Fix places where Doxygen documentation uses \p to refer to a parameter
name and where the name used did not match the actual parameter name.
I used the following script to detect problematic cases:
```
perl -w -ne 'if (eof) { $. = 0; } if (m!^/\*\*!) { $in_doc = 1; %param = (); %p = (); } if (m!\*/!) { foreach $name (keys %p) { if (!$param{$name}) { foreach $line (@{$p{$name}}) { print "$ARGV:$line: $name\n" } } } $in_doc = 0; } if ($in_doc) { if (/\\param(?: *\[[^\[\]]*\])? +(\w+)/) { $param{$1} = 1; } foreach (/\\p +\*?(\w+)/) { push @{$p{$1}}, $.; } }' include/psa/*.h
```
This commits fixes all the remaining occurrences under include/psa,
which were just trivial name mismatches.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
In Doxygen documentation, use \c rather than \p when discussing
something that isn't a parameter of the current macro or function.
Where needed, explain what the thing is.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
mac size is previously checked to not be less than 4, so it can't be zero
anymore at this point.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Memsan build was reporting a false positive use of uninitialised memory
in x509_crt.c on a struct filled by an _stat function call. According to
the man pages, the element reported has to be filled in by the call, so
to be safe, and keep memsan happy, zero the struct first.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
As I descovered, a changelog entry with a line length greater than 80
characters would still pass CI. This is a quick change to the script to
make it detect these descrepancies and fail.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
When ECDSA is not supported by the library, prefer
to return NOT_SUPPORTED than INVALID_ARGUMENT when
asked for an ECDSA signature.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move the check that ECDSA is supported from the
caller of the function responsible for Mbed TLS
ECDSA signatures to this function, namely
mbedtls_psa_ecdsa_sign_hash().
This makes the caller code more readable and is
more aligned with what is expected from a
sign_hash() PSA driver entry point.
Add a negative test case where a deterministic
ECDSA signature is requested while the library
does not support deterministic ECDSA.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reworked the validation of MAC algorithm with the used key type by
introducing psa_mac_key_can_do, which guarantees that PSA_MAC_LENGTH can
be called successfully after validation of the algorithm and key type.
This means psa_get_mac_output_length is no longer required.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Multiplication is not constant flow on any CPU we are generally
targetting, so replace this with bit twiddling.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Comparing algorithm with its FULL_LENGTH_MAC version doesn't work in
cases where algorithm is a wildcard. Wildcard input is not specified in
the documentation of the function, but in order to test the function
using the same test as PSA_MAC_LENGTH we're mimicking that behaviour here.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
Marked dirty memory ends up in the result buffer after encoding (due to
the input having been marked dirty), and then the final comparison
to make sure that we got what we expected was triggering the constant
flow checker.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Avoid code duplication. Also update the guarantees made by the function
doc to match the guarantees given by PSA_MAC_LENGTH.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This makes it more in-line with how psa_key_policy_permits works. It
also adds consistency: the intersection of MAC with default length and
MAC with exact-length is now computed correctly in case the exact length
equals the default length of the algorithm when used with the given
key type.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>