Merge pull request #50 from mswarowsky/tfm_20_upmerge

mbedTLS v3.5.0 upmerge for TF-M v2.0.0

.github/pull_request_template.md

@@ -4,7 +4,9 @@ Please write a few sentences describing the overall goals of the pull request's
 
 
 
-## Gatekeeper checklist
+## PR checklist
+
+Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")
 
 - [ ] **changelog** provided, or not required
 - [ ] **backport** done, or not required
@@ -16,4 +18,3 @@ Please write a few sentences describing the overall goals of the pull request's
 
 Please refer to the [contributing guidelines](https://github.com/Mbed-TLS/mbedtls/blob/development/CONTRIBUTING.md), especially the
 checklist for PR contributors.
-

.gitignore

@@ -1,5 +1,7 @@
 # Random seed file created by test scripts and sample programs
 seedfile
+# MBEDTLS_PSA_INJECT_ENTROPY seed file created by the test framework
+00000000ffffff52.psa_its
 
 # CMake build artifacts:
 CMakeCache.txt
@@ -28,6 +30,9 @@ massif-*
 .project
 /.settings
 
+# Unix-like build artifacts:
+*.o
+
 # MSVC build artifacts:
 *.exe
 *.pdb
@@ -57,3 +62,6 @@ massif-*
 /TAGS
 /cscope*.out
 /tags
+
+# Clangd compilation database
+compile_commands.json

.readthedocs.yaml

@@ -12,8 +12,14 @@ build:
     python: "3.9"
   jobs:
     pre_build:
-      - make apidoc
-      - breathe-apidoc -o docs/api apidoc/xml
+    - ./scripts/apidoc_full.sh
+    - breathe-apidoc -o docs/api apidoc/xml
+    post_build:
+    - |
+      # Work around Readthedocs bug: Command parsing fails if the 'if' statement is on the first line
+      if [ "$READTHEDOCS_VERSION" = "development" ]; then
+        "$READTHEDOCS_VIRTUALENV_PATH/bin/rtd" projects "Mbed TLS API" redirects sync --wet-run -f docs/redirects.yaml
+      fi
 
 # Build documentation in the docs/ directory with Sphinx
 sphinx:

.travis.yml

@@ -1,149 +1,24 @@
 # Declare python as our language. This way we get our chosen Python version,
 # and pip is available. Gcc and clang are available anyway.
+dist: jammy
+os: linux
 language: python
-python: 3.5
-sudo: false
-cache: ccache
-
-jobs:
-  include:
-    - name: basic checks and reference configurations
-      addons:
-        apt:
-          packages:
-          - gnutls-bin
-          - doxygen
-          - graphviz
-          - gcc-arm-none-eabi
-          - libnewlib-arm-none-eabi
-          - gcc-arm-linux-gnueabi
-          - libc6-dev-armel-cross
-      script:
-        - tests/scripts/all.sh -k 'check_*'
-        - tests/scripts/all.sh -k test_default_out_of_box
-        - tests/scripts/all.sh -k test_ref_configs
-        - tests/scripts/all.sh -k build_arm_linux_gnueabi_gcc_arm5vte build_arm_none_eabi_gcc_m0plus
-
-    - name: full configuration
-      os: linux
-      dist: focal
-      addons:
-        apt:
-          packages:
-          - clang-10
-          - gnutls-bin
-      script:
-        # Do a manual build+test sequence rather than using all.sh,
-        # because there's no all.sh component that does what we want,
-        # which is a build with Clang >= 10 and ASan, running all the SSL
-        # testing.
-        #   - The clang executable in the default PATH is Clang 7 on
-        #     Travis's focal instances, but we want Clang >= 10.
-        #   - Running all the SSL testing requires a specific set of
-        #     OpenSSL and GnuTLS versions and we don't want to bother
-        #     with those on Travis.
-        # So we explicitly select clang-10 as the compiler, and we
-        # have ad hoc restrictions on SSL testing based on what is
-        # passing at the time of writing. We will remove these limitations
-        # gradually.
-        - make generated_files
-        - make CC=clang-10 CFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all -O2' LDFLAGS='-Werror -Wall -Wextra -fsanitize=address,undefined -fno-sanitize-recover=all'
-        - make test
-        - programs/test/selftest
-        - tests/scripts/test_psa_constant_names.py
-        - tests/ssl-opt.sh
-        # Modern OpenSSL does not support null ciphers.
-        - tests/compat.sh -p OpenSSL -e 'NULL'
-        - tests/scripts/travis-log-failure.sh
-        # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it.
-        - tests/compat.sh -p GnuTLS -e 'CAMELLIA'
-        - tests/scripts/travis-log-failure.sh
-        - tests/context-info.sh
+python: 3.10
 
