We also add a check in "all.sh" components:
- component_test_tfm_config_p256m_driver_accel_ec
- component_test_tfm_config
to ensure that CIPHER_C was not re-enabled accidentally.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move all changes local to Mbed TLS into config-tfm.h (except for commenting
out a couple of #include's).
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
config-tfm.h is copied into mbedtls_config.h in test-ref-config.pl.
The relative path is include/ not configs/.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This is what TF-M intended and they have done so since we copied the file.
It's either disable these options, or enable MBEDTLS_OID_C.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When testing the lifecycle of a transient key, it doesn't make much sense to
try psa_open_key: that expects a persistent key and the lookup takes a
different path. The error from psa_open_key is also different depending on
whether MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled.
To check that the key ownership is taken into account, try to access the
same key id with a different owner without expecting that this is a
persistent key. Just call psa_get_key_attributes, which works fine for a
transient key.
This fixes a test failure when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is
enabled and MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
