mbedtls_gcm_update now accepts inputs of arbitrary size. There is no
longer a requirement that all calls except the last one pass a
multiple of 16 bytes.
This commit updates the library code and adjusts the GCM tests to
exercise arbitrarily aligned input sizes.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The existing GCM test suite only exercises the one-shot API. Also test
the multipart interface: systematically run it on the same test data,
with the input (plaintext or ciphertext) split in two parts.
Given the current limitations of the GCM API, the associated data is
always passed in a single shot to mbedtls_gcm_starts(), and the first
part of the input is a nonzero multiple of 16.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add library/*.h to the list of files scanned for enums in
list-enum-consts.sh, consistent with the changes made to
list-macros.sh.
This is needed to ensure that check-names.sh passes for the MPS
trace enums.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Capitalise the MPS trace macros, as per the coding style (and make a slight
change to naming convention to avoid a name collision).
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This was a mistake, there's no reason for the dependencies to be
commented out. The dependencies on PSA_WANT_ALG_EDDSA aren't actually
necessary at the moment, but they might be in certain configurations
if some macros are simplified to save code size.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix expected error code when importing a persistent key or
registering a key with an invalid key identifier:
PSA_ERROR_INVALID_ARGUMENT instead of PSA_ERROR_INVALID_HANDLE.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
When creating a persistent key or registering a key
with an invalid key identifier return
PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_INVALID_HANDLE.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add negative tests checking that psa_copy_key()
returns PSA_ERROR_INVALID_ARGUMENT when passed in
an invalid key identifier or key lifetime for the
target key.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This check was added earlier to avoid useless calls to `memcpy()`
with length `0` in the _frequent_ case where we're not accumulating.
By now, the whole code path has been moved to a branch which is only
executed if the reader is accumulating, and the only time this check
would be relevant is if we happen to feed an empty fragment to the
reader. In this case, the call to memcpy() could be removed, but
since this case is exceptional and the call to memcpy() is still
correct even for a length 0 copy, we remove the check for simplicity
of the code.
Signed-off-by: Hanno Becker <hanno.becker@arm.com>
