diff --git a/.gitignore b/.gitignore index 12c775dff7..6068cbca76 100644 --- a/.gitignore +++ b/.gitignore @@ -2,6 +2,9 @@ seedfile # MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework 00000000ffffff52.psa_its +# Log files created by all.sh to reduce the logs in case a component runs +# successfully +quiet-make.* # CMake build artifacts: CMakeCache.txt diff --git a/3rdparty/everest/CMakeLists.txt b/3rdparty/everest/CMakeLists.txt index e0e5adecd1..8c8e8db04a 100644 --- a/3rdparty/everest/CMakeLists.txt +++ b/3rdparty/everest/CMakeLists.txt @@ -8,6 +8,7 @@ add_library(${everest_target} target_include_directories(${everest_target} PUBLIC $ $ + $ $ PRIVATE include/everest include/everest/kremlib diff --git a/3rdparty/p256-m/.gitignore b/3rdparty/p256-m/.gitignore new file mode 100644 index 0000000000..f3c7a7c5da --- /dev/null +++ b/3rdparty/p256-m/.gitignore @@ -0,0 +1 @@ +Makefile diff --git a/3rdparty/p256-m/CMakeLists.txt b/3rdparty/p256-m/CMakeLists.txt index 2ef0d48b7d..bd302a7b66 100644 --- a/3rdparty/p256-m/CMakeLists.txt +++ b/3rdparty/p256-m/CMakeLists.txt @@ -8,6 +8,7 @@ target_include_directories(${p256m_target} PUBLIC $ $ $ + $ $ PRIVATE ${MBEDTLS_DIR}/library/) diff --git a/CMakeLists.txt b/CMakeLists.txt index e47667545a..b52058aa6a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -294,6 +294,8 @@ add_subdirectory(3rdparty) add_subdirectory(library) +add_subdirectory(tf-psa-crypto) + add_subdirectory(pkgconfig) # @@ -349,6 +351,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) target_include_directories(mbedtls_test PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library) # Request C11, needed for memory poisoning tests set_target_properties(mbedtls_test PROPERTIES C_STANDARD 11) @@ -359,6 +362,7 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) target_include_directories(mbedtls_test_helpers PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tests/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/tf-psa-crypto/include PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/library PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/3rdparty/everest/include) diff --git a/Makefile b/Makefile index fb80529efa..0f1f3da8fd 100644 --- a/Makefile +++ b/Makefile @@ -96,7 +96,7 @@ install: no_test mkdir -p $(DESTDIR)/include/mbedtls cp -rp include/mbedtls $(DESTDIR)/include mkdir -p $(DESTDIR)/include/psa - cp -rp include/psa $(DESTDIR)/include + cp -rp tf-psa-crypto/include/psa $(DESTDIR)/include mkdir -p $(DESTDIR)/lib cp -RP library/libmbedtls.* $(DESTDIR)/lib @@ -197,6 +197,7 @@ C_SOURCE_FILES = $(wildcard \ 3rdparty/*/*.c 3rdparty/*/*/*.c 3rdparty/*/*/*/*.c 3rdparty/*/*/*/*/*.c \ include/*/*.h \ library/*.[hc] \ + tf-psa-crypto/include/*/*.h \ programs/*/*.[hc] \ tests/include/*/*.h tests/include/*/*/*.h \ tests/src/*.c tests/src/*/*.c \ @@ -213,5 +214,5 @@ GPATH GRTAGS GSYMS GTAGS: $(C_SOURCE_FILES) ls $(C_SOURCE_FILES) | gtags -f - --gtagsconf .globalrc cscope: cscope.in.out cscope.po.out cscope.out cscope.in.out cscope.po.out cscope.out: $(C_SOURCE_FILES) - cscope -bq -u -Iinclude -Ilibrary $(patsubst %,-I%,$(wildcard 3rdparty/*/include)) -Itests/include $(C_SOURCE_FILES) + cscope -bq -u -Iinclude -Ilibrary -Itf-psa-crypto/include $(patsubst %,-I%,$(wildcard 3rdparty/*/include)) -Itests/include $(C_SOURCE_FILES) .PHONY: cscope global diff --git a/docs/architecture/psa-migration/outcome-analysis.sh b/docs/architecture/psa-migration/outcome-analysis.sh index 1805a3ca0e..bbcdffd843 100755 --- a/docs/architecture/psa-migration/outcome-analysis.sh +++ b/docs/architecture/psa-migration/outcome-analysis.sh @@ -27,7 +27,7 @@ set -eu cleanup() { make clean - git checkout -- include/mbedtls/mbedtls_config.h include/psa/crypto_config.h + git checkout -- include/mbedtls/mbedtls_config.h tf-psa-crypto/include/psa/crypto_config.h } record() { diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index c4505ac239..847deb01ae 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -6,7 +6,7 @@ EXTRACT_ALL = YES EXTRACT_PRIVATE = YES EXTRACT_STATIC = YES CASE_SENSE_NAMES = NO -INPUT = ../include input ../tests/include/alt-dummy +INPUT = ../include ../tf-psa-crypto/include input ../tests/include/alt-dummy FILE_PATTERNS = *.h RECURSIVE = YES EXCLUDE_SYMLINKS = YES @@ -21,7 +21,7 @@ GENERATE_LATEX = NO GENERATE_XML = YES MACRO_EXPANSION = YES EXPAND_ONLY_PREDEF = YES -INCLUDE_PATH = ../include +INCLUDE_PATH = ../include ../tf-psa-crypto/include EXPAND_AS_DEFINED = MBEDTLS_PRIVATE CLASS_DIAGRAMS = NO HAVE_DOT = YES diff --git a/framework b/framework index 623c1b4532..c663fa8ece 160000 --- a/framework +++ b/framework @@ -1 +1 @@ -Subproject commit 623c1b4532e8de64a5d82ea84a7496e64c370d15 +Subproject commit c663fa8ece1dfee830da096ae872547d23543e60 diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt index e11e2715af..755efedd1c 100644 --- a/include/CMakeLists.txt +++ b/include/CMakeLists.txt @@ -3,20 +3,13 @@ option(INSTALL_MBEDTLS_HEADERS "Install Mbed TLS headers." ON) if(INSTALL_MBEDTLS_HEADERS) file(GLOB headers "mbedtls/*.h") - file(GLOB psa_headers "psa/*.h") install(FILES ${headers} DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) - - install(FILES ${psa_headers} - DESTINATION include/psa - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) - endif(INSTALL_MBEDTLS_HEADERS) # Make mbedtls_config.h available in an out-of-source build. ssl-opt.sh requires it. if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) link_to_source(mbedtls) - link_to_source(psa) endif() diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt index 37a9724559..5ccbe64161 100644 --- a/library/CMakeLists.txt +++ b/library/CMakeLists.txt @@ -329,6 +329,7 @@ foreach(target IN LISTS target_libraries) # of /library (which currently means: under /3rdparty). target_include_directories(${target} PUBLIC $ + $ $ PRIVATE ${MBEDTLS_DIR}/library/ # Needed to include psa_crypto_driver_wrappers.h diff --git a/library/Makefile b/library/Makefile index 388fcea612..4eadf41053 100644 --- a/library/Makefile +++ b/library/Makefile @@ -28,11 +28,11 @@ CFLAGS ?= -O2 WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral LDFLAGS ?= -# Include ../include for public headers and . for private headers. -# Note that . needs to be included explicitly for the sake of library -# files that are not in the /library directory (which currently means +# Include ../include, ../tf-psa-crypto/include for public headers and . for +# private headers. Note that . needs to be included explicitly for the sake of +# library files that are not in the /library directory (which currently means # under /3rdparty). -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I. -I../include -I../tf-psa-crypto/include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ifdef DEBUG diff --git a/pkgconfig/.gitignore b/pkgconfig/.gitignore new file mode 100644 index 0000000000..5460c20766 --- /dev/null +++ b/pkgconfig/.gitignore @@ -0,0 +1,2 @@ +Makefile +*.pc diff --git a/programs/Makefile b/programs/Makefile index 8d1da6dbe7..9b48cc0f05 100644 --- a/programs/Makefile +++ b/programs/Makefile @@ -127,8 +127,8 @@ GENERATED_FILES = psa/psa_constant_names_generated.c test/query_config.c generated_files: $(GENERATED_FILES) psa/psa_constant_names_generated.c: $(gen_file_dep) ../scripts/generate_psa_constants.py -psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_values.h -psa/psa_constant_names_generated.c: $(gen_file_dep) ../include/psa/crypto_extra.h +psa/psa_constant_names_generated.c: $(gen_file_dep) ../tf-psa-crypto/include/psa/crypto_values.h +psa/psa_constant_names_generated.c: $(gen_file_dep) ../tf-psa-crypto/include/psa/crypto_extra.h psa/psa_constant_names_generated.c: $(gen_file_dep) ../tests/suites/test_suite_psa_crypto_metadata.data psa/psa_constant_names_generated.c: echo " Gen $@" diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt index a8e4b0e372..c0843e1233 100644 --- a/programs/psa/CMakeLists.txt +++ b/programs/psa/CMakeLists.txt @@ -19,8 +19,8 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/../.. DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_psa_constants.py - ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_values.h - ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_extra.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include/psa/crypto_values.