mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 15:32:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9831 from ronald-cron-arm/finalize-split-preparation-3

Browse Source 
Finalize split preparation-3
This commit is contained in:
Ronald Cron 2024-12-12 14:31:53 +00:00 committed by GitHub
commit a41d52a3f5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
98 changed files with 1041 additions and 909 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doxygen/mbedtls.doxyfile
View File

@ -7,6 +7,7 @@ EXTRACT_PRIVATE = YES
EXTRACT_STATIC = YES
CASE_SENSE_NAMES = NO
INPUT = ../include ../tf-psa-crypto/include input ../tf-psa-crypto/drivers/builtin/include ../tests/include/alt-dummy
EXCLUDE = ../tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h
FILE_PATTERNS = *.h
RECURSIVE = YES
EXCLUDE_SYMLINKS = YES

104
include/mbedtls/build_info.h
View File

@ -14,6 +14,8 @@
#ifndef MBEDTLS_BUILD_INFO_H
#define MBEDTLS_BUILD_INFO_H
#include "tf-psa-crypto/build_info.h"
/*
* This set of compile-time defines can be used to determine the version number
* of the Mbed TLS library used. Run-time variables for the same can be found in
@ -37,70 +39,6 @@
#define MBEDTLS_VERSION_STRING "4.0.0"
#define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 4.0.0"
/* Macros for build-time platform detection */
#if !defined(MBEDTLS_ARCH_IS_ARM64) && \
(defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC))
#define MBEDTLS_ARCH_IS_ARM64
#endif
#if !defined(MBEDTLS_ARCH_IS_ARM32) && \
(defined(__arm__) || defined(_M_ARM) || \
defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__))
#define MBEDTLS_ARCH_IS_ARM32
#endif
#if !defined(MBEDTLS_ARCH_IS_X64) && \
(defined(__amd64__) || defined(__x86_64__) || \
((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC)))
#define MBEDTLS_ARCH_IS_X64
#endif
#if !defined(MBEDTLS_ARCH_IS_X86) && \
(defined(__i386__) || defined(_X86_) || \
(defined(_M_IX86) && !defined(_M_I86)))
#define MBEDTLS_ARCH_IS_X86
#endif
#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \
(defined(_M_ARM64) || defined(_M_ARM64EC))
#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64
#endif
/* This is defined if the architecture is Armv8-A, or higher */
#if !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE)
#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A')
/* GCC, clang, armclang and IAR */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#elif defined(__ARM_ARCH_8A)
/* Alternative defined by clang */
#define MBEDTLS_ARCH_IS_ARMV8_A
#elif defined(_M_ARM64) || defined(_M_ARM64EC)
/* MSVC ARM64 is at least Armv8.0-A */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#endif
#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \
&& !defined(__llvm__) && !defined(__INTEL_COMPILER)
/* Defined if the compiler really is gcc and not clang, etc */
#define MBEDTLS_COMPILER_IS_GCC
#define MBEDTLS_GCC_VERSION \
(__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
#endif
#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1
#endif
/* Define `inline` on some non-C99-compliant compilers. */
#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if defined(MBEDTLS_CONFIG_FILES_READ)
#error "Something went wrong: MBEDTLS_CONFIG_FILES_READ defined before reading the config files!"
#endif
@ -108,7 +46,7 @@
#error "Something went wrong: MBEDTLS_CONFIG_IS_FINALIZED defined before reading the config files!"
#endif
/* X.509, TLS and non-PSA crypto configuration */
/* X.509 and TLS configuration */
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/mbedtls_config.h"
#else
@ -130,48 +68,12 @@
#include MBEDTLS_USER_CONFIG_FILE
#endif
/* PSA crypto configuration */
#if defined(TF_PSA_CRYPTO_CONFIG_FILE)
#include TF_PSA_CRYPTO_CONFIG_FILE
#else
#include "psa/crypto_config.h"
#endif
#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE)
#include TF_PSA_CRYPTO_USER_CONFIG_FILE
#endif
/* Indicate that all configuration files have been read.
* It is now time to adjust the configuration (follow through on dependencies,
* make PSA and legacy crypto consistent, etc.).
*/
#define MBEDTLS_CONFIG_FILES_READ
/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined
* to ensure a 128-bit key size in CTR_DRBG.
*/
#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C)
#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
#endif
/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it
* in a previous release, to ensure backwards compatibility.
*/
#if defined(MBEDTLS_PKCS5_C)
#define MBEDTLS_MD_C
#endif
/* PSA crypto specific configuration options
* - If config_psa.h reads a configuration option in preprocessor directive,
* this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C)
* - If config_psa.h writes a configuration option in conditional directive,
* this symbol should be consulted after its inclusion.
* (e.g. MBEDTLS_MD_LIGHT)
*/
#include "mbedtls/config_psa.h"
#include "mbedtls/config_adjust_legacy_crypto.h"
#include "mbedtls/config_adjust_x509.h"
#include "mbedtls/config_adjust_ssl.h"

