1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-26 00:37:41 +03:00
Commit Graph

183 Commits

Author SHA1 Message Date
Gilles Peskine
bc7c523420 Remove uses of secp244k1
Remove all code guarded by `PSA_WANT_ECC_SECP_K1_224`, which is not and will
not be implemented. (It would be K1_225 anyway, but we don't intend to
implement it anyway.)

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-01-08 16:51:23 +01:00
Ronald Cron
2ce86b0a1b Merge pull request #9792 from gabor-mezei-arm/9157_minimal_tf_psa_crypto_config.py
Minimal `config.py` for TF-PSA-Crypto
2024-12-09 11:47:12 +00:00
Gabor Mezei
5034a1f597 Fix PSA macro identification regexp
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-12-05 19:06:19 +01:00
Ronald Cron
ce3c2dd30c Merge pull request #9806 from ronald-cron-arm/finalize-split-preparation-1
Finalize split preparation-1
2024-12-05 13:23:09 +00:00
Ronald Cron
6924564970 Move back timing.c to mbedtls
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2024-12-04 14:25:02 +01:00
Minos Galanakis
a4a37372a0 config.py: Do not set default entry for tf-psa-crypto config.
Both type of config entries, boolean and value containing
reside in tf-psa-crypto confing files.

A default value will now be set only for PSA_WANT_X symbols.

Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2024-12-04 10:41:11 +00:00
Ronald Cron
5f6e69dae5 Merge pull request #9693 from Harry-Ramsey/split-revert-error-development
Split error.h and move back error.c to mbedtls
2024-10-25 13:12:58 +00:00
Valerio Setti
678e0fb3e5 psa: allow to use static key buffers instead of dynamic ones
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.

A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-10-22 17:56:36 +02:00
Harry Ramsey
08007ed23d Update guards for crypto only builds
This commit updates the guards for crypto only builds to prevent error.c
being built.

Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2024-10-22 16:35:31 +01:00
Harry Ramsey
c19f8aea8a Update config.py crypto for version files
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
2024-10-04 13:37:42 +01:00
Manuel Pégourié-Gonnard
560265154c Merge pull request #9604 from gilles-peskine-arm/config-full-booleans-only
config.py: don't rely on section names
2024-09-26 10:03:19 +00:00
Tom Cosgrove
475ed86c7a Merge pull request #9600 from gilles-peskine-arm/use_psa_crypto-key_id_encodes_owner-compatible-config-dev
Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
2024-09-24 10:44:56 +00:00
Gilles Peskine
00b9144608 Don't pass the section name to adapters
We have finished removing the reliance of named configuration on section
names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-09-23 15:56:26 +02:00
Gilles Peskine
36571d6d8a Change "realfull" to activate everything
Change "realfull" to activate everything. After investigation, it seems that
having "realfull" not activate everything was a historical oddity due to
proximity with "full", not a goal in itself.

https://github.com/Mbed-TLS/mbedtls/issues/520#issuecomment-727190862
https://github.com/Mbed-TLS/mbedtls/pull/965/files#r523409092

This changes the output of `scripts/config.py realfull`: now all non-boolean
options are uncommented.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-09-23 15:44:46 +02:00
Gilles Peskine
e4c6955e43 Change "full" to affect boolean settings rather than use sections
To get rid on the reliance on sections, change "full" and friends to enable
settings based on whether the setting is boolean, rather than based on the
section it contains.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-09-23 15:44:46 +02:00
Gilles Peskine
702d75a2f9 Pass the setting's value to adapters
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-09-23 15:44:33 +02:00
Gilles Peskine
a22b95a91c Fix obsolete comment about MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER has been compatible with
MBEDTLS_USE_PSA_CRYPTO since https://github.com/Mbed-TLS/mbedtls/pull/5380.
We still don't want to enable it in the full config because it's a behavior
change, even an interface change.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-09-19 13:43:57 +02:00
Gabor Mezei
cd326bfc49 Apply the parameter change
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:15 +02:00
Gabor Mezei
317a2a3fed Fix documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
568808a41a Update member variable names
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
f5f130879c Fix documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
0e9e4cbbd8 Move commonly used part to config_common
Move the Setting, Config, ConfigFile and ConfigTool classes to config_common.
Also update the referencies to the moved classes.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
a12ed6bcb7 Unify spacing
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
24d7cc71af Create a class for command line config manipulation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
776ee9068d Fix header file detection
Make the include directory check relative to the source file in case not called
from the project root.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
d53080da2a Make the Config a proper base class
Due to the forward declaration issues, move the common descendant functions
and configfile handling to the `Config` base class.

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:14 +02:00
Gabor Mezei
daf807f02d Fix pylint issues
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:13 +02:00
Gabor Mezei
c659c1b164 Move config file modification flag handling to the Config class
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:13 +02:00
Gabor Mezei
9f2b817fa7 Update documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-09-19 10:47:08 +02:00
Gabor Mezei
91f1746f35 Remove sanity check for None value
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:20 +02:00
Gabor Mezei
4706fe7f03 Update documentation and comments
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:08 +02:00
Gabor Mezei
3de658664b Adjust temporarily the crypto config file location
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:08 +02:00
Gabor Mezei
33dd293723 Give better name for class
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:08 +02:00
Gabor Mezei
c5ff33cedf Move config file modification checking to the Config superclass
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:08 +02:00
Gabor Mezei
3e2a550f12 Pass ConfigFile object as parameter for MultiConfig constructor
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
8d72ac60b3 Fix error type
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
de6e192fd4 Add documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
f77722d67f Rename calss
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
9b0f9e77a0 Simplify set creation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
e7742b360d Unify the _format_parameter function among the ConfigFile subclasses
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
93a6d1f6ec Make the name parameter mandatory for the constructor of ConfigFile
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
8a64d8e346 Only write config files if it is modified
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:07 +02:00
Gabor Mezei
542fd38437 Update unsupported and deprecated psa fearues handling
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:06 +02:00
Gabor Mezei
d723b51bef Fix for crypto config default value
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:06 +02:00
Gabor Mezei
ee521b6137 Restructure the configuration representation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:06 +02:00
Gabor Mezei
92065ed28d Fix pylint issues
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:06 +02:00
Gabor Mezei
62a9bd0f5d Update and add documentation
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:06 +02:00
Gabor Mezei
3678deed9d Add crypto config support for config.py
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
2024-07-25 11:00:00 +02:00
Thomas Daubney
9da1769237 Remove MBEDTLS_ECP_ALT and associated options
Also removed are all options of the form
MBEDTLS_ECP_XXX_ALT as well as
MBEDTLS_ECP_NO_FALLBACK.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2024-07-05 14:35:10 +01:00
Gilles Peskine
9ba9c21c61 Recognize that a double-inclusion guard is not a config setting
Fix PSA_CRYPTO_CONFIG_H being treated as a configuration setting in
include/psa/crypto_config.h.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-06-20 17:10:24 +02:00