notice.
*
- * \note ECDSA & RSA keys are supported.
- * For both key types, signing with the specified hash
- * is the only allowed use of that key with PK API.
- * The RSA key supports RSA-PSS signing with the specified
- * hash with the PK EXT API.
- * In addition, the ECDSA key is also allowed for ECDH key
- * agreement derivation operation using the PSA API.
- *
* \param pk Input: the EC or RSA key to import to a PSA key.
* Output: a PK context wrapping that PSA key.
* \param key Output: a PSA key identifier.
* It's the caller's responsibility to call
* psa_destroy_key() on that key identifier after calling
* mbedtls_pk_free() on the PK context.
- * \param hash_alg The hash algorithm to allow for use with that key.
+ * \param alg The algorithm to allow for use with that key.
+ * \param usage The usage to allow for use with that key.
+ * \param alg2 The secondary algorithm to allow for use with that key.
*
* \return \c 0 if successful.
* \return An Mbed TLS error code otherwise.
*/
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key,
- psa_algorithm_t hash_alg );
+ psa_algorithm_t alg,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg2 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#ifdef __cplusplus
diff --git a/library/asn1write.c b/library/asn1write.c
index dc61854..2110052 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -472,7 +472,7 @@
cur->val.len = val_len;
}
- if( val != NULL )
+ if( val != NULL && val_len != 0 )
memcpy( cur->val.p, val, val_len );
return( cur );
diff --git a/library/pk.c b/library/pk.c
index bba2ef7..42ff432 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -720,12 +720,16 @@
*/
int mbedtls_pk_wrap_as_opaque( mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key,
- psa_algorithm_t hash_alg )
+ psa_algorithm_t alg,
+ psa_key_usage_t usage,
+ psa_algorithm_t alg2 )
{
#if !defined(MBEDTLS_ECP_C) && !defined(MBEDTLS_RSA_C)
((void) pk);
((void) key);
- ((void) hash_alg);
+ ((void) alg);
+ ((void) usage);
+ ((void) alg2);
#else
#if defined(MBEDTLS_ECP_C)
if( mbedtls_pk_get_type( pk ) == MBEDTLS_PK_ECKEY )
@@ -752,10 +756,10 @@
/* prepare the key attributes */
psa_set_key_type( &attributes, key_type );
psa_set_key_bits( &attributes, bits );
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH |
- PSA_KEY_USAGE_DERIVE);
- psa_set_key_algorithm( &attributes, PSA_ALG_ECDSA( hash_alg ) );
- psa_set_key_enrollment_algorithm( &attributes, PSA_ALG_ECDH );
+ psa_set_key_usage_flags( &attributes, usage );
+ psa_set_key_algorithm( &attributes, alg );
+ if( alg2 != PSA_ALG_NONE )
+ psa_set_key_enrollment_algorithm( &attributes, alg2 );
/* import private key into PSA */
status = psa_import_key( &attributes, d, d_len, key );
@@ -786,11 +790,10 @@
/* prepare the key attributes */
psa_set_key_type( &attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
psa_set_key_bits( &attributes, mbedtls_pk_get_bitlen( pk ) );
- psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_SIGN_HASH );
- psa_set_key_algorithm( &attributes,
- PSA_ALG_RSA_PKCS1V15_SIGN( hash_alg ) );
- psa_set_key_enrollment_algorithm( &attributes,
- PSA_ALG_RSA_PSS( hash_alg ) );
+ psa_set_key_usage_flags( &attributes, usage );
+ psa_set_key_algorithm( &attributes, alg );
+ if( alg2 != PSA_ALG_NONE )
+ psa_set_key_enrollment_algorithm( &attributes, alg2 );
/* import private key into PSA */
status = psa_import_key( &attributes,
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 1702885..250bae9 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4814,6 +4814,8 @@
psa_algorithm_t alg,
const unsigned char* seed, size_t seed_length,
const unsigned char* label, size_t label_length,
+ const unsigned char* other_secret,
+ size_t other_secret_length,
size_t capacity )
{
psa_status_t status;
@@ -4830,6 +4832,15 @@
if( status != PSA_SUCCESS )
return( status );
+ if ( other_secret != NULL )
+ {
+ status = psa_key_derivation_input_bytes( derivation,
+ PSA_KEY_DERIVATION_INPUT_OTHER_SECRET,
+ other_secret, other_secret_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
if( mbedtls_svc_key_id_is_null( key ) )
{
status = psa_key_derivation_input_bytes(
