mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-02 16:13:27 +00:00
Merge pull request #9340 from ronald-cron-arm/move-mbedtls-crypto-modules
Move mbedtls crypto modules
This commit is contained in:
commit
1004c9cacb
3
3rdparty/Makefile.inc
vendored
3
3rdparty/Makefile.inc
vendored
@ -1,3 +0,0 @@
|
||||
THIRDPARTY_DIR := $(dir $(lastword $(MAKEFILE_LIST)))
|
||||
include $(THIRDPARTY_DIR)/everest/Makefile.inc
|
||||
include $(THIRDPARTY_DIR)/p256-m/Makefile.inc
|
@ -294,12 +294,10 @@ add_subdirectory(framework)
|
||||
|
||||
add_subdirectory(include)
|
||||
|
||||
add_subdirectory(3rdparty)
|
||||
add_subdirectory(tf-psa-crypto)
|
||||
|
||||
add_subdirectory(library)
|
||||
|
||||
add_subdirectory(tf-psa-crypto)
|
||||
|
||||
add_subdirectory(pkgconfig)
|
||||
|
||||
#
|
||||
@ -357,7 +355,9 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS)
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library)
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src)
|
||||
# Request C11, needed for memory poisoning tests
|
||||
set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11)
|
||||
|
||||
@ -370,7 +370,9 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS)
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include)
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/core
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/builtin/src
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/drivers/everest/include)
|
||||
|
||||
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
|
||||
if(MBEDTLS_CONFIG_FILE)
|
||||
|
19
Makefile
19
Makefile
@ -200,12 +200,18 @@ endif
|
||||
|
||||
## Editor navigation files
|
||||
C_SOURCE_FILES = $(wildcard \
|
||||
3rdparty/*/include/*/*.h 3rdparty/*/include/*/*/*.h 3rdparty/*/include/*/*/*/*.h \
|
||||
3rdparty/*/*.c 3rdparty/*/*/*.c 3rdparty/*/*/*/*.c 3rdparty/*/*/*/*/*.c \
|
||||
include/*/*.h \
|
||||
library/*.[hc] \
|
||||
tf-psa-crypto/core/*.[hc] \
|
||||
tf-psa-crypto/include/*/*.h \
|
||||
tf-psa-crypto/drivers/builtin/include/*/*.h \
|
||||
tf-psa-crypto/drivers/*/include/*/*.h \
|
||||
tf-psa-crypto/drivers/*/include/*/*/*.h \
|
||||
tf-psa-crypto/drivers/*/include/*/*/*/*.h \
|
||||
tf-psa-crypto/drivers/builtin/src/*.[hc] \
|
||||
tf-psa-crypto/drivers/*/*.c \
|
||||
tf-psa-crypto/drivers/*/*/*.c \
|
||||
tf-psa-crypto/drivers/*/*/*/*.c \
|
||||
tf-psa-crypto/drivers/*/*/*/*/*.c \
|
||||
programs/*/*.[hc] \
|
||||
tests/include/*/*.h tests/include/*/*/*.h \
|
||||
tests/src/*.c tests/src/*/*.c \
|
||||
@ -222,7 +228,8 @@ GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES)
|
||||
ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc
|
||||
cscope: cscope.in.out cscope.po.out cscope.out
|
||||
cscope.in.out cscope.po.out cscope.out: $(C_SOURCE_FILES)
|
||||
cscope -bq -u -Iinclude -Ilibrary -Itf-psa-crypto/include \
|
||||
-Itf-psa-crypto/drivers/builtin/include \
|
||||
$(patsubst %,-I%,$(wildcard 3rdparty/*/include)) -Itests/include $(C_SOURCE_FILES)
|
||||
cscope -bq -u -Iinclude -Ilibrary -Itf-psa-crypto/core \
|
||||
-Itf-psa-crypto/include \
|
||||
-Itf-psa-crypto/drivers/builtin/src \
|
||||
$(patsubst %,-I%,$(wildcard tf-psa-crypto/drivers/*/include)) -Itests/include $(C_SOURCE_FILES)
|
||||
.PHONY: cscope global
|
||||
|
@ -315,10 +315,10 @@ Unless specifically indicated otherwise in a file, Mbed TLS files are provided u
|
||||
|
||||
### Third-party code included in Mbed TLS
|
||||
|
||||
This project contains code from other projects. This code is located within the `3rdparty/` directory. The original license text is included within project subdirectories, where it differs from the normal Mbed TLS license, and/or in source files. The projects are listed below:
|
||||
This project contains code from other projects. This code is located within the `tf-psa-crypto/drivers/` directory. The original license text is included within project subdirectories, where it differs from the normal Mbed TLS license, and/or in source files. The projects are listed below:
|
||||
|
||||
* `3rdparty/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.
|
||||
* `3rdparty/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license with permission from the author.
|
||||
* `drivers/everest/`: Files stem from [Project Everest](https://project-everest.github.io/) and are distributed under the Apache 2.0 license.
|
||||
* `drivers/p256-m/p256-m/`: Files have been taken from the [p256-m](https://github.com/mpg/p256-m) repository. The code in the original repository is distributed under the Apache 2.0 license. It is distributed in Mbed TLS under a dual Apache-2.0 OR GPL-2.0-or-later license with permission from the author.
|
||||
|
||||
Contributing
|
||||
------------
|
||||
|
@ -138,7 +138,7 @@ This guide assumes you are building Mbed TLS from source alongside your project.
|
||||
|
||||
### Example: Manually integrating a software accelerator alongside Mbed TLS
|
||||
|
||||
[p256-m](https://github.com/mpg/p256-m) is a minimalistic implementation of ECDH and ECDSA on the NIST P-256 curve, specifically optimized for use in constrained 32-bit environments. It started out as an independent project and has been integrated in Mbed TLS as a PSA transparent driver. The source code of p256-m and the driver entry points is located in the Mbed TLS source tree under `3rdparty/p256-m`. In this section, we will look at how this integration was done.
|
||||
[p256-m](https://github.com/mpg/p256-m) is a minimalistic implementation of ECDH and ECDSA on the NIST P-256 curve, specifically optimized for use in constrained 32-bit environments. It started out as an independent project and has been integrated in Mbed TLS as a PSA transparent driver. The source code of p256-m and the driver entry points is located in the Mbed TLS source tree under `drivers/p256-m`. In this section, we will look at how this integration was done.
|
||||
|
||||
The Mbed TLS build system includes the instructions needed to build p256-m. To build with and use p256-m, set the macro `MBEDTLS_PSA_P256M_DRIVER_ENABLED` using `config.py`, then build as usual using make/cmake. From the root of the `mbedtls/` directory, run:
|
||||
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit 8853c8471200e62448413d1f40d6801a19796a83
|
||||
Subproject commit 9eeacb7125d6630a11e29d8a7aab5873b3638b6d
|
2
library/.gitignore
vendored
2
library/.gitignore
vendored
@ -6,6 +6,4 @@ libmbed*
|
||||
/error.c
|
||||
/version_features.c
|
||||
/ssl_debug_helpers_generated.c
|
||||
/psa_crypto_driver_wrappers.h
|
||||
/psa_crypto_driver_wrappers_no_static.c
|
||||
###END_GENERATED_FILES###
|
||||
|
@ -10,87 +10,90 @@ if(NOT DEFINED MBEDTLS_DIR)
|
||||
set(MBEDTLS_DIR ${CMAKE_SOURCE_DIR})
|
||||
endif()
|
||||
|
||||
set(TF_PSA_CRYPTO_CORE_DIR ../tf-psa-crypto/core)
|
||||
set(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR ../tf-psa-crypto/drivers/builtin/src)
|
||||
|
||||
set(src_crypto
|
||||
aes.c
|
||||
aesni.c
|
||||
aesce.c
|
||||
aria.c
|
||||
asn1parse.c
|
||||
asn1write.c
|
||||
base64.c
|
||||
bignum.c
|
||||
bignum_core.c
|
||||
bignum_mod.c
|
||||
bignum_mod_raw.c
|
||||
block_cipher.c
|
||||
camellia.c
|
||||
ccm.c
|
||||
chacha20.c
|
||||
chachapoly.c
|
||||
cipher.c
|
||||
cipher_wrap.c
|
||||
constant_time.c
|
||||
cmac.c
|
||||
ctr_drbg.c
|
||||
des.c
|
||||
dhm.c
|
||||
ecdh.c
|
||||
ecdsa.c
|
||||
ecjpake.c
|
||||
ecp.c
|
||||
ecp_curves.c
|
||||
ecp_curves_new.c
|
||||
entropy.c
|
||||
entropy_poll.c
|
||||
error.c
|
||||
gcm.c
|
||||
hkdf.c
|
||||
hmac_drbg.c
|
||||
lmots.c
|
||||
lms.c
|
||||
md.c
|
||||
md5.c
|
||||
memory_buffer_alloc.c
|
||||
nist_kw.c
|
||||
oid.c
|
||||
pem.c
|
||||
pk.c
|
||||
pk_ecc.c
|
||||
pk_wrap.c
|
||||
pkcs12.c
|
||||
pkcs5.c
|
||||
pkparse.c
|
||||
pkwrite.c
|
||||
platform.c
|
||||
platform_util.c
|
||||
poly1305.c
|
||||
psa_crypto.c
|
||||
psa_crypto_aead.c
|
||||
psa_crypto_cipher.c
|
||||
psa_crypto_client.c
|
||||
psa_crypto_driver_wrappers_no_static.c
|
||||
psa_crypto_ecp.c
|
||||
psa_crypto_ffdh.c
|
||||
psa_crypto_hash.c
|
||||
psa_crypto_mac.c
|
||||
psa_crypto_pake.c
|
||||
psa_crypto_rsa.c
|
||||
psa_crypto_se.c
|
||||
psa_crypto_slot_management.c
|
||||
psa_crypto_storage.c
|
||||
psa_its_file.c
|
||||
psa_util.c
|
||||
ripemd160.c
|
||||
rsa.c
|
||||
rsa_alt_helpers.c
|
||||
sha1.c
|
||||
sha256.c
|
||||
sha512.c
|
||||
sha3.c
|
||||
threading.c
|
||||
timing.c
|
||||
version.c
|
||||
version_features.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aes.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aesni.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aesce.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/aria.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/asn1parse.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/asn1write.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/base64.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_core.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_mod.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/bignum_mod_raw.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/block_cipher.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/camellia.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ccm.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/chacha20.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/chachapoly.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cipher.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cipher_wrap.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/constant_time.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/cmac.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ctr_drbg.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/des.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/dhm.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecdh.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecdsa.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecjpake.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp_curves.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ecp_curves_new.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/entropy.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/entropy_poll.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/gcm.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/hkdf.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/hmac_drbg.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/lmots.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/lms.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/md.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/md5.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/memory_buffer_alloc.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/nist_kw.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/oid.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pem.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk_ecc.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pk_wrap.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkcs12.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkcs5.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkparse.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/pkwrite.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/platform.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/platform_util.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/poly1305.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_aead.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_cipher.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_client.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_ecp.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_ffdh.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_hash.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_mac.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_pake.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_rsa.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_se.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_slot_management.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_storage.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_its_file.c
|
||||
${TF_PSA_CRYPTO_CORE_DIR}/psa_util.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/ripemd160.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/rsa.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/rsa_alt_helpers.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha1.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha256.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha512.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/sha3.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/threading.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/timing.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version.c
|
||||
${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c
|
||||
)
|
||||
|
||||
set(src_x509
|
||||
@ -133,14 +136,14 @@ if(GEN_FILES)
|
||||
file(GLOB tls_error_headers ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/*.h)
|
||||
add_custom_command(
|
||||
OUTPUT
|
||||
${CMAKE_CURRENT_BINARY_DIR}/error.c
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c
|
||||
COMMAND
|
||||
${PERL_EXECUTABLE}
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/include/mbedtls
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files
|
||||
${CMAKE_CURRENT_BINARY_DIR}/error.c
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c
|
||||
DEPENDS
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_errors.pl
|
||||
${crypto_error_headers}
|
||||
@ -150,13 +153,13 @@ if(GEN_FILES)
|
||||
|
||||
add_custom_command(
|
||||
OUTPUT
|
||||
${CMAKE_CURRENT_BINARY_DIR}/version_features.c
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c
|
||||
COMMAND
|
||||
${PERL_EXECUTABLE}
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_features.pl
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files
|
||||
${CMAKE_CURRENT_BINARY_DIR}/version_features.c
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c
|
||||
DEPENDS
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_features.pl
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/mbedtls_config.h
|
||||
@ -178,24 +181,23 @@ if(GEN_FILES)
|
||||
|
||||
add_custom_command(
|
||||
OUTPUT
|
||||
${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers.h
|
||||
${CMAKE_CURRENT_BINARY_DIR}/psa_crypto_driver_wrappers_no_static.c
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers.h
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c
|
||||
COMMAND
|
||||
${MBEDTLS_PYTHON_EXECUTABLE}
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py
|
||||
${CMAKE_CURRENT_BINARY_DIR}
|
||||
${CMAKE_CURRENT_BINARY_DIR}/${TF_PSA_CRYPTO_CORE_DIR}
|
||||
DEPENDS
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/generate_driver_wrappers.py
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja
|
||||
)
|
||||
|
||||
|
||||
else()
|
||||
link_to_source(error.c)
|
||||
link_to_source(version_features.c)
|
||||
link_to_source(${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/error.c)
|
||||
link_to_source(${TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_DIR}/version_features.c)
|
||||
link_to_source(ssl_debug_helpers_generated.c)
|
||||
link_to_source(psa_crypto_driver_wrappers_no_static.c)
|
||||
link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers.h)
|
||||
link_to_source(${TF_PSA_CRYPTO_CORE_DIR}/psa_crypto_driver_wrappers_no_static.c)
|
||||
endif()
|
||||
|
||||
if(CMAKE_COMPILER_IS_GNUCC)
|
||||
@ -324,19 +326,19 @@ endif(USE_SHARED_MBEDTLS_LIBRARY)
|
||||
|
||||
foreach(target IN LISTS target_libraries)
