We are about to have full support for TLS 1.2
CH reassembly on server side. The equivalent
positive test would be a duplicate of one of
the tests generated by generate_tls_handshake_tests.py.
Thus just removing the negative test.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
In the TLS-Exporter for TLS 1.3 we mistakenly call PSA_HASH_LENGTH() on
an mbedtls_md_type_t when it should be called on a psa_algorithm_t.
Fortunately, these two types have almost the same values, since we have
previously aligned them to make conversion more efficient. As a result,
PSA_HASH_LENGTH() produces exactly the same value when called on an
mbedtls_md_type_t as with the equivalent psa_algorithm_t.
Thanks to this happy coincidence, fix a largely cosmetic issue (rather
than a major functional bug).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
TLS-PRF uses either SHA-256 and SHA-384, so the removed paragraph was not
correct. The correct version is already available few lines below in the
same header file.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
XOF operations are not available on every branch, so their serialization
code needs to be compiled conditionally on the availability of the type.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use NIST test vectors. I copied the first test case for each parameter set.
For ML-KEM and ML-DSA, I did it manually. For SLH-DSA, I used the following
Python script:
```
<gen-val/json-files/SLH-DSA-keyGen-FIPS205/internalProjection.json python -c '
import json, re, sys
data = json.load(sys.stdin)
types = {family: {} for family in ["SHA2_F", "SHA2_S", "SHAKE_F", "SHAKE_S"]}
for group in data["testGroups"]:
t = group["tests"][0]
m = re.match(r"SLH-DSA-(\w+)-([0-9]+)(\w+)", group["parameterSet"])
type = m.group(1) + "_" + m.group(3).upper()
size = m.group(2)
prv = t["skSeed"] + t["skPrf"] + t["pkSeed"] + t["pk"]
pub = t["pkSeed"] + t["pk"]
types[type][size] = (prv, pub)
for type in sorted(types.keys()):
print("")
print(f" # https://github.com/usnistgov/ACVP-Server/blob/v1.1.0.41/gen-val/json-files/SLH-DSA-keyGen-FIPS205/internalProjection.json")
print(f" \x27SLH_DSA(PSA_SLH_FAMILY_{type})\x27: {{")
for size in sorted(types[type].keys()):
entry = types[type][size]
print(f" {size}: (\"{entry[0]}\",")
print(f" \"{entry[1]}\"),")
print(f" }},")
'
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Define the necessary new categories (key wrap, key encapsulation, XOF).
This completes the list of mechanisms in the PSA Crypto API version 1.4,
except for PAKE that are more challenging (family parametrization, need to
find sample keys in `asymmetric_key_data.py`), and except for the PQC
extension.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add generated files that are no longer checked in.
Remove obsolete things (including things now covered at the framework root).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The files are now generated during the build. Stop having them in version
control.
As formerly in Mbed TLS, `make clean` doesn't remove
configuration-independent target-independent generated files, but the new
target `make neat` does.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We don't need to check those generated files into version control.
This fixes the problem that the generated files have precise knowledge of
the functions that exist on whatever branch of TF-PSA-Crypto is consuming
the framework.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
TF-PSA-Crypto no longer has `psa_can_do_hash()` (except as a temporary stub
to avoid breaking the build of psasim).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Specify that the cryptographic operations of Mbed TLS are governed by
its threat model and point specifically to block ciphers as an important
case of this.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
To avoid confusion about the threat model of cryptographic code, add a
link to the SECURITY.md of TF-PSA-Crypto. This should help users who are
unaware that the cryptography has been split into a separate repository.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Ronald Cron