aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexei Fedorov <Alexei.Fedorov@arm.com>2020-09-21 12:23:54 +0100
committerAlexei Fedorov <Alexei.Fedorov@arm.com>2020-10-01 11:12:18 +0000
commitea14b51b838df0df1253df9259982bd57f26669e (patch)
tree3b4000f5a938f9b8e638d0b330f1284f3b1a2353
parent428518c638da05f980280227ce43fa1655c70be1 (diff)
downloadtrusted-firmware-a-ea14b51b838df0df1253df9259982bd57f26669e.tar.gz
Crypto library: Migrate support to MbedTLS v2.24.0
This patch migrates the mbedcrypto dependency for TF-A to mbedTLS repo v2.24.0 which is the latest release tag. The relevant documentation is updated to reflect the use of new version. Change-Id: I116f44242e8c98e856416ea871d11abd3234dac1 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-rw-r--r--docs/getting_started/prerequisites.rst2
-rw-r--r--drivers/auth/mbedtls/mbedtls_common.mk3
-rw-r--r--include/drivers/auth/mbedtls/mbedtls_config.h9
3 files changed, 10 insertions, 4 deletions
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index 13e25cd0e3..91ecdf31c8 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -60,7 +60,7 @@ supporting tools:
The following libraries are required for Trusted Board Boot support:
-- mbed TLS == 2.18.0 (tag: ``mbedtls-2.18.0``)
+- mbed TLS == 2.24.0 (tag: ``mbedtls-2.24.0``)
These tools are optional:
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index 8454105c2a..53ebe30b63 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2020, Arm Limited. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
#
@@ -35,7 +35,6 @@ LIBMBEDTLS_SRCS := $(addprefix ${MBEDTLS_DIR}/library/, \
bignum.c \
gcm.c \
md.c \
- md_wrap.c \
pk.c \
pk_wrap.c \
pkparse.c \
diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index dc00da7d60..ad39fa9067 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -63,6 +63,7 @@
#define MBEDTLS_ECDSA_C
#define MBEDTLS_ECP_C
#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_NO_INTERNAL_RNG
#endif
#if TF_MBEDTLS_USE_RSA
#define MBEDTLS_RSA_C
@@ -101,6 +102,12 @@
/* Memory buffer allocator options */
#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
#ifndef __ASSEMBLER__
/* System headers required to build mbed TLS with the current configuration */
#include <stdlib.h>