Mbed-TLS
code size: Merge psa_core_key_attributes_t back into psa_key_attributes_t
Note: https://github.com/Mbed-TLS/mbedtls/pull/8840 changes the deal significantly.
Fix: #6496
This PR merge psa_core_key_attributes_t back into psa_key_attributes_t by making a condition to have RSA in the build.
As for previous implementation, we only keep core in key slot from psa_start_key_creation. Since now we use same structure to keep core and domain_parameters. To keep identical with previous implementation, slot_number, domain_parameters and domain_parameters_size are cleared in key slot.
Code size measurement:
command: ./scripts/code_size_compare.py -o 92a55bf5ea1a7237ff37e0416efccc45072e3cc1 -n 8be56e20d8f353fecbebe3fdca1ab5407f1718f0 -c tfm-medium -a armv8-m
result: (saved 300 bytes in total)
| File Name | Old Size | New Size | Change (Bytes) | Change (%) |
|---|---|---|---|---|
| psa_crypto.o | 19206 | 19056 | -150 | -0.78% |
| psa_crypto_client.o | 150 | 18 | -132 | -88% |
| psa_crypto_ecp.o | 1702 | 1684 | -18 | -1.01% |
PR checklist
Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")
- [ ] changelog provided, or not required
- [x] backport not required, it's a refactor for psa_key_attributes_t.
- [x] tests not required
The failure of ABI-API-checking is expected as we removed psa_core_key_attributes_t and merged attributes inside it into psa_key_attributes_t.
Can you rebase onto latest development please?
After doing this I get a compile failure in psa_crypto.c:
psa_crypto.c:1284:17: error: no member named 'domain_parameters' in 'struct psa_key_attributes_s'
attributes->domain_parameters = buffer;
~~~~~~~~~~ ^
psa_crypto.c:1285:17: error: no member named 'domain_parameters_size' in 'struct psa_key_attributes_s'
attributes->domain_parameters_size = buflen;
~~~~~~~~~~ ^
2 errors generated.
when building with the default config with +MBEDTLS_NO_PLATFORM_ENTROPY -MBEDTLS_FS_IO -MBEDTLS_PSA_ITS_FILE_C -MBEDTLS_TIMING_C -MBEDTLS_HAVE_TIME -MBEDTLS_HAVE_TIME_DATE -MBEDTLS_PSA_CRYPTO_STORAGE_C -MBEDTLS_NET_C -MBEDTLS_VERSION_FEATURES -MBEDTLS_VERSION_C -MBEDTLS_SELF_TEST
After doing this I get a compile failure in
psa_crypto.c:
Thanks Tom. Take a look into this error, it happens because we didn't define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR anymore after #7641.
So, had a thorough look now and this generally LGTM however I have that one question in the comment above. Once resolved I will be ready to approve.
@tom-daubney-arm @tom-cosgrove-arm Do you mind I rebase on head of development to re-trigger CI as 7870 has been merged?
@tom-daubney-arm @tom-cosgrove-arm Do you mind I rebase on head of development to re-trigger CI as 7870 has been merged?
Please do!
There is no conflict in rebase, but I added an extra commit 4f4d3c4 to remove core which is added in recent PR.
I found it's highly possible to break CI or cause new failure after I rebase. So I marked needs-ci to make sure we remember to rebase on head of development before merge this PR.
@yanrayw @tom-cosgrove-arm please progress this PR, it's a good size win that seems to have stalled
Although there is a merge conflict, as @tom-daubney-arm has approved this PR, i think it should be reasonable to wait until @tom-cosgrove-arm finishes his review. (It's highly possible to have merge conflicts in this PR, let me know if anyone has other suggestions.)
@daverodgman Do we want this one in 3.6 release?
@minosgalanakis probably nice to have?
