diff options
author | Maulik Patel <maulik.patel@arm.com> | 2021-01-06 14:09:22 +0000 |
---|---|---|
committer | Karl Zhang <karl.zhang@arm.com> | 2021-03-17 10:05:53 +0100 |
commit | 28659c498c3bdbbc610959e7518bece5aaf72a19 (patch) | |
tree | 31c56512a44b08ceda10c143e7bc86108de60b05 /lib | |
parent | f07e92e6e1c0453a488df6143818a25a37f011f4 (diff) | |
download | trusted-firmware-m-28659c498c3bdbbc610959e7518bece5aaf72a19.tar.gz |
Crypto: Upgrade Mbed TLS to 2.25
Set the MBEDCRYPTO_VERSION to 2.25.0.
First three patches in existing v2.24 already applied in v2.25
and hence removed.
Replaced MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER with
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER in all configuration and
source as updated in v2.25 library.
Update all headers of psa/include as per mbedtls-v2.25 excluding
changes required to hide some implementation.
Update id field in the client_key_attributes structure to
psa_key_id_t.
Update Copyright year to 2021!
Removed patch 006 as not required in MbedTLS v2.25.0.
Update references of handle to key as per MbedTLS api changes.
Increase NUM_HANDLES to 32 to accommodate crypto api tests.
Added corresponding tfm implementation of psa_purge_key().
Signed-off-by: Maulik Patel <maulik.patel@arm.com>
Change-Id: I6a532da96735cf32996250c4a8733a8654c1f44e
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ext/mbedcrypto/0001-BUILD-Update-IAR-support-in-CMakeLists.txt.patch (renamed from lib/ext/mbedcrypto/0004-BUILD-Update-IAR-support-in-CMakeLists.txt.patch) | 0 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/0001-Build-Add-MBEDTLS_TARGET_PREFIX.patch | 350 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/0002-Build-Use-new-style-syntax-in-link-libraries.patch | 57 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/0002-Enable-crypto-code-sharing-between-independent-binar.patch (renamed from lib/ext/mbedcrypto/0005-Enable-crypto-code-sharing-between-independent-binar.patch) | 0 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/0003-Remove-overriding-of-CMAKE_BUILD_TYPE.patch | 28 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/0006-Move-misplaced-else-within-ifdef-to-avoid-compilatio.patch | 34 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h | 14 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h | 14 | ||||
-rw-r--r-- | lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h | 14 |
9 files changed, 21 insertions, 490 deletions
diff --git a/lib/ext/mbedcrypto/0004-BUILD-Update-IAR-support-in-CMakeLists.txt.patch b/lib/ext/mbedcrypto/0001-BUILD-Update-IAR-support-in-CMakeLists.txt.patch index 47c6448c9a..47c6448c9a 100644 --- a/lib/ext/mbedcrypto/0004-BUILD-Update-IAR-support-in-CMakeLists.txt.patch +++ b/lib/ext/mbedcrypto/0001-BUILD-Update-IAR-support-in-CMakeLists.txt.patch diff --git a/lib/ext/mbedcrypto/0001-Build-Add-MBEDTLS_TARGET_PREFIX.patch b/lib/ext/mbedcrypto/0001-Build-Add-MBEDTLS_TARGET_PREFIX.patch deleted file mode 100644 index f19479c2a5..0000000000 --- a/lib/ext/mbedcrypto/0001-Build-Add-MBEDTLS_TARGET_PREFIX.patch +++ /dev/null @@ -1,350 +0,0 @@ -From 995c66f702db3a004be1e3d822ffad64b2ad125f Mon Sep 17 00:00:00 2001 -From: Raef Coles <raef.coles@arm.com> -Date: Tue, 13 Oct 2020 16:30:41 +0100 -Subject: [PATCH 1/2] Build: Add MBEDTLS_TARGET_PREFIX - -Allows required targets to have prefixes added to them, so that external -projects can avoid target names clashing. - -Signed-off-by: Raef Coles <raef.coles@arm.com> ---- - CMakeLists.txt | 6 +- - .../add_MBEDTLS_TARGET_PREFIX_to_cmake.txt | 6 ++ - library/CMakeLists.txt | 55 ++++++++++++------- - programs/aes/CMakeLists.txt | 2 +- - programs/fuzz/CMakeLists.txt | 2 +- - programs/hash/CMakeLists.txt | 2 +- - programs/pkey/CMakeLists.txt | 4 +- - programs/psa/CMakeLists.txt | 2 +- - programs/random/CMakeLists.txt | 2 +- - programs/ssl/CMakeLists.txt | 2 +- - programs/test/CMakeLists.txt | 4 +- - programs/test/cmake_subproject/CMakeLists.txt | 12 ++-- - programs/util/CMakeLists.txt | 2 +- - programs/x509/CMakeLists.txt | 4 +- - tests/CMakeLists.txt | 4 +- - 15 files changed, 69 insertions(+), 40 deletions(-) - create mode 100644 ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 5af4c8124..e4f318b3c 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -14,6 +14,10 @@ - # CMake files. It is related to ZLIB support which is planned to be removed. - # When the support is removed, the associated include_directories command - # will be removed as well as this note. -+# - MBEDTLS_TARGET_PREFIX: CMake targets are designed to be alterable by calling -+# CMake in order to avoid target name clashes, via the use of -+# MBEDTLS_TARGET_PREFIX. The value of this variable is prefixed to the -+# mbedtls, mbedx509, mbedcrypto and apidoc targets. - # - - cmake_minimum_required(VERSION 2.6) -@@ -273,7 +277,7 @@ if(ENABLE_PROGRAMS) - add_subdirectory(programs) - endif() - --ADD_CUSTOM_TARGET(apidoc -+ADD_CUSTOM_TARGET(${MBEDTLS_TARGET_PREFIX}apidoc - COMMAND doxygen mbedtls.doxyfile - WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/doxygen) - -diff --git a/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt -new file mode 100644 -index 000000000..533f309ab ---- /dev/null -+++ b/ChangeLog.d/add_MBEDTLS_TARGET_PREFIX_to_cmake.txt -@@ -0,0 +1,6 @@ -+Features -+ * Add MBEDTLS_TARGET_PREFIX CMake variable, which is prefixed to the mbedtls, -+ mbedcrypto, mbedx509 and apidoc CMake target names. This can be used by -+ external CMake projects that include this one to avoid CMake target name -+ clashes. The default value of this variable is "", so default target names -+ are unchanged. -diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt -index 4444b984e..f0315f721 100644 ---- a/library/CMakeLists.txt -+++ b/library/CMakeLists.txt -@@ -150,18 +150,31 @@ if (NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) - message(FATAL_ERROR "Need to choose static or shared mbedtls build!") - endif(NOT USE_STATIC_MBEDTLS_LIBRARY AND NOT USE_SHARED_MBEDTLS_LIBRARY) - --set(target_libraries "mbedcrypto" "mbedx509" "mbedtls") -+set(mbedtls_target "${MBEDTLS_TARGET_PREFIX}mbedtls") -+set(mbedx509_target "${MBEDTLS_TARGET_PREFIX}mbedx509") -+set(mbedcrypto_target "${MBEDTLS_TARGET_PREFIX}mbedcrypto") -+ -+set(mbedtls_target ${mbedtls_target} PARENT_SCOPE) -+set(mbedx509_target ${mbedx509_target} PARENT_SCOPE) -+set(mbedcrypto_target ${mbedcrypto_target} PARENT_SCOPE) -+ -+if (USE_STATIC_MBEDTLS_LIBRARY) -+ set(mbedtls_static_target ${mbedtls_target}) -+ set(mbedx509_static_target ${mbedx509_target}) -+ set(mbedcrypto_static_target ${mbedcrypto_target}) -+endif() -+ -+set(target_libraries ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) - - if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) -- set(mbedtls_static_target "mbedtls_static") -- set(mbedx509_static_target "mbedx509_static") -- set(mbedcrypto_static_target "mbedcrypto_static") -+ string(APPEND mbedtls_static_target "_static") -+ string(APPEND mbedx509_static_target "_static") -+ string(APPEND mbedcrypto_static_target "_static") -+ - list(APPEND target_libraries -- "mbedcrypto_static" "mbedx509_static" "mbedtls_static") --elseif(USE_STATIC_MBEDTLS_LIBRARY) -- set(mbedtls_static_target "mbedtls") -- set(mbedx509_static_target "mbedx509") -- set(mbedcrypto_static_target "mbedcrypto") -+ ${mbedcrypto_static_target} -+ ${mbedx509_static_target} -+ ${mbedtls_static_target}) - endif() - - if(USE_STATIC_MBEDTLS_LIBRARY) -@@ -179,17 +192,17 @@ if(USE_STATIC_MBEDTLS_LIBRARY) - endif(USE_STATIC_MBEDTLS_LIBRARY) - - if(USE_SHARED_MBEDTLS_LIBRARY) -- add_library(mbedcrypto SHARED ${src_crypto}) -- set_target_properties(mbedcrypto PROPERTIES VERSION 2.24.0 SOVERSION 5) -- target_link_libraries(mbedcrypto ${libs}) -+ add_library(${mbedcrypto_target} SHARED ${src_crypto}) -+ set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.24.0 SOVERSION 5) -+ target_link_libraries(${mbedcrypto_target} ${libs}) - -- add_library(mbedx509 SHARED ${src_x509}) -- set_target_properties(mbedx509 PROPERTIES VERSION 2.24.0 SOVERSION 1) -- target_link_libraries(mbedx509 ${libs} mbedcrypto) -+ add_library(${mbedx509_target} SHARED ${src_x509}) -+ set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.24.0 SOVERSION 1) -+ target_link_libraries(${mbedx509_target} ${libs} ${mbedcrypto_target}) - -- add_library(mbedtls SHARED ${src_tls}) -- set_target_properties(mbedtls PROPERTIES VERSION 2.24.0 SOVERSION 13) -- target_link_libraries(mbedtls ${libs} mbedx509) -+ add_library(${mbedtls_target} SHARED ${src_tls}) -+ set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.24.0 SOVERSION 13) -+ target_link_libraries(${mbedtls_target} ${libs} ${mbedx509_target}) - endif(USE_SHARED_MBEDTLS_LIBRARY) - - foreach(target IN LISTS target_libraries) -@@ -210,7 +223,9 @@ foreach(target IN LISTS target_libraries) - PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ) - endforeach(target) - --add_custom_target(lib DEPENDS mbedcrypto mbedx509 mbedtls) -+set(lib_target "${MBEDTLS_TARGET_PREFIX}lib") -+ -+add_custom_target(${lib_target} DEPENDS ${mbedcrypto_target} ${mbedx509_target} ${mbedtls_target}) - if(USE_STATIC_MBEDTLS_LIBRARY AND USE_SHARED_MBEDTLS_LIBRARY) -- add_dependencies(lib mbedcrypto_static mbedx509_static mbedtls_static) -+ add_dependencies(${lib_target} ${mbedcrypto_static_target} ${mbedx509_static_target} ${mbedtls_static_target}) - endif() -diff --git a/programs/aes/CMakeLists.txt b/programs/aes/CMakeLists.txt -index 2309789a6..6b8ce2ab4 100644 ---- a/programs/aes/CMakeLists.txt -+++ b/programs/aes/CMakeLists.txt -@@ -5,7 +5,7 @@ set(executables - - foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - endforeach() - - install(TARGETS ${executables} -diff --git a/programs/fuzz/CMakeLists.txt b/programs/fuzz/CMakeLists.txt -index e2b0eace2..35512c79a 100644 ---- a/programs/fuzz/CMakeLists.txt -+++ b/programs/fuzz/CMakeLists.txt -@@ -1,5 +1,5 @@ - set(libs -- mbedtls -+ ${mbedtls_target} - ) - - if(USE_PKCS11_HELPER_LIBRARY) -diff --git a/programs/hash/CMakeLists.txt b/programs/hash/CMakeLists.txt -index ae294798b..b2f2a1f5c 100644 ---- a/programs/hash/CMakeLists.txt -+++ b/programs/hash/CMakeLists.txt -@@ -5,7 +5,7 @@ set(executables - - foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - endforeach() - - install(TARGETS ${executables} -diff --git a/programs/pkey/CMakeLists.txt b/programs/pkey/CMakeLists.txt -index b4b3d3042..9c6fe7d49 100644 ---- a/programs/pkey/CMakeLists.txt -+++ b/programs/pkey/CMakeLists.txt -@@ -5,7 +5,7 @@ set(executables_mbedtls - - foreach(exe IN LISTS executables_mbedtls) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedtls) -+ target_link_libraries(${exe} ${mbedtls_target}) - endforeach() - - set(executables_mbedcrypto -@@ -31,7 +31,7 @@ set(executables_mbedcrypto - - foreach(exe IN LISTS executables_mbedcrypto) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - endforeach() - - install(TARGETS ${executables_mbedtls} ${executables_mbedcrypto} -diff --git a/programs/psa/CMakeLists.txt b/programs/psa/CMakeLists.txt -index 5cbcf7191..23e85fea7 100644 ---- a/programs/psa/CMakeLists.txt -+++ b/programs/psa/CMakeLists.txt -@@ -6,7 +6,7 @@ set(executables - - foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - target_include_directories(${exe} PRIVATE ${CMAKE_CURRENT_SOURCE_DIR}/../../tests/include) - endforeach() - -diff --git a/programs/random/CMakeLists.txt b/programs/random/CMakeLists.txt -index 95acb7e10..8df836580 100644 ---- a/programs/random/CMakeLists.txt -+++ b/programs/random/CMakeLists.txt -@@ -6,7 +6,7 @@ set(executables - - foreach(exe IN LISTS executables) - add_executable(${exe} ${exe}.c $<TARGET_OBJECTS:mbedtls_test>) -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - endforeach() - - install(TARGETS ${executables} -diff --git a/programs/ssl/CMakeLists.txt b/programs/ssl/CMakeLists.txt -index 28fbfc5a7..ca0a6a429 100644 ---- a/programs/ssl/CMakeLists.txt -+++ b/programs/ssl/CMakeLists.txt -@@ -2,7 +2,7 @@ set(THREADS_USE_PTHREADS_WIN32 true) - find_package(Threads) - - set(libs -- mbedtls -+ ${mbedtls_target} - ) - - if(USE_PKCS11_HELPER_LIBRARY) -diff --git a/programs/test/CMakeLists.txt b/programs/test/CMakeLists.txt -index 0df0becd9..217741bf9 100644 ---- a/programs/test/CMakeLists.txt -+++ b/programs/test/CMakeLists.txt -@@ -1,5 +1,5 @@ - set(libs -- mbedtls -+ ${mbedtls_target} - ) - - if(USE_PKCS11_HELPER_LIBRARY) -@@ -33,7 +33,7 @@ foreach(exe IN LISTS executables_libs executables_mbedcrypto) - if (${exe_index} GREATER -1) - target_link_libraries(${exe} ${libs}) - else() -- target_link_libraries(${exe} mbedcrypto) -+ target_link_libraries(${exe} ${mbedcrypto_target}) - endif() - endforeach() - -diff --git a/programs/test/cmake_subproject/CMakeLists.txt b/programs/test/cmake_subproject/CMakeLists.txt -index 3e32c5fc3..a9fcfde29 100644 ---- a/programs/test/cmake_subproject/CMakeLists.txt -+++ b/programs/test/cmake_subproject/CMakeLists.txt -@@ -1,5 +1,8 @@ - cmake_minimum_required(VERSION 2.6) - -+# Test the target renaming support by adding a prefix to the targets built -+set(MBEDTLS_TARGET_PREFIX subproject_test_) -+ - # We use the parent Mbed TLS directory as the MBEDTLS_DIR for this test. Other - # projects that use Mbed TLS as a subproject are likely to add by their own - # relative paths. -@@ -8,11 +11,12 @@ set(MBEDTLS_DIR ../../../) - # Add Mbed TLS as a subdirectory. - add_subdirectory(${MBEDTLS_DIR} build) - --# Link against all the Mbed TLS libraries. -+# Link against all the Mbed TLS libraries. Verifies that the targets have been -+# created using the specified prefix - set(libs -- mbedcrypto -- mbedx509 -- mbedtls -+ subproject_test_mbedcrypto -+ subproject_test_mbedx509 -+ subproject_test_mbedtls - ) - - add_executable(cmake_subproject cmake_subproject.c) -diff --git a/programs/util/CMakeLists.txt b/programs/util/CMakeLists.txt -index cb14a3ee6..2a11212ec 100644 ---- a/programs/util/CMakeLists.txt -+++ b/programs/util/CMakeLists.txt -@@ -1,5 +1,5 @@ - set(libs -- mbedcrypto -+ ${mbedcrypto_target} - ) - - set(executables -diff --git a/programs/x509/CMakeLists.txt b/programs/x509/CMakeLists.txt -index f7b5fe1d9..29cbeb800 100644 ---- a/programs/x509/CMakeLists.txt -+++ b/programs/x509/CMakeLists.txt -@@ -1,5 +1,5 @@ - set(libs -- mbedx509 -+ ${mbedx509_target} - ) - - if(USE_PKCS11_HELPER_LIBRARY) -@@ -23,7 +23,7 @@ foreach(exe IN LISTS executables) - target_link_libraries(${exe} ${libs}) - endforeach() - --target_link_libraries(cert_app mbedtls) -+target_link_libraries(cert_app ${mbedtls_target}) - - install(TARGETS ${executables} - DESTINATION "bin" -diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt -index cc6866309..580d936c0 100644 ---- a/tests/CMakeLists.txt -+++ b/tests/CMakeLists.txt -@@ -1,5 +1,5 @@ - set(libs -- mbedtls -+ ${mbedtls_target} - ) - - # Set the project root directory if it's not already defined, as may happen if -@@ -43,7 +43,7 @@ function(add_test_suite