Merge pull request #8049 from daverodgman/bignum_codesize_misc
Bignum codesize misc
diff --git a/docs/proposed/psa-driver-developer-guide.md b/docs/proposed/psa-driver-developer-guide.md
index d004483..6b207c8 100644
--- a/docs/proposed/psa-driver-developer-guide.md
+++ b/docs/proposed/psa-driver-developer-guide.md
@@ -2,6 +2,7 @@
============================================
**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.**
+For a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html).
This document describes how to write drivers of cryptoprocessors such as accelerators and secure elements for the PSA cryptography subsystem of Mbed TLS.
diff --git a/docs/proposed/psa-driver-integration-guide.md b/docs/proposed/psa-driver-integration-guide.md
index 3d12ec6..8b3b404 100644
--- a/docs/proposed/psa-driver-integration-guide.md
+++ b/docs/proposed/psa-driver-integration-guide.md
@@ -2,6 +2,7 @@
==================================================
**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.**
+For a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html).
This document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow the PSA cryptoprocessor driver interface.
diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md
index 41f90c9..1aa55b3 100644
--- a/docs/proposed/psa-driver-interface.md
+++ b/docs/proposed/psa-driver-interface.md
@@ -5,6 +5,8 @@
This specification is work in progress and should be considered to be in a beta stage. There is ongoing work to implement this interface in Mbed TLS, which is the reference implementation of the PSA Cryptography API. At this stage, Arm does not expect major changes, but minor changes are expected based on experience from the first implementation and on external feedback.
+For a practical guide, with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html).
+
## Introduction
### Purpose of the driver interface
diff --git a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md
index 6144aad..67157e5 100644
--- a/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md
+++ b/docs/proposed/psa-driver-wrappers-codegen-migration-guide.md
@@ -1,11 +1,11 @@
Migrating to an auto generated psa_crypto_driver_wrappers.c file
================================================================
-**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.**
-
This document describes how to migrate to the auto generated psa_crypto_driver_wrappers.c file.
It is meant to give the library user migration guidelines while the Mbed TLS project tides over multiple minor revs of version 1.0, after which this will be merged into psa-driver-interface.md.
+For a practical guide with a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html).
+
## Introduction
The design of the Driver Wrappers code generation is based on the design proposal https://github.com/Mbed-TLS/mbedtls/pull/5067
diff --git a/docs/psa-driver-example-and-guide.md b/docs/psa-driver-example-and-guide.md
index ff66124..ae3c04c 100644
--- a/docs/psa-driver-example-and-guide.md
+++ b/docs/psa-driver-example-and-guide.md
@@ -29,8 +29,8 @@
| Transparent Driver | Opaque Driver |
|---------------------|---------------------|
| `import_key` | `import_key` |
-| `export_key` | `export_key` |
| `export_public_key` | `export_public_key` |
+| | `export_key` |
| | `copy_key` |
| | `get_builtin_key` |
diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 7c15382..6a76e88 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1998,8 +1998,15 @@
* If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
* an alternative header to include instead of include/psa/crypto_config.h.
*
- * This feature is still experimental and is not ready for production since
- * it is not completed.
+ * \warning This option is experimental, in that the set of `PSA_WANT_XXX`
+ * symbols is not completely finalized yet, and the configuration
+ * tooling is not ideally adapted to having two separate configuration
+ * files.
+ * Future minor releases of Mbed TLS may make minor changes to those
+ * symbols, but we will endeavor to provide a transition path.
+ * Nonetheless, this option is considered mature enough to use in
+ * production, as long as you accept that you may need to make
+ * minor changes to psa/crypto_config.h when upgrading Mbed TLS.
