From 2547ae9fccc904992612ab7a9feaac9f61fc017b Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 20 Jan 2025 10:04:53 +0000 Subject: [PATCH 1/3] Move SSL macro checks from TF-PSA-Crypto to Mbed TLS This commit moves macro checks specifically for Mbed TLS from TF-PSA-Crypto to Mbed TLS where they more approriately belong. Signed-off-by: Harry Ramsey --- include/mbedtls/check_config.h | 5 +++++ library/ssl_misc.h | 1 + 2 files changed, 6 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 06613595b8..819ea0a030 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -174,6 +174,11 @@ "but no key exchange methods defined with MBEDTLS_KEY_EXCHANGE_xxxx" #endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ + !(defined(PSA_WANT_ALG_SHA_1) || defined(PSA_WANT_ALG_SHA_256) || defined(PSA_WANT_ALG_SHA_512)) +#error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_EARLY_DATA) && \ ( !defined(MBEDTLS_SSL_SESSION_TICKETS) || \ ( !defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) && \ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 8c2ad47b3a..9f91861f64 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -20,6 +20,7 @@ #include "psa/crypto.h" #include "psa_util_internal.h" +extern const mbedtls_error_pair_t psa_to_ssl_errors[7]; #if defined(PSA_WANT_ALG_MD5) #include "mbedtls/md5.h" From 285722a3fec9ce9bc429a96e4c45b44156c24402 Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Mon, 20 Jan 2025 10:08:00 +0000 Subject: [PATCH 2/3] Update TF-PSA-Crypto pointer This commit updates the TF-PSA-Crypto pointer to include the moved config files. Signed-off-by: Harry Ramsey --- tf-psa-crypto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf-psa-crypto b/tf-psa-crypto index df85eda50d..d6031a2ad2 160000 --- a/tf-psa-crypto +++ b/tf-psa-crypto @@ -1 +1 @@ -Subproject commit df85eda50d5cd7dbbd06843eaf4ca2c5ee27a874 +Subproject commit d6031a2ad2e5f420ecc532bdd24c4998c9d6fc92 From 93a496e8772e6a6371487d317c1bc90affdbc76b Mon Sep 17 00:00:00 2001 From: Harry Ramsey Date: Thu, 30 Jan 2025 21:31:46 +0000 Subject: [PATCH 3/3] Update framework pointer This commit updates the framework pointer to include changes to enable check_names.py to run independently for TF-PSA-Crypto and Mbed TLS. Signed-off-by: Harry Ramsey --- framework | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/framework b/framework index 8296a73ce0..78f70ca80f 160000 --- a/framework +++ b/framework @@ -1 +1 @@ -Subproject commit 8296a73ce0cb31fadf411b6929a3201beece37a5 +Subproject commit 78f70ca80f9d382aa45209a2b6cd0775c69723d4