Enable MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO
is reference configurations as we are working towards
removing (always on) them.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Also converts legacy symbols into their PSA equivalents.
When PSA is defined this does not change the compiled code
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Also convert legacy symbols to their PSA equivalents.
This does not change code compiled when this config is active with PSA
enabled
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
Replaces legacy symbols with the PSA equivalents.
This doesn't change the code generated when this config is active
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
We also add a check in "all.sh" components:
- component_test_tfm_config_p256m_driver_accel_ec
- component_test_tfm_config
to ensure that CIPHER_C was not re-enabled accidentally.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Move all changes local to Mbed TLS into config-tfm.h (except for commenting
out a couple of #include's).
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
config-tfm.h is copied into mbedtls_config.h in test-ref-config.pl.
The relative path is include/ not configs/.
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
This is what TF-M intended and they have done so since we copied the file.
It's either disable these options, or enable MBEDTLS_OID_C.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
When testing the lifecycle of a transient key, it doesn't make much sense to
try psa_open_key: that expects a persistent key and the lookup takes a
different path. The error from psa_open_key is also different depending on
whether MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled.
To check that the key ownership is taken into account, try to access the
same key id with a different owner without expecting that this is a
persistent key. Just call psa_get_key_attributes, which works fine for a
transient key.
This fixes a test failure when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is
enabled and MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The official spelling of the trade mark changed from all-lowercase "mbed"
to normal proper noun capitalization "Mbed" a few years ago. We've been
using the new spelling in new text but still have the old spelling in a
lot of text. This commit updates most occurrences of "mbed TLS":
```
sed -i -e 's/mbed TLS/Mbed TLS/g' $(git ls-files ':!ChangeLog' ':!tests/data_files/**' ':!tests/suites/*.data' ':!programs/x509/*' ':!configs/tfm*')
```
Justification for the omissions:
* `ChangeLog`: historical text.
* `test/data_files/**`, `tests/suites/*.data`, `programs/x509/*`: many
occurrences are significant names in certificates and such. Changing
the spelling would invalidate many signatures and tests.
* `configs/tfm*`: this is an imported file. We'll follow the upstream
updates.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
