diff --git a/doxygen/mbedtls.doxyfile b/doxygen/mbedtls.doxyfile index 917b88d75f..6b09ae39a3 100644 --- a/doxygen/mbedtls.doxyfile +++ b/doxygen/mbedtls.doxyfile @@ -7,6 +7,7 @@ EXTRACT_PRIVATE = YES EXTRACT_STATIC = YES CASE_SENSE_NAMES = NO INPUT = ../include ../tf-psa-crypto/include input ../tf-psa-crypto/drivers/builtin/include ../tests/include/alt-dummy +EXCLUDE = ../tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h FILE_PATTERNS = *.h RECURSIVE = YES EXCLUDE_SYMLINKS = YES diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index 2025819556..534f01658c 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -14,6 +14,8 @@ #ifndef MBEDTLS_BUILD_INFO_H #define MBEDTLS_BUILD_INFO_H +#include "tf-psa-crypto/build_info.h" + /* * This set of compile-time defines can be used to determine the version number * of the Mbed TLS library used. Run-time variables for the same can be found in @@ -37,70 +39,6 @@ #define MBEDTLS_VERSION_STRING "4.0.0" #define MBEDTLS_VERSION_STRING_FULL "Mbed TLS 4.0.0" -/* Macros for build-time platform detection */ - -#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ - (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) -#define MBEDTLS_ARCH_IS_ARM64 -#endif - -#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ - (defined(__arm__) || defined(_M_ARM) || \ - defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) -#define MBEDTLS_ARCH_IS_ARM32 -#endif - -#if !defined(MBEDTLS_ARCH_IS_X64) && \ - (defined(__amd64__) || defined(__x86_64__) || \ - ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) -#define MBEDTLS_ARCH_IS_X64 -#endif - -#if !defined(MBEDTLS_ARCH_IS_X86) && \ - (defined(__i386__) || defined(_X86_) || \ - (defined(_M_IX86) && !defined(_M_I86))) -#define MBEDTLS_ARCH_IS_X86 -#endif - -#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \ - (defined(_M_ARM64) || defined(_M_ARM64EC)) -#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64 -#endif - -/* This is defined if the architecture is Armv8-A, or higher */ -#if !defined(MBEDTLS_ARCH_IS_ARMV8_A) -#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE) -#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A') -/* GCC, clang, armclang and IAR */ -#define MBEDTLS_ARCH_IS_ARMV8_A -#endif -#elif defined(__ARM_ARCH_8A) -/* Alternative defined by clang */ -#define MBEDTLS_ARCH_IS_ARMV8_A -#elif defined(_M_ARM64) || defined(_M_ARM64EC) -/* MSVC ARM64 is at least Armv8.0-A */ -#define MBEDTLS_ARCH_IS_ARMV8_A -#endif -#endif - -#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ - && !defined(__llvm__) && !defined(__INTEL_COMPILER) -/* Defined if the compiler really is gcc and not clang, etc */ -#define MBEDTLS_COMPILER_IS_GCC -#define MBEDTLS_GCC_VERSION \ - (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) -#endif - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/* Define `inline` on some non-C99-compliant compilers. */ -#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ - !defined(inline) && !defined(__cplusplus) -#define inline __inline -#endif - #if defined(MBEDTLS_CONFIG_FILES_READ) #error "Something went wrong: MBEDTLS_CONFIG_FILES_READ defined before reading the config files!" #endif @@ -108,7 +46,7 @@ #error "Something went wrong: MBEDTLS_CONFIG_IS_FINALIZED defined before reading the config files!" #endif -/* X.509, TLS and non-PSA crypto configuration */ +/* X.509 and TLS configuration */ #if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/mbedtls_config.h" #else @@ -130,48 +68,12 @@ #include MBEDTLS_USER_CONFIG_FILE #endif -/* PSA crypto configuration */ -#if defined(TF_PSA_CRYPTO_CONFIG_FILE) -#include TF_PSA_CRYPTO_CONFIG_FILE -#else -#include "psa/crypto_config.h" -#endif -#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE) -#include TF_PSA_CRYPTO_USER_CONFIG_FILE -#endif - /* Indicate that all configuration files have been read. * It is now time to adjust the configuration (follow through on dependencies, * make PSA and legacy crypto consistent, etc.). */ #define MBEDTLS_CONFIG_FILES_READ -/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if - * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined - * to ensure a 128-bit key size in CTR_DRBG. - */ -#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C) -#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY -#endif - -/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it - * in a previous release, to ensure backwards compatibility. - */ -#if defined(MBEDTLS_PKCS5_C) -#define MBEDTLS_MD_C -#endif - -/* PSA crypto specific configuration options - * - If config_psa.h reads a configuration option in preprocessor directive, - * this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C) - * - If config_psa.h writes a configuration option in conditional directive, - * this symbol should be consulted after its inclusion. - * (e.g. MBEDTLS_MD_LIGHT) - */ -#include "mbedtls/config_psa.h" - -#include "mbedtls/config_adjust_legacy_crypto.h" - #include "mbedtls/config_adjust_x509.h" #include "mbedtls/config_adjust_ssl.h" diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 91b88bd8eb..9deb14fc1f 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -1,5 +1,5 @@ /** - * \file check_config.h + * \file mbedtls/check_config.h * * \brief Consistency checks for configuration options * @@ -26,54 +26,14 @@ "It is included automatically at the right point since Mbed TLS 3.0." #endif /* !MBEDTLS_CONFIG_IS_FINALIZED */ -/* - * We assume CHAR_BIT is 8 in many places. In practice, this is true on our - * target platforms, so not an issue, but let's just be extra sure. - */ -#include -#if CHAR_BIT != 8 -#error "Mbed TLS requires a platform with 8-bit chars" -#endif - -#include - -#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900) -#if !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_C is required on Windows" -#endif -/* See auto-enabling SNPRINTF_ALT and VSNPRINTF_ALT - * in * config_adjust_legacy_crypto.h */ -#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */ - #if defined(TARGET_LIKE_MBED) && defined(MBEDTLS_NET_C) #error "The NET module is not available for mbed OS - please use the network functions provided by Mbed OS" #endif -#if defined(MBEDTLS_DEPRECATED_WARNING) && \ - !defined(__GNUC__) && !defined(__clang__) -#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang" -#endif - #if defined(MBEDTLS_HAVE_TIME_DATE) && !defined(MBEDTLS_HAVE_TIME) #error "MBEDTLS_HAVE_TIME_DATE without MBEDTLS_HAVE_TIME does not make sense" #endif -/* Limitations on ECC key types acceleration: if we have any of `PUBLIC_KEY`, - * `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, `KEY_PAIR_EXPORT` then we must have - * all 4 of them. - */ -#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ - defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) -#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ - !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) -#error "Unsupported partial support for ECC key type acceleration, see docs/driver-only-builds.md" -#endif /* not all of public, basic, import, export */ -#endif /* one of public, basic, import, export */ - /* Limitations on ECC curves acceleration: partial curve acceleration is only * supported with crypto excluding PK, X.509 or TLS. * Note: no need to check X.509 as it depends on PK. */ @@ -91,184 +51,12 @@ defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) #if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) -#if defined(MBEDTLS_PK_C) || \ - defined(MBEDTLS_SSL_TLS_C) +#if defined(MBEDTLS_SSL_TLS_C) #error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md" #endif /* modules beyond what's supported */ #endif /* not all curves accelerated */ #endif /* some curve accelerated */ -#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \ - (defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_AES) && \ - defined(PSA_WANT_ALG_ECB_NO_PADDING))) -#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C) -#error "MBEDTLS_DHM_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_CMAC_C) && \ - ( !defined(MBEDTLS_CIPHER_C ) || ( !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) ) ) -#error "MBEDTLS_CMAC_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_NIST_KW_C) && \ - ( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) ) -#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) -#if defined(PSA_WANT_ALG_CBC_NO_PADDING) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously" -#endif -#if defined(PSA_WANT_ALG_CBC_PKCS7) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously" -#endif -#if defined(PSA_WANT_ALG_ECB_NO_PADDING) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously" -#endif -#if defined(PSA_WANT_KEY_TYPE_DES) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously" -#endif -#endif - -#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) -#if defined(MBEDTLS_CIPHER_MODE_CBC) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously" -#endif -#if defined(MBEDTLS_CIPHER_MODE_XTS) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously" -#endif -#if defined(MBEDTLS_DES_C) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously" -#endif -#if defined(MBEDTLS_NIST_KW_C) -#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously" -#endif -#endif - -#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) -#error "MBEDTLS_ECDH_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ECDSA_C) && \ - ( !defined(MBEDTLS_ECP_C) || \ - !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ - defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \ - !defined(MBEDTLS_ASN1_PARSE_C) || \ - !defined(MBEDTLS_ASN1_WRITE_C) ) -#error "MBEDTLS_ECDSA_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) -#if defined(PSA_HAVE_ALG_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C) -#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature" -#endif -#if defined(PSA_HAVE_ALG_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C) -#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification" -#endif -#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */ - -#if defined(MBEDTLS_ECJPAKE_C) && \ - !defined(MBEDTLS_ECP_C) -#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ECP_RESTARTABLE) && \ - !defined(MBEDTLS_ECP_C) -#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) -#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ - !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ - !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) -#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" -#endif - -#if defined(MBEDTLS_ENTROPY_C) && \ - !(defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_256)) -#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" -#endif -#if defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64) -#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" -#endif -#if defined(MBEDTLS_ENTROPY_C) && \ - (defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(PSA_WANT_ALG_SHA_512)) \ - && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32) -#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" -#endif -#if defined(MBEDTLS_ENTROPY_C) && \ - defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(PSA_WANT_ALG_SHA_256) -#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" -#endif - -#if defined(__has_feature) -#if __has_feature(memory_sanitizer) -#define MBEDTLS_HAS_MEMSAN // #undef at the end of this paragraph -#endif -#endif -#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN) -#error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer" -#endif -#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM) -#error "MemorySanitizer does not support assembly implementation" -#endif -#undef MBEDTLS_HAS_MEMSAN // temporary macro defined above - -#if defined(MBEDTLS_CCM_C) && \ - !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ - defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) -#error "MBEDTLS_CCM_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_GCM_C) && \ - !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ - defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) -#error "MBEDTLS_GCM_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C) -#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C) -#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C) -#error "MBEDTLS_HKDF_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C) -#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ ( !defined(MBEDTLS_CAN_ECDH) || \ !defined(PSA_HAVE_ALG_ECDSA_SIGN) || \ @@ -345,408 +133,11 @@ #error "!MBEDTLS_SSL_KEEP_PEER_CERTIFICATE requires SHA-512, SHA-256 or SHA-1". #endif -#if defined(MBEDTLS_MD_C) && \ - !defined(PSA_WANT_ALG_MD5) && \ - !defined(PSA_WANT_ALG_RIPEMD160) && \ - !defined(PSA_WANT_ALG_SHA_1) && \ - !defined(PSA_WANT_ALG_SHA_224) && \ - !defined(PSA_WANT_ALG_SHA_256) && \ - !defined(PSA_WANT_ALG_SHA_384) && \ - !defined(PSA_WANT_ALG_SHA_512) && \ - !defined(PSA_WANT_ALG_SHA3_224) && \ - !defined(PSA_WANT_ALG_SHA3_256) && \ - !defined(PSA_WANT_ALG_SHA3_384) && \ - !defined(PSA_WANT_ALG_SHA3_512) -#error "MBEDTLS_MD_C defined, but no hash algorithm" -#endif - -#if defined(MBEDTLS_LMS_C) && \ - ! ( defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_ALG_SHA_256) ) -#error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256" -#endif - -#if defined(MBEDTLS_LMS_PRIVATE) && \ - ( !defined(MBEDTLS_LMS_C) ) -#error "MBEDTLS_LMS_PRIVATE requires MBEDTLS_LMS_C" -#endif - -#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) -#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) -#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C) -#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C) -#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PK_C) && \ - !defined(MBEDTLS_RSA_C) && !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) -#error "MBEDTLS_PK_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PK_PARSE_C) && \ - (!defined(MBEDTLS_ASN1_PARSE_C) || \ - !defined(MBEDTLS_OID_C) || \ - !defined(MBEDTLS_PK_C)) -#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PK_WRITE_C) && \ - (!defined(MBEDTLS_ASN1_WRITE_C) || \ - !defined(MBEDTLS_OID_C) || \ - !defined(MBEDTLS_PK_C)) -#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\ - defined(MBEDTLS_PLATFORM_EXIT_ALT) ) -#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\ - defined(MBEDTLS_PLATFORM_SETBUF_ALT) ) -#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\ - ( !defined(MBEDTLS_PLATFORM_C) ||\ - !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\ - ( !defined(MBEDTLS_PLATFORM_C) ||\ - !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\ - ( !defined(MBEDTLS_PLATFORM_C) ||\ - !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\ - defined(MBEDTLS_PLATFORM_TIME_ALT) ) -#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\ - defined(MBEDTLS_PLATFORM_TIME_ALT) ) -#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\ - defined(MBEDTLS_PLATFORM_FPRINTF_ALT) ) -#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) -#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ - defined(MBEDTLS_PLATFORM_STD_FREE) -#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO) -#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is" -#endif - -#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) -#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ - defined(MBEDTLS_PLATFORM_STD_CALLOC) -#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO) -#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is" -#endif - -#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\ - defined(MBEDTLS_PLATFORM_PRINTF_ALT) ) -#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\ - defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) ) -#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) -#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\ - defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) ) -#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\ - !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) -#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY) -#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY) -#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\ - !defined(MBEDTLS_PLATFORM_EXIT_ALT) -#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\ - ( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\ - !defined(MBEDTLS_HAVE_TIME) ) -#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\ - !defined(MBEDTLS_PLATFORM_FPRINTF_ALT) -#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\ - !defined(MBEDTLS_PLATFORM_PRINTF_ALT) -#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\ - !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) -#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\ - ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) ) -#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\ - !defined(MBEDTLS_ENTROPY_NV_SEED) -#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\ - !defined(MBEDTLS_PLATFORM_NV_SEED_ALT) -#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\ - !defined(MBEDTLS_PLATFORM_NV_SEED_ALT) -#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\ - defined(MBEDTLS_PLATFORM_NV_SEED_ALT) ) -#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\ - ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\ - defined(MBEDTLS_PLATFORM_NV_SEED_ALT) ) -#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_C) && \ - !( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \ - defined(MBEDTLS_ENTROPY_C) ) || \ - defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) ) -#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \ - defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C) -#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \ - ! ( defined(MBEDTLS_PSA_CRYPTO_C) && \ - defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) ) -#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PSA_CRYPTO_SE_C) -#if defined(MBEDTLS_DEPRECATED_REMOVED) -#error "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS" -#elif defined(MBEDTLS_DEPRECATED_WARNING) -#warning "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS" -#endif -#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ - -#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - ! defined(MBEDTLS_PSA_CRYPTO_C) -#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ - !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ - defined(MBEDTLS_ENTROPY_NV_SEED) ) -#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ - !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) -#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources" -#endif - -#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ - defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) -#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG" -#endif - -#if defined(MBEDTLS_PSA_KEY_STORE_DYNAMIC) && \ - defined(MBEDTLS_PSA_STATIC_KEY_SLOTS) -#error "MBEDTLS_PSA_KEY_STORE_DYNAMIC and MBEDTLS_PSA_STATIC_KEY_SLOTS cannot be defined simultaneously" -#endif - -#if defined(MBEDTLS_PSA_ITS_FILE_C) && \ - !defined(MBEDTLS_FS_IO) -#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ - !defined(MBEDTLS_OID_C) ) -#error "MBEDTLS_RSA_C defined, but not all prerequisites" -#endif - -#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \ - !defined(MBEDTLS_PKCS1_V15) ) -#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" -#endif - #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) ) #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #endif -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" -#endif - -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) -#if !defined(MBEDTLS_SHA512_C) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" -#endif - -#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ - -#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) -#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" -#endif - -#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ - defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) -#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" -#endif - -#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ - defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) -#if !defined(MBEDTLS_SHA256_C) -#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" -#endif - -#endif - -#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) -#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system" -#endif - /* TLS 1.3 requires separate HKDF parts from PSA, * and at least one ciphersuite, so at least SHA-256 or SHA-384 * from PSA to use with HKDF. @@ -924,27 +315,6 @@ #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" #endif -#if defined(MBEDTLS_THREADING_PTHREAD) -#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) -#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" -#endif -#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph -#endif -#if defined(MBEDTLS_THREADING_ALT) -#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) -#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites" -#endif -#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph -#endif -#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL) -#error "MBEDTLS_THREADING_C defined, single threading implementation required" -#endif -#undef MBEDTLS_THREADING_IMPL // temporary macro defined above - -#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_CLIENT) -#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C) #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #endif @@ -988,15 +358,6 @@ #error "MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK defined, but not all prerequisites" #endif -#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64) -#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously" -#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */ - -#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \ - defined(MBEDTLS_HAVE_ASM) -#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously" -#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */ - #if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) ) #error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites" #endif @@ -1070,12 +431,5 @@ #error "MBEDTLS_PKCS7_C is defined, but not all prerequisites" #endif -/* - * Avoid warning from -pedantic. This is a convenient place for this - * workaround since this is included by every single file before the - * #if defined(MBEDTLS_xxx_C) that results in empty translation units. - */ -typedef int mbedtls_iso_c_forbids_empty_translation_units; - /* *INDENT-ON* */ #endif /* MBEDTLS_CHECK_CONFIG_H */ diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 66117dd312..5bda91a281 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -11,6 +11,7 @@ #define MBEDTLS_SSL_MISC_H #include "common.h" +#include "mbedtls/build_info.h" #include "mbedtls/error.h" diff --git a/library/x509_internal.h b/library/x509_internal.h index ec1ac50db6..36cbc6518c 100644 --- a/library/x509_internal.h +++ b/library/x509_internal.h @@ -11,6 +11,7 @@ #define MBEDTLS_X509_INTERNAL_H #include "common.h" +#include "mbedtls/build_info.h" #include "mbedtls/private_access.h" #include "mbedtls/x509.h" diff --git a/tests/Makefile b/tests/Makefile index 7063d81cbb..9254da00f2 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -315,9 +315,10 @@ define libtestdriver1_rewrite := s!