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include/psa/crypto_extra.h ) else() link_to_source(psa_constant_names_generated.c) diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt index 0d43ffddd3..08fb321312 100644 --- a/programs/test/CMakeLists.txt +++ b/programs/test/CMakeLists.txt @@ -25,14 +25,18 @@ if(TEST_CPP) WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}" ) add_executable(cpp_dummy_build "${cpp_dummy_build_cpp}") - target_include_directories(cpp_dummy_build PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include) + target_include_directories(cpp_dummy_build + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include) target_link_libraries(cpp_dummy_build ${mbedcrypto_target} ${CMAKE_THREAD_LIBS_INIT}) endif() if(USE_SHARED_MBEDTLS_LIBRARY AND NOT ${CMAKE_SYSTEM_NAME} MATCHES "[Ww][Ii][Nn]") add_executable(dlopen "dlopen.c") - target_include_directories(dlopen PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include) + target_include_directories(dlopen + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../include + PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include) target_link_libraries(dlopen ${CMAKE_DL_LIBS}) endif() @@ -46,13 +50,13 @@ if(GEN_FILES) ${PERL} ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h - ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ${CMAKE_CURRENT_BINARY_DIR}/query_config.c DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/generate_query_config.pl ${CMAKE_CURRENT_SOURCE_DIR}/../../include/mbedtls/mbedtls_config.h - ${CMAKE_CURRENT_SOURCE_DIR}/../../include/psa/crypto_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../../tf-psa-crypto/include/psa/crypto_config.h ${CMAKE_CURRENT_SOURCE_DIR}/../../scripts/data_files/query_config.fmt ) # this file will also be used in another directory, so create a target, see diff --git a/programs/test/cmake_package/.gitignore b/programs/test/cmake_package/.gitignore index 9ae6b59c4b..89d8c2bf69 100644 --- a/programs/test/cmake_package/.gitignore +++ b/programs/test/cmake_package/.gitignore @@ -1,3 +1,4 @@ build Makefile cmake_package +mbedtls diff --git a/programs/test/cmake_package_install/.gitignore b/programs/test/cmake_package_install/.gitignore index b9b828288b..aaa5942090 100644 --- a/programs/test/cmake_package_install/.gitignore +++ b/programs/test/cmake_package_install/.gitignore @@ -1,3 +1,4 @@ build Makefile cmake_package_install +mbedtls diff --git a/programs/test/generate_cpp_dummy_build.sh b/programs/test/generate_cpp_dummy_build.sh index 0b4bd0b7bd..ef9996e4c2 100755 --- a/programs/test/generate_cpp_dummy_build.sh +++ b/programs/test/generate_cpp_dummy_build.sh @@ -37,10 +37,16 @@ print_cpp () { EOF - for header in include/mbedtls/*.h include/psa/*.h; do + for header in include/mbedtls/*.h; do case ${header#include/} in mbedtls/mbedtls_config.h) :;; # not meant for direct inclusion mbedtls/config_*.h) :;; # not meant for direct inclusion + *) echo "#include \"${header#include/}\"";; + esac + done + + for header in tf-psa-crypto/include/psa/*.h; do + case ${header#tf-psa-crypto/include/} in psa/crypto_config.h) :;; # not meant for direct inclusion psa/crypto_ajdust_config*.h) :;; # not meant for direct inclusion # Some of the psa/crypto_*.h headers are not meant to be included @@ -48,7 +54,7 @@ EOF # psa/crypto.h has been included before. Since psa/crypto.h comes # before psa/crypto_*.h in the wildcard enumeration, we don't need # to skip those headers. - *) echo "#include \"${header#include/}\"";; + *) echo "#include \"${header#tf-psa-crypto/include/}\"";; esac done diff --git a/scripts/code_size_compare.py b/scripts/code_size_compare.py index 50749b6a8b..ce752e4931 100755 --- a/scripts/code_size_compare.py +++ b/scripts/code_size_compare.py @@ -149,7 +149,7 @@ TFM_MEDIUM_CONFIG_H = 'configs/ext/tfm_mbedcrypto_config_profile_medium.h' TFM_MEDIUM_CRYPTO_CONFIG_H = 'configs/ext/crypto_config_profile_medium.h' CONFIG_H = 'include/mbedtls/mbedtls_config.h' -CRYPTO_CONFIG_H = 'include/psa/crypto_config.h' +CRYPTO_CONFIG_H = 'tf-psa-crypto/include/psa/crypto_config.h' BACKUP_SUFFIX = '.code_size.bak' class CodeSizeBuildInfo: # pylint: disable=too-few-public-methods diff --git a/scripts/common.make b/scripts/common.make index 9908a3c265..702ef5c670 100644 --- a/scripts/common.make +++ b/scripts/common.make @@ -21,7 +21,7 @@ WARNING_CFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral WARNING_CXXFLAGS ?= -Wall -Wextra -Wformat=2 -Wno-format-nonliteral LDFLAGS ?