|
||||
add_library(MbedTLS::${target} ALIAS ${target}) # add_subdirectory support
|
||||
# Include public header files from /include and other directories
|
||||
# declared by /3rdparty/**/CMakeLists.txt. Include private header files
|
||||
# from /library and others declared by /3rdparty/**/CMakeLists.txt.
|
||||
# /library needs to be listed explicitly when building .c files outside
|
||||
# of /library (which currently means: under /3rdparty).
|
||||
# Include public header files from /include, /tf-psa-crypto/include/ and
|
||||
# tf-psa-crypto/drivers/builtin/include/. Include private header files
|
||||
# from /library, tf-psa-crypto/core/ and tf-psa-crypto/drivers/builtin/src/.
|
||||
target_include_directories(${target}
|
||||
PUBLIC $<BUILD_INTERFACE:${MBEDTLS_DIR}/include/>
|
||||
$<BUILD_INTERFACE:${MBEDTLS_DIR}/tf-psa-crypto/include/>
|
||||
$<BUILD_INTERFACE:${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/include/>
|
||||
$<INSTALL_INTERFACE:include/>
|
||||
PRIVATE ${MBEDTLS_DIR}/library/
|
||||
${MBEDTLS_DIR}/tf-psa-crypto/core
|
||||
${MBEDTLS_DIR}/tf-psa-crypto/drivers/builtin/src
|
||||
# Needed to include psa_crypto_driver_wrappers.h
|
||||
${CMAKE_CURRENT_BINARY_DIR})
|
||||
${CMAKE_CURRENT_BINARY_DIR}/../tf-psa-crypto/core)
|
||||
# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
|
||||
if(MBEDTLS_CONFIG_FILE)
|
||||
target_compile_definitions(${target}
|
||||
|
208
library/Makefile
208
library/Makefile
@ -2,11 +2,15 @@ ifndef MBEDTLS_PATH
|
||||
MBEDTLS_PATH := ..
|
||||
endif
|
||||
|
||||
TF_PSA_CRYPTO_CORE_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/core
|
||||
TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH = $(MBEDTLS_PATH)/tf-psa-crypto/drivers/builtin/src
|
||||
|
||||
GENERATED_FILES := \
|
||||
error.c version_features.c \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version_features.c \
|
||||
ssl_debug_helpers_generated.c \
|
||||
psa_crypto_driver_wrappers.h \
|
||||
psa_crypto_driver_wrappers_no_static.c
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers.h \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.c
|
||||
|
||||
ifneq ($(GENERATED_FILES),$(wildcard $(GENERATED_FILES)))
|
||||
ifeq (,$(wildcard $(MBEDTLS_PATH)/framework/exported.make))
|
||||
@ -29,11 +33,12 @@ WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral
|
||||
LDFLAGS ?=
|
||||
|
||||
# Include ../include, ../tf-psa-crypto/include and
|
||||
# ../tf-psa-crypto/drivers/builtin/include for public headers and . for
|
||||
# private headers. Note that . needs to be included explicitly for the sake of
|
||||
# library files that are not in the /library directory (which currently means
|
||||
# under /3rdparty).
|
||||
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -I../tf-psa-crypto/include \
|
||||
# ../tf-psa-crypto/drivers/builtin/include for public headers and .,
|
||||
# ../tf-psa-crypto/core and ../tf-psa-crypto/drivers/builtin/src for
|
||||
# private headers.
|
||||
LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../tf-psa-crypto/core \
|
||||
-I../tf-psa-crypto/drivers/builtin/src \
|
||||
-I../include -I../tf-psa-crypto/include \
|
||||
-I../tf-psa-crypto/drivers/builtin/include -D_FILE_OFFSET_BITS=64
|
||||
LOCAL_LDFLAGS =
|
||||
|
||||
@ -105,89 +110,91 @@ endif
|
||||
endif
|
||||
|
||||
OBJS_CRYPTO= \
|
||||
aes.o \
|
||||
aesni.o \
|
||||
aesce.o \
|
||||
aria.o \
|
||||
asn1parse.o \
|
||||
asn1write.o \
|
||||
base64.o \
|
||||
bignum.o \
|
||||
bignum_core.o \
|
||||
bignum_mod.o \
|
||||
bignum_mod_raw.o \
|
||||
block_cipher.o \
|
||||
camellia.o \
|
||||
ccm.o \
|
||||
chacha20.o \
|
||||
chachapoly.o \
|
||||
cipher.o \
|
||||
cipher_wrap.o \
|
||||
cmac.o \
|
||||
constant_time.o \
|
||||
ctr_drbg.o \
|
||||
des.o \
|
||||
dhm.o \
|
||||
ecdh.o \
|
||||
ecdsa.o \
|
||||
ecjpake.o \
|
||||
ecp.o \
|
||||
ecp_curves.o \
|
||||
ecp_curves_new.o \
|
||||
entropy.o \
|
||||
entropy_poll.o \
|
||||
error.o \
|
||||
gcm.o \
|
||||
hkdf.o \
|
||||
hmac_drbg.o \
|
||||
lmots.o \
|
||||
lms.o \
|
||||
md.o \
|
||||
md5.o \
|
||||
memory_buffer_alloc.o \
|
||||
nist_kw.o \
|
||||
oid.o \
|
||||
pem.o \
|
||||
pk.o \
|
||||
pk_ecc.o \
|
||||
pk_wrap.o \
|
||||
pkcs12.o \
|
||||
pkcs5.o \
|
||||
pkparse.o \
|
||||
pkwrite.o \
|
||||
platform.o \
|
||||
platform_util.o \
|
||||
poly1305.o \
|
||||
psa_crypto.o \
|
||||
psa_crypto_aead.o \
|
||||
psa_crypto_cipher.o \
|
||||
psa_crypto_client.o \
|
||||
psa_crypto_driver_wrappers_no_static.o \
|
||||
psa_crypto_ecp.o \
|
||||
psa_crypto_ffdh.o \
|
||||
psa_crypto_hash.o \
|
||||
psa_crypto_mac.o \
|
||||
psa_crypto_pake.o \
|
||||
psa_crypto_rsa.o \
|
||||
psa_crypto_se.o \
|
||||
psa_crypto_slot_management.o \
|
||||
psa_crypto_storage.o \
|
||||
psa_its_file.o \
|
||||
psa_util.o \
|
||||
ripemd160.o \
|
||||
rsa.o \
|
||||
rsa_alt_helpers.o \
|
||||
sha1.o \
|
||||
sha256.o \
|
||||
sha512.o \
|
||||
sha3.o \
|
||||
threading.o \
|
||||
timing.o \
|
||||
version.o \
|
||||
version_features.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_aead.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_cipher.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_client.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_ecp.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_ffdh.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_hash.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_mac.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_pake.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_rsa.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_se.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_slot_management.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_storage.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_its_file.o \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_util.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aes.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesni.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aesce.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/aria.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/asn1parse.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/asn1write.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/base64.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_core.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_mod.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/bignum_mod_raw.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/block_cipher.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/camellia.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ccm.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/chacha20.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/chachapoly.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cipher.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cipher_wrap.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/cmac.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/constant_time.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ctr_drbg.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/des.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/dhm.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdh.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecdsa.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecjpake.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ecp_curves_new.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/entropy_poll.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/gcm.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hkdf.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/hmac_drbg.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/lmots.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/lms.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/md.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/md5.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/memory_buffer_alloc.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/nist_kw.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/oid.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pem.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk_ecc.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pk_wrap.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkcs12.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkcs5.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkparse.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/pkwrite.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/platform_util.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/poly1305.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/ripemd160.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/rsa_alt_helpers.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha1.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha256.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha512.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/sha3.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/threading.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/timing.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version.o \
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version_features.o \
|
||||
# This line is intentionally left blank
|
||||
|
||||
include ../3rdparty/Makefile.inc
|
||||
THIRDPARTY_DIR := $(MBEDTLS_PATH)/tf-psa-crypto/drivers
|
||||
include $(MBEDTLS_PATH)/tf-psa-crypto/drivers/everest/Makefile.inc
|
||||
include $(MBEDTLS_PATH)/tf-psa-crypto/drivers/p256-m/Makefile.inc
|
||||
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
|
||||
OBJS_CRYPTO+=$(THIRDPARTY_CRYPTO_OBJECTS)
|
||||
|
||||
@ -349,10 +356,10 @@ else
|
||||
gen_file_dep = |
|
||||
endif
|
||||
|
||||
error.c: $(gen_file_dep) ../scripts/generate_errors.pl
|
||||
error.c: $(gen_file_dep) ../scripts/data_files/error.fmt
|
||||
error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h))
|
||||
error.c:
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/generate_errors.pl
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) ../scripts/data_files/error.fmt
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c: $(gen_file_dep) $(filter-out %config%,$(wildcard ../include/mbedtls/*.h))
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/error.c:
|
||||
echo " Gen $@"
|
||||
$(PERL) ../scripts/generate_errors.pl
|
||||
|
||||
@ -362,33 +369,34 @@ ssl_debug_helpers_generated.c:
|
||||
echo " Gen $@"
|
||||
$(PYTHON) ../scripts/generate_ssl_debug_helpers.py --mbedtls-root .. .
|
||||
|
||||
version_features.c: $(gen_file_dep) ../scripts/generate_features.pl
|
||||
version_features.c: $(gen_file_dep) ../scripts/data_files/version_features.fmt
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version_features.c: $(gen_file_dep) ../scripts/generate_features.pl
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version_features.c: $(gen_file_dep) ../scripts/data_files/version_features.fmt
|
||||
## The generated file only depends on the options that are present in mbedtls_config.h,
|
||||
## not on which options are set. To avoid regenerating this file all the time
|
||||
## when switching between configurations, don't declare mbedtls_config.h as a
|
||||
## dependency. Remove this file from your working tree if you've just added or
|
||||
## removed an option in mbedtls_config.h.
|
||||
#version_features.c: ../include/mbedtls/mbedtls_config.h
|
||||
version_features.c:
|
||||
$(TF_PSA_CRYPTO_DRIVERS_BUILTIN_SRC_PATH)/version_features.c:
|
||||
echo " Gen $@"
|
||||
$(PERL) ../scripts/generate_features.pl
|
||||
|
||||
GENERATED_WRAPPER_FILES = \
|
||||
psa_crypto_driver_wrappers.h \
|
||||
psa_crypto_driver_wrappers_no_static.c
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers.h \
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers_no_static.c
|
||||
$(GENERATED_WRAPPER_FILES): ../scripts/generate_driver_wrappers.py
|
||||
$(GENERATED_WRAPPER_FILES): ../scripts/data_files/driver_templates/psa_crypto_driver_wrappers.h.jinja
|
||||
$(GENERATED_WRAPPER_FILES): ../scripts/data_files/driver_templates/psa_crypto_driver_wrappers_no_static.c.jinja
|
||||
$(GENERATED_WRAPPER_FILES):
|
||||
echo " Gen $(GENERATED_WRAPPER_FILES)"
|
||||
$(PYTHON) ../scripts/generate_driver_wrappers.py
|
||||
$(PYTHON) ../scripts/generate_driver_wrappers.py $(TF_PSA_CRYPTO_CORE_PATH)
|
||||
|
||||
psa_crypto.o:psa_crypto_driver_wrappers.h
|
||||
$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto.o:$(TF_PSA_CRYPTO_CORE_PATH)/psa_crypto_driver_wrappers.h
|
||||
|
||||
clean:
|
||||
ifndef WINDOWS
|
||||
rm -f *.o libmbed*
|
||||
rm -f $(OBJS_CRYPTO)
|
||||
rm -f $(THIRDPARTY_CRYPTO_OBJECTS)
|
||||
else
|
||||
if exist *.o del /Q /F *.o
|
||||
|
@ -356,7 +356,7 @@ endif
|
||||
|
||||
test/metatest$(EXEXT): test/metatest.c $(DEP)
|
||||
echo " CC test/metatest.c"
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -I ../library test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
$(CC) $(LOCAL_CFLAGS) $(CFLAGS) -I../library -I../tf-psa-crypto/core test/metatest.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
|
||||
|
||||
test/query_config.o: test/query_config.c test/query_config.h $(DEP)
|
||||
echo " CC test/query_config.c"
|
||||
|
@ -78,8 +78,11 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto)
|
||||
endif()
|
||||
add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>
|
||||
${extra_sources})
|
||||
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
|
||||
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library)
|
||||
target_include_directories(${exe}
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include)
|
||||
target_include_directories(${exe}
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library
|
||||
${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/core)
|
||||
if(exe STREQUAL "query_compile_time_config")
|
||||
target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR})
|
||||
endif()
|
||||
|
@ -66,7 +66,7 @@ def get_src_files(since: Optional[str]) -> List[str]:
|
||||
that have changed since that commit. Without this argument, list all
|
||||
files known to git.