^(\s*#\s*include\s*[\"<])mbedtls/check_config.h!$${1}libtestdriver1/include/mbedtls/check_config.h!; \ s!^(\s*#\s*include\s*[\"<])mbedtls/!$${1}libtestdriver1/tf-psa-crypto/drivers/builtin/include/mbedtls/!; \ s!^(\s*#\s*include\s*[\"<])psa/!$${1}libtestdriver1/tf-psa-crypto/include/psa/!; \ + s!^(\s*#\s*include\s*[\"<])tf-psa-crypto/!$${1}libtestdriver1/tf-psa-crypto/include/tf-psa-crypto/!; \ next if /^\s*#\s*include/; \ - s/\b(?=MBEDTLS_|PSA_)/LIBTESTDRIVER1_/g; \ - s/\b(?=mbedtls_|psa_)/libtestdriver1_/g; + s/\b(?=MBEDTLS_|PSA_|TF_PSA_CRYPTO_)/LIBTESTDRIVER1_/g; \ + s/\b(?=mbedtls_|psa_|tf_psa_crypto_)/libtestdriver1_/g; endef libtestdriver1.a: diff --git a/tests/scripts/check_names.py b/tests/scripts/check_names.py index 7c232aba4b..8f344448e6 100755 --- a/tests/scripts/check_names.py +++ b/tests/scripts/check_names.py @@ -239,6 +239,7 @@ class CodeParser(): "include/mbedtls/*.h", "include/psa/*.h", "tf-psa-crypto/include/psa/*.h", + "tf-psa-crypto/include/tf-psa-crypto/*.h", "tf-psa-crypto/drivers/builtin/include/mbedtls/*.h", "tf-psa-crypto/drivers/everest/include/everest/everest.h", "tf-psa-crypto/drivers/everest/include/everest/x25519.h" @@ -258,6 +259,7 @@ class CodeParser(): "include/mbedtls/*.h", "include/psa/*.h", "tf-psa-crypto/include/psa/*.h", + "tf-psa-crypto/include/tf-psa-crypto/*.h", "tf-psa-crypto/drivers/builtin/include/mbedtls/*.h", "library/*.h", "tf-psa-crypto/core/*.h", @@ -272,6 +274,7 @@ class CodeParser(): "include/mbedtls/*.h", "include/psa/*.h", "tf-psa-crypto/include/psa/*.h", + "tf-psa-crypto/include/tf-psa-crypto/*.h", "tf-psa-crypto/drivers/builtin/include/mbedtls/*.h", "library/*.h", "tf-psa-crypto/core/*.h", @@ -283,6 +286,7 @@ class CodeParser(): "include/mbedtls/*.h", "include/psa/*.h", "tf-psa-crypto/include/psa/*.h", + "tf-psa-crypto/include/tf-psa-crypto/*.h", "tf-psa-crypto/drivers/builtin/include/mbedtls/*.h", "library/*.h", "tf-psa-crypto/core/*.h", diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt index bbc191ffa3..43b9e1e6ac 100644 --- a/tf-psa-crypto/CMakeLists.txt +++ b/tf-psa-crypto/CMakeLists.txt @@ -150,11 +150,17 @@ else() set(TF_PSA_CRYPTO_PYTHON_EXECUTABLE ${PYTHON_EXECUTABLE}) endif() endif() -if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE) +if(TF_PSA_CRYPTO_PYTHON_EXECUTABLE) # If 128-bit keys are configured for CTR_DRBG, display an appropriate warning - execute_process(COMMAND ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${MBEDTLS_DIR}/scripts/config.py -f ${MBEDTLS_DIR}/include/mbedtls/mbedtls_config.h get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY - RESULT_VARIABLE result) + execute_process( + COMMAND + ${TF_PSA_CRYPTO_PYTHON_EXECUTABLE} ${TF_PSA_CRYPTO_DIR}/scripts/config.py + -f ${TF_PSA_CRYPTO_DIR}/include/psa/crypto_config.h + get MBEDTLS_CTR_DRBG_USE_128_BIT_KEY + RESULT_VARIABLE + result + ) if(${result} EQUAL 0) message(WARNING ${CTR_DRBG_128_BIT_KEY_WARNING}) endif() @@ -422,10 +428,15 @@ if(ENABLE_TESTING OR ENABLE_PROGRAMS) DEPENDS ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include/test/test_keys.h) add_dependencies(tf_psa_crypto_test tf_psa_crypto_test_keys_header) endif() + + file(WRITE + ${CMAKE_CURRENT_BINARY_DIR}/tests/seedfile + "This is a seedfile that contains 64 bytes ......................" + ) + target_include_directories(tf_psa_crypto_test PRIVATE ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include PRIVATE tests/include - PRIVATE ${MBEDTLS_DIR}/include PRIVATE include PRIVATE drivers/builtin/include PRIVATE drivers/everest/include diff --git a/tf-psa-crypto/core/CMakeLists.txt b/tf-psa-crypto/core/CMakeLists.txt index ccf11480a0..2e8009358f 100644 --- a/tf-psa-crypto/core/CMakeLists.txt +++ b/tf-psa-crypto/core/CMakeLists.txt @@ -132,8 +132,7 @@ foreach(target IN LISTS target_libraries) # ${MBEDTLS_DIR}/include/ as we still need it. Include private header files # from core/ and drivers/builtin/src/. target_include_directories(${target} - PUBLIC $ - $ + PUBLIC $ $ $ PRIVATE ${TF_PSA_CRYPTO_DIR}/core diff --git a/tf-psa-crypto/core/common.h b/tf-psa-crypto/core/common.h index 7bb2674293..ff57b47de4 100644 --- a/tf-psa-crypto/core/common.h +++ b/tf-psa-crypto/core/common.h @@ -11,7 +11,7 @@ #ifndef MBEDTLS_LIBRARY_COMMON_H #define MBEDTLS_LIBRARY_COMMON_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "alignment.h" #include diff --git a/tf-psa-crypto/core/psa_crypto_core.h b/tf-psa-crypto/core/psa_crypto_core.h index 1c670cd796..e4c7943e33 100644 --- a/tf-psa-crypto/core/psa_crypto_core.h +++ b/tf-psa-crypto/core/psa_crypto_core.h @@ -9,14 +9,7 @@ #ifndef PSA_CRYPTO_CORE_H #define PSA_CRYPTO_CORE_H -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" diff --git a/tf-psa-crypto/core/psa_crypto_invasive.h b/tf-psa-crypto/core/psa_crypto_invasive.h index 51c90c64a4..32c7b15618 100644 --- a/tf-psa-crypto/core/psa_crypto_invasive.h +++ b/tf-psa-crypto/core/psa_crypto_invasive.h @@ -16,14 +16,7 @@ #ifndef PSA_CRYPTO_INVASIVE_H #define PSA_CRYPTO_INVASIVE_H -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "psa/crypto.h" #include "common.h" diff --git a/tf-psa-crypto/core/psa_crypto_se.h b/tf-psa-crypto/core/psa_crypto_se.h index e0bd5acfb3..8407781302 100644 --- a/tf-psa-crypto/core/psa_crypto_se.h +++ b/tf-psa-crypto/core/psa_crypto_se.h @@ -9,14 +9,7 @@ #ifndef PSA_CRYPTO_SE_H #define PSA_CRYPTO_SE_H -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "psa/crypto.h" #include "psa/crypto_se_driver.h" diff --git a/tf-psa-crypto/drivers/builtin/CMakeLists.txt b/tf-psa-crypto/drivers/builtin/CMakeLists.txt index 983e050199..805ded1ffd 100644 --- a/tf-psa-crypto/drivers/builtin/CMakeLists.txt +++ b/tf-psa-crypto/drivers/builtin/CMakeLists.txt @@ -84,7 +84,6 @@ foreach (target IN LISTS target_libraries) target_include_directories(${target} PUBLIC $ $ - $ $ PRIVATE ${TF_PSA_CRYPTO_DIR}/core) set_config_files_compile_definitions(${target}) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h index aa4d99c22a..a4273757cb 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aes.h @@ -29,7 +29,7 @@ #define MBEDTLS_AES_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/aria.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/aria.h index fa175f07c1..8581b3d7ef 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/aria.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/aria.h @@ -18,7 +18,7 @@ #define MBEDTLS_ARIA_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h index e2d7311a79..80e0a17fac 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1.h @@ -11,7 +11,7 @@ #define MBEDTLS_ASN1_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h index 7081996223..c89e0da600 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/asn1write.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/asn1.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/base64.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/base64.h index 8f459b74c5..591a80f8d6 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/base64.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/base64.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_BASE64_H #define MBEDTLS_BASE64_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h index 40b7277d1b..b54b2391d2 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/bignum.h @@ -11,7 +11,7 @@ #define MBEDTLS_BIGNUM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/block_cipher.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/block_cipher.h index 3f60f6f7dd..87849a0ffb 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/block_cipher.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/block_cipher.h @@ -12,7 +12,7 @@ #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #if defined(MBEDTLS_AES_C) #include "mbedtls/aes.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h new file mode 100644 index 0000000000..fc3a9d1c18 --- /dev/null +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/build_info.h @@ -0,0 +1,16 @@ +/* + * Alias to tf-psa-crypto/build_info.h for the purpose + * of framework C headers and modules in the context + * of TF-PSA-Crypto. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef MBEDTLS_BUILD_INFO_H +#define MBEDTLS_BUILD_INFO_H + +#include "tf-psa-crypto/build_info.h" + +#endif /* MBEDTLS_BUILD_INFO_H */ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/camellia.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/camellia.h index 39266bf26c..535da61846 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/camellia.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/camellia.h @@ -11,7 +11,7 @@ #define MBEDTLS_CAMELLIA_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ccm.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ccm.h index 67d173d7fc..c6ef1f0d34 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ccm.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ccm.h @@ -36,7 +36,7 @@ #define MBEDTLS_CCM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h index ab7195e1c2..24f53cb6a5 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/chacha20.h @@ -21,7 +21,7 @@ #define MBEDTLS_CHACHA20_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/chachapoly.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/chachapoly.h index 6c236fe5e6..947a13d065 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/chachapoly.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/chachapoly.h @@ -21,7 +21,7 @@ #define MBEDTLS_CHACHAPOLY_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" /* for shared error codes */ #include "mbedtls/poly1305.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h index 75e95d3c4f..80095be15d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/cipher.h @@ -16,7 +16,7 @@ #define MBEDTLS_CIPHER_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include "mbedtls/platform_util.