= -LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I$(MBEDTLS_PATH)/include -D_FILE_OFFSET_BITS=64 +LOCAL_CFLAGS = $(WARNING_CFLAGS) -I$(MBEDTLS_TEST_PATH)/include -I$(MBEDTLS_PATH)/include -I$(MBEDTLS_PATH)/tf-psa-crypto/include -D_FILE_OFFSET_BITS=64 LOCAL_CXXFLAGS = $(WARNING_CXXFLAGS) -I$(MBEDTLS_PATH)/include -I$(MBEDTLS_PATH)/tests/include -D_FILE_OFFSET_BITS=64 LOCAL_LDFLAGS = ${MBEDTLS_TEST_OBJS} \ -L$(MBEDTLS_PATH)/library \ diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index d57d46a299..d472c6dc51 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -328,6 +328,7 @@ if __name__ == '__main__': build_tree.chdir_to_root() # Allow to change the directory where psa_constant_names_generated.c is written to. OUTPUT_FILE_DIR = sys.argv[1] if len(sys.argv) == 2 else "programs/psa" - generate_psa_constants(['include/psa/crypto_values.h', - 'include/psa/crypto_extra.h'], + + generate_psa_constants(['tf-psa-crypto/include/psa/crypto_values.h', + 'tf-psa-crypto/include/psa/crypto_extra.h'], OUTPUT_FILE_DIR + '/psa_constant_names_generated.c') diff --git a/scripts/generate_query_config.pl b/scripts/generate_query_config.pl index 39743da6d1..6a2f9cbdfa 100755 --- a/scripts/generate_query_config.pl +++ b/scripts/generate_query_config.pl @@ -26,7 +26,7 @@ use strict; my ($mbedtls_config_file, $psa_crypto_config_file, $query_config_format_file, $query_config_file); my $default_mbedtls_config_file = "./include/mbedtls/mbedtls_config.h"; -my $default_psa_crypto_config_file = "./include/psa/crypto_config.h"; +my $default_psa_crypto_config_file = "./tf-psa-crypto/include/psa/crypto_config.h"; my $default_query_config_format_file = "./scripts/data_files/query_config.fmt"; my $default_query_config_file = "./programs/test/query_config.c"; diff --git a/scripts/generate_visualc_files.pl b/scripts/generate_visualc_files.pl index a0dfc57bff..b566372e1a 100755 --- a/scripts/generate_visualc_files.pl +++ b/scripts/generate_visualc_files.pl @@ -23,7 +23,7 @@ my $vsx_sln_file = "$vsx_dir/mbedTLS.sln"; my $programs_dir = 'programs'; my $mbedtls_header_dir = 'include/mbedtls'; -my $psa_header_dir = 'include/psa'; +my $psa_header_dir = 'tf-psa-crypto/include/psa'; my $source_dir = 'library'; my $test_source_dir = 'tests/src'; my $test_header_dir = 'tests/include/test'; @@ -44,6 +44,7 @@ my @thirdparty_source_dirs = qw( # one directory: the compiler will use the first match. my @include_directories = qw( include + tf-psa-crypto/include 3rdparty/everest/include/ 3rdparty/everest/include/everest 3rdparty/everest/include/everest/vs2013 diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 5bc38b4e70..62be14e533 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -126,9 +126,9 @@ if(GEN_FILES) ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/psa_storage.py ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/test_case.py ${CMAKE_CURRENT_SOURCE_DIR}/../framework/scripts/mbedtls_framework/test_data_generation.py - ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_config.h - ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_values.h - ${CMAKE_CURRENT_SOURCE_DIR}/../include/psa/crypto_extra.h + ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/include/psa/crypto_config.h + ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/include/psa/crypto_values.h + ${CMAKE_CURRENT_SOURCE_DIR}/../tf-psa-crypto/include/psa/crypto_extra.h ) else() diff --git a/tests/Makefile b/tests/Makefile index 1d5c76823c..d1d5ed9721 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -7,6 +7,7 @@ TEST_FLAGS ?= $(if $(filter-out 0 OFF Off off NO No no FALSE False false N n,$(C # Also include library headers, for the sake of invasive tests. LOCAL_CFLAGS += -I../library + # Enable definition of various functions used throughout the testsuite # (gethostname, strdup, fileno...) even when compiling with -std=c99. Harmless # on non-POSIX platforms. @@ -84,9 +85,9 @@ generated_psa_test_data: ../framework/scripts/mbedtls_framework/test_data_genera ## file all the time when switching between configurations, don't declare ## crypto_config.h as a dependency. Remove this file from your working tree ## if you've just added or removed an option in crypto_config.h. -#generated_psa_test_data: ../include/psa/crypto_config.h -generated_psa_test_data: ../include/psa/crypto_values.h -generated_psa_test_data: ../include/psa/crypto_extra.h +#generated_psa_test_data: ../tf-psa-crypto/include/psa/crypto_config.h +generated_psa_test_data: ../tf-psa-crypto/include/psa/crypto_values.h +generated_psa_test_data: ../tf-psa-crypto/include/psa/crypto_extra.h generated_psa_test_data: suites/test_suite_psa_crypto_metadata.data generated_psa_test_data: echo " Gen $(GENERATED_PSA_DATA_FILES) ..." @@ -206,6 +207,8 @@ test: check # Generate variants of some headers for testing include/alt-extra/%_alt.h: ../include/%.h perl -p -e 's/^(# *(define|ifndef) +\w+_)H\b/$${1}ALT_H/' $< >$@ +include/alt-extra/%_alt.h: ../tf-psa-crypto/include/%.h + perl -p -e 's/^(# *(define|ifndef) +\w+_)H\b/$${1}ALT_H/' $< >$@ # Generate test library @@ -214,7 +217,8 @@ include/alt-extra/%_alt.h: ../include/%.h # library. Add a LIBTESTDRIVER1_/libtestdriver1_ to mbedtls_xxx and psa_xxx # symbols. define libtestdriver1_rewrite := - s!