-
Notifications
You must be signed in to change notification settings - Fork 657
/
Copy pathcreate_psa_files.py
executable file
·145 lines (117 loc) · 4.25 KB
/
create_psa_files.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
#!/bin/python3
# Copyright (c) 2024 Nordic Semiconductor ASA
# SPDX-License-Identifier: Apache-2.0
import re
import os
import sys
import argparse
from typing import List
SCRIPT_PATH = os.path.dirname(__file__)
INPUT_REL_PATH = os.path.join("..", "..", "..", "modules", "crypto", "mbedtls",
"include", "psa", "crypto_config.h")
INPUT_FILE = os.path.normpath(os.path.join(SCRIPT_PATH, INPUT_REL_PATH))
KCONFIG_PATH=os.path.join(SCRIPT_PATH, "Kconfig.psa.auto")
HEADER_PATH=os.path.join(SCRIPT_PATH, "configs", "config-psa.h")
KCONFIG_HEADER="""\
# Copyright (c) 2024 Nordic Semiconductor ASA
# SPDX-License-Identifier: Apache-2.0
# This file was automatically generated by {}
# from: {}.
# Do not edit it manually.
config PSA_CRYPTO_CLIENT
bool
help
Promptless symbol to state that there is a PSA crypto API provider
enabled in the system. This allows to select desired PSA_WANT features.
if PSA_CRYPTO_CLIENT
config PSA_CRYPTO_ENABLE_ALL
bool "All PSA crypto features"
""".format(os.path.basename(__file__), INPUT_REL_PATH)
KCONFIG_FOOTER="\nendif # PSA_CRYPTO_CLIENT\n"
H_HEADER="""\
/*
* Copyright (c) 2024 Nordic Semiconductor ASA
*
* SPDX-License-Identifier: Apache-2.0
*/
/* This file was automatically generated by {}
* from: {}
* Do not edit it manually.
*/
#ifndef CONFIG_PSA_H
#define CONFIG_PSA_H
""".format(os.path.basename(__file__), INPUT_REL_PATH)
H_FOOTER="\n#endif /* CONFIG_PSA_H */\n"
# In Mbed TLS the PSA_WANT_KEY_TYPE_[ECC|RSA|DH]_KEY_PAIR_BASIC build symbols
# are automatically enabled whenever any other _IMPORT, _EXPORT, _GENERATE or
# _DERIVE feature is set for the same key type
# (see "modules/crypto/mbedtls/include/psa/crypto_adjust_config_key_pair_types.h").
# Therefore we mimic the same pattern with Kconfigs as follows:
# - do not add _BASIC Kconfigs to the automatic generated file (KCONFIG_PATH);
# - add _BASIC Kconfigs to Kconfig.psa.logic and let them "default y" as soon as
# any other _IMPORT, _EXPORT, _GENERATE or _DERIVE Kconfigs are enabled.
SKIP_SYMBOLS = [
"PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_BASIC",
"PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC",
"PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC"
]
def parse_psa_symbols(input_file: str):
symbols = []
with open(input_file) as file:
content = file.readlines()
for line in content:
res = re.findall(r"^#define *(PSA_WANT_\w+)", line)
if len(res) > 0:
symbols.append(res[0])
return symbols
def generate_kconfig_content(symbols: List[str]) -> str:
output = []
for sym in symbols:
if sym in SKIP_SYMBOLS:
continue
output.append("""
config {0}
\tbool "{0}" if !MBEDTLS_PROMPTLESS
\tdefault y if PSA_CRYPTO_ENABLE_ALL
""".format(sym))
return KCONFIG_HEADER + "".join(output) + KCONFIG_FOOTER
def generate_header_content(symbols: List[str]) -> str:
output = []
for sym in symbols:
output.append("""
#if defined(CONFIG_{0})
#define {0} 1
#endif
""".format(sym))
return H_HEADER + "".join(output) + H_FOOTER
def generate_output_file(content: str, file_name: str):
with open(file_name, "wt") as output_file:
output_file.write(content)
def check_file(content: str, file_name: str):
file_content = ""
with open(file_name) as input_file:
file_content = input_file.read()
if file_content != content:
print()
return False
return True
def main():
arg_parser = argparse.ArgumentParser(allow_abbrev = False)
arg_parser.add_argument("--check", action = "store_true", default = False)
args = arg_parser.parse_args()
check_files = args.check
psa_symbols = parse_psa_symbols(INPUT_FILE)
kconfig_content = generate_kconfig_content(psa_symbols)
header_content = generate_header_content(psa_symbols)
if check_files:
if ((not check_file(kconfig_content, KCONFIG_PATH)) or
(not check_file(header_content, HEADER_PATH))):
print("Error: PSA Kconfig and header files do not match with the current"
"version of MbedTLS. Please update them.")
sys.exit(1)
else:
generate_output_file(kconfig_content, KCONFIG_PATH)
generate_output_file(header_content, HEADER_PATH)
sys.exit(0)
if __name__ == "__main__":
main()