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/cmac.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/cmac.h index fd3d8a2bc7..ec217b7b56 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/cmac.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/cmac.h @@ -16,7 +16,7 @@ #define MBEDTLS_CMAC_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_crypto.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_crypto.h index c9e3d18296..b2d9312e5e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_crypto.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_crypto.h @@ -24,7 +24,7 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_from_psa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_from_psa.h index c968d585a2..2afcd2bb05 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_from_psa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_legacy_from_psa.h @@ -17,7 +17,7 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_FROM_PSA_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_psa_superset_legacy.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_psa_superset_legacy.h index ef65cce0d9..9f3c425540 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_psa_superset_legacy.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_psa_superset_legacy.h @@ -19,7 +19,7 @@ #ifndef MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H #define MBEDTLS_CONFIG_ADJUST_PSA_SUPERSET_LEGACY_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_test_accelerators.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_test_accelerators.h index cce4e892b1..13e25095bf 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_test_accelerators.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/config_adjust_test_accelerators.h @@ -37,7 +37,7 @@ #ifndef MBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS_H #define MBEDTLS_CONFIG_ADJUST_TEST_ACCELERATORS_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include mbedtls/config_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ctr_drbg.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ctr_drbg.h index 0b7cce1923..98f39c1542 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ctr_drbg.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ctr_drbg.h @@ -30,7 +30,7 @@ #define MBEDTLS_CTR_DRBG_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" /* The CTR_DRBG implementation can either directly call the low-level AES * module (gated by MBEDTLS_AES_C) or call the PSA API to perform AES diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h index dbe12edc9e..e40799f377 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/des.h @@ -16,7 +16,7 @@ #define MBEDTLS_DES_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h index 01434052ea..11b0931536 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/dhm.h @@ -52,7 +52,7 @@ #define MBEDTLS_DHM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/bignum.h" /* diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h index 3d3e479fea..5528bb0b79 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdh.h @@ -21,7 +21,7 @@ #define MBEDTLS_ECDH_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/ecp.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h index fcb46e2a43..b900caa71e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecdsa.h @@ -19,7 +19,7 @@ #define MBEDTLS_ECDSA_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/ecp.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h index a75a8ec8f8..007041ecdb 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecjpake.h @@ -27,7 +27,7 @@ * The payloads are serialized in a way suitable for use in TLS, but could * also be use outside TLS. */ -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/ecp.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h index 87d63ed13f..d0c99631b7 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ecp.h @@ -23,7 +23,7 @@ #define MBEDTLS_ECP_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" #include "mbedtls/bignum.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/entropy.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/entropy.h index 964a996a55..cf5ec435b0 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/entropy.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/entropy.h @@ -11,7 +11,7 @@ #define MBEDTLS_ENTROPY_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h index 58f1cde331..724da7aff0 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/error_common.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_ERROR_COMMON_H #define MBEDTLS_ERROR_COMMON_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h index e620be7ba0..ce8a31cf54 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/gcm.h @@ -20,7 +20,7 @@ #define MBEDTLS_GCM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/hmac_drbg.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/hmac_drbg.h index 18b1b75a69..e00185e81b 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/hmac_drbg.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/hmac_drbg.h @@ -15,7 +15,7 @@ #define MBEDTLS_HMAC_DRBG_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/lms.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/lms.h index 95fce21337..2ead973c97 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/lms.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/lms.h @@ -19,7 +19,7 @@ #include #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #define MBEDTLS_ERR_LMS_BAD_INPUT_DATA -0x0011 /**< Bad data has been input to an LMS function */ #define MBEDTLS_ERR_LMS_OUT_OF_PRIVATE_KEYS -0x0013 /**< Specified LMS key has utilised all of its private keys */ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/md.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/md.h index 2c5af0b467..6a85fe465a 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/md.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/md.h @@ -17,7 +17,7 @@ #include -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" /** The selected feature is not available. */ diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h index ee39bc8251..2df058804c 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/md5.h @@ -15,7 +15,7 @@ #define MBEDTLS_MD5_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/memory_buffer_alloc.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/memory_buffer_alloc.h index b527d9b665..fa5ebe2731 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/memory_buffer_alloc.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/memory_buffer_alloc.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/nist_kw.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/nist_kw.h index a99d925076..2a8ddc035e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/nist_kw.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/nist_kw.h @@ -24,7 +24,7 @@ #define MBEDTLS_NIST_KW_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/oid.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/oid.h index e0ad35e313..d4bbd09ff3 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/oid.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/oid.h @@ -11,7 +11,7 @@ #define MBEDTLS_OID_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/asn1.h" #include "mbedtls/pk.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/pem.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/pem.h index 3c6a28d98d..38974c185b 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/pem.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/pem.h @@ -11,7 +11,7 @@ #define MBEDTLS_PEM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h index 3c0f6e17ce..4866ec565e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/pk.h @@ -12,7 +12,7 @@ #define MBEDTLS_PK_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs12.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs12.h index 87f7681f29..bd684305f9 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs12.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs12.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_PKCS12_H #define MBEDTLS_PKCS12_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/md.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs5.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs5.h index 9ba5689d4a..c3f169642e 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs5.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/pkcs5.h @@ -12,7 +12,7 @@ #ifndef MBEDTLS_PKCS5_H #define MBEDTLS_PKCS5_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/platform_util.h" #include "mbedtls/asn1.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform.h index de3d71d9dc..f21a17ec58 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform.h @@ -27,7 +27,7 @@ #define MBEDTLS_PLATFORM_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #if defined(MBEDTLS_HAVE_TIME) #include "mbedtls/platform_time.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_time.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_time.h index 97f1963aba..bd976ff80b 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_time.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_time.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_PLATFORM_TIME_H #define MBEDTLS_PLATFORM_TIME_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #ifdef __cplusplus extern "C" { diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_util.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_util.h index 1b371ef3f4..1805914032 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_util.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/platform_util.h @@ -11,7 +11,7 @@ #ifndef MBEDTLS_PLATFORM_UTIL_H #define MBEDTLS_PLATFORM_UTIL_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #if defined(MBEDTLS_HAVE_TIME_DATE) diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/poly1305.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/poly1305.h index b70bfb8db0..3ee3514a16 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/poly1305.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/poly1305.h @@ -21,7 +21,7 @@ #define MBEDTLS_POLY1305_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h index bf2748a6d1..7fa0a83666 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/psa_util.h @@ -12,7 +12,7 @@ #define MBEDTLS_PSA_UTIL_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "psa/crypto.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h index 42f29730d3..4b701877d0 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/ripemd160.h @@ -11,7 +11,7 @@ #define MBEDTLS_RIPEMD160_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h index cc839f2198..cd60af843d 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/rsa.h @@ -17,7 +17,7 @@ #define MBEDTLS_RSA_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/bignum.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h index dd47d34bce..506941190c 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha1.h @@ -18,7 +18,7 @@ #define MBEDTLS_SHA1_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h index 05040ded86..fc2e31ed57 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha256.h @@ -14,7 +14,7 @@ #define MBEDTLS_SHA256_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha3.