If MBEDTLS_PSA_STATIC_KEY_SLOTS is set then limit PSA_CRYPTO_MAX_STORAGE_SIZE
to MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE, otherwise keep the previous
PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS) size.
This commit also removes changes to test_suite_psa_crypto_persistent_key.data
done previously since MBEDTLS_PSA_STATIC_KEY_SLOTS is always up to date
with key buffer size.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
Disable all MBEDTLS_xxx symbols (keeping only the relevant ones enabled)
when building the main library.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit also fixes related errors in test suites. In all
cases those failures are related to the use of raw keys whose
size cannot be determined a-priori.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This helps reducing heap memory usage and, if heap memory is
not used anywhere else in an embedded device, it also reduces
code footprint since there is no need for heap management code
in this case.
A new build symbol is added for this purpose, named
MBEDTLS_PSA_STATIC_KEY_SLOTS. It's disabled by default so that
normal usage of Mbed TLS library is not affected.
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
In 4.x the semantics of MBEDTLS_PSA_CRYPTO_C and
MBEDTLS_PSA_CRYPTO_CLIENT are different compared with 3.6.
Where this is a problem, make guards more version-specific so that we
are guarding with MBEDTLS_PSA_CRYPTO_C for 3.6 and
MBEDTLS_PSA_CRYPTO_CLIENT for 4.x, keeping each branch the same as it
was formerly.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Without quotes, when the variable is empty, the shell will see three
tokens: [, -n, ]. After skipping ] as usual, it will see a single token,
so it will consider it not as command, but a string to be tested for "is
it empty", and since "-n" is not empty, the command will return true.
With quotes it see 4 tokens: [, -n, <empty string>, ] and interprets -n
as desired.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Now the output of
grep '^[^ {}#]' tests/scripts/all-*.sh | grep -v '()'
is clean, with the only results being:
- shopt -s extglob which is needing for parsing the rest
- usage message
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
The only occurrences found by git grep were the definitions and the
comment saying these are kept for backwards compatibility.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Don't interleave defining functions with running some code.
The only exception is calling shopt, which needs to come first as it
affects how the following function definitions are parsed.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This change is not correct for 3.6 and will be reverted. It is only
applied as a temporary measure to avoid conflicts while cherry-pick
changes from development.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Needed after b81cd1af6418823a2b5ffbd3710ceac9b0e0afa4 (#9671)
since generate_ssl_debug_helpers.py was moved to the framework
Signed-off-by: Elena Uziunaite <elena.uziunaite@arm.com>
