Renamed MBEDTLS_PSA_CRYPTO_CONFIG_FILE & MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
Files have been renamed respectively to:
- TF_PSA_CRYPTO_CONFIG_FILE
- TF_PSA_CRYPTO_USER_CONFIG_FILE
As per design proposal:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/proposed/config-split.md
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 64d95dc..c5d19af 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -333,11 +333,11 @@
endif()
if(TF_PSA_CRYPTO_CONFIG_FILE)
target_compile_definitions(${target}
- PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
+ PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
target_compile_definitions(${target}
- PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
+ PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
endif()
endfunction(set_config_files_compile_definitions)
diff --git a/configs/ext/tfm_mbedcrypto_config_profile_medium.h b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
index 84040f0..8ef28ee 100644
--- a/configs/ext/tfm_mbedcrypto_config_profile_medium.h
+++ b/configs/ext/tfm_mbedcrypto_config_profile_medium.h
@@ -234,7 +234,7 @@
* mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
* in mbedtls_config.h.
*
- * If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
+ * If the symbol #TF_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
* an alternative header to include instead of include/psa/crypto_config.h.
*
* This feature is still experimental and is not ready for production since
@@ -460,7 +460,7 @@
//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
/**
- * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_CONFIG_FILE
*
* If defined, this is a header which will be included instead of