Update data collected a few weeks before the release to the actual releases.
This fixes `check_names.py` failing on `MBEDTLS_DES_C` in
`tf_psa_crypto_config_check_user.h` when generated files are present in the
source tree.
```
scripts/save_config_history.sh mbedtls-4.0.0 4.0
scripts/save_config_history.sh tf-psa-crypto-1.0.0 1.0
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
`scripts/generate_config_checks.py` had to be included conditionally so that
consuming branches could transition from it not existing to it existing. Now
that both TF-PSA-Crypto/development and mbedtls/development have this
script, include it unconditionally.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This makes it easier to run the script on a machine where the
system-installed uncrustify is a different version.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
We know that using a different version of uncrustify produces different
results. So make that an error rather than a warning.
Also make the error output more helpful if uncrustify is not found.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Now that they aren't public headers any longer, there's no reason to have a
different mechanism.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Discuss why some configurations are undesirable. Document the current
`check_config.h`. Document new generated checks: why and how, but not the
details of what (RTFS).
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
- there was already a SEC1 formatted EC file for secp256r1 so
ec_256_prv.sec1.der was useless;
- all other ec_256_[pub|priv] files should be generated starting from
ec_256_prv.pem
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Previously the file format was PEM even though the extension suggests it
should be DER. This commit set the correct format.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
We have a new usage flag `PSA_KEY_USAGE_DERIVE_PUBLIC` which is (so far)
only meant for checking a key's capabilities, and not valid in key policies.
Exclude this flag from systematic checking of usage flags.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
There's only one subproject and that's unlikely to change, so being able to
specify a subproject at runtime is overkill.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix clang warning related to mismatch
between function prototype and
function definition: void func(void) vs void func().
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Use today's `development` head and the crypto submodule there.
We may update this again before the release. Once the release is out, we
should update to the release tags.
```
scripts/save_config_history.sh 06bae1e110ce71b44c3f4d17974d24feea4d2a92 1.0
scripts/save_config_history.sh 07912c9e36 4.0
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Use the latest patch release at this time, namely 3.6.4. This is the last
release made before the first non-beta release of the next major version.
```
scripts/save_config_history.sh mbedtls-3.6.4 3.6
```
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Gilles Peskine