Switching to CMake build caused some failures due to the fact that:
- binary objects in tf-psa-crypto are not in the same location as before;
- header files from "<mbedtls-root>/include" are no more included when
building tf-psa-crypto ojects.
This commit fixes both problems.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This is similar to the already existing "component_full_no_pkparse_pkwrite".
The biggest difference is that this new component starts from "full" config
instead of "crypto_full" because we want to test also some TLS modules,
in particular "test_suite_debug" where the new function
"mbedtls_pk_write_pubkey_psa" has been introduced.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
secp192 curves are no more supported in tf-psa-crypto and also all the
temporary fixes has been removed. This one can be removed as well.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
We're going to remove ecdh.c soon, so use another way of testing whether
builtin ECDH is included in the build.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This is temporary but still required in order to have this commit merged
before the crypto#570, where these curves are really removed.
These lines will be removed in a follow-up PR once crypto#570 is merged.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Adapt configurations to stricter compile-time checks
for entropy enablement and MBEDTLS_ENTROPY_NV_SEED
option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove unnecessary passing of the crypto config filename either with the
'-f' or '-c' switch, throughout all of the all.sh component files.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Ensure that when we switch from SHA-512 to SHA-256
as the default CTR_DRBG hash, we still properly
test CTR_DRBG with SHA-512.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove all references to MBEDTLS_ECDSA_DETERMINISTIC from
components-configuration-crypto.sh. Replace them with
PSA_WANT_ALG_DETERMINISTIC_ECDSA.
This is safe because:
* MBEDTLS_ECDSA_DETERMINISTIC is only ever unset in components in order
to avoid errors from disabling its dependency MBEDTLS_HMAC_DRBG_C.
* MBEDTLS_ECDSA_DETERMINISTIC is only ever defined in
config_adjust_legacy_from_psa.h, and only if
PSA_WANT_ALG_DETERMINISTIC_ECDSA is defined.
Therefore PSA_WANT_ALG_DETERMINISTIC_ECDSA's dependencies are a superset
of MBEDTLS_ECDSA_DETERMINISTIC's dependencies and must include
MBEDTLS_HMAC_DRBG_C, so disabling PSA_WANT_ALG_DETERMINISTIC_ECDSA is a
sufficient substitute for disabling MBEDTLS_ECDSA_DETERMINISTIC.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This will be needed when we change how many times some functions are
callled in ecp.c, making them more susceptible to inlining.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Enable p192[k|r]1 curves which are disabled by default in tf-psa-crypto.
This is required to get the proper test coverage otherwise there are
tests in 'test_suite_psa_crypto_op_fail' that would never be executed.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Some EC/DH group might be disabled in default configuration in
"crypto_config.h" so before running "helper_get_psa_key_type_list" and/or
"helper_get_psa_curve_list" it's better to set/unset what's required
for that test component and only then parse the enabled groups.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