-    - name: Windows
-      os: windows
-      # The language 'python' is currently unsupported on the
-      # Windows Build Environment. And 'generic' causes the job to get stuck
-      # on "Booting virtual machine".
-      language: c
-      before_install:
-        - choco install python --version=3.5.4
-      env:
-        # Add the directory where the Choco packages go
-        - PATH=/c/Python35:/c/Python35/Scripts:$PATH
-        - PYTHON=python.exe
-      script:
-        - type perl; perl --version
-        - type python; python --version
-        - scripts/make_generated_files.bat
-        # Logs appear out of sequence on Windows. Give time to catch up.
-        - sleep 5
-        - scripts/windows_msbuild.bat v141 # Visual Studio 2017
-        - visualc/VS2013/x64/Release/selftest.exe
-
-    - name: full configuration on arm64
-      os: linux
-      dist: focal
-      arch: arm64
-      addons:
-        apt:
-          packages:
-          - gcc
-      script:
-        # Do a manual build+test sequence rather than using all.sh.
-        #
-        # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds
-        # limitation of Travis CI. Base on `test_full_cmake_*`, we removed
-        # `ssl-opt.sh` and GnuTLS compat.sh here to meet the time limitation.
-        - scripts/config.py full
-        - make generated_files
-        - make CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all'
-        - make test
-        - programs/test/selftest
-        - tests/scripts/test_psa_constant_names.py
-        # Modern OpenSSL does not support fixed ECDH or null ciphers.
-        - tests/compat.sh -p OpenSSL -e 'NULL\|ECDH_'
-        - tests/scripts/travis-log-failure.sh
-        - tests/context-info.sh
+cache: ccache
 
-    - name: full configuration(GnuTLS compat tests) on arm64
-      os: linux
-      dist: focal
-      arch: arm64
-      addons:
-        apt:
-          packages:
-          - clang
-          - gnutls-bin
-      script:
-        # Do a manual build+test sequence rather than using all.sh.
-        #
-        # On Arm64 host of Travis CI, the time of `test_full_cmake_*` exceeds
-        # limitation of Travis CI. Base on `test_full_cmake_*`, we removed
-        # `ssl-opt.sh` and OpenSSl compat.sh here to meet the time limitation.
-        - scripts/config.py full
-        - make generated_files
-        - make CC=clang CFLAGS='-O3 -Werror -fsanitize=address,undefined -fno-sanitize-recover=all' LDFLAGS='-Werror -fsanitize=address,undefined -fno-sanitize-recover=all'
-        # GnuTLS supports CAMELLIA but compat.sh doesn't properly enable it.
-        - tests/compat.sh -p GnuTLS -e 'CAMELLIA'
-        - tests/scripts/travis-log-failure.sh
-        - tests/context-info.sh
+branches:
+  only:
+    coverity_scan
 
-after_failure:
-- tests/scripts/travis-log-failure.sh
+install:
+  - $PYTHON scripts/min_requirements.py
 
 env:
   global:
     - SEED=1
-    - secure: "JECCru6HASpKZ0OLfHh8f/KXhKkdrCwjquZghd/qbA4ksxsWImjR7KEPERcaPndXEilzhDbKwuFvJiQX2duVgTGoq745YGhLZIjzo1i8tySkceCVd48P8WceYGz+F/bmY7r+m6fFNuxDSoGGSVeA4Lnjvmm8PFUP45YodDV9no4="
-
-install:
-  - $PYTHON scripts/min_requirements.py
-
+    - secure: "GF/Fde5fkm15T/RNykrjrPV5Uh1KJ70cP308igL6Xkk3eJmqkkmWCe9JqRH12J3TeWw2fu9PYPHt6iFSg6jasgqysfUyg+W03knRT5QNn3h5eHgt36cQJiJr6t3whPrRaiM6U9omE0evm+c0cAwlkA3GGSMw8Z+na4EnKI6OFCo="
 addons:
-  apt:
-    packages:
-    - gnutls-bin
   coverity_scan:
     project:
       name: "ARMmbed/mbedtls"

3rdparty/CMakeLists.txt

@@ -1,5 +1,2 @@
-execute_process(COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/../scripts/config.py -f ${CMAKE_CURRENT_SOURCE_DIR}/../include/mbedtls/mbedtls_config.h get MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED RESULT_VARIABLE result)
-
-if(${result} EQUAL 0)
-    add_subdirectory(everest)
-endif()
+add_subdirectory(everest)
+add_subdirectory(p256-m)

3rdparty/Makefile.inc

@@ -1,2 +1,3 @@
-THIRDPARTY_DIR = $(dir $(lastword $(MAKEFILE_LIST)))
+THIRDPARTY_DIR = $(dir $(word 2, $(MAKEFILE_LIST)))
 include $(THIRDPARTY_DIR)/everest/Makefile.inc
+include $(THIRDPARTY_DIR)/p256-m/Makefile.inc

3rdparty/everest/.gitignore

@@ -1,2 +1 @@
-*.o
 Makefile

3rdparty/everest/CMakeLists.txt

@@ -1,16 +1,31 @@
-add_library(everest
+set(everest_target "${MBEDTLS_TARGET_PREFIX}everest")
+
+add_library(${everest_target}
   library/everest.c
   library/x25519.c
   library/Hacl_Curve25519_joined.c)
 
-target_include_directories(everest
+target_include_directories(${everest_target}
   PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
          $<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
          $<INSTALL_INTERFACE:include>
   PRIVATE include/everest
           include/everest/kremlib
           ${MBEDTLS_DIR}/library/)
 
+# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
+# This must be duplicated from library/CMakeLists.txt because
+# everest is not directly linked against any mbedtls targets
+# so does not inherit the compile definitions.
+if(MBEDTLS_CONFIG_FILE)
+    target_compile_definitions(everest
+        PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+endif()
+if(MBEDTLS_USER_CONFIG_FILE)
+    target_compile_definitions(everest
+        PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
+endif()
+
 if(INSTALL_MBEDTLS_HEADERS)
 
   install(DIRECTORY include/everest
@@ -21,7 +36,7 @@ if(INSTALL_MBEDTLS_HEADERS)
 
 endif(INSTALL_MBEDTLS_HEADERS)
 
-install(TARGETS everest
+install(TARGETS ${everest_target}
   EXPORT MbedTLSTargets
   DESTINATION ${CMAKE_INSTALL_LIBDIR}
   PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

3rdparty/everest/include/everest/vs2013/inttypes.h

@@ -17,7 +17,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef _INTTYPES_H_VS2010

3rdparty/everest/include/everest/vs2013/stdbool.h

@@ -17,7 +17,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef _STDBOOL_H_VS2010

3rdparty/everest/include/everest/x25519.h

@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #ifndef MBEDTLS_X25519_H

3rdparty/everest/library/Hacl_Curve25519_joined.c

@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 #ifndef _BSD_SOURCE
 /* Required to get htole64() from gcc/glibc's endian.h (older systems)

3rdparty/everest/library/x25519.c

@@ -16,7 +16,7 @@
  *  See the License for the specific language governing permissions and
  *  limitations under the License.
  *
- *  This file is part of mbed TLS (https://tls.mbed.org)
+ *  This file is part of Mbed TLS (https://tls.mbed.org)
  */
 
 #include "common.h"

3rdparty/p256-m/CMakeLists.txt

@@ -0,0 +1,40 @@
+set(p256m_target ${MBEDTLS_TARGET_PREFIX}p256m)
+
+add_library(${p256m_target}
+    p256-m_driver_entrypoints.c
+    p256-m/p256-m.c)
+
+target_include_directories(${p256m_target}
+  PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
+         $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/p256-m>
+         $<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
+         $<INSTALL_INTERFACE:include>
+  PRIVATE ${MBEDTLS_DIR}/library/)
+
+# Pass-through MBEDTLS_CONFIG_FILE and MBEDTLS_USER_CONFIG_FILE
+# This must be duplicated from library/CMakeLists.txt because
+# p256m is not directly linked against any mbedtls targets
+# so does not inherit the compile definitions.
+if(MBEDTLS_CONFIG_FILE)
+    target_compile_definitions(p256m
+        PUBLIC MBEDTLS_CONFIG_FILE="${MBEDTLS_CONFIG_FILE}")
+endif()
+if(MBEDTLS_USER_CONFIG_FILE)
+    target_compile_definitions(p256m
+        PUBLIC MBEDTLS_USER_CONFIG_FILE="${MBEDTLS_USER_CONFIG_FILE}")
+endif()
+
+if(INSTALL_MBEDTLS_HEADERS)
+
+  install(DIRECTORY :${CMAKE_CURRENT_SOURCE_DIR}
+    DESTINATION include
+    FILE_PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ
+    DIRECTORY_PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE
+    FILES_MATCHING PATTERN "*.h")
+
+endif(INSTALL_MBEDTLS_HEADERS)
+
+install(TARGETS ${p256m_target}
+EXPORT MbedTLSTargets
+DESTINATION ${CMAKE_INSTALL_LIBDIR}
+PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

3rdparty/p256-m/Makefile.inc

@@ -0,0 +1,5 @@
+THIRDPARTY_INCLUDES+=-I../3rdparty/p256-m/p256-m/include -I../3rdparty/p256-m/p256-m/include/p256-m -I../3rdparty/p256-m/p256-m_driver_interface
+
+THIRDPARTY_CRYPTO_OBJECTS+= \
+	../3rdparty/p256-m//p256-m_driver_entrypoints.o \
+	../3rdparty/p256-m//p256-m/p256-m.o

3rdparty/p256-m/README.md

@@ -0,0 +1,4 @@
+The files within the `p256-m/` subdirectory originate from the [p256-m GitHub repository](https://github.com/mpg/p256-m), which is distributed under the Apache 2.0 license. They are authored by Manuel Pégourié-Gonnard. p256-m is a minimalistic implementation of ECDH and ECDSA on NIST P-256, especially suited to constrained 32-bit environments. Mbed TLS documentation for integrating drivers uses p256-m as an example of a software accelerator, and describes how it can be integrated alongside Mbed TLS. It should be noted that p256-m files in the Mbed TLS repo will not be updated regularly, so they may not have fixes and improvements present in the upstream project.
+
+The files `p256-m.c` and `.h`, along with the license, have been taken from the `p256-m` repository.
+It should be noted that p256-m deliberately does not supply its own cryptographically secure RNG function. As a result, the PSA RNG is used, with `p256_generate_random()` wrapping `psa_generate_random()`.