mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-01 09:10:03 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5f573f8301
mbedtls/configs/config-tfm.h
Gilles Peskine 5f573f8301 Fix broken test with MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER 
When testing the lifecycle of a transient key, it doesn't make much sense to
try psa_open_key: that expects a persistent key and the lookup takes a
different path. The error from psa_open_key is also different depending on
whether MBEDTLS_PSA_CRYPTO_STORAGE_C is enabled.

To check that the key ownership is taken into account, try to access the
same key id with a different owner without expecting that this is a
persistent key. Just call psa_get_key_attributes, which works fine for a
transient key.

This fixes a test failure when MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is
enabled and MBEDTLS_PSA_CRYPTO_STORAGE_C is disabled.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-09-26 17:15:52 +08:00

45 lines
1.7 KiB
C
Raw Blame History

/**
* \file config-tfm.h
*
* \brief TF-M configuration with tweaks for a successful build and test.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* TF-M Configuration Options */
#include "../configs/ext/tfm_mbedcrypto_config_profile_medium.h"
/* TF-M PSA Crypto Configuration */
#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "../configs/ext/crypto_config_profile_medium.h"
/*****************************************************************************/
/* Tweak configuration based on TF-M config for a successful build and test. */
/*****************************************************************************/
/* MBEDTLS_PSA_CRYPTO_SPM needs third party files, so disable it. */
#undef MBEDTLS_PSA_CRYPTO_SPM
/* TF-M provides its own (dummy) implemenations which Mbed TLS doesn't need. */
#undef MBEDTLS_AES_SETKEY_DEC_ALT
#undef MBEDTLS_AES_DECRYPT_ALT
/* pkparse.c fails to link without this. */
#define MBEDTLS_OID_C
/* Use built-in platform entropy functions. */
#undef MBEDTLS_NO_PLATFORM_ENTROPY
/* Disable buffer-based memory allocator */
#undef MBEDTLS_MEMORY_BUFFER_ALLOC_C
Reference in New Issue View Git Blame Copy Permalink