Merge remote-tracking branch 'origin/development' into adjust_tfm_configs
diff --git a/configs/config-tfm.h b/configs/config-tfm.h
new file mode 100644
index 0000000..b8233e9
--- /dev/null
+++ b/configs/config-tfm.h
@@ -0,0 +1,52 @@
+/**
+ * \file config-tfm.h
+ *
+ * \brief TF-M medium profile, adapted to work on other platforms.
+ */
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* TF-M medium profile: mbedtls legacy configuration */
+#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h"
+
+/* TF-M medium profile: PSA crypto configuration */
+#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h"
+
+/***********************************************************/
+/* Tweak the configuration to remove dependencies on TF-M. */
+/***********************************************************/
+
+/* MBEDTLS_PSA_CRYPTO_SPM needs third-party files, so disable it. */
+#undef MBEDTLS_PSA_CRYPTO_SPM
+
+/* TF-M provides its own dummy implementations to save code size.
+ * We don't have any way to disable the tests that need these feature,
+ * so we just keep AES decryption enabled. We will resolve this through
+ * an official way to disable AES decryption, then this deviation
+ * will no longer be needed:
+ * https://github.com/Mbed-TLS/mbedtls/issues/7368
+ */
+#undef MBEDTLS_AES_SETKEY_DEC_ALT
+#undef MBEDTLS_AES_DECRYPT_ALT
+
+/* Use built-in platform entropy functions (TF-M provides its own). */
+#undef MBEDTLS_NO_PLATFORM_ENTROPY
+
+/* Disable buffer-based memory allocator. This isn't strictly required,
+ * but using the native allocator is faster and works better with
+ * memory management analysis frameworks such as ASan. */
+#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C
diff --git a/configs/crypto_config_profile_medium.h b/configs/ext/crypto_config_profile_medium.h
similarity index 100%
rename from configs/crypto_config_profile_medium.h
rename to configs/ext/crypto_config_profile_medium.h
diff --git a/configs/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
similarity index 100%
rename from configs/tfm_mbedcrypto_config_profile_medium.h
rename to configs/ext/tfm_mbedcrypto_config_profile_medium.h
diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
index 08d82b1..951db31 100644
--- a/include/mbedtls/check_config.h
+++ b/include/mbedtls/check_config.h
@@ -193,6 +193,15 @@
#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
#endif
+#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO)
+#if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C)
+#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature"
+#endif
+#if defined(MBEDTLS_PK_CAN_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C)
+#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification"
+#endif
+#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */
+
#if defined(MBEDTLS_ECJPAKE_C) && \
( !defined(MBEDTLS_ECP_C) || \
!( defined(MBEDTLS_MD_C) || defined(MBEDTLS_PSA_CRYPTO_C) ) )
diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py
index ad9b325..abd13df 100755
--- a/scripts/code_size_compare.py
+++ b/scripts/code_size_compare.py
@@ -144,8 +144,8 @@
print("Unknown host architecture, cannot auto-detect arch.")
sys.exit(1)
-TFM_MEDIUM_CONFIG_H = 'configs/tfm_mbedcrypto_config_profile_medium.h'
-TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/crypto_config_profile_medium.h'
+TFM_MEDIUM_CONFIG_H = 'configs/ext/tfm_mbedcrypto_config_profile_medium.h'
+TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/ext/crypto_config_profile_medium.h'
CONFIG_H = 'include/mbedtls/mbedtls_config.h'
CRYPTO_CONFIG_H = 'include/psa/crypto_config.h'
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 086677a..9f92720 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -3118,49 +3118,29 @@
# - component_test_tfm_config()
common_tfm_config () {
# Enable TF-M config
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/config-tfm.h "$CONFIG_H"
+ echo "#undef MBEDTLS_PSA_CRYPTO_CONFIG_FILE" >> "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
- # Adjust for the fact that we're building outside the TF-M environment.
- #
- # TF-M has separation, our build doesn't
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_SPM
- scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
- # TF-M provdes its own (dummy) implemenation, from their tree
- scripts/config.py unset MBEDTLS_AES_DECRYPT_ALT
- scripts/config.py unset MBEDTLS_AES_SETKEY_DEC_ALT
- # We have an OS that provides entropy, use it
- scripts/config.py unset MBEDTLS_NO_PLATFORM_ENTROPY
-
- # Other config adjustments to make the tests pass.
- # Those should probably be adopted upstream.
+ # Other config adjustment to make the tests pass.
+ # This should probably be adopted upstream.
#
# - USE_PSA_CRYPTO for PK_HAVE_ECC_KEYS
echo "#define MBEDTLS_USE_PSA_CRYPTO" >> "$CONFIG_H"
- # pkparse.c and pkwrite.c fail to link without this
- echo "#define MBEDTLS_OID_C" >> "$CONFIG_H"
- # - ASN1_[PARSE/WRITE]_C found by check_config.h for pkparse/pkwrite
- echo "#define MBEDTLS_ASN1_PARSE_C" >> "$CONFIG_H"
- echo "#define MBEDTLS_ASN1_WRITE_C" >> "$CONFIG_H"
- # - MD_C for HKDF_C
- echo "#define MBEDTLS_MD_C" >> "$CONFIG_H"
- # Config adjustments for better test coverage in our environment.
- # These are not needed just to build and pass tests.
+ # Config adjustment for better test coverage in our environment.
+ # This is not needed just to build and pass tests.
