michaelh/zephyr
1
0
Fork 0
Code Releases Activity
zephyr/modules/mbedtls/create_psa_files.py
Valerio Setti 12ff947568 mbedtls: add new PSA_CRYPTO_CLIENT config 
Using MBEDTLS_PSA_CRYPTO_CLIENT to guard all PSA_WANT symbols is
not completely correct because:

1. the prefix MBEDTLS suggests that it's something related to
   MbedTLS, while actually PSA APIs can be provided also
   by other implementations (ex: TFM)

2. there might applications which are willing to use PSA APIs
   without using MbedTLS at all. For example computing an hash
   can be as simple as writing psa_hash_compute() and, if the
   PSA function is provided thorugh TFM, then MbedTLS is not
   required at all

Therefore this commit:

- moves MBEDTLS_PSA_CRYPTO_CLIENT to Kconfig.tls-generic since
  that symbol belongs to MbedTLS

- adds a new symbol named PSA_CRYPTO_CLIENT as a generic way
  to state that there is "some" PSA crypto API provider

- let MBEDTLS_PSA_CRYPTO_CLIENT automatically select
  PSA_CRYPTO_CLIENT, since the former is an implementation of
  the latter.

Signed-off-by: Valerio Setti <vsetti@baylibre.com>
2024-05-23 11:53:02 -04:00

129 lines
3.5 KiB
Python
Executable file
Raw Blame History

#!/bin/python3
# Copyright (c) 2024 Nordic Semiconductor ASA
# SPDX-License-Identifier: Apache-2.0
import re
import os
import sys
import argparse
from typing import List
SCRIPT_PATH = os.path.dirname(__file__)
INPUT_REL_PATH = os.path.join("..", "..", "..", "modules", "crypto", "mbedtls",
"include", "psa", "crypto_config.h")
INPUT_FILE = os.path.normpath(os.path.join(SCRIPT_PATH, INPUT_REL_PATH))
KCONFIG_PATH=os.path.join(SCRIPT_PATH, "Kconfig.psa")
HEADER_PATH=os.path.join(SCRIPT_PATH, "configs", "config-psa.h")
KCONFIG_HEADER="""\
# Copyright (c) 2024 Nordic Semiconductor ASA
# SPDX-License-Identifier: Apache-2.0
# This file was automatically generated by {}
# from: {}.
# Do not edit it manually.
config PSA_CRYPTO_CLIENT
bool
help
Promptless symbol to state that there is a PSA crypto API provider
enabled in the system. This allows to select desired PSA_WANT features.
if PSA_CRYPTO_CLIENT
config PSA_CRYPTO_ENABLE_ALL
bool "All PSA crypto features"
""".format(os.path.basename(__file__), INPUT_REL_PATH)
KCONFIG_FOOTER="\nendif # PSA_CRYPTO_CLIENT\n"
H_HEADER="""\
/*
* Copyright (c) 2024 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/
/* This file was automatically generated by {}
* from: {}
* Do not edit it manually.
*/
#ifndef CONFIG_PSA_H
#define CONFIG_PSA_H
""".format(os.path.basename(__file__), INPUT_REL_PATH)
H_FOOTER="\n#endif /* CONFIG_PSA_H */\n"
def parse_psa_symbols(input_file: str):
symbols = []
with open(input_file) as file:
content = file.readlines()
for line in content:
res = re.findall(r"^#define *(PSA_WANT_\w+)", line)
if len(res) > 0:
symbols.append(res[0])
return symbols
def generate_kconfig_content(symbols: List[str]) -> str:
output = []
for sym in symbols:
output.append("""
config {0}
\tbool "{0}" if !MBEDTLS_PROMPTLESS
\tdefault y if PSA_CRYPTO_ENABLE_ALL
""".format(sym))
return KCONFIG_HEADER + "".join(output) + KCONFIG_FOOTER
def generate_header_content(symbols: List[str]) -> str:
output = []
for sym in symbols:
output.append("""
#if defined(CONFIG_{0})
#define {0} 1
#endif
""".format(sym))
return H_HEADER + "".join(output) + H_FOOTER
def generate_output_file(content: str, file_name: str):
with open(file_name, "wt") as output_file:
output_file.write(content)
def check_file(content: str, file_name: str):
file_content = ""
with open(file_name) as input_file:
file_content = input_file.read()
if file_content != content:
print()
return False
return True
def main():
arg_parser = argparse.ArgumentParser(allow_abbrev = False)
arg_parser.add_argument("--check", action = "store_true", default = False)
args = arg_parser.parse_args()
check_files = args.check
psa_symbols = parse_psa_symbols(INPUT_FILE)
kconfig_content = generate_kconfig_content(psa_symbols)
header_content = generate_header_content(psa_symbols)
if check_files:
if ((not check_file(kconfig_content, KCONFIG_PATH)) or
(not check_file(header_content, HEADER_PATH))):
print("Error: PSA Kconfig and header files do not match with the current"
"version of MbedTLS. Please update them.")
sys.exit(1)
else:
generate_output_file(kconfig_content, KCONFIG_PATH)
generate_output_file(header_content, HEADER_PATH)
sys.exit(0)
if __name__ == "__main__":
main()
View git blame Copy permalink