|
||||
|
||||
Only C files are included, and certain files (generated, or 3rdparty)
|
||||
Only C files are included, and certain files (generated, or third party)
|
||||
are excluded.
|
||||
"""
|
||||
file_patterns = ["*.[hc]",
|
||||
@ -130,7 +130,8 @@ def get_src_files(since: Optional[str]) -> List[str]:
|
||||
# companion files in the same subtree), or for automatically
|
||||
# generated files (we're correcting the templates instead).
|
||||
src_files = [filename for filename in src_files
|
||||
if not (filename.startswith("3rdparty/") or
|
||||
if not (filename.startswith("tf-psa-crypto/drivers/everest/") or
|
||||
filename.startswith("tf-psa-crypto/drivers/p256-m/") or
|
||||
filename in generated_files or
|
||||
is_file_autogenerated(filename))]
|
||||
return src_files
|
||||
|
@ -44,7 +44,9 @@ LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \
|
||||
-lmbedcrypto$(SHARED_SUFFIX)
|
||||
endif
|
||||
|
||||
include $(MBEDTLS_PATH)/3rdparty/Makefile.inc
|
||||
THIRDPARTY_DIR = $(MBEDTLS_PATH)/tf-psa-crypto/drivers
|
||||
include $(THIRDPARTY_DIR)/everest/Makefile.inc
|
||||
include $(THIRDPARTY_DIR)/p256-m/Makefile.inc
|
||||
LOCAL_CFLAGS+=$(THIRDPARTY_INCLUDES)
|
||||
|
||||
ifdef PSASIM
|
||||
|
@ -2,7 +2,7 @@
|
||||
"prefix": "p256",
|
||||
"type": "transparent",
|
||||
"mbedtls/h_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)",
|
||||
"headers": ["../3rdparty/p256-m/p256-m_driver_entrypoints.h"],
|
||||
"headers": ["../tf-psa-crypto/drivers/p256-m/p256-m_driver_entrypoints.h"],
|
||||
"capabilities": [
|
||||
{
|
||||
"mbedtls/c_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)",
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Generate library/psa_crypto_driver_wrappers.h
|
||||
library/psa_crypto_driver_wrappers_no_static.c
|
||||
"""Generate psa_crypto_driver_wrappers.h
|
||||
psa_crypto_driver_wrappers_no_static.c
|
||||
|
||||
This module is invoked by the build scripts to auto generate the
|
||||
psa_crypto_driver_wrappers.h and psa_crypto_driver_wrappers_no_static
|
||||
|
@ -24,7 +24,7 @@ if( @ARGV ) {
|
||||
$crypto_include_dir = 'tf-psa-crypto/drivers/builtin/include/mbedtls';
|
||||
$tls_include_dir = 'include/mbedtls';
|
||||
$data_dir = 'scripts/data_files';
|
||||
$error_file = 'library/error.c';
|
||||
$error_file = 'tf-psa-crypto/drivers/builtin/src/error.c';
|
||||
|
||||
unless( -d $crypto_include_dir && -d $tls_include_dir && -d $data_dir ) {
|
||||
chdir '..' or die;
|
||||
|
@ -16,7 +16,7 @@ if( @ARGV ) {
|
||||
} else {
|
||||
$include_dir = 'include/mbedtls';
|
||||
$data_dir = 'scripts/data_files';
|
||||
$feature_file = 'library/version_features.c';
|
||||
$feature_file = 'tf-psa-crypto/drivers/builtin/src/version_features.c';
|
||||
|
||||
unless( -d $include_dir && -d $data_dir ) {
|
||||
chdir '..' or die;
|
||||
|
@ -25,19 +25,21 @@ my $programs_dir = 'programs';
|
||||
my $mbedtls_header_dir = 'include/mbedtls';
|
||||
my $drivers_builtin_header_dir = 'tf-psa-crypto/drivers/builtin/include/mbedtls';
|
||||
my $psa_header_dir = 'tf-psa-crypto/include/psa';
|
||||
my $source_dir = 'library';
|
||||
my $tls_source_dir = 'library';
|
||||
my $crypto_core_source_dir = 'tf-psa-crypto/core';
|
||||
my $crypto_source_dir = 'tf-psa-crypto/drivers/builtin/src';
|
||||
my $test_source_dir = 'tests/src';
|
||||
my $test_header_dir = 'tests/include/test';
|
||||
my $test_drivers_header_dir = 'tests/include/test/drivers';
|
||||
my $test_drivers_source_dir = 'tests/src/drivers';
|
||||
|
||||
my @thirdparty_header_dirs = qw(
|
||||
3rdparty/everest/include/everest
|
||||
tf-psa-crypto/drivers/everest/include/everest
|
||||
);
|
||||
my @thirdparty_source_dirs = qw(
|
||||
3rdparty/everest/library
|
||||
3rdparty/everest/library/kremlib
|
||||
3rdparty/everest/library/legacy
|
||||
tf-psa-crypto/drivers/everest/library
|
||||
tf-psa-crypto/drivers/everest/library/kremlib
|
||||
tf-psa-crypto/drivers/everest/library/legacy
|
||||
);
|
||||
|
||||
# Directories to add to the include path.
|
||||
@ -47,25 +49,27 @@ my @include_directories = qw(
|
||||
include
|
||||
tf-psa-crypto/include
|
||||
tf-psa-crypto/drivers/builtin/include
|
||||
3rdparty/everest/include/
|
||||
3rdparty/everest/include/everest
|
||||
3rdparty/everest/include/everest/vs2013
|
||||
3rdparty/everest/include/everest/kremlib
|
||||
tf-psa-crypto/drivers/everest/include/
|
||||
tf-psa-crypto/drivers/everest/include/everest
|
||||
tf-psa-crypto/drivers/everest/include/everest/vs2013
|
||||
tf-psa-crypto/drivers/everest/include/everest/kremlib
|
||||
tests/include
|
||||
);
|
||||
my $include_directories = join(';', map {"../../$_"} @include_directories);
|
||||
|
||||
# Directories to add to the include path when building the library, but not
|
||||
# Directories to add to the include path when building the libraries, but not
|
||||
# when building tests or applications.
|
||||
my @library_include_directories = qw(
|
||||
library
|
||||
tf-psa-crypto/core
|
||||
tf-psa-crypto/drivers/builtin/src
|
||||
);
|
||||
my $library_include_directories =
|
||||
join(';', map {"../../$_"} (@library_include_directories,
|
||||
@include_directories));
|
||||
|
||||
my @excluded_files = qw(
|
||||
3rdparty/everest/library/Hacl_Curve25519.c
|
||||
tf-psa-crypto/drivers/everest/library/Hacl_Curve25519.c
|
||||
);
|
||||
my %excluded_files = ();
|
||||
foreach (@excluded_files) { $excluded_files{$_} = 1 }
|
||||
@ -106,7 +110,9 @@ sub check_dirs {
|
||||
&& -d $mbedtls_header_dir
|
||||
&& -d $drivers_builtin_header_dir
|
||||
&& -d $psa_header_dir
|
||||
&& -d $source_dir
|
||||
&& -d $tls_source_dir
|
||||
&& -d $crypto_core_source_dir
|
||||
&& -d $crypto_source_dir
|
||||
&& -d $test_source_dir
|
||||
&& -d $test_drivers_source_dir
|
||||
&& -d $test_header_dir
|
||||
@ -265,12 +271,16 @@ sub main {
|
||||
$psa_header_dir,
|
||||
$test_header_dir,
|
||||
$test_drivers_header_dir,
|
||||
$source_dir,
|
||||
$tls_source_dir,
|
||||
$crypto_core_source_dir,
|
||||
$crypto_source_dir,
|
||||
@thirdparty_header_dirs,
|
||||
);
|
||||
my @headers = (map { <$_/*.h> } @header_dirs);
|
||||
my @source_dirs = (
|
||||
$source_dir,
|
||||
$tls_source_dir,
|
||||
$crypto_core_source_dir,
|
||||
$crypto_source_dir,
|
||||
$test_source_dir,
|
||||
$test_drivers_source_dir,
|
||||
@thirdparty_source_dirs,
|
||||
|
@ -291,7 +291,9 @@ function(add_test_suite suite_name)
|
||||
# them as PUBLIC.
|
||||
target_include_directories(test_suite_${data_name}
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library)
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../library
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/core
|
||||
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/drivers/builtin/src)
|
||||
# Request C11, which is needed for memory poisoning tests
|
||||
set_target_properties(test_suite_${data_name} PROPERTIES C_STANDARD 11)
|
||||
|
||||
|
@ -4,8 +4,8 @@ include ../scripts/common.make
|
||||
# Set this to -v to see the details of failing test cases
|
||||
TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(CTEST_OUTPUT_ON_FAILURE)),-v,)
|
||||
|
||||
# Also include library headers, for the sake of invasive tests.
|
||||
LOCAL_CFLAGS += -I../library
|
||||
# Also include private headers, for the sake of invasive tests.
|
||||
LOCAL_CFLAGS += -I../library -I../tf-psa-crypto/core -I../tf-psa-crypto/drivers/builtin/src
|
||||
|
||||
|
||||
# Enable definition of various functions used throughout the testsuite
|
||||
@ -268,17 +268,22 @@ define libtestdriver1_rewrite :=
|
||||
s/\b(?=mbedtls_|psa_)/libtestdriver1_/g;
|
||||
endef
|
||||
|
||||
libtestdriver1.a: export MBEDTLS_PATH := $(patsubst ../..//%,/%,../../$(MBEDTLS_PATH))
|
||||
libtestdriver1.a:
|
||||
# Copy the library and fake a 3rdparty Makefile include.
|
||||
rm -Rf ./libtestdriver1
|
||||
mkdir ./libtestdriver1
|
||||
mkdir ./libtestdriver1/tf-psa-crypto
|
||||
mkdir ./libtestdriver1/tf-psa-crypto/drivers
|
||||
mkdir ./libtestdriver1/tf-psa-crypto/drivers/everest
|
||||
mkdir ./libtestdriver1/tf-psa-crypto/drivers/p256-m
|
||||
touch ./libtestdriver1/tf-psa-crypto/drivers/everest/Makefile.inc
|
||||
touch ./libtestdriver1/tf-psa-crypto/drivers/p256-m/Makefile.inc
|
||||
cp -Rf ../framework ./libtestdriver1
|
||||
cp -Rf ../library ./libtestdriver1
|
||||
cp -Rf ../include ./libtestdriver1
|
||||
cp -Rf ../tf-psa-crypto ./libtestdriver1
|
||||
cp -Rf ../tf-psa-crypto/core ./libtestdriver1/tf-psa-crypto
|
||||
cp -Rf ../tf-psa-crypto/include ./libtestdriver1/tf-psa-crypto
|
||||
cp -Rf ../tf-psa-crypto/drivers/builtin ./libtestdriver1/tf-psa-crypto/drivers
|
||||
cp -Rf ../scripts ./libtestdriver1
|
||||
mkdir ./libtestdriver1/3rdparty
|
||||
touch ./libtestdriver1/3rdparty/Makefile.inc
|
||||
|
||||
# Set the test driver base (minimal) configuration.
|
||||
cp ./include/test/drivers/config_test_driver.h ./libtestdriver1/include/mbedtls/mbedtls_config.h
|
||||
@ -298,8 +303,10 @@ libtestdriver1.a:
|
||||
# when this test driver library is linked with the Mbed TLS library.
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch]
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/tf-psa-crypto/core/*.[ch]
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/tf-psa-crypto/include/*/*.h
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/tf-psa-crypto/drivers/builtin/include/*/*.h
|
||||
perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/tf-psa-crypto/drivers/builtin/src/*.[ch]
|
||||
|
||||
$(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a
|
||||
cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a
|
||||
|
@ -133,10 +133,18 @@ pre_check_environment () {
|
||||
pre_initialize_variables () {
|
||||
if in_mbedtls_repo; then
|
||||
CONFIG_H='include/mbedtls/mbedtls_config.h'
|
||||
CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h'
|
||||
if [ -d tf-psa-crypto ]; then
|
||||
CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h'
|
||||
PSA_CORE_PATH='tf-psa-crypto/core'
|
||||
BUILTIN_SRC_PATH='tf-psa-crypto/drivers/builtin/src'
|
||||
else
|
||||
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
|
||||
fi
|
||||
else
|
||||
CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h'
|
||||
CRYPTO_CONFIG_H='include/psa/crypto_config.h'
|
||||
PSA_CORE_PATH='core'
|
||||
BUILTIN_SRC_PATH='drivers/builtin/src'
|
||||
fi
|
||||
CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h'
|
||||
|
||||
@ -331,9 +339,14 @@ cleanup()
|
||||
-iname CMakeCache.txt -o \
|
||||
-path './cmake/*.cmake' \) -exec rm -f {} \+
|
||||
# Remove Makefiles generated by in-tree CMake builds
|
||||
rm -f 3rdparty/Makefile 3rdparty/*/Makefile pkgconfig/Makefile framework/Makefile
|
||||
rm -f pkgconfig/Makefile framework/Makefile
|
||||
rm -f include/Makefile programs/!(fuzz)/Makefile
|
||||
rm -f tf-psa-crypto/Makefile tf-psa-crypto/include/Makefile
|
||||
rm -f tf-psa-crypto/core/Makefile tf-psa-crypto/drivers/Makefile
|
||||
rm -f tf-psa-crypto/drivers/everest/Makefile
|
||||
rm -f tf-psa-crypto/drivers/p256-m/Makefile
|
||||
rm -f tf-psa-crypto/drivers/builtin/Makefile
|
||||
rm -f tf-psa-crypto/drivers/builtin/src/Makefile
|
||||
|
||||
# Remove any artifacts from the component_test_cmake_as_subdirectory test.
|
||||
rm -rf programs/test/cmake_subproject/build
|
||||
@ -444,6 +457,12 @@ armc6_build_test()
|
||||
|
||||
msg "size: ARM Compiler 6 ($FLAGS)"
|
||||
"$ARMC6_FROMELF" -z library/*.o
|
||||
if [ -n ${PSA_CORE_PATH} ]; then
|
||||
"$ARMC6_FROMELF" -z ${PSA_CORE_PATH}/*.o
|
||||
fi
|
||||
if [ -n ${BUILTIN_SRC_PATH} ]; then
|
||||
"$ARMC6_FROMELF" -z ${BUILTIN_SRC_PATH}/*.o
|
||||
fi
|
||||
}
|
||||
|
||||
err_msg()
|
||||
@ -1108,6 +1127,8 @@ helper_psasim_server() {
|
||||
component_check_recursion () {
|
||||
msg "Check: recursion.pl" # < 1s
|
||||
tests/scripts/recursion.pl library/*.c
|
||||
tests/scripts/recursion.pl ${PSA_CORE_PATH}/*.c
|
||||
tests/scripts/recursion.pl ${BUILTIN_SRC_PATH}/*.c
|
||||
}
|
||||
|
||||
component_check_generated_files () {
|
||||
@ -1670,8 +1691,8 @@ component_full_no_pkparse_pkwrite() {
|
||||
make CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Ensure that PK_[PARSE|WRITE]_C were not re-enabled accidentally (additive config).
|
||||
not grep mbedtls_pk_parse_key library/pkparse.o
|
||||
not grep mbedtls_pk_write_key_der library/pkwrite.o
|
||||
not grep mbedtls_pk_parse_key ${BUILTIN_SRC_PATH}/pkparse.o
|
||||
not grep mbedtls_pk_write_key_der ${BUILTIN_SRC_PATH}/pkwrite.o
|
||||
|
||||
msg "test: full without pkparse and pkwrite"
|
||||
make test
|
||||
@ -1698,8 +1719,8 @@ component_test_crypto_full_md_light_only () {
|
||||
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Make sure we don't have the HMAC functions, but the hashing functions
|
||||
not grep mbedtls_md_hmac library/md.o
|
||||
grep mbedtls_md library/md.o
|
||||
not grep mbedtls_md_hmac ${BUILTIN_SRC_PATH}/md.o
|
||||
grep mbedtls_md ${BUILTIN_SRC_PATH}/md.o
|
||||
|
||||
msg "test: crypto_full with only the light subset of MD"
|
||||
make test
|
||||
@ -1734,7 +1755,7 @@ component_test_full_no_cipher () {
|
||||
make
|
||||
|
||||
# Ensure that CIPHER_C was not re-enabled
|
||||
not grep mbedtls_cipher_init library/cipher.o
|
||||
not grep mbedtls_cipher_init ${BUILTIN_SRC_PATH}/cipher.o
|
||||
|
||||
msg "test: full no CIPHER"
|
||||
make test
|
||||
@ -1787,7 +1808,7 @@ component_test_full_no_ccm_star_no_tag() {
|
||||
make
|
||||
|
||||
# Ensure MBEDTLS_PSA_BUILTIN_CIPHER was not enabled
|
||||
not grep mbedtls_psa_cipher library/psa_crypto_cipher.o
|
||||
not grep mbedtls_psa_cipher ${PSA_CORE_PATH}/psa_crypto_cipher.o
|
||||
|
||||
msg "test: full no PSA_WANT_ALG_CCM_STAR_NO_TAG"
|
||||
make test
|
||||
@ -2524,7 +2545,7 @@ component_test_psa_crypto_config_accel_ecdsa () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -2565,7 +2586,7 @@ component_test_psa_crypto_config_accel_ecdh () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -2603,7 +2624,7 @@ component_test_psa_crypto_config_accel_ffdh () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_dhm_ library/dhm.o
|
||||
not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -2657,7 +2678,7 @@ component_test_psa_crypto_config_accel_pake() {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecjpake_init library/ecjpake.o
|
||||
not grep mbedtls_ecjpake_init ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -2714,10 +2735,10 @@ component_test_psa_crypto_config_accel_ecc_some_key_types () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# ECP should be re-enabled but not the others
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecdsa library/ecdsa.o
|
||||
not grep mbedtls_ecjpake library/ecjpake.o
|
||||
grep mbedtls_ecp library/ecp.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
not grep mbedtls_ecdsa ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecjpake ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
grep mbedtls_ecp ${BUILTIN_SRC_PATH}/ecp.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -2808,27 +2829,27 @@ common_test_psa_crypto_config_accel_ecc_some_curves () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# We expect ECDH to be re-enabled for the missing curves
|
||||
grep mbedtls_ecdh_ library/ecdh.o
|
||||
grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
# We expect ECP to be re-enabled, however the parts specific to the
|
||||
# families of curves that are accelerated should be ommited.
|
||||
# - functions with mxz in the name are specific to Montgomery curves
|
||||
# - ecp_muladd is specific to Weierstrass curves
|
||||
##nm library/ecp.o | tee ecp.syms
|
||||
##nm ${BUILTIN_SRC_PATH}/ecp.o | tee ecp.syms
|
||||
if [ $weierstrass -eq 1 ]; then
|
||||
not grep mbedtls_ecp_muladd library/ecp.o
|
||||
grep mxz library/ecp.o
|
||||
not grep mbedtls_ecp_muladd ${BUILTIN_SRC_PATH}/ecp.o
|
||||
grep mxz ${BUILTIN_SRC_PATH}/ecp.o
|
||||
else
|
||||
grep mbedtls_ecp_muladd library/ecp.o
|
||||
not grep mxz library/ecp.o
|
||||
grep mbedtls_ecp_muladd ${BUILTIN_SRC_PATH}/ecp.o
|
||||
not grep mxz ${BUILTIN_SRC_PATH}/ecp.o
|
||||
fi
|
||||
# We expect ECDSA and ECJPAKE to be re-enabled only when
|
||||
# Weierstrass curves are not accelerated
|
||||
if [ $weierstrass -eq 1 ]; then
|
||||
not grep mbedtls_ecdsa library/ecdsa.o
|
||||
not grep mbedtls_ecjpake library/ecjpake.o
|
||||
not grep mbedtls_ecdsa ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecjpake ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
else
|
||||
grep mbedtls_ecdsa library/ecdsa.o
|
||||
grep mbedtls_ecjpake library/ecjpake.o
|
||||
grep mbedtls_ecdsa ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
grep mbedtls_ecjpake ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
fi
|
||||
|
||||
# Run the tests
|
||||
@ -2907,10 +2928,10 @@ component_test_psa_crypto_config_accel_ecc_ecp_light_only () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecjpake_ library/ecjpake.o
|
||||
not grep mbedtls_ecp_mul library/ecp.o
|
||||
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
not grep mbedtls_ecp_mul ${BUILTIN_SRC_PATH}/ecp.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3011,11 +3032,11 @@ component_test_psa_crypto_config_accel_ecc_no_ecp_at_all () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecjpake_ library/ecjpake.o
|
||||
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
# Also ensure that ECP module was not re-enabled
|
||||
not grep mbedtls_ecp_ library/ecp.o
|
||||
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3186,14 +3207,14 @@ common_test_psa_crypto_config_accel_ecc_ffdh_no_bignum () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecjpake_ library/ecjpake.o
|
||||
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
# Also ensure that ECP, RSA, [DHM] or BIGNUM modules were not re-enabled
|
||||
not grep mbedtls_ecp_ library/ecp.o
|
||||
not grep mbedtls_rsa_ library/rsa.o
|
||||
not grep mbedtls_mpi_ library/bignum.o
|
||||
not grep mbedtls_dhm_ library/dhm.o
|
||||
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
|
||||
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
|
||||
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
|
||||
not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3289,20 +3310,20 @@ component_test_tfm_config_p256m_driver_accel_ec () {
|
||||
make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include/spe" LDFLAGS="$ASAN_CFLAGS"
|
||||
|
||||
# Make sure any built-in EC alg was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ecdsa_ library/ecdsa.o
|
||||
not grep mbedtls_ecdh_ library/ecdh.o
|
||||
not grep mbedtls_ecjpake_ library/ecjpake.o
|
||||
not grep mbedtls_ecdsa_ ${BUILTIN_SRC_PATH}/ecdsa.o
|
||||
not grep mbedtls_ecdh_ ${BUILTIN_SRC_PATH}/ecdh.o
|
||||
not grep mbedtls_ecjpake_ ${BUILTIN_SRC_PATH}/ecjpake.o
|
||||
# Also ensure that ECP, RSA, DHM or BIGNUM modules were not re-enabled
|
||||
not grep mbedtls_ecp_ library/ecp.o
|
||||
not grep mbedtls_rsa_ library/rsa.o
|
||||
not grep mbedtls_dhm_ library/dhm.o
|
||||
not grep mbedtls_mpi_ library/bignum.o
|
||||
not grep mbedtls_ecp_ ${BUILTIN_SRC_PATH}/ecp.o
|
||||
not grep mbedtls_rsa_ ${BUILTIN_SRC_PATH}/rsa.o
|
||||
not grep mbedtls_dhm_ ${BUILTIN_SRC_PATH}/dhm.o
|
||||
not grep mbedtls_mpi_ ${BUILTIN_SRC_PATH}/bignum.o
|
||||
# Check that p256m was built
|
||||
grep -q p256_ecdsa_ library/libmbedcrypto.a
|
||||
|
||||
# In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration
|
||||
# files, so we want to ensure that it has not be re-enabled accidentally.
|
||||
not grep mbedtls_cipher library/cipher.o
|
||||
not grep mbedtls_cipher ${BUILTIN_SRC_PATH}/cipher.o
|
||||
|
||||
# Run the tests
|
||||
msg "test: TF-M config + p256m driver + accel ECDH(E)/ECDSA"
|
||||
@ -3327,7 +3348,7 @@ component_test_tfm_config() {
|
||||
|
||||
# In "config-tfm.h" we disabled CIPHER_C tweaking TF-M's configuration
|
||||
# files, so we want to ensure that it has not be re-enabled accidentally.
|
||||
not grep mbedtls_cipher library/cipher.o
|
||||
not grep mbedtls_cipher ${BUILTIN_SRC_PATH}/cipher.o
|
||||
|
||||
msg "test: TF-M config"
|
||||
make test
|
||||
@ -3449,7 +3470,7 @@ component_test_psa_crypto_config_accel_rsa_crypto () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_rsa library/rsa.o
|
||||
not grep mbedtls_rsa ${BUILTIN_SRC_PATH}/rsa.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3559,11 +3580,11 @@ component_test_psa_crypto_config_accel_hash () {
|
||||
|
||||
# There's a risk of something getting re-enabled via config_psa.h;
|
||||
# make sure it did not happen. Note: it's OK for MD_C to be enabled.
|
||||
not grep mbedtls_md5 library/md5.o
|
||||
not grep mbedtls_sha1 library/sha1.o
|
||||
not grep mbedtls_sha256 library/sha256.o
|
||||
not grep mbedtls_sha512 library/sha512.o
|
||||
not grep mbedtls_ripemd160 library/ripemd160.o
|
||||
not grep mbedtls_md5 ${BUILTIN_SRC_PATH}/md5.o
|
||||
not grep mbedtls_sha1 ${BUILTIN_SRC_PATH}/sha1.o
|
||||
not grep mbedtls_sha256 ${BUILTIN_SRC_PATH}/sha256.o
|
||||
not grep mbedtls_sha512 ${BUILTIN_SRC_PATH}/sha512.o
|
||||
not grep mbedtls_ripemd160 ${BUILTIN_SRC_PATH}/ripemd160.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3616,11 +3637,11 @@ component_test_psa_crypto_config_accel_hash_use_psa () {
|
||||
|
||||
# There's a risk of something getting re-enabled via config_psa.h;
|
||||
# make sure it did not happen. Note: it's OK for MD_C to be enabled.
|
||||
not grep mbedtls_md5 library/md5.o
|
||||
not grep mbedtls_sha1 library/sha1.o
|
||||
not grep mbedtls_sha256 library/sha256.o
|
||||
not grep mbedtls_sha512 library/sha512.o
|
||||
not grep mbedtls_ripemd160 library/ripemd160.o
|
||||
not grep mbedtls_md5 ${BUILTIN_SRC_PATH}/md5.o
|
||||
not grep mbedtls_sha1 ${BUILTIN_SRC_PATH}/sha1.o
|
||||
not grep mbedtls_sha256 ${BUILTIN_SRC_PATH}/sha256.o
|
||||
not grep mbedtls_sha512 ${BUILTIN_SRC_PATH}/sha512.o
|
||||
not grep mbedtls_ripemd160 ${BUILTIN_SRC_PATH}/ripemd160.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3707,7 +3728,7 @@ component_test_psa_crypto_config_accel_hmac() {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Ensure that built-in support for HMAC is disabled.
