Since PSA is always on in 4.x, *_PSA_INIT() and *_PSA_DONE() can be
simply aliased to PSA_INIT() and PSA_DONE() until such a time as we
remove them.
Simplify the login of these PSA_INIT/DONE variants by aliasing them in
4.x and keeping the more complex 3.6 logic entirely separate.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
In 4.x the semantics of MBEDTLS_PSA_CRYPTO_C and
MBEDTLS_PSA_CRYPTO_CLIENT are different compared with 3.6.
Where this is a problem, make guards more version-specific so that we
are guarding with MBEDTLS_PSA_CRYPTO_C for 3.6 and
MBEDTLS_PSA_CRYPTO_CLIENT for 4.x, keeping each branch the same as it
was formerly.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Allow tests/src and include/src to be Mbed TLS version-agnostic by:
* Sometimes accepting both an MBEDTLS_ and a PSA_ config option
* Sometimes using the version number to gate alternatives
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Now that dtls_server doesn't print "error" when it receives stray messages
while it's waiting for a second handshake, have the tests fail if "error" is
printed for some other reason.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
If MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE happens during the handshake, don't
show it as an "error". It might be an error, but it might also be a fact of
life if it happens during the second or more handshake: it can be a
duplicated packet or a close_notify alert from the previous connection,
which is hard to avoid and harmless.
Fixes#9652.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Copy of mbedtls top CMakeLists.txt file.
The TF-PSA-Crypto top CMakeList.txt file
will be derived from that file to outline
what is common and what is different
between the two.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Move library options to the top CMakeLists.txt.
That way:
- we will be able to set the TF-PSA-Crypto
library options according to the Mbed TLS ones.
- we can define the crypto library target names
in the top CMakeLists.txt and not in the library
one that is dedicated to the TLS and x509
libraries now.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Remove dependency on mbedtls_test_helpers
to build the crypto test suites.
mbedtls_test_helpers is TLS specific.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Rename MBEDTLS_PSA_CRYPTO_(USER_)CONFIG_FILE to
TF_PSA_CRYPTO_(USER_)CONFIG_FILE as we rename
crypto_config.h to tf_psa_crypto_config.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Re-organize "Mbed TLS modules" and "Module configuration options"
into "X.509 feature selection" and "TLS feature selection" for
better alignment with tf_psa_crypto_config.h.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Re-order mbedtls_config.h sections for
the order to be more aligned with the
tf_psa_crypto_config.h one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
