Merge pull request #3823 from gabor-mezei-arm/3818_MBEDTLS_AES_SETKEY_DEC_ALT_excludes_MBEDTLS_CIPHER_MODE_XTS
Make the aes xts methods independent from MBEDTLS_AES_SETKEY_DEC_ALT
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 5af4c81..ac24bf4 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -14,9 +14,13 @@
# CMake files. It is related to ZLIB support which is planned to be removed.
# When the support is removed, the associated include_directories command
# will be removed as well as this note.
+# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling
+# CMake in order to avoid target name clashes, via the use of
+# MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the
+# mbedtls, mbedx509, mbedcrypto and apidoc targets.
#
-cmake_minimum_required(VERSION 2.6)
+cmake_minimum_required(VERSION 2.8.12)
if(TEST_CPP)
project("mbed TLS" C CXX)
else()
@@ -112,9 +116,12 @@
endif()
endif()
-set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
- CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
- FORCE)
+# If this is the root project add longer list of available CMAKE_BUILD_TYPE values
+if(CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
+ set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE}
+ CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull"
+ FORCE)
+endif()
# Create a symbolic link from ${base_name} in the binary directory
# to the corresponding path in the source directory.
@@ -273,7 +280,7 @@
add_subdirectory(programs)
endif()
-ADD_CUSTOM_TARGET(apidoc
+ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc
COMMAND doxygen mbedtls.doxyfile
WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen)
diff --git a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt
new file mode 100644
index 0000000..533f309
--- /dev/null
+++ b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt
@@ -0,0 +1,6 @@
+Features
+ * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls,
+ mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by
+ external CMake projects that include this one to avoid CMake target name
+ clashes. The default value of this variable is "", so default target names
+ are unchanged.
diff --git a/ChangeLog.d/aes-zeroize-pointer.txt b/ChangeLog.d/aes-zeroize-pointer.txt
new file mode 100644
index 0000000..ccc6dc1
--- /dev/null
+++ b/ChangeLog.d/aes-zeroize-pointer.txt
@@ -0,0 +1,5 @@
+Changes
+ * Remove the zeroization of a pointer variable in AES rounds. It was valid
+ but spurious and misleading since it looked like a mistaken attempt to
+ zeroize the pointed-to buffer. Reported by Antonio de la Piedra, CEA
+ Leti, France.
diff --git a/ChangeLog.d/ecb_iv_fix.txt b/ChangeLog.d/ecb_iv_fix.txt
new file mode 100644
index 0000000..ae2ae25
--- /dev/null
+++ b/ChangeLog.d/ecb_iv_fix.txt
@@ -0,0 +1,3 @@
+Bugfix
+ * Correct the default IV size for mbedtls_cipher_info_t structures using
+ MBEDTLS_MODE_ECB to 0, since ECB mode ciphers don't use IVs.
diff --git a/ChangeLog.d/feature-dtls-srtp.txt b/ChangeLog.d/feature-dtls-srtp.txt
new file mode 100644
index 0000000..8b9186b
--- /dev/null
+++ b/ChangeLog.d/feature-dtls-srtp.txt
@@ -0,0 +1,2 @@
+Features
+* Add support for DTLS-SRTP as defined in RFC 5764. Contributed by Johan Pascal, improved by Ron Eldor.
diff --git a/ChangeLog.d/minimum_cmake_version_PR3802.txt b/ChangeLog.d/minimum_cmake_version_PR3802.txt
new file mode 100644
index 0000000..549f9b1
--- /dev/null
+++ b/ChangeLog.d/minimum_cmake_version_PR3802.txt
@@ -0,0 +1,3 @@
+Requirement changes
+* Update the minimum required CMake version to 2.8.12.
+* This silences a warning on CMake 3.19.0. #3801
diff --git a/ChangeLog.d/systematically_store_bit_size_3740.txt b/ChangeLog.d/systematically_store_bit_size_3740.txt
new file mode 100644
index 0000000..9e63bbc
--- /dev/null
+++ b/ChangeLog.d/systematically_store_bit_size_3740.txt
@@ -0,0 +1,5 @@
+Changes
+ * The PSA persistent storage format is updated to always store the key bits
+ attribute. No automatic upgrade path is provided. Previously stored keys
+ must be erased, or manually upgraded based on the key storage format
+ specification (docs/architecture/mbed-crypto-storage-specification.md). #3740
diff --git a/docs/architecture/mbed-crypto-storage-specification.md b/docs/architecture/mbed-crypto-storage-specification.md
index afeb29f..914bca3 100644
--- a/docs/architecture/mbed-crypto-storage-specification.md
+++ b/docs/architecture/mbed-crypto-storage-specification.md
@@ -251,6 +251,7 @@
* key material length (4 bytes).
* key material:
* For a transparent key: output of `psa_export_key`.
+ * For an opaque key (unified driver interface): driver-specific opaque key blob.
* For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
* Any trailing data is rejected on load.
@@ -280,3 +281,36 @@
* The slot in the secure element designated by the slot number.
* The file containing the key metadata designated by the key identifier.
* The driver persistent data.
+
+Mbed Crypto TBD
+---------------
+
+Tags: TBD
+
+Released in TBD 2020. <br>
+Integrated in Mbed OS TBD.
+
+### Changes introduced in TBD
+
+* The type field has been split into a type and a bits field of 2 bytes each.
+
+### Key file format for TBD
+
+All integers are encoded in little-endian order in 8-bit bytes except where otherwise indicated.
+
+The layout of a key file is:
+
+* magic (8 bytes): `"PSA\0KEY\0"`.
+* version (4 bytes): 0.
+* lifetime (4 bytes): `psa_key_lifetime_t` value.
+* type (2 bytes): `psa_key_type_t` value.
+* bits (2 bytes): `psa_key_bits_t` value.
+* policy usage flags (4 bytes): `psa_key_usage_t` value.
+* policy usage algorithm (4 bytes): `psa_algorithm_t` value.
+* policy enrollment algorithm (4 bytes): `psa_algorithm_t` value.
+* key material length (4 bytes).
+* key material:
+ * For a transparent key: output of `psa_export_key`.
+ * For an opaque key (unified driver interface): driver-specific opaque key blob.
+ * For an opaque key (key in a secure element): slot number (8 bytes), in platform endianness.
+* Any trailing data is rejected on load.
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 120c1d3..fd979db 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -871,6 +871,10 @@
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
+#if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) )
+#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
+#endif
+
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index b77b34b..2ac2cc6 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -864,7 +864,7 @@
* may result in a compromise of the long-term signing key. This is avoided by
* the deterministic variant.
*
- * Requires: MBEDTLS_HMAC_DRBG_C
+ * Requires: MBEDTLS_HMAC_DRBG_C, MBEDTLS_ECDSA_C
*
* Comment this macro to disable deterministic ECDSA.
*/
@@ -1330,7 +1330,7 @@
*
* Enable support for the experimental PSA crypto driver interface.
*
- * Requires: MBEDTLS_PSA_CRYPTO_C.
+ * Requires: MBEDTLS_PSA_CRYPTO_C
*
* \warning This interface is experimental and may change or be removed
* without notice.
@@ -1813,6 +1813,37 @@
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
/**
+ * \def MBEDTLS_SSL_DTLS_SRTP
+ *
+ * Enable support for negotation of DTLS-SRTP (RFC 5764)
+ * through the use_srtp extension.
+ *
+ * \note This feature provides the minimum functionality required
+ * to negotiate the use of DTLS-SRTP and to allow the derivation of
+ * the associated SRTP packet protection key material.
+ * In particular, the SRTP packet protection itself, as well as the
+ * demultiplexing of RTP and DTLS packets at the datagram layer
+ * (see Section 5 of RFC 5764), are not handled by this feature.
+ * Instead, after successful completion of a handshake negotiating
+ * the use of DTLS-SRTP, the extended key exporter API
+ * mbedtls_ssl_conf_export_keys_ext_cb() should be used to implement
+ * the key exporter described in Section 4.2 of RFC 5764 and RFC 5705
+ * (this is implemented in the SSL example programs).
+ * The resulting key should then be passed to an SRTP stack.
+ *
+ * Setting this option enables the runtime API
+ * mbedtls_ssl_conf_dtls_srtp_protection_profiles()
+ * through which the supported DTLS-SRTP protection
+ * profiles can be configured. You must call this API at
+ * runtime if you wish to negotiate the use of DTLS-SRTP.
+ *
+ * Requires: MBEDTLS_SSL_PROTO_DTLS
+ *
+ * Uncomment this to enable support for use_srtp extension.
+ */
+//#define MBEDTLS_SSL_DTLS_SRTP
+
+/**
* \def MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
*
* Enable server-side support for clients that reconnect from the same port.
@@ -2020,6 +2051,20 @@
//#define MBEDTLS_USE_PSA_CRYPTO
/**
+ * \def MBEDTLS_PSA_CRYPTO_CONFIG
+ *
+ * This setting allows support for cryptographic mechanisms through the PSA
+ * API to be configured separately from support through the mbedtls API.
+ *
+ * Uncomment this to enable use of PSA Crypto configuration settings which
+ * can be found in include/psa/crypto_config.h
+ *
+ * This feature is still experimental and is not ready for production since
+ * it is not completed.
+ */
+//#define MBEDTLS_PSA_CRYPTO_CONFIG
+
+/**
* \def MBEDTLS_VERSION_FEATURES
*
* Allow run-time checking of compile-time enabled features. Thus allowing users
@@ -3811,6 +3856,8 @@
#include MBEDTLS_USER_CONFIG_FILE
#endif
+#include "mbedtls/config_psa.h"
+
#include "mbedtls/check_config.h"
#endif /* MBEDTLS_CONFIG_H */
diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h
new file mode 100644
index 0000000..6af4d19
--- /dev/null
+++ b/include/mbedtls/config_psa.h
@@ -0,0 +1,82 @@
+/**
+ * \file mbedtls/config_psa.h
+ * \brief PSA crypto configuration options (set of defines)
+ *
+ * This set of compile-time options takes settings defined in
+ * include/mbedtls/config.h and include/psa/crypto_config.h and uses
+ * those definitions to define symbols used in the library code.
+ *
+ * Users and integrators should not edit this file, please edit
+ * include/mbedtls/config.h for MBETLS_XXX settings or
+ * include/psa/crypto_config.h for PSA_WANT_XXX settings.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MBEDTLS_CONFIG_PSA_H
+#define MBEDTLS_CONFIG_PSA_H
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+#include "psa/crypto_config.h"
+#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+
+#if defined(PSA_WANT_ALG_ECDSA)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1
+#define MBEDTLS_ECDSA_C
+#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */
+#endif /* PSA_WANT_ALG_ECDSA */
+
+#if defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA)
+#if !defined(MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA)
+#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1
+#define MBEDTLS_ECDSA_DETERMINISTIC
+#define MBEDTLS_ECDSA_C
+#define MBEDTLS_HMAC_DRBG_C
+#define MBEDTLS_MD_C
+#endif /* MBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA */
+#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */
+
+#else /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+/*
+ * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG
+ * is not defined
+ */
+#if defined(MBEDTLS_ECDSA_C)
+#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA
+
+// Only add in DETERMINISTIC support if ECDSA is also enabled
+#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA
+#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+
+#endif /* MBEDTLS_ECDSA_C */
+
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* MBEDTLS_CONFIG_PSA_H */
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index a091261..1b4e163 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -214,6 +214,9 @@
#define MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED 1
#define MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED 0
+#define MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED 0
+#define MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED 1
+
/*
* Default range for DTLS retransmission timer value, in milliseconds.
* RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
@@ -393,6 +396,8 @@
#define MBEDTLS_TLS_EXT_SIG_ALG 13
+#define MBEDTLS_TLS_EXT_USE_SRTP 14
+
#define MBEDTLS_TLS_EXT_ALPN 16
#define MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC 22 /* 0x16 */
@@ -851,6 +856,41 @@
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED &&
!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+
+#define MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH 255
+#define MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH 4
+/*
+ * For code readability use a typedef for DTLS-SRTP profiles
+ *
+ * Use_srtp extension protection profiles values as defined in
+ * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
+ *
+ * Reminder: if this list is expanded mbedtls_ssl_check_srtp_profile_value
+ * must be updated too.
+ */
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80 ( (uint16_t) 0x0001)
+#define MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32 ( (uint16_t) 0x0002)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80 ( (uint16_t) 0x0005)
+#define MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 ( (uint16_t) 0x0006)
+/* This one is not iana defined, but for code readability. */
+#define MBEDTLS_TLS_SRTP_UNSET ( (uint16_t) 0x0000)
+
+typedef uint16_t mbedtls_ssl_srtp_profile;
+
+typedef struct mbedtls_dtls_srtp_info_t
+{
+ /*! The SRTP profile that was negotiated. */
+ mbedtls_ssl_srtp_profile chosen_dtls_srtp_profile;
+ /*! The length of mki_value. */
+ uint16_t mki_len;
+ /*! The mki_value used, with max size of 256 bytes. */
+ unsigned char mki_value[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
+}
+mbedtls_dtls_srtp_info;
+
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* This structure is used for storing current session data.
*
@@ -1057,6 +1097,13 @@
const char **alpn_list; /*!< ordered list of protocols */
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ /*! ordered list of supported srtp profile */
+ const mbedtls_ssl_srtp_profile *dtls_srtp_profile_list;
+ /*! number of supported profiles */
+ size_t dtls_srtp_profile_list_len;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* Numerical settings (int then char)
*/
@@ -1137,9 +1184,12 @@
* record with unexpected CID
* should lead to failure. */
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ unsigned int dtls_srtp_mki_support : 1; /* support having mki_value
+ in the use_srtp extension */
+#endif
};
-
struct mbedtls_ssl_context
{
const mbedtls_ssl_config *conf; /*!< configuration information */
@@ -1298,6 +1348,13 @@
const char *alpn_chosen; /*!< negotiated protocol */
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ /*
+ * use_srtp extension
+ */
+ mbedtls_dtls_srtp_info dtls_srtp_info;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* Information for DTLS hello verify
*/
@@ -2032,6 +2089,8 @@
* (Default: none.)
*
* \note See \c mbedtls_ssl_export_keys_ext_t.
+ * \warning Exported key material must not be used for any purpose
+ * before the (D)TLS handshake is completed
*
* \param conf SSL configuration context
* \param f_export_keys_ext Callback for exporting keys
@@ -3120,6 +3179,105 @@
const char *mbedtls_ssl_get_alpn_protocol( const mbedtls_ssl_context *ssl );
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+#if defined(MBEDTLS_DEBUG_C)
+static inline const char *mbedtls_ssl_get_srtp_profile_as_string( mbedtls_ssl_srtp_profile profile )
+{
+ switch( profile )
+ {
+ case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
+ return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" );
+ case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
+ return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" );
+ case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
+ return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" );
+ case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
+ return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" );
+ default: break;
+ }
+ return( "" );
+}
+#endif /* MBEDTLS_DEBUG_C */
+/**
+ * \brief Manage support for mki(master key id) value
+ * in use_srtp extension.
+ * MKI is an optional part of SRTP used for key management
+ * and re-keying. See RFC3711 section 3.1 for details.
+ * The default value is
+ * #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED.
+ *
+ * \param conf The SSL configuration to manage mki support.
+ * \param support_mki_value Enable or disable mki usage. Values are
+ * #MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED
+ * or #MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED.
+ */
+void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
+ int support_mki_value );
+
+/**
+ * \brief Set the supported DTLS-SRTP protection profiles.
+ *
+ * \param conf SSL configuration
+ * \param profiles Pointer to a List of MBEDTLS_TLS_SRTP_UNSET terminated
+ * supported protection profiles
+ * in decreasing preference order.
+ * The pointer to the list is recorded by the library
+ * for later reference as required, so the lifetime
+ * of the table must be at least as long as the lifetime
+ * of the SSL configuration structure.
+ * The list must not hold more than
+ * MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH elements
+ * (excluding the terminating MBEDTLS_TLS_SRTP_UNSET).
+ *
+ * \return 0 on success
+ * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of
+ * protection profiles is incorrect.
+ */
+int mbedtls_ssl_conf_dtls_srtp_protection_profiles
+ ( mbedtls_ssl_config *conf,
+ const mbedtls_ssl_srtp_profile *profiles );
+
+/**
+ * \brief Set the mki_value for the current DTLS-SRTP session.
+ *
+ * \param ssl SSL context to use.
+ * \param mki_value The MKI value to set.
+ * \param mki_len The length of the MKI value.
+ *
+ * \note This function is relevant on client side only.
+ * The server discovers the mki value during handshake.
+ * A mki value set on server side using this function
+ * is ignored.
+ *
+ * \return 0 on success
+ * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA
+ * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE
+ */
+int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
+ unsigned char *mki_value,
+ uint16_t mki_len );
+/**
+ * \brief Get the negotiated DTLS-SRTP informations:
+ * Protection profile and MKI value.
+ *
+ * \warning This function must be called after the handshake is
+ * completed. The value returned by this function must
+ * not be trusted or acted upon before the handshake completes.
+ *
+ * \param ssl The SSL context to query.
+ * \param dtls_srtp_info The negotiated DTLS-SRTP informations:
+ * - Protection profile in use.
+ * A direct mapping of the iana defined value for protection
+ * profile on an uint16_t.
+ http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
+ * #MBEDTLS_TLS_SRTP_UNSET if the use of SRTP was not negotiated
+ * or peer's Hello packet was not parsed yet.
+ * - mki size and value( if size is > 0 ).
