diff --git a/CMakeLists.txt b/CMakeLists.txt index 64d95dcef4..c5d19afb28 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -333,11 +333,11 @@ function(set_config_files_compile_definitions target) endif() if(TF_PSA_CRYPTO_CONFIG_FILE) target_compile_definitions(${target} - PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}") endif() if(TF_PSA_CRYPTO_USER_CONFIG_FILE) target_compile_definitions(${target} - PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}") endif() endfunction(set_config_files_compile_definitions) diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h index 84040f0f8b..8ef28ee332 100644 --- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h +++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h @@ -234,7 +234,7 @@ * mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols * in mbedtls_config.h. * - * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies + * If the symbol #TF_PSA_CRYPTO_CONFIG_FILE is defined, it specifies * an alternative header to include instead of include/psa/crypto_config.h. * * This feature is still experimental and is not ready for production since @@ -460,7 +460,7 @@ //#define MBEDTLS_USER_CONFIG_FILE "/dev/null" /** - * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE + * \def TF_PSA_CRYPTO_CONFIG_FILE * * If defined, this is a header which will be included instead of * `"psa/crypto_config.h"`. @@ -475,13 +475,13 @@ * The value of this symbol is typically a path in double quotes, either * absolute or relative to a directory on the include search path. */ -//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" +//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" /** - * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE + * \def TF_PSA_CRYPTO_USER_CONFIG_FILE * * If defined, this is a header which will be included after - * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. + * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE. * This allows you to modify the default configuration, including the ability * to undefine options that are enabled by default. * @@ -492,7 +492,7 @@ * The value of this symbol is typically a path in double quotes, either * absolute or relative to a directory on the include search path. */ -//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" +//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" /** \} name SECTION: General configuration options */ diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index da5ef4cae9..2025819556 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -131,13 +131,13 @@ #endif /* PSA crypto configuration */ -#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE +#if defined(TF_PSA_CRYPTO_CONFIG_FILE) +#include TF_PSA_CRYPTO_CONFIG_FILE #else #include "psa/crypto_config.h" #endif -#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE) -#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE +#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE) +#include TF_PSA_CRYPTO_USER_CONFIG_FILE #endif /* Indicate that all configuration files have been read. diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h index 48ac17a1c3..f230fd3c5c 100644 --- a/tests/configs/user-config-for-test.h +++ b/tests/configs/user-config-for-test.h @@ -1,8 +1,8 @@ -/* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE for testing. +/* TF_PSA_CRYPTO_USER_CONFIG_FILE for testing. * Only used for a few test configurations. * * Typical usage (note multiple levels of quoting): - * make CFLAGS="'-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" + * make CFLAGS="'-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" */ /* diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh index 93ec7cd3b4..bf2ce23acb 100644 --- a/tests/scripts/components-build-system.sh +++ b/tests/scripts/components-build-system.sh @@ -184,7 +184,7 @@ component_build_cmake_custom_config_file () { cp tf-psa-crypto/include/psa/crypto_config.h $OUT_OF_SOURCE_DIR/full_crypto_config.h cd "$OUT_OF_SOURCE_DIR" echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" - cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR" make msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" @@ -192,7 +192,7 @@ component_build_cmake_custom_config_file () { # that nothing else depends on). echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h - cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR" + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR" make not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES @@ -216,7 +216,7 @@ component_build_cmake_custom_config_file () { cp tf-psa-crypto/include/psa/crypto_config.h full_crypto_config.h echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H" - cmake -DGEN_FILES=OFF -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_CONFIG_FILE=full_config.h . + cmake -DGEN_FILES=OFF -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h . make msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE" @@ -224,7 +224,7 @@ component_build_cmake_custom_config_file () { # that nothing else depends on). echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h - cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h . + cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h . make not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh index 6897038957..b548137e30 100644 --- a/tests/scripts/components-configuration-crypto.sh +++ b/tests/scripts/components-configuration-crypto.sh @@ -270,7 +270,7 @@ component_test_psa_inject_entropy () { scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE - make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" + make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS" msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY" make test @@ -422,7 +422,7 @@ component_test_config_symmetric_only () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-symmetric-only.h - unit tests" @@ -1405,7 +1405,7 @@ component_test_tfm_config_as_is () { msg "build: configs/config-tfm.h" MBEDTLS_CONFIG="configs/config-tfm.h" CRYPTO_CONFIG="configs/ext/crypto_config_profile_medium.h" - CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-tfm.h - unit tests" @@ -2650,22 +2650,22 @@ component_test_psa_crypto_drivers () { } component_build_psa_config_file () { - msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s + msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE" # ~40s cp "$CRYPTO_CONFIG_H" psa_test_config.h - echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H" - make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'" + echo '#error "TF_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H" + make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'" # Make sure this feature is enabled. We'll disable it in the next phase. programs/test/query_compile_time_config MBEDTLS_CMAC_C make clean - msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s + msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE + TF_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s # In the user config, disable one feature and its dependencies, which will # reflect on the mbedtls configuration so we can query it with # query_compile_time_config. echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h echo '#undef PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128' >> psa_user_config.h echo '#undef MBEDTLS_CMAC_C' >> psa_user_config.h - make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'" + make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DTF_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'" not programs/test/query_compile_time_config MBEDTLS_CMAC_C rm -f psa_test_config.h psa_user_config.h diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh index 701a42c33c..9333ad1bf1 100644 --- a/tests/scripts/components-configuration-tls.sh +++ b/tests/scripts/components-configuration-tls.sh @@ -22,7 +22,7 @@ component_test_config_suite_b () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-suite-b.h - unit tests" @@ -170,7 +170,7 @@ component_test_config_thread () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-thread.h - unit tests" @@ -193,7 +193,7 @@ component_test_tls1_2_ccm_psk () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-ccm-psk-tls1_2.h - unit tests" @@ -216,7 +216,7 @@ component_test_tls1_2_ccm_psk_dtls () { # whether they're on or off. So, disable cmake's (over-sensitive here) # dependency resolution for generated files and just rely on them being # present (thanks to pre_generate_files) by turning GEN_FILES off. - CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . + CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan . make msg "test: configs/config-ccm-psk-dtls1_2.h - unit tests" diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index d30b78735c..b9eaa41fbf 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -359,11 +359,11 @@ function(set_config_files_compile_definitions target) endif() if(TF_PSA_CRYPTO_CONFIG_FILE) target_compile_definitions(${target} - PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}") endif() if(TF_PSA_CRYPTO_USER_CONFIG_FILE) target_compile_definitions(${target} - PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}") + PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}") endif() endfunction(set_config_files_compile_definitions) diff --git a/tf-psa-crypto/include/psa/crypto_config.h b/tf-psa-crypto/include/psa/crypto_config.h index bd23957051..9ab347f4d4 100644 --- a/tf-psa-crypto/include/psa/crypto_config.h +++ b/tf-psa-crypto/include/psa/crypto_config.h @@ -608,7 +608,7 @@ //#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result)) /** - * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE + * \def TF_PSA_CRYPTO_CONFIG_FILE * * If defined, this is a header which will be included instead of * `"psa/crypto_config.h"`. @@ -623,13 +623,13 @@ * The value of this symbol is typically a path in double quotes, either * absolute or relative to a directory on the include search path. */ -//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" +//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h" /** - * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE + * \def TF_PSA_CRYPTO_USER_CONFIG_FILE * * If defined, this is a header which will be included after - * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE. + * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE. * This allows you to modify the default configuration, including the ability * to undefine options that are enabled by default. * @@ -640,7 +640,7 @@ * The value of this symbol is typically a path in double quotes, either * absolute or relative to a directory on the include search path. */ -//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" +//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" /** * \def MBEDTLS_SELF_TEST