From b4fa8c9c6d97a65ebf5c18513b2aed53ad8f6b61 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 11 Jul 2018 15:57:44 +0100 Subject: [PATCH 1/2] psa: Fix Doxygen comment on psa_get_key_from_slot We failed all.sh on the "test: doxygen markup outside doxygen blocks" due to doxygen markup being outside a Doxygen block. Add an extra `*` to the psa_get_key_from_slot comment to denote the comment as a Doxygen comment. --- library/psa_crypto.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index cc996a01c..aee00787b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -371,9 +371,9 @@ static psa_status_t psa_get_empty_key_slot( psa_key_slot_t key, return( status ); } -/* Retrieve a slot which must contain a key. The key must have allow all - * the usage flags set in \p usage. If \p alg is nonzero, the key must - * allow operations with this algorithm. */ +/** Retrieve a slot which must contain a key. The key must have allow all the + * usage flags set in \p usage. If \p alg is nonzero, the key must allow + * operations with this algorithm. */ static psa_status_t psa_get_key_from_slot( psa_key_slot_t key, key_slot_t **p_slot, psa_key_usage_t usage, From 67a9351bc5813346f047a3fbc8384afa0a2c19b2 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Wed, 11 Jul 2018 16:07:40 +0100 Subject: [PATCH 2/2] psa: config: Add MBEDTLS_PSA_CRYPTO_SPM We failed check-names.sh due to using a define which wasn't described or defined anywhere. Even though we won't realistically enable MBEDTLS_PSA_CRYPTO_SPM via the configuration system (and will do it from PSA Crypto SPM tooling instead), add a description of the configuration to config.h as good practice. Exclude MBEDTLS_PSA_CRYPTO_SPM from the "full" configuration as well. --- configs/config-psa-crypto.h | 14 ++++++++++++++ include/mbedtls/check_config.h | 4 ++++ include/mbedtls/config.h | 14 ++++++++++++++ library/version_features.c | 3 +++ scripts/config.pl | 1 + 5 files changed, 36 insertions(+) diff --git a/configs/config-psa-crypto.h b/configs/config-psa-crypto.h index 184e1ab64..870e335d1 100644 --- a/configs/config-psa-crypto.h +++ b/configs/config-psa-crypto.h @@ -696,6 +696,20 @@ */ #define MBEDTLS_PKCS1_V21 +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 41c3f2458..620aff999 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -492,6 +492,10 @@ #error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" #endif +#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C) +#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ !defined(MBEDTLS_OID_C) ) #error "MBEDTLS_RSA_C defined, but not all prerequisites" diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index d3df9eeda..385381f7c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1126,6 +1126,20 @@ */ #define MBEDTLS_PKCS1_V21 +/** + * \def MBEDTLS_PSA_CRYPTO_SPM + * + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is built for SPM (Secure + * Partition Manager) integration which separates the code into two parts: a + * NSPE (Non-Secure Process Environment) and an SPE (Secure Process + * Environment). + * + * Module: library/psa_crypto.c + * Requires: MBEDTLS_PSA_CRYPTO_C + * + */ +//#define MBEDTLS_PSA_CRYPTO_SPM + /** * \def MBEDTLS_RSA_NO_CRT * diff --git a/library/version_features.c b/library/version_features.c index b77bf2658..9917ec03e 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -414,6 +414,9 @@ static const char *features[] = { #if defined(MBEDTLS_PKCS1_V21) "MBEDTLS_PKCS1_V21", #endif /* MBEDTLS_PKCS1_V21 */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) + "MBEDTLS_PSA_CRYPTO_SPM", +#endif /* MBEDTLS_PSA_CRYPTO_SPM */ #if defined(MBEDTLS_RSA_NO_CRT) "MBEDTLS_RSA_NO_CRT", #endif /* MBEDTLS_RSA_NO_CRT */ diff --git a/scripts/config.pl b/scripts/config.pl index 3d2884cc9..2e4ac3bb6 100755 --- a/scripts/config.pl +++ b/scripts/config.pl @@ -96,6 +96,7 @@ MBEDTLS_ZLIB_SUPPORT MBEDTLS_PKCS11_C MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_64BIT_MULTIPLICATION +MBEDTLS_PSA_CRYPTO_SPM _ALT\s*$ );