@@ -4903,6 +4914,7 @@
random, rlen,
(unsigned char const *) label,
(size_t) strlen( label ),
+ NULL, 0,
dlen );
if( status != PSA_SUCCESS )
{
@@ -5088,8 +5100,10 @@
return( 0 );
}
-#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) && \
- defined(MBEDTLS_USE_PSA_CRYPTO)
+
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED )
static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
{
if( ssl->conf->f_psk != NULL )
@@ -5108,7 +5122,7 @@
return( 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO &&
- MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+ MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
/*
* Compute master secret if needed
@@ -5144,15 +5158,15 @@
* is used. */
char const *lbl = "master secret";
- /* The salt for the KDF used for key expansion.
+ /* The seed for the KDF used for key expansion.
* - If the Extended Master Secret extension is not used,
* this is ClientHello.Random + ServerHello.Random
* (see Sect. 8.1 in RFC 5246).
* - If the Extended Master Secret extension is used,
* this is the transcript of the handshake so far.
* (see Sect. 4 in RFC 7627). */
- unsigned char const *salt = handshake->randbytes;
- size_t salt_len = 64;
+ unsigned char const *seed = handshake->randbytes;
+ size_t seed_len = 64;
#if !defined(MBEDTLS_DEBUG_C) && \
!defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
@@ -5172,17 +5186,17 @@
if( handshake->extended_ms == MBEDTLS_SSL_EXTENDED_MS_ENABLED )
{
lbl = "extended master secret";
- salt = session_hash;
- handshake->calc_verify( ssl, session_hash, &salt_len );
+ seed = session_hash;
+ handshake->calc_verify( ssl, session_hash, &seed_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "session hash for extended master secret",
- session_hash, salt_len );
+ session_hash, seed_len );
}
-#endif /* MBEDTLS_SSL_EXTENDED_MS_ENABLED */
+#endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */
-#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
- if( handshake->ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK &&
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
+ if( mbedtls_ssl_ciphersuite_uses_psk( handshake->ciphersuite_info ) == 1 &&
ssl_use_opaque_psk( ssl ) == 1 )
{
/* Perform PSK-to-MS expansion in a single step. */
@@ -5202,10 +5216,34 @@
else
alg = PSA_ALG_TLS12_PSK_TO_MS(PSA_ALG_SHA_256);
+ size_t other_secret_len = 0;
+ unsigned char* other_secret = NULL;
+
+ switch( handshake->ciphersuite_info->key_exchange )
+ {
+ /* Provide other secret.
+ * Other secret is stored in premaster, where first 2 bytes hold the
+ * length of the other key.
+ */
+ case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
+ /* For RSA-PSK other key length is always 48 bytes. */
+ other_secret_len = 48;
+ other_secret = handshake->premaster + 2;
+ break;
+ case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
+ case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+ other_secret_len = MBEDTLS_GET_UINT16_BE(handshake->premaster, 0);
+ other_secret = handshake->premaster + 2;
+ break;
+ default:
+ break;
+ }
+
status = setup_psa_key_derivation( &derivation, psk, alg,
- salt, salt_len,
+ seed, seed_len,
(unsigned char const *) lbl,
(size_t) strlen( lbl ),
+ other_secret, other_secret_len,
master_secret_len );
if( status != PSA_SUCCESS )
{
@@ -5230,7 +5268,7 @@
#endif
{
ret = handshake->tls_prf( handshake->premaster, handshake->pmslen,
- lbl, salt, salt_len,
+ lbl, seed, seed_len,
master,
master_secret_len );
if( ret != 0 )
@@ -5441,21 +5479,27 @@
unsigned char *end = p + sizeof( ssl->handshake->premaster );
const unsigned char *psk = NULL;
size_t psk_len = 0;
+ int psk_ret = mbedtls_ssl_get_psk( ssl, &psk, &psk_len );
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
(void) key_ex;
#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
- if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
- == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
+ if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
{
/*
* This should never happen because the existence of a PSK is always
- * checked before calling this function
+ * checked before calling this function.
