This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit fixes include issues with error.c. Since error_common.h now
defines error codes, this is a mandatory include. The macro
MBEDTLS_ERROR_C guards functions for strerror which is now found in
error.h.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit updates generated_errors.pl to create the error.c file and
correctly include the error_common.h header file, which contains error
code definitions.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
mypy >=0.960 rejects macro_collector.py.
https://github.com/Mbed-TLS/mbedtls-framework/issues/50
We currently need mypy >=0.940, <0.960. Pick 0.942, which works, and is the
system version on Ubuntu 22.04.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Upgrade mypy to 0.971, which is the last version that supports Python 3.6
(the oldest Python version that we currently run on the CI).
This fixes the error
```
framework/scripts/mbedtls_framework/outcome_analysis.py:119: error: Incompatible return value type (got "IO[Any]", expected "TextIO")
framework/scripts/mbedtls_framework/outcome_analysis.py:121: error: Incompatible return value type (got "IO[Any]", expected "TextIO")
```
As far as I can tell the fix is https://github.com/python/mypy/pull/9275
which was released in mypy 0.940.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit improves support for submodules within code_style.py. A new
function get_submodule_hash retrieves the submodule hash at the time of
a commit allowing an appropriate diff to be seen.
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
This commit moves version.h back into /include/mbedtls from
tf-psa-crypto/drivers/builtin/include. This commit also changes the
necessary build files and scripts to generate version_features.c
Signed-off-by: Harry Ramsey <harry.ramsey@arm.com>
`tests/opt-testcases/tls13-compat.sh` is supposed to be automatically
generated by `tests/scripts/generate_tls13_compat_tests.py`. So far, the
output has been updated by running the script manually and committing the
output. Switch to using our framework for generated files.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
To get rid on the reliance on sections, change "full" and friends to enable
settings based on whether the setting is boolean, rather than based on the
section it contains.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER has been compatible with
MBEDTLS_USE_PSA_CRYPTO since https://github.com/Mbed-TLS/mbedtls/pull/5380.
We still don't want to enable it in the full config because it's a behavior
change, even an interface change.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Move the Setting, Config, ConfigFile and ConfigTool classes to config_common.
Also update the referencies to the moved classes.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Make the include directory check relative to the source file in case not called
from the project root.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
Due to the forward declaration issues, move the common descendant functions
and configfile handling to the `Config` base class.
Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>