^(\s*#\s*include\s*[\"<])(mbedtls|psa)/!$${1}libtestdriver1/include/$${2}/!; \ + s!^(\s*#\s*include\s*[\"<])mbedtls/!$${1}libtestdriver1/include/mbedtls/!; \ + s!^(\s*#\s*include\s*[\"<])psa/!$${1}libtestdriver1/tf-psa-crypto/include/psa/!; \ next if /^\s*#\s*include/; \ s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \ s/\b(?=mbedtls_|psa_)/libtestdriver1_/g; @@ -227,6 +231,7 @@ libtestdriver1.a: mkdir ./libtestdriver1 cp -Rf ../library ./libtestdriver1 cp -Rf ../include ./libtestdriver1 + cp -Rf ../tf-psa-crypto ./libtestdriver1 cp -Rf ../scripts ./libtestdriver1 mkdir ./libtestdriver1/3rdparty touch ./libtestdriver1/3rdparty/Makefile.inc @@ -239,22 +244,23 @@ libtestdriver1.a: # library the test library is intended to be linked with extended by # ./include/test/drivers/crypto_config_test_driver_extension.h to # mirror the PSA_ACCEL_* macros. - mv ./libtestdriver1/include/psa/crypto_config.h ./libtestdriver1/include/psa/crypto_config.h.bak - head -n -1 ./libtestdriver1/include/psa/crypto_config.h.bak > ./libtestdriver1/include/psa/crypto_config.h - cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/include/psa/crypto_config.h - echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/include/psa/crypto_config.h + mv ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h.bak + head -n -1 ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h.bak > ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h + cat ./include/test/drivers/crypto_config_test_driver_extension.h >> ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h + echo "#endif /* PSA_CRYPTO_CONFIG_H */" >> ./libtestdriver1/tf-psa-crypto/include/psa/crypto_config.h # Prefix MBEDTLS_* PSA_* symbols with LIBTESTDRIVER1_ as well as # mbedtls_* psa_* symbols with libtestdriver1_ to avoid symbol clash # when this test driver library is linked with the Mbed TLS library. perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/library/*.[ch] perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/include/*/*.h + perl -pi -e '$(libtestdriver1_rewrite)' ./libtestdriver1/tf-psa-crypto/include/*/*.h $(MAKE) -C ./libtestdriver1/library CFLAGS="-I../../ $(CFLAGS)" LDFLAGS="$(LDFLAGS)" libmbedcrypto.a cp ./libtestdriver1/library/libmbedcrypto.a ../library/libtestdriver1.a ifdef RECORD_PSA_STATUS_COVERAGE_LOG -include/test/instrument_record_status.h: ../include/psa/crypto.h Makefile +include/test/instrument_record_status.h: ../tf-psa-crypto/include/psa/crypto.h Makefile echo " Gen $@" - sed <../include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p' + sed <../tf-psa-crypto/include/psa/crypto.h >$@ -n 's/^psa_status_t \([A-Za-z0-9_]*\)(.*/#define \1(...) RECORD_STATUS("\1", \1(__VA_ARGS__))/p' endif diff --git a/tests/psa-client-server/psasim/Makefile b/tests/psa-client-server/psasim/Makefile index 38dbef6cd6..a7e22e131e 100644 --- a/tests/psa-client-server/psasim/Makefile +++ b/tests/psa-client-server/psasim/Makefile @@ -10,7 +10,7 @@ LIBPSACLIENT := -Llibpsaclient/ -lmbedcrypto -lmbedx509 -lmbedtls LIBPSASERVER := -Llibpsaserver/ -lmbedcrypto MBEDTLS_ROOT_PATH = ../../.. -COMMON_INCLUDE := -I./include -I$(MBEDTLS_ROOT_PATH)/include +COMMON_INCLUDE := -I./include -I$(MBEDTLS_ROOT_PATH)/include -I$(MBEDTLS_ROOT_PATH)/tf-psa-crypto/include GENERATED_H_FILES = include/psa_manifest/manifest.h \ include/psa_manifest/pid.h \ diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 44ac90ec22..1328eebfec 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -133,10 +133,11 @@ pre_check_environment () { pre_initialize_variables () { if in_mbedtls_repo; then CONFIG_H='include/mbedtls/mbedtls_config.h' + CRYPTO_CONFIG_H='tf-psa-crypto/include/psa/crypto_config.h' else CONFIG_H='drivers/builtin/include/mbedtls/mbedtls_config.h' + CRYPTO_CONFIG_H='include/psa/crypto_config.h' fi - CRYPTO_CONFIG_H='include/psa/crypto_config.h' CONFIG_TEST_DRIVER_H='tests/include/test/drivers/config_test_driver.h' # Files that are clobbered by some jobs will be backed up. Use a different @@ -327,8 +328,10 @@ cleanup() -iname CTestTestfile.cmake -o \ -iname CMakeCache.txt -o \ -path './cmake/*.cmake' \) -exec rm -f {} \+ - # Recover files overwritten by in-tree CMake builds - rm -f include/Makefile include/mbedtls/Makefile programs/!