suite_name) - add_custom_command( - OUTPUT test_suite_${data_name}.c - COMMAND ${MBEDTLS_PYTHON_EXECUTABLE} ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py -f ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function -d ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -t ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function -p ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function -s ${CMAKE_CURRENT_SOURCE_DIR}/suites --helpers-file ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function -o . -- DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py mbedtls ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data -+ DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/scripts/generate_test_code.py ${mbedtls_target} ${CMAKE_CURRENT_SOURCE_DIR}/suites/helpers.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/main_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/host_test.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${suite_name}.function ${CMAKE_CURRENT_SOURCE_DIR}/suites/test_suite_${data_name}.data - ) - - add_executable(test_suite_${data_name} test_suite_${data_name}.c $<TARGET_OBJECTS:mbedtls_test>) --- -2.20.1 - diff --git a/lib/ext/mbedcrypto/0002-Build-Use-new-style-syntax-in-link-libraries.patch b/lib/ext/mbedcrypto/0002-Build-Use-new-style-syntax-in-link-libraries.patch deleted file mode 100644 index c4d51500b3..0000000000 --- a/lib/ext/mbedcrypto/0002-Build-Use-new-style-syntax-in-link-libraries.patch +++ /dev/null @@ -1,57 +0,0 @@ -From 4762eddfb3e17d50b471cf6dda491047cbd712d6 Mon Sep 17 00:00:00 2001 -From: Raef Coles <raef.coles@arm.com> -Date: Tue, 13 Oct 2020 16:31:41 +0100 -Subject: [PATCH 2/2] Build: Use new-style syntax in link-libraries - -Migrate to new syntax where the PUBLIC attribute is explicitly defined. -Avoids issues caused sometimes where cmake does not allow the mixing of -old-style and new-style syntax - -Signed-off-by: Raef Coles <raef.coles@arm.com> ---- - library/CMakeLists.txt | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) - -diff --git a/library/CMakeLists.txt b/library/CMakeLists.txt -index f0315f721..89625558a 100644 ---- a/library/CMakeLists.txt -+++ b/library/CMakeLists.txt -@@ -180,29 +180,29 @@ endif() - if(USE_STATIC_MBEDTLS_LIBRARY) - add_library(${mbedcrypto_static_target} STATIC ${src_crypto}) - set_target_properties(${mbedcrypto_static_target} PROPERTIES OUTPUT_NAME mbedcrypto) -- target_link_libraries(${mbedcrypto_static_target} ${libs}) -+ target_link_libraries(${mbedcrypto_static_target} PUBLIC ${libs}) - - add_library(${mbedx509_static_target} STATIC ${src_x509}) - set_target_properties(${mbedx509_static_target} PROPERTIES OUTPUT_NAME mbedx509) -- target_link_libraries(${mbedx509_static_target} ${libs} ${mbedcrypto_static_target}) -+ target_link_libraries(${mbedx509_static_target} PUBLIC ${libs} ${mbedcrypto_static_target}) - - add_library(${mbedtls_static_target} STATIC ${src_tls}) - set_target_properties(${mbedtls_static_target} PROPERTIES OUTPUT_NAME mbedtls) -- target_link_libraries(${mbedtls_static_target} ${libs} ${mbedx509_static_target}) -+ target_link_libraries(${mbedtls_static_target} PUBLIC ${libs} ${mbedx509_static_target}) - endif(USE_STATIC_MBEDTLS_LIBRARY) - - if(USE_SHARED_MBEDTLS_LIBRARY) - add_library(${mbedcrypto_target} SHARED ${src_crypto}) - set_target_properties(${mbedcrypto_target} PROPERTIES VERSION 2.24.0 SOVERSION 5) -- target_link_libraries(${mbedcrypto_target} ${libs}) -+ target_link_libraries(${mbedcrypto_target} PUBLIC ${libs}) - - add_library(${mbedx509_target} SHARED ${src_x509}) - set_target_properties(${mbedx509_target} PROPERTIES VERSION 2.24.0 SOVERSION 1) -- target_link_libraries(${mbedx509_target} ${libs} ${mbedcrypto_target}) -+ target_link_libraries(${mbedx509_target} PUBLIC ${libs} ${mbedcrypto_target}) - - add_library(${mbedtls_target} SHARED ${src_tls}) - set_target_properties(${mbedtls_target} PROPERTIES VERSION 2.24.0 SOVERSION 13) -- target_link_libraries(${mbedtls_target} ${libs} ${mbedx509_target}) -+ target_link_libraries(${mbedtls_target} PUBLIC ${libs} ${mbedx509_target}) - endif(USE_SHARED_MBEDTLS_LIBRARY) - - foreach(target IN LISTS target_libraries) --- -2.20.1 - diff --git a/lib/ext/mbedcrypto/0005-Enable-crypto-code-sharing-between-independent-binar.patch b/lib/ext/mbedcrypto/0002-Enable-crypto-code-sharing-between-independent-binar.patch index 3c220b4e6d..3c220b4e6d 100644 --- a/lib/ext/mbedcrypto/0005-Enable-crypto-code-sharing-between-independent-binar.patch +++ b/lib/ext/mbedcrypto/0002-Enable-crypto-code-sharing-between-independent-binar.patch diff --git a/lib/ext/mbedcrypto/0003-Remove-overriding-of-CMAKE_BUILD_TYPE.patch b/lib/ext/mbedcrypto/0003-Remove-overriding-of-CMAKE_BUILD_TYPE.patch deleted file mode 100644 index f94de4e0a1..0000000000 --- a/lib/ext/mbedcrypto/0003-Remove-overriding-of-CMAKE_BUILD_TYPE.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 1c4af63fc32e16022f884e29ad3ccbdb8c3ed2f2 Mon Sep 17 00:00:00 2001 -From: Raef Coles <raef.coles@arm.com> -Date: Wed, 2 Sep 2020 10:15:02 +0100 -Subject: [PATCH 3/4] Remove overriding of CMAKE_BUILD_TYPE - -Signed-off-by: Raef Coles <raef.coles@arm.com> ---- - CMakeLists.txt | 4 ---- - 1 file changed, 4 deletions(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index ba9227ff3..a671575b7 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -112,10 +112,6 @@ option: \n\ - endif() - endif() - --set(CMAKE_BUILD_TYPE ${CMAKE_BUILD_TYPE} -- CACHE STRING "Choose the type of build: None Debug Release Coverage ASan ASanDbg MemSan MemSanDbg Check CheckFull" -- FORCE) -- - # Create a symbolic link from ${base_name} in the binary directory - # to the corresponding path in the source directory. - function(link_to_source base_name) --- -2.20.1 - diff --git a/lib/ext/mbedcrypto/0006-Move-misplaced-else-within-ifdef-to-avoid-compilatio.patch b/lib/ext/mbedcrypto/0006-Move-misplaced-else-within-ifdef-to-avoid-compilatio.patch deleted file mode 100644 index 159e325041..0000000000 --- a/lib/ext/mbedcrypto/0006-Move-misplaced-else-within-ifdef-to-avoid-compilatio.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 8b2dc6377637c6c146ab5d23a4e119e3d508156c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?H=C3=A5kon=20=C3=98ye=20Amundsen?= - <haakon.amundsen@nordicsemi.no> -Date: Tue, 19 Jan 2021 15:16:55 +0100 -Subject: [PATCH] Move misplaced 'else' within #ifdef to avoid compilation - error -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -... when MBEDTLS_MD_C is not defined. - -Signed-off-by: Håkon Øye Amundsen <haakon.amundsen@nordicsemi.no> ---- - library/psa_crypto.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/library/psa_crypto.c b/library/psa_crypto.c -index bffddc995..8b1201461 100644 ---- a/library/psa_crypto.c -+++ b/library/psa_crypto.c -@@ -5220,8 +5220,8 @@ static psa_status_t psa_key_derivation_setup_kdf( - operation->capacity = 255 * hash_size; - return( PSA_SUCCESS ); - } --#endif /* MBEDTLS_MD_C */ - else -+#endif /* MBEDTLS_MD_C */ - return( PSA_ERROR_NOT_SUPPORTED ); - } - --- -2.30.0 - diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h index c9fc9f4f6c..60c42c2b79 100644 --- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h +++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_default.h @@ -8,7 +8,7 @@ * memory footprint. */ /* - * Copyright (C) 2006-2020, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2021, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -855,20 +855,20 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED -/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER * - * In PSA key storage, encode the owner of the key. + * Enable key identifiers that encode a key owner identifier. * * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide - * an implementation of the type psa_key_owner_id_t and a translation - * from psa_key_file_id_t to file name in all the storage backends that + * multi-client service. When you activate this option, you must provide an + * implementation of the type mbedtls_key_owner_id_t and a translation from + * mbedtls_svc_key_id_t to file name in all the storage backends that you * you wish to support. * * Note that this option is meant for internal use only and may be removed * without notice. */ -#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** * \def MBEDTLS_MEMORY_DEBUG diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h index 1d61ac2350..c1663d0e5e 100644 --- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h +++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_medium.h @@ -8,7 +8,7 @@ * memory footprint. */ /* - * Copyright (C) 2006-2020, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2021, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -850,20 +850,20 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED -/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER * - * In PSA key storage, encode the owner of the key. + * Enable key identifiers that encode a key owner identifier. * * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide - * an implementation of the type psa_key_owner_id_t and a translation - * from psa_key_file_id_t to file name in all the storage backends that + * multi-client service. When you activate this option, you must provide an + * implementation of the type mbedtls_key_owner_id_t and a translation from + * mbedtls_svc_key_id_t to file name in all the storage backends that you * you wish to support. * * Note that this option is meant for internal use only and may be removed * without notice. */ -#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** * \def MBEDTLS_MEMORY_DEBUG diff --git a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h index ee578749d0..3c2c12295a 100644 --- a/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h +++ b/lib/ext/mbedcrypto/mbedcrypto_config/tfm_mbedcrypto_config_profile_small.h @@ -8,7 +8,7 @@ * memory footprint. */ /* - * Copyright (C) 2006-2020, ARM Limited, All Rights Reserved + * Copyright (C) 2006-2021, ARM Limited, All Rights Reserved * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); you may @@ -850,20 +850,20 @@ */ //#define MBEDTLS_ENTROPY_NV_SEED -/* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +/* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER * - * In PSA key storage, encode the owner of the key. + * Enable key identifiers that encode a key owner identifier. * * This is only meaningful when building the library as part of a - * multi-client service. When you activate this option, you must provide - * an implementation of the type psa_key_owner_id_t and a translation - * from psa_key_file_id_t to file name in all the storage backends that + * multi-client service. When you activate this option, you must provide an + * implementation of the type mbedtls_key_owner_id_t and a translation from + * mbedtls_svc_key_id_t to file name in all the storage backends that you * you wish to support. * * Note that this option is meant for internal use only and may be removed * without notice. */ -#define MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER +#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER /** * \def MBEDTLS_MEMORY_DEBUG |