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha3.h index 3eeee65e66..7d2df34d8c 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha3.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha3.h @@ -16,7 +16,7 @@ #define MBEDTLS_SHA3_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h index 9d0191870d..c0f1cbb9de 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/sha512.h @@ -13,7 +13,7 @@ #define MBEDTLS_SHA512_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include #include diff --git a/tf-psa-crypto/drivers/builtin/include/mbedtls/threading.h b/tf-psa-crypto/drivers/builtin/include/mbedtls/threading.h index b4df0e38be..f94d579ab5 100644 --- a/tf-psa-crypto/drivers/builtin/include/mbedtls/threading.h +++ b/tf-psa-crypto/drivers/builtin/include/mbedtls/threading.h @@ -11,7 +11,7 @@ #define MBEDTLS_THREADING_H #include "mbedtls/private_access.h" -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/aesce.h b/tf-psa-crypto/drivers/builtin/src/aesce.h index a14d085efa..130f765749 100644 --- a/tf-psa-crypto/drivers/builtin/src/aesce.h +++ b/tf-psa-crypto/drivers/builtin/src/aesce.h @@ -14,7 +14,6 @@ #ifndef MBEDTLS_AESCE_H #define MBEDTLS_AESCE_H -#include "mbedtls/build_info.h" #include "common.h" #include "mbedtls/aes.h" diff --git a/tf-psa-crypto/drivers/builtin/src/aesni.h b/tf-psa-crypto/drivers/builtin/src/aesni.h index 59e27afd3e..5543d6910d 100644 --- a/tf-psa-crypto/drivers/builtin/src/aesni.h +++ b/tf-psa-crypto/drivers/builtin/src/aesni.h @@ -13,7 +13,7 @@ #ifndef MBEDTLS_AESNI_H #define MBEDTLS_AESNI_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/aes.h" diff --git a/tf-psa-crypto/drivers/builtin/src/block_cipher_internal.h b/tf-psa-crypto/drivers/builtin/src/block_cipher_internal.h index c57338b751..bd1f390732 100644 --- a/tf-psa-crypto/drivers/builtin/src/block_cipher_internal.h +++ b/tf-psa-crypto/drivers/builtin/src/block_cipher_internal.h @@ -11,7 +11,7 @@ #ifndef MBEDTLS_BLOCK_CIPHER_INTERNAL_H #define MBEDTLS_BLOCK_CIPHER_INTERNAL_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/src/bn_mul.h b/tf-psa-crypto/drivers/builtin/src/bn_mul.h index 0738469db4..77928240c2 100644 --- a/tf-psa-crypto/drivers/builtin/src/bn_mul.h +++ b/tf-psa-crypto/drivers/builtin/src/bn_mul.h @@ -24,7 +24,7 @@ #ifndef MBEDTLS_BN_MUL_H #define MBEDTLS_BN_MUL_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/bignum.h" diff --git a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.h b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.h index f22915120d..4d159ab846 100644 --- a/tf-psa-crypto/drivers/builtin/src/cipher_wrap.h +++ b/tf-psa-crypto/drivers/builtin/src/cipher_wrap.h @@ -12,7 +12,7 @@ #ifndef MBEDTLS_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/cipher.h" diff --git a/tf-psa-crypto/drivers/builtin/src/entropy_poll.h b/tf-psa-crypto/drivers/builtin/src/entropy_poll.h index 6b4aec03e1..dd1ee2c0b3 100644 --- a/tf-psa-crypto/drivers/builtin/src/entropy_poll.h +++ b/tf-psa-crypto/drivers/builtin/src/entropy_poll.h @@ -10,7 +10,7 @@ #ifndef MBEDTLS_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include diff --git a/tf-psa-crypto/drivers/builtin/src/lmots.h b/tf-psa-crypto/drivers/builtin/src/lmots.h index cf92d326c9..fc8763d11e 100644 --- a/tf-psa-crypto/drivers/builtin/src/lmots.h +++ b/tf-psa-crypto/drivers/builtin/src/lmots.h @@ -14,7 +14,7 @@ #ifndef MBEDTLS_LMOTS_H #define MBEDTLS_LMOTS_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "psa/crypto.h" diff --git a/tf-psa-crypto/drivers/builtin/src/md_wrap.h b/tf-psa-crypto/drivers/builtin/src/md_wrap.h index dad123540a..5d71c4978f 100644 --- a/tf-psa-crypto/drivers/builtin/src/md_wrap.h +++ b/tf-psa-crypto/drivers/builtin/src/md_wrap.h @@ -14,7 +14,7 @@ #ifndef MBEDTLS_MD_WRAP_H #define MBEDTLS_MD_WRAP_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/md.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pk_wrap.h b/tf-psa-crypto/drivers/builtin/src/pk_wrap.h index 976ef7f472..870ff3acf7 100644 --- a/tf-psa-crypto/drivers/builtin/src/pk_wrap.h +++ b/tf-psa-crypto/drivers/builtin/src/pk_wrap.h @@ -11,7 +11,7 @@ #ifndef MBEDTLS_PK_WRAP_H #define MBEDTLS_PK_WRAP_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/pk.h" diff --git a/tf-psa-crypto/drivers/builtin/src/pkwrite.h b/tf-psa-crypto/drivers/builtin/src/pkwrite.h index f7fb18aa4f..4611643a58 100644 --- a/tf-psa-crypto/drivers/builtin/src/pkwrite.h +++ b/tf-psa-crypto/drivers/builtin/src/pkwrite.h @@ -11,7 +11,7 @@ #ifndef MBEDTLS_PK_WRITE_H #define MBEDTLS_PK_WRITE_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/pk.h" diff --git a/tf-psa-crypto/drivers/builtin/src/rsa_alt_helpers.h b/tf-psa-crypto/drivers/builtin/src/rsa_alt_helpers.h index f234036e61..ee60edff1c 100644 --- a/tf-psa-crypto/drivers/builtin/src/rsa_alt_helpers.h +++ b/tf-psa-crypto/drivers/builtin/src/rsa_alt_helpers.h @@ -47,7 +47,7 @@ #ifndef MBEDTLS_RSA_ALT_HELPERS_H #define MBEDTLS_RSA_ALT_HELPERS_H -#include "mbedtls/build_info.h" +#include "tf-psa-crypto/build_info.h" #include "mbedtls/bignum.h" diff --git a/tf-psa-crypto/drivers/everest/CMakeLists.txt b/tf-psa-crypto/drivers/everest/CMakeLists.txt index 8c7b7c155f..8dedcd4191 100644 --- a/tf-psa-crypto/drivers/everest/CMakeLists.txt +++ b/tf-psa-crypto/drivers/everest/CMakeLists.txt @@ -8,13 +8,11 @@ add_library(${everest_target} set_base_compile_options(${everest_target}) target_include_directories(${everest_target} PUBLIC $ - $ $ $ $ PRIVATE include/everest include/everest/kremlib - ${MBEDTLS_DIR}/library ${TF_PSA_CRYPTO_DIR}/core) set_config_files_compile_definitions(${everest_target}) diff --git a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt index 3e62627e8c..b84cbec14e 100644 --- a/tf-psa-crypto/drivers/p256-m/CMakeLists.txt +++ b/tf-psa-crypto/drivers/p256-m/CMakeLists.txt @@ -9,13 +9,11 @@ set_base_compile_options(${p256m_target}) target_include_directories(${p256m_target} PUBLIC $ $ - $ $ $ $ $ - PRIVATE ${MBEDTLS_DIR}/library/ - ${TF_PSA_CRYPTO_DIR}/core) + PRIVATE ${TF_PSA_CRYPTO_DIR}/core) set_config_files_compile_definitions(${p256m_target}) if(INSTALL_TF_PSA_CRYPTO_HEADERS) diff --git a/tf-psa-crypto/include/CMakeLists.txt b/tf-psa-crypto/include/CMakeLists.txt index bca86ff4ee..bfdfb74165 100644 --- a/tf-psa-crypto/include/CMakeLists.txt +++ b/tf-psa-crypto/include/CMakeLists.txt @@ -2,12 +2,17 @@ option(INSTALL_TF_PSA_CRYPTO_HEADERS "Install TF PSA Crypto headers." ON) if(INSTALL_TF_PSA_CRYPTO_HEADERS) file(GLOB psa_headers "psa/*.h") + file(GLOB tf-psa-crypto_headers "tf-psa-crypto/*.h") file(GLOB mbedtls_crypto_headers "../drivers/builtin/include/mbedtls/*.h") install(FILES ${psa_headers} DESTINATION include/psa PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + install(FILES ${tf-psa-crypto_headers} + DESTINATION include/tf-psa-crypto + PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) + install(FILES ${mbedtls_crypto_headers} DESTINATION include/mbedtls PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) diff --git a/tf-psa-crypto/include/psa/build_info.h b/tf-psa-crypto/include/psa/build_info.h deleted file mode 100644 index 3ee6cd7b1b..0000000000 --- a/tf-psa-crypto/include/psa/build_info.h +++ /dev/null @@ -1,20 +0,0 @@ -/** - * \file psa/build_info.h - * - * \brief Build-time PSA configuration info - * - * Include this file if you need to depend on the - * configuration options defined in mbedtls_config.h or MBEDTLS_CONFIG_FILE - * in PSA cryptography core specific files. - */ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - */ - -#ifndef PSA_CRYPTO_BUILD_INFO_H -#define PSA_CRYPTO_BUILD_INFO_H - -#include "mbedtls/build_info.h" - -#endif /* PSA_CRYPTO_BUILD_INFO_H */ diff --git a/tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h b/tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h index 3a2af15180..590343ba4f 100644 --- a/tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h +++ b/tf-psa-crypto/include/psa/crypto_adjust_auto_enabled.h @@ -15,7 +15,7 @@ #ifndef PSA_CRYPTO_ADJUST_AUTO_ENABLED_H #define PSA_CRYPTO_ADJUST_AUTO_ENABLED_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h b/tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h index 92e9c4de28..0871c3a05f 100644 --- a/tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h +++ b/tf-psa-crypto/include/psa/crypto_adjust_config_dependencies.h @@ -18,7 +18,7 @@ #ifndef PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H #define PSA_CRYPTO_ADJUST_CONFIG_DEPENDENCIES_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h index 4c9fb5a6b7..1bb68c67c5 100644 --- a/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h +++ b/tf-psa-crypto/include/psa/crypto_adjust_config_derived.h @@ -12,7 +12,7 @@ #ifndef PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H #define PSA_CRYPTO_ADJUST_CONFIG_DERIVED_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h b/tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h index cec39e01ce..c33d7771eb 100644 --- a/tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h +++ b/tf-psa-crypto/include/psa/crypto_adjust_config_key_pair_types.h @@ -21,7 +21,7 @@ #ifndef PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H #define PSA_CRYPTO_ADJUST_KEYPAIR_TYPES_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h b/tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h index 54b116f434..c5a652e743 100644 --- a/tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h +++ b/tf-psa-crypto/include/psa/crypto_adjust_config_synonyms.h @@ -16,7 +16,7 @@ #ifndef PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H #define PSA_CRYPTO_ADJUST_CONFIG_SYNONYMS_H -#if !defined(MBEDTLS_CONFIG_FILES_READ) +#if !defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) #error "Do not include psa/crypto_adjust_*.h manually! This can lead to problems, " \ "up to and including runtime errors such as buffer overflows. " \ "If you're trying to fix a complaint from check_config.h, just remove " \ diff --git a/tf-psa-crypto/include/psa/crypto_platform.h b/tf-psa-crypto/include/psa/crypto_platform.h index a871ee1246..10f109e4c1 100644 --- a/tf-psa-crypto/include/psa/crypto_platform.h +++ b/tf-psa-crypto/include/psa/crypto_platform.h @@ -21,15 +21,7 @@ #ifndef PSA_CRYPTO_PLATFORM_H #define PSA_CRYPTO_PLATFORM_H #include "mbedtls/private_access.h" - -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" /* PSA requires several types which C99 provides in stdint.h. */ #include diff --git a/tf-psa-crypto/include/psa/crypto_sizes.h b/tf-psa-crypto/include/psa/crypto_sizes.h index 87b8c39fa6..0b21fe799d 100644 --- a/tf-psa-crypto/include/psa/crypto_sizes.h +++ b/tf-psa-crypto/include/psa/crypto_sizes.h @@ -28,14 +28,7 @@ #ifndef PSA_CRYPTO_SIZES_H #define PSA_CRYPTO_SIZES_H -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" #define PSA_BITS_TO_BYTES(bits) (((bits) + 7u) / 8u) #define PSA_BYTES_TO_BITS(bytes) ((bytes) * 8u) diff --git