650
include/mbedtls/check_config.h
View File

@ -1,5 +1,5 @@
/**
* \file check_config.h
* \file mbedtls/check_config.h
*
* \brief Consistency checks for configuration options
*
@ -26,54 +26,14 @@
"It is included automatically at the right point since Mbed TLS 3.0."
#endif /* !MBEDTLS_CONFIG_IS_FINALIZED */
/*
* We assume CHAR_BIT is 8 in many places. In practice, this is true on our
* target platforms, so not an issue, but let's just be extra sure.
*/
#include <limits.h>
#if CHAR_BIT != 8
#error "Mbed TLS requires a platform with 8-bit chars"
#endif
#include <stdint.h>
#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900)
#if !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_C is required on Windows"
#endif
/* See auto-enabling SNPRINTF_ALT and VSNPRINTF_ALT
* in * config_adjust_legacy_crypto.h */
#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */
#if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C)
#error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS"
#endif
#if defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(__GNUC__) && !defined(__clang__)
#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang"
#endif
#if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME)
#error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense"
#endif
/* Limitations on ECC key types acceleration: if we have any of `PUBLIC_KEY`,
* `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, `KEY_PAIR_EXPORT` then we must have
* all 4 of them.
*/
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
#error "Unsupported partial support for ECC key type acceleration, see docs/driver-only-builds.md"
#endif /* not all of public, basic, import, export */
#endif /* one of public, basic, import, export */
/* Limitations on ECC curves acceleration: partial curve acceleration is only
* supported with crypto excluding PK, X.509 or TLS.
* Note: no need to check X.509 as it depends on PK. */
@ -91,184 +51,12 @@
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
#if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
#if defined(MBEDTLS_PK_C) || \
defined(MBEDTLS_SSL_TLS_C)
#if defined(MBEDTLS_SSL_TLS_C)
#error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md"
#endif /* modules beyond what's supported */
#endif /* not all curves accelerated */
#endif /* some curve accelerated */
#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \
(defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_AES) && \
defined(PSA_WANT_ALG_ECB_NO_PADDING)))
#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C)
#error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CMAC_C) && \
( !defined(MBEDTLS_CIPHER_C ) || ( !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) ) )
#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_NIST_KW_C) && \
( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) )
#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_ALG_CBC_PKCS7)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_KEY_TYPE_DES)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously"
#endif
#endif
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_DES_C)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_NIST_KW_C)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously"
#endif
#endif
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECDSA_C) && \
( !defined(MBEDTLS_ECP_C) || \
!( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \
!defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_ASN1_WRITE_C) )
#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(PSA_HAVE_ALG_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C)
#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature"
#endif
#if defined(PSA_HAVE_ALG_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification"
#endif
#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_ECJPAKE_C) && \
!defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
!defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
!defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \
!defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) )
#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
!(defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_256))
#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64)
#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
(defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(PSA_WANT_ALG_SHA_512)) \
&& defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32)
#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(PSA_WANT_ALG_SHA_256)
#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
#endif
#if defined(__has_feature)
#if __has_feature(memory_sanitizer)
#define MBEDTLS_HAS_MEMSAN // #undef at the end of this paragraph
#endif
#endif
#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN)
#error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer"
#endif
#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM)
#error "MemorySanitizer does not support assembly implementation"
#endif
#undef MBEDTLS_HAS_MEMSAN // temporary macro defined above
#if defined(MBEDTLS_CCM_C) && \
!(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_CCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_GCM_C) && \
!(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HKDF_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(MBEDTLS_CAN_ECDH) || \
!defined(PSA_HAVE_ALG_ECDSA_SIGN) || \
@ -345,408 +133,11 @@
#error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires SHA-512, SHA-256 or SHA-1".
#endif
#if defined(MBEDTLS_MD_C) && \
!defined(PSA_WANT_ALG_MD5) && \
!defined(PSA_WANT_ALG_RIPEMD160) && \
!defined(PSA_WANT_ALG_SHA_1) && \
!defined(PSA_WANT_ALG_SHA_224) && \
!defined(PSA_WANT_ALG_SHA_256) && \
!defined(PSA_WANT_ALG_SHA_384) && \
!defined(PSA_WANT_ALG_SHA_512) && \
!defined(PSA_WANT_ALG_SHA3_224) && \
!defined(PSA_WANT_ALG_SHA3_256) && \
!defined(PSA_WANT_ALG_SHA3_384) && \
!defined(PSA_WANT_ALG_SHA3_512)
#error "MBEDTLS_MD_C defined, but no hash algorithm"
#endif
#if defined(MBEDTLS_LMS_C) && \
! ( defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_ALG_SHA_256) )
#error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256"
#endif
#if defined(MBEDTLS_LMS_PRIVATE) && \
( !defined(MBEDTLS_LMS_C) )
#error "MBEDTLS_LMS_PRIVATE requires MBEDTLS_LMS_C"
#endif
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C)
#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_C) && \
!defined(MBEDTLS_RSA_C) && !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
#error "MBEDTLS_PK_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_PARSE_C) && \
(!defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_OID_C) || \
!defined(MBEDTLS_PK_C))
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_WRITE_C) && \
(!defined(MBEDTLS_ASN1_WRITE_C) || \
!defined(MBEDTLS_OID_C) || \
!defined(MBEDTLS_PK_C))
#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\
defined(MBEDTLS_PLATFORM_EXIT_ALT) )
#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\
defined(MBEDTLS_PLATFORM_SETBUF_ALT) )
#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
defined(MBEDTLS_PLATFORM_TIME_ALT) )
#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
defined(MBEDTLS_PLATFORM_TIME_ALT) )
#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\
defined(MBEDTLS_PLATFORM_FPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
defined(MBEDTLS_PLATFORM_STD_FREE)
#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
defined(MBEDTLS_PLATFORM_STD_CALLOC)
#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO)
#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is"
#endif
#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\
defined(MBEDTLS_PLATFORM_PRINTF_ALT) )
#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\
defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\
defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
!defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\
!defined(MBEDTLS_PLATFORM_EXIT_ALT)
#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\
( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\
!defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\
!defined(MBEDTLS_PLATFORM_PRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\
!defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) )
#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\
!defined(MBEDTLS_ENTROPY_NV_SEED)
#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\
!defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\
!defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\
defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\
defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C) && \
!( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \
defined(MBEDTLS_ENTROPY_C) ) || \
defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) )
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \
defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \
! ( defined(MBEDTLS_PSA_CRYPTO_C) && \
defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) )
#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#if defined(MBEDTLS_DEPRECATED_REMOVED)
#error "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
#elif defined(MBEDTLS_DEPRECATED_WARNING)
#warning "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
#endif
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
! defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
!( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
defined(MBEDTLS_ENTROPY_NV_SEED) )
#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
!defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG"
#endif
#if defined(MBEDTLS_PSA_KEY_STORE_DYNAMIC) && \
defined(MBEDTLS_PSA_STATIC_KEY_SLOTS)
#error "MBEDTLS_PSA_KEY_STORE_DYNAMIC and MBEDTLS_PSA_STATIC_KEY_SLOTS cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PSA_ITS_FILE_C) && \
!defined(MBEDTLS_FS_IO)
#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) )
#error "MBEDTLS_RSA_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \
!defined(MBEDTLS_PKCS1_V15) )
#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled"
#endif
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) )
#error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*"
#endif
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
#if !defined(MBEDTLS_SHA512_C)
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C"
#endif
#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__)
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*"
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#if !defined(MBEDTLS_SHA256_C)
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C"
#endif
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system"
#endif
/* TLS 1.3 requires separate HKDF parts from PSA,
* and at least one ciphersuite, so at least SHA-256 or SHA-384
* from PSA to use with HKDF.
@ -924,27 +315,6 @@
#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_THREADING_PTHREAD)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
#endif
#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph
#endif
#if defined(MBEDTLS_THREADING_ALT)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
#endif
#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph
#endif
#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_C defined, single threading implementation required"
#endif
#undef MBEDTLS_THREADING_IMPL // temporary macro defined above
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_CLIENT)
#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
#endif
@ -988,15 +358,6 @@
#error "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)
#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously"
#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */
#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \
defined(MBEDTLS_HAVE_ASM)
#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously"
#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */
#if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) )
#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
#endif
@ -1070,12 +431,5 @@
#error "MBEDTLS_PKCS7_C is defined, but not all prerequisites"
#endif
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
* #if defined(MBEDTLS_xxx_C) that results in empty translation units.
*/
typedef int mbedtls_iso_c_forbids_empty_translation_units;
/* *INDENT-ON* */
#endif /* MBEDTLS_CHECK_CONFIG_H */