|
||||
not grep mbedtls_md_hmac library/md.o
|
||||
not grep mbedtls_md_hmac ${BUILTIN_SRC_PATH}/md.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3765,7 +3786,7 @@ component_test_psa_crypto_config_accel_des () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_des* library/des.o
|
||||
not grep mbedtls_des* ${BUILTIN_SRC_PATH}/des.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3802,9 +3823,9 @@ component_test_psa_crypto_config_accel_aead () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_ccm library/ccm.o
|
||||
not grep mbedtls_gcm library/gcm.o
|
||||
not grep mbedtls_chachapoly library/chachapoly.o
|
||||
not grep mbedtls_ccm ${BUILTIN_SRC_PATH}/ccm.o
|
||||
not grep mbedtls_gcm ${BUILTIN_SRC_PATH}/gcm.o
|
||||
not grep mbedtls_chachapoly ${BUILTIN_SRC_PATH}/chachapoly.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3870,15 +3891,15 @@ component_test_psa_crypto_config_accel_cipher_aead_cmac () {
|
||||
helper_libtestdriver1_make_main "$loc_accel_list"
|
||||
|
||||
# Make sure this was not re-enabled by accident (additive config)
|
||||
not grep mbedtls_cipher library/cipher.o
|
||||
not grep mbedtls_des library/des.o
|
||||
not grep mbedtls_aes library/aes.o
|
||||
not grep mbedtls_aria library/aria.o
|
||||
not grep mbedtls_camellia library/camellia.o
|
||||
not grep mbedtls_ccm library/ccm.o
|
||||
not grep mbedtls_gcm library/gcm.o
|
||||
not grep mbedtls_chachapoly library/chachapoly.o
|
||||
not grep mbedtls_cmac library/cmac.o
|
||||
not grep mbedtls_cipher ${BUILTIN_SRC_PATH}/cipher.o
|
||||
not grep mbedtls_des ${BUILTIN_SRC_PATH}/des.o
|
||||
not grep mbedtls_aes ${BUILTIN_SRC_PATH}/aes.o
|
||||
not grep mbedtls_aria ${BUILTIN_SRC_PATH}/aria.o
|
||||
not grep mbedtls_camellia ${BUILTIN_SRC_PATH}/camellia.o
|
||||
not grep mbedtls_ccm ${BUILTIN_SRC_PATH}/ccm.o
|
||||
not grep mbedtls_gcm ${BUILTIN_SRC_PATH}/gcm.o
|
||||
not grep mbedtls_chachapoly ${BUILTIN_SRC_PATH}/chachapoly.o
|
||||
not grep mbedtls_cmac ${BUILTIN_SRC_PATH}/cmac.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -3967,9 +3988,9 @@ component_test_full_block_cipher_psa_dispatch () {
|
||||
|
||||
# Make sure disabled components were not re-enabled by accident (additive
|
||||
# config)
|
||||
not grep mbedtls_aes_ library/aes.o
|
||||
not grep mbedtls_aria_ library/aria.o
|
||||
not grep mbedtls_camellia_ library/camellia.o
|
||||
not grep mbedtls_aes_ ${BUILTIN_SRC_PATH}/aes.o
|
||||
not grep mbedtls_aria_ ${BUILTIN_SRC_PATH}/aria.o
|
||||
not grep mbedtls_camellia_ ${BUILTIN_SRC_PATH}/camellia.o
|
||||
|
||||
# Run the tests
|
||||
# -------------
|
||||
@ -4074,9 +4095,8 @@ build_test_config_combos() {
|
||||
./scripts/config.py unset ${opt}
|
||||
done
|
||||
|
||||
# enter the directory containing the target file & strip the dir from the filename
|
||||
cd $(dirname ${file})
|
||||
file=$(basename ${file})
|
||||
# enter the library directory
|
||||
cd library
|
||||
|
||||
# The most common issue is unused variables/functions, so ensure -Wunused is set.
|
||||
warning_flags="-Werror -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wimplicit-fallthrough -Wshadow -Wvla -Wformat=2 -Wno-format-nonliteral -Wshadow -Wasm-operand-widths -Wunused"
|
||||
@ -4091,7 +4111,7 @@ build_test_config_combos() {
|
||||
deps=""
|
||||
|
||||
len=${#options[@]}
|
||||
source_file=${file%.o}.c
|
||||
source_file=../${file%.o}.c
|
||||
|
||||
targets=0
|
||||
echo 'include Makefile' >${makefile}
|
||||
@ -4148,7 +4168,7 @@ component_build_aes_variations() {
|
||||
MBEDTLS_ROOT_DIR="$PWD"
|
||||
msg "build: aes.o for all combinations of relevant config options"
|
||||
|
||||
build_test_config_combos library/aes.o validate_aes_config_variations \
|
||||
build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \
|
||||
"MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \
|
||||
"MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \
|
||||
"MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
|
||||
@ -4165,7 +4185,7 @@ component_build_aes_variations() {
|
||||
scripts/config.py unset MBEDTLS_CIPHER_MODE_XTS
|
||||
scripts/config.py unset MBEDTLS_DES_C
|
||||
scripts/config.py unset MBEDTLS_NIST_KW_C
|
||||
build_test_config_combos library/aes.o validate_aes_config_variations \
|
||||
build_test_config_combos ${BUILTIN_SRC_PATH}/aes.o validate_aes_config_variations \
|
||||
"MBEDTLS_AES_SETKEY_ENC_ALT" "MBEDTLS_AES_DECRYPT_ALT" \
|
||||
"MBEDTLS_AES_ROM_TABLES" "MBEDTLS_AES_ENCRYPT_ALT" "MBEDTLS_AES_SETKEY_DEC_ALT" \
|
||||
"MBEDTLS_AES_FEWER_TABLES" "MBEDTLS_AES_USE_HARDWARE_ONLY" \
|
||||
@ -4597,49 +4617,49 @@ component_build_aes_armce () {
|
||||
scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
|
||||
|
||||
msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
|
||||
|
||||
msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
|
||||
msg "MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
|
||||
scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
|
||||
|
||||
msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, aarch64"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a+crypto"
|
||||
|
||||
msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, arm"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
|
||||
msg "no MBEDTLS_AES_USE_HARDWARE_ONLY, clang, thumb"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
|
||||
# test for presence of AES instructions
|
||||
scripts/config.py set MBEDTLS_AES_USE_HARDWARE_ONLY
|
||||
msg "clang, test A32 crypto instructions built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
msg "clang, test T32 crypto instructions built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
msg "clang, test aarch64 crypto instructions built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
grep -E 'aes[a-z]+\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
grep -E 'aes[a-z]+\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
|
||||
# test for absence of AES instructions
|
||||
scripts/config.py unset MBEDTLS_AES_USE_HARDWARE_ONLY
|
||||
scripts/config.py unset MBEDTLS_AESCE_C
|
||||
msg "clang, test A32 crypto instructions not built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
msg "clang, test T32 crypto instructions not built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
not grep -E 'aes[0-9a-z]+.[0-9]\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
msg "clang, test aarch64 crypto instructions not built"
|
||||
make -B library/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
not grep -E 'aes[a-z]+\s*[qv]' library/aesce.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/aesce.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
not grep -E 'aes[a-z]+\s*[qv]' ${BUILTIN_SRC_PATH}/aesce.o
|
||||
}
|
||||
|
||||
support_build_sha_armce() {
|
||||
@ -4654,30 +4674,30 @@ component_build_sha_armce () {
|
||||
# Test variations of SHA256 Armv8 crypto extensions
|
||||
scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
|
||||
msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, aarch64"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a"
|
||||
msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY clang, arm"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm"
|
||||
scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY
|
||||
|
||||
|
||||
# test the deprecated form of the config option
|
||||
scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
|
||||
msg "MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY clang, thumb"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY
|
||||
|
||||
scripts/config.py set MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
|
||||
msg "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT clang, aarch64"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a"
|
||||
scripts/config.py unset MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT
|
||||
|
||||
|
||||
# test the deprecated form of the config option
|
||||
scripts/config.py set MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
|
||||
msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, arm"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -std=c99"
|
||||
msg "MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT clang, thumb"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb"
|
||||
scripts/config.py unset MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT
|
||||
|
||||
|
||||
@ -4685,32 +4705,32 @@ component_build_sha_armce () {
|
||||
for opt in MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT; do
|
||||
scripts/config.py set ${opt}
|
||||
msg "${opt} clang, test A32 crypto instructions built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
grep -E 'sha256[a-z0-9]+.32\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
|
||||
msg "${opt} clang, test T32 crypto instructions built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
grep -E 'sha256[a-z0-9]+.32\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
|
||||
msg "${opt} clang, test aarch64 crypto instructions built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
grep -E 'sha256[a-z0-9]+\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
scripts/config.py unset ${opt}
|
||||
done
|
||||
|
||||
|
||||
# examine the disassembly for absence of SHA instructions
|
||||
msg "clang, test A32 crypto instructions not built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a72+crypto -marm -S"
|
||||
not grep -E 'sha256[a-z0-9]+.32\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
|
||||
msg "clang, test T32 crypto instructions not built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
not grep -E 'sha256[a-z0-9]+.32\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=arm-linux-gnueabihf -mcpu=cortex-a32+crypto -mthumb -S"
|
||||
not grep -E 'sha256[a-z0-9]+.32\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
|
||||
msg "clang, test aarch64 crypto instructions not built"
|
||||
make -B library/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
not grep -E 'sha256[a-z0-9]+\s+[qv]' library/sha256.o
|
||||
make -B library/../${BUILTIN_SRC_PATH}/sha256.o CC=clang CFLAGS="--target=aarch64-linux-gnu -march=armv8-a -S"
|
||||
not grep -E 'sha256[a-z0-9]+\s+[qv]' ${BUILTIN_SRC_PATH}/sha256.o
|
||||
}
|
||||
|
||||
support_build_aes_aesce_armcc () {
|
||||
@ -4832,13 +4852,13 @@ helper_block_cipher_no_decrypt_build_test () {
|
||||
make CFLAGS="-O2 $cflags" LDFLAGS="$ldflags"
|
||||
|
||||
# Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA
|
||||
not grep mbedtls_aes_setkey_dec library/aes.o
|
||||
not grep mbedtls_aria_setkey_dec library/aria.o
|
||||
not grep mbedtls_camellia_setkey_dec library/camellia.o
|
||||
not grep mbedtls_aes_setkey_dec ${BUILTIN_SRC_PATH}/aes.o
|
||||
not grep mbedtls_aria_setkey_dec ${BUILTIN_SRC_PATH}/aria.o
|
||||
not grep mbedtls_camellia_setkey_dec ${BUILTIN_SRC_PATH}/camellia.o
|
||||
# Make sure we don't have mbedtls_internal_aes_decrypt in AES
|
||||
not grep mbedtls_internal_aes_decrypt library/aes.o
|
||||
not grep mbedtls_internal_aes_decrypt ${BUILTIN_SRC_PATH}/aes.o
|
||||