+ *
+ * The exception is opaque DHE-PSK. For DHE-PSK fill premaster with
+ * the shared secret without PSK.
*/
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ if ( key_ex != MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
}
/*
@@ -5516,6 +5560,14 @@
p += 2 + len;
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
+
+ /* For opaque PSK fill premaster with the the shared secret without PSK. */
+ if( psk_ret == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "skip PMS generation for opaque DHE-PSK" ) );
+ return( 0 );
+ }
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index dcc7dfb..d286764 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -73,7 +73,9 @@
return( 0 );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ) || \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) )
static int ssl_conf_has_static_raw_psk( mbedtls_ssl_config const *conf )
{
if( conf->psk_identity == NULL ||
@@ -87,7 +89,9 @@
return( 0 );
}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ) */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
@@ -2959,10 +2963,6 @@
* ciphersuites we offered, so this should never happen. */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- /* Opaque PSKs are currently only supported for PSK-only suites. */
- if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-
/* uint16 to store content length */
const size_t content_len_size = 2;
@@ -3068,30 +3068,40 @@
MBEDTLS_PUT_UINT16_BE( zlen, pms, 0 );
pms += zlen_size + zlen;
- const unsigned char *psk = NULL;
- size_t psk_len = 0;
+ /* In case of opaque psk skip writting psk to pms.
+ * Opaque key will be handled later. */
+ if( ssl_conf_has_static_raw_psk( ssl->conf ) == 1 )
+ {
+ const unsigned char *psk = NULL;
+ size_t psk_len = 0;
- if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
- == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
- /*
- * This should never happen because the existence of a PSK is always
- * checked before calling this function
- */
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
+ == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
+ /*
+ * This should never happen because the existence of a PSK is always
+ * checked before calling this function
+ */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- /* opaque psk<0..2^16-1>; */
- if( (size_t)( pms_end - pms ) < ( 2 + psk_len ) )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ /* opaque psk<0..2^16-1>; */
+ if( (size_t)( pms_end - pms ) < ( 2 + psk_len ) )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- /* Write the PSK length as uint16 */
- MBEDTLS_PUT_UINT16_BE( psk_len, pms, 0 );
- pms += 2;
+ /* Write the PSK length as uint16 */
+ MBEDTLS_PUT_UINT16_BE( psk_len, pms, 0 );
+ pms += 2;
- /* Write the PSK itself */
- memcpy( pms, psk, psk_len );
- pms += psk_len;
+ /* Write the PSK itself */
+ memcpy( pms, psk, psk_len );
+ pms += psk_len;
- ssl->handshake->pmslen = pms - ssl->handshake->premaster;
+ ssl->handshake->pmslen = pms - ssl->handshake->premaster;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "skip PMS generation for opaque ECDHE-PSK" ) );
+ }
}
else
#endif /* MBEDTLS_USE_PSA_CRYPTO &&
@@ -3138,12 +3148,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK )
{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- /* Opaque PSKs are currently only supported for PSK-only suites. */
- if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
if( ( ret = ssl_write_encrypted_pms( ssl, header_len,
&content_len, 2 ) ) != 0 )
return( ret );
@@ -3153,12 +3157,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
{
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- /* Opaque PSKs are currently only supported for PSK-only suites. */
- if( ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
-
/*
* ClientDiffieHellmanPublic public (DHM send G^X mod P)
*/
@@ -3224,6 +3222,13 @@
( "skip PMS generation for opaque PSK" ) );
}
else
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK &&
+ ssl_conf_has_static_raw_psk( ssl->conf ) == 0 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "skip PMS generation for opaque RSA-PSK" ) );
+ }
+ else
#endif /* MBEDTLS_USE_PSA_CRYPTO &&
MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 8866d4f..a60b5ad 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -171,7 +171,10 @@
return( 0 );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
+ ( defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ) || \
+ defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) )
static int ssl_use_opaque_psk( mbedtls_ssl_context const *ssl )
{
if( ssl->conf->f_psk != NULL )
@@ -190,7 +193,10 @@
return( 0 );
}
-#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#endif /* MBEDTLS_USE_PSA_CRYPTO &&
+ ( MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) */
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl,
@@ -4041,18 +4047,19 @@
return( ret );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- /* Opaque PSKs are currently only supported for PSK-only. */
- if( ssl_use_opaque_psk( ssl ) == 1 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret );
return( ret );
}
+#if defined(MBEDTLS_USE_PSA_CRYPTO)
+ /* For opaque PSKs, we perform the PSK-to-MS derivation automatically
+ * and skip the intermediate PMS. */
+ if( ssl_use_opaque_psk( ssl ) == 1 )
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "skip PMS generation for opaque RSA-PSK" ) );
+ else
+#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl,
ciphersuite_info->key_exchange ) ) != 0 )
{
@@ -4076,12 +4083,6 @@
return( ret );
}
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
- /* Opaque PSKs are currently only supported for PSK-only. */
- if( ssl_use_opaque_psk( ssl ) == 1 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-#endif
-
if( p != end )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) );
@@ -4105,10 +4106,6 @@
psa_status_t destruction_status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t ecpoint_len;
- /* Opaque PSKs are currently only supported for PSK-only. */
- if( ssl_use_opaque_psk( ssl ) == 1 )
- return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
-
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
@@ -4181,28 +4178,38 @@
const unsigned char *psk = NULL;
size_t psk_len = 0;
- if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
- == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
- /*
- * This should never happen because the existence of a PSK is always
- * checked before calling this function
- */
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ /* In case of opaque psk skip writting psk to pms.
+ * Opaque key will be handled later. */
+ if( ssl_use_opaque_psk( ssl ) == 0 )
+ {
+ if( mbedtls_ssl_get_psk( ssl, &psk, &psk_len )
+ == MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED )
+ /*
+ * This should never happen because the existence of a PSK is always
+ * checked before calling this function
+ */
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- /* opaque psk<0..2^16-1>; */
- if( (size_t)( psm_end - psm ) < ( 2 + psk_len ) )
- return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ /* opaque psk<0..2^16-1>; */
+ if( (size_t)( psm_end - psm ) < ( 2 + psk_len ) )
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
- /* Write the PSK length as uint16 */
- MBEDTLS_PUT_UINT16_BE( psk_len, psm, 0 );
- psm += 2;
+ /* Write the PSK length as uint16 */
+ MBEDTLS_PUT_UINT16_BE( psk_len, psm, 0 );
+ psm += 2;
- /* Write the PSK itself */
- memcpy( psm, psk, psk_len );
- psm += psk_len;
+ /* Write the PSK itself */
+ memcpy( psm, psk, psk_len );
+ psm += psk_len;
- ssl->handshake->pmslen = psm - ssl->handshake->premaster;
-#else
+ ssl->handshake->pmslen = psm - ssl->handshake->premaster;
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1,
+ ( "skip PMS generation for opaque ECDHE-PSK" ) );
+ }
+#else /* MBEDTLS_USE_PSA_CRYPTO */
if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret );
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index cd60986..f741d99 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -1406,17 +1406,6 @@
#if defined (MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if( opt.psk_opaque != 0 )
{
- /* Ensure that the chosen ciphersuite is PSK-only; we must know
- * the ciphersuite in advance to set the correct policy for the
