Commit graph

28845 commits

Author SHA1 Message Date
Ryan Everett
eb27dc0f3a Update psa_load_X_key_into_slot
These functions (on success) take a slot from PSA_SLOT_FILLING to PSA_SLOT_FULL.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
c70ce576bd Update psa_destroy_key, psa_purge_key and psa_close_key
This does not yet implement destruction while a key is in use for psa_destroy_key;
that will be implemented in a separate pr.
(I am not sure if I am allowed to change the documentation in the include files.)

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
098c6659ad Update psa_get_and_lock_key_slot_X functions
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
b69118ebd0 Update key creation functions to use the new key slot states
Update psa_start_key_creation,
psa_finish_key_creation and psa_fail_key_creation.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
2afb516011 Update and rename psa_get_empty_key_slot
Rename to psa_reserve_free_key_slot, as this function reserves a slot which is
free (not always empty) for filling.
Implement necessary state transitions and state checks.
Rename unlocked_persistent_key_slot to unused_persistent_key_slot.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
4a78277cb2 Implement psa_key_slot_state_transition
This inline function is used in every case we want to change the state of a slot,
except for where we do not care about what the state of the slot was before.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
39cc9d755e Implement psa_register_read and psa_unregister_read
Replaces psa_lock_key_slot and psa_unlock_key_slot.
Future commits will remove the calls to locking/unlocking functions,
and add calls to registering/unregistering functions.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
62aa79ac5c Implement psa_key_slot_has_readers and remove psa_is_key_slot_occupied
Remove psa_is_key_slot_occupied, any function which calls this can just check
the state variable instead.
Replace psa_is_key_slot_locked with psa_key_slot_has_readers.
References to the now removed functions are changed in future commits.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
aa33c512cc Update psa_wipe_key_slot
Change psa_wipe_key_slot to use the new state system.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Ryan Everett
d7dc7ff91c Update psa_key_slot_t
Remove the `status` field and replace with the `state` field.
Remove the `lock_count` field and replace with the `registered_readers` field.
Add documentation which describes how and why these fields are to be used.

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
2024-01-04 16:57:48 +00:00
Dave Rodgman
a021d63bf7
Merge pull request #8642 from daverodgman/default-compiler-all
CI perf: Use clang by default in all.sh
2024-01-04 12:58:54 +00:00
Manuel Pégourié-Gonnard
5bad043c06
Merge pull request #8641 from valeriosetti/issue8358
G3-G4 wrap-up
2024-01-04 10:48:00 +00:00
Manuel Pégourié-Gonnard
66b1ded73a
Merge pull request #8623 from daverodgman/verbatim-tfm
Use TF-M config verbatim
2024-01-04 08:08:06 +00:00
Paul Elliott
3ca93e5d25
Merge pull request #8667 from gilles-peskine-arm/pthread-link-auto-make-followup
Minor cleanups to common.make
2024-01-03 18:51:48 +00:00
Valerio Setti
7406b74fce driver-only-builds: fix typo
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2024-01-03 14:47:36 +01:00
Dave Rodgman
62a2e3c8db
Merge pull request #8512 from mschulz-at-hilscher/feature/timing-alt-compatible-benchmark
Alternative Timing compatible benchmark.c
2024-01-03 11:46:58 +00:00
Dave Rodgman
7565b54545 Move MBEDTLS_CIPHER modification to appropriate section
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
13d2633126 Fix MBEDTLS_NO_PLATFORM_ENTROPY for baremetal aarch64 with armclang
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
1c91057fab Update check_files.py to accomodate non-standard license headers in TF-M config files
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
b925d141de minor tidy-up
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
fc566605b6 Mention copyright in the readme
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
27a3785d98 Use verbatim TF-M configs from upstream
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Dave Rodgman
bff2a58b6e Add supporting files to enable use of verbatim TF-M config
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-03 11:10:18 +00:00
Gilles Peskine
0ae58dd985 Unify MBEDTLS_TEST_OBJS
`$(MBEDTLS_TEST_OBJS)` included TLS-specific test support modules in
`tests/Makefile` but not in `programs/Makefile`. This difference is not
actually necessary. What is necessary is that all programs that use
functions from TLS-specific test support modules are linked with those
modules in addition to `-lmbedtls`, and programs that are not linked with
`-lmbedtls` are not linked with TLS-specific test support modules. Since we
always pass `-lmbedtls` when linking programs in `programs/Makefile`, we can
link with the TLS-specific test support modules as well. This keeps things
simpler.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 23:11:24 +01:00
Gilles Peskine
cd06a813c6 Fix name in documentation
fixup "Correct name and documentation of preprocessor symbol check function"

