Narrow TLS 1.2 RSA-PSS handling to the client ServerKeyExchange parse path and add OpenSSL and GnuTLS interoperability tests.
Signed-off-by: Viktor Sokolovskiy <maokaman@gmail.com>
Cast from 'unsigned char *' to 'memory_header *' through an
intermediate 'void *' to suppress -Wcast-align warnings.
Some Clang-based toolchains (e.g. MetaWare/ARC) enable -Wcast-align
as part of -Wall, unlike standard Clang on x86/ARM. Combined with
-Werror this turns the casts into fatal build errors.
The casts are already alignment-safe at runtime:
- In mbedtls_memory_buffer_alloc_init(), buf is explicitly aligned
to MBEDTLS_MEMORY_ALIGN_MULTIPLE before the cast.
- In buffer_alloc_calloc(), p is computed from an aligned base plus
aligned offsets (sizeof(memory_header) and len are both multiples
of MBEDTLS_MEMORY_ALIGN_MULTIPLE).
- In buffer_alloc_free(), p is derived from a previously aligned
allocation pointer minus the aligned header size.
Signed-off-by: Mohamed Moawad <moawad@synopsys.com>
Namespace BEFORE_COLON and BC defines by prepending MBEDTLS_
and expanding BC to BEFORE_COLON_STR. This is to avoid naming
conflicts with third-party code. No functional change.
Signed-off-by: Stefan Gloor <stefan.gloor@siemens.com>
BEFORE_COLON and BC defines with the accompanying comment are only
required in x509_crt and x509_csr, but not used in x509_crl.c.
Signed-off-by: Stefan Gloor <stefan.gloor@siemens.com>
Don't call a macro that does `goto exit` on failure after the `exit:` label:
that would cause an infinite loop if something does go wrong.
Generally, cleanup functions don't error out, so it is unlikely to be a
problem in practice. If an error does happen during cleanup, it's probably
due to memory corruption caused by a bug that happened earlier, and that is
likely to have been detected in an earlier function. So we don't really need
to assert the return code of functions called during cleanup, and normally
we don't. Only a few places did so, wrongly.
I found the problematic places with
```
ag 'exit:[^}]*(PSA_ASSERT|TEST_ASSERT|TEST_EQUAL)' tests/suites/*.function
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In a PAKE operation that has been initialized with `PSA_PAKE_OPERATION_INIT`
or `psa_pake_operation_init()`, the content of the driver-specific part is
indeterminate. It is actually all-bits-zero on most platforms, but not all,
e.g. not with GCC 15 or CompCert. So don't assert anything about it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This directory is currently excluded from `check-python-files.sh`, because
we run it on the CI in an old Python version that doesn't support some of
our new maintainer scripts.
There are no such scripts in mbedtls for now (only in TF-PSA-Crypto), but be
ready if we want to add some.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When initializing a PAKE operation structure, use an
auxiliary function that doesn't initialize union members to all-bits-zero.
Context: on most compilers, initializing a union to `{0}` initializes it to
all bits zero; but on some compilers, the trailing part of members other
than the first is left uninitialized. This way, we can run the tests on any
platform and validate that the code would work correctly on platforms where
union initialization is short, such as GCC 15.
This commit extends 93dd99571b to
`test_suite_psa_crypto_pake.function`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Add a couple of missing ifdefs to avoid having unreachable code with
AT_LEAST_ONE_BUILTIN_KDF not defined, which otherwise causes a build
warning with clang.
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
commit 4ac4008fa0 ("Access
ssl->hostname through abstractions in certificate verification").
Due to this an unused function warning can occur if neither SNI nor
handshake is enabled.
Signed-off-by: Chaitanya Tata <Chaitanya.Tata@nordicsemi.no>