1
library/ssl_misc.h
View File

@ -11,6 +11,7 @@
#define MBEDTLS_SSL_MISC_H
#include "common.h"
#include "mbedtls/build_info.h"
#include "mbedtls/error.h"

1
library/x509_internal.h
View File

@ -11,6 +11,7 @@
#define MBEDTLS_X509_INTERNAL_H
#include "common.h"
#include "mbedtls/build_info.h"
#include "mbedtls/private_access.h"
#include "mbedtls/x509.h"

5
tests/Makefile
View File

@ -315,9 +315,10 @@ define libtestdriver1_rewrite :=
s!^(\s*#\s*include\s*[\"<])mbedtls/check_config.h!$${1}libtestdriver1/include/mbedtls/check_config.h!; \
s!^(\s*#\s*include\s*[\"<])mbedtls/!$${1}libtestdriver1/tf-psa-crypto/drivers/builtin/include/mbedtls/!; \
s!^(\s*#\s*include\s*[\"<])psa/!$${1}libtestdriver1/tf-psa-crypto/include/psa/!; \
s!^(\s*#\s*include\s*[\"<])tf-psa-crypto/!$${1}libtestdriver1/tf-psa-crypto/include/tf-psa-crypto/!; \
next if /^\s*#\s*include/; \
s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \
s/\b(?=mbedtls_|psa_)/libtestdriver1_/g;
s/\b(?=MBEDTLS_|PSA_|TF_PSA_CRYPTO_)/LIBTESTDRIVER1_/g; \
s/\b(?=mbedtls_|psa_|tf_psa_crypto_)/libtestdriver1_/g;
endef
libtestdriver1.a:

4
tests/scripts/check_names.py
View File

@ -239,6 +239,7 @@ class CodeParser():
"include/mbedtls/*.h",
"include/psa/*.h",
"tf-psa-crypto/include/psa/*.h",
"tf-psa-crypto/include/tf-psa-crypto/*.h",
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
"tf-psa-crypto/drivers/everest/include/everest/everest.h",
"tf-psa-crypto/drivers/everest/include/everest/x25519.h"
@ -258,6 +259,7 @@ class CodeParser():
"include/mbedtls/*.h",
"include/psa/*.h",
"tf-psa-crypto/include/psa/*.h",
"tf-psa-crypto/include/tf-psa-crypto/*.h",
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
"library/*.h",
"tf-psa-crypto/core/*.h",
@ -272,6 +274,7 @@ class CodeParser():
"include/mbedtls/*.h",
"include/psa/*.h",
"tf-psa-crypto/include/psa/*.h",
"tf-psa-crypto/include/tf-psa-crypto/*.h",
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
"library/*.h",
"tf-psa-crypto/core/*.h",
@ -283,6 +286,7 @@ class CodeParser():
"include/mbedtls/*.h",
"include/psa/*.h",
"tf-psa-crypto/include/psa/*.h",
"tf-psa-crypto/include/tf-psa-crypto/*.h",
"tf-psa-crypto/drivers/builtin/include/mbedtls/*.h",
"library/*.h",
"tf-psa-crypto/core/*.h",

19
tf-psa-crypto/CMakeLists.txt
View File

@ -150,11 +150,17 @@ else()
set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE})
endif()
endif()
if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE)
if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE)
# If 128-bit keys are configured for CTR_DRBG, display an appropriate warning
execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
RESULT_VARIABLE result)
execute_process(
COMMAND
${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${TF_PSA_CRYPTO_DIR}/scripts/config.py
-f ${TF_PSA_CRYPTO_DIR}/include/psa/crypto_config.h
get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
RESULT_VARIABLE
result
)
if(${result} EQUAL 0)
message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING})
endif()
@ -422,10 +428,15 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS)
DEPENDS ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include/test/test_keys.h)
add_dependencies(tf_psa_crypto_test tf_psa_crypto_test_keys_header)
endif()
file(WRITE
${CMAKE_CURRENT_BINARY_DIR}/tests/seedfile
"This is a seedfile that contains 64 bytes ......................"
)
target_include_directories(tf_psa_crypto_test
PRIVATE ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include
PRIVATE tests/include
PRIVATE ${MBEDTLS_DIR}/include
PRIVATE include
PRIVATE drivers/builtin/include
PRIVATE drivers/everest/include

3
tf-psa-crypto/core/CMakeLists.txt
View File

@ -132,8 +132,7 @@ foreach(target IN LISTS target_libraries)
# ${MBEDTLS_DIR}/include/ as we still need it. Include private header files
# from core/ and drivers/builtin/src/.
target_include_directories(${target}
PUBLIC $<BUILD_INTERFACE:${MBEDTLS_DIR}/include/>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include/>
PUBLIC $<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include/>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/drivers/builtin/include/>
$<INSTALL_INTERFACE:include/>
PRIVATE ${TF_PSA_CRYPTO_DIR}/core

2
tf-psa-crypto/core/common.h
View File

@ -11,7 +11,7 @@
#ifndef MBEDTLS_LIBRARY_COMMON_H
#define MBEDTLS_LIBRARY_COMMON_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "alignment.h"
#include <assert.h>

9
tf-psa-crypto/core/psa_crypto_core.h
View File

@ -9,14 +9,7 @@
#ifndef PSA_CRYPTO_CORE_H
#define PSA_CRYPTO_CORE_H
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "psa/crypto.h"
#include "psa/crypto_se_driver.h"

9
tf-psa-crypto/core/psa_crypto_invasive.h
View File

@ -16,14 +16,7 @@
#ifndef PSA_CRYPTO_INVASIVE_H
#define PSA_CRYPTO_INVASIVE_H
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "psa/crypto.h"
#include "common.h"

9
tf-psa-crypto/core/psa_crypto_se.h
View File

@ -9,14 +9,7 @@
#ifndef PSA_CRYPTO_SE_H
#define PSA_CRYPTO_SE_H
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "psa/crypto.h"
#include "psa/crypto_se_driver.h"

1
tf-psa-crypto/drivers/builtin/CMakeLists.txt
View File

@ -84,7 +84,6 @@ foreach (target IN LISTS target_libraries)
target_include_directories(${target}
PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/src>
$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
$<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include>
PRIVATE ${TF_PSA_CRYPTO_DIR}/core)
set_config_files_compile_definitions(${target})