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 18:14:40 +01:00
Gilles Peskine
8939148339 Minor readability improvement
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 18:14:00 +01:00
Gilles Peskine
570e54822c Finish unifying LOCAL_CFLAGS
fixup "Create common.make with LOCAL_CFLAGS and friends"

The code wasn't what I had intended, although it was functionally
equivalent. Make it more readable and more robust.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-01-02 18:11:10 +01:00
Dave Rodgman
593e9cb600
Merge pull request #8511 from mschulz-at-hilscher/feature/rsa3072-benchmark
Add benchmark for RSA 3072
2024-01-02 16:35:14 +00:00
Dave Rodgman
1cc90a1003
Merge pull request #8517 from mschulz-at-hilscher/fixes/issue-6910
Fixes redundant declarations for psa_set_key_domain_parameters
2024-01-02 16:34:40 +00:00
Dave Rodgman
84125a167e Merge remote-tracking branch 'origin/development' into default-compiler-all
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
2024-01-02 11:42:38 +00:00
Gilles Peskine
ea982e39a1
Merge pull request #8637 from bensze01/fix_supported_components
all.sh: Parse arguments before checking if a test is supported
2024-01-02 09:41:02 +00:00
Valerio Setti
84d19e0836 all.sh: keep DES_C and CTR_DRBG_C enabled in test_full_no_cipher_with_crypto()
These were probably leftovers from the development phase of the
associated PR that were not removed in the end.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:42:21 +01:00
Valerio Setti
e581e140cc oid/pkparse: add missing guards for PKCS[5/12] functions when !CIPHER_C
This commit also updates test_suite_pkparse.data file adding
MBEDTLS_CIPHER_C dependencies whenever PKCS[5/12] is used.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:35:58 +01:00
Valerio Setti
562dfe1067 all.sh: keep PKCS[5/12] enabled in full_no_cipher test components
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 16:34:19 +01:00
Valerio Setti
81338483e6 changelog: enhance description
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 15:46:17 +01:00
Valerio Setti
045d680054 driver-only-builds: enhancing cipher related sections
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 15:42:22 +01:00
Valerio Setti
f333b3fbde driver-only-builds: fix typos
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-29 15:08:39 +01:00
Valerio Setti
92e5c693ba driver-only-builds: updated ciphers and AEADs related sections
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 13:28:03 +01:00
Valerio Setti
b3413bf0b4 changelog: update description
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 12:15:45 +01:00
Valerio Setti
b9f4bfc33b all.sh: fix messages in test_psa_crypto_config_accel_des
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 11:07:48 +01:00
Valerio Setti
e98ad5931a mbedls_config: update documentation for MBEDTLS_PKCS[5/12]_C
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2023-12-28 10:42:12 +01:00
Manuel Pégourié-Gonnard
d2d2cd1a16
Merge pull request #8653 from gilles-peskine-arm/pthread-link-auto-make
Autodetect whether linking with pthread is needed
2023-12-27 08:59:53 +00:00
Gilles Peskine
f3316f132b Correct name and documentation of preprocessor symbol check function
It's not remove_unset_options, it's remove_enabled_options (or
keep_disabled_options).

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 18:30:37 +01:00
Gilles Peskine
7602298a16 Allow *.make to contain tabs
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 15:28:07 +01:00
Gilles Peskine
2337a3b886 Explain the use of control
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 14:16:21 +01:00
Gilles Peskine
259df98972 Revert "Add option to pass make variables to depends.py"
This reverts commit be978a8c4f.

The feature is no longer needed, and the script is broken if you don't pass
--make-vars.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 13:17:33 +01:00
Gilles Peskine
811daaa48c Revert "Add ability to pass make variables to psa_collect_statuses.py"
This reverts commit 6587959a32.

The feature is no longer needed, and the script is broken if you don't pass
--make-vars.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 13:16:59 +01:00
Gilles Peskine
21570cf232 Auto-detect the need to link with pthread on Unix-like platforms
When building with Make on a Unix-like platform (shell and compiler),
auto-detect configurations that may require linking with pthread.

This removes the need for MAKE_THREADING_FLAGS in all.sh.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:53:42 +01:00
Gilles Peskine
4392fc101f Unify some common rules of programs/Makefile and tests/Makefile
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:49:35 +01:00
Gilles Peskine
076fd25480 Unify common variables of programs/Makefile and tests/Makefile
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-12-22 11:48:56 +01:00