+ */
+void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
+ mbedtls_dtls_srtp_info *dtls_srtp_info );
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/**
* \brief Set the maximum supported version sent from the client side
* and/or accepted at the server side
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 7b78c73..1dc9648 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -1095,6 +1095,23 @@
mbedtls_md_type_t md );
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
+ ( const uint16_t srtp_profile_value )
+{
+ switch( srtp_profile_value )
+ {
+ case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
+ case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
+ case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
+ case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
+ return srtp_profile_value;
+ default: break;
+ }
+ return( MBEDTLS_TLS_SRTP_UNSET );
+}
+#endif
+
#if defined(MBEDTLS_X509_CRT_PARSE_C)
static inline mbedtls_pk_context *mbedtls_ssl_own_key( mbedtls_ssl_context *ssl )
{
diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
new file mode 100644
index 0000000..8dbb18d
--- /dev/null
+++ b/include/psa/crypto_config.h
@@ -0,0 +1,56 @@
+/**
+ * \file psa/crypto_config.h
+ * \brief PSA crypto configuration options (set of defines)
+ *
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+/**
+ * When #MBEDTLS_PSA_CRYPTO_CONFIG is enabled in config.h,
+ * this file determines which cryptographic mechanisms are enabled
+ * through the PSA Cryptography API (\c psa_xxx() functions).
+ *
+ * To enable a cryptographic mechanism, uncomment the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * To disable a cryptographic mechanism, comment out the definition of
+ * the corresponding \c PSA_WANT_xxx preprocessor symbol.
+ * The names of cryptographic mechanisms correspond to values
+ * defined in psa/crypto_values.h, with the prefix \c PSA_WANT_ instead
+ * of \c PSA_.
+ *
+ * Note that many cryptographic mechanisms involve two symbols: one for
+ * the key type (\c PSA_WANT_KEY_TYPE_xxx) and one for the algorithm
+ * (\c PSA_WANT_ALG_xxx). Mechanisms with additional parameters may involve
+ * additional symbols.
+ */
+#else
+/**
+ * When \c MBEDTLS_PSA_CRYPTO_CONFIG is disabled in config.h,
+ * this file is not used, and cryptographic mechanisms are supported
+ * through the PSA API if and only if they are supported through the
+ * mbedtls_xxx API.
+ */
+#endif
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef PSA_CRYPTO_CONFIG_H
+#define PSA_CRYPTO_CONFIG_H
+
+#define PSA_WANT_ALG_ECDSA 1
+#define PSA_WANT_ALG_DETERMINISTIC_ECDSA 1
+
+#endif /* PSA_CRYPTO_CONFIG_H */
diff --git a/include/psa/crypto_sizes.h b/include/psa/crypto_sizes.h
index f6373b8..4dc8ad4 100644
--- a/include/psa/crypto_sizes.h
+++ b/include/psa/crypto_sizes.h
@@ -657,4 +657,91 @@
PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(key_type) ? PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE(key_bits) : \
0)
+/** The default nonce size for an AEAD algorithm, in bytes.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to
+ * store the nonce output from #psa_aead_generate_nonce().
+ *
+ * See also #PSA_AEAD_NONCE_MAX_SIZE.
+ *
+ * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
+ * #psa_aead_encrypt() or #psa_aead_decrypt(), just the default size that is generated by
+ * #psa_aead_generate_nonce().
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm \p alg.
+ *
+ * \param alg An AEAD algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_AEAD(\p alg) is true).
+ *
+ * \return The default nonce size for the specified key type and algorithm.
+ * If the key type or AEAD algorithm is not recognized,
+ * or the parameters are incompatible, return 0.
+ * An implementation can return either 0 or a correct size for a key type
+ * and AEAD algorithm that it recognizes, but does not support.
+ */
+#define PSA_AEAD_NONCE_LENGTH(key_type, alg) \
+ (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) == 16 && \
+ (PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CCM || \
+ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_GCM) ? 12 : \
+ (key_type) == PSA_KEY_TYPE_CHACHA20 && \
+ PSA_ALG_AEAD_WITH_DEFAULT_TAG_LENGTH(alg) == PSA_ALG_CHACHA20_POLY1305 ? 12 : \
+ 0)
+
+/** The maximum default nonce size among all supported pairs of key types and AEAD algorithms, in bytes.
+ *
+ * This is equal to or greater than any value that #PSA_AEAD_NONCE_LENGTH() may return.
+ *
+ * \note This is not the maximum size of nonce supported as input to #psa_aead_set_nonce(),
+ * #psa_aead_encrypt() or #psa_aead_decrypt(), just the largest size that may be generated by
+ * #psa_aead_generate_nonce().
+ */
+#define PSA_AEAD_NONCE_MAX_SIZE 12
+
+/** The default IV size for a cipher algorithm, in bytes.
+ *
+ * The IV that is generated as part of a call to #psa_cipher_encrypt() is always
+ * the default IV length for the algorithm.
+ *
+ * This macro can be used to allocate a buffer of sufficient size to
+ * store the IV output from #psa_cipher_generate_iv() when using
+ * a multi-part cipher operation.
+ *
+ * See also #PSA_CIPHER_IV_MAX_SIZE.
+ *
+ * \warning This macro may evaluate its arguments multiple times or
+ * zero times, so you should not pass arguments that contain
+ * side effects.
+ *
+ * \param key_type A symmetric key type that is compatible with algorithm \p alg.
+ *
+ * \param alg A cipher algorithm (\c PSA_ALG_XXX value such that #PSA_ALG_IS_CIPHER(\p alg) is true).
+ *
+ * \return The default IV size for the specified key type and algorithm.
+ * If the algorithm does not use an IV, return 0.
+ * If the key type or cipher algorithm is not recognized,
+ * or the parameters are incompatible, return 0.
+ * An implementation can return either 0 or a correct size for a key type
+ * and cipher algorithm that it recognizes, but does not support.
+ */
+#define PSA_CIPHER_IV_LENGTH(key_type, alg) \
+ (PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) > 1 && \
+ ((alg) == PSA_ALG_CTR || \
+ (alg) == PSA_ALG_CFB || \
+ (alg) == PSA_ALG_OFB || \
+ (alg) == PSA_ALG_XTS || \
+ (alg) == PSA_ALG_CBC_NO_PADDING || \
+ (alg) == PSA_ALG_CBC_PKCS7) ? PSA_BLOCK_CIPHER_BLOCK_SIZE(key_type) : \
+ (key_type) == PSA_KEY_TYPE_CHACHA20 && \
+ (alg) == PSA_ALG_CHACHA20 ? 12 : \
+ 0)
+
+/** The maximum IV size for all supported cipher algorithms, in bytes.
+ *
+ * See also #PSA_CIPHER_IV_LENGTH().
+ */
+#define PSA_CIPHER_IV_MAX_SIZE 16
+
#endif /* PSA_CRYPTO_SIZES_H */
diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt
index 4444b98..8962555 100644
--- a/library/CMakeLists.txt
+++ b/library/CMakeLists.txt
@@ -150,46 +150,59 @@
message(FATAL_ERROR "Need to choose static or shared mbedtls build!")
endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY)
-set(target_libraries "mbedcrypto" "mbedx509" "mbedtls")
+set(mbedtls_target "${MBEDTLS_TARGET_PREFIX}mbedtls")
+set(mbedx509_target "${MBEDTLS_TARGET_PREFIX}mbedx509")
+set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto")
+
+set(mbedtls_target ${mbedtls_target} PARENT_SCOPE)
+set(mbedx509_target ${mbedx509_target} PARENT_SCOPE)
+set(mbedcrypto_target ${mbedcrypto_target} PARENT_SCOPE)
+
+if (USE_STATIC_MBEDTLS_LIBRARY)
+ set(mbedtls_static_target ${mbedtls_target})
+ set(mbedx509_static_target ${mbedx509_target})
+ set(mbedcrypto_static_target ${mbedcrypto_target})
+endif()
+
+set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- set(mbedtls_static_target "mbedtls_static")
- set(mbedx509_static_target "mbedx509_static")
- set(mbedcrypto_static_target "mbedcrypto_static")
+ string(APPEND mbedtls_static_target "_static")
+ string(APPEND mbedx509_static_target "_static")
+ string(APPEND mbedcrypto_static_target "_static")
+
list(APPEND target_libraries
- "mbedcrypto_static" "mbedx509_static" "mbedtls_static")
-elseif(USE_STATIC_MBEDTLS_LIBRARY)
- set(mbedtls_static_target "mbedtls")
- set(mbedx509_static_target "mbedx509")
- set(mbedcrypto_static_target "mbedcrypto")
+ ${mbedcrypto_static_target}
+ ${mbedx509_static_target}
+ ${mbedtls_static_target})
endif()
if(USE_STATIC_MBEDTLS_LIBRARY)
add_library(${mbedcrypto_static_target} STATIC ${src_crypto})
set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto)
- target_link_libraries(${mbedcrypto_static_target} ${libs})
+ target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs})
add_library(${mbedx509_static_target} STATIC ${src_x509})
set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509)
- target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target})
+ target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target})
add_library(${mbedtls_static_target} STATIC ${src_tls})
set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls)
- target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target})
+ target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target})
endif(USE_STATIC_MBEDTLS_LIBRARY)
if(USE_SHARED_MBEDTLS_LIBRARY)
- add_library(mbedcrypto SHARED ${src_crypto})
- set_target_properties(mbedcrypto PROPERTIES VERSION 2.24.0 SOVERSION 5)
- target_link_libraries(mbedcrypto ${libs})
+ add_library(${mbedcrypto_target} SHARED ${src_crypto})
+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.24.0 SOVERSION 5)
+ target_link_libraries(${mbedcrypto_target} PUBLIC ${libs})
- add_library(mbedx509 SHARED ${src_x509})
- set_target_properties(mbedx509 PROPERTIES VERSION 2.24.0 SOVERSION 1)
- target_link_libraries(mbedx509 ${libs} mbedcrypto)
+ add_library(${mbedx509_target} SHARED ${src_x509})
+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.24.0 SOVERSION 1)
+ target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target})
- add_library(mbedtls SHARED ${src_tls})
- set_target_properties(mbedtls PROPERTIES VERSION 2.24.0 SOVERSION 13)
- target_link_libraries(mbedtls ${libs} mbedx509)
+ add_library(${mbedtls_target} SHARED ${src_tls})
+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.24.0 SOVERSION 13)
+ target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target})
endif(USE_SHARED_MBEDTLS_LIBRARY)
foreach(target IN LISTS target_libraries)
@@ -210,7 +223,9 @@
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
endforeach(target)
-add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls)
+set(lib_target "${MBEDTLS_TARGET_PREFIX}lib")
+
+add_custom_target(${lib_target} DEPENDS ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target})
if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY)
- add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static)
+ add_dependencies(${lib_target} ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target})
endif()
diff --git a/library/aes.c b/library/aes.c
index b538664..3f61642 100644
--- a/library/aes.c
+++ b/library/aes.c
@@ -866,63 +866,56 @@
unsigned char output[16] )
{
int i;
- uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
+ uint32_t *RK = ctx->rk;
+ struct
+ {
+ uint32_t X[4];
+ uint32_t Y[4];
+ } t;
- RK = ctx->rk;
-
- GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++;
- GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++;
- GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++;
- GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
+ GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++;
+ GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++;
+ GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++;
+ GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
- AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
- AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 );
+ AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
+ AES_FROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] );
}
- AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+ AES_FROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
- X0 = *RK++ ^ \
- ( (uint32_t) FSb[ ( Y0 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 );
+ t.X[0] = *RK++ ^ \
+ ( (uint32_t) FSb[ ( t.Y[0] ) & 0xFF ] ) ^
+ ( (uint32_t) FSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) FSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) FSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
- X1 = *RK++ ^ \
- ( (uint32_t) FSb[ ( Y1 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
+ t.X[1] = *RK++ ^ \
+ ( (uint32_t) FSb[ ( t.Y[1] ) & 0xFF ] ) ^
+ ( (uint32_t) FSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) FSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) FSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
- X2 = *RK++ ^ \
- ( (uint32_t) FSb[ ( Y2 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 );
+ t.X[2] = *RK++ ^ \
+ ( (uint32_t) FSb[ ( t.Y[2] ) & 0xFF ] ) ^
+ ( (uint32_t) FSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) FSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) FSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
- X3 = *RK++ ^ \
- ( (uint32_t) FSb[ ( Y3 ) & 0xFF ] ) ^
- ( (uint32_t) FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 );
+ t.X[3] = *RK++ ^ \
+ ( (uint32_t) FSb[ ( t.Y[3] ) & 0xFF ] ) ^
+ ( (uint32_t) FSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) FSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) FSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
- PUT_UINT32_LE( X0, output, 0 );
- PUT_UINT32_LE( X1, output, 4 );
- PUT_UINT32_LE( X2, output, 8 );
- PUT_UINT32_LE( X3, output, 12 );
+ PUT_UINT32_LE( t.X[0], output, 0 );
+ PUT_UINT32_LE( t.X[1], output, 4 );
+ PUT_UINT32_LE( t.X[2], output, 8 );
+ PUT_UINT32_LE( t.X[3], output, 12 );
- mbedtls_platform_zeroize( &X0, sizeof( X0 ) );
- mbedtls_platform_zeroize( &X1, sizeof( X1 ) );
- mbedtls_platform_zeroize( &X2, sizeof( X2 ) );
- mbedtls_platform_zeroize( &X3, sizeof( X3 ) );
-
- mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) );
- mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) );
- mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) );
- mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) );
-
- mbedtls_platform_zeroize( &RK, sizeof( RK ) );
+ mbedtls_platform_zeroize( &t, sizeof( t ) );
return( 0 );
}
@@ -946,63 +939,56 @@
unsigned char output[16] )
{
int i;
- uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
+ uint32_t *RK = ctx->rk;
+ struct
+ {
+ uint32_t X[4];
+ uint32_t Y[4];
+ } t;
- RK = ctx->rk;
-
- GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++;
- GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++;
- GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++;
- GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
+ GET_UINT32_LE( t.X[0], input, 0 ); t.X[0] ^= *RK++;
+ GET_UINT32_LE( t.X[1], input, 4 ); t.X[1] ^= *RK++;
+ GET_UINT32_LE( t.X[2], input, 8 ); t.X[2] ^= *RK++;
+ GET_UINT32_LE( t.X[3], input, 12 ); t.X[3] ^= *RK++;
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
- AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
- AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 );
+ AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
+ AES_RROUND( t.X[0], t.X[1], t.X[2], t.X[3], t.Y[0], t.Y[1], t.Y[2], t.Y[3] );
}
- AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 );
+ AES_RROUND( t.Y[0], t.Y[1], t.Y[2], t.Y[3], t.X[0], t.X[1], t.X[2], t.X[3] );
- X0 = *RK++ ^ \
- ( (uint32_t) RSb[ ( Y0 ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 );
+ t.X[0] = *RK++ ^ \
+ ( (uint32_t) RSb[ ( t.Y[0] ) & 0xFF ] ) ^
+ ( (uint32_t) RSb[ ( t.Y[3] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) RSb[ ( t.Y[2] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) RSb[ ( t.Y[1] >> 24 ) & 0xFF ] << 24 );
- X1 = *RK++ ^ \
- ( (uint32_t) RSb[ ( Y1 ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 );
+ t.X[1] = *RK++ ^ \
+ ( (uint32_t) RSb[ ( t.Y[1] ) & 0xFF ] ) ^
+ ( (uint32_t) RSb[ ( t.Y[0] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) RSb[ ( t.Y[3] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) RSb[ ( t.Y[2] >> 24 ) & 0xFF ] << 24 );
- X2 = *RK++ ^ \
- ( (uint32_t) RSb[ ( Y2 ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 );
+ t.X[2] = *RK++ ^ \
+ ( (uint32_t) RSb[ ( t.Y[2] ) & 0xFF ] ) ^
+ ( (uint32_t) RSb[ ( t.Y[1] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) RSb[ ( t.Y[0] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) RSb[ ( t.Y[3] >> 24 ) & 0xFF ] << 24 );
- X3 = *RK++ ^ \
- ( (uint32_t) RSb[ ( Y3 ) & 0xFF ] ) ^
- ( (uint32_t) RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^
- ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
- ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
+ t.X[3] = *RK++ ^ \
+ ( (uint32_t) RSb[ ( t.Y[3] ) & 0xFF ] ) ^
+ ( (uint32_t) RSb[ ( t.Y[2] >> 8 ) & 0xFF ] << 8 ) ^
+ ( (uint32_t) RSb[ ( t.Y[1] >> 16 ) & 0xFF ] << 16 ) ^
+ ( (uint32_t) RSb[ ( t.Y[0] >> 24 ) & 0xFF ] << 24 );
- PUT_UINT32_LE( X0, output, 0 );
- PUT_UINT32_LE( X1, output, 4 );
- PUT_UINT32_LE( X2, output, 8 );
- PUT_UINT32_LE( X3, output, 12 );
+ PUT_UINT32_LE( t.X[0], output, 0 );
+ PUT_UINT32_LE( t.X[1], output, 4 );
+ PUT_UINT32_LE( t.X[2], output, 8 );
+ PUT_UINT32_LE( t.X[3], output, 12 );
- mbedtls_platform_zeroize( &X0, sizeof( X0 ) );
- mbedtls_platform_zeroize( &X1, sizeof( X1 ) );
- mbedtls_platform_zeroize( &X2, sizeof( X2 ) );
- mbedtls_platform_zeroize( &X3, sizeof( X3 ) );
-
- mbedtls_platform_zeroize( &Y0, sizeof( Y0 ) );
- mbedtls_platform_zeroize( &Y1, sizeof( Y1 ) );
- mbedtls_platform_zeroize( &Y2, sizeof( Y2 ) );
- mbedtls_platform_zeroize( &Y3, sizeof( Y3 ) );
-
- mbedtls_platform_zeroize( &RK, sizeof( RK ) );
+ mbedtls_platform_zeroize( &t, sizeof( t ) );
return( 0 );
}
diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c
index 8eb2ec0..57eb3cb 100644
--- a/library/cipher_wrap.c
+++ b/library/cipher_wrap.c
@@ -753,7 +753,7 @@
MBEDTLS_MODE_ECB,
128,
"CAMELLIA-128-ECB",
- 16,
+ 0,
0,
16,
&camellia_info
@@ -764,7 +764,7 @@
MBEDTLS_MODE_ECB,
192,
"CAMELLIA-192-ECB",
- 16,
+ 0,
0,
16,
&camellia_info
@@ -775,7 +775,7 @@
MBEDTLS_MODE_ECB,
256,
"CAMELLIA-256-ECB",
- 16,
+ 0,
0,
16,
&camellia_info
@@ -1129,7 +1129,7 @@
MBEDTLS_MODE_ECB,
128,
"ARIA-128-ECB",
- 16,
+ 0,
0,
16,
&aria_info
@@ -1140,7 +1140,7 @@
MBEDTLS_MODE_ECB,
192,
"ARIA-192-ECB",
- 16,
+ 0,
0,
16,
&aria_info
@@ -1151,7 +1151,7 @@
MBEDTLS_MODE_ECB,
256,
"ARIA-256-ECB",
- 16,
+ 0,
0,
16,
&aria_info
@@ -1553,7 +1553,7 @@
MBEDTLS_MODE_ECB,
MBEDTLS_KEY_LENGTH_DES,
"DES-ECB",
- 8,
+ 0,
0,
8,
&des_info
@@ -1604,7 +1604,7 @@
MBEDTLS_MODE_ECB,
MBEDTLS_KEY_LENGTH_DES_EDE,
"DES-EDE-ECB",
- 8,
+ 0,
0,
8,
&des_ede_info
@@ -1655,7 +1655,7 @@
MBEDTLS_MODE_ECB,
MBEDTLS_KEY_LENGTH_DES_EDE3,
"DES-EDE3-ECB",
- 8,
+ 0,
0,
8,
&des_ede3_info
@@ -1770,7 +1770,7 @@
MBEDTLS_MODE_ECB,
128,
"BLOWFISH-ECB",
- 8,
+ 0,
MBEDTLS_CIPHER_VARIABLE_KEY_LEN,
8,
&blowfish_info
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 62a4d15..ab4e47a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -739,7 +739,7 @@
* - The byte 0x04;
* - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
* - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
- * So its data length is 2m+1 where n is the key size in bits.