2
tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h
View File

@ -29,7 +29,7 @@
#define MBEDTLS_AES_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/aria.h
View File

@ -18,7 +18,7 @@
#define MBEDTLS_ARIA_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_ASN1_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_ASN1_WRITE_H
#define MBEDTLS_ASN1_WRITE_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/asn1.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/base64.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_BASE64_H
#define MBEDTLS_BASE64_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_BIGNUM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/block_cipher.h
View File

@ -12,7 +12,7 @@
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#if defined(MBEDTLS_AES_C)
#include "mbedtls/aes.h"

16
tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h Normal file
View File

@ -0,0 +1,16 @@
/*
* Alias to tf-psa-crypto/build_info.h for the purpose
* of framework C headers and modules in the context
* of TF-PSA-Crypto.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef MBEDTLS_BUILD_INFO_H
#define MBEDTLS_BUILD_INFO_H
#include "tf-psa-crypto/build_info.h"
#endif /* MBEDTLS_BUILD_INFO_H */

2
tf-psa-crypto/drivers/builtin/include/mbedtls/camellia.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_CAMELLIA_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ccm.h
View File

@ -36,7 +36,7 @@
#define MBEDTLS_CCM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h
View File

@ -21,7 +21,7 @@
#define MBEDTLS_CHACHA20_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stdint.h>
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/chachapoly.h
View File

@ -21,7 +21,7 @@
#define MBEDTLS_CHACHAPOLY_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
/* for shared error codes */
#include "mbedtls/poly1305.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h
View File

@ -16,7 +16,7 @@
#define MBEDTLS_CIPHER_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include "mbedtls/platform_util.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/cmac.h
View File

@ -16,7 +16,7 @@
#define MBEDTLS_CMAC_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_crypto.h
View File

@ -24,7 +24,7 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_from_psa.h
View File

@ -17,7 +17,7 @@
#ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
#define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_psa_superset_legacy.h
View File

@ -19,7 +19,7 @@
#ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
#define MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_test_accelerators.h
View File

@ -37,7 +37,7 @@
#ifndef MBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS_H
#define MBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ctr_drbg.h
View File

@ -30,7 +30,7 @@
#define MBEDTLS_CTR_DRBG_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
/* The CTR_DRBG implementation can either directly call the low-level AES
* module (gated by MBEDTLS_AES_C) or call the PSA API to perform AES

2
tf-psa-crypto/drivers/builtin/include/mbedtls/des.h
View File

@ -16,7 +16,7 @@
#define MBEDTLS_DES_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h
View File

@ -52,7 +52,7 @@
#define MBEDTLS_DHM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/bignum.h"
/*

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h
View File

@ -21,7 +21,7 @@
#define MBEDTLS_ECDH_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/ecp.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h
View File

@ -19,7 +19,7 @@
#define MBEDTLS_ECDSA_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/ecp.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h
View File

@ -27,7 +27,7 @@
* The payloads are serialized in a way suitable for use in TLS, but could
* also be use outside TLS.
*/
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/ecp.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h
View File

@ -23,7 +23,7 @@
#define MBEDTLS_ECP_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/bignum.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/entropy.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_ENTROPY_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_ERROR_COMMON_H
#define MBEDTLS_ERROR_COMMON_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h
View File

@ -20,7 +20,7 @@
#define MBEDTLS_GCM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/hmac_drbg.h
View File

@ -15,7 +15,7 @@
#define MBEDTLS_HMAC_DRBG_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/lms.h
View File

@ -19,7 +19,7 @@
#include <stddef.h>
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#define MBEDTLS_ERR_LMS_BAD_INPUT_DATA -0x0011 /**< Bad data has been input to an LMS function */
#define MBEDTLS_ERR_LMS_OUT_OF_PRIVATE_KEYS -0x0013 /**< Specified LMS key has utilised all of its private keys */

2
tf-psa-crypto/drivers/builtin/include/mbedtls/md.h
View File

@ -17,7 +17,7 @@
#include <stddef.h>
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
/** The selected feature is not available. */

2
tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h
View File

@ -15,7 +15,7 @@
#define MBEDTLS_MD5_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/memory_buffer_alloc.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H
#define MBEDTLS_MEMORY_BUFFER_ALLOC_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/nist_kw.h
View File

@ -24,7 +24,7 @@
#define MBEDTLS_NIST_KW_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/oid.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_OID_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/asn1.h"
#include "mbedtls/pk.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/pem.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_PEM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h
View File

@ -12,7 +12,7 @@
#define MBEDTLS_PK_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs12.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_PKCS12_H
#define MBEDTLS_PKCS12_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/md.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs5.h
View File

@ -12,7 +12,7 @@
#ifndef MBEDTLS_PKCS5_H
#define MBEDTLS_PKCS5_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/platform_util.h"
#include "mbedtls/asn1.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/platform.h
View File

@ -27,7 +27,7 @@
#define MBEDTLS_PLATFORM_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#if defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/platform_time.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/platform_time.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_PLATFORM_TIME_H
#define MBEDTLS_PLATFORM_TIME_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#ifdef __cplusplus
extern "C" {

2
tf-psa-crypto/drivers/builtin/include/mbedtls/platform_util.h
View File

@ -11,7 +11,7 @@
#ifndef MBEDTLS_PLATFORM_UTIL_H
#define MBEDTLS_PLATFORM_UTIL_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#if defined(MBEDTLS_HAVE_TIME_DATE)

2
tf-psa-crypto/drivers/builtin/include/mbedtls/poly1305.h
View File

@ -21,7 +21,7 @@
#define MBEDTLS_POLY1305_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stdint.h>
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h
View File

@ -12,7 +12,7 @@
#define MBEDTLS_PSA_UTIL_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "psa/crypto.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_RIPEMD160_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h
View File

@ -17,7 +17,7 @@
#define MBEDTLS_RSA_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/bignum.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h
View File

@ -18,7 +18,7 @@
#define MBEDTLS_SHA1_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h
View File

@ -14,7 +14,7 @@
#define MBEDTLS_SHA256_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/sha3.h
View File

@ -16,7 +16,7 @@
#define MBEDTLS_SHA3_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h
View File

@ -13,7 +13,7 @@
#define MBEDTLS_SHA512_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>
#include <stdint.h>

2
tf-psa-crypto/drivers/builtin/include/mbedtls/threading.h
View File

@ -11,7 +11,7 @@
#define MBEDTLS_THREADING_H
#include "mbedtls/private_access.h"
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stdlib.h>

