[tf-psa-crypto] Restrict MBEDTLS_X509_RSASSA_PSS_SUPPORT #253
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
valeriosetti
force-pushed
the
issue8154-tfpsacrypto
branch
from
d838540 to
a2eff51
Compare
5 tasks
valeriosetti
force-pushed
the
issue8154-tfpsacrypto
branch
3 times, most recently
from
cf1266c to
40b6da6
Compare
mpg
reviewed
Apr 29, 2025
tests/suites/test_suite_pk.function
Outdated
| @@ -1118,16 +1104,15 @@ void pk_rsa_verify_ext_test_vec(data_t *message_str, int digest, | |||
| * PSA or the Mbed TLS API, depending on the PSS options used. | |||
| * So, it may return either INVALID_PADDING or INVALID_SIGNATURE. | |||
| */ | |||
| fprintf(stderr, "result=%d, ret=%d\n", result, ret); | |||
There was a problem hiding this comment.
Leftover from debugging.
Also, looks like we could just update the data file with the correct error code now that we're always using PSA, and then we no longer need this if and comment here.
tests/suites/test_suite_pk.function
Outdated
| int ret; | ||
|
|
||
| mbedtls_pk_init(&pk); | ||
| MD_OR_USE_PSA_INIT(); | ||
| USE_PSA_INIT(); |
There was a problem hiding this comment.
Minor: could even be PSA_INIT() (and PSA_DONE()), we know we're always using PSA now.
valeriosetti
added
size-s
github-project-automation
bot
moved this to In Development
in Roadmap pull requests (new board)
This commit also removes the legacy path which was not using PSA API. Signed-off-by: Valerio Setti <[email protected]>
Since the option is now ignored in mbedtls_pk_verify_ext(), we can simplify test code by not managing this extra parameter and just pass NULL instead. Signed-off-by: Valerio Setti <[email protected]>
Signed-off-by: Valerio Setti <[email protected]>
Signed-off-by: Valerio Setti <[email protected]>
Since the legacy path in mbedtls_pk_verify_ext() has been removed and PSA is the only solution to perform RSA signature validation, there is no need to adapt return values for legacy/PSA paths. Signed-off-by: Valerio Setti <[email protected]>
Signed-off-by: Valerio Setti <[email protected]>
valeriosetti
force-pushed
the
issue8154-tfpsacrypto
branch
from
7dc025b to
1dd184c
Compare
|
I had to rebase on |
|
LGTM, just need to resolve Manuel's comments and get the CI to pass. |
valeriosetti
removed
the
needs-reviewer
bjwtaylor
approved these changes
Apr 30, 2025
github-project-automation
bot
moved this from In Development
to Has Approval
in Roadmap pull requests (new board)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This helps resolving Mbed-TLS/mbedtls#8154
PR checklist