(fuzz)/Makefile + # Remove Makefiles generated by in-tree CMake builds + rm -f 3rdparty/Makefile 3rdparty/*/Makefile pkgconfig/Makefile framework/Makefile + rm -f include/Makefile programs/!(fuzz)/Makefile + rm -f tf-psa-crypto/Makefile tf-psa-crypto/include/Makefile # Remove any artifacts from the component_test_cmake_as_subdirectory test. rm -rf programs/test/cmake_subproject/build @@ -3225,7 +3228,7 @@ config_psa_crypto_config_accel_ecc_ffdh_no_bignum() { if [ "$test_target" = "ECC" ]; then # When testing ECC only, we disable FFDH support, both from builtin and # PSA sides, and also disable the key exchanges that depend on DHM. - scripts/config.py -f include/psa/crypto_config.h unset PSA_WANT_ALG_FFDH + scripts/config.py -f "$CRYPTO_CONFIG_H" unset PSA_WANT_ALG_FFDH scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_KEY_TYPE_DH_[0-9A-Z_a-z]*" scripts/config.py -f "$CRYPTO_CONFIG_H" unset-all "PSA_WANT_DH_RFC7919_[0-9]*" scripts/config.py unset MBEDTLS_DHM_C diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 5128dc8e0d..01c3f3c11d 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -238,6 +238,7 @@ class CodeParser(): all_macros["public"] = self.parse_macros([ "include/mbedtls/*.h", "include/psa/*.h", + "tf-psa-crypto/include/psa/*.h", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" ]) @@ -251,6 +252,7 @@ class CodeParser(): enum_consts = self.parse_enum_consts([ "include/mbedtls/*.h", "include/psa/*.h", + "tf-psa-crypto/include/psa/*.h", "library/*.h", "library/*.c", "3rdparty/everest/include/everest/everest.h", @@ -259,6 +261,7 @@ class CodeParser(): identifiers, excluded_identifiers = self.parse_identifiers([ "include/mbedtls/*.h", "include/psa/*.h", + "tf-psa-crypto/include/psa/*.h", "library/*.h", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h" @@ -266,6 +269,7 @@ class CodeParser(): mbed_psa_words = self.parse_mbed_psa_words([ "include/mbedtls/*.h", "include/psa/*.h", + "tf-psa-crypto/include/psa/*.h", "library/*.h", "3rdparty/everest/include/everest/everest.h", "3rdparty/everest/include/everest/x25519.h", diff --git a/tests/scripts/test_psa_compliance.py b/tests/scripts/test_psa_compliance.py index f7d18954ca..b500fe5b51 100755 --- a/tests/scripts/test_psa_compliance.py +++ b/tests/scripts/test_psa_compliance.py @@ -74,7 +74,8 @@ def main(library_build_dir: str): os.chdir(build_dir) extra_includes = (';{}/drivers/builtin/include'.format(root_dir) - if in_tf_psa_crypto_repo else '') + if in_tf_psa_crypto_repo else + ';{}/tf-psa-crypto/include'.format(root_dir)) #pylint: disable=bad-continuation subprocess.check_call([ diff --git a/tests/scripts/test_psa_constant_names.py b/tests/scripts/test_psa_constant_names.py index 86d9e6f2be..6c9d905106 100755 --- a/tests/scripts/test_psa_constant_names.py +++ b/tests/scripts/test_psa_constant_names.py @@ -161,7 +161,7 @@ TEST_SUITES = ['tests/suites/test_suite_psa_crypto_metadata.data'] def main(): parser = argparse.ArgumentParser(description=globals()['__doc__']) parser.add_argument('--include', '-I', - action='append', default=['include'], + action='append', default=['tf-psa-crypto/include', 'include'], help='Directory for header files') parser.add_argument('--keep-c', action='store_true', dest='keep_c', default=False, diff --git a/tests/src/drivers/test_driver_key_agreement.c b/tests/src/drivers/test_driver_key_agreement.c index 8471959e2a..594fcd51d4 100644 --- a/tests/src/drivers/test_driver_key_agreement.c +++ b/tests/src/drivers/test_driver_key_agreement.c @@ -20,7 +20,7 @@ #include #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include "libtestdriver1/include/psa/crypto.h" +#include "libtestdriver1/tf-psa-crypto/include/psa/crypto.h" #include "libtestdriver1/library/psa_crypto_ecp.h" #include "libtestdriver1/library/psa_crypto_ffdh.h" #endif diff --git a/tf-psa-crypto/.gitignore b/tf-psa-crypto/.gitignore new file mode 100644 index 0000000000..f3c7a7c5da --- /dev/null +++ b/tf-psa-crypto/.gitignore @@ -0,0 +1 @@ +Makefile diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt new file mode 100644 index 0000000000..1425abb4c6 --- /dev/null +++ b/tf-psa-crypto/CMakeLists.txt @@ -0,0 +1,38 @@ +# +# CMake build system design considerations: +# +# - Include directories: +# + Do not define include directories globally using the include_directories +# command but rather at the target level using the +# target_include_directories command. That way, it is easier to guarantee +# that targets are built using the proper list of include directories. +# + Use the PUBLIC and PRIVATE keywords to specify the scope of include +# directories. That way, a target linking to a library (using the +# target_link_libraries command) inherits from the library PUBLIC include +# directories and not from the PRIVATE ones. +# - TF_PSA_CRYPTO_TARGET_PREFIX: CMake targets are designed to be alterable by +# calling CMake in order to avoid target name clashes, via the use of +# TF_PSA_CRYPTO_TARGET_PREFIX. The value of this variable is prefixed to the +# tfpsacrypto and apidoc targets. +# + +# We specify a minimum requirement of 3.10.2, but for now use 3.5.1 here +# until our infrastructure catches up. +cmake_minimum_required(VERSION 3.5.1) + +# https://cmake.org/cmake/help/latest/policy/CMP0011.html +# Setting this policy is required in CMake >= 3.18.0, otherwise a warning is generated. The OLD +# policy setting is deprecated, and will be removed in future versions. +cmake_policy(SET CMP0011 NEW) +# https://cmake.org/cmake/help/latest/policy/CMP0012.html +# Setting the CMP0012 policy to NEW is required for FindPython3 to work with CMake 3.18.2 +# (there is a bug in this particular version), otherwise, setting the CMP0012 policy is required +# for CMake versions >= 3.18.3 otherwise a deprecated warning is generated. The OLD policy setting +# is deprecated and will be removed in future versions. +cmake_policy(SET CMP0012 NEW) + +if(LIB_INSTALL_DIR) + set(CMAKE_INSTALL_LIBDIR "${LIB_INSTALL_DIR}") +endif() + +add_subdirectory(include) diff --git a/tf-psa-crypto/include/.gitignore b/tf-psa-crypto/include/.gitignore new file mode 100644 index 0000000000..f3c7a7c5da --- /dev/null +++ b/tf-psa-crypto/include/.gitignore @@ -0,0 +1 @@ +Makefile diff --git a/tf-psa-crypto/include/CMakeLists.txt b/tf-psa-crypto/include/CMakeLists.txt new file mode 100644 index 0000000000..dea92fe6ef --- /dev/null +++ b/tf-psa-crypto/include/CMakeLists.txt @@ -0,0 +1,16 @@ +option(INSTALL_PSA_CRYPTO_HEADERS "Install PSA Crypto headers." ON) + +if(INSTALL_PSA_CRYPTO_HEADERS) + + file(GLOB psa_headers "psa/*.h") + + install(FILES ${psa_headers} + DESTINATION include/psa + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + +endif(INSTALL_PSA_CRYPTO_HEADERS) + +# Make includes available in an out-of-source build. ssl-opt.sh requires it. +if (ENABLE_TESTING AND NOT ${CMAKE_CURRENT_BINARY_DIR} STREQUAL ${CMAKE_CURRENT_SOURCE_DIR}) + link_to_source(psa) +endif() diff --git a/include/psa/build_info.h b/tf-psa-crypto/include/psa/build_info.h similarity index 100% rename from include/psa/build_info.h rename to tf-psa-crypto/include/psa/build_info.h diff --git a/include/psa/crypto.h b/tf-psa-crypto/include/psa/crypto.h similarity index 100% rename from include/psa/crypto.h rename to tf-psa-crypto/include/psa/crypto.h diff --git a/include/psa/crypto_adjust_auto_enabled.h b/tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h similarity index 100% rename from include/psa/crypto_adjust_auto_enabled.h rename to tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h diff --git a/include/psa/crypto_adjust_config_dependencies.h b/tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h similarity index 100% rename from include/psa/crypto_adjust_config_dependencies.h rename to tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h diff --git a/include/psa/crypto_adjust_config_key_pair_types.h b/tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h similarity index 100% rename from include/psa/crypto_adjust_config_key_pair_types.h rename to tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h diff --git a/include/psa/crypto_adjust_config_synonyms.h b/tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h similarity index 100% rename from include/psa/crypto_adjust_config_synonyms.h rename to tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h diff --git a/include/psa/crypto_builtin_composites.h b/tf-psa-crypto/include/psa/crypto_builtin_composites.h