diff --git a/.gitignore b/.gitignore index 2917cfbef9..9226eecb4c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,5 @@ # Random seed file created by test scripts and sample programs seedfile -# MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework -00000000ffffff52.psa_its # Log files created by all.sh to reduce the logs in case a component runs # successfully quiet-make.* diff --git a/docs/proposed/config-split.md b/docs/proposed/config-split.md index 1baab356b2..1ed3cc773f 100644 --- a/docs/proposed/config-split.md +++ b/docs/proposed/config-split.md @@ -247,7 +247,6 @@ PSA_WANT_\* macros as in current `crypto_config.h`. //#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER //#define MBEDTLS_PSA_CRYPTO_SPM #define MBEDTLS_PSA_CRYPTO_STORAGE_C -//#define MBEDTLS_PSA_INJECT_ENTROPY #define MBEDTLS_PSA_ITS_FILE_C #define MBEDTLS_PSA_KEY_STORE_DYNAMIC //#define MBEDTLS_PSA_STATIC_KEY_SLOTS diff --git a/scripts/config.py b/scripts/config.py index 417f6e25a2..3fc3614dc7 100755 --- a/scripts/config.py +++ b/scripts/config.py @@ -96,7 +96,6 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG', # behavior change + build dependency 'MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER', # interface and behavior change 'MBEDTLS_PSA_CRYPTO_SPM', # platform dependency (PSA SPM) - 'MBEDTLS_PSA_INJECT_ENTROPY', # conflicts with platform entropy sources 'MBEDTLS_RSA_NO_CRT', # influences the use of RSA in X.509 and TLS 'MBEDTLS_SHA256_USE_A64_CRYPTO_ONLY', # interacts with *_USE_A64_CRYPTO_IF_PRESENT 'MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY', # interacts with *_USE_ARMV8_A_CRYPTO_IF_PRESENT diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h deleted file mode 100644 index f230fd3c5c..0000000000 --- a/tests/configs/user-config-for-test.h +++ /dev/null @@ -1,29 +0,0 @@ -/* TF_PSA_CRYPTO_USER_CONFIG_FILE for testing. - * Only used for a few test configurations. - * - * Typical usage (note multiple levels of quoting): - * make CFLAGS="'-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" - */ - -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) -/* The #MBEDTLS_PSA_INJECT_ENTROPY feature requires two extra platform - * functions, which must be configured as #MBEDTLS_PLATFORM_NV_SEED_READ_MACRO - * and #MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO. The job of these functions - * is to read and write from the entropy seed file, which is located - * in the PSA ITS file whose uid is #PSA_CRYPTO_ITS_RANDOM_SEED_UID. - * (These could have been provided as library functions, but for historical - * reasons, they weren't, and so each integrator has to provide a copy - * of these functions.) - * - * Provide implementations of these functions for testing. */ -#include -int mbedtls_test_inject_entropy_seed_read(unsigned char *buf, size_t len); -int mbedtls_test_inject_entropy_seed_write(unsigned char *buf, size_t len); -#define MBEDTLS_PLATFORM_NV_SEED_READ_MACRO mbedtls_test_inject_entropy_seed_read -#define MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO mbedtls_test_inject_entropy_seed_write -#endif /* MBEDTLS_PSA_INJECT_ENTROPY */ diff --git a/tests/psa-client-server/psasim/src/psa_sim_generate.pl b/tests/psa-client-server/psasim/src/psa_sim_generate.pl index 5770deaa80..3eec226e16 100755 --- a/tests/psa-client-server/psasim/src/psa_sim_generate.pl +++ b/tests/psa-client-server/psasim/src/psa_sim_generate.pl @@ -27,7 +27,6 @@ my @skip_functions = ( 'mbedtls_psa_crypto_free', # redefined rather than wrapped 'mbedtls_psa_external_get_random', # not in the default config, uses unsupported type 'mbedtls_psa_get_stats', # uses unsupported type - 'mbedtls_psa_inject_entropy', # not in the default config, generally not for client use anyway 'mbedtls_psa_platform_get_builtin_key', # not in the default config, uses unsupported type 'psa_get_key_slot_number', # not in the default config, uses unsupported type 'psa_key_derivation_verify_bytes', # not implemented yet diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 3d58895550..cb66e371cb 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -261,21 +261,6 @@ component_test_psa_external_rng_use_psa_crypto () { tests/ssl-opt.sh -f 'Default\|opaque' } -component_test_psa_inject_entropy () { - msg "build: full + MBEDTLS_PSA_INJECT_ENTROPY" - scripts/config.py full - scripts/config.py set MBEDTLS_PSA_INJECT_ENTROPY - scripts/config.py set MBEDTLS_ENTROPY_NV_SEED - scripts/config.py set MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES - scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT - scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ - scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" - - msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" - make test -} - component_full_no_pkparse_pkwrite () { msg "build: full without pkparse and pkwrite" diff --git a/tf-psa-crypto b/tf-psa-crypto index 43ea7fa25c..893f536dae 160000 --- a/tf-psa-crypto +++ b/tf-psa-crypto @@ -1 +1 @@ -Subproject commit 43ea7fa25cd8a288c5b75dbb0b4eb47df6ffca8b +Subproject commit 893f536dae31f358516de6d9e851da7c18f5f53e