- * PSK key slot. This limitation might go away in the future. */
- if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
- opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 )
- {
- mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
- ret = 2;
- goto usage;
- }
-
/* Determine KDF algorithm the opaque PSK will be used in. */
#if defined(MBEDTLS_SHA384_C)
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
@@ -1709,8 +1698,22 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.key_opaque != 0 )
{
- if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
- PSA_ALG_ANY_HASH ) ) != 0 )
+ psa_algorithm_t psa_alg, psa_alg2;
+
+ if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
+ {
+ psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_NONE;
+ }
+ else
+ {
+ psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_RSA_PSS( PSA_ALG_ANY_HASH );
+ }
+
+ if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot, psa_alg,
+ PSA_KEY_USAGE_SIGN_HASH,
+ psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index a91af0e..d728b95 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -2207,17 +2207,6 @@
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
if( opt.psk_opaque != 0 || opt.psk_list_opaque != 0 )
{
- /* Ensure that the chosen ciphersuite is PSK-only; we must know
- * the ciphersuite in advance to set the correct policy for the
- * PSK key slot. This limitation might go away in the future. */
- if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
- opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 )
- {
- mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
- ret = 2;
- goto usage;
- }
-
/* Determine KDF algorithm the opaque PSK will be used in. */
#if defined(MBEDTLS_SHA384_C)
if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
@@ -2575,11 +2564,29 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.key_opaque != 0 )
{
+ psa_algorithm_t psa_alg, psa_alg2;
+ psa_key_usage_t psa_usage;
+
if ( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_RSA )
{
+ if( mbedtls_pk_get_type( &pkey ) == MBEDTLS_PK_ECKEY )
+ {
+ psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_ECDH;
+ psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
+ }
+ else
+ {
+ psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_NONE;
+ psa_usage = PSA_KEY_USAGE_SIGN_HASH;
+ }
+
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey, &key_slot,
- PSA_ALG_ANY_HASH ) ) != 0 )
+ psa_alg,
+ psa_usage,
+ psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
@@ -2590,8 +2597,23 @@
if ( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY ||
mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_RSA )
{
+ if( mbedtls_pk_get_type( &pkey2 ) == MBEDTLS_PK_ECKEY )
+ {
+ psa_alg = PSA_ALG_ECDSA( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_ECDH;
+ psa_usage = PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_DERIVE;
+ }
+ else
+ {
+ psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_ANY_HASH );
+ psa_alg2 = PSA_ALG_NONE;
+ psa_usage = PSA_KEY_USAGE_SIGN_HASH;
+ }
+
if( ( ret = mbedtls_pk_wrap_as_opaque( &pkey2, &key_slot2,
- PSA_ALG_ANY_HASH ) ) != 0 )
+ psa_alg,
+ psa_usage,
+ psa_alg2 ) ) != 0 )
{
mbedtls_printf( " failed\n ! "
"mbedtls_pk_wrap_as_opaque returned -0x%x\n\n", (unsigned int) -ret );
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 4f28269..dcee5df 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -6454,6 +6454,186 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque rsa-psk on client, no callback" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque RSA-PSK"\
+ -S "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque RSA-PSK"\
+ -S "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque RSA-PSK"\
+ -S "skip PMS generation for opaque RSA-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque RSA-PSK"\
+ -S "skip PMS generation for opaque RSA-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque ECDHE-PSK"\
+ -S "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque ECDHE-PSK"\
+ -S "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque ECDHE-PSK"\
+ -S "skip PMS generation for opaque ECDHE-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque ECDHE-PSK"\
