This commit removes obsolete Travis CI scripts that are no longer
required due to the transition to a publically available CI image.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
For ECDSA verification, there is no difference between the deterministic and
randomized algorithm. The PSA core consider the two variants as identical as
far as key policies are concerned, and the built-in implementation accepts
either variant even if only the other variant is supported for signature.
In p256-m, accept to perform an ECDSA verification when the algorithm is
specified as deterministic ECDSA. This makes the behavior identical to the
built-in implementation, which is less surprising for users and saves us
from having to cope with a difference in our testing.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We need to include from both tests/include and framework/tests/include.
Update scripts/generate_visualc_files.pl to re-add tests/include, which
had previously been replaced with framework/tests/include.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Both the main repository and framework test helper paths are needed, so
generate these in the script.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit improves support for submodules within code_style.py. A new
function get_submodule_hash retrieves the submodule hash at the time of
a commit allowing an appropriate diff to be seen.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
mypy >=0.960 rejects macro_collector.py.
https://github.com/Mbed-TLS/mbedtls-framework/issues/50
We currently need mypy >=0.940, <0.960. Pick 0.942, which works, and is the
system version on Ubuntu 22.04.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Upgrade mypy to 0.971, which is the last version that supports Python 3.6
(the oldest Python version that we currently run on the CI).
This fixes the error
```
framework/scripts/mbedtls_framework/outcome_analysis.py:119: error: Incompatible return value type (got "IO[Any]", expected "TextIO")
framework/scripts/mbedtls_framework/outcome_analysis.py:121: error: Incompatible return value type (got "IO[Any]", expected "TextIO")
```
As far as I can tell the fix is https://github.com/python/mypy/pull/9275
which was released in mypy 0.940.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
To get rid on the reliance on sections, change "full" and friends to enable
settings based on whether the setting is boolean, rather than based on the
section it contains.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`tests/opt-testcases/tls13-compat.sh` is supposed to be automatically
generated by `tests/scripts/generate_tls13_compat_tests.py`. So far, the
output has been updated by running the script manually and committing the
output. Switch to using our framework for generated files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER has been compatible with
MBEDTLS_USE_PSA_CRYPTO since https://github.com/Mbed-TLS/mbedtls/pull/5380.
We still don't want to enable it in the full config because it's a behavior
change, even an interface change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
