Test that `scripts/data_files/config-options-current.txt` is up-to-date.
This file needs to change every time we add or remove a config option.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This script may be generalized to check other files that need lists of
current options. But for now, the script just checks
`scripts/data_files/config-options-current.txt`.
This script is identical to the file in crypto. If the file grows to support
multiple targets, we'll probably want to split it, with a generic part in
the framework and a project-specific part (probably little more than the
list of targets) in each project. But for now the file is too simple to split.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
secp192 curves are no more supported in tf-psa-crypto and also all the
temporary fixes has been removed. This one can be removed as well.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We're going to remove ecdh.c soon, so use another way of testing whether
builtin ECDH is included in the build.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This replacement is either:
- "server5-rsa-signed.crt": if a generic secp256r1 EC key is enough, i.e.
any EC key is fine as it's not secp192 since this support is being
removed from TF-PSA-Crypto.
- "server11-rsa-signed.crt": if an EC key which does not belong to "suite-b"
is required. For this case "secp256r1" wouldn't be good, so we use
a "secp256k1" key.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
After some analysis search it was determined that previous test data seem
not to belong to the "framework/data_files" certificate files. Therefore
new test data has been generated from scratch.
The improvement compared to the previous situation is that comments has
been added on top of each test in order to explain how to recreate new test
data.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is required in util.h in PSASIM as it uses fprintf. Previously
stdio was inadvertantly included via psa/crypto_struct.h (of all
places).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Indicate which config file has the most relevant tweak.
Duplicate a few test cases so that both the crypto config and the mbedtls
config are tested.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Read the list of historical config options in 3.6, compare that to 1.0/4.0
and emit the appropriate checkers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The support for TLS ciphersuites without
encryption does not rely anymore on the
MBEDTLS_CIPHER_NULL_CIPHER feature of
the cipher module. Introduce a specific
config option to enable these ciphersuites
and use it instead of MBEDTLS_CIPHER_NULL_CIPHER.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