a/tf-psa-crypto/include/psa/crypto_struct.h b/tf-psa-crypto/include/psa/crypto_struct.h index ffaf6c2b66..38b067a2d0 100644 --- a/tf-psa-crypto/include/psa/crypto_struct.h +++ b/tf-psa-crypto/include/psa/crypto_struct.h @@ -54,14 +54,7 @@ extern "C" { #endif -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" /* Include the context definition for the compiled-in drivers for the primitive * algorithms. */ diff --git a/tf-psa-crypto/include/psa/crypto_types.h b/tf-psa-crypto/include/psa/crypto_types.h index bb857abb09..cd74e14139 100644 --- a/tf-psa-crypto/include/psa/crypto_types.h +++ b/tf-psa-crypto/include/psa/crypto_types.h @@ -21,14 +21,7 @@ #ifndef PSA_CRYPTO_TYPES_H #define PSA_CRYPTO_TYPES_H -/* - * Include the build-time configuration information header. Here, we do not - * include `"mbedtls/build_info.h"` directly but `"psa/build_info.h"`, which - * is basically just an alias to it. This is to ease the maintenance of the - * TF-PSA-Crypto repository which has a different build system and - * configuration. - */ -#include "psa/build_info.h" +#include "tf-psa-crypto/build_info.h" /* Define the MBEDTLS_PRIVATE macro. */ #include "mbedtls/private_access.h" diff --git a/tf-psa-crypto/include/tf-psa-crypto/build_info.h b/tf-psa-crypto/include/tf-psa-crypto/build_info.h new file mode 100644 index 0000000000..eb9f9b283e --- /dev/null +++ b/tf-psa-crypto/include/tf-psa-crypto/build_info.h @@ -0,0 +1,141 @@ +/** + * \file tf-psa-crypto/build_info.h + * + * \brief Build-time configuration info + * + * Include this file if you need to depend on the + * configuration options defined in crypto_config.h or TF_PSA_CRYPTO_CONFIG_FILE. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TF_PSA_CRYPTO_BUILD_INFO_H +#define TF_PSA_CRYPTO_BUILD_INFO_H + +/* Macros for build-time platform detection */ + +#if !defined(MBEDTLS_ARCH_IS_ARM64) && \ + (defined(__aarch64__) || defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_ARCH_IS_ARM64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_ARM32) && \ + (defined(__arm__) || defined(_M_ARM) || \ + defined(_M_ARMT) || defined(__thumb__) || defined(__thumb2__)) +#define MBEDTLS_ARCH_IS_ARM32 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X64) && \ + (defined(__amd64__) || defined(__x86_64__) || \ + ((defined(_M_X64) || defined(_M_AMD64)) && !defined(_M_ARM64EC))) +#define MBEDTLS_ARCH_IS_X64 +#endif + +#if !defined(MBEDTLS_ARCH_IS_X86) && \ + (defined(__i386__) || defined(_X86_) || \ + (defined(_M_IX86) && !defined(_M_I86))) +#define MBEDTLS_ARCH_IS_X86 +#endif + +#if !defined(MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64) && \ + (defined(_M_ARM64) || defined(_M_ARM64EC)) +#define MBEDTLS_PLATFORM_IS_WINDOWS_ON_ARM64 +#endif + +/* This is defined if the architecture is Armv8-A, or higher */ +#if !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#if defined(__ARM_ARCH) && defined(__ARM_ARCH_PROFILE) +#if (__ARM_ARCH >= 8) && (__ARM_ARCH_PROFILE == 'A') +/* GCC, clang, armclang and IAR */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#endif +#elif defined(__ARM_ARCH_8A) +/* Alternative defined by clang */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#elif defined(_M_ARM64) || defined(_M_ARM64EC) +/* MSVC ARM64 is at least Armv8.0-A */ +#define MBEDTLS_ARCH_IS_ARMV8_A +#endif +#endif + +#if defined(__GNUC__) && !defined(__ARMCC_VERSION) && !defined(__clang__) \ + && !defined(__llvm__) && !defined(__INTEL_COMPILER) +/* Defined if the compiler really is gcc and not clang, etc */ +#define MBEDTLS_COMPILER_IS_GCC +#define MBEDTLS_GCC_VERSION \ + (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__) +#endif + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/* Define `inline` on some non-C99-compliant compilers. */ +#if (defined(__ARMCC_VERSION) || defined(_MSC_VER)) && \ + !defined(inline) && !defined(__cplusplus) +#define inline __inline +#endif + +#if defined(TF_PSA_CRYPTO_CONFIG_FILES_READ) +#error \ + "Something went wrong: TF_PSA_CRYPTO_CONFIG_FILES_READ defined before reading the config files!" +#endif +#if defined(TF_PSA_CRYPTO_CONFIG_IS_FINALIZED) +#error \ + "Something went wrong: TF_PSA_CRYPTO_CONFIG_IS_FINALIZED defined before reading the config files!" +#endif + +/* PSA crypto configuration */ +#if defined(TF_PSA_CRYPTO_CONFIG_FILE) +#include TF_PSA_CRYPTO_CONFIG_FILE +#else +#include "psa/crypto_config.h" +#endif +#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE) +#include TF_PSA_CRYPTO_USER_CONFIG_FILE +#endif + +/* Indicate that all configuration files have been read. + * It is now time to adjust the configuration (follow through on dependencies, + * make PSA and legacy crypto consistent, etc.). + */ +#define TF_PSA_CRYPTO_CONFIG_FILES_READ + +/* Auto-enable MBEDTLS_CTR_DRBG_USE_128_BIT_KEY if + * MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH and MBEDTLS_CTR_DRBG_C defined + * to ensure a 128-bit key size in CTR_DRBG. + */ +#if defined(MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH) && defined(MBEDTLS_CTR_DRBG_C) +#define MBEDTLS_CTR_DRBG_USE_128_BIT_KEY +#endif + +/* Auto-enable MBEDTLS_MD_C if needed by a module that didn't require it + * in a previous release, to ensure backwards compatibility. + */ +#if defined(MBEDTLS_PKCS5_C) +#define MBEDTLS_MD_C +#endif + +/* PSA crypto specific configuration options + * - If config_psa.h reads a configuration option in preprocessor directive, + * this symbol should be set before its inclusion. (e.g. MBEDTLS_MD_C) + * - If config_psa.h writes a configuration option in conditional directive, + * this symbol should be consulted after its inclusion. + * (e.g. MBEDTLS_MD_LIGHT) + */ +#include "mbedtls/config_psa.h" + +#include "mbedtls/config_adjust_legacy_crypto.h" + +/* Indicate that all configuration symbols are set, + * even the ones that are calculated programmatically. + * It is now safe to query the configuration (to check it, to size buffers, + * etc.). + */ +#define TF_PSA_CRYPTO_CONFIG_IS_FINALIZED + +#include "tf-psa-crypto/check_config.h" + +#endif /* TF_PSA_CRYPTO_BUILD_INFO_H */ diff --git a/tf-psa-crypto/include/tf-psa-crypto/check_config.h b/tf-psa-crypto/include/tf-psa-crypto/check_config.h new file mode 100644 index 0000000000..440179b166 --- /dev/null +++ b/tf-psa-crypto/include/tf-psa-crypto/check_config.h @@ -0,0 +1,698 @@ +/** + * \file tf-psa-crypto/check_config.h + * + * \brief Consistency checks for configuration options + * + * This is an internal header. Do not include it directly. + * + * This header is included automatically by all public TF-PSA-Crypto headers + * (via tf-psa-crypto/build_info.h). Do not include it directly in a + * configuration file such as psa/crypto_config.h or #TF_PSA_CRYPTO_USER_CONFIG_FILE! + * It would run at the wrong time due to missing derived symbols. + */ +/* + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#ifndef TF_PSA_CRYPTO_CHECK_CONFIG_H +#define TF_PSA_CRYPTO_CHECK_CONFIG_H + +/* *INDENT-OFF* */ + +#if !defined(TF_PSA_CRYPTO_CONFIG_IS_FINALIZED) +#warning "Do not include mbedtls/check_config.h manually! " \ + "This may cause spurious errors. " \ + "It is included automatically at the right point since Mbed TLS 3.0." +#endif /* !TF_PSA_CRYPTO_CONFIG_IS_FINALIZED */ + +/* + * We assume CHAR_BIT is 8 in many places. In practice, this is true on our + * target platforms, so not an issue, but let's just be extra sure. + */ +#include +#if CHAR_BIT != 8 +#error "Mbed TLS requires a platform with 8-bit chars" +#endif + +#include + +#if defined(__MINGW32__) || (defined(_MSC_VER) && _MSC_VER <= 1900) +#if !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_C is required on Windows" +#endif +/* See auto-enabling SNPRINTF_ALT and VSNPRINTF_ALT + * in * config_adjust_legacy_crypto.h */ +#endif /* _MINGW32__ || (_MSC_VER && (_MSC_VER <= 1900)) */ + +#if defined(MBEDTLS_DEPRECATED_WARNING) && \ + !defined(__GNUC__) && !defined(__clang__) +#error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang" +#endif + +/* Limitations on ECC key types acceleration: if we have any of `PUBLIC_KEY`, + * `KEY_PAIR_BASIC`, `KEY_PAIR_IMPORT`, `KEY_PAIR_EXPORT` then we must have + * all 4 of them. + */ +#if defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#if !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_PUBLIC_KEY) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_BASIC) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_IMPORT) || \ + !defined(MBEDTLS_PSA_ACCEL_KEY_TYPE_ECC_KEY_PAIR_EXPORT) +#error "Unsupported partial support for ECC key type acceleration, see docs/driver-only-builds.md" +#endif /* not all of public, basic, import, export */ +#endif /* one of public, basic, import, export */ + +/* Limitations on ECC curves acceleration: partial curve acceleration is only + * supported with crypto excluding PK, X.509 or TLS. + * Note: no need to check X.509 as it depends on PK. */ +#if defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_384) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_BRAINPOOL_P_R1_512) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_255) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_MONTGOMERY_448) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_192) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_224) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_K1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_192) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_224) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_256) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_384) || \ + defined(MBEDTLS_PSA_ACCEL_ECC_SECP_R1_521) +#if defined(MBEDTLS_PSA_ECC_ACCEL_INCOMPLETE_CURVES) +#if defined(MBEDTLS_PK_C) +#error "Unsupported partial support for ECC curves acceleration, see docs/driver-only-builds.md" +#endif /* modules beyond what's supported */ +#endif /* not all curves accelerated */ +#endif /* some curve accelerated */ + +#if defined(MBEDTLS_CTR_DRBG_C) && !(defined(MBEDTLS_AES_C) || \ + (defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_KEY_TYPE_AES) && \ + defined(PSA_WANT_ALG_ECB_NO_PADDING))) +#error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C) +#error "MBEDTLS_DHM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CMAC_C) && \ + ( !defined(MBEDTLS_CIPHER_C ) || ( !