# Make sure we don't have mbedtls_aesni_inverse_key in AESNI
|
||||
not grep mbedtls_aesni_inverse_key library/aesni.o
|
||||
not grep mbedtls_aesni_inverse_key ${BUILTIN_SRC_PATH}/aesni.o
|
||||
|
||||
msg "test: default config + BLOCK_CIPHER_NO_DECRYPT${set_opts:+ + $set_opts}${unset_opts:+ - $unset_opts} with $cflags${ldflags:+, $ldflags}"
|
||||
make test
|
||||
@ -4939,14 +4959,14 @@ component_test_block_cipher_no_decrypt_aesce_armcc () {
|
||||
armc6_build_test "-O1 --target=aarch64-arm-none-eabi -march=armv8-a+crypto -Werror -Wall -Wextra"
|
||||
|
||||
# Make sure we don't have mbedtls_xxx_setkey_dec in AES/ARIA/CAMELLIA
|
||||
not grep mbedtls_aes_setkey_dec library/aes.o
|
||||
not grep mbedtls_aria_setkey_dec library/aria.o
|
||||
not grep mbedtls_camellia_setkey_dec library/camellia.o
|
||||
not grep mbedtls_aes_setkey_dec ${BUILTIN_SRC_PATH}/aes.o
|
||||
not grep mbedtls_aria_setkey_dec ${BUILTIN_SRC_PATH}/aria.o
|
||||
not grep mbedtls_camellia_setkey_dec ${BUILTIN_SRC_PATH}/camellia.o
|
||||
# Make sure we don't have mbedtls_internal_aes_decrypt in AES
|
||||
not grep mbedtls_internal_aes_decrypt library/aes.o
|
||||
not grep mbedtls_internal_aes_decrypt ${BUILTIN_SRC_PATH}/aes.o
|
||||
# Make sure we don't have mbedtls_aesce_inverse_key and aesce_decrypt_block in AESCE
|
||||
not grep mbedtls_aesce_inverse_key library/aesce.o
|
||||
not grep aesce_decrypt_block library/aesce.o
|
||||
not grep mbedtls_aesce_inverse_key ${BUILTIN_SRC_PATH}/aesce.o
|
||||
not grep aesce_decrypt_block ${BUILTIN_SRC_PATH}/aesce.o
|
||||
}
|
||||
|
||||
component_test_ctr_drbg_aes_256_sha_256 () {
|
||||
@ -5319,6 +5339,8 @@ component_build_arm_none_eabi_gcc () {
|
||||
|
||||
msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -O1, baremetal+debug"
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${PSA_CORE_PATH}/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${BUILTIN_SRC_PATH}/*.o
|
||||
}
|
||||
|
||||
component_build_arm_linux_gnueabi_gcc_arm5vte () {
|
||||
@ -5333,6 +5355,8 @@ component_build_arm_linux_gnueabi_gcc_arm5vte () {
|
||||
|
||||
msg "size: ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug"
|
||||
${ARM_LINUX_GNUEABI_GCC_PREFIX}size -t library/*.o
|
||||
${ARM_LINUX_GNUEABI_GCC_PREFIX}size -t ${PSA_CORE_PATH}/*.o
|
||||
${ARM_LINUX_GNUEABI_GCC_PREFIX}size -t ${BUILTIN_SRC_PATH}/*.o
|
||||
}
|
||||
support_build_arm_linux_gnueabi_gcc_arm5vte () {
|
||||
type ${ARM_LINUX_GNUEABI_GCC_PREFIX}gcc >/dev/null 2>&1
|
||||
@ -5348,6 +5372,8 @@ component_build_arm_none_eabi_gcc_arm5vte () {
|
||||
|
||||
msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -march=armv5te -O1, baremetal+debug"
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${PSA_CORE_PATH}/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${BUILTIN_SRC_PATH}/*.o
|
||||
}
|
||||
|
||||
component_build_arm_none_eabi_gcc_m0plus () {
|
||||
@ -5357,6 +5383,8 @@ component_build_arm_none_eabi_gcc_m0plus () {
|
||||
|
||||
msg "size: ${ARM_NONE_EABI_GCC_PREFIX}gcc -mthumb -mcpu=cortex-m0plus -Os, baremetal_size"
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t library/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${PSA_CORE_PATH}/*.o
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t ${BUILTIN_SRC_PATH}/*.o
|
||||
for lib in library/*.a; do
|
||||
echo "$lib:"
|
||||
${ARM_NONE_EABI_GCC_PREFIX}size -t $lib | grep TOTALS
|
||||
@ -5370,6 +5398,8 @@ component_build_arm_none_eabi_gcc_no_udbl_division () {
|
||||
make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -Wall -Wextra' lib
|
||||
echo "Checking that software 64-bit division is not required"
|
||||
not grep __aeabi_uldiv library/*.o
|
||||
not grep __aeabi_uldiv ${PSA_CORE_PATH}/*.o
|
||||
not grep __aeabi_uldiv ${BUILTIN_SRC_PATH}/*.o
|
||||
}
|
||||
|
||||
component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
|
||||
@ -5379,6 +5409,8 @@ component_build_arm_none_eabi_gcc_no_64bit_multiplication () {
|
||||
make CC="${ARM_NONE_EABI_GCC_PREFIX}gcc" AR="${ARM_NONE_EABI_GCC_PREFIX}ar" LD="${ARM_NONE_EABI_GCC_PREFIX}ld" CFLAGS='-std=c99 -Werror -O1 -march=armv6-m -mthumb' lib
|
||||
echo "Checking that software 64-bit multiplication is not required"
|
||||
not grep __aeabi_lmul library/*.o
|
||||
not grep __aeabi_lmul ${PSA_CORE_PATH}/*.o
|
||||
not grep __aeabi_lmul ${BUILTIN_SRC_PATH}/*.o
|
||||
}
|
||||
|
||||
component_build_arm_clang_thumb () {
|
||||
@ -5423,6 +5455,8 @@ component_build_armcc () {
|
||||
|
||||
msg "size: ARM Compiler 5"
|
||||
"$ARMC5_FROMELF" -z library/*.o
|
||||
"$ARMC5_FROMELF" -z ${PSA_CORE_PATH}/*.o
|
||||
"$ARMC5_FROMELF" -z ${BUILTIN_SRC_PATH}/*.o
|
||||
|
||||
# Compile mostly with -O1 since some Arm inline assembly is disabled for -O0.
|
||||
|
||||
|
@ -31,9 +31,16 @@ in_tf_psa_crypto_repo () {
|
||||
}
|
||||
|
||||
if in_mbedtls_repo; then
|
||||
library_dir='library'
|
||||
if [ -d tf-psa-crypto ]; then
|
||||
crypto_core_dir='tf-psa-crypto/core'
|
||||
builtin_drivers_dir='tf-psa-crypto/drivers/builtin/src'
|
||||
else
|
||||
crypto_core_dir='library'
|
||||
builtin_drivers_dir='library'
|
||||
fi
|
||||
elif in_tf_psa_crypto_repo; then
|
||||
library_dir='core'
|
||||
crypto_core_dir='core'
|
||||
builtin_drivers_dir='drivers/builtin/src/'
|
||||
else
|
||||
echo "Must be run from Mbed TLS root or TF-PSA-Crypto root" >&2
|
||||
exit 1
|
||||
@ -133,13 +140,14 @@ check framework/scripts/generate_config_tests.py $(framework/scripts/generate_co
|
||||
check framework/scripts/generate_ecp_tests.py $(framework/scripts/generate_ecp_tests.py --list)
|
||||
check framework/scripts/generate_psa_tests.py $(framework/scripts/generate_psa_tests.py --list)
|
||||
check framework/scripts/generate_test_keys.py tests/src/test_keys.h
|
||||
check scripts/generate_driver_wrappers.py $library_dir/psa_crypto_driver_wrappers.h $library_dir/psa_crypto_driver_wrappers_no_static.c
|
||||
check scripts/generate_driver_wrappers.py ${crypto_core_dir}/psa_crypto_driver_wrappers.h \
|
||||
${crypto_core_dir}/psa_crypto_driver_wrappers_no_static.c
|
||||
|
||||
# Additional checks for Mbed TLS only
|
||||
if in_mbedtls_repo; then
|
||||
check scripts/generate_errors.pl library/error.c
|
||||
check scripts/generate_errors.pl ${builtin_drivers_dir}/error.c
|
||||
check scripts/generate_query_config.pl programs/test/query_config.c
|
||||
check scripts/generate_features.pl library/version_features.c
|
||||
check scripts/generate_features.pl ${builtin_drivers_dir}/version_features.c
|
||||
check scripts/generate_ssl_debug_helpers.py library/ssl_debug_helpers_generated.c
|
||||
check framework/scripts/generate_test_cert_macros.py tests/src/test_certs.h
|
||||
# generate_visualc_files enumerates source files (library/*.c). It doesn't
|
||||
|
@ -368,9 +368,8 @@ class LicenseIssueTracker(LineIssueTracker):
|
||||
heading = "License issue:"
|
||||
|
||||
LICENSE_EXEMPTION_RE_LIST = [
|
||||
# Third-party code, other than whitelisted third-party modules,
|
||||
# may be under a different license.
|
||||
r'3rdparty/(?!(p256-m)/.*)',
|
||||
# Exempt third-party drivers which may be under a different license
|
||||
r'tf-psa-crypto/drivers/(?=(everest)/.*)',
|
||||
# Documentation explaining the license may have accidental
|
||||
# false positives.
|
||||
r'(ChangeLog|LICENSE|framework\/LICENSE|[-0-9A-Z_a-z]+\.md)\Z',
|
||||
|
@ -240,15 +240,19 @@ class CodeParser():
|
||||
"include/psa/*.h",
|
||||
"tf-psa-crypto/include/psa/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
|
||||
"3rdparty/everest/include/everest/everest.h",
|
||||
"3rdparty/everest/include/everest/x25519.h"
|
||||
"tf-psa-crypto/drivers/everest/include/everest/everest.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/x25519.h"
|
||||
])
|
||||
all_macros["internal"] = self.parse_macros([
|
||||
"library/*.h",
|
||||
"tf-psa-crypto/core/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.h",
|
||||
"tests/include/test/drivers/*.h",
|
||||
])
|
||||
all_macros["private"] = self.parse_macros([
|
||||
"library/*.c",
|
||||
"tf-psa-crypto/core/*.c",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.c",
|
||||
])
|
||||
enum_consts = self.parse_enum_consts([
|
||||
"include/mbedtls/*.h",
|
||||
@ -256,9 +260,13 @@ class CodeParser():
|
||||
"tf-psa-crypto/include/psa/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
|
||||
"library/*.h",
|
||||
"tf-psa-crypto/core/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.h",
|
||||
"library/*.c",
|
||||
"3rdparty/everest/include/everest/everest.h",
|
||||
"3rdparty/everest/include/everest/x25519.h"
|
||||
"tf-psa-crypto/core/*.c",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.c",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/everest.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/x25519.h"
|
||||
])
|
||||
identifiers, excluded_identifiers = self.parse_identifiers([
|
||||
"include/mbedtls/*.h",
|
||||
@ -266,21 +274,27 @@ class CodeParser():
|
||||
"tf-psa-crypto/include/psa/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
|
||||
"library/*.h",
|
||||
"3rdparty/everest/include/everest/everest.h",
|
||||
"3rdparty/everest/include/everest/x25519.h"
|
||||
], ["3rdparty/p256-m/p256-m/p256-m.h"])
|
||||
"tf-psa-crypto/core/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/everest.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/x25519.h"
|
||||
], ["tf-psa-crypto/drivers/p256-m/p256-m/p256-m.h"])
|
||||
mbed_psa_words = self.parse_mbed_psa_words([
|
||||
"include/mbedtls/*.h",
|
||||
"include/psa/*.h",
|
||||
"tf-psa-crypto/include/psa/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
|
||||
"library/*.h",
|
||||
"3rdparty/everest/include/everest/everest.h",
|
||||
"3rdparty/everest/include/everest/x25519.h",
|
||||
"tf-psa-crypto/core/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/everest.h",
|
||||
"tf-psa-crypto/drivers/everest/include/everest/x25519.h",
|
||||
"library/*.c",
|
||||
"3rdparty/everest/library/everest.c",
|
||||
"3rdparty/everest/library/x25519.c"
|
||||
], ["library/psa_crypto_driver_wrappers.h"])
|
||||
"tf-psa-crypto/core/*.c",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.c",
|
||||
"tf-psa-crypto/drivers/everest/library/everest.c",
|
||||
"tf-psa-crypto/drivers/everest/library/x25519.c"
|
||||
], ["tf-psa-crypto/core/psa_crypto_driver_wrappers.h"])
|
||||
symbols = self.parse_symbols()
|
||||
|
||||
# Remove identifier macros like mbedtls_printf or mbedtls_calloc
|
||||
|
@ -33,7 +33,9 @@ def main():
|
||||
name_check = CodeParser(logging.getLogger())
|
||||
result = name_check.parse_identifiers([
|
||||
"include/mbedtls/*_internal.h",
|
||||
"library/*.h"
|
||||
"library/*.h",
|
||||
"tf-psa-crypto/core/*.h",
|
||||
"tf-psa-crypto/drivers/builtin/src/*.h"
|
||||
])[0]
|
||||
result.sort(key=lambda x: x.name)
|
||||
|
||||
|
@ -39,7 +39,14 @@ def main(library_build_dir: str):
|
||||
in_tf_psa_crypto_repo = build_tree.looks_like_tf_psa_crypto_root(root_dir)
|
||||
|
||||
crypto_name = build_tree.crypto_library_filename(root_dir)
|
||||
library_subdir = build_tree.crypto_core_directory(root_dir, relative=True)
