- rename file name from `early_data.txt` to `tls13_early_data.txt`
- fix typo issue
- remove redundant parameter
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
Coverity flagged this due to the potential leaked memory allocations in
mbedtls_mps_reader_random_usage()
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Using a dedicated field allows clean separatin between key attributes
and slot state. This allows us to use the same mechanics for attributes
and key content. Which in turn means lower code size and easier
maintenance.
Signed-off-by: Janos Follath <janos.follath@arm.com>
Separate design analysis from plans and make the distinction clear
between what is implemented, what is planned to be implemented soon,
what is planned to be implemented in the future, and what is ideas that
are rejected.
(The distinction between the last two categories doesn't have to be
clear, we can't and shouldn't plan that far ahead.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
Add repository detection (credit to davidhorstmann-arm
for adding this in all.sh previously) and use repository
detection to set the library directory and title
variables.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
These are explicitly PSA tests, so use PSA_WANT.
Was missed by analyze_outcomes.py because those test cases were not
listed properly, which will be fixed by #8088.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
There are some fallback test cases which should rely on builtin
implementations. This commit adjusts them with correct dependencies.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
PBKDF2-AES-CMAC works if we provide the driver of AES-CMAC or
KEY-TYPE-AES or both. So if PBKDF2-AES-CMAC is requested via PSA,
we don't need to additionally enable builtin AES-CMAC or builtin
KEY-TYPE-AES.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
Calling mbedtls_cipher_free() on a context that was not initialised
is dangerous, and this could happen if the first test in
check_set_padding() failed.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
crl_file is a test argument and can't be null. Besides the code above
already assumes that it's non-null.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mbedtls_ssl_session_save() always outputs the output length, even on error.
Here, we're only calling it to get the needed output length, so it's ok to
ignore the return value. Convey this to linters.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
