From 2d36341f417af4699b848c321ffd8c3d3cbdfb3e Mon Sep 17 00:00:00 2001 From: Lingkai Dong Date: Tue, 22 Jun 2021 15:45:04 +0100 Subject: [PATCH 1/4] target_configs.json: Remove unreachable nsapi entries In `tools/test_configs/`, target-specific test configurations are defined in `target_configs.json` and parsed by `__init__.py`. The latter only makes use of `default_test_configuration` (default test configuration to use) and `test_configurations` (more configurations selectable via `mbed test --test-config `. Anything else is ignored, including nsapi, so this commit cleans up dead entries. --- tools/test_configs/target_configs.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/tools/test_configs/target_configs.json b/tools/test_configs/target_configs.json index 21a2c9f0361..abfc2ee6047 100644 --- a/tools/test_configs/target_configs.json +++ b/tools/test_configs/target_configs.json @@ -1,21 +1,17 @@ { "K64F": { - "nsapi.socket-stats-enable": true, "default_test_configuration": "HEAPBLOCKDEVICE_AND_ETHERNET", "test_configurations": ["HEAPBLOCKDEVICE_AND_ETHERNET", "NANOSTACK_MAC_TESTER", "ESP8266_WIFI", "ETHERNET"] }, "NUCLEO_F429ZI": { - "nsapi.socket-stats-enable": true, "default_test_configuration": "HEAPBLOCKDEVICE_AND_ETHERNET", "test_configurations": ["HEAPBLOCKDEVICE_AND_ETHERNET", "NANOSTACK_MAC_TESTER"] }, "DISCO_L475VG_IOT01A": { - "nsapi.socket-stats-enable": true, "default_test_configuration": "NONE", "test_configurations": ["ISM43362_WIFI"] }, "DISCO_F413ZH": { - "nsapi.socket-stats-enable": true, "default_test_configuration": "NONE", "test_configurations": ["ISM43362_WIFI"] }, From 8ce87194fdc480c088efbcf28951e5eeadfb8772 Mon Sep 17 00:00:00 2001 From: Lingkai Dong Date: Tue, 22 Jun 2021 15:58:58 +0100 Subject: [PATCH 2/4] test configs: Test Experimental API on K64F/K66F When using the `mbed test` command to build and run tests, some targets have additional configurations/overrides defined in `tools/test_configs/`: * `target_configs.json` lists which targets support which configs. * `config_paths.json` maps the name of each config to the JSON file to use. By default, only `default_test_configuration` from `target_configs.json` gets used when building and running tests. Others listed in `test_configuration` need to be switched via `--test-config `. This commit enables Experimental API in the default configurations of K64F and K66F in order to test Mbed OS PSA. Any existing configs are kept, which is why `HeapBlockDeviceAndEthernetAndExperimental.json` is created for K64F. --- ...BlockDeviceAndEthernetAndExperimental.json | 37 +++++++++++++++++++ tools/test_configs/config_paths.json | 2 + tools/test_configs/experimental.json | 9 +++++ tools/test_configs/target_configs.json | 5 ++- 4 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 tools/test_configs/HeapBlockDeviceAndEthernetAndExperimental.json create mode 100644 tools/test_configs/experimental.json diff --git a/tools/test_configs/HeapBlockDeviceAndEthernetAndExperimental.json b/tools/test_configs/HeapBlockDeviceAndEthernetAndExperimental.json new file mode 100644 index 00000000000..2e481039e77 --- /dev/null +++ b/tools/test_configs/HeapBlockDeviceAndEthernetAndExperimental.json @@ -0,0 +1,37 @@ +{ + "config": { + "echo-server-addr" : { + "help" : "IP address of echo server", + "value" : "\"echo.mbedcloudtesting.com\"" + }, + "echo-server-port" : { + "help" : "Port of echo server", + "value" : "7" + }, + "echo-server-discard-port" : { + "help" : "Discard port of echo server", + "value" : "9" + }, + "echo-server-port-tls" : { + "help" : "Port of echo server for TLS", + "value" : "2007" + }, + "echo-server-discard-port-tls" : { + "help" : "Discard port of echo server for TLS", + "value" : "2009" + }, + "sim-blockdevice": { + "help": "Simulated block device, requires sufficient heap", + "macro_name": "MBED_TEST_SIM_BLOCKDEVICE", + "value": "HeapBlockDevice" + } + }, + "target_overrides": { + "*": { + "target.network-default-interface-type": "ETHERNET", + "target.features_add": [ + "EXPERIMENTAL_API" + ] + } + } +} diff --git a/tools/test_configs/config_paths.json b/tools/test_configs/config_paths.json index 5f9dfecbaee..9fa4d3283c6 100644 --- a/tools/test_configs/config_paths.json +++ b/tools/test_configs/config_paths.json @@ -1,7 +1,9 @@ { "ETHERNET" : "EthernetInterface.json", + "EXPERIMENTAL": "experimental.json", "HEAPBLOCKDEVICE": "HeapBlockDevice.json", "HEAPBLOCKDEVICE_AND_ETHERNET": "HeapBlockDeviceAndEthernetInterface.json", + "HEAPBLOCKDEVICE_AND_ETHERNET_AND_EXPERIMENTAL": "HeapBlockDeviceAndEthernetAndExperimental.json", "HEAPBLOCKDEVICE_AND_WIFI": "HeapBlockDeviceAndWifiInterface.json", "ESP8266_WIFI" : "ESP8266Interface.json", "ISM43362_WIFI" : "ISM43362Interface.json", diff --git a/tools/test_configs/experimental.json b/tools/test_configs/experimental.json new file mode 100644 index 00000000000..bf43e565646 --- /dev/null +++ b/tools/test_configs/experimental.json @@ -0,0 +1,9 @@ +{ + "target_overrides": { + "*": { + "target.features_add": [ + "EXPERIMENTAL_API" + ] + } + } +} diff --git a/tools/test_configs/target_configs.json b/tools/test_configs/target_configs.json index abfc2ee6047..84c28f3b037 100644 --- a/tools/test_configs/target_configs.json +++ b/tools/test_configs/target_configs.json @@ -1,8 +1,11 @@ { "K64F": { - "default_test_configuration": "HEAPBLOCKDEVICE_AND_ETHERNET", + "default_test_configuration": "HEAPBLOCKDEVICE_AND_ETHERNET_AND_EXPERIMENTAL", "test_configurations": ["HEAPBLOCKDEVICE_AND_ETHERNET", "NANOSTACK_MAC_TESTER", "ESP8266_WIFI", "ETHERNET"] }, + "K66F": { + "default_test_configuration": "EXPERIMENTAL" + }, "NUCLEO_F429ZI": { "default_test_configuration": "HEAPBLOCKDEVICE_AND_ETHERNET", "test_configurations": ["HEAPBLOCKDEVICE_AND_ETHERNET", "NANOSTACK_MAC_TESTER"] From fbca8e9c84c93894f81641b1bebc1119854b5084 Mon Sep 17 00:00:00 2001 From: Lingkai Dong Date: Fri, 25 Jun 2021 17:41:45 +0100 Subject: [PATCH 3/4] platform_mbed.h: Fix and align EXPERIMENTAL_API check Some of the lines in `platform_mbed.h` only have `FEATURE_PSA` checked, which is always set for Mbed OS PSA targets but the PSA APIs are not actually available unless `FEATURE_EXPERIMENTAL_API` is also enabled. To fix this and improve readability, group all PSA-related lines and check both macros. --- .../mbedtls/platform/inc/platform_mbed.h | 28 ++++++++++--------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/connectivity/mbedtls/platform/inc/platform_mbed.h b/connectivity/mbedtls/platform/inc/platform_mbed.h index bce33390219..548874bb8a6 100644 --- a/connectivity/mbedtls/platform/inc/platform_mbed.h +++ b/connectivity/mbedtls/platform/inc/platform_mbed.h @@ -21,7 +21,9 @@ #ifndef __PLATFORM_MBED__H__ #define __PLATFORM_MBED__H__ -#if (defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA) && defined(MBEDTLS_ENTROPY_NV_SEED)) +#if defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA) + +#if defined(MBEDTLS_ENTROPY_NV_SEED) #include "default_random_seed.h" @@ -37,19 +39,8 @@ * MBEDTLS_ENTROPY_NV_SEED is enabled. */ #define MBEDTLS_PSA_INJECT_ENTROPY -#endif // (defined(FEATURE_PSA) && defined(MBEDTLS_ENTROPY_NV_SEED)) - -#if DEVICE_TRNG -#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) -#define MBEDTLS_ENTROPY_HARDWARE_ALT -#endif -#endif - -#if defined(MBEDTLS_CONFIG_HW_SUPPORT) -#include "mbedtls_device.h" -#endif +#endif // defined(MBEDTLS_ENTROPY_NV_SEED) -#if defined(FEATURE_PSA) /* The following configurations are a needed for Mbed Crypto submodule. * They are related to the persistent key storage feature. */ @@ -58,6 +49,17 @@ #undef MBEDTLS_PSA_CRYPTO_STORAGE_FILE_C #define MBEDTLS_ENTROPY_HARDWARE_ALT + +#endif // defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA) + +#if DEVICE_TRNG +#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) +#define MBEDTLS_ENTROPY_HARDWARE_ALT +#endif +#endif + +#if defined(MBEDTLS_CONFIG_HW_SUPPORT) +#include "mbedtls_device.h" #endif /* From 929956d16a9d645ab18f733a2dcdb15660b9f4a8 Mon Sep 17 00:00:00 2001 From: Lingkai Dong Date: Tue, 29 Jun 2021 17:43:10 +0100 Subject: [PATCH 4/4] TLSSocketWrapper: Initialize PSA Crypto if used by Mbed TLS When `MBEDTLS_USE_PSA_CRYPTO` is set, Mbed TLS uses the PSA Crypto API where possible. It is necessary to initialize PSA Crypto beforehand. --- connectivity/netsocket/source/TLSSocketWrapper.cpp | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/connectivity/netsocket/source/TLSSocketWrapper.cpp b/connectivity/netsocket/source/TLSSocketWrapper.cpp index d3f06c96bd0..9879af9e913 100644 --- a/connectivity/netsocket/source/TLSSocketWrapper.cpp +++ b/connectivity/netsocket/source/TLSSocketWrapper.cpp @@ -28,6 +28,10 @@ #include "mbed_error.h" #include "rtos/Kernel.h" +#if defined(MBEDTLS_USE_PSA_CRYPTO) +#include "psa/crypto.h" +#endif + // This class requires Mbed TLS SSL/TLS client code #if defined(MBEDTLS_SSL_CLI_C) @@ -41,6 +45,16 @@ TLSSocketWrapper::TLSSocketWrapper(Socket *transport, const char *hostname, cont _clicert_allocated(false), _ssl_conf_allocated(false) { +#if defined(MBEDTLS_USE_PSA_CRYPTO) + // It is safe to call psa_crypto_init() any number of times as + // defined by the PSA Crypto API. There is no standard "deinit" + // function. + psa_status_t status = psa_crypto_init(); + if (status != PSA_SUCCESS) { + tr_err("psa_crypto_init() failed (" PRIu32 ")", status); + } +#endif /* MBEDTLS_USE_PSA_CRYPTO */ + #if defined(MBEDTLS_PLATFORM_C) int ret = mbedtls_platform_setup(nullptr); if (ret != 0) {