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_DES_C) ) ) +#error "MBEDTLS_CMAC_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_NIST_KW_C) && \ + ( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_CIPHER_C) ) +#error "MBEDTLS_NIST_KW_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if defined(PSA_WANT_ALG_CBC_NO_PADDING) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_NO_PADDING cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_ALG_CBC_PKCS7) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_CBC_PKCS7 cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_ALG_ECB_NO_PADDING) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_ALG_ECB_NO_PADDING cannot be defined simultaneously" +#endif +#if defined(PSA_WANT_KEY_TYPE_DES) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and PSA_WANT_KEY_TYPE_DES cannot be defined simultaneously" +#endif +#endif + +#if defined(MBEDTLS_BLOCK_CIPHER_NO_DECRYPT) +#if defined(MBEDTLS_CIPHER_MODE_CBC) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_CBC cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_CIPHER_MODE_XTS) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_CIPHER_MODE_XTS cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_DES_C) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_DES_C cannot be defined simultaneously" +#endif +#if defined(MBEDTLS_NIST_KW_C) +#error "MBEDTLS_BLOCK_CIPHER_NO_DECRYPT and MBEDTLS_NIST_KW_C cannot be defined simultaneously" +#endif +#endif + +#if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C) +#error "MBEDTLS_ECDH_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECDSA_C) && \ + ( !defined(MBEDTLS_ECP_C) || \ + !( defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) || \ + defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) ) || \ + !defined(MBEDTLS_ASN1_PARSE_C) || \ + !defined(MBEDTLS_ASN1_WRITE_C) ) +#error "MBEDTLS_ECDSA_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_C) && defined(MBEDTLS_USE_PSA_CRYPTO) +#if defined(PSA_HAVE_ALG_ECDSA_SIGN) && !defined(MBEDTLS_ASN1_WRITE_C) +#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_WRITE_C for ECDSA signature" +#endif +#if defined(PSA_HAVE_ALG_ECDSA_VERIFY) && !defined(MBEDTLS_ASN1_PARSE_C) +#error "MBEDTLS_PK_C with MBEDTLS_USE_PSA_CRYPTO needs MBEDTLS_ASN1_PARSE_C for ECDSA verification" +#endif +#endif /* MBEDTLS_PK_C && MBEDTLS_USE_PSA_CRYPTO */ + +#if defined(MBEDTLS_ECJPAKE_C) && \ + !defined(MBEDTLS_ECP_C) +#error "MBEDTLS_ECJPAKE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECP_RESTARTABLE) && \ + !defined(MBEDTLS_ECP_C) +#error "MBEDTLS_ECP_RESTARTABLE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C) +#error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ECP_LIGHT) && ( !defined(MBEDTLS_BIGNUM_C) || ( \ + !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_CURVE25519_ENABLED) && \ + !defined(MBEDTLS_ECP_DP_CURVE448_ENABLED) ) ) +#error "MBEDTLS_ECP_C defined (or a subset enabled), but not all prerequisites" +#endif + +#if defined(MBEDTLS_ENTROPY_C) && \ + !(defined(PSA_WANT_ALG_SHA_512) || defined(PSA_WANT_ALG_SHA_256)) +#error "MBEDTLS_ENTROPY_C defined, but not all prerequisites" +#endif +#if defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64) +#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" +#endif +#if defined(MBEDTLS_ENTROPY_C) && \ + (defined(MBEDTLS_ENTROPY_FORCE_SHA256) || !defined(PSA_WANT_ALG_SHA_512)) \ + && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32) +#error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high" +#endif +#if defined(MBEDTLS_ENTROPY_C) && \ + defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(PSA_WANT_ALG_SHA_256) +#error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" +#endif + +#if defined(__has_feature) +#if __has_feature(memory_sanitizer) +#define MBEDTLS_HAS_MEMSAN // #undef at the end of this paragraph +#endif +#endif +#if defined(MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN) && !defined(MBEDTLS_HAS_MEMSAN) +#error "MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN requires building with MemorySanitizer" +#endif +#if defined(MBEDTLS_HAS_MEMSAN) && defined(MBEDTLS_HAVE_ASM) +#error "MemorySanitizer does not support assembly implementation" +#endif +#undef MBEDTLS_HAS_MEMSAN // temporary macro defined above + +#if defined(MBEDTLS_CCM_C) && \ + !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ + defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) +#error "MBEDTLS_CCM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_GCM_C) && \ + !(defined(MBEDTLS_CCM_GCM_CAN_AES) || defined(MBEDTLS_CCM_GCM_CAN_ARIA) || \ + defined(MBEDTLS_CCM_GCM_CAN_CAMELLIA)) +#error "MBEDTLS_GCM_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C) +#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_POLY1305_C) +#error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_HKDF_C) && !defined(MBEDTLS_MD_C) +#error "MBEDTLS_HKDF_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C) +#error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_MD_C) && \ + !defined(PSA_WANT_ALG_MD5) && \ + !defined(PSA_WANT_ALG_RIPEMD160) && \ + !defined(PSA_WANT_ALG_SHA_1) && \ + !defined(PSA_WANT_ALG_SHA_224) && \ + !defined(PSA_WANT_ALG_SHA_256) && \ + !defined(PSA_WANT_ALG_SHA_384) && \ + !defined(PSA_WANT_ALG_SHA_512) && \ + !defined(PSA_WANT_ALG_SHA3_224) && \ + !defined(PSA_WANT_ALG_SHA3_256) && \ + !defined(PSA_WANT_ALG_SHA3_384) && \ + !defined(PSA_WANT_ALG_SHA3_512) +#error "MBEDTLS_MD_C defined, but no hash algorithm" +#endif + +#if defined(MBEDTLS_LMS_C) && \ + ! ( defined(MBEDTLS_PSA_CRYPTO_CLIENT) && defined(PSA_WANT_ALG_SHA_256) ) +#error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256" +#endif + +#if defined(MBEDTLS_LMS_PRIVATE) && \ + ( !defined(MBEDTLS_LMS_C) ) +#error "MBEDTLS_LMS_PRIVATE requires MBEDTLS_LMS_C" +#endif + +#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_MEMORY_BACKTRACE) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#error "MBEDTLS_MEMORY_BACKTRACE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_MEMORY_DEBUG) && !defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) +#error "MBEDTLS_MEMORY_DEBUG defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C) +#error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C) +#error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_C) && \ + !defined(MBEDTLS_RSA_C) && !defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) +#error "MBEDTLS_PK_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_PARSE_C) && \ + (!defined(MBEDTLS_ASN1_PARSE_C) || \ + !defined(MBEDTLS_OID_C) || \ + !defined(MBEDTLS_PK_C)) +#error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PK_WRITE_C) && \ + (!defined(MBEDTLS_ASN1_WRITE_C) || \ + !defined(MBEDTLS_OID_C) || \ + !defined(MBEDTLS_PK_C)) +#error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\ + defined(MBEDTLS_PLATFORM_EXIT_ALT) ) +#error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_SETBUF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SETBUF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SETBUF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SETBUF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_SETBUF) ||\ + defined(MBEDTLS_PLATFORM_SETBUF_ALT) ) +#error "MBEDTLS_PLATFORM_SETBUF_MACRO and MBEDTLS_PLATFORM_STD_SETBUF/MBEDTLS_PLATFORM_SETBUF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_TIME_ALT) &&\ + ( !defined(MBEDTLS_PLATFORM_C) ||\ + !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_TIME_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) ||\ + !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_TIME_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_MS_TIME_TYPE_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_MS_TIME_ALT) && \ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_MS_TIME_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) ||\ + !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_TIME_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\ + defined(MBEDTLS_PLATFORM_TIME_ALT) ) +#error "MBEDTLS_PLATFORM_TIME_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_TIME_TYPE_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_TIME) ||\ + defined(MBEDTLS_PLATFORM_TIME_ALT) ) +#error "MBEDTLS_PLATFORM_TIME_TYPE_MACRO and MBEDTLS_PLATFORM_STD_TIME/MBEDTLS_PLATFORM_TIME_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\ + defined(MBEDTLS_PLATFORM_FPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\ + defined(MBEDTLS_PLATFORM_STD_FREE) +#error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_CALLOC_MACRO) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) ) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) &&\ + defined(MBEDTLS_PLATFORM_STD_CALLOC) +#error "MBEDTLS_PLATFORM_CALLOC_MACRO and MBEDTLS_PLATFORM_STD_CALLOC cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_CALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO) +#error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_CALLOC_MACRO is" +#endif + +#if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\ + defined(MBEDTLS_PLATFORM_PRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\ + defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_VSNPRINTF_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C) +#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_VSNPRINTF_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_VSNPRINTF) ||\ + defined(MBEDTLS_PLATFORM_VSNPRINTF_ALT) ) +#error "MBEDTLS_PLATFORM_VSNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_VSNPRINTF/MBEDTLS_PLATFORM_VSNPRINTF_ALT cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\ + !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS) +#error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_CALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY) +#error "MBEDTLS_PLATFORM_STD_CALLOC defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY) +#error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\ + !defined(MBEDTLS_PLATFORM_EXIT_ALT) +#error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_TIME) &&\ + ( !defined(MBEDTLS_PLATFORM_TIME_ALT) ||\ + !defined(MBEDTLS_HAVE_TIME) ) +#error "MBEDTLS_PLATFORM_STD_TIME defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\ + !defined(MBEDTLS_PLATFORM_FPRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\ + !defined(MBEDTLS_PLATFORM_PRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\ + !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) +#error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_ENTROPY_NV_SEED) &&\ + ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_ENTROPY_C) ) +#error "MBEDTLS_ENTROPY_NV_SEED defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_NV_SEED_ALT) &&\ + !defined(MBEDTLS_ENTROPY_NV_SEED) +#error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) &&\ + !defined(MBEDTLS_PLATFORM_NV_SEED_ALT) +#error "MBEDTLS_PLATFORM_STD_NV_SEED_READ defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) &&\ + !defined(MBEDTLS_PLATFORM_NV_SEED_ALT) +#error "MBEDTLS_PLATFORM_STD_NV_SEED_WRITE defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PLATFORM_NV_SEED_READ_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_READ) ||\ + defined(MBEDTLS_PLATFORM_NV_SEED_ALT) ) +#error "MBEDTLS_PLATFORM_NV_SEED_READ_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_READ cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO) &&\ + ( defined(MBEDTLS_PLATFORM_STD_NV_SEED_WRITE) ||\ + defined(MBEDTLS_PLATFORM_NV_SEED_ALT) ) +#error "MBEDTLS_PLATFORM_NV_SEED_WRITE_MACRO and MBEDTLS_PLATFORM_STD_NV_SEED_WRITE cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) && \ + !