+ -S "skip PMS generation for opaque ECDHE-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque dhe-psk on client, no callback" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque DHE-PSK"\
+ -S "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque DHE-PSK"\
+ -S "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque DHE-PSK"\
+ -S "skip PMS generation for opaque DHE-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
+ "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
+ "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 psk_opaque=1" \
+ 0 \
+ -c "skip PMS generation for opaque DHE-PSK"\
+ -S "skip PMS generation for opaque DHE-PSK"\
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@@ -6516,6 +6696,192 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
+ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
+ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
+ "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123" \
+ 0 \
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=foo psk=abc123 extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
@@ -6578,6 +6944,192 @@
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque RSA-PSK"\
+ -s "skip PMS generation for opaque RSA-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque ECDHE-PSK"\
+ -s "skip PMS generation for opaque ECDHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \
+ "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
+ "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=def psk=beef" \
+ 0 \
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -C "session hash for extended master secret"\
+ -S "session hash for extended master secret"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
+run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \
+ "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
+ force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
+ "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
+ psk_identity=abc psk=dead extended_ms=1" \
+ 0 \
+ -c "session hash for extended master secret"\
+ -s "session hash for extended master secret"\
+ -C "skip PMS generation for opaque DHE-PSK"\
+ -s "skip PMS generation for opaque DHE-PSK"\
+ -S "SSL - The handshake negotiation failed" \
+ -S "SSL - Unknown identity received" \
+ -S "SSL - Verification of the message MAC failed"
+
+requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
+requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
"$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
diff --git a/tests/suites/test_suite_asn1write.data b/tests/suites/test_suite_asn1write.data
index 7f5f536..f844d48 100644
--- a/tests/suites/test_suite_asn1write.data
+++ b/tests/suites/test_suite_asn1write.data
@@ -374,10 +374,13 @@
store_named_data_val_found:4:9
Store named data: new, val_len=0
-store_named_data_val_new:0
+store_named_data_val_new:0:1
+
+Stored named data: new, val_len=0, val=NULL
+store_named_data_val_new:0:0
Store named data: new, val_len=4
-store_named_data_val_new:4
+store_named_data_val_new:4:1
Store named data: new, val_len=4, val=NULL
-store_named_data_val_new:-4
+store_named_data_val_new:4:0
diff --git a/tests/suites/test_suite_asn1write.function b/tests/suites/test_suite_asn1write.function
index 103a024..8d5579d 100644
--- a/tests/suites/test_suite_asn1write.function
+++ b/tests/suites/test_suite_asn1write.function
@@ -431,7 +431,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void store_named_data_val_new( int new_len )
+void store_named_data_val_new( int new_len, int set_new_val )
{
mbedtls_asn1_named_data *head = NULL;
mbedtls_asn1_named_data *found = NULL;
@@ -439,10 +439,8 @@
size_t oid_len = strlen( (const char *) oid );
const unsigned char *new_val = (unsigned char *) "new value";
- if( new_len <= 0 )
+ if( set_new_val == 0 )
new_val = NULL;
- if( new_len < 0 )
- new_len = - new_len;
found = mbedtls_asn1_store_named_data( &head,
(const char *) oid, oid_len,
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 4b3af4c..32c2644 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -1080,6 +1080,7 @@
unsigned char pkey_legacy[200];