+ * So its data length is 2m+1 where m is the curve size in bits.
*/
if( ( data_length & 1 ) == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
@@ -969,14 +969,45 @@
return( PSA_SUCCESS );
}
-/** Import key data into a slot. `slot->attr.type` must have been set
- * previously. This function assumes that the slot does not contain
- * any key material yet. On failure, the slot content is unchanged. */
-psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
- const uint8_t *data,
- size_t data_length )
+psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
+ const uint8_t* data,
+ size_t data_length )
+{
+ psa_status_t status = psa_allocate_buffer_to_slot( slot,
+ data_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ memcpy( slot->data.key.data, data, data_length );
+ return( PSA_SUCCESS );
+}
+
+/** Import key data into a slot.
+ *
+ * `slot->type` must have been set previously.
+ * This function assumes that the slot does not contain any key material yet.
+ * On failure, the slot content is unchanged.
+ *
+ * Persistent storage is not affected.
+ *
+ * \param[in,out] slot The key slot to import data into.
+ * Its `type` field must have previously been set to
+ * the desired key type.
+ * It must not contain any key material yet.
+ * \param[in] data Buffer containing the key material to parse and import.
+ * \param data_length Size of \p data in bytes.
+ *
+ * \retval #PSA_SUCCESS
+ * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_NOT_SUPPORTED
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ */
+static psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length )
{
psa_status_t status = PSA_SUCCESS;
+ size_t bit_size;
/* zero-length keys are never supported. */
if( data_length == 0 )
@@ -984,7 +1015,7 @@
if( key_type_is_raw_bytes( slot->attr.type ) )
{
- size_t bit_size = PSA_BYTES_TO_BITS( data_length );
+ bit_size = PSA_BYTES_TO_BITS( data_length );
/* Ensure that the bytes-to-bits conversion hasn't overflown. */
if( data_length > SIZE_MAX / 8 )
@@ -1000,47 +1031,65 @@
return( status );
/* Allocate memory for the key */
- status = psa_allocate_buffer_to_slot( slot, data_length );
+ status = psa_copy_key_material_into_slot( slot, data, data_length );
if( status != PSA_SUCCESS )
return( status );
- /* copy key into allocated buffer */
- memcpy( slot->data.key.data, data, data_length );
-
/* Write the actual key size to the slot.
* psa_start_key_creation() wrote the size declared by the
* caller, which may be 0 (meaning unspecified) or wrong. */
slot->attr.bits = (psa_key_bits_t) bit_size;
+
+ return( PSA_SUCCESS );
}
- else if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
+ else if( PSA_KEY_TYPE_IS_ASYMMETRIC( slot->attr.type ) )
{
+ /* Try validation through accelerators first. */
+ bit_size = slot->attr.bits;
+ psa_key_attributes_t attributes = {
+ .core = slot->attr
+ };
+ status = psa_driver_wrapper_validate_key( &attributes,
+ data,
+ data_length,
+ &bit_size );
+ if( status == PSA_SUCCESS )
+ {
+ /* Key has been validated successfully by an accelerator.
+ * Copy key material into slot. */
+ status = psa_copy_key_material_into_slot( slot, data, data_length );
+ if( status != PSA_SUCCESS )
+ return( status );
+
+ slot->attr.bits = (psa_key_bits_t) bit_size;
+ return( PSA_SUCCESS );
+ }
+ else if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+
+ /* Key format is not supported by any accelerator, try software fallback
+ * if present. */
#if defined(MBEDTLS_ECP_C)
- status = psa_import_ecp_key( slot,
- data, data_length );
-#else
- /* No drivers have been implemented yet, so without mbed TLS backing
- * there's no way to do ECP with the current library. */
- return( PSA_ERROR_NOT_SUPPORTED );
+ if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
+ {
+ return( psa_import_ecp_key( slot, data, data_length ) );
+ }
#endif /* defined(MBEDTLS_ECP_C) */
- }
- else if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
- {
#if defined(MBEDTLS_RSA_C)
- status = psa_import_rsa_key( slot,
- data, data_length );
-#else
- /* No drivers have been implemented yet, so without mbed TLS backing
- * there's no way to do RSA with the current library. */
- status = PSA_ERROR_NOT_SUPPORTED;
+ if( PSA_KEY_TYPE_IS_RSA( slot->attr.type ) )
+ {
+ return( psa_import_rsa_key( slot, data, data_length ) );
+ }
#endif /* defined(MBEDTLS_RSA_C) */
+
+ /* Fell through the fallback as well, so have nothing else to try. */
+ return( PSA_ERROR_NOT_SUPPORTED );
}
else
{
/* Unknown key type */
return( PSA_ERROR_NOT_SUPPORTED );
}
-
- return( status );
}
/** Calculate the intersection of two algorithm usage policies.
@@ -1906,13 +1955,9 @@
static_assert( sizeof( slot->data.se.slot_number ) ==
sizeof( data.slot_number ),
"Slot number size does not match psa_se_key_data_storage_t" );
- static_assert( sizeof( slot->attr.bits ) == sizeof( data.bits ),
- "Bit-size size does not match psa_se_key_data_storage_t" );
#endif
memcpy( &data.slot_number, &slot->data.se.slot_number,
sizeof( slot->data.se.slot_number ) );
- memcpy( &data.bits, &slot->attr.bits,
- sizeof( slot->attr.bits ) );
status = psa_save_persistent_key( &slot->attr,
(uint8_t*) &data,
sizeof( data ) );
@@ -1920,22 +1965,11 @@
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
{
- size_t buffer_size =
- PSA_KEY_EXPORT_MAX_SIZE( slot->attr.type,
- slot->attr.bits );
- uint8_t *buffer = mbedtls_calloc( 1, buffer_size );
- size_t length = 0;
- if( buffer == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- status = psa_internal_export_key( slot,
- buffer, buffer_size, &length,
- 0 );
- if( status == PSA_SUCCESS )
- status = psa_save_persistent_key( &slot->attr,
- buffer, length );
-
- mbedtls_platform_zeroize( buffer, buffer_size );
- mbedtls_free( buffer );
+ /* Key material is saved in export representation in the slot, so
+ * just pass the slot buffer for storage. */
+ status = psa_save_persistent_key( &slot->attr,
+ slot->data.key.data,
+ slot->data.key.bytes );
}
}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
@@ -2183,26 +2217,16 @@
static psa_status_t psa_copy_key_material( const psa_key_slot_t *source,
psa_key_slot_t *target )
{
- psa_status_t status;
- uint8_t *buffer = NULL;
- size_t buffer_size = 0;
- size_t length;
-
- buffer_size = PSA_KEY_EXPORT_MAX_SIZE( source->attr.type,
- psa_get_key_slot_bits( source ) );
- buffer = mbedtls_calloc( 1, buffer_size );
- if( buffer == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
- status = psa_internal_export_key( source, buffer, buffer_size, &length, 0 );
+ psa_status_t status = psa_copy_key_material_into_slot( target,
+ source->data.key.data,
+ source->data.key.bytes );
if( status != PSA_SUCCESS )
- goto exit;
- target->attr.type = source->attr.type;
- status = psa_import_key_into_slot( target, buffer, length );
+ return( status );
-exit:
- mbedtls_platform_zeroize( buffer, buffer_size );
- mbedtls_free( buffer );
- return( status );
+ target->attr.type = source->attr.type;
+ target->attr.bits = source->attr.bits;
+
+ return( PSA_SUCCESS );
}
psa_status_t psa_copy_key( psa_key_handle_t source_handle,
@@ -2265,7 +2289,7 @@
/* Message digests */
/****************************************************************/
-#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
static const mbedtls_md_info_t *mbedtls_md_info_from_psa( psa_algorithm_t alg )
{
switch( alg )
@@ -2308,7 +2332,7 @@
return( NULL );
}
}
-#endif
+#endif /* defined(MBEDTLS_RSA_C) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
psa_status_t psa_hash_abort( psa_hash_operation_t *operation )
{
@@ -3539,7 +3563,7 @@
}
#endif /* MBEDTLS_RSA_C */
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
/* `ecp` cannot be const because `ecp->grp` needs to be non-const
* for mbedtls_ecdsa_sign() and mbedtls_ecdsa_sign_det()
* (even though these functions don't modify it). */
@@ -3563,7 +3587,7 @@
goto cleanup;
}
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
if( PSA_ALG_DSA_IS_DETERMINISTIC( alg ) )
{
psa_algorithm_t hash_alg = PSA_ALG_SIGN_GET_HASH( alg );
@@ -3576,7 +3600,7 @@
&global_data.ctr_drbg ) );
}
else
-#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
{
(void) alg;
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ecp->grp, &r, &s, &ecp->d,
@@ -3638,7 +3662,7 @@
mbedtls_mpi_free( &s );
return( mbedtls_to_psa_error( ret ) );
}
-#endif /* MBEDTLS_ECDSA_C */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA */
psa_status_t psa_sign_hash( psa_key_handle_t handle,
psa_algorithm_t alg,
@@ -3707,9 +3731,9 @@
#if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
{
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA)
if(
-#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
PSA_ALG_IS_ECDSA( alg )
#else
PSA_ALG_IS_RANDOMIZED_ECDSA( alg )
@@ -3732,7 +3756,7 @@
mbedtls_free( ecp );
}
else
-#endif /* defined(MBEDTLS_ECDSA_C) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) */
{
status = PSA_ERROR_INVALID_ARGUMENT;
}
@@ -3808,7 +3832,7 @@
#if defined(MBEDTLS_ECP_C)
if( PSA_KEY_TYPE_IS_ECC( slot->attr.type ) )
{
-#if defined(MBEDTLS_ECDSA_C)
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
if( PSA_ALG_IS_ECDSA( alg ) )
{
mbedtls_ecp_keypair *ecp = NULL;
@@ -3826,7 +3850,7 @@
return( status );
}
else
-#endif /* defined(MBEDTLS_ECDSA_C) */
+#endif /* defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA) */
{
return( PSA_ERROR_INVALID_ARGUMENT );
}
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 6ee17fc..8d1f1bb 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -137,30 +137,26 @@
*/
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
-/** Import key data into a slot.
+/** Copy key data (in export format) into an empty key slot.
*
- * `slot->type` must have been set previously.
- * This function assumes that the slot does not contain any key material yet.
- * On failure, the slot content is unchanged.
+ * This function assumes that the slot does not contain
+ * any key material yet. On failure, the slot content is unchanged.
*
- * Persistent storage is not affected.
+ * \param[in,out] slot Key slot to copy the key into.
+ * \param[in] data Buffer containing the key material.
+ * \param data_length Size of the key buffer.
*
- * \param[in,out] slot The key slot to import data into.
- * Its `type` field must have previously been set to
- * the desired key type.
- * It must not contain any key material yet.
- * \param[in] data Buffer containing the key material to parse and import.
- * \param data_length Size of \p data in bytes.
- *
- * \retval PSA_SUCCESS
- * \retval PSA_ERROR_INVALID_ARGUMENT
- * \retval PSA_ERROR_NOT_SUPPORTED
- * \retval PSA_ERROR_INSUFFICIENT_MEMORY
+ * \retval #PSA_SUCCESS
+ * The key has been copied successfully.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * Not enough memory was available for allocation of the
+ * copy buffer.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * There was other key material already present in the slot.
*/
-psa_status_t psa_import_key_into_slot( psa_key_slot_t *slot,
- const uint8_t *data,
- size_t data_length );
-
+psa_status_t psa_copy_key_material_into_slot( psa_key_slot_t *slot,
+ const uint8_t *data,
+ size_t data_length );
/** Convert an mbed TLS error code to a PSA error code
*
diff --git a/library/psa_crypto_driver_wrappers.c b/library/psa_crypto_driver_wrappers.c
index f19f559..4040b36 100644
--- a/library/psa_crypto_driver_wrappers.c
+++ b/library/psa_crypto_driver_wrappers.c
@@ -410,6 +410,34 @@
#endif /* PSA_CRYPTO_DRIVER_PRESENT */
}
+psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ size_t *bits )
+{
+#if defined(PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT)
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+ /* Try accelerators in turn */
+#if defined(PSA_CRYPTO_DRIVER_TEST)
+ status = test_transparent_validate_key( attributes,
+ data,
+ data_length,
+ bits );
+ /* Declared with fallback == true */
+ if( status != PSA_ERROR_NOT_SUPPORTED )
+ return( status );
+#endif /* PSA_CRYPTO_DRIVER_TEST */
+
+ return( PSA_ERROR_NOT_SUPPORTED );
+#else /* PSA_CRYPTO_ACCELERATOR_DRIVER_PRESENT */
+ (void) attributes;
+ (void) data;
+ (void) data_length;
+ (void) bits;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* PSA_CRYPTO_DRIVER_PRESENT */
+}
+
/*
* Cipher functions
*/
@@ -617,7 +645,7 @@
#endif /* PSA_CRYPTO_DRIVER_TEST */
default:
/* Key is declared with a lifetime not known to us */
- return( PSA_ERROR_BAD_STATE );
+ return( PSA_ERROR_NOT_SUPPORTED );
}
#else /* PSA_CRYPTO_DRIVER_PRESENT */
(void)slot;
@@ -698,7 +726,7 @@
#endif /* PSA_CRYPTO_DRIVER_TEST */
default:
/* Key is declared with a lifetime not known to us */
- return( PSA_ERROR_BAD_STATE );
+ return( PSA_ERROR_NOT_SUPPORTED );
}
#else /* PSA_CRYPTO_DRIVER_PRESENT */
(void)slot;
diff --git a/library/psa_crypto_driver_wrappers.h b/library/psa_crypto_driver_wrappers.h
index 0db15d6..b0b483b 100644
--- a/library/psa_crypto_driver_wrappers.h
+++ b/library/psa_crypto_driver_wrappers.h
@@ -43,9 +43,18 @@
const uint8_t *signature,
size_t signature_length );
+/*
+ * Key handling functions
+ */
+
psa_status_t psa_driver_wrapper_generate_key( const psa_key_attributes_t *attributes,
psa_key_slot_t *slot );
+psa_status_t psa_driver_wrapper_validate_key( const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ size_t *bits );
+
/*
* Cipher functions
*/
diff --git a/library/psa_crypto_its.h b/library/psa_crypto_its.h
index 93c4ce9..b671d63 100644
--- a/library/psa_crypto_its.h
+++ b/library/psa_crypto_its.h
@@ -142,4 +142,8 @@
*/
psa_status_t psa_its_remove(psa_storage_uid_t uid);
+#ifdef __cplusplus
+}
+#endif
+
#endif /* PSA_CRYPTO_ITS_H */
diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h
index 5691738..67fadf8 100644
--- a/library/psa_crypto_se.h
+++ b/library/psa_crypto_se.h
@@ -182,7 +182,6 @@
typedef struct
{
uint8_t slot_number[sizeof( psa_key_slot_number_t )];
- uint8_t bits[sizeof( psa_key_bits_t )];
} psa_se_key_data_storage_t;
#endif /* PSA_CRYPTO_SE_H */
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index e526560..5140772 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -137,13 +137,13 @@
data = (psa_se_key_data_storage_t *) key_data;
memcpy( &slot->data.se.slot_number, &data->slot_number,
sizeof( slot->data.se.slot_number ) );
- memcpy( &slot->attr.bits, &data->bits,
- sizeof( slot->attr.bits ) );
}
else
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
{
- status = psa_import_key_into_slot( slot, key_data, key_data_length );
+ status = psa_copy_key_material_into_slot( slot, key_data, key_data_length );
+ if( status != PSA_SUCCESS )
+ goto exit;
}
exit:
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 46d0b65..2ab5903 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -253,6 +253,25 @@
}
#endif
+/*
+ * 16-bit integer manipulation macros (little endian)
+ */
+#ifndef GET_UINT16_LE
+#define GET_UINT16_LE( n, b, i ) \
+{ \
+ (n) = ( (uint16_t) (b)[(i) ] ) \
+ | ( (uint16_t) (b)[(i) + 1] << 8 ); \
+}
+#endif
+
+#ifndef PUT_UINT16_LE
+#define PUT_UINT16_LE( n, b, i ) \
+{ \
+ (b)[(i) ] = (unsigned char) ( ( (n) ) & 0xFF ); \
+ (b)[(i) + 1] = (unsigned char) ( ( (n) >> 8 ) & 0xFF ); \
+}
+#endif
+
/**
* Persistent key storage magic header.
