crypto-client test: add mechanism to build crypto library for client and server

It includes changes to:
- tests/Makefile: build the library for client and server in different
  folders. It mimica the libtestdriver1 behavior (without functions
  renaming though).
- tests/scripts/all.sh: helper function to build for client and
  server with some default configuration for each of them.
- crypto_spe.h: this is dummy file taken from the already existing
  tests. It's just meant to pacify the compiler, not to provide
  something useful. It will likely be changed in the future.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

tests/Makefile

@@ -173,6 +173,7 @@ ifndef WINDOWS
 	rm -f include/test/instrument_record_status.h
 	rm -f include/alt-extra/*/*_alt.h
 	rm -rf libtestdriver1
+	rm -rf libpsaclient libpsaserver
 	rm -f ../library/libtestdriver1.a
 else
 	if exist *.c del /Q /F *.c
@@ -246,3 +247,17 @@ include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile
 	echo "  Gen  $@"
 	sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p'
 endif
+
+libpsaclient libpsaserver:
+	# Clone the library and include folder for client and server builds.
+	rm -Rf ./$@
+	mkdir ./$@
+	cp -Rf ../library ./$@
+	cp -Rf ../include ./$@
+	cp -Rf ../scripts ./$@
+	mkdir ./$@/3rdparty
+	touch ./$@/3rdparty/Makefile.inc
+	cp ./psa-client-server/psasim/include/crypto_spe.h ./$@/include/psa/
+
+	# Build the libraries.
+	$(MAKE) -C ./$@/library CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a libmbedx509.a libmbedtls.a

tests/psa-client-server/psasim/include/crypto_spe.h

@@ -0,0 +1,131 @@
+/*
+ * Copyright The Mbed TLS Contributors
+ * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ *
+ */
+
+/**
+ * \file crypto_spe.h
+ *
+ * \brief When Mbed TLS is built with the MBEDTLS_PSA_CRYPTO_SPM option
+ *        enabled, this header is included by all .c files in Mbed TLS that
+ *        use PSA Crypto function names. This avoids duplication of symbols
+ *        between TF-M and Mbed TLS.
+ *
+ * \note  This file should be included before including any PSA Crypto headers
+ *        from Mbed TLS.
+ */
+
+#ifndef CRYPTO_SPE_H
+#define CRYPTO_SPE_H
+
+#define PSA_FUNCTION_NAME(x) mbedcrypto__ ## x
+
+#define psa_crypto_init \
+    PSA_FUNCTION_NAME(psa_crypto_init)
+#define psa_key_derivation_get_capacity \
+    PSA_FUNCTION_NAME(psa_key_derivation_get_capacity)
+#define psa_key_derivation_set_capacity \
+    PSA_FUNCTION_NAME(psa_key_derivation_set_capacity)
+#define psa_key_derivation_input_bytes \
+    PSA_FUNCTION_NAME(psa_key_derivation_input_bytes)
+#define psa_key_derivation_output_bytes \
+    PSA_FUNCTION_NAME(psa_key_derivation_output_bytes)
+#define psa_key_derivation_input_key \
+    PSA_FUNCTION_NAME(psa_key_derivation_input_key)
+#define psa_key_derivation_output_key \
+    PSA_FUNCTION_NAME(psa_key_derivation_output_key)
+#define psa_key_derivation_setup \
+    PSA_FUNCTION_NAME(psa_key_derivation_setup)
+#define psa_key_derivation_abort \
+    PSA_FUNCTION_NAME(psa_key_derivation_abort)
+#define psa_key_derivation_key_agreement \
+    PSA_FUNCTION_NAME(psa_key_derivation_key_agreement)
+#define psa_raw_key_agreement \
+    PSA_FUNCTION_NAME(psa_raw_key_agreement)
+#define psa_generate_random \
+    PSA_FUNCTION_NAME(psa_generate_random)
+#define psa_aead_encrypt \
+    PSA_FUNCTION_NAME(psa_aead_encrypt)
+#define psa_aead_decrypt \
+    PSA_FUNCTION_NAME(psa_aead_decrypt)
+#define psa_open_key \
+    PSA_FUNCTION_NAME(psa_open_key)
+#define psa_close_key \
+    PSA_FUNCTION_NAME(psa_close_key)
+#define psa_import_key \
+    PSA_FUNCTION_NAME(psa_import_key)
+#define psa_destroy_key \
+    PSA_FUNCTION_NAME(psa_destroy_key)
+#define psa_get_key_attributes \
+    PSA_FUNCTION_NAME(psa_get_key_attributes)
+#define psa_reset_key_attributes \
+    PSA_FUNCTION_NAME(psa_reset_key_attributes)
+#define psa_export_key \
+    PSA_FUNCTION_NAME(psa_export_key)
+#define psa_export_public_key \
+    PSA_FUNCTION_NAME(psa_export_public_key)
+#define psa_purge_key \
+    PSA_FUNCTION_NAME(psa_purge_key)
+#define psa_copy_key \
+    PSA_FUNCTION_NAME(psa_copy_key)
+#define psa_cipher_operation_init \
+    PSA_FUNCTION_NAME(psa_cipher_operation_init)
+#define psa_cipher_generate_iv \
+    PSA_FUNCTION_NAME(psa_cipher_generate_iv)
+#define psa_cipher_set_iv \
+    PSA_FUNCTION_NAME(psa_cipher_set_iv)
+#define psa_cipher_encrypt_setup \
+    PSA_FUNCTION_NAME(psa_cipher_encrypt_setup)
+#define psa_cipher_decrypt_setup \
+    PSA_FUNCTION_NAME(psa_cipher_decrypt_setup)
+#define psa_cipher_update \
+    PSA_FUNCTION_NAME(psa_cipher_update)
+#define psa_cipher_finish \
+    PSA_FUNCTION_NAME(psa_cipher_finish)
+#define psa_cipher_abort \
+    PSA_FUNCTION_NAME(psa_cipher_abort)
+#define psa_hash_operation_init \
+    PSA_FUNCTION_NAME(psa_hash_operation_init)
+#define psa_hash_setup \
+    PSA_FUNCTION_NAME(psa_hash_setup)
+#define psa_hash_update \
+    PSA_FUNCTION_NAME(psa_hash_update)
+#define psa_hash_finish \
+    PSA_FUNCTION_NAME(psa_hash_finish)
+#define psa_hash_verify \
+    PSA_FUNCTION_NAME(psa_hash_verify)
+#define psa_hash_abort \
+    PSA_FUNCTION_NAME(psa_hash_abort)
+#define psa_hash_clone \
+    PSA_FUNCTION_NAME(psa_hash_clone)
+#define psa_hash_compute \
+    PSA_FUNCTION_NAME(psa_hash_compute)
+#define psa_hash_compare \
+    PSA_FUNCTION_NAME(psa_hash_compare)
+#define psa_mac_operation_init \
+    PSA_FUNCTION_NAME(psa_mac_operation_init)
+#define psa_mac_sign_setup \
+    PSA_FUNCTION_NAME(psa_mac_sign_setup)
+#define psa_mac_verify_setup \
+    PSA_FUNCTION_NAME(psa_mac_verify_setup)
+#define psa_mac_update \
+    PSA_FUNCTION_NAME(psa_mac_update)
+#define psa_mac_sign_finish \
+    PSA_FUNCTION_NAME(psa_mac_sign_finish)
+#define psa_mac_verify_finish \
+    PSA_FUNCTION_NAME(psa_mac_verify_finish)
+#define psa_mac_abort \
+    PSA_FUNCTION_NAME(psa_mac_abort)
+#define psa_sign_hash \
+    PSA_FUNCTION_NAME(psa_sign_hash)
+#define psa_verify_hash \
+    PSA_FUNCTION_NAME(psa_verify_hash)
+#define psa_asymmetric_encrypt \
+    PSA_FUNCTION_NAME(psa_asymmetric_encrypt)
+#define psa_asymmetric_decrypt \
+    PSA_FUNCTION_NAME(psa_asymmetric_decrypt)
+#define psa_generate_key \
+    PSA_FUNCTION_NAME(psa_generate_key)
+
+#endif /* CRYPTO_SPE_H */