1
tf-psa-crypto/drivers/builtin/src/aesce.h
View File

@ -14,7 +14,6 @@
#ifndef MBEDTLS_AESCE_H
#define MBEDTLS_AESCE_H
#include "mbedtls/build_info.h"
#include "common.h"
#include "mbedtls/aes.h"

2
tf-psa-crypto/drivers/builtin/src/aesni.h
View File

@ -13,7 +13,7 @@
#ifndef MBEDTLS_AESNI_H
#define MBEDTLS_AESNI_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/aes.h"

2
tf-psa-crypto/drivers/builtin/src/block_cipher_internal.h
View File

@ -11,7 +11,7 @@
#ifndef MBEDTLS_BLOCK_CIPHER_INTERNAL_H
#define MBEDTLS_BLOCK_CIPHER_INTERNAL_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/src/bn_mul.h
View File

@ -24,7 +24,7 @@
#ifndef MBEDTLS_BN_MUL_H
#define MBEDTLS_BN_MUL_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/bignum.h"

2
tf-psa-crypto/drivers/builtin/src/cipher_wrap.h
View File

@ -12,7 +12,7 @@
#ifndef MBEDTLS_CIPHER_WRAP_H
#define MBEDTLS_CIPHER_WRAP_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/cipher.h"

2
tf-psa-crypto/drivers/builtin/src/entropy_poll.h
View File

@ -10,7 +10,7 @@
#ifndef MBEDTLS_ENTROPY_POLL_H
#define MBEDTLS_ENTROPY_POLL_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include <stddef.h>

2
tf-psa-crypto/drivers/builtin/src/lmots.h
View File

@ -14,7 +14,7 @@
#ifndef MBEDTLS_LMOTS_H
#define MBEDTLS_LMOTS_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "psa/crypto.h"

2
tf-psa-crypto/drivers/builtin/src/md_wrap.h
View File

@ -14,7 +14,7 @@
#ifndef MBEDTLS_MD_WRAP_H
#define MBEDTLS_MD_WRAP_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/md.h"

2
tf-psa-crypto/drivers/builtin/src/pk_wrap.h
View File

@ -11,7 +11,7 @@
#ifndef MBEDTLS_PK_WRAP_H
#define MBEDTLS_PK_WRAP_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/pk.h"

2
tf-psa-crypto/drivers/builtin/src/pkwrite.h
View File

@ -11,7 +11,7 @@
#ifndef MBEDTLS_PK_WRITE_H
#define MBEDTLS_PK_WRITE_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/pk.h"

2
tf-psa-crypto/drivers/builtin/src/rsa_alt_helpers.h
View File

@ -47,7 +47,7 @@
#ifndef MBEDTLS_RSA_ALT_HELPERS_H
#define MBEDTLS_RSA_ALT_HELPERS_H
#include "mbedtls/build_info.h"
#include "tf-psa-crypto/build_info.h"
#include "mbedtls/bignum.h"

2
tf-psa-crypto/drivers/everest/CMakeLists.txt
View File

@ -8,13 +8,11 @@ add_library(${everest_target}
set_base_compile_options(${everest_target})
target_include_directories(${everest_target}
PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
$<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/drivers/builtin/include>
$<INSTALL_INTERFACE:include>
PRIVATE include/everest
include/everest/kremlib
${MBEDTLS_DIR}/library
${TF_PSA_CRYPTO_DIR}/core)
set_config_files_compile_definitions(${everest_target})

4
tf-psa-crypto/drivers/p256-m/CMakeLists.txt
View File

@ -9,13 +9,11 @@ set_base_compile_options(${p256m_target})
target_include_directories(${p256m_target}
PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}>
$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/p256-m>
$<BUILD_INTERFACE:${MBEDTLS_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/drivers/builtin/include>
$<BUILD_INTERFACE:${TF_PSA_CRYPTO_DIR}/drivers/everest/include>
$<INSTALL_INTERFACE:include>
PRIVATE ${MBEDTLS_DIR}/library/
${TF_PSA_CRYPTO_DIR}/core)
PRIVATE ${TF_PSA_CRYPTO_DIR}/core)
set_config_files_compile_definitions(${p256m_target})
if(INSTALL_TF_PSA_CRYPTO_HEADERS)

5
tf-psa-crypto/include/CMakeLists.txt
View File

@ -2,12 +2,17 @@ option(INSTALL_TF_PSA_CRYPTO_HEADERS "Install TF PSA Crypto headers." ON)
if(INSTALL_TF_PSA_CRYPTO_HEADERS)
file(GLOB psa_headers "psa/*.h")
file(GLOB tf-psa-crypto_headers "tf-psa-crypto/*.h")
file(GLOB mbedtls_crypto_headers "../drivers/builtin/include/mbedtls/*.h")
install(FILES ${psa_headers}
DESTINATION include/psa
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(FILES ${tf-psa-crypto_headers}
DESTINATION include/tf-psa-crypto
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)
install(FILES ${mbedtls_crypto_headers}
DESTINATION include/mbedtls
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

20
tf-psa-crypto/include/psa/build_info.h
View File

@ -1,20 +0,0 @@
/**
* \file psa/build_info.h
*
* \brief Build-time PSA configuration info
*
* Include this file if you need to depend on the
* configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE
* in PSA cryptography core specific files.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef PSA_CRYPTO_BUILD_INFO_H
#define PSA_CRYPTO_BUILD_INFO_H
#include "mbedtls/build_info.h"
#endif /* PSA_CRYPTO_BUILD_INFO_H */

2
tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h
View File

@ -15,7 +15,7 @@
#ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
#define PSA_CRYPTO_ADJUST_AUTO_ENABLED_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h
View File

@ -18,7 +18,7 @@
#ifndef PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H
#define PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/include/psa/crypto_adjust_config_derived.h
View File

@ -12,7 +12,7 @@
#ifndef PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
#define PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h
View File

@ -21,7 +21,7 @@
#ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H
#define PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

2
tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h
View File

@ -16,7 +16,7 @@
#ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
#define PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H
#if !defined(MBEDTLS_CONFIG_FILES_READ)
#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \
"up to and including runtime errors such as buffer overflows. " \
"If you're trying to fix a complaint from check_config.h, just remove " \

10
tf-psa-crypto/include/psa/crypto_platform.h
View File

@ -21,15 +21,7 @@
#ifndef PSA_CRYPTO_PLATFORM_H
#define PSA_CRYPTO_PLATFORM_H
#include "mbedtls/private_access.h"
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
/* PSA requires several types which C99 provides in stdint.h. */
#include <stdint.h>