*/
@@ -263,9 +282,8 @@
uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
uint8_t version[4];
uint8_t lifetime[sizeof( psa_key_lifetime_t )];
- uint8_t type[4]; /* Size=4 for a 2-byte type to keep the structure more
- * regular and aligned and to make potential future
- * extensibility easier. */
+ uint8_t type[2];
+ uint8_t bits[2];
uint8_t policy[sizeof( psa_key_policy_t )];
uint8_t data_len[4];
uint8_t key_data[];
@@ -282,7 +300,8 @@
memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
PUT_UINT32_LE( 0, storage_format->version, 0 );
PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
- PUT_UINT32_LE( (uint32_t) attr->type, storage_format->type, 0 );
+ PUT_UINT16_LE( (uint16_t) attr->type, storage_format->type, 0 );
+ PUT_UINT16_LE( (uint16_t) attr->bits, storage_format->bits, 0 );
PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
@@ -308,7 +327,6 @@
const psa_persistent_key_storage_format *storage_format =
(const psa_persistent_key_storage_format *)storage_data;
uint32_t version;
- uint32_t type;
if( storage_data_length < sizeof(*storage_format) )
return( PSA_ERROR_STORAGE_FAILURE );
@@ -339,11 +357,8 @@
}
GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
- GET_UINT32_LE( type, storage_format->type, 0 );
- if( type <= (psa_key_type_t) -1 )
- attr->type = (psa_key_type_t) type;
- else
- return( PSA_ERROR_STORAGE_FAILURE );
+ GET_UINT16_LE( attr->type, storage_format->type, 0 );
+ GET_UINT16_LE( attr->bits, storage_format->bits, 0 );
GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index de845a7..3def1b5 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -81,9 +81,10 @@
* This function formats the key data and metadata and saves it to a
* persistent storage backend. The storage location corresponding to the
* key slot must be empty, otherwise this function will fail. This function
- * should be called after psa_import_key_into_slot() to ensure the
+ * should be called after loading the key into an internal slot to ensure the
* persistent key is not saved into a storage location corresponding to an
- * already occupied non-persistent key, as well as validating the key data.
+ * already occupied non-persistent key, as well as ensuring the key data is
+ * validated.
*
*
* \param[in] attr The attributes of the key to save.
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index 083b720..76be8ab 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -756,6 +756,126 @@
}
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+static int ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ const unsigned char *end,
+ size_t *olen )
+{
+ unsigned char *p = buf;
+ size_t protection_profiles_index = 0, ext_len = 0;
+ uint16_t mki_len = 0, profile_value = 0;
+
+ *olen = 0;
+
+ if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
+ ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
+ ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
+ {
+ return( 0 );
+ }
+
+ /* RFC 5764 section 4.1.1
+ * uint8 SRTPProtectionProfile[2];
+ *
+ * struct {
+ * SRTPProtectionProfiles SRTPProtectionProfiles;
+ * opaque srtp_mki<0..255>;
+ * } UseSRTPData;
+ * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+ */
+ if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
+ {
+ mki_len = ssl->dtls_srtp_info.mki_len;
+ }
+ /* Extension length = 2 bytes for profiles length,
+ * ssl->conf->dtls_srtp_profile_list_len * 2 (each profile is 2 bytes length ),
+ * 1 byte for srtp_mki vector length and the mki_len value
+ */
+ ext_len = 2 + 2 * ( ssl->conf->dtls_srtp_profile_list_len ) + 1 + mki_len;
+
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding use_srtp extension" ) );
+
+ /* Check there is room in the buffer for the extension + 4 bytes
+ * - the extension tag (2 bytes)
+ * - the extension length (2 bytes)
+ */
+ MBEDTLS_SSL_CHK_BUF_PTR( p, end, ext_len + 4 );
+
+ *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF );
+
+
+ *p++ = (unsigned char)( ( ( ext_len & 0xFF00 ) >> 8 ) & 0xFF );
+ *p++ = (unsigned char)( ext_len & 0xFF );
+
+ /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
+ /* micro-optimization:
+ * the list size is limited to MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH
+ * which is lower than 127, so the upper byte of the length is always 0
+ * For the documentation, the more generic code is left in comments
+ * *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
+ * >> 8 ) & 0xFF );
+ */
+ *p++ = 0;
+ *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
+ & 0xFF );
+
+ for( protection_profiles_index=0;
+ protection_profiles_index < ssl->conf->dtls_srtp_profile_list_len;
+ protection_profiles_index++ )
+ {
+ profile_value = mbedtls_ssl_check_srtp_profile_value
+ ( ssl->conf->dtls_srtp_profile_list[protection_profiles_index] );
+ if( profile_value != MBEDTLS_TLS_SRTP_UNSET )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "ssl_write_use_srtp_ext, add profile: %04x",
+ profile_value ) );
+ *p++ = ( ( profile_value >> 8 ) & 0xFF );
+ *p++ = ( profile_value & 0xFF );
+ }
+ else
+ {
+ /*
+ * Note: we shall never arrive here as protection profiles
+ * is checked by mbedtls_ssl_conf_dtls_srtp_protection_profiles function
+ */
+ MBEDTLS_SSL_DEBUG_MSG( 3,
+ ( "client hello, "
+ "illegal DTLS-SRTP protection profile %d",
+ ssl->conf->dtls_srtp_profile_list[protection_profiles_index]
+ ) );
+ return( MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED );
+ }
+ }
+
+ *p++ = mki_len & 0xFF;
+
+ if( mki_len != 0 )
+ {
+ memcpy( p, ssl->dtls_srtp_info.mki_value, mki_len );
+ /*
+ * Increment p to point to the current position.
+ */
+ p += mki_len;
+ MBEDTLS_SSL_DEBUG_BUF( 3, "sending mki", ssl->dtls_srtp_info.mki_value,
+ ssl->dtls_srtp_info.mki_len );
+ }
+
+ /*
+ * total extension length: extension type (2 bytes)
+ * + extension length (2 bytes)
+ * + protection profile length (2 bytes)
+ * + 2 * number of protection profiles
+ * + srtp_mki vector length(1 byte)
+ * + mki value
+ */
+ *olen = p - buf;
+
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* Generate random bytes for ClientHello
*/
@@ -1277,6 +1397,16 @@
ext_len += olen;
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ if( ( ret = ssl_write_use_srtp_ext( ssl, p + 2 + ext_len,
+ end, &olen ) ) != 0 )
+ {
+ MBEDTLS_SSL_DEBUG_RET( 1, "ssl_write_use_srtp_ext", ret );
+ return( ret );
+ }
+ ext_len += olen;
+#endif
+
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
if( ( ret = ssl_write_session_ticket_ext( ssl, p + 2 + ext_len,
end, &olen ) ) != 0 )
@@ -1710,6 +1840,123 @@
}
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len )
+{
+ mbedtls_ssl_srtp_profile server_protection = MBEDTLS_TLS_SRTP_UNSET;
+ size_t i, mki_len = 0;
+ uint16_t server_protection_profile_value = 0;
+
+ /* If use_srtp is not configured, just ignore the extension */
+ if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
+ ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
+ ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
+ return( 0 );
+
+ /* RFC 5764 section 4.1.1
+ * uint8 SRTPProtectionProfile[2];
+ *
+ * struct {
+ * SRTPProtectionProfiles SRTPProtectionProfiles;
+ * opaque srtp_mki<0..255>;
+ * } UseSRTPData;
+
+ * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+ *
+ */
+ if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
+ {
+ mki_len = ssl->dtls_srtp_info.mki_len;
+ }
+
+ /*
+ * Length is 5 + optional mki_value : one protection profile length (2 bytes)
+ * + protection profile (2 bytes)
+ * + mki_len(1 byte)
+ * and optional srtp_mki
+ */
+ if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) )
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+
+ /*
+ * get the server protection profile
+ */
+
+ /*
+ * protection profile length must be 0x0002 as we must have only
+ * one protection profile in server Hello
+ */
+ if( ( buf[0] != 0 ) || ( buf[1] != 2 ) )
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+
+ server_protection_profile_value = ( buf[2] << 8 ) | buf[3];
+ server_protection = mbedtls_ssl_check_srtp_profile_value(
+ server_protection_profile_value );
+ if( server_protection != MBEDTLS_TLS_SRTP_UNSET )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s",
+ mbedtls_ssl_get_srtp_profile_as_string(
+ server_protection ) ) );
+ }
+
+ ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
+
+ /*
+ * Check we have the server profile in our list
+ */
+ for( i=0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
+ {
+ if( server_protection == ssl->conf->dtls_srtp_profile_list[i] )
+ {
+ ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s",
+ mbedtls_ssl_get_srtp_profile_as_string(
+ server_protection ) ) );
+ break;
+ }
+ }
+
+ /* If no match was found : server problem, it shall never answer with incompatible profile */
+ if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET )
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+
+ /* If server does not use mki in its reply, make sure the client won't keep
+ * one as negotiated */
+ if( len == 5 )
+ {
+ ssl->dtls_srtp_info.mki_len = 0;
+ }
+
+ /*
+ * RFC5764:
+ * If the client detects a nonzero-length MKI in the server's response
+ * that is different than the one the client offered, then the client
+ * MUST abort the handshake and SHOULD send an invalid_parameter alert.
+ */
+ if( len > 5 && ( buf[4] != mki_len ||
+ ( memcmp( ssl->dtls_srtp_info.mki_value, &buf[5], mki_len ) ) ) )
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER );
+ return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO );
+ }
+#if defined (MBEDTLS_DEBUG_C)
+ if( len > 5 )
+ {
+ MBEDTLS_SSL_DEBUG_BUF( 3, "received mki", ssl->dtls_srtp_info.mki_value,
+ ssl->dtls_srtp_info.mki_len );
+ }
+#endif
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* Parse HelloVerifyRequest. Only called after verifying the HS type.
*/
@@ -2278,6 +2525,16 @@
break;
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ case MBEDTLS_TLS_EXT_USE_SRTP:
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) );
+
+ if( ( ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size ) ) != 0 )
+ return( ret );
+
+ break;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
default:
MBEDTLS_SSL_DEBUG_MSG( 3,
( "unknown extension found: %d (ignoring)", ext_id ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 2e63fce..070a591 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -776,6 +776,126 @@
}
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
+ const unsigned char *buf,
+ size_t len )
+{
+ mbedtls_ssl_srtp_profile client_protection = MBEDTLS_TLS_SRTP_UNSET;
+ size_t i,j;
+ size_t profile_length;
+ uint16_t mki_length;
+ /*! 2 bytes for profile length and 1 byte for mki len */
+ const size_t size_of_lengths = 3;
+
+ /* If use_srtp is not configured, just ignore the extension */
+ if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
+ ( ssl->conf->dtls_srtp_profile_list == NULL ) ||
+ ( ssl->conf->dtls_srtp_profile_list_len == 0 ) )
+ {
+ return( 0 );
+ }
+
+ /* RFC5764 section 4.1.1
+ * uint8 SRTPProtectionProfile[2];
+ *
+ * struct {
+ * SRTPProtectionProfiles SRTPProtectionProfiles;
+ * opaque srtp_mki<0..255>;
+ * } UseSRTPData;
+
+ * SRTPProtectionProfile SRTPProtectionProfiles<2..2^16-1>;
+ */
+
+ /*
+ * Min length is 5: at least one protection profile(2 bytes)
+ * and length(2 bytes) + srtp_mki length(1 byte)
+ * Check here that we have at least 2 bytes of protection profiles length
+ * and one of srtp_mki length
+ */
+ if( len < size_of_lengths )
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
+
+ ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET;
+
+ /* first 2 bytes are protection profile length(in bytes) */
+ profile_length = ( buf[0] << 8 ) | buf[1];
+ buf += 2;
+
+ /* The profile length cannot be bigger than input buffer size - lengths fields */
+ if( profile_length > len - size_of_lengths ||
+ profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
+ /*
+ * parse the extension list values are defined in
+ * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml
+ */
+ for( j = 0; j < profile_length; j += 2 )
+ {
+ uint16_t protection_profile_value = buf[j] << 8 | buf[j + 1];
+ client_protection = mbedtls_ssl_check_srtp_profile_value( protection_profile_value );
+
+ if( client_protection != MBEDTLS_TLS_SRTP_UNSET )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "found srtp profile: %s",
+ mbedtls_ssl_get_srtp_profile_as_string(
+ client_protection ) ) );
+ }
+ else
+ {
+ continue;
+ }
+ /* check if suggested profile is in our list */
+ for( i = 0; i < ssl->conf->dtls_srtp_profile_list_len; i++)
+ {
+ if( client_protection == ssl->conf->dtls_srtp_profile_list[i] )
+ {
+ ssl->dtls_srtp_info.chosen_dtls_srtp_profile = ssl->conf->dtls_srtp_profile_list[i];
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "selected srtp profile: %s",
+ mbedtls_ssl_get_srtp_profile_as_string(
+ client_protection ) ) );
+ break;
+ }
+ }
+ if( ssl->dtls_srtp_info.chosen_dtls_srtp_profile != MBEDTLS_TLS_SRTP_UNSET )
+ break;
+ }
+ buf += profile_length; /* buf points to the mki length */
+ mki_length = *buf;
+ buf++;
+
+ if( mki_length > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH ||
+ mki_length + profile_length + size_of_lengths != len )
+ {
+ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
+ MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
+ return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO );
+ }
+
+ /* Parse the mki only if present and mki is supported locally */
+ if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED &&
+ mki_length > 0 )
+ {
+ ssl->dtls_srtp_info.mki_len = mki_length;
+
+ memcpy( ssl->dtls_srtp_info.mki_value, buf, mki_length );
+
+ MBEDTLS_SSL_DEBUG_BUF( 3, "using mki", ssl->dtls_srtp_info.mki_value,
+ ssl->dtls_srtp_info.mki_len );
+ }
+
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
/*
* Auxiliary functions for ServerHello parsing and related actions
*/
@@ -1942,6 +2062,16 @@
break;
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ case MBEDTLS_TLS_EXT_USE_SRTP:
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "found use_srtp extension" ) );
+
+ ret = ssl_parse_use_srtp_ext( ssl, ext + 4, ext_size );
+ if( ret != 0 )
+ return( ret );
+ break;
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
default:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)",
ext_id ) );
@@ -2500,6 +2630,78 @@
}
#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */
+#if defined(MBEDTLS_SSL_DTLS_SRTP ) && defined(MBEDTLS_SSL_PROTO_DTLS)
+static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
+ unsigned char *buf,
+ size_t *olen )
+{
+ size_t mki_len = 0, ext_len = 0;
+ uint16_t profile_value = 0;
+ const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN;
+
+ *olen = 0;
+
+ if( ( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ||
+ ( ssl->dtls_srtp_info.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) )
+ {
+ return;
+ }
+
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding use_srtp extension" ) );
+
+ if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED )
+ {
+ mki_len = ssl->dtls_srtp_info.mki_len;
+ }
+
+ /* The extension total size is 9 bytes :
+ * - 2 bytes for the extension tag
+ * - 2 bytes for the total size
+ * - 2 bytes for the protection profile length
+ * - 2 bytes for the protection profile
+ * - 1 byte for the mki length
+ * + the actual mki length
+ * Check we have enough room in the output buffer */
+ if( (size_t)( end - buf ) < mki_len + 9 )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) );
+ return;
+ }
+
+ /* extension */
+ buf[0] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP >> 8 ) & 0xFF );
+ buf[1] = (unsigned char)( ( MBEDTLS_TLS_EXT_USE_SRTP ) & 0xFF );
+ /*
+ * total length 5 and mki value: only one profile(2 bytes)
+ * and length(2 bytes) and srtp_mki )
+ */
+ ext_len = 5 + mki_len;
+ buf[2] = (unsigned char)( ( ext_len >> 8 ) & 0xFF );
+ buf[3] = (unsigned char)( ext_len & 0xFF );
+
+ /* protection profile length: 2 */
+ buf[4] = 0x00;
+ buf[5] = 0x02;
+ profile_value = mbedtls_ssl_check_srtp_profile_value(
+ ssl->dtls_srtp_info.chosen_dtls_srtp_profile );
+ if( profile_value != MBEDTLS_TLS_SRTP_UNSET )
+ {
+ buf[6] = (unsigned char)( ( profile_value >> 8 ) & 0xFF );
+ buf[7] = (unsigned char)( profile_value & 0xFF );
+ }
+ else
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "use_srtp extension invalid profile" ) );
+ return;
+ }
+
+ buf[8] = mki_len & 0xFF;
+ memcpy( &buf[9], ssl->dtls_srtp_info.mki_value, mki_len );
+
+ *olen = 9 + mki_len;
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
{
@@ -2788,6 +2990,11 @@
ext_len += olen;
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ ssl_write_use_srtp_ext( ssl, p + 2 + ext_len, &olen );
+ ext_len += olen;
+#endif
+
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", ext_len ) );
if( ext_len > 0 )
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 34953f2..7cb5b8c 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3859,6 +3859,10 @@
mbedtls_ssl_reset_in_out_pointers( ssl );
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ memset( &ssl->dtls_srtp_info, 0, sizeof(ssl->dtls_srtp_info) );
+#endif
+
if( ( ret = ssl_handshake_init( ssl ) ) != 0 )
goto error;
@@ -4685,6 +4689,86 @@
}
#endif /* MBEDTLS_SSL_ALPN */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
+ int support_mki_value )
+{
+ conf->dtls_srtp_mki_support = support_mki_value;
+}
+
+int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
+ unsigned char *mki_value,
+ uint16_t mki_len )
+{
+ if( mki_len > MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH )
+ {
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+
+ if( ssl->conf->dtls_srtp_mki_support == MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED )
+ {
+ return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
+ }
+
+ memcpy( ssl->dtls_srtp_info.mki_value, mki_value, mki_len );
+ ssl->dtls_srtp_info.mki_len = mki_len;
+ return( 0 );
+}
+
+int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,
+ const mbedtls_ssl_srtp_profile *profiles )
+{
+ const mbedtls_ssl_srtp_profile *p;
+ size_t list_size = 0;
+
+ /* check the profiles list: all entry must be valid,
+ * its size cannot be more than the total number of supported profiles, currently 4 */
+ for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET &&
+ list_size <= MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH;
+ p++ )
+ {
+ if( mbedtls_ssl_check_srtp_profile_value( *p ) != MBEDTLS_TLS_SRTP_UNSET )
+ {
+ list_size++;
+ }
+ else
+ {
+ /* unsupported value, stop parsing and set the size to an error value */
+ list_size = MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH + 1;
+ }
+ }
+
+ if( list_size > MBEDTLS_TLS_SRTP_MAX_PROFILE_LIST_LENGTH )
+ {
+ conf->dtls_srtp_profile_list = NULL;
