Create encrypted block store infrastructure Create infrastructure with partitioned, encrypted ram for testing, which contains an MbedTLS instance with minimized config that enables only HKDF and AES with CBC and ECB. Change-Id: Ie5a1ade885bb564976cf39f6bea4c3ce4aa59904 Signed-off-by: Gabor Toth <gabor.toth2@arm.com>

commit: ee7c4a1ac7071d4dda29e3dd404a61cd2b3da97e [log] [tgz]
author: Gabor Toth <gabor.toth2@arm.com> Mon Nov 11 16:51:31 2024 +0100
committer: György Szing <gyorgy.szing@arm.com> Tue Mar 11 11:21:24 2025 +0100
tree: ae27bd835b962b09c03b93b8913cfccff7a72524
parent: 000a1028933d785498b167c86863af7791343068 [diff] [blame]
diff --git a/external/MbedTLS/mbedtls-init-cache.cmake.in b/external/MbedTLS/mbedtls-init-cache.cmake.in
index a633781..8979cc5 100644
--- a/external/MbedTLS/mbedtls-init-cache.cmake.in
+++ b/external/MbedTLS/mbedtls-init-cache.cmake.in

@@ -12,6 +12,12 @@
 set(ENABLE_TESTING Off CACHE BOOL "")
 set(UNSAFE_BUILD On CACHE BOOL "")
 set(EXTERNAL_DEFINITIONS -DMBEDTLS_CONFIG_FILE="@MBEDTLS_CONFIG_FILE@" CACHE STRING "")
+
+# If there is a crypto config file to fine-tune the algorithms enabled in MbedTLS, add it to the definitions
+if(NOT "" STREQUAL "@MBEDTLS_PSA_CRYPTO_CONFIG_FILE@")
+	set(EXTERNAL_DEFINITIONS ${EXTERNAL_DEFINITIONS} -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="@MBEDTLS_PSA_CRYPTO_CONFIG_FILE@" CACHE STRING "" FORCE)
+endif()
+
 set(EXTERNAL_INCLUDE_PATHS @MBEDTLS_EXTRA_INCLUDES@ CACHE STRING "")
 set(BRANCH_PROTECTION @BRANCH_PROTECTION@ CACHE STRING "")
commit	ee7c4a1ac7071d4dda29e3dd404a61cd2b3da97e	[log] [tgz]
author	Gabor Toth <gabor.toth2@arm.com>	Mon Nov 11 16:51:31 2024 +0100
committer	György Szing <gyorgy.szing@arm.com>	Tue Mar 11 11:21:24 2025 +0100
tree	ae27bd835b962b09c03b93b8913cfccff7a72524
parent	000a1028933d785498b167c86863af7791343068 [diff] [blame]