9
tf-psa-crypto/include/psa/crypto_sizes.h
View File

@ -28,14 +28,7 @@
#ifndef PSA_CRYPTO_SIZES_H
#define PSA_CRYPTO_SIZES_H
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
#define PSA_BITS_TO_BYTES(bits) (((bits) + 7u) / 8u)
#define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8u)

9
tf-psa-crypto/include/psa/crypto_struct.h
View File

@ -54,14 +54,7 @@
extern "C" {
#endif
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
/* Include the context definition for the compiled-in drivers for the primitive
* algorithms. */

9
tf-psa-crypto/include/psa/crypto_types.h
View File

@ -21,14 +21,7 @@
#ifndef PSA_CRYPTO_TYPES_H
#define PSA_CRYPTO_TYPES_H
/*
* Include the build-time configuration information header. Here, we do not
* include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which
* is basically just an alias to it. This is to ease the maintenance of the
* TF-PSA-Crypto repository which has a different build system and
* configuration.
*/
#include "psa/build_info.h"
#include "tf-psa-crypto/build_info.h"
/* Define the MBEDTLS_PRIVATE macro. */
#include "mbedtls/private_access.h"

141
tf-psa-crypto/include/tf-psa-crypto/build_info.h Normal file
View File

@ -0,0 +1,141 @@
/**
* \file tf-psa-crypto/build_info.h
*
* \brief Build-time configuration info
*
* Include this file if you need to depend on the
* configuration options defined in crypto_config.h or TF_PSA_CRYPTO_CONFIG_FILE.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef TF_PSA_CRYPTO_BUILD_INFO_H
#define TF_PSA_CRYPTO_BUILD_INFO_H
/* Macros for build-time platform detection */
#if !defined(MBEDTLS_ARCH_IS_ARM64) && \
(defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC))
#define MBEDTLS_ARCH_IS_ARM64
#endif
#if !defined(MBEDTLS_ARCH_IS_ARM32) && \
(defined(__arm__) || defined(_M_ARM) || \
defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__))
#define MBEDTLS_ARCH_IS_ARM32
#endif
#if !defined(MBEDTLS_ARCH_IS_X64) && \
(defined(__amd64__) || defined(__x86_64__) || \
((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC)))
#define MBEDTLS_ARCH_IS_X64
#endif
#if !defined(MBEDTLS_ARCH_IS_X86) && \
(defined(__i386__) || defined(_X86_) || \
(defined(_M_IX86) && !defined(_M_I86)))
#define MBEDTLS_ARCH_IS_X86
#endif
#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \
(defined(_M_ARM64) || defined(_M_ARM64EC))
#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64
#endif
/* This is defined if the architecture is Armv8-A, or higher */
#if !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE)
#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A')
/* GCC, clang, armclang and IAR */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#elif defined(__ARM_ARCH_8A)
/* Alternative defined by clang */
#define MBEDTLS_ARCH_IS_ARMV8_A
#elif defined(_M_ARM64) || defined(_M_ARM64EC)
/* MSVC ARM64 is at least Armv8.0-A */
#define MBEDTLS_ARCH_IS_ARMV8_A
#endif
#endif
#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \
&& !defined(__llvm__) && !defined(__INTEL_COMPILER)
/* Defined if the compiler really is gcc and not clang, etc */
#define MBEDTLS_COMPILER_IS_GCC
#define MBEDTLS_GCC_VERSION \
(__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
#endif
#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
#define _CRT_SECURE_NO_DEPRECATE 1
#endif
/* Define `inline` on some non-C99-compliant compilers. */
#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \
!defined(inline) && !defined(__cplusplus)
#define inline __inline
#endif
#if defined(TF_PSA_CRYPTO_CONFIG_FILES_READ)
#error \
"Something went wrong: TF_PSA_CRYPTO_CONFIG_FILES_READ defined before reading the config files!"
#endif
#if defined(TF_PSA_CRYPTO_CONFIG_IS_FINALIZED)
#error \
"Something went wrong: TF_PSA_CRYPTO_CONFIG_IS_FINALIZED defined before reading the config files!"
#endif
/* PSA crypto configuration */
#if defined(TF_PSA_CRYPTO_CONFIG_FILE)
#include TF_PSA_CRYPTO_CONFIG_FILE
#else
#include "psa/crypto_config.h"
#endif
#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE)
#include TF_PSA_CRYPTO_USER_CONFIG_FILE
#endif
/* Indicate that all configuration files have been read.
* It is now time to adjust the configuration (follow through on dependencies,
* make PSA and legacy crypto consistent, etc.).
*/
#define TF_PSA_CRYPTO_CONFIG_FILES_READ
/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if
* MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined
* to ensure a 128-bit key size in CTR_DRBG.
*/
#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C)
#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY
#endif
/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it
* in a previous release, to ensure backwards compatibility.
*/
#if defined(MBEDTLS_PKCS5_C)
#define MBEDTLS_MD_C
#endif
/* PSA crypto specific configuration options
* - If config_psa.h reads a configuration option in preprocessor directive,
* this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C)
* - If config_psa.h writes a configuration option in conditional directive,
* this symbol should be consulted after its inclusion.
* (e.g. MBEDTLS_MD_LIGHT)
*/
#include "mbedtls/config_psa.h"
#include "mbedtls/config_adjust_legacy_crypto.h"
/* Indicate that all configuration symbols are set,
* even the ones that are calculated programmatically.
* It is now safe to query the configuration (to check it, to size buffers,
* etc.).
*/
#define TF_PSA_CRYPTO_CONFIG_IS_FINALIZED
#include "tf-psa-crypto/check_config.h"
#endif /* TF_PSA_CRYPTO_BUILD_INFO_H */