+ conf->dtls_srtp_profile_list_len = 0;
+ return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
+ }
+
+ conf->dtls_srtp_profile_list = profiles;
+ conf->dtls_srtp_profile_list_len = list_size;
+
+ return( 0 );
+}
+
+void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl,
+ mbedtls_dtls_srtp_info *dtls_srtp_info )
+{
+ dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile;
+ /* do not copy the mki value if there is no chosen profile */
+ if( dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET )
+ {
+ dtls_srtp_info->mki_len = 0;
+ }
+ else
+ {
+ dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len;
+ memcpy( dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value,
+ ssl->dtls_srtp_info.mki_len );
+ }
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
void mbedtls_ssl_conf_max_version( mbedtls_ssl_config *conf, int major, int minor )
{
conf->max_major_ver = major;
diff --git a/library/version_features.c b/library/version_features.c
index 478d8fa..42ccaf9 100644
--- a/library/version_features.c
+++ b/library/version_features.c
@@ -534,6 +534,9 @@
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
"MBEDTLS_SSL_DTLS_HELLO_VERIFY",
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ "MBEDTLS_SSL_DTLS_SRTP",
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
"MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE",
#endif /* MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE */
@@ -576,6 +579,9 @@
#if defined(MBEDTLS_USE_PSA_CRYPTO)
"MBEDTLS_USE_PSA_CRYPTO",
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+ "MBEDTLS_PSA_CRYPTO_CONFIG",
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
#if defined(MBEDTLS_VERSION_FEATURES)
"MBEDTLS_VERSION_FEATURES",
#endif /* MBEDTLS_VERSION_FEATURES */
diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt
index 2309789..6b8ce2a 100644
--- a/programs/aes/CMakeLists.txt
+++ b/programs/aes/CMakeLists.txt
@@ -5,7 +5,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
endforeach()
install(TARGETS ${executables}
diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt
index e2b0eac..f0e5705 100644
--- a/programs/fuzz/CMakeLists.txt
+++ b/programs/fuzz/CMakeLists.txt
@@ -1,5 +1,5 @@
set(libs
- mbedtls
+ ${mbedtls_target}
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -36,7 +36,7 @@
if (NOT FUZZINGENGINE_LIB)
target_link_libraries(${exe} ${libs})
- target_sources(${exe} PRIVATE onefile.c)
+ set_property(TARGET ${exe} APPEND PROPERTY SOURCES onefile.c)
else()
target_link_libraries(${exe} ${libs} FuzzingEngine)
SET_TARGET_PROPERTIES(${exe} PROPERTIES LINKER_LANGUAGE CXX)
@@ -45,7 +45,7 @@
# This emulates "if ( ... IN_LIST ... )" which becomes available in CMake 3.3
list(FIND executables_with_common_c ${exe} exe_index)
if (${exe_index} GREATER -1)
- target_sources(${exe} PRIVATE common.c)
+ set_property(TARGET ${exe} APPEND PROPERTY SOURCES common.c)
endif()
endforeach()
diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt
index ae29479..b2f2a1f 100644
--- a/programs/hash/CMakeLists.txt
+++ b/programs/hash/CMakeLists.txt
@@ -5,7 +5,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
endforeach()
install(TARGETS ${executables}
diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt
index b4b3d30..9c6fe7d 100644
--- a/programs/pkey/CMakeLists.txt
+++ b/programs/pkey/CMakeLists.txt
@@ -5,7 +5,7 @@
foreach(exe IN LISTS executables_mbedtls)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedtls)
+ target_link_libraries(${exe} ${mbedtls_target})
endforeach()
set(executables_mbedcrypto
@@ -31,7 +31,7 @@
foreach(exe IN LISTS executables_mbedcrypto)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
endforeach()
install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto}
diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt
index 5cbcf71..23e85fe 100644
--- a/programs/psa/CMakeLists.txt
+++ b/programs/psa/CMakeLists.txt
@@ -6,7 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt
index 95acb7e..8df8365 100644
--- a/programs/random/CMakeLists.txt
+++ b/programs/random/CMakeLists.txt
@@ -6,7 +6,7 @@
foreach(exe IN LISTS executables)
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>)
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
endforeach()
install(TARGETS ${executables}
diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt
index 28fbfc5..149aa30 100644
--- a/programs/ssl/CMakeLists.txt
+++ b/programs/ssl/CMakeLists.txt
@@ -2,7 +2,7 @@
find_package(Threads)
set(libs
- mbedtls
+ ${mbedtls_target}
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -32,8 +32,8 @@
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
endforeach()
-target_sources(ssl_client2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
-target_sources(ssl_server2 PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_client2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
+set_property(TARGET ssl_server2 APPEND PROPERTY SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../test/query_config.c)
if(THREADS_FOUND)
add_executable(ssl_pthread_server ssl_pthread_server.c $<TARGET_OBJECTS:mbedtls_test>)
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index b9047df..54cdd7d 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -150,6 +150,9 @@
#define DFL_NSS_KEYLOG_FILE NULL
#define DFL_SKIP_CLOSE_NOTIFY 0
#define DFL_QUERY_CONFIG_MODE 0
+#define DFL_USE_SRTP 0
+#define DFL_SRTP_FORCE_PROFILE 0
+#define DFL_SRTP_MKI ""
#define GET_REQUEST "GET %s HTTP/1.0\r\nExtra-header: "
#define GET_REQUEST_END "\r\n\r\n"
@@ -254,10 +257,26 @@
" This cannot be used with eap_tls=1\n"
#define USAGE_NSS_KEYLOG_FILE \
" nss_keylog_file=%%s\n"
-#else
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+#define USAGE_SRTP \
+ " use_srtp=%%d default: 0 (disabled)\n" \
+ " This cannot be used with eap_tls=1 or "\
+ " nss_keylog=1\n" \
+ " srtp_force_profile=%%d default: 0 (all enabled)\n" \
+ " available profiles:\n" \
+ " 1 - SRTP_AES128_CM_HMAC_SHA1_80\n" \
+ " 2 - SRTP_AES128_CM_HMAC_SHA1_32\n" \
+ " 3 - SRTP_NULL_HMAC_SHA1_80\n" \
+ " 4 - SRTP_NULL_HMAC_SHA1_32\n" \
+ " mki=%%s default: \"\" (in hex, without 0x)\n"
+#else /* MBEDTLS_SSL_DTLS_SRTP */
+#define USAGE_SRTP ""
+#endif
+#else /* MBEDTLS_SSL_EXPORT_KEYS */
#define USAGE_EAP_TLS ""
#define USAGE_NSS_KEYLOG ""
#define USAGE_NSS_KEYLOG_FILE ""
+#define USAGE_SRTP ""
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
@@ -407,6 +426,7 @@
"\n" \
USAGE_DTLS \
USAGE_CID \
+ USAGE_SRTP \
"\n"
#define USAGE2 \
" auth_mode=%%s default: (library default: none)\n" \
@@ -541,6 +561,9 @@
int reproducible; /* make communication reproducible */
int skip_close_notify; /* skip sending the close_notify alert */
int query_config_mode; /* whether to read config */
+ int use_srtp; /* Support SRTP */
+ int force_srtp_profile; /* SRTP protection profile to use or all */
+ const char *mki; /* The dtls mki value to use */
} opt;
int query_config( const char *config );
@@ -655,7 +678,49 @@
sizeof( nss_keylog_line ) );
return( ret );
}
-#endif
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+/* Supported SRTP mode needs a maximum of :
+ * - 16 bytes for key (AES-128)
+ * - 14 bytes SALT
+ * One for sender, one for receiver context
+ */
+#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
+typedef struct dtls_srtp_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} dtls_srtp_keys;
+
+static int dtls_srtp_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
+ mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
+ mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
static void my_debug( void *ctx, int level,
const char *file, int line,
@@ -1134,6 +1199,10 @@
mbedtls_ecp_group_id curve_list[CURVE_LIST_SIZE];
const mbedtls_ecp_curve_info *curve_cur;
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ unsigned char mki[MBEDTLS_TLS_SRTP_MAX_MKI_LENGTH];
+ size_t mki_len=0;
+#endif
const char *pers = "ssl_client2";
@@ -1177,7 +1246,20 @@
unsigned char eap_tls_iv[8];
const char* eap_tls_label = "client EAP encryption";
eap_tls_keys eap_tls_keying;
-#endif
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ /*! master keys and master salt for SRTP generated during handshake */
+ unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
+ const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
+ dtls_srtp_keys dtls_srtp_keying;
+ const mbedtls_ssl_srtp_profile default_profiles[] = {
+ MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
+ MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
+ MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
+ MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
+ MBEDTLS_TLS_SRTP_UNSET
+ };
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -1304,6 +1386,9 @@
opt.nss_keylog_file = DFL_NSS_KEYLOG_FILE;
opt.skip_close_notify = DFL_SKIP_CLOSE_NOTIFY;
opt.query_config_mode = DFL_QUERY_CONFIG_MODE;
+ opt.use_srtp = DFL_USE_SRTP;
+ opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE;
+ opt.mki = DFL_SRTP_MKI;
for( i = 1; i < argc; i++ )
{
@@ -1730,6 +1815,18 @@
if( opt.skip_close_notify < 0 || opt.skip_close_notify > 1 )
goto usage;
}
+ else if( strcmp( p, "use_srtp" ) == 0 )
+ {
+ opt.use_srtp = atoi ( q );
+ }
+ else if( strcmp( p, "srtp_force_profile" ) == 0 )
+ {
+ opt.force_srtp_profile = atoi( q );
+ }
+ else if( strcmp( p, "mki" ) == 0 )
+ {
+ opt.mki = q;
+ }
else
goto usage;
}
@@ -1837,7 +1934,6 @@
opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED;
}
-
#if defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_opaque != 0 )
{
@@ -2240,6 +2336,36 @@
}
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ if( opt.use_srtp == 1 )
+ {
+ if( opt.force_srtp_profile != 0 )
+ {
+ const mbedtls_ssl_srtp_profile forced_profile[] =
+ { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
+ ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile );
+ }
+ else
+ {
+ ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles );
+ }
+
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! "
+ "mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n",
+ ret );
+ goto exit;
+ }
+
+ }
+ else if( opt.force_srtp_profile != 0 )
+ {
+ mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" );
+ goto exit;
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
@@ -2267,7 +2393,14 @@
nss_keylog_export,
NULL );
}
-#endif
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
+ &dtls_srtp_keying );
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING)
if( opt.recsplit != DFL_RECSPLIT )
@@ -2476,6 +2609,26 @@
mbedtls_ecp_set_max_ops( opt.ec_max_ops );
#endif
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ if( opt.use_srtp != 0 && strlen( opt.mki ) != 0 )
+ {
+ if( mbedtls_test_unhexify( mki, sizeof( mki ),
+ opt.mki,&mki_len ) != 0 )
+ {
+ mbedtls_printf( "mki value not valid hex\n" );
+ goto exit;
+ }
+
+ mbedtls_ssl_conf_srtp_mki_value_supported( &conf, MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED );
+ if( ( ret = mbedtls_ssl_dtls_srtp_set_mki_value( &ssl, mki,
+ (uint16_t) strlen( opt.mki ) / 2 ) ) != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_dtls_srtp_set_mki_value returned %d\n\n", ret );
+ goto exit;
+ }
+ }
+#endif
+
mbedtls_printf( " ok\n" );
/*
@@ -2597,7 +2750,74 @@
}
mbedtls_printf("\n");
}
-#endif
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ size_t j = 0;
+ mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
+ mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result );
+
+ if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
+ == MBEDTLS_TLS_SRTP_UNSET )
+ {
+ mbedtls_printf( " Unable to negotiate "
+ "the use of DTLS-SRTP\n" );
+ }
+ else
+ {
+ if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type,
+ dtls_srtp_keying.master_secret,
+ sizeof( dtls_srtp_keying.master_secret ),
+ dtls_srtp_label,
+ dtls_srtp_keying.randbytes,
+ sizeof( dtls_srtp_keying.randbytes ),
+ dtls_srtp_key_material,
+ sizeof( dtls_srtp_key_material ) ) )
+ != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " DTLS-SRTP key material is:" );
+ for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
+ {
+ if( j % 8 == 0 )
+ mbedtls_printf( "\n " );
+ mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
+ }
+ mbedtls_printf( "\n" );
+
+ /* produce a less readable output used to perform automatic checks
+ * - compare client and server output
+ * - interop test with openssl which client produces this kind of output
+ */
+ mbedtls_printf( " Keying material: " );
+ for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
+ {
+ mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
+ }
+ mbedtls_printf( "\n" );
+
+ if ( dtls_srtp_negotiation_result.mki_len > 0 )
+ {
+ mbedtls_printf( " DTLS-SRTP mki value: " );
+ for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ )
+ {
+ mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] );
+ }
+ }
+ else
+ {
+ mbedtls_printf( " DTLS-SRTP no mki value negotiated" );
+ }
+ mbedtls_printf( "\n" );
+ }
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
if( opt.reconnect != 0 )
{
mbedtls_printf(" . Saving session for reuse..." );
diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index a98aec1..ec3d6ad 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c
@@ -183,6 +183,9 @@
#define DFL_NSS_KEYLOG 0
#define DFL_NSS_KEYLOG_FILE NULL
#define DFL_QUERY_CONFIG_MODE 0
+#define DFL_USE_SRTP 0
+#define DFL_SRTP_FORCE_PROFILE 0
+#define DFL_SRTP_SUPPORT_MKI 0
#define LONG_RESPONSE "<p>01-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
"02-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah-blah\r\n" \
@@ -325,10 +328,24 @@
" This cannot be used with eap_tls=1\n"
#define USAGE_NSS_KEYLOG_FILE \
" nss_keylog_file=%%s\n"
-#else
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+#define USAGE_SRTP \
+ " use_srtp=%%d default: 0 (disabled)\n" \
+ " srtp_force_profile=%%d default: 0 (all enabled)\n" \
+ " available profiles:\n" \
+ " 1 - SRTP_AES128_CM_HMAC_SHA1_80\n" \
+ " 2 - SRTP_AES128_CM_HMAC_SHA1_32\n" \
+ " 3 - SRTP_NULL_HMAC_SHA1_80\n" \
+ " 4 - SRTP_NULL_HMAC_SHA1_32\n" \
+ " support_mki=%%d default: 0 (not supported)\n"
+#else /* MBEDTLS_SSL_DTLS_SRTP */
+#define USAGE_SRTP ""
+#endif
+#else /* MBEDTLS_SSL_EXPORT_KEYS */
#define USAGE_EAP_TLS ""
#define USAGE_NSS_KEYLOG ""
#define USAGE_NSS_KEYLOG_FILE ""
+#define USAGE_SRTP ""
#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_CACHE_C)
@@ -490,6 +507,7 @@
" read_timeout=%%d default: 0 ms (no timeout)\n" \
"\n" \
USAGE_DTLS \
+ USAGE_SRTP \
USAGE_COOKIES \
USAGE_ANTI_REPLAY \
USAGE_BADMAC_LIMIT \
@@ -645,6 +663,9 @@
* after renegotiation */
int reproducible; /* make communication reproducible */
int query_config_mode; /* whether to read config */
+ int use_srtp; /* Support SRTP */
+ int force_srtp_profile; /* SRTP protection profile to use or all */
+ int support_mki; /* The dtls mki mki support */
} opt;
int query_config( const char *config );
@@ -760,7 +781,49 @@
return( ret );
}
-#endif
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+/* Supported SRTP mode needs a maximum of :
+ * - 16 bytes for key (AES-128)
+ * - 14 bytes SALT
+ * One for sender, one for receiver context
+ */
+#define MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH 60
+typedef struct dtls_srtp_keys
+{
+ unsigned char master_secret[48];
+ unsigned char randbytes[64];
+ mbedtls_tls_prf_types tls_prf_type;
+} dtls_srtp_keys;
+
+static int dtls_srtp_key_derivation( void *p_expkey,
+ const unsigned char *ms,
+ const unsigned char *kb,
+ size_t maclen,
+ size_t keylen,
+ size_t ivlen,
+ const unsigned char client_random[32],
+ const unsigned char server_random[32],
+ mbedtls_tls_prf_types tls_prf_type )
+{
+ dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
+
+ ( ( void ) kb );
+ memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
+ memcpy( keys->randbytes, client_random, 32 );
+ memcpy( keys->randbytes + 32, server_random, 32 );
+ keys->tls_prf_type = tls_prf_type;
+
+ if( opt.debug_level > 2 )
+ {
+ mbedtls_printf( "exported maclen is %u\n", (unsigned) maclen );
+ mbedtls_printf( "exported keylen is %u\n", (unsigned) keylen );
+ mbedtls_printf( "exported ivlen is %u\n", (unsigned) ivlen );
+ }
+ return( 0 );
+}
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
static void my_debug( void *ctx, int level,
const char *file, int line,
@@ -1792,7 +1855,6 @@
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
unsigned char alloc_buf[MEMORY_HEAP_SIZE];
#endif
-
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX];
unsigned char cid_renego[MBEDTLS_SSL_CID_IN_LEN_MAX];
@@ -1815,7 +1877,20 @@
unsigned char eap_tls_iv[8];
const char* eap_tls_label = "client EAP encryption";
eap_tls_keys eap_tls_keying;
-#endif
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ /*! master keys and master salt for SRTP generated during handshake */
+ unsigned char dtls_srtp_key_material[MBEDTLS_TLS_SRTP_MAX_KEY_MATERIAL_LENGTH];
+ const char* dtls_srtp_label = "EXTRACTOR-dtls_srtp";
+ dtls_srtp_keys dtls_srtp_keying;
+ const mbedtls_ssl_srtp_profile default_profiles[] = {
+ MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
+ MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
+ MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
+ MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
+ MBEDTLS_TLS_SRTP_UNSET
+ };
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
mbedtls_memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
@@ -1976,6 +2051,9 @@
opt.nss_keylog = DFL_NSS_KEYLOG;
opt.nss_keylog_file = DFL_NSS_KEYLOG_FILE;
opt.query_config_mode = DFL_QUERY_CONFIG_MODE;
+ opt.use_srtp = DFL_USE_SRTP;
+ opt.force_srtp_profile = DFL_SRTP_FORCE_PROFILE;
+ opt.support_mki = DFL_SRTP_SUPPORT_MKI;
for( i = 1; i < argc; i++ )
{
@@ -2424,6 +2502,18 @@
{
opt.nss_keylog_file = q;
}
+ else if( strcmp( p, "use_srtp" ) == 0 )
+ {
+ opt.use_srtp = atoi ( q );
+ }
+ else if( strcmp( p, "srtp_force_profile" ) == 0 )
+ {
+ opt.force_srtp_profile = atoi( q );
+ }
+ else if( strcmp( p, "support_mki" ) == 0 )
+ {
+ opt.support_mki = atoi( q );
+ }
else
goto usage;
}
@@ -3028,7 +3118,7 @@
{
mbedtls_printf( " failed\n ! mbedtls_ssl_conf_max_frag_len returned %d\n\n", ret );
goto exit;
- };
+ }
#endif
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@@ -3058,6 +3148,38 @@
}
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ if( opt.use_srtp == 1 )
+ {
+ if( opt.force_srtp_profile != 0 )
+ {
+ const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
+ ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile );
+ }
+ else
+ {
+ ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, default_profiles );
+ }
+
+ if( ret != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_conf_dtls_srtp_protection_profiles returned %d\n\n", ret );
+ goto exit;
+ }
+
+ mbedtls_ssl_conf_srtp_mki_value_supported( &conf,
+ opt.support_mki ?