#
# Enable filesystem I/O for the benefit of PK parse/write tests.
echo "#define MBEDTLS_FS_IO" >> "$CONFIG_H"
- # Disable this for maximal ASan efficiency
- scripts/config.py unset MBEDTLS_MEMORY_BUFFER_ALLOC_C
# Config adjustments for features that are not supported
# when using only drivers / by p256-m
#
- # Disable all the features that auto-enable ECP_LIGHT (see build_info.h)
+ # Disable all the features that auto-enable ECP_LIGHT (see config_adjust_legacy_crypto.h)
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_DERIVE
# Disable deterministic ECDSA as p256-m only does randomized
scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_DETERMINISTIC_ECDSA
-
}
# Keep this in sync with component_test_tfm_config() as they are both meant
@@ -3996,8 +3976,8 @@
component_build_tfm_armcc() {
# test the TF-M configuration can build cleanly with various warning flags enabled
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
msg "build: TF-M config, armclang armv7-m thumb2"
make clean
@@ -4005,9 +3985,13 @@
}
component_build_tfm() {
- # test the TF-M configuration can build cleanly with various warning flags enabled
- cp configs/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
- cp configs/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
+ # Check that the TF-M configuration can build cleanly with various
+ # warning flags enabled. We don't build or run tests, since the
+ # TF-M configuration needs a TF-M platform. A tweaked version of
+ # the configuration that works on mainstream platforms is in
+ # configs/config-tfm.h, tested via test-ref-configs.pl.
+ cp configs/ext/tfm_mbedcrypto_config_profile_medium.h "$CONFIG_H"
+ cp configs/ext/crypto_config_profile_medium.h "$CRYPTO_CONFIG_H"
msg "build: TF-M config, clang, armv7-m thumb2"
make lib CC="clang" CFLAGS="--target=arm-linux-gnueabihf -march=armv7-m -mthumb -Os -std=c99 -Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused -I../tests/include/spe"
diff --git a/tests/scripts/analyze_outcomes.py b/tests/scripts/analyze_outcomes.py
index 80b6459..a070b01 100755
--- a/tests/scripts/analyze_outcomes.py
+++ b/tests/scripts/analyze_outcomes.py
@@ -441,6 +441,7 @@
'component_driver': 'test_tfm_config_p256m_driver_accel_ec',
'ignored_suites': [
# Modules replaced by drivers
+ 'asn1parse', 'asn1write',
'ecp', 'ecdsa', 'ecdh', 'ecjpake',
'bignum_core', 'bignum_random', 'bignum_mod', 'bignum_mod_raw',
'bignum.generated', 'bignum.misc',
@@ -450,12 +451,6 @@
'test_suite_random': [
'PSA classic wrapper: ECDSA signature (SECP256R1)',
],
- 'test_suite_asn1parse': [
- 'INTEGER too large for mpi',
- ],
- 'test_suite_asn1write': [
- re.compile(r'ASN.1 Write mpi.*'),
- ],
}
}
}
diff --git a/tests/scripts/test-ref-configs.pl b/tests/scripts/test-ref-configs.pl
index 0702074..055023a 100755
--- a/tests/scripts/test-ref-configs.pl
+++ b/tests/scripts/test-ref-configs.pl
@@ -37,6 +37,9 @@
'config-symmetric-only.h' => {
'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
},
+ 'config-tfm.h' => {
+ 'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
+ },
'config-thread.h' => {
'opt' => '-f ECJPAKE.*nolog',
'test_again_with_use_psa' => 1,
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 881429c..fa0b03b 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -24,6 +24,17 @@
#define RSA_KEY_SIZE MBEDTLS_RSA_GEN_KEY_MIN_BITS
#define RSA_KEY_LEN (MBEDTLS_RSA_GEN_KEY_MIN_BITS/8)
+/* MBEDTLS_TEST_PK_PSA_SIGN is enabled when:
+ * - The build has PK_[PARSE/WRITE]_C for RSA or ECDSA signature.
+ * - The build has built-in ECC and ECDSA signature.
+ */
+#if (defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_PK_WRITE_C) && \
+ ((defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)) || \
+ defined(MBEDTLS_PK_CAN_ECDSA_SIGN))) || \
+ (defined(MBEDTLS_ECP_C) && defined(MBEDTLS_PK_CAN_ECDSA_SIGN))
+#define MBEDTLS_TEST_PK_PSA_SIGN
+#endif
+
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
static int pk_genkey_ec(mbedtls_pk_context *pk, mbedtls_ecp_group_id grp_id)
{
@@ -1274,7 +1285,7 @@
}
/* END_CASE */
-/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO */
+/* BEGIN_CASE depends_on:MBEDTLS_MD_CAN_SHA256:MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_TEST_PK_PSA_SIGN */
void pk_psa_sign(int parameter_arg,
int psa_type_arg, int expected_bits_arg)
{
diff --git a/tests/suites/test_suite_psa_crypto_slot_management.function b/tests/suites/test_suite_psa_crypto_slot_management.function
index 5bd12eb..b4f2d23 100644
--- a/tests/suites/test_suite_psa_crypto_slot_management.function
+++ b/tests/suites/test_suite_psa_crypto_slot_management.function
@@ -142,7 +142,6 @@
#if defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
{
- psa_key_handle_t handle;
mbedtls_svc_key_id_t key_with_invalid_owner =
mbedtls_svc_key_id_make(owner_id + 1,
MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key));
@@ -150,8 +149,8 @@
TEST_ASSERT(mbedtls_key_owner_id_equal(
owner_id,
MBEDTLS_SVC_KEY_ID_GET_OWNER_ID(key)));
- TEST_EQUAL(psa_open_key(key_with_invalid_owner, &handle),
- PSA_ERROR_DOES_NOT_EXIST);
+ TEST_EQUAL(psa_get_key_attributes(key_with_invalid_owner, &attributes),
+ PSA_ERROR_INVALID_HANDLE);
}
#endif