698
tf-psa-crypto/include/tf-psa-crypto/check_config.h Normal file
View File

@ -0,0 +1,698 @@
/**
* \file tf-psa-crypto/check_config.h
*
* \brief Consistency checks for configuration options
*
* This is an internal header. Do not include it directly.
*
* This header is included automatically by all public TF-PSA-Crypto headers
* (via tf-psa-crypto/build_info.h). Do not include it directly in a
* configuration file such as psa/crypto_config.h or #TF_PSA_CRYPTO_USER_CONFIG_FILE!
* It would run at the wrong time due to missing derived symbols.
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#ifndef TF_PSA_CRYPTO_CHECK_CONFIG_H
#define TF_PSA_CRYPTO_CHECK_CONFIG_H
/* *INDENT-OFF* */
#if !defined(TF_PSA_CRYPTO_CONFIG_IS_FINALIZED)
#warning "Do not include mbedtls/check_config.h manually! " \
"This may cause spurious errors. " \
"It is included automatically at the right point since Mbed TLS 3.0."
#endif /* !TF_PSA_CRYPTO_CONFIG_IS_FINALIZED */
/*
* We assume CHAR_BIT is 8 in many places. In practice, this is true on our
* target platforms, so not an issue, but let's just be extra sure.
*/
#include <limits.h>
#if CHAR_BIT != 8
#error "Mbed TLS requires a platform with 8-bit chars"
#endif
#include <stdint.h>
#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900)
#if !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_C is required on Windows"
#endif
/* See auto-enabling SNPRINTF_ALT and VSNPRINTF_ALT
* in * config_adjust_legacy_crypto.h */
#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */
#if defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(__GNUC__) && !defined(__clang__)
#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang"
#endif
/* Limitations on ECC key types acceleration: if we have any of `PUBLIC_KEY`,
* `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, `KEY_PAIR_EXPORT` then we must have
* all 4 of them.
*/
#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \
!defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT)
#error "Unsupported partial support for ECC key type acceleration, see docs/driver-only-builds.md"
#endif /* not all of public, basic, import, export */
#endif /* one of public, basic, import, export */
/* Limitations on ECC curves acceleration: partial curve acceleration is only
* supported with crypto excluding PK, X.509 or TLS.
* Note: no need to check X.509 as it depends on PK. */
#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \
defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \
defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \
defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \
defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \
defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521)
#if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES)
#if defined(MBEDTLS_PK_C)
#error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md"
#endif /* modules beyond what's supported */
#endif /* not all curves accelerated */
#endif /* some curve accelerated */
#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \
(defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_AES) && \
defined(PSA_WANT_ALG_ECB_NO_PADDING)))
#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C)
#error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CMAC_C) && \
( !defined(MBEDTLS_CIPHER_C ) || ( !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) ) )
#error "MBEDTLS_CMAC_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_NIST_KW_C) && \
( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) )
#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#if defined(PSA_WANT_ALG_CBC_NO_PADDING)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_ALG_CBC_PKCS7)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_ALG_ECB_NO_PADDING)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously"
#endif
#if defined(PSA_WANT_KEY_TYPE_DES)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously"
#endif
#endif
#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_CIPHER_MODE_XTS)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_DES_C)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_NIST_KW_C)
#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously"
#endif
#endif
#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECDSA_C) && \
( !defined(MBEDTLS_ECP_C) || \
!( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \
defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \
!defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_ASN1_WRITE_C) )
#error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO)
#if defined(PSA_HAVE_ALG_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C)
#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature"
#endif
#if defined(PSA_HAVE_ALG_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C)
#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification"
#endif
#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_ECJPAKE_C) && \
!defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
!defined(MBEDTLS_ECP_C)
#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
!defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \
!defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \
!defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) )
#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
!(defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_256))
#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64)
#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
(defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(PSA_WANT_ALG_SHA_512)) \
&& defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32)
#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(MBEDTLS_ENTROPY_C) && \
defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(PSA_WANT_ALG_SHA_256)
#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
#endif
#if defined(__has_feature)
#if __has_feature(memory_sanitizer)
#define MBEDTLS_HAS_MEMSAN // #undef at the end of this paragraph
#endif
#endif
#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN)
#error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer"
#endif
#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM)
#error "MemorySanitizer does not support assembly implementation"
#endif
#undef MBEDTLS_HAS_MEMSAN // temporary macro defined above
#if defined(MBEDTLS_CCM_C) && \
!(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_CCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_GCM_C) && \
!(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \
defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA))
#error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C)
#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HKDF_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MD_C) && \
!defined(PSA_WANT_ALG_MD5) && \
!defined(PSA_WANT_ALG_RIPEMD160) && \
!defined(PSA_WANT_ALG_SHA_1) && \
!defined(PSA_WANT_ALG_SHA_224) && \
!defined(PSA_WANT_ALG_SHA_256) && \
!defined(PSA_WANT_ALG_SHA_384) && \
!defined(PSA_WANT_ALG_SHA_512) && \
!defined(PSA_WANT_ALG_SHA3_224) && \
!defined(PSA_WANT_ALG_SHA3_256) && \
!defined(PSA_WANT_ALG_SHA3_384) && \
!defined(PSA_WANT_ALG_SHA3_512)
#error "MBEDTLS_MD_C defined, but no hash algorithm"
#endif
#if defined(MBEDTLS_LMS_C) && \
! ( defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_ALG_SHA_256) )
#error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256"
#endif
#if defined(MBEDTLS_LMS_PRIVATE) && \
( !defined(MBEDTLS_LMS_C) )
#error "MBEDTLS_LMS_PRIVATE requires MBEDTLS_LMS_C"
#endif
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C)
#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_C) && \
!defined(MBEDTLS_RSA_C) && !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY)
#error "MBEDTLS_PK_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_PARSE_C) && \
(!defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(MBEDTLS_OID_C) || \
!defined(MBEDTLS_PK_C))
#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PK_WRITE_C) && \
(!defined(MBEDTLS_ASN1_WRITE_C) || \
!defined(MBEDTLS_OID_C) || \
!defined(MBEDTLS_PK_C))
#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\
defined(MBEDTLS_PLATFORM_EXIT_ALT) )
#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\
defined(MBEDTLS_PLATFORM_SETBUF_ALT) )
#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
defined(MBEDTLS_PLATFORM_TIME_ALT) )
#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_TIME) ||\
defined(MBEDTLS_PLATFORM_TIME_ALT) )
#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\
defined(MBEDTLS_PLATFORM_FPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
defined(MBEDTLS_PLATFORM_STD_FREE)
#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO)
#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\
defined(MBEDTLS_PLATFORM_STD_CALLOC)
#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO)
#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is"
#endif
#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\
defined(MBEDTLS_PLATFORM_PRINTF_ALT) )
#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\
defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\
defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) )
#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
!defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\
!defined(MBEDTLS_PLATFORM_EXIT_ALT)
#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\
( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\
!defined(MBEDTLS_HAVE_TIME) )
#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\
!defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\
!defined(MBEDTLS_PLATFORM_PRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\
!defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\
( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) )
#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\
!defined(MBEDTLS_ENTROPY_NV_SEED)
#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\
!defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\
!defined(MBEDTLS_PLATFORM_NV_SEED_ALT)
#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\
defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\
( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\
defined(MBEDTLS_PLATFORM_NV_SEED_ALT) )
#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C) && \
!( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \
defined(MBEDTLS_ENTROPY_C) ) || \
defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) )
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \
defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C)
#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \
! ( defined(MBEDTLS_PSA_CRYPTO_C) && \
defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) )
#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#if defined(MBEDTLS_DEPRECATED_REMOVED)
#error "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
#elif defined(MBEDTLS_DEPRECATED_WARNING)
#warning "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS"
#endif
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
! defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
!( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \
defined(MBEDTLS_ENTROPY_NV_SEED) )
#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
!defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources"
#endif
#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \
defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG"
#endif
#if defined(MBEDTLS_PSA_KEY_STORE_DYNAMIC) && \
defined(MBEDTLS_PSA_STATIC_KEY_SLOTS)
#error "MBEDTLS_PSA_KEY_STORE_DYNAMIC and MBEDTLS_PSA_STATIC_KEY_SLOTS cannot be defined simultaneously"
#endif
#if defined(MBEDTLS_PSA_ITS_FILE_C) && \
!defined(MBEDTLS_FS_IO)
#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(MBEDTLS_OID_C) )
#error "MBEDTLS_RSA_C defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \
!defined(MBEDTLS_PKCS1_V15) )
#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled"
#endif
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*"
#endif
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY)
#if !defined(MBEDTLS_SHA512_C)
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C"
#endif
#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */
#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__)
#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system"
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*"
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \
defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY)
#if !defined(MBEDTLS_SHA256_C)
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C"
#endif
#endif
#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A)
#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system"
#endif
#if defined(MBEDTLS_THREADING_PTHREAD)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
#endif
#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph
#endif
#if defined(MBEDTLS_THREADING_ALT)
#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
#endif
#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph
#endif
#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL)
#error "MBEDTLS_THREADING_C defined, single threading implementation required"
#endif
#undef MBEDTLS_THREADING_IMPL // temporary macro defined above
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_CLIENT)
#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64)
#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously"
#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */
#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \
defined(MBEDTLS_HAVE_ASM)
#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously"
#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */
/*
* Avoid warning from -pedantic. This is a convenient place for this
* workaround since this is included by every single file before the
* #if defined(MBEDTLS_xxx_C) that results in empty translation units.
*/
typedef int mbedtls_iso_c_forbids_empty_translation_units;
/* *INDENT-ON* */
#endif /* TF_PSA_CRYPTO_CHECK_CONFIG_H */