unsigned char pkey_psa[200];
unsigned char *pkey_legacy_start, *pkey_psa_start;
+ psa_algorithm_t alg_psa;
size_t sig_len, klen_legacy, klen_psa;
int ret;
mbedtls_svc_key_id_t key_id;
@@ -1107,6 +1108,7 @@
TEST_ASSERT( mbedtls_rsa_gen_key( mbedtls_pk_rsa( pk ),
mbedtls_test_rnd_std_rand, NULL,
parameter_arg, 3 ) == 0 );
+ alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN( PSA_ALG_SHA_256 );
}
else
#endif /* MBEDTLS_RSA_C && MBEDTLS_GENPRIME */
@@ -1122,6 +1124,7 @@
TEST_ASSERT( mbedtls_ecp_gen_key( grpid,
(mbedtls_ecp_keypair*) pk.pk_ctx,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
+ alg_psa = PSA_ALG_ECDSA( PSA_ALG_SHA_256 );
}
else
#endif /* MBEDTLS_ECDSA_C */
@@ -1139,8 +1142,9 @@
pkey_legacy_start = pkey_legacy + sizeof( pkey_legacy ) - klen_legacy;
/* Turn PK context into an opaque one. */
- TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id,
- PSA_ALG_SHA_256 ) == 0 );
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &pk, &key_id, alg_psa,
+ PSA_KEY_USAGE_SIGN_HASH,
+ PSA_ALG_NONE ) == 0 );
PSA_ASSERT( psa_get_key_attributes( key_id, &attributes ) );
TEST_EQUAL( psa_get_key_type( &attributes ), expected_type );
@@ -1241,6 +1245,7 @@
unsigned char *pkey_start;
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
psa_algorithm_t psa_md_alg = mbedtls_psa_translate_md( md_alg );
+ psa_algorithm_t psa_alg;
size_t hash_len = PSA_HASH_LENGTH( psa_md_alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
void const *options = NULL;
@@ -1266,8 +1271,17 @@
/* mbedtls_pk_write_pubkey_der() writes backwards in the data buffer. */
pkey_start = pkey + sizeof( pkey ) - pkey_len;
+ if( key_pk_type == MBEDTLS_PK_RSA )
+ psa_alg = PSA_ALG_RSA_PKCS1V15_SIGN( psa_md_alg );
+ else if( key_pk_type == MBEDTLS_PK_RSASSA_PSS )
+ psa_alg = PSA_ALG_RSA_PSS( psa_md_alg );
+ else
+ TEST_ASSUME( ! "PK key type not supported in this configuration" );
+
/* Turn PK context into an opaque one. */
- TEST_EQUAL( mbedtls_pk_wrap_as_opaque( &pk, &key_id, psa_md_alg ), 0 );
+ TEST_EQUAL( mbedtls_pk_wrap_as_opaque( &pk, &key_id, psa_alg,
+ PSA_KEY_USAGE_SIGN_HASH,
+ PSA_ALG_NONE ), 0 );
memset( hash, 0x2a, sizeof( hash ) );
memset( sig, 0, sizeof( sig ) );
diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index 485bbe2..f5001bd 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -170,7 +170,7 @@
{
mbedtls_pk_context key;
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
- psa_algorithm_t md_alg_psa;
+ psa_algorithm_t md_alg_psa, alg_psa;
mbedtls_x509write_csr req;
unsigned char buf[4096];
int ret;
@@ -187,7 +187,17 @@
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
- TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, md_alg_psa ) == 0 );
+
+ if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
+ alg_psa = PSA_ALG_ECDSA( md_alg_psa );
+ else if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
+ alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN( md_alg_psa );
+ else
+ TEST_ASSUME( ! "PK key type not supported in this configuration" );
+
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, alg_psa,
+ PSA_KEY_USAGE_SIGN_HASH,
+ PSA_ALG_NONE ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
@@ -280,12 +290,21 @@
/* For Opaque PK contexts, wrap key as an Opaque RSA context. */
if( pk_wrap == 2 )
{
- psa_algorithm_t md_alg_psa =
- mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
+ psa_algorithm_t alg_psa, md_alg_psa;
+ md_alg_psa = mbedtls_psa_translate_md( (mbedtls_md_type_t) md_type );
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
- TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &issuer_key, &key_id,
- md_alg_psa ) == 0 );
+
+ if( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_ECKEY )
+ alg_psa = PSA_ALG_ECDSA( md_alg_psa );
+ else if( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA )
+ alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN( md_alg_psa );
+ else
+ TEST_ASSUME( ! "PK key type not supported in this configuration" );
+
+ TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &issuer_key, &key_id, alg_psa,
+ PSA_KEY_USAGE_SIGN_HASH,
+ PSA_ALG_NONE ) == 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */