Renamed MBEDTLS_PSA_CRYPTO_CONFIG_FILE & MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE

Files have been renamed respectively to: - TF_PSA_CRYPTO_CONFIG_FILE - TF_PSA_CRYPTO_USER_CONFIG_FILE As per design proposal: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
2025-01-29 21:33:02 +00:00 · 2024-11-14 14:56:47 +00:00 · 2024-11-14 14:56:47 +00:00 · 4f619e12e7
commit 4f619e12e7
parent c6e58aa4ac
9 changed files with 37 additions and 37 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -333,11 +333,11 @@ function(set_config_files_compile_definitions target)
    endif()
    if(TF_PSA_CRYPTO_CONFIG_FILE)
        target_compile_definitions(${target}
-            PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
+            PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
    endif()
    if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
        target_compile_definitions(${target}
-            PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
+            PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
    endif()
 endfunction(set_config_files_compile_definitions)

--- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h
+++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
@ -234,7 +234,7 @@
 * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
 * in mbedtls_config.h.
 *
- * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
+ * If the symbol #TF_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
 * an alternative header to include instead of include/psa/crypto_config.h.
 *
 * This feature is still experimental and is not ready for production since
@ -460,7 +460,7 @@
 //#define MBEDTLS_USER_CONFIG_FILE "/dev/null"

 /**
- * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_CONFIG_FILE
 *
 * If defined, this is a header which will be included instead of
 * `"psa/crypto_config.h"`.
@ -475,13 +475,13 @@
 * The value of this symbol is typically a path in double quotes, either
 * absolute or relative to a directory on the include search path.
 */
-//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
+//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"

 /**
- * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_USER_CONFIG_FILE
 *
 * If defined, this is a header which will be included after
- * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
+ * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE.
 * This allows you to modify the default configuration, including the ability
 * to undefine options that are enabled by default.
 *
@ -492,7 +492,7 @@
 * The value of this symbol is typically a path in double quotes, either
 * absolute or relative to a directory on the include search path.
 */
-//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
+//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"

 /** \} name SECTION: General configuration options */

--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@ -131,13 +131,13 @@
 #endif

 /* PSA crypto configuration */
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+#if defined(TF_PSA_CRYPTO_CONFIG_FILE)
+#include TF_PSA_CRYPTO_CONFIG_FILE
 #else
 #include "psa/crypto_config.h"
 #endif
-#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE)
+#include TF_PSA_CRYPTO_USER_CONFIG_FILE
 #endif

 /* Indicate that all configuration files have been read.
--- a/tests/configs/user-config-for-test.h
+++ b/tests/configs/user-config-for-test.h
@ -1,8 +1,8 @@
-/* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE for testing.
+/* TF_PSA_CRYPTO_USER_CONFIG_FILE for testing.
 * Only used for a few test configurations.
 *
 * Typical usage (note multiple levels of quoting):
- *     make CFLAGS="'-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
+ *     make CFLAGS="'-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
 */

 /*
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@ -184,7 +184,7 @@ component_build_cmake_custom_config_file () {
    cp tf-psa-crypto/include/psa/crypto_config.h $OUT_OF_SOURCE_DIR/full_crypto_config.h
    cd "$OUT_OF_SOURCE_DIR"
    echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
-    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR"
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR"
    make

    msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
@ -192,7 +192,7 @@ component_build_cmake_custom_config_file () {
    # that nothing else depends on).
    echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h

-    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR"
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR"
    make
    not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES

@ -216,7 +216,7 @@ component_build_cmake_custom_config_file () {
    cp tf-psa-crypto/include/psa/crypto_config.h full_crypto_config.h

    echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
-    cmake -DGEN_FILES=OFF -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_CONFIG_FILE=full_config.h .
+    cmake -DGEN_FILES=OFF -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h .
    make

    msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
@ -224,7 +224,7 @@ component_build_cmake_custom_config_file () {
    # that nothing else depends on).
    echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h

-    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h .
+    cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h .
    make
    not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES

--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@ -270,7 +270,7 @@ component_test_psa_inject_entropy () {
    scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
    scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
    scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
-    make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
+    make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"

    msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
    make test
@ -422,7 +422,7 @@ component_test_config_symmetric_only () {
    # whether they're on or off. So, disable cmake's (over-sensitive here)
    # dependency resolution for generated files and just rely on them being
    # present (thanks to pre_generate_files) by turning GEN_FILES off.
-    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-symmetric-only.h - unit tests"
@ -1405,7 +1405,7 @@ component_test_tfm_config_as_is () {
    msg "build: configs/config-tfm.h"
    MBEDTLS_CONFIG="configs/config-tfm.h"
    CRYPTO_CONFIG="configs/ext/crypto_config_profile_medium.h"
-    CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-tfm.h - unit tests"
@ -2650,22 +2650,22 @@ component_test_psa_crypto_drivers () {
 }

 component_build_psa_config_file () {
-    msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s
+    msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE" # ~40s
    cp "$CRYPTO_CONFIG_H" psa_test_config.h
-    echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H"
-    make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'"
+    echo '#error "TF_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H"
+    make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'"
    # Make sure this feature is enabled. We'll disable it in the next phase.
    programs/test/query_compile_time_config MBEDTLS_CMAC_C
    make clean

-    msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s
+    msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE + TF_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s
    # In the user config, disable one feature and its dependencies, which will
    # reflect on the mbedtls configuration so we can query it with
    # query_compile_time_config.
    echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h
    echo '#undef PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128' >> psa_user_config.h
    echo '#undef MBEDTLS_CMAC_C' >> psa_user_config.h
-    make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'"
+    make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DTF_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'"
    not programs/test/query_compile_time_config MBEDTLS_CMAC_C

    rm -f psa_test_config.h psa_user_config.h
--- a/tests/scripts/components-configuration-tls.sh
+++ b/tests/scripts/components-configuration-tls.sh
@ -22,7 +22,7 @@ component_test_config_suite_b () {
    # whether they're on or off. So, disable cmake's (over-sensitive here)
    # dependency resolution for generated files and just rely on them being
    # present (thanks to pre_generate_files) by turning GEN_FILES off.
-    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-suite-b.h - unit tests"
@ -170,7 +170,7 @@ component_test_config_thread () {
    # whether they're on or off. So, disable cmake's (over-sensitive here)
    # dependency resolution for generated files and just rely on them being
    # present (thanks to pre_generate_files) by turning GEN_FILES off.
-    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-thread.h - unit tests"
@ -193,7 +193,7 @@ component_test_tls1_2_ccm_psk () {
    # whether they're on or off. So, disable cmake's (over-sensitive here)
    # dependency resolution for generated files and just rely on them being
    # present (thanks to pre_generate_files) by turning GEN_FILES off.
-    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-ccm-psk-tls1_2.h - unit tests"
@ -216,7 +216,7 @@ component_test_tls1_2_ccm_psk_dtls () {
    # whether they're on or off. So, disable cmake's (over-sensitive here)
    # dependency resolution for generated files and just rely on them being
    # present (thanks to pre_generate_files) by turning GEN_FILES off.
-    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+    CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
    make

    msg "test: configs/config-ccm-psk-dtls1_2.h - unit tests"
--- a/tf-psa-crypto/CMakeLists.txt
+++ b/tf-psa-crypto/CMakeLists.txt
@ -359,11 +359,11 @@ function(set_config_files_compile_definitions target)
    endif()
    if(TF_PSA_CRYPTO_CONFIG_FILE)
        target_compile_definitions(${target}
-            PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
+            PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
    endif()
    if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
        target_compile_definitions(${target}
-            PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
+            PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
    endif()
 endfunction(set_config_files_compile_definitions)

--- a/tf-psa-crypto/include/psa/crypto_config.h
+++ b/tf-psa-crypto/include/psa/crypto_config.h
@ -608,7 +608,7 @@
 //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))

 /**
- * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_CONFIG_FILE
 *
 * If defined, this is a header which will be included instead of
 * `"psa/crypto_config.h"`.
@ -623,13 +623,13 @@
 * The value of this symbol is typically a path in double quotes, either
 * absolute or relative to a directory on the include search path.
 */
-//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
+//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"

 /**
- * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_USER_CONFIG_FILE
 *
 * If defined, this is a header which will be included after
- * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
+ * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE.
 * This allows you to modify the default configuration, including the ability
 * to undefine options that are enabled by default.
 *
@ -640,7 +640,7 @@
 * The value of this symbol is typically a path in double quotes, either
 * absolute or relative to a directory on the include search path.
 */
-//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
+//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"

 /**
 * \def MBEDTLS_SELF_TEST