The value of the first sent signature algorithm is overwritten.
This test forces only a single algorithm to be sent and then
validates that the client received such algorithm.
04 03 is the expected value for SECP256R1_SHA256.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
Fix bug whereby the supported signature algorithm list sent by the
server in the certificate request would not leave enough space for the
length to be written, and thus the first element would get overwritten,
leaving two random bytes in the last entry.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
A core MPI must have at least 1 limb. We can no longer test with 0 limbs,
and we don't need to anyway, so don't try.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Legacy Bignum is excluded as it doesn't get regular extensions like new
ones.
Each slot uses comments of their respective filetype. Since .data files
don't have a syntax for comments, dummy test cases are used. (These test
cases will never be executed and no noise will be added to tests.)
Signed-off-by: Janos Follath <janos.follath@arm.com>
Turn mpi_fill_random_internal() into mbedtls_mpi_core_fill_random(). It
had basically the right code except for how X is passed to the function.
Write unit tests.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This will be needed for extracting modular exponentiation from the
prototype. The function signature is kept aligned to the prototype, but
the implementation is new. (The implementation of this function in the
prototype has further optimisations which are out of scope for now.)
The function is not reused in the bignum counterpart as it will become
redundant soon.
This function is meant to be static, but doesn't have the qualifier as
it is not used yet and would cause compiler warnings. The
MBEDTLS_STATIC_TESTABLE macro will be added in a later commit.
Signed-off-by: Janos Follath <janos.follath@arm.com>
This skips zeroizing additional pointers to data.
(Note: actual sensitive data should still be zeroized when freed.)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This patch addresses more review comments, and fixes
a circular depedency in the `mbedtls_mpi_mod_modulus_setup()`.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch addresses review comments with regards to style of
`mbedtls_mpi_mod_modulus_setup/free()`.
It also removes a test check which was triggering a use-after-free.
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This patch updates the `mbedtls_mpi_mod_modulus_setup/free()`
methods to precalculate mm and rr(Montgomery const squared) during
setup and zeroize it during free.
A static `set_mont_const_square()` is added to manage the memory allocation
and parameter checking before invoking the
`mbedtls_mpi_core_get_mont_r2_unsafe()`
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
In the PSK exchange modes extension declare first
PSK ephemeral if we support both PSK ephemeral
and PSK. This is aligned with our implementation
giving precedence to PSK ephemeral over pure PSK
and improve compatibility with GnuTLS.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>