From 7132dd97965299b319f32bc043f6c7385057bb77 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Tue, 29 Jan 2019 14:23:52 +0200 Subject: [PATCH 1/2] Prepare support for 64 bit key ids in a PSA system. Preparation for type separation between SPE and NSPE. --- library/psa_crypto_storage.c | 14 ++++++++++++++ library/psa_crypto_storage_its.c | 14 ++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index b4e4076e1..296ed34ae 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,6 +29,20 @@ #include #include +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#endif #include "psa/crypto.h" #include "psa_crypto_storage.h" diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index bb0d0cdf1..4f6701626 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -26,6 +26,20 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. + * Some headers will be affected by this flag. + */ +#define PSA_CRYPTO_SECURE 1 +#endif #include "psa/error.h" #include "psa/crypto.h" From 7723ab1739cfd85d69fa1d5b2bfd302f6d2ad280 Mon Sep 17 00:00:00 2001 From: itayzafrir Date: Thu, 14 Feb 2019 10:28:02 +0200 Subject: [PATCH 2/2] Add common header for crypto service integration --- library/psa_crypto.c | 16 +--------- library/psa_crypto_service_integration.h | 40 ++++++++++++++++++++++++ library/psa_crypto_slot_management.c | 16 +--------- library/psa_crypto_storage.c | 15 +-------- library/psa_crypto_storage_its.c | 15 +-------- visualc/VS2010/mbedTLS.vcxproj | 1 + 6 files changed, 45 insertions(+), 58 deletions(-) create mode 100644 library/psa_crypto_service_integration.h diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 84c0e88d8..8c7dc1e2b 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h new file mode 100644 index 000000000..938bfe1de --- /dev/null +++ b/library/psa_crypto_service_integration.h @@ -0,0 +1,40 @@ +/* Copyright (C) 2019, ARM Limited, All Rights Reserved + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * This file is part of mbed TLS (https://tls.mbed.org) + */ + +#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H +#define PSA_CRYPTO_SERVICE_INTEGRATION_H + +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +/* + * PSA_CRYPTO_SECURE means that the file which included this file is being + * compiled for SPE. The files crypto_structs.h and crypto_types.h have + * different implementations for NSPE and SPE and are compiled according to this + * flag. + */ +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif // MBEDTLS_PSA_CRYPTO_SPM + +#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dad23c490..222d7fb9c 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -26,22 +26,8 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 296ed34ae..ccdddce2f 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,21 +29,8 @@ #include #include -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#endif +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" #include "psa_crypto_storage_backend.h" diff --git a/library/psa_crypto_storage_its.c b/library/psa_crypto_storage_its.c index 4f6701626..d939f0dc1 100644 --- a/library/psa_crypto_storage_its.c +++ b/library/psa_crypto_storage_its.c @@ -26,22 +26,9 @@ #endif #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C) -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that this file is compiled for the SPE. - * Some headers will be affected by this flag. - */ -#define PSA_CRYPTO_SECURE 1 -#endif #include "psa/error.h" +#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage_backend.h" #include "psa/internal_trusted_storage.h" diff --git a/visualc/VS2010/mbedTLS.vcxproj b/visualc/VS2010/mbedTLS.vcxproj index 23d5c2c72..bb92d8f8c 100644 --- a/visualc/VS2010/mbedTLS.vcxproj +++ b/visualc/VS2010/mbedTLS.vcxproj @@ -238,6 +238,7 @@ +