+ MBEDTLS_SSL_DTLS_SRTP_MKI_SUPPORTED :
+ MBEDTLS_SSL_DTLS_SRTP_MKI_UNSUPPORTED );
+
+ }
+ else if( opt.force_srtp_profile != 0 )
+ {
+ mbedtls_printf( " failed\n ! must enable use_srtp to force srtp profile\n\n" );
+ goto exit;
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
if( opt.trunc_hmac != DFL_TRUNC_HMAC )
mbedtls_ssl_conf_truncated_hmac( &conf, opt.trunc_hmac );
@@ -3085,7 +3207,14 @@
nss_keylog_export,
NULL );
}
-#endif
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ mbedtls_ssl_conf_export_keys_ext_cb( &conf, dtls_srtp_key_derivation,
+ &dtls_srtp_keying );
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_ALPN)
if( opt.alpn_string != NULL )
@@ -3731,7 +3860,75 @@
}
mbedtls_printf("\n");
}
-#endif
+
+#if defined( MBEDTLS_SSL_DTLS_SRTP )
+ else if( opt.use_srtp != 0 )
+ {
+ size_t j = 0;
+ mbedtls_dtls_srtp_info dtls_srtp_negotiation_result;
+ mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result );
+
+ if( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile
+ == MBEDTLS_TLS_SRTP_UNSET )
+ {
+ mbedtls_printf( " Unable to negotiate "
+ "the use of DTLS-SRTP\n" );
+ }
+ else
+ {
+ if( ( ret = mbedtls_ssl_tls_prf( dtls_srtp_keying.tls_prf_type,
+ dtls_srtp_keying.master_secret,
+ sizeof( dtls_srtp_keying.master_secret ),
+ dtls_srtp_label,
+ dtls_srtp_keying.randbytes,
+ sizeof( dtls_srtp_keying.randbytes ),
+ dtls_srtp_key_material,
+ sizeof( dtls_srtp_key_material ) ) )
+ != 0 )
+ {
+ mbedtls_printf( " failed\n ! mbedtls_ssl_tls_prf returned -0x%x\n\n",
+ (unsigned int) -ret );
+ goto exit;
+ }
+
+ mbedtls_printf( " DTLS-SRTP key material is:" );
+ for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
+ {
+ if( j % 8 == 0 )
+ mbedtls_printf( "\n " );
+ mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
+ }
+ mbedtls_printf( "\n" );
+
+ /* produce a less readable output used to perform automatic checks
+ * - compare client and server output
+ * - interop test with openssl which client produces this kind of output
+ */
+ mbedtls_printf( " Keying material: " );
+ for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
+ {
+ mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
+ }
+ mbedtls_printf( "\n" );
+
+ if ( dtls_srtp_negotiation_result.mki_len > 0 )
+ {
+ mbedtls_printf( " DTLS-SRTP mki value: " );
+ for( j = 0; j < dtls_srtp_negotiation_result.mki_len; j++ )
+ {
+ mbedtls_printf( "%02X", dtls_srtp_negotiation_result.mki_value[j] );
+ }
+ }
+ else
+ {
+ mbedtls_printf( " DTLS-SRTP no mki value negotiated" );
+ }
+ mbedtls_printf( "\n" );
+
+ }
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+#endif /* MBEDTLS_SSL_EXPORT_KEYS */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
ret = report_cid_usage( &ssl, "initial handshake" );
diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt
index 0df0bec..49b44e7 100644
--- a/programs/test/CMakeLists.txt
+++ b/programs/test/CMakeLists.txt
@@ -1,5 +1,5 @@
set(libs
- mbedtls
+ ${mbedtls_target}
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -33,11 +33,12 @@
if (${exe_index} GREATER -1)
target_link_libraries(${exe} ${libs})
else()
- target_link_libraries(${exe} mbedcrypto)
+ target_link_libraries(${exe} ${mbedcrypto_target})
endif()
endforeach()
-target_sources(query_compile_time_config PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
+set_property(TARGET query_compile_time_config APPEND PROPERTY SOURCES
+ ${CMAKE_CURRENT_SOURCE_DIR}/query_config.c)
install(TARGETS ${executables_libs} ${executables_mbedcrypto}
DESTINATION "bin"
diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt
index 3e32c5f..a9fcfde 100644
--- a/programs/test/cmake_subproject/CMakeLists.txt
+++ b/programs/test/cmake_subproject/CMakeLists.txt
@@ -1,5 +1,8 @@
cmake_minimum_required(VERSION 2.6)
+# Test the target renaming support by adding a prefix to the targets built
+set(MBEDTLS_TARGET_PREFIX subproject_test_)
+
# We use the parent Mbed TLS directory as the MBEDTLS_DIR for this test. Other
# projects that use Mbed TLS as a subproject are likely to add by their own
# relative paths.
@@ -8,11 +11,12 @@
# Add Mbed TLS as a subdirectory.
add_subdirectory(${MBEDTLS_DIR} build)
-# Link against all the Mbed TLS libraries.
+# Link against all the Mbed TLS libraries. Verifies that the targets have been
+# created using the specified prefix
set(libs
- mbedcrypto
- mbedx509
- mbedtls
+ subproject_test_mbedcrypto
+ subproject_test_mbedx509
+ subproject_test_mbedtls
)
add_executable(cmake_subproject cmake_subproject.c)
diff --git a/programs/test/cpp_dummy_build.cpp b/programs/test/cpp_dummy_build.cpp
index 09c5273..c69cd2b 100644
--- a/programs/test/cpp_dummy_build.cpp
+++ b/programs/test/cpp_dummy_build.cpp
@@ -109,6 +109,12 @@
#include "mbedtls/memory_buffer_alloc.h"
#endif
+#include "psa/crypto.h"
+#include "psa/crypto_se_driver.h"
+#include "psa/crypto_entropy_driver.h"
+#include "psa/crypto_accel_driver.h"
+#include "../library/psa_crypto_its.h"
+
int main()
{
mbedtls_platform_context *ctx = NULL;
diff --git a/programs/test/query_config.c b/programs/test/query_config.c
index 8873734..1345b11 100644
--- a/programs/test/query_config.c
+++ b/programs/test/query_config.c
@@ -1480,6 +1480,14 @@
}
#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY */
+#if defined(MBEDTLS_SSL_DTLS_SRTP)
+ if( strcmp( "MBEDTLS_SSL_DTLS_SRTP", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_DTLS_SRTP );
+ return( 0 );
+ }
+#endif /* MBEDTLS_SSL_DTLS_SRTP */
+
#if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE)
if( strcmp( "MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE", config ) == 0 )
{
@@ -1592,6 +1600,14 @@
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
+#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
+ if( strcmp( "MBEDTLS_PSA_CRYPTO_CONFIG", config ) == 0 )
+ {
+ MACRO_EXPANSION_TO_STR( MBEDTLS_PSA_CRYPTO_CONFIG );
+ return( 0 );
+ }
+#endif /* MBEDTLS_PSA_CRYPTO_CONFIG */
+
#if defined(MBEDTLS_VERSION_FEATURES)
if( strcmp( "MBEDTLS_VERSION_FEATURES", config ) == 0 )
{
diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt
index cb14a3e..2a11212 100644
--- a/programs/util/CMakeLists.txt
+++ b/programs/util/CMakeLists.txt
@@ -1,5 +1,5 @@
set(libs
- mbedcrypto
+ ${mbedcrypto_target}
)
set(executables
diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt
index f7b5fe1..29cbeb8 100644
--- a/programs/x509/CMakeLists.txt
+++ b/programs/x509/CMakeLists.txt
@@ -1,5 +1,5 @@
set(libs
- mbedx509
+ ${mbedx509_target}
)
if(USE_PKCS11_HELPER_LIBRARY)
@@ -23,7 +23,7 @@
target_link_libraries(${exe} ${libs})
endforeach()
-target_link_libraries(cert_app mbedtls)
+target_link_libraries(cert_app ${mbedtls_target})
install(TARGETS ${executables}
DESTINATION "bin"
diff --git a/scripts/config.py b/scripts/config.py
index 017bba0..6c29981 100755
--- a/scripts/config.py
+++ b/scripts/config.py
@@ -184,6 +184,7 @@
'MBEDTLS_NO_UDBL_DIVISION', # influences anything that uses bignum
'MBEDTLS_PKCS11_C', # build dependency (libpkcs11-helper)
'MBEDTLS_PLATFORM_NO_STD_FUNCTIONS', # removes a feature
+ 'MBEDTLS_PSA_CRYPTO_CONFIG', # toggles old/new style PSA config
'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM)
'MBEDTLS_PSA_INJECT_ENTROPY', # build dependency (hook functions)
'MBEDTLS_REMOVE_3DES_CIPHERSUITES', # removes a feature
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 7d85adb..f8ce925 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -1,5 +1,5 @@
set(libs
- mbedtls
+ ${mbedtls_target}
)
# Set the project root directory if it's not already defined, as may happen if
@@ -43,7 +43,7 @@
add_custom_command(
OUTPUT test_suite_${data_name}.c
COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o .
- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
+ DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py ${mbedtls_target} ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data
)
add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>)
diff --git a/tests/compat.sh b/tests/compat.sh
index 68b9f74..6e0a8f9 100755
--- a/tests/compat.sh
+++ b/tests/compat.sh
@@ -90,12 +90,12 @@
print_usage() {
echo "Usage: $0"
printf " -h|--help\tPrint this help.\n"
- printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')\n"
- printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')\n"
- printf " -m|--modes\tWhich modes to perform (Default: '$MODES')\n"
- printf " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')\n"
- printf " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')\n"
- printf " -p|--peers\tWhich peers to use (Default: '$PEERS')\n"
+ printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '%s')\n" "$FILTER"
+ printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '%s')\n" "$EXCLUDE"
+ printf " -m|--modes\tWhich modes to perform (Default: '%s')\n" "$MODES"
+ printf " -t|--types\tWhich key exchange type to perform (Default: '%s')\n" "$TYPES"
+ printf " -V|--verify\tWhich verification modes to perform (Default: '%s')\n" "$VERIFIES"
+ printf " -p|--peers\tWhich peers to use (Default: '%s')\n" "$PEERS"
printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
printf " -M|--memcheck\tCheck memory leaks and errors.\n"
printf " -v|--verbose\tSet verbose output.\n"
@@ -1107,7 +1107,7 @@
VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
TITLE="$TITLE $MODE,$VERIF $2"
- printf "$TITLE "
+ printf "%s " "$TITLE"
LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
diff --git a/tests/context-info.sh b/tests/context-info.sh
index 68614ff..3465298 100755
--- a/tests/context-info.sh
+++ b/tests/context-info.sh
@@ -438,10 +438,11 @@
# End of tests
+echo
if [ $T_FAILED -eq 0 ]; then
- printf "\nPASSED ( $T_COUNT tests )\n"
+ echo "PASSED ( $T_COUNT tests )"
else
- printf "\nFAILED ( $T_FAILED / $T_COUNT tests )\n"
+ echo "FAILED ( $T_FAILED / $T_COUNT tests )"
fi
exit $T_FAILED
diff --git a/tests/include/test/drivers/keygen.h b/tests/include/test/drivers/key_management.h
similarity index 61%
rename from tests/include/test/drivers/keygen.h
rename to tests/include/test/drivers/key_management.h
index b72c65c..56f3ef8 100644
--- a/tests/include/test/drivers/keygen.h
+++ b/tests/include/test/drivers/key_management.h
@@ -1,5 +1,5 @@
/*
- * Test driver for generating keys.
+ * Test driver for generating and verifying keys.
*/
/* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
@@ -17,8 +17,8 @@
* limitations under the License.
*/
-#ifndef PSA_CRYPTO_TEST_DRIVERS_KEYGEN_H
-#define PSA_CRYPTO_TEST_DRIVERS_KEYGEN_H
+#ifndef PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
+#define PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
@@ -36,18 +36,19 @@
/* If not PSA_SUCCESS, return this error code instead of processing the
* function call. */
psa_status_t forced_status;
- /* Count the amount of times one of the keygen driver functions is called. */
+ /* Count the amount of times one of the key management driver functions
+ * is called. */
unsigned long hits;
-} test_driver_keygen_hooks_t;
+} test_driver_key_management_hooks_t;
-#define TEST_DRIVER_KEYGEN_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
-static inline test_driver_keygen_hooks_t test_driver_keygen_hooks_init( void )
+#define TEST_DRIVER_KEY_MANAGEMENT_INIT { NULL, 0, PSA_ERROR_NOT_SUPPORTED, 0 }
+static inline test_driver_key_management_hooks_t test_driver_key_management_hooks_init( void )
{
- const test_driver_keygen_hooks_t v = TEST_DRIVER_KEYGEN_INIT;
+ const test_driver_key_management_hooks_t v = TEST_DRIVER_KEY_MANAGEMENT_INIT;
return( v );
}
-extern test_driver_keygen_hooks_t test_driver_keygen_hooks;
+extern test_driver_key_management_hooks_t test_driver_key_management_hooks;
psa_status_t test_transparent_generate_key(
const psa_key_attributes_t *attributes,
@@ -57,5 +58,10 @@
const psa_key_attributes_t *attributes,
uint8_t *key, size_t key_size, size_t *key_length );
+psa_status_t test_transparent_validate_key(const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ size_t *bits);
+
#endif /* PSA_CRYPTO_DRIVER_TEST */
-#endif /* PSA_CRYPTO_TEST_DRIVERS_KEYGEN_H */
+#endif /* PSA_CRYPTO_TEST_DRIVERS_KEY_MANAGEMENT_H */
diff --git a/tests/include/test/drivers/signature.h b/tests/include/test/drivers/signature.h
index e41892e..8abcb11 100644
--- a/tests/include/test/drivers/signature.h
+++ b/tests/include/test/drivers/signature.h
@@ -36,7 +36,7 @@
/* If not PSA_SUCCESS, return this error code instead of processing the
* function call. */
psa_status_t forced_status;
- /* Count the amount of times one of the keygen driver functions is called. */
+ /* Count the amount of times one of the signature driver functions is called. */
unsigned long hits;
} test_driver_signature_hooks_t;
diff --git a/tests/include/test/drivers/test_driver.h b/tests/include/test/drivers/test_driver.h
index ee59742..f26b795 100644
--- a/tests/include/test/drivers/test_driver.h
+++ b/tests/include/test/drivers/test_driver.h
@@ -23,7 +23,7 @@
#define PSA_CRYPTO_TEST_DRIVER_LIFETIME 0x7fffff
#include "test/drivers/signature.h"
-#include "test/drivers/keygen.h"
+#include "test/drivers/key_management.h"
#include "test/drivers/cipher.h"
#include "test/drivers/size.h"
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 0072d34..757a9ec 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -1290,6 +1290,51 @@
if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA'
}
+component_test_psa_crypto_config_basic() {
+ # full plus MBEDTLS_PSA_CRYPTO_CONFIG
+ msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG"
+ make test
+}
+
+component_test_psa_crypto_config_no_driver() {
+ # full plus MBEDTLS_PSA_CRYPTO_CONFIG
+ msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py unset MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -O2" LDFLAGS="$ASAN_CFLAGS"
+
+ msg "test: full + MBEDTLS_PSA_CRYPTO_CONFIG minus MBEDTLS_PSA_CRYPTO_DRIVERS"
+ make test
+}
+
+# This should be renamed to test and updated once the accelerator ECDSA code is in place and ready to test.