( ( ( defined(MBEDTLS_CTR_DRBG_C) || defined(MBEDTLS_HMAC_DRBG_C) ) && \ + defined(MBEDTLS_ENTROPY_C) ) || \ + defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) ) +#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites (missing RNG)" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_HAVE_SOFT_BLOCK_MODE) && \ + defined(PSA_HAVE_SOFT_BLOCK_CIPHER) && !defined(MBEDTLS_CIPHER_C) +#error "MBEDTLS_PSA_CRYPTO_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_SPM) && !defined(MBEDTLS_PSA_CRYPTO_C) +#error "MBEDTLS_PSA_CRYPTO_SPM defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) && \ + ! ( defined(MBEDTLS_PSA_CRYPTO_C) && \ + defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) ) +#error "MBEDTLS_PSA_CRYPTO_SE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_CRYPTO_SE_C) +#if defined(MBEDTLS_DEPRECATED_REMOVED) +#error "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS" +#elif defined(MBEDTLS_DEPRECATED_WARNING) +#warning "MBEDTLS_PSA_CRYPTO_SE_C is deprecated and will be removed in a future version of Mbed TLS" +#endif +#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ + +#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ + ! defined(MBEDTLS_PSA_CRYPTO_C) +#error "MBEDTLS_PSA_CRYPTO_STORAGE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + !( defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) && \ + defined(MBEDTLS_ENTROPY_NV_SEED) ) +#error "MBEDTLS_PSA_INJECT_ENTROPY defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES) +#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with actual entropy sources" +#endif + +#if defined(MBEDTLS_PSA_INJECT_ENTROPY) && \ + defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) +#error "MBEDTLS_PSA_INJECT_ENTROPY is not compatible with MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG" +#endif + +#if defined(MBEDTLS_PSA_KEY_STORE_DYNAMIC) && \ + defined(MBEDTLS_PSA_STATIC_KEY_SLOTS) +#error "MBEDTLS_PSA_KEY_STORE_DYNAMIC and MBEDTLS_PSA_STATIC_KEY_SLOTS cannot be defined simultaneously" +#endif + +#if defined(MBEDTLS_PSA_ITS_FILE_C) && \ + !defined(MBEDTLS_FS_IO) +#error "MBEDTLS_PSA_ITS_FILE_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \ + !defined(MBEDTLS_OID_C) ) +#error "MBEDTLS_RSA_C defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_PKCS1_V21) && \ + !defined(MBEDTLS_PKCS1_V15) ) +#error "MBEDTLS_RSA_C defined, but none of the PKCS1 versions enabled" +#endif + +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA512_USE_A64_CRYPTO_*" +#endif + +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA512_C) +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_* defined without MBEDTLS_SHA512_C" +#endif + +#endif /* MBEDTLS_SHA512_USE_A64_CRYPTO_IF_PRESENT || MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY */ + +#if defined(MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY) && !defined(__aarch64__) +#error "MBEDTLS_SHA512_USE_A64_CRYPTO_ONLY defined on non-Aarch64 system" +#endif + +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) && \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#error "Must only define one of MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_*" +#endif + +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_IF_PRESENT) || \ + defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) +#if !defined(MBEDTLS_SHA256_C) +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_* defined without MBEDTLS_SHA256_C" +#endif + +#endif + +#if defined(MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY) && !defined(MBEDTLS_ARCH_IS_ARMV8_A) +#error "MBEDTLS_SHA256_USE_ARMV8_A_CRYPTO_ONLY defined on non-Armv8-A system" +#endif + +#if defined(MBEDTLS_THREADING_PTHREAD) +#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites" +#endif +#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph +#endif +#if defined(MBEDTLS_THREADING_ALT) +#if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_ALT defined, but not all prerequisites" +#endif +#define MBEDTLS_THREADING_IMPL // undef at the end of this paragraph +#endif +#if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL) +#error "MBEDTLS_THREADING_C defined, single threading implementation required" +#endif +#undef MBEDTLS_THREADING_IMPL // temporary macro defined above + +#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_CLIENT) +#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites" +#endif + +#if defined(MBEDTLS_HAVE_INT32) && defined(MBEDTLS_HAVE_INT64) +#error "MBEDTLS_HAVE_INT32 and MBEDTLS_HAVE_INT64 cannot be defined simultaneously" +#endif /* MBEDTLS_HAVE_INT32 && MBEDTLS_HAVE_INT64 */ + +#if ( defined(MBEDTLS_HAVE_INT32) || defined(MBEDTLS_HAVE_INT64) ) && \ + defined(MBEDTLS_HAVE_ASM) +#error "MBEDTLS_HAVE_INT32/MBEDTLS_HAVE_INT64 and MBEDTLS_HAVE_ASM cannot be defined simultaneously" +#endif /* (MBEDTLS_HAVE_INT32 || MBEDTLS_HAVE_INT64) && MBEDTLS_HAVE_ASM */ + +/* + * Avoid warning from -pedantic. This is a convenient place for this + * workaround since this is included by every single file before the + * #if defined(MBEDTLS_xxx_C) that results in empty translation units. + */ +typedef int mbedtls_iso_c_forbids_empty_translation_units; + +/* *INDENT-ON* */ +#endif /* TF_PSA_CRYPTO_CHECK_CONFIG_H */ diff --git a/tf-psa-crypto/programs/test/cmake_package_install/.gitignore b/tf-psa-crypto/programs/test/cmake_package_install/.gitignore new file mode 100644 index 0000000000..b8bcb62f05 --- /dev/null +++ b/tf-psa-crypto/programs/test/cmake_package_install/.gitignore @@ -0,0 +1,4 @@ +build +Makefile +cmake_package_install +tf-psa-crypto diff --git a/tf-psa-crypto/programs/test/cmake_package_install/CMakeLists.txt b/tf-psa-crypto/programs/test/cmake_package_install/CMakeLists.txt new file mode 100644 index 0000000000..a6d82a6dad --- /dev/null +++ b/tf-psa-crypto/programs/test/cmake_package_install/CMakeLists.txt @@ -0,0 +1,40 @@ +cmake_minimum_required(VERSION 3.5.1) + +# +# Simulate configuring and building Mbed TLS as the user might do it. We'll +# install into a directory inside our own build directory. +# + +set(TF-PSA-Crypto_SOURCE_DIR "${CMAKE_CURRENT_SOURCE_DIR}/../../..") +set(TF-PSA-Crypto_INSTALL_DIR "${CMAKE_CURRENT_BINARY_DIR}/tf-psa-crypto") +set(TF-PSA-Crypto_BINARY_DIR "${TF-PSA-Crypto_INSTALL_DIR}${CMAKE_FILES_DIRECTORY}") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + "-H${TF-PSA-Crypto_SOURCE_DIR}" + "-B${TF-PSA-Crypto_BINARY_DIR}" + "-DENABLE_PROGRAMS=NO" + "-DENABLE_TESTING=NO" + # Turn on generated files explicitly in case this is a release + "-DGEN_FILES=ON" + "-DCMAKE_INSTALL_PREFIX=${TF-PSA-Crypto_INSTALL_DIR}") + +execute_process( + COMMAND "${CMAKE_COMMAND}" + --build "${TF-PSA-Crypto_BINARY_DIR}" + --target install) + +# +# Locate the package. +# + +list(INSERT CMAKE_PREFIX_PATH 0 "${TF-PSA-Crypto_INSTALL_DIR}") +find_package(TF-PSA-Crypto REQUIRED) + +# +# At this point, the TF-PSA-Crypto targets should have been imported, and we +# can now link to them from our own program. +# + +add_executable(cmake_package_install cmake_package_install.c) +target_link_libraries(cmake_package_install TF-PSA-Crypto::tfpsacrypto) diff --git a/tf-psa-crypto/programs/test/cmake_package_install/cmake_package_install.c b/tf-psa-crypto/programs/test/cmake_package_install/cmake_package_install.c new file mode 100644 index 0000000000..082ca27e7f --- /dev/null +++ b/tf-psa-crypto/programs/test/cmake_package_install/cmake_package_install.c @@ -0,0 +1,19 @@ +/* + * Simple program to test that TF-PSA-Crypto builds correctly as an installable + * CMake package. + * + * Copyright The Mbed TLS Contributors + * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + */ + +#include + +/* The main reason to build this is for testing the CMake build, so the program + * doesn't need to do very much. It calls a PSA cryptography API to ensure + * linkage works, but that is all. */ +int main() +{ + psa_crypto_init(); + + return 0; +} diff --git a/tf-psa-crypto/scripts/config.py b/tf-psa-crypto/scripts/config.py index 30b6067578..312d5890c4 100755 --- a/tf-psa-crypto/scripts/config.py +++ b/tf-psa-crypto/scripts/config.py @@ -58,6 +58,7 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_ENTROPY_FORCE_SHA256', # interacts with CTR_DRBG_128_BIT_KEY 'MBEDTLS_HAVE_SSE2', # hardware dependency 'MBEDTLS_MEMORY_BACKTRACE', # depends on MEMORY_BUFFER_ALLOC_C + 'MBEDTLS_MEMORY_BUFFER_ALLOC_C', # makes sanitizers (e.g. ASan) less effective 'MBEDTLS_MEMORY_DEBUG', # depends on MEMORY_BUFFER_ALLOC_C 'MBEDTLS_NO_64BIT_MULTIPLICATION', # influences anything that uses bignum 'MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES', # removes a feature @@ -77,6 +78,8 @@ EXCLUDE_FROM_FULL = frozenset([ 'MBEDTLS_SHA256_USE_A64_CRYPTO_IF_PRESENT', # setting *_USE_ARMV8_A_CRYPTO is sufficient 'MBEDTLS_TEST_CONSTANT_FLOW_MEMSAN', # build dependency (clang+memsan) 'MBEDTLS_TEST_CONSTANT_FLOW_VALGRIND', # build dependency (valgrind headers) + 'MBEDTLS_PSA_STATIC_KEY_SLOTS', # only relevant for embedded devices + 'MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE', # only relevant for embedded devices *PSA_UNSUPPORTED_FEATURE, *PSA_DEPRECATED_FEATURE, *PSA_UNSTABLE_FEATURE diff --git a/tf-psa-crypto/scripts/data_files/driver_jsons/p256_transparent_driver.json b/tf-psa-crypto/scripts/data_files/driver_jsons/p256_transparent_driver.json index 4794074756..c0802f4b27 100644 --- a/tf-psa-crypto/scripts/data_files/driver_jsons/p256_transparent_driver.json +++ b/tf-psa-crypto/scripts/data_files/driver_jsons/p256_transparent_driver.json @@ -2,7 +2,7 @@ "prefix": "p256", "type": "transparent", "mbedtls/h_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)", - "headers": ["../tf-psa-crypto/drivers/p256-m/p256-m_driver_entrypoints.h"], + "headers": ["../drivers/p256-m/p256-m_driver_entrypoints.h"], "capabilities": [ { "mbedtls/c_condition": "defined(MBEDTLS_PSA_P256M_DRIVER_ENABLED)", diff --git a/tf-psa-crypto/tests/CMakeLists.txt b/tf-psa-crypto/tests/CMakeLists.txt index 2929cf3a68..a1ecca211d 100644 --- a/tf-psa-crypto/tests/CMakeLists.txt +++ b/tf-psa-crypto/tests/CMakeLists.txt @@ -304,7 +304,6 @@ function(add_test_suite suite_name) # them as PUBLIC. target_include_directories(test_suite_${data_name} PRIVATE ${TF_PSA_CRYPTO_FRAMEWORK_DIR}/tests/include - PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../library PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../core PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../drivers/builtin/src) # Request C11, which is needed for memory poisoning tests diff --git a/tf-psa-crypto/tests/scripts/components-build-system.sh b/tf-psa-crypto/tests/scripts/components-build-system.sh index 5de9dc7876..5dd7869ba6 100644 --- a/tf-psa-crypto/tests/scripts/components-build-system.sh +++ b/tf-psa-crypto/tests/scripts/components-build-system.sh @@ -31,3 +31,12 @@ component_test_tf_psa_crypto_cmake_as_subdirectory () { make ./cmake_subproject } + +component_test_tf_psa_crypto_cmake_as_package_install () { + msg "build: cmake 'as-installed-package' build" + cd programs/test/cmake_package_install + # Note: Explicitly generate files as these are turned off in releases + cmake . + make + ./cmake_package_install +}