5f6e69dae5
Merge pull request #9693 from Harry-Ramsey/split-revert-error-development
...
Split error.h and move back error.c to mbedtls
2024-10-25 13:12:58 +00:00
678e0fb3e5
psa: allow to use static key buffers instead of dynamic ones
...
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no >
2024-10-22 17:56:36 +02:00
08007ed23d
Update guards for crypto only builds
...
This commit updates the guards for crypto only builds to prevent error.c
being built.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com >
2024-10-22 16:35:31 +01:00
c19f8aea8a
Update config.py crypto for version files
...
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com >
2024-10-04 13:37:42 +01:00
560265154c
Merge pull request #9604 from gilles-peskine-arm/config-full-booleans-only
...
config.py: don't rely on section names
2024-09-26 10:03:19 +00:00
475ed86c7a
Merge pull request #9600 from gilles-peskine-arm/use_psa_crypto-key_id_encodes_owner-compatible-config-dev
...
Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
2024-09-24 10:44:56 +00:00
00b9144608
Don't pass the section name to adapters
...
We have finished removing the reliance of named configuration on section
names.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-09-23 15:56:26 +02:00
36571d6d8a
Change "realfull" to activate everything
...
Change "realfull" to activate everything. After investigation, it seems that
having "realfull" not activate everything was a historical oddity due to
proximity with "full", not a goal in itself.
https://github.com/Mbed-TLS/mbedtls/issues/520#issuecomment-727190862
https://github.com/Mbed-TLS/mbedtls/pull/965/files#r523409092
This changes the output of `scripts/config.py realfull`: now all non-boolean
options are uncommented.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-09-23 15:44:46 +02:00
e4c6955e43
Change "full" to affect boolean settings rather than use sections
...
To get rid on the reliance on sections, change "full" and friends to enable
settings based on whether the setting is boolean, rather than based on the
section it contains.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-09-23 15:44:46 +02:00
702d75a2f9
Pass the setting's value to adapters
...
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-09-23 15:44:33 +02:00
a22b95a91c
Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
...
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER has been compatible with
MBEDTLS_USE_PSA_CRYPTO since https://github.com/Mbed-TLS/mbedtls/pull/5380 .
We still don't want to enable it in the full config because it's a behavior
change, even an interface change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-09-19 13:43:57 +02:00
cd326bfc49
Apply the parameter change
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:15 +02:00
317a2a3fed
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
568808a41a
Update member variable names
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
f5f130879c
Fix documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
0e9e4cbbd8
Move commonly used part to config_common
...
Move the Setting, Config, ConfigFile and ConfigTool classes to config_common.
Also update the referencies to the moved classes.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
a12ed6bcb7
Unify spacing
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
24d7cc71af
Create a class for command line config manipulation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
776ee9068d
Fix header file detection
...
Make the include directory check relative to the source file in case not called
from the project root.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
d53080da2a
Make the Config
a proper base class
...
Due to the forward declaration issues, move the common descendant functions
and configfile handling to the `Config` base class.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:14 +02:00
daf807f02d
Fix pylint issues
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:13 +02:00
c659c1b164
Move config file modification flag handling to the Config class
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:13 +02:00
9f2b817fa7
Update documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-09-19 10:47:08 +02:00
91f1746f35
Remove sanity check for None
value
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:20 +02:00
4706fe7f03
Update documentation and comments
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:08 +02:00
3de658664b
Adjust temporarily the crypto config file location
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:08 +02:00
33dd293723
Give better name for class
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:08 +02:00
c5ff33cedf
Move config file modification checking to the Config
superclass
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:08 +02:00
3e2a550f12
Pass ConfigFile
object as parameter for MultiConfig
constructor
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
8d72ac60b3
Fix error type
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
de6e192fd4
Add documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
f77722d67f
Rename calss
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
9b0f9e77a0
Simplify set creation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
e7742b360d
Unify the _format_parameter
function among the ConfigFile
subclasses
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
93a6d1f6ec
Make the name
parameter mandatory for the constructor of ConfigFile
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
8a64d8e346
Only write config files if it is modified
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:07 +02:00
542fd38437
Update unsupported and deprecated psa fearues handling
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:06 +02:00
d723b51bef
Fix for crypto config default value
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:06 +02:00
ee521b6137
Restructure the configuration representation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:06 +02:00
92065ed28d
Fix pylint issues
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:06 +02:00
62a9bd0f5d
Update and add documentation
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:06 +02:00
3678deed9d
Add crypto config support for config.py
...
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com >
2024-07-25 11:00:00 +02:00
9da1769237
Remove MBEDTLS_ECP_ALT and associated options
...
Also removed are all options of the form
MBEDTLS_ECP_XXX_ALT as well as
MBEDTLS_ECP_NO_FALLBACK.
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com >
2024-07-05 14:35:10 +01:00
9ba9c21c61
Recognize that a double-inclusion guard is not a config setting
...
Fix PSA_CRYPTO_CONFIG_H being treated as a configuration setting in
include/psa/crypto_config.h.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com >
2024-06-20 17:10:24 +02:00
6f8c95ba1d
Preserve alphabetical sorting of config options
...
In the list that is excluded from the full config.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-14 14:52:45 +00:00
5a71e76e65
Remove MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS from full
...
This option removes a feature (buffer protection) so should not be
in the full config.
Signed-off-by: David Horstmann <david.horstmann@arm.com >
2024-03-14 14:47:48 +00:00
f37c70746b
Add MBEDTLS_SSL_RECORD_SIZE_LIMIT to full config
...
Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com >
2024-01-10 16:17:28 +00:00
42be1bab30
block_cipher_no_decrypt: improve comment
...
Signed-off-by: Yanray Wang <yanray.wang@arm.com >
2023-11-23 14:34:41 +08:00
690ee81533
Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only
2023-11-23 10:31:26 +08:00
e03270f2e0
Merge pull request #8391 from paul-elliott-arm/full_no_platform
...
Add full_no_platform config preset
2023-11-06 11:35:28 +00:00