+component_build_psa_want_ecdsa_disabled_software() {
+ # full plus MBEDTLS_PSA_CRYPTO_CONFIG with PSA_WANT_ALG_ECDSA
+ # without MBEDTLS_ECDSA_C
+ # PSA_WANT_ALG_ECDSA and PSA_WANT_ALG_DETERMINISTIC_ECDSA are already
+ # set in include/psa/crypto_config.h
+ msg "build: full + MBEDTLS_PSA_CRYPTO_CONFIG + PSA_WANT_ALG_ECDSA without MBEDTLS_ECDSA_C"
+ scripts/config.py full
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG
+ scripts/config.py set MBEDTLS_PSA_CRYPTO_DRIVERS
+ scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO
+ scripts/config.py unset MBEDTLS_ECDSA_C
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
+ scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
+ # Need to define the correct symbol and include the test driver header path in order to build with the test driver
+ make CC=gcc CFLAGS="$ASAN_CFLAGS -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_PSA_ACCEL_ALG_ECDSA -DMBEDTLS_PSA_ACCEL_ALG_DETERMINISTIC_ECDSA -I../tests/include -O2" LDFLAGS="$ASAN_CFLAGS"
+}
+
component_test_check_params_functionality () {
msg "build+test: MBEDTLS_CHECK_PARAMS functionality"
scripts/config.py full # includes CHECK_PARAMS
diff --git a/tests/scripts/check-names.sh b/tests/scripts/check-names.sh
index 6c9195b..55f76da 100755
--- a/tests/scripts/check-names.sh
+++ b/tests/scripts/check-names.sh
@@ -65,7 +65,7 @@
diff macros identifiers | sed -n -e 's/< //p' > actual-macros
for THING in actual-macros enum-consts; do
- printf "Names of $THING: "
+ printf 'Names of %s: ' "$THING"
test -r $THING
BAD=$( grep -E -v '^(MBEDTLS|PSA)_[0-9A-Z_]*[0-9A-Z]$' $THING || true )
UNDERSCORES=$( grep -E '.*__.*' $THING || true )
@@ -81,7 +81,7 @@
done
for THING in identifiers; do
- printf "Names of $THING: "
+ printf 'Names of %s: ' "$THING"
test -r $THING
BAD=$( grep -E -v '^(mbedtls|psa)_[0-9a-z_]*[0-9a-z]$' $THING || true )
if [ "x$BAD" = "x" ]; then
diff --git a/tests/scripts/list-macros.sh b/tests/scripts/list-macros.sh
index 15d2590..a8617a0 100755
--- a/tests/scripts/list-macros.sh
+++ b/tests/scripts/list-macros.sh
@@ -30,4 +30,10 @@
| egrep -v '^(asm|inline|EMIT|_CRT_SECURE_NO_DEPRECATE)$|^MULADDC_' \
| sort -u > macros
+# For include/mbedtls/config_psa.h need to ignore the MBEDTLS_xxx define
+# in that file since they may not be defined in include/psa/crypto_config.h
+# This line renames the potentially missing defines to ones that should
+# be present.
+sed -ne 's/^MBEDTLS_PSA_BUILTIN_/MBEDTLS_PSA_ACCEL_/p' <macros >>macros
+
wc -l macros
diff --git a/tests/src/drivers/key_management.c b/tests/src/drivers/key_management.c
new file mode 100644
index 0000000..9bef4b6
--- /dev/null
+++ b/tests/src/drivers/key_management.c
@@ -0,0 +1,241 @@
+/*
+ * Test driver for generating and verifying keys.
+ * Currently only supports generating and verifying ECC keys.
+ */
+/* Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#if !defined(MBEDTLS_CONFIG_FILE)
+#include "mbedtls/config.h"
+#else
+#include MBEDTLS_CONFIG_FILE
+#endif
+
+#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
+#include "psa/crypto.h"
+#include "psa_crypto_core.h"
+#include "mbedtls/ecp.h"
+#include "mbedtls/error.h"
+
+#include "test/drivers/key_management.h"
+
+#include "test/random.h"
+
+#include <string.h>
+
+test_driver_key_management_hooks_t test_driver_key_management_hooks =
+ TEST_DRIVER_KEY_MANAGEMENT_INIT;
+
+psa_status_t test_transparent_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ ++test_driver_key_management_hooks.hits;
+
+ if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( test_driver_key_management_hooks.forced_status );
+
+ if( test_driver_key_management_hooks.forced_output != NULL )
+ {
+ if( test_driver_key_management_hooks.forced_output_length > key_size )
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ memcpy( key, test_driver_key_management_hooks.forced_output,
+ test_driver_key_management_hooks.forced_output_length );
+ *key_length = test_driver_key_management_hooks.forced_output_length;
+ return( PSA_SUCCESS );
+ }
+
+ /* Copied from psa_crypto.c */
+#if defined(MBEDTLS_ECP_C)
+ if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
+ && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
+ {
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY(
+ psa_get_key_type( attributes ) );
+ mbedtls_ecp_group_id grp_id =
+ mbedtls_ecc_group_of_psa(
+ curve,
+ PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+ mbedtls_ecp_keypair ecp;
+ mbedtls_test_rnd_pseudo_info rnd_info;
+ memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
+
+ int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( curve_info->bit_size != psa_get_key_bits( attributes ) )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ mbedtls_ecp_keypair_init( &ecp );
+ ret = mbedtls_ecp_gen_key( grp_id, &ecp,
+ &mbedtls_test_rnd_pseudo_rand,
+ &rnd_info );
+ if( ret != 0 )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( mbedtls_to_psa_error( ret ) );
+ }
+
+ /* Make sure to use export representation */
+ size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
+ if( key_size < bytes )
+ {
+ mbedtls_ecp_keypair_free( &ecp );
+ return( PSA_ERROR_BUFFER_TOO_SMALL );
+ }
+ psa_status_t status = mbedtls_to_psa_error(
+ mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
+
+ if( status == PSA_SUCCESS )
+ {
+ *key_length = bytes;
+ }
+ else
+ {
+ memset( key, 0, bytes );
+ }
+
+ mbedtls_ecp_keypair_free( &ecp );
+ return( status );
+ }
+ else
+#endif /* MBEDTLS_ECP_C */
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t test_opaque_generate_key(
+ const psa_key_attributes_t *attributes,
+ uint8_t *key, size_t key_size, size_t *key_length )
+{
+ (void) attributes;
+ (void) key;
+ (void) key_size;
+ (void) key_length;
+ return( PSA_ERROR_NOT_SUPPORTED );
+}
+
+psa_status_t test_transparent_validate_key(const psa_key_attributes_t *attributes,
+ const uint8_t *data,
+ size_t data_length,
+ size_t *bits)
+{
+ ++test_driver_key_management_hooks.hits;
+
+ if( test_driver_key_management_hooks.forced_status != PSA_SUCCESS )
+ return( test_driver_key_management_hooks.forced_status );
+
+#if defined(MBEDTLS_ECP_C)
+ psa_key_type_t type = psa_get_key_type( attributes );
+ if ( PSA_KEY_TYPE_IS_ECC( type ) )
+ {
+ // Code mostly copied from psa_load_ecp_representation
+ psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( type );
+ mbedtls_ecp_group_id grp_id;
+ mbedtls_ecp_keypair ecp;
+ psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
+
+ if( psa_get_key_bits( attributes ) == 0 )
+ {
+ // Attempt auto-detect of curve bit size
+ size_t curve_size = data_length;
+
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) &&
+ PSA_KEY_TYPE_ECC_GET_FAMILY( type ) != PSA_ECC_FAMILY_MONTGOMERY )
+ {
+ /* A Weierstrass public key is represented as:
+ * - The byte 0x04;
+ * - `x_P` as a `ceiling(m/8)`-byte string, big-endian;
+ * - `y_P` as a `ceiling(m/8)`-byte string, big-endian.
+ * So its data length is 2m+1 where m is the curve size in bits.
+ */
+ if( ( data_length & 1 ) == 0 )
+ return( PSA_ERROR_INVALID_ARGUMENT );
+ curve_size = data_length / 2;
+
+ /* Montgomery public keys are represented in compressed format, meaning
+ * their curve_size is equal to the amount of input. */
+
+ /* Private keys are represented in uncompressed private random integer
+ * format, meaning their curve_size is equal to the amount of input. */
+ }
+
+ grp_id = mbedtls_ecc_group_of_psa( curve, curve_size );
+ }
+ else
+ {
+ grp_id = mbedtls_ecc_group_of_psa( curve,
+ PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
+ }
+
+ const mbedtls_ecp_curve_info *curve_info =
+ mbedtls_ecp_curve_info_from_grp_id( grp_id );
+
+ if( attributes->domain_parameters_size != 0 )
+ return( PSA_ERROR_NOT_SUPPORTED );
+ if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
+ return( PSA_ERROR_NOT_SUPPORTED );
+
+ *bits = curve_info->bit_size;
+
+ mbedtls_ecp_keypair_init( &ecp );
+
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_group_load( &ecp.grp, grp_id ) );
+ if( status != PSA_SUCCESS )
+ goto ecp_exit;
+
+ /* Load the key material. */
+ if( PSA_KEY_TYPE_IS_PUBLIC_KEY( type ) )
+ {
+ /* Load the public value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_point_read_binary( &ecp.grp, &ecp.Q,
+ data,
+ data_length ) );
+ if( status != PSA_SUCCESS )
+ goto ecp_exit;
+
+ /* Check that the point is on the curve. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_check_pubkey( &ecp.grp, &ecp.Q ) );
+ }
+ else
+ {
+ /* Load and validate the secret value. */
+ status = mbedtls_to_psa_error(
+ mbedtls_ecp_read_key( ecp.grp.id,
+ &ecp,
+ data,
+ data_length ) );
+ }
+
+ecp_exit:
+ mbedtls_ecp_keypair_free( &ecp );
+ return( status );
+ }
+ return( PSA_ERROR_NOT_SUPPORTED );
+#else
+ (void) data;
+ (void) data_length;
+ (void) bits;
+ return( PSA_ERROR_NOT_SUPPORTED );
+#endif /* MBEDTLS_ECP_C */
+}
+
+#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/keygen.c b/tests/src/drivers/keygen.c
deleted file mode 100644
index f15a4bc..0000000
--- a/tests/src/drivers/keygen.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Test driver for generating keys.
- * Currently only supports generating ECC keys.
- */
-/* Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#if !defined(MBEDTLS_CONFIG_FILE)
-#include "mbedtls/config.h"
-#else
-#include MBEDTLS_CONFIG_FILE
-#endif
-
-#if defined(MBEDTLS_PSA_CRYPTO_DRIVERS) && defined(PSA_CRYPTO_DRIVER_TEST)
-#include "psa/crypto.h"
-#include "psa_crypto_core.h"
-#include "mbedtls/ecp.h"
-#include "mbedtls/error.h"
-
-#include "test/drivers/keygen.h"
-
-#include "test/random.h"
-
-#include <string.h>
-
-test_driver_keygen_hooks_t test_driver_keygen_hooks = TEST_DRIVER_KEYGEN_INIT;
-
-psa_status_t test_transparent_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key, size_t key_size, size_t *key_length )
-{
- ++test_driver_keygen_hooks.hits;
-
- if( test_driver_keygen_hooks.forced_status != PSA_SUCCESS )
- return( test_driver_keygen_hooks.forced_status );
-
- if( test_driver_keygen_hooks.forced_output != NULL )
- {
- if( test_driver_keygen_hooks.forced_output_length > key_size )
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- memcpy( key, test_driver_keygen_hooks.forced_output,
- test_driver_keygen_hooks.forced_output_length );
- *key_length = test_driver_keygen_hooks.forced_output_length;
- return( PSA_SUCCESS );
- }
-
- /* Copied from psa_crypto.c */
-#if defined(MBEDTLS_ECP_C)
- if ( PSA_KEY_TYPE_IS_ECC( psa_get_key_type( attributes ) )
- && PSA_KEY_TYPE_IS_KEY_PAIR( psa_get_key_type( attributes ) ) )
- {
- psa_ecc_family_t curve = PSA_KEY_TYPE_ECC_GET_FAMILY( psa_get_key_type( attributes ) );
- mbedtls_ecp_group_id grp_id =
- mbedtls_ecc_group_of_psa( curve, PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) );
- const mbedtls_ecp_curve_info *curve_info =
- mbedtls_ecp_curve_info_from_grp_id( grp_id );
- mbedtls_ecp_keypair ecp;
- mbedtls_test_rnd_pseudo_info rnd_info;
- memset( &rnd_info, 0x5A, sizeof( mbedtls_test_rnd_pseudo_info ) );
-
- int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if( attributes->domain_parameters_size != 0 )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( grp_id == MBEDTLS_ECP_DP_NONE || curve_info == NULL )
- return( PSA_ERROR_NOT_SUPPORTED );
- if( curve_info->bit_size != psa_get_key_bits( attributes ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
- mbedtls_ecp_keypair_init( &ecp );
- ret = mbedtls_ecp_gen_key( grp_id, &ecp,
- &mbedtls_test_rnd_pseudo_rand,
- &rnd_info );
- if( ret != 0 )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( mbedtls_to_psa_error( ret ) );
- }
-
- /* Make sure to use export representation */
- size_t bytes = PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) );
- if( key_size < bytes )
- {
- mbedtls_ecp_keypair_free( &ecp );
- return( PSA_ERROR_BUFFER_TOO_SMALL );
- }
- psa_status_t status = mbedtls_to_psa_error(
- mbedtls_mpi_write_binary( &ecp.d, key, bytes ) );
-
- if( status == PSA_SUCCESS )
- {
- *key_length = bytes;
- }
-
- mbedtls_ecp_keypair_free( &ecp );
- return( status );
- }
- else
-#endif /* MBEDTLS_ECP_C */
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-psa_status_t test_opaque_generate_key(
- const psa_key_attributes_t *attributes,
- uint8_t *key, size_t key_size, size_t *key_length )
-{
- (void) attributes;
- (void) key;
- (void) key_size;
- (void) key_length;
- return( PSA_ERROR_NOT_SUPPORTED );
-}
-
-#endif /* MBEDTLS_PSA_CRYPTO_DRIVERS && PSA_CRYPTO_DRIVER_TEST */
diff --git a/tests/src/drivers/signature.c b/tests/src/drivers/signature.c
index 028d24a..cea0351 100644
--- a/tests/src/drivers/signature.c
+++ b/tests/src/drivers/signature.c
@@ -262,6 +262,8 @@
(void) alg;
(void) hash;
(void) hash_length;
+ (void) signature;
+ (void) signature_length;
#endif /* defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECDSA_DETERMINISTIC) && \
defined(MBEDTLS_SHA256_C) */
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 653d88d..fcd73f2 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -114,8 +114,8 @@
echo "Usage: $0 [options]"
printf " -h|--help\tPrint this help.\n"
printf " -m|--memcheck\tCheck memory leaks and errors.\n"
- printf " -f|--filter\tOnly matching tests are executed (BRE; default: '$FILTER')\n"
- printf " -e|--exclude\tMatching tests are excluded (BRE; default: '$EXCLUDE')\n"
+ printf " -f|--filter\tOnly matching tests are executed (BRE)\n"
+ printf " -e|--exclude\tMatching tests are excluded (BRE)\n"
printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
printf " -s|--show-numbers\tShow test numbers in front of test names\n"
printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
@@ -411,7 +411,7 @@
fi
LINE="$LINE$1"
- printf "$LINE "
+ printf "%s " "$LINE"
LEN=$(( 72 - `echo "$LINE" | wc -c` ))
for i in `seq 1 $LEN`; do printf '.'; done
printf ' '
@@ -634,6 +634,23 @@
fi
}
+# Compare file content
+# Usage: find_in_both pattern file1 file2
+# extract from file1 the first line matching the pattern
+# check in file2 that the same line can be found
+find_in_both() {
+ srv_pattern=$(grep -m 1 "$1" "$2");
+ if [ -z "$srv_pattern" ]; then
+ return 1;
+ fi
+
+ if grep "$srv_pattern" $3 >/dev/null; then :
+ return 0;
+ else
+ return 1;
+ fi
+}
+
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
# Options: -s pattern pattern that must be present in server output
# -c pattern pattern that must be present in client output
@@ -643,6 +660,7 @@
# -C pattern pattern that must be absent in client output
# -U pattern lines after pattern must be unique in server output
# -F call shell function on server output
+# -g call shell function on server and client output
run_test() {
NAME="$1"
shift 1
@@ -738,12 +756,12 @@
fi
check_osrv_dtls
- printf "# $NAME\n$SRV_CMD\n" > $SRV_OUT
+ printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
SRV_PID=$!
wait_server_start "$SRV_PORT" "$SRV_PID"
- printf "# $NAME\n$CLI_CMD\n" > $CLI_OUT
+ printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
wait_client_done
@@ -865,6 +883,12 @@
return
fi
;;
+ "-g")
+ if ! eval "$2 '$SRV_OUT' '$CLI_OUT'"; then
+ fail "function call to '$2' failed on Server and Client output"
+ return
+ fi
+ ;;
*)
echo "Unknown test: $1" >&2
@@ -3023,12 +3047,12 @@
# Tests for Max Fragment Length extension
if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
- printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n"
+ printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
exit 1
fi
if [ $MAX_CONTENT_LEN -ne 16384 ]; then
- printf "Using non-default maximum content length $MAX_CONTENT_LEN\n"
+ echo "Using non-default maximum content length $MAX_CONTENT_LEN"
fi
requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
@@ -4182,14 +4206,14 @@
MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
- printf "The ${CONFIG_H} file contains a value for the configuration of\n"
- printf "MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script’s\n"
- printf "test value of ${MAX_IM_CA}. \n"
- printf "\n"
- printf "The tests assume this value and if it changes, the tests in this\n"
- printf "script should also be adjusted.\n"
- printf "\n"
+ cat <<EOF
+${CONFIG_H} contains a value for the configuration of
+MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
+test value of ${MAX_IM_CA}.