*/
//#define MBEDTLS_PSA_CRYPTO_CONFIG
diff --git a/library/.gitignore b/library/.gitignore
index b4dc918..5a29a43 100644
--- a/library/.gitignore
+++ b/library/.gitignore
@@ -2,8 +2,9 @@
*.sln
*.vcxproj
-# Automatically generated files
+###START_GENERATED_FILES###
/error.c
/version_features.c
/ssl_debug_helpers_generated.c
/psa_crypto_driver_wrappers.c
+###END_GENERATED_FILES###
diff --git a/programs/.gitignore b/programs/.gitignore
index d11db9e..a641c31 100644
--- a/programs/.gitignore
+++ b/programs/.gitignore
@@ -5,10 +5,6 @@
*.sln
*.vcxproj
-# Generated source files
-/psa/psa_constant_names_generated.c
-/test/query_config.c
-
aes/crypt_and_hash
cipher/cipher_aead_demo
hash/generic_sum
@@ -75,5 +71,11 @@
x509/load_roots
x509/req_app
+###START_GENERATED_FILES###
+# Generated source files
+/psa/psa_constant_names_generated.c
+/test/query_config.c
+
# Generated data files
pkey/keyfile.key
+###END_GENERATED_FILES###
diff --git a/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json b/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json
index 9eb259f..b9b2d68 100644
--- a/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json
+++ b/scripts/data_files/driver_jsons/mbedtls_test_transparent_driver.json
@@ -7,7 +7,7 @@
{
"_comment": "The Mbed TLS transparent driver supports import key/export key",
"mbedtls/c_condition": "defined(PSA_CRYPTO_DRIVER_TEST)",
- "entry_points": ["import_key", "export_key"],
+ "entry_points": ["import_key"],
"fallback": true
},
{
diff --git a/scripts/gitignore_patch.sh b/scripts/gitignore_patch.sh
new file mode 100755
index 0000000..74ec66c
--- /dev/null
+++ b/scripts/gitignore_patch.sh
@@ -0,0 +1,71 @@
+#!/bin/bash
+#
+# Copyright The Mbed TLS Contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Purpose
+#
+# For adapting gitignore files for releases so generated files can be included.
+#
+# Usage: gitignore_add_generated_files.sh [ -h | --help ] etc
+#
+
+set -eu
+
+print_usage()
+{
+ echo "Usage: $0"
+ echo -e " -h|--help\t\tPrint this help."
+ echo -e " -i|--ignore\t\tAdd generated files to the gitignores."
+ echo -e " -u|--unignore\t\tRemove generated files from the gitignores."
+}
+
+if [[ $# -eq 0 ]]; then
+ print_usage
+ exit 1
+elif [[ $# -ge 2 ]]; then
+ echo "Too many arguments!"
+ exit 1
+fi
+
+case "$1" in
+ -i | --ignore)
+ IGNORE=true
+ ;;
+ -u | --uignore)
+ IGNORE=false
+ ;;
+ -h | --help | "")
+ print_usage
+ exit 1
+ ;;
+ *)
+ echo "Unknown argument: $1"
+ echo "run '$0 --help' for options"
+ exit 1
+esac
+
+GITIGNORES=$(find . -name ".gitignore")
+for GITIGNORE in $GITIGNORES; do
+ if $IGNORE; then
+ sed -i '/###START_COMMENTED_GENERATED_FILES###/,/###END_COMMENTED_GENERATED_FILES###/s/^# //' $GITIGNORE
+ sed -i 's/###START_COMMENTED_GENERATED_FILES###/###START_GENERATED_FILES###/' $GITIGNORE
+ sed -i 's/###END_COMMENTED_GENERATED_FILES###/###END_GENERATED_FILES###/' $GITIGNORE
+ else
+ sed -i '/###START_GENERATED_FILES###/,/###END_GENERATED_FILES###/s/^/# /' $GITIGNORE
+ sed -i 's/###START_GENERATED_FILES###/###START_COMMENTED_GENERATED_FILES###/' $GITIGNORE
+ sed -i 's/###END_GENERATED_FILES###/###END_COMMENTED_GENERATED_FILES###/' $GITIGNORE
+ fi
+done
diff --git a/tests/.gitignore b/tests/.gitignore
index 6db65d1..973ebb5 100644
--- a/tests/.gitignore
+++ b/tests/.gitignore
@@ -1,11 +1,6 @@
*.sln
*.vcxproj
-# Generated source files
-/suites/*.generated.data
-/suites/test_suite_psa_crypto_storage_format.v[0-9]*.data
-/suites/test_suite_psa_crypto_storage_format.current.data
-
*.log
/test_suite*
data_files/mpi_write
@@ -20,3 +15,10 @@
src/libmbed*
libtestdriver1/*
+
+###START_GENERATED_FILES###
+# Generated source files
+/suites/*.generated.data
+/suites/test_suite_psa_crypto_storage_format.v[0-9]*.data
+/suites/test_suite_psa_crypto_storage_format.current.data
+###END_GENERATED_FILES###
diff --git a/visualc/VS2013/.gitignore b/visualc/VS2013/.gitignore
index d3da304..a9ded4a 100644
--- a/visualc/VS2013/.gitignore
+++ b/visualc/VS2013/.gitignore
@@ -1,7 +1,3 @@
-# Files automatically generated by generate_visualc_files.pl
-/mbedTLS.sln
-/*.vcxproj
-
# Files that may be left over from check-generated-files.sh
/*.bak
@@ -12,3 +8,9 @@
/Release/
/*.vcxproj.filters
/*.vcxproj.user
+
+###START_GENERATED_FILES###
+# Files automatically generated by generate_visualc_files.pl
+/mbedTLS.sln
+/*.vcxproj
+###END_GENERATED_FILES###