4
tf-psa-crypto/programs/test/cmake_package_install/.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
build
Makefile
cmake_package_install
tf-psa-crypto

40
tf-psa-crypto/programs/test/cmake_package_install/CMakeLists.txt Normal file
View File

@ -0,0 +1,40 @@
cmake_minimum_required(VERSION 3.5.1)
#
# Simulate configuring and building Mbed TLS as the user might do it. We'll
# install into a directory inside our own build directory.
#
set(TF-PSA-Crypto_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..")
set(TF-PSA-Crypto_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/tf-psa-crypto")
set(TF-PSA-Crypto_BINARY_DIR "${TF-PSA-Crypto_INSTALL_DIR}${CMAKE_FILES_DIRECTORY}")
execute_process(
COMMAND "${CMAKE_COMMAND}"
"-H${TF-PSA-Crypto_SOURCE_DIR}"
"-B${TF-PSA-Crypto_BINARY_DIR}"
"-DENABLE_PROGRAMS=NO"
"-DENABLE_TESTING=NO"
# Turn on generated files explicitly in case this is a release
"-DGEN_FILES=ON"
"-DCMAKE_INSTALL_PREFIX=${TF-PSA-Crypto_INSTALL_DIR}")
execute_process(
COMMAND "${CMAKE_COMMAND}"
--build "${TF-PSA-Crypto_BINARY_DIR}"
--target install)
#
# Locate the package.
#
list(INSERT CMAKE_PREFIX_PATH 0 "${TF-PSA-Crypto_INSTALL_DIR}")
find_package(TF-PSA-Crypto REQUIRED)
#
# At this point, the TF-PSA-Crypto targets should have been imported, and we
# can now link to them from our own program.
#
add_executable(cmake_package_install cmake_package_install.c)
target_link_libraries(cmake_package_install TF-PSA-Crypto::tfpsacrypto)

19
tf-psa-crypto/programs/test/cmake_package_install/cmake_package_install.c Normal file
View File

@ -0,0 +1,19 @@
/*
* Simple program to test that TF-PSA-Crypto builds correctly as an installable
* CMake package.
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
*/
#include <psa/crypto.h>
/* The main reason to build this is for testing the CMake build, so the program
* doesn't need to do very much. It calls a PSA cryptography API to ensure
* linkage works, but that is all. */
int main()
{
psa_crypto_init();
return 0;
}

3
tf-psa-crypto/scripts/config.py
View File

@ -58,6 +58,7 @@ EXCLUDE_FROM_FULL = frozenset([
'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY
'MBEDTLS_HAVE_SSE2', # hardware dependency
'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C
'MBEDTLS_MEMORY_BUFFER_ALLOC_C', # makes sanitizers (e.g. ASan) less effective
'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C
'MBEDTLS_NO_64BIT_MULTIPLICATION', # influences anything that uses bignum
'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature
@ -77,6 +78,8 @@ EXCLUDE_FROM_FULL = frozenset([
'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient
'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan)
'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers)
'MBEDTLS_PSA_STATIC_KEY_SLOTS', # only relevant for embedded devices
'MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE', # only relevant for embedded devices
*PSA_UNSUPPORTED_FEATURE,
*PSA_DEPRECATED_FEATURE,
*PSA_UNSTABLE_FEATURE

2
tf-psa-crypto/scripts/data_files/driver_jsons/p256_transparent_driver.json
View File

@ -2,7 +2,7 @@
"prefix": "p256",
"type": "transparent",
"mbedtls/h_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)",
"headers": ["../tf-psa-crypto/drivers/p256-m/p256-m_driver_entrypoints.h"],
"headers": ["../drivers/p256-m/p256-m_driver_entrypoints.h"],
"capabilities": [
{
"mbedtls/c_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)",

1
tf-psa-crypto/tests/CMakeLists.txt
View File

@ -304,7 +304,6 @@ function(add_test_suite suite_name)
# them as PUBLIC.
target_include_directories(test_suite_${data_name}
PRIVATE ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../core
PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../drivers/builtin/src)
# Request C11, which is needed for memory poisoning tests

9
tf-psa-crypto/tests/scripts/components-build-system.sh
View File

@ -31,3 +31,12 @@ component_test_tf_psa_crypto_cmake_as_subdirectory () {
make
./cmake_subproject
}
component_test_tf_psa_crypto_cmake_as_package_install () {
msg "build: cmake 'as-installed-package' build"
cd programs/test/cmake_package_install
# Note: Explicitly generate files as these are turned off in releases
cmake .
make
./cmake_package_install
}