+The tests assume this value and if it changes, the tests in this
+script should also be adjusted.
+EOF
exit 1
fi
@@ -8713,6 +8737,539 @@
0 \
-s "fragmenting handshake message"
+# Tests for DTLS-SRTP (RFC 5764)
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported" \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -C "error"
+
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=5 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
+ -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one matching profile." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one different profile." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
+ -S "selected srtp profile" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server doesn't support use_srtp extension." \
+ "$P_SRV dtls=1 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported. mki used" \
+ "$P_SRV dtls=1 use_srtp=1 support_mki=1 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "dumping 'using mki' (8 bytes)" \
+ -s "DTLS-SRTP key material is"\
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "dumping 'sending mki' (8 bytes)" \
+ -c "dumping 'received mki' (8 bytes)" \
+ -c "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -s "DTLS-SRTP no mki value negotiated"\
+ -S "dumping 'using mki' (8 bytes)" \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -c "DTLS-SRTP no mki value negotiated"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "dumping 'sending mki' (8 bytes)" \
+ -C "dumping 'received mki' (8 bytes)" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
+ -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -S "selected srtp profile" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -C "SRTP Extension negotiated, profile"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \
+ "$P_SRV dtls=1 debug_level=3" \
+ "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ 0 \
+ -s "found use_srtp extension" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -C "SRTP Extension negotiated, profile"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported. openssl server" \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \
+ "$O_SRV -dtls1" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \
+ "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
+ "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -c "DTLS-SRTP no mki value negotiated"\
+ -c "dumping 'sending mki' (8 bytes)" \
+ -C "dumping 'received mki' (8 bytes)" \
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP all profiles supported. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "SRTP profile: SRTP_NULL_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -s "selected srtp profile" \
+ -s "server hello, adding use_srtp extension" \
+ -s "DTLS-SRTP key material is"\
+ -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
+ "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -s "found srtp profile" \
+ -S "selected srtp profile" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -C "SRTP profile:"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
+ "$P_SRV dtls=1 debug_level=3" \
+ "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
+ 0 \
+ -s "found use_srtp extension" \
+ -S "server hello, adding use_srtp extension" \
+ -S "DTLS-SRTP key material is"\
+ -C "SRTP profile:"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP all profiles supported. gnutls server" \
+ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
+ "$G_SRV -u" \
+ "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -C "found use_srtp extension" \
+ -C "found srtp profile" \
+ -C "selected srtp profile" \
+ -C "DTLS-SRTP key material is"\
+ -C "error"
+
+requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
+requires_gnutls
+run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
+ "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
+ "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
+ 0 \
+ -c "client hello, adding use_srtp extension" \
+ -c "found use_srtp extension" \
+ -c "found srtp profile" \
+ -c "selected srtp profile" \
+ -c "DTLS-SRTP key material is"\
+ -c "DTLS-SRTP mki value:"\
+ -c "dumping 'sending mki' (8 bytes)" \
+ -c "dumping 'received mki' (8 bytes)" \
+ -C "error"
+
# Tests for specific things with "unreliable" UDP connection
not_with_valgrind # spurious resend due to timeout
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 8ba9ec1..774050d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1658,6 +1658,10 @@
depends_on:MBEDTLS_CHACHAPOLY_C
aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691"
+PSA AEAD encrypt: ChaCha20-Poly1305 (zero-length input)
+depends_on:MBEDTLS_CHACHAPOLY_C
+aead_encrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"":"a0784d7a4716f3feb4f64e7f4b39bf04"
+
PSA AEAD decrypt: ChaCha20-Poly1305 (RFC7539, good tag)
depends_on:MBEDTLS_CHACHAPOLY_C
aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600691":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_SUCCESS
@@ -1666,6 +1670,10 @@
depends_on:MBEDTLS_CHACHAPOLY_C
aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"50515253c0c1c2c3c4c5c6c7":"d31a8d34648e60db7b86afbc53ef7ec2a4aded51296e08fea9e2b5a736ee62d63dbea45e8ca9671282fafb69da92728b1a71de0a9e060b2905d6a5b67ecd3b3692ddbd7f2d778b8c9803aee328091b58fab324e4fad675945585808b4831d7bc3ff4def08e4b7a9de576d26586cec64b61161ae10b594f09e26a7e902ecbd0600690":"4c616469657320616e642047656e746c656d656e206f662074686520636c617373206f66202739393a204966204920636f756c64206f6666657220796f75206f6e6c79206f6e652074697020666f7220746865206675747572652c2073756e73637265656e20776f756c642062652069742e":PSA_ERROR_INVALID_SIGNATURE
+PSA AEAD decrypt: ChaCha20-Poly1305 (good tag, zero-length input)
+depends_on:MBEDTLS_CHACHAPOLY_C
+aead_decrypt:PSA_KEY_TYPE_CHACHA20:"808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9f":PSA_ALG_CHACHA20_POLY1305:"070000004041424344454647":"":"a0784d7a4716f3feb4f64e7f4b39bf04":"":PSA_SUCCESS
+
PSA AEAD encrypt/decrypt: invalid algorithm (CTR)
depends_on:MBEDTLS_AES_C:MBEDTLS_GCM_C
aead_encrypt_decrypt:PSA_KEY_TYPE_AES:"D7828D13B2B0BDC325A76236DF93CC6B":PSA_ALG_CTR:"000102030405060708090A0B0C0D0E0F":"":"":PSA_ERROR_NOT_SUPPORTED
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.data b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
index 7abc256..1f1ee39 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.data
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.data
@@ -40,6 +40,25 @@
generate_key through transparent driver: error
generate_key:PSA_ERROR_GENERIC_ERROR:"":PSA_ERROR_GENERIC_ERROR
+validate key through transparent driver: good private key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
+
+validate key through transparent driver: good public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+validate_key:PSA_SUCCESS:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
+
+validate key through transparent driver: fallback private key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_SUCCESS
+
+validate key through transparent driver: fallback public key
+depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_PK_WRITE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED
+validate_key:PSA_ERROR_NOT_SUPPORTED:PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_FAMILY_SECP_R1):"04dea5e45d0ea37fc566232a508f4ad20ea13d47e4bf5fa4d54a57a0ba012042087097496efc583fed8b24a5b9be9a51de063f5a00a8b698a16fd7f29b5485f320":PSA_SUCCESS
+
+validate key through transparent driver: error
+validate_key:PSA_ERROR_GENERIC_ERROR:PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_SECP_R1):"49c9a8c18c4b885638c431cf1df1c994131609b580d4fd43a0cab17db2f13eee":PSA_ERROR_GENERIC_ERROR
+
PSA symmetric encrypt: AES-CTR, 16 bytes, good
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CTR
cipher_encrypt:PSA_ALG_CTR:PSA_KEY_TYPE_AES:"2b7e151628aed2a6abf7158809cf4f3c":"2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a":"6bc1bee22e409f96e93d7e117393172a":"8f9408fe80a81d3e813da3c7b0b2bd32":0:PSA_SUCCESS:PSA_SUCCESS
diff --git a/tests/suites/test_suite_psa_crypto_driver_wrappers.function b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
index 951670d..a0140d2 100644
--- a/tests/suites/test_suite_psa_crypto_driver_wrappers.function
+++ b/tests/suites/test_suite_psa_crypto_driver_wrappers.function
@@ -132,7 +132,7 @@
psa_status_t actual_status;
uint8_t actual_output[PSA_KEY_EXPORT_ECC_KEY_PAIR_MAX_SIZE(256)] = {0};
size_t actual_output_length;
- test_driver_keygen_hooks = test_driver_keygen_hooks_init();
+ test_driver_key_management_hooks = test_driver_key_management_hooks_init();
psa_set_key_type( &attributes,
PSA_KEY_TYPE_ECC_KEY_PAIR( PSA_ECC_CURVE_SECP_R1 ) );
@@ -142,18 +142,18 @@
if( fake_output->len > 0 )
{
- expected_output = test_driver_keygen_hooks.forced_output = fake_output->x;
- expected_output_length = test_driver_keygen_hooks.forced_output_length =
+ expected_output = test_driver_key_management_hooks.forced_output = fake_output->x;
+ expected_output_length = test_driver_key_management_hooks.forced_output_length =
fake_output->len;
}
- test_driver_keygen_hooks.hits = 0;
- test_driver_keygen_hooks.forced_status = force_status;
+ test_driver_key_management_hooks.hits = 0;
+ test_driver_key_management_hooks.forced_status = force_status;
PSA_ASSERT( psa_crypto_init( ) );
actual_status = psa_generate_key( &attributes, &handle );
- TEST_EQUAL( test_driver_keygen_hooks.hits, 1 );
+ TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
TEST_EQUAL( actual_status, expected_status );
if( actual_status == PSA_SUCCESS )
@@ -180,7 +180,41 @@
psa_reset_key_attributes( &attributes );
psa_destroy_key( handle );
PSA_DONE( );
- test_driver_keygen_hooks = test_driver_keygen_hooks_init();
+ test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED */
+void validate_key( int force_status_arg,
+ int key_type_arg,
+ data_t *key_input,
+ int expected_status_arg )
+{
+ psa_status_t force_status = force_status_arg;
+ psa_status_t expected_status = expected_status_arg;
+ psa_key_type_t key_type = key_type_arg;
+ psa_key_handle_t handle = 0;
+ psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
+ psa_status_t actual_status;
+ test_driver_key_management_hooks = test_driver_key_management_hooks_init();
+
+ psa_set_key_type( &attributes,
+ key_type );
+ psa_set_key_bits( &attributes, 0 );
+ psa_set_key_usage_flags( &attributes, PSA_KEY_USAGE_EXPORT );
+
+ test_driver_key_management_hooks.forced_status = force_status;
+
+ PSA_ASSERT( psa_crypto_init( ) );
+
+ actual_status = psa_import_key( &attributes, key_input->x, key_input->len, &handle );
+ TEST_EQUAL( test_driver_key_management_hooks.hits, 1 );
+ TEST_EQUAL( actual_status, expected_status );
+exit:
+ psa_reset_key_attributes( &attributes );
+ psa_destroy_key( handle );
+ PSA_DONE( );
+ test_driver_key_management_hooks = test_driver_key_management_hooks_init();
}
/* END_CASE */
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.data b/tests/suites/test_suite_psa_crypto_persistent_key.data
index f65e57e..98db74d 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.data
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.data
@@ -1,26 +1,26 @@
Format for storage: RSA private key
-format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN
+format_storage_data_check:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"505341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN
+
+Format for storage: AES-128 key
+format_storage_data_check:"404142434445464748494a4b4c4d4e4f":"505341004b45590000000000010000000024800000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0
Parse storage: RSA private key
-parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS
+parse_storage_data_check:"505341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_SUCCESS
Parse storage: AES-128 key
-parse_storage_data_check:"505341004b45590000000000010000000024000000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS
-
-Parse storage: type out of range
-parse_storage_data_check:"505341004b45590000000000010000000024010000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:0:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b45590000000000010000000024800000030000021040060000000010000000404142434445464748494a4b4c4d4e4f":"404142434445464748494a4b4c4d4e4f":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_AES:128:PSA_KEY_USAGE_DECRYPT | PSA_KEY_USAGE_ENCRYPT:PSA_ALG_GCM:0:PSA_SUCCESS
Parse storage: wrong version
-parse_storage_data_check:"505341004b455900ffffffff0100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900ffffffff0100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
Parse storage: data too big
-parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b455900000000000100000001700000010000000000001200000010ffffffff3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
Parse storage: bad magic
-parse_storage_data_check:"645341004b455900000000000100000001700000010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"645341004b455900000000000100000001700004010000000000001200000010620200003082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:1024:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
Parse storage: truncated magic
-parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
+parse_storage_data_check:"505341004b4559":"":PSA_KEY_LIFETIME_PERSISTENT:PSA_KEY_TYPE_RSA_KEY_PAIR:0:PSA_KEY_USAGE_EXPORT:PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION:PSA_ALG_CATEGORY_SIGN:PSA_ERROR_STORAGE_FAILURE
# Not specific to files, but only run this test in an environment where the maximum size could be reached.
Save maximum-size persistent raw key
diff --git a/tests/suites/test_suite_psa_crypto_persistent_key.function b/tests/suites/test_suite_psa_crypto_persistent_key.function
index 9e2fbf6..7ee17f9 100644
--- a/tests/suites/test_suite_psa_crypto_persistent_key.function
+++ b/tests/suites/test_suite_psa_crypto_persistent_key.function
@@ -41,7 +41,7 @@
/* BEGIN_CASE */
void format_storage_data_check( data_t *key_data,
data_t *expected_file_data,
- int key_lifetime, int key_type,
+ int key_lifetime, int key_type, int key_bits,
int key_usage, int key_alg, int key_alg2 )
{
uint8_t *file_data = NULL;
@@ -51,6 +51,7 @@
psa_set_key_lifetime( &attributes, key_lifetime );
psa_set_key_type( &attributes, key_type );
+ psa_set_key_bits( &attributes, key_bits );
psa_set_key_usage_flags( &attributes, key_usage );
psa_set_key_algorithm( &attributes, key_alg );
psa_set_key_enrollment_algorithm( &attributes, key_alg2 );
@@ -73,6 +74,7 @@
data_t *expected_key_data,
int expected_key_lifetime,
int expected_key_type,
+ int expected_key_bits,
int expected_key_usage,
int expected_key_alg,
int expected_key_alg2,
@@ -95,6 +97,8 @@
(psa_key_type_t) expected_key_lifetime );
TEST_EQUAL( psa_get_key_type( &attributes ),
(psa_key_type_t) expected_key_type );
+ TEST_EQUAL( psa_get_key_bits( &attributes ),
+ (psa_key_bits_t) expected_key_bits );
TEST_EQUAL( psa_get_key_usage_flags( &attributes ),
(uint32_t) expected_key_usage );
TEST_EQUAL( psa_get_key_algorithm( &attributes ),
diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj
index 3e9d14a..801f17c 100644
--- a/visualc/VS2010/mbedTLS.vcxproj
+++ b/visualc/VS2010/mbedTLS.vcxproj
@@ -162,6 +162,7 @@
<ClInclude Include="..\..\include\mbedtls\cmac.h" />
<ClInclude Include="..\..\include\mbedtls\compat-1.3.h" />
<ClInclude Include="..\..\include\mbedtls\config.h" />
+ <ClInclude Include="..\..\include\mbedtls\config_psa.h" />
<ClInclude Include="..\..\include\mbedtls\ctr_drbg.h" />
<ClInclude Include="..\..\include\mbedtls\debug.h" />
<ClInclude Include="..\..\include\mbedtls\des.h" />
@@ -223,6 +224,7 @@
<ClInclude Include="..\..\include\psa\crypto.h" />
<ClInclude Include="..\..\include\psa\crypto_accel_driver.h" />
<ClInclude Include="..\..\include\psa\crypto_compat.h" />
+ <ClInclude Include="..\..\include\psa\crypto_config.h" />
<ClInclude Include="..\..\include\psa\crypto_driver_common.h" />
<ClInclude Include="..\..\include\psa\crypto_entropy_driver.h" />
<ClInclude Include="..\..\include\psa\crypto_extra.h" />
@@ -239,7 +241,7 @@
<ClInclude Include="..\..\tests\include\test\psa_helpers.h" />
<ClInclude Include="..\..\tests\include\test\random.h" />
<ClInclude Include="..\..\tests\include\test\drivers\cipher.h" />
- <ClInclude Include="..\..\tests\include\test\drivers\keygen.h" />
+ <ClInclude Include="..\..\tests\include\test\drivers\key_management.h" />
<ClInclude Include="..\..\tests\include\test\drivers\signature.h" />
<ClInclude Include="..\..\tests\include\test\drivers\size.h" />
<ClInclude Include="..\..\tests\include\test\drivers\test_driver.h" />