tests/scripts/all.sh

@@ -945,6 +945,39 @@ helper_libtestdriver1_make_main() {
     make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@"
 }
 
+# $1: target which can be "client" or "server"
+helper_crypto_client_build() {
+    TARGET=$1
+    TARGET_LIB=libpsa$TARGET
+
+    cp $CONFIG_H $CONFIG_H.bak
+
+    if [ "$TARGET" == "client" ]; then
+        scripts/config.py full
+        scripts/config.py unset MBEDTLS_PSA_CRYPTO_C
+        scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C
+        # Dynamic secure element support is a deprecated feature and it is not
+        # available when CRYPTO_C and PSA_CRYPTO_STORAGE_C are disabled.
+        scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C
+        # Disable potentially problematic features
+        scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT
+        scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
+        scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
+        scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
+        scripts/config.py unset MBEDTLS_ECP_RESTARTABLE
+    else
+        scripts/config.py crypto_full
+        scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
+        scripts/config.py set MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+        scripts/config.py set MBEDTLS_PSA_CRYPTO_SPM
+    fi
+
+    make -C tests CC="$ASAN_CC" CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $TARGET_LIB
+
+    rm $CONFIG_H
+    mv $CONFIG_H.bak $CONFIG_H
+}
+
 ################################################################
 #### Configuration helpers
 ################################################################
@@ -6166,6 +6199,16 @@ component_check_test_helpers () {
 }
 
 component_test_psasim() {
+    msg "build library for client"
+
+    helper_crypto_client_build client
+
+    msg "build library for server"
+
+    scripts/config.py crypto
+
+    helper_crypto_client_build server
+
     msg "build psasim"
     make -C tests/psa-client-server/psasim