similarity index 100% rename from include/psa/crypto_builtin_composites.h rename to tf-psa-crypto/include/psa/crypto_builtin_composites.h diff --git a/include/psa/crypto_builtin_key_derivation.h b/tf-psa-crypto/include/psa/crypto_builtin_key_derivation.h similarity index 100% rename from include/psa/crypto_builtin_key_derivation.h rename to tf-psa-crypto/include/psa/crypto_builtin_key_derivation.h diff --git a/include/psa/crypto_builtin_primitives.h b/tf-psa-crypto/include/psa/crypto_builtin_primitives.h similarity index 100% rename from include/psa/crypto_builtin_primitives.h rename to tf-psa-crypto/include/psa/crypto_builtin_primitives.h diff --git a/include/psa/crypto_compat.h b/tf-psa-crypto/include/psa/crypto_compat.h similarity index 100% rename from include/psa/crypto_compat.h rename to tf-psa-crypto/include/psa/crypto_compat.h diff --git a/include/psa/crypto_config.h b/tf-psa-crypto/include/psa/crypto_config.h similarity index 100% rename from include/psa/crypto_config.h rename to tf-psa-crypto/include/psa/crypto_config.h diff --git a/include/psa/crypto_driver_common.h b/tf-psa-crypto/include/psa/crypto_driver_common.h similarity index 100% rename from include/psa/crypto_driver_common.h rename to tf-psa-crypto/include/psa/crypto_driver_common.h diff --git a/include/psa/crypto_driver_contexts_composites.h b/tf-psa-crypto/include/psa/crypto_driver_contexts_composites.h similarity index 98% rename from include/psa/crypto_driver_contexts_composites.h rename to tf-psa-crypto/include/psa/crypto_driver_contexts_composites.h index d717c51909..5a484fcecc 100644 --- a/include/psa/crypto_driver_contexts_composites.h +++ b/tf-psa-crypto/include/psa/crypto_driver_contexts_composites.h @@ -31,7 +31,7 @@ * declared during the autogeneration process. */ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include +#include #endif #if defined(PSA_CRYPTO_DRIVER_TEST) diff --git a/include/psa/crypto_driver_contexts_key_derivation.h b/tf-psa-crypto/include/psa/crypto_driver_contexts_key_derivation.h similarity index 100% rename from include/psa/crypto_driver_contexts_key_derivation.h rename to tf-psa-crypto/include/psa/crypto_driver_contexts_key_derivation.h diff --git a/include/psa/crypto_driver_contexts_primitives.h b/tf-psa-crypto/include/psa/crypto_driver_contexts_primitives.h similarity index 98% rename from include/psa/crypto_driver_contexts_primitives.h rename to tf-psa-crypto/include/psa/crypto_driver_contexts_primitives.h index c90a5fbe74..281e0a1851 100644 --- a/include/psa/crypto_driver_contexts_primitives.h +++ b/tf-psa-crypto/include/psa/crypto_driver_contexts_primitives.h @@ -30,7 +30,7 @@ * declared during the autogeneration process. */ #if defined(MBEDTLS_TEST_LIBTESTDRIVER1) -#include +#include #endif #if defined(PSA_CRYPTO_DRIVER_TEST) diff --git a/include/psa/crypto_extra.h b/tf-psa-crypto/include/psa/crypto_extra.h similarity index 100% rename from include/psa/crypto_extra.h rename to tf-psa-crypto/include/psa/crypto_extra.h diff --git a/include/psa/crypto_legacy.h b/tf-psa-crypto/include/psa/crypto_legacy.h similarity index 100% rename from include/psa/crypto_legacy.h rename to tf-psa-crypto/include/psa/crypto_legacy.h diff --git a/include/psa/crypto_platform.h b/tf-psa-crypto/include/psa/crypto_platform.h similarity index 100% rename from include/psa/crypto_platform.h rename to tf-psa-crypto/include/psa/crypto_platform.h diff --git a/include/psa/crypto_se_driver.h b/tf-psa-crypto/include/psa/crypto_se_driver.h similarity index 100% rename from include/psa/crypto_se_driver.h rename to tf-psa-crypto/include/psa/crypto_se_driver.h diff --git a/include/psa/crypto_sizes.h b/tf-psa-crypto/include/psa/crypto_sizes.h similarity index 100% rename from include/psa/crypto_sizes.h rename to tf-psa-crypto/include/psa/crypto_sizes.h diff --git a/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h similarity index 100% rename from include/psa/crypto_struct.h rename to tf-psa-crypto/include/psa/crypto_struct.h diff --git a/include/psa/crypto_types.h b/tf-psa-crypto/include/psa/crypto_types.h similarity index 100% rename from include/psa/crypto_types.h rename to tf-psa-crypto/include/psa/crypto_types.h diff --git a/include/psa/crypto_values.h b/tf-psa-crypto/include/psa/crypto_values.h similarity index 100% rename from include/psa/crypto_values.h rename to tf-psa-crypto/include/psa/crypto_values.h