|
||||
|
||||
# Temporary, while the crypto library is still located in the library
|
||||
# directory. This will not be the case anymore when it will be built by
|
||||
# the TF-PSA-Crypto build system.
|
||||
if in_tf_psa_crypto_repo:
|
||||
library_subdir = build_tree.crypto_core_directory(root_dir, relative=True)
|
||||
else:
|
||||
library_subdir = 'library'
|
||||
|
||||
crypto_lib_filename = (library_build_dir + '/' +
|
||||
library_subdir + '/' +
|
||||
|
@ -13,7 +13,7 @@
|
||||
#include "test/drivers/hash.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_hash.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_hash_hooks_t
|
||||
|
@ -16,7 +16,7 @@
|
||||
#include "mbedtls/constant_time.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_aead.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_aead.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_aead_hooks_t
|
||||
|
@ -16,7 +16,7 @@
|
||||
#include "test/drivers/key_management.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_rsa.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h"
|
||||
#endif
|
||||
|
||||
#define PSA_RSA_KEY_PAIR_MAX_SIZE \
|
||||
|
@ -19,7 +19,7 @@
|
||||
#include "test/random.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_cipher.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_cipher.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
@ -21,8 +21,8 @@
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/tf-psa-crypto/include/psa/crypto.h"
|
||||
#include "libtestdriver1/library/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/library/psa_crypto_ffdh.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_key_agreement_hooks_t
|
||||
|
@ -23,9 +23,9 @@
|
||||
#include "test/random.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/library/psa_crypto_rsa.h"
|
||||
#include "libtestdriver1/library/psa_crypto_ffdh.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ffdh.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
@ -13,7 +13,7 @@
|
||||
#include "test/drivers/mac.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_mac.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_mac.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_mac_hooks_t mbedtls_test_driver_mac_hooks =
|
||||
|
@ -14,7 +14,7 @@
|
||||
#include "string.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_pake.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_pake.h"
|
||||
#endif
|
||||
|
||||
mbedtls_test_driver_pake_hooks_t mbedtls_test_driver_pake_hooks =
|
||||
|
@ -26,9 +26,9 @@
|
||||
#include "test/random.h"
|
||||
|
||||
#if defined(MBEDTLS_TEST_LIBTESTDRIVER1)
|
||||
#include "libtestdriver1/library/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/library/psa_crypto_hash.h"
|
||||
#include "libtestdriver1/library/psa_crypto_rsa.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_ecp.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_hash.h"
|
||||
#include "libtestdriver1/tf-psa-crypto/core/psa_crypto_rsa.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
@ -36,3 +36,5 @@ if(LIB_INSTALL_DIR)
|
||||
endif()
|
||||
|
||||
add_subdirectory(include)
|
||||
add_subdirectory(core)
|
||||
add_subdirectory(drivers)
|
||||
|
4
tf-psa-crypto/core/.gitignore
vendored
Normal file
4
tf-psa-crypto/core/.gitignore
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
###START_GENERATED_FILES###
|
||||
/psa_crypto_driver_wrappers.h
|
||||
/psa_crypto_driver_wrappers_no_static.c
|
||||
###END_GENERATED_FILES###
|
0
tf-psa-crypto/core/CMakeLists.txt
Normal file
0
tf-psa-crypto/core/CMakeLists.txt
Normal file
435
tf-psa-crypto/core/common.h
Normal file
435
tf-psa-crypto/core/common.h
Normal file
@ -0,0 +1,435 @@
|
||||
/**
|
||||
* \file common.h
|
||||
*
|
||||
* \brief Utility macros for internal use in the library
|
||||
*/
|
||||
/*
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
|
||||
*/
|
||||
|
||||
#ifndef MBEDTLS_LIBRARY_COMMON_H
|
||||
#define MBEDTLS_LIBRARY_COMMON_H
|
||||
|
||||
#include "mbedtls/build_info.h"
|
||||
#include "alignment.h"
|
||||
|
||||
#include <assert.h>
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
#include <stddef.h>
|
||||
|
||||
#if defined(__ARM_NEON)
|
||||
#include <arm_neon.h>
|
||||
#define MBEDTLS_HAVE_NEON_INTRINSICS
|
||||
#elif defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64)
|
||||
#include <arm64_neon.h>
|
||||
#define MBEDTLS_HAVE_NEON_INTRINSICS
|
||||
#endif
|
||||
|
||||
/** Helper to define a function as static except when building invasive tests.
|
||||
*
|
||||
* If a function is only used inside its own source file and should be
|
||||
* declared `static` to allow the compiler to optimize for code size,
|
||||
* but that function has unit tests, define it with
|
||||
* ```
|
||||
* MBEDTLS_STATIC_TESTABLE int mbedtls_foo(...) { ... }
|
||||
* ```
|
||||
* and declare it in a header in the `library/` directory with
|
||||
* ```
|
||||
* #if defined(MBEDTLS_TEST_HOOKS)
|
||||
* int mbedtls_foo(...);
|
||||
* #endif
|
||||
* ```
|
||||
*/
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
#define MBEDTLS_STATIC_TESTABLE
|
||||
#else
|
||||
#define MBEDTLS_STATIC_TESTABLE static
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
extern void (*mbedtls_test_hook_test_fail)(const char *test, int line, const char *file);
|
||||
#define MBEDTLS_TEST_HOOK_TEST_ASSERT(TEST) \
|
||||
do { \
|
||||
if ((!(TEST)) && ((*mbedtls_test_hook_test_fail) != NULL)) \
|
||||
{ \
|
||||
(*mbedtls_test_hook_test_fail)( #TEST, __LINE__, __FILE__); \
|
||||
} \
|
||||
} while (0)
|
||||
#else
|
||||
#define MBEDTLS_TEST_HOOK_TEST_ASSERT(TEST)
|
||||
#endif /* defined(MBEDTLS_TEST_HOOKS) */
|
||||
|
||||
/** \def ARRAY_LENGTH
|
||||
* Return the number of elements of a static or stack array.
|
||||
*
|
||||
* \param array A value of array (not pointer) type.
|
||||
*
|
||||
* \return The number of elements of the array.
|
||||
*/
|
||||
/* A correct implementation of ARRAY_LENGTH, but which silently gives
|
||||
* a nonsensical result if called with a pointer rather than an array. */
|
||||
#define ARRAY_LENGTH_UNSAFE(array) \
|
||||
(sizeof(array) / sizeof(*(array)))
|
||||
|
||||
#if defined(__GNUC__)
|
||||
/* Test if arg and &(arg)[0] have the same type. This is true if arg is
|
||||
* an array but not if it's a pointer. */
|
||||
#define IS_ARRAY_NOT_POINTER(arg) \
|
||||
(!__builtin_types_compatible_p(__typeof__(arg), \
|
||||
__typeof__(&(arg)[0])))
|
||||
/* A compile-time constant with the value 0. If `const_expr` is not a
|
||||
* compile-time constant with a nonzero value, cause a compile-time error. */
|
||||
#define STATIC_ASSERT_EXPR(const_expr) \
|
||||
(0 && sizeof(struct { unsigned int STATIC_ASSERT : 1 - 2 * !(const_expr); }))
|
||||
|
||||
/* Return the scalar value `value` (possibly promoted). This is a compile-time
|
||||
* constant if `value` is. `condition` must be a compile-time constant.
|
||||
* If `condition` is false, arrange to cause a compile-time error. */
|
||||
#define STATIC_ASSERT_THEN_RETURN(condition, value) \
|
||||
(STATIC_ASSERT_EXPR(condition) ? 0 : (value))
|
||||
|
||||
#define ARRAY_LENGTH(array) \
|
||||
(STATIC_ASSERT_THEN_RETURN(IS_ARRAY_NOT_POINTER(array), \
|
||||
ARRAY_LENGTH_UNSAFE(array)))
|
||||
|
||||
#else
|
||||
/* If we aren't sure the compiler supports our non-standard tricks,
|
||||
* fall back to the unsafe implementation. */
|
||||
#define ARRAY_LENGTH(array) ARRAY_LENGTH_UNSAFE(array)
|
||||
#endif
|
||||
/** Allow library to access its structs' private members.
|
||||
*
|
||||
* Although structs defined in header files are publicly available,
|
||||
* their members are private and should not be accessed by the user.
|
||||
*/
|
||||
#define MBEDTLS_ALLOW_PRIVATE_ACCESS
|
||||
|
||||
/**
|
||||
* \brief Securely zeroize a buffer then free it.
|
||||
*
|
||||
* Similar to making consecutive calls to
|
||||
* \c mbedtls_platform_zeroize() and \c mbedtls_free(), but has
|
||||
* code size savings, and potential for optimisation in the future.
|
||||
*
|
||||
* Guaranteed to be a no-op if \p buf is \c NULL and \p len is 0.
|
||||
*
|
||||
* \param buf Buffer to be zeroized then freed.
|
||||
* \param len Length of the buffer in bytes
|
||||
*/
|
||||
void mbedtls_zeroize_and_free(void *buf, size_t len);
|
||||
|
||||
/** Return an offset into a buffer.
|
||||
*
|
||||
* This is just the addition of an offset to a pointer, except that this
|
||||
* function also accepts an offset of 0 into a buffer whose pointer is null.
|
||||
* (`p + n` has undefined behavior when `p` is null, even when `n == 0`.
|
||||
* A null pointer is a valid buffer pointer when the size is 0, for example
|
||||
* as the result of `malloc(0)` on some platforms.)
|
||||
*
|
||||
* \param p Pointer to a buffer of at least n bytes.
|
||||
* This may be \p NULL if \p n is zero.
|
||||
* \param n An offset in bytes.
|
||||
* \return Pointer to offset \p n in the buffer \p p.
|
||||
* Note that this is only a valid pointer if the size of the
|
||||
* buffer is at least \p n + 1.
|
||||
*/
|
||||
static inline unsigned char *mbedtls_buffer_offset(
|
||||
unsigned char *p, size_t n)
|
||||
{
|
||||
return p == NULL ? NULL : p + n;
|
||||
}
|
||||
|
||||
/** Return an offset into a read-only buffer.
|
||||
*
|
||||
* Similar to mbedtls_buffer_offset(), but for const pointers.
|
||||
*
|
||||
* \param p Pointer to a buffer of at least n bytes.
|
||||
* This may be \p NULL if \p n is zero.
|
||||
* \param n An offset in bytes.
|
||||
* \return Pointer to offset \p n in the buffer \p p.
|
||||
* Note that this is only a valid pointer if the size of the
|
||||
* buffer is at least \p n + 1.
|
||||
*/
|
||||
static inline const unsigned char *mbedtls_buffer_offset_const(
|
||||
const unsigned char *p, size_t n)
|
||||
{
|
||||
return p == NULL ? NULL : p + n;
|
||||
}
|
||||
|
||||
/* Always inline mbedtls_xor() for similar reasons as mbedtls_xor_no_simd(). */
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
#pragma inline = forced
|
||||
#elif defined(__GNUC__)
|
||||
__attribute__((always_inline))
|
||||
#endif
|
||||
/**
|
||||
* Perform a fast block XOR operation, such that
|
||||
* r[i] = a[i] ^ b[i] where 0 <= i < n
|
||||
*
|
||||
* \param r Pointer to result (buffer of at least \p n bytes). \p r
|
||||
* may be equal to either \p a or \p b, but behaviour when
|
||||
* it overlaps in other ways is undefined.
|
||||
* \param a Pointer to input (buffer of at least \p n bytes)
|
||||
* \param b Pointer to input (buffer of at least \p n bytes)
|
||||
* \param n Number of bytes to process.
|
||||
*
|
||||
* \note Depending on the situation, it may be faster to use either mbedtls_xor() or
|
||||
* mbedtls_xor_no_simd() (these are functionally equivalent).
|
||||
* If the result is used immediately after the xor operation in non-SIMD code (e.g, in
|
||||
* AES-CBC), there may be additional latency to transfer the data from SIMD to scalar
|
||||
* registers, and in this case, mbedtls_xor_no_simd() may be faster. In other cases where
|
||||
* the result is not used immediately (e.g., in AES-CTR), mbedtls_xor() may be faster.
|
||||
* For targets without SIMD support, they will behave the same.
|
||||
*/
|
||||
static inline void mbedtls_xor(unsigned char *r,
|
||||
const unsigned char *a,
|
||||
const unsigned char *b,
|
||||
size_t n)
|
||||
{
|
||||
size_t i = 0;
|
||||
#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
|
||||
#if defined(MBEDTLS_HAVE_NEON_INTRINSICS) && \
|
||||
(!(defined(MBEDTLS_COMPILER_IS_GCC) && MBEDTLS_GCC_VERSION < 70300))
|
||||
/* Old GCC versions generate a warning here, so disable the NEON path for these compilers */
|
||||
for (; (i + 16) <= n; i += 16) {
|
||||
uint8x16_t v1 = vld1q_u8(a + i);
|
||||
uint8x16_t v2 = vld1q_u8(b + i);
|
||||
uint8x16_t x = veorq_u8(v1, v2);
|
||||
vst1q_u8(r + i, x);
|
||||
}
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
/* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case
|
||||
* where n is a constant multiple of 16.
|
||||
* For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time
|
||||
* constant, and is a very small perf regression if n is not a compile-time constant. */
|
||||
if (n % 16 == 0) {
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
#elif defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64)
|
||||
/* This codepath probably only makes sense on architectures with 64-bit registers */
|
||||
for (; (i + 8) <= n; i += 8) {
|
||||
uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i);
|
||||
mbedtls_put_unaligned_uint64(r + i, x);
|
||||
}
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
if (n % 8 == 0) {
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
for (; (i + 4) <= n; i += 4) {
|
||||
uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i);
|
||||
mbedtls_put_unaligned_uint32(r + i, x);
|
||||
}
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
if (n % 4 == 0) {
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
for (; i < n; i++) {
|
||||
r[i] = a[i] ^ b[i];
|
||||
}
|
||||
}
|
||||
|
||||
/* Always inline mbedtls_xor_no_simd() as we see significant perf regressions when it does not get
|
||||
* inlined (e.g., observed about 3x perf difference in gcm_mult_largetable with gcc 7 - 12) */
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
#pragma inline = forced
|
||||
#elif defined(__GNUC__)
|
||||
__attribute__((always_inline))
|
||||
#endif
|
||||
/**
|
||||
* Perform a fast block XOR operation, such that
|
||||
* r[i] = a[i] ^ b[i] where 0 <= i < n
|
||||
*
|
||||
* In some situations, this can perform better than mbedtls_xor() (e.g., it's about 5%
|
||||
* better in AES-CBC).
|
||||
*
|
||||
* \param r Pointer to result (buffer of at least \p n bytes). \p r
|
||||
* may be equal to either \p a or \p b, but behaviour when
|
||||
* it overlaps in other ways is undefined.
|
||||
* \param a Pointer to input (buffer of at least \p n bytes)
|
||||
* \param b Pointer to input (buffer of at least \p n bytes)
|
||||
* \param n Number of bytes to process.
|
||||
*
|
||||
* \note Depending on the situation, it may be faster to use either mbedtls_xor() or
|
||||
* mbedtls_xor_no_simd() (these are functionally equivalent).
|
||||
* If the result is used immediately after the xor operation in non-SIMD code (e.g, in
|
||||
* AES-CBC), there may be additional latency to transfer the data from SIMD to scalar
|
||||
* registers, and in this case, mbedtls_xor_no_simd() may be faster. In other cases where
|
||||
* the result is not used immediately (e.g., in AES-CTR), mbedtls_xor() may be faster.
|
||||
* For targets without SIMD support, they will behave the same.
|
||||
*/
|
||||
static inline void mbedtls_xor_no_simd(unsigned char *r,
|
||||
const unsigned char *a,
|
||||
const unsigned char *b,
|
||||
size_t n)
|
||||
{
|
||||
size_t i = 0;
|
||||
#if defined(MBEDTLS_EFFICIENT_UNALIGNED_ACCESS)
|
||||
#if defined(MBEDTLS_ARCH_IS_X64) || defined(MBEDTLS_ARCH_IS_ARM64)
|
||||
/* This codepath probably only makes sense on architectures with 64-bit registers */
|
||||
for (; (i + 8) <= n; i += 8) {
|
||||
uint64_t x = mbedtls_get_unaligned_uint64(a + i) ^ mbedtls_get_unaligned_uint64(b + i);
|
||||
mbedtls_put_unaligned_uint64(r + i, x);
|
||||
}
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
/* This if statement helps some compilers (e.g., IAR) optimise out the byte-by-byte tail case
|
||||
* where n is a constant multiple of 8.
|
||||
* For other compilers (e.g. recent gcc and clang) it makes no difference if n is a compile-time
|
||||
* constant, and is a very small perf regression if n is not a compile-time constant. */
|
||||
if (n % 8 == 0) {
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
#else
|
||||
for (; (i + 4) <= n; i += 4) {
|
||||
uint32_t x = mbedtls_get_unaligned_uint32(a + i) ^ mbedtls_get_unaligned_uint32(b + i);
|
||||
mbedtls_put_unaligned_uint32(r + i, x);
|
||||
}
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
if (n % 4 == 0) {
|
||||
return;
|
||||
}
|
||||
#endif
|
||||
#endif
|
||||
#endif
|
||||
for (; i < n; i++) {
|
||||
r[i] = a[i] ^ b[i];
|
||||
}
|
||||
}
|
||||
|
||||
/* Fix MSVC C99 compatible issue
|
||||
* MSVC support __func__ from visual studio 2015( 1900 )
|
||||
* Use MSVC predefine macro to avoid name check fail.
|
||||
*/
|
||||
#if (defined(_MSC_VER) && (_MSC_VER <= 1900))
|
||||
#define /*no-check-names*/ __func__ __FUNCTION__
|
||||
#endif
|
||||
|
||||
/* Define `asm` for compilers which don't define it. */
|
||||
/* *INDENT-OFF* */
|
||||
#ifndef asm
|
||||
#if defined(__IAR_SYSTEMS_ICC__)
|
||||
#define asm __asm
|
||||
#else
|
||||
#define asm __asm__
|
||||
#endif
|
||||
#endif
|
||||
/* *INDENT-ON* */
|
||||
|
||||
/*
|
||||
* Define the constraint used for read-only pointer operands to aarch64 asm.
|
||||
*
|
||||
* This is normally the usual "r", but for aarch64_32 (aka ILP32,
|
||||
* as found in watchos), "p" is required to avoid warnings from clang.
|
||||
*
|
||||
* Note that clang does not recognise '+p' or '=p', and armclang
|
||||
* does not recognise 'p' at all. Therefore, to update a pointer from
|
||||
* aarch64 assembly, it is necessary to use something like:
|
||||
*
|
||||
* uintptr_t uptr = (uintptr_t) ptr;
|
||||
* asm( "ldr x4, [%x0], #8" ... : "+r" (uptr) : : )
|
||||
* ptr = (void*) uptr;
|
||||
*
|
||||
* Note that the "x" in "%x0" is neccessary; writing "%0" will cause warnings.
|
||||
*/
|
||||
#if defined(__aarch64__) && defined(MBEDTLS_HAVE_ASM)
|
||||
#if UINTPTR_MAX == 0xfffffffful
|
||||
/* ILP32: Specify the pointer operand slightly differently, as per #7787. */
|
||||
#define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "p"
|
||||
#elif UINTPTR_MAX == 0xfffffffffffffffful
|
||||
/* Normal case (64-bit pointers): use "r" as the constraint for pointer operands to asm */
|
||||
#define MBEDTLS_ASM_AARCH64_PTR_CONSTRAINT "r"
|
||||
#else
|
||||
#error "Unrecognised pointer size for aarch64"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* Always provide a static assert macro, so it can be used unconditionally.
|
||||
* It will expand to nothing on some systems.
|
||||
* Can be used outside functions (but don't add a trailing ';' in that case:
|
||||
* the semicolon is included here to avoid triggering -Wextra-semi when
|
||||
* MBEDTLS_STATIC_ASSERT() expands to nothing).
|
||||
* Can't use the C11-style `defined(static_assert)` on FreeBSD, since it
|
||||
* defines static_assert even with -std=c99, but then complains about it.
|
||||
*/
|
||||
#if defined(static_assert) && !defined(__FreeBSD__)
|
||||
#define MBEDTLS_STATIC_ASSERT(expr, msg) static_assert(expr, msg);
|
||||
#else
|
||||
#define MBEDTLS_STATIC_ASSERT(expr, msg)
|
||||
#endif
|
||||
|
||||
#if defined(__has_builtin)
|
||||
#define MBEDTLS_HAS_BUILTIN(x) __has_builtin(x)
|
||||
#else
|
||||
#define MBEDTLS_HAS_BUILTIN(x) 0
|
||||
#endif
|
||||
|
||||
/* Define compiler branch hints */
|
||||
#if MBEDTLS_HAS_BUILTIN(__builtin_expect)
|
||||
#define MBEDTLS_LIKELY(x) __builtin_expect(!!(x), 1)
|
||||
#define MBEDTLS_UNLIKELY(x) __builtin_expect(!!(x), 0)
|
||||
#else
|
||||
#define MBEDTLS_LIKELY(x) x
|
||||
#define MBEDTLS_UNLIKELY(x) x
|
||||
#endif
|
||||
|
||||
/* MBEDTLS_ASSUME may be used to provide additional information to the compiler
|
||||
* which can result in smaller code-size. */
|
||||
#if MBEDTLS_HAS_BUILTIN(__builtin_assume)
|
||||
/* clang provides __builtin_assume */
|
||||
#define MBEDTLS_ASSUME(x) __builtin_assume(x)
|
||||
#elif MBEDTLS_HAS_BUILTIN(__builtin_unreachable)
|
||||
/* gcc and IAR can use __builtin_unreachable */
|
||||
#define MBEDTLS_ASSUME(x) do { if (!(x)) __builtin_unreachable(); } while (0)
|
||||
#elif defined(_MSC_VER)
|
||||
/* Supported by MSVC since VS 2005 */
|
||||
#define MBEDTLS_ASSUME(x) __assume(x)
|
||||
#else
|
||||
#define MBEDTLS_ASSUME(x) do { } while (0)
|
||||
#endif
|
||||
|
||||
/* For gcc -Os, override with -O2 for a given function.
|
||||
*
|
||||
* This will not affect behaviour for other optimisation settings, e.g. -O0.
|
||||
*/
|
||||
#if defined(MBEDTLS_COMPILER_IS_GCC) && defined(__OPTIMIZE_SIZE__)
|
||||
#define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE __attribute__((optimize("-O2")))
|
||||
#else
|
||||
#define MBEDTLS_OPTIMIZE_FOR_PERFORMANCE
|
||||
#endif
|
||||
|
||||
/* Suppress compiler warnings for unused functions and variables. */
|
||||
#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__has_attribute)
|
||||
# if __has_attribute(unused)
|
||||
# define MBEDTLS_MAYBE_UNUSED __attribute__((unused))
|
||||
# endif
|
||||
#endif
|
||||
#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__GNUC__)
|
||||
# define MBEDTLS_MAYBE_UNUSED __attribute__((unused))
|
||||
#endif
|
||||
#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(__IAR_SYSTEMS_ICC__) && defined(__VER__)
|
||||
/* IAR does support __attribute__((unused)), but only if the -e flag (extended language support)
|
||||
* is given; the pragma always works.
|
||||
* Unfortunately the pragma affects the rest of the file where it is used, but this is harmless.
|
||||
* Check for version 5.2 or later - this pragma may be supported by earlier versions, but I wasn't
|
||||
* able to find documentation).
|
||||
*/
|
||||
# if (__VER__ >= 5020000)
|
||||
# define MBEDTLS_MAYBE_UNUSED _Pragma("diag_suppress=Pe177")
|
||||
# endif
|
||||
#endif
|
||||
#if !defined(MBEDTLS_MAYBE_UNUSED) && defined(_MSC_VER)
|
||||
# define MBEDTLS_MAYBE_UNUSED __pragma(warning(suppress:4189))
|
||||
#endif
|
||||
#if !defined(MBEDTLS_MAYBE_UNUSED)
|
||||
# define MBEDTLS_MAYBE_UNUSED
|
||||
#endif
|
||||
|
||||
#endif /* MBEDTLS_LIBRARY_COMMON_H */
|
@ -1,2 +1,3 @@
|
||||
add_subdirectory(builtin)
|
||||
add_subdirectory(everest)
|
||||
add_subdirectory(p256-m)
|
1
tf-psa-crypto/drivers/builtin/CMakeLists.txt
Normal file
1
tf-psa-crypto/drivers/builtin/CMakeLists.txt
Normal file
@ -0,0 +1 @@
|
||||
add_subdirectory(src)
|
4
tf-psa-crypto/drivers/builtin/src/.gitignore
vendored
Normal file
4
tf-psa-crypto/drivers/builtin/src/.gitignore
vendored
Normal file
@ -0,0 +1,4 @@
|
||||
###START_GENERATED_FILES###
|
||||
/error.c
|
||||
/version_features.c
|
||||
###END_GENERATED_FILES###
|
0
tf-psa-crypto/drivers/builtin/src/CMakeLists.txt
Normal file
0
tf-psa-crypto/drivers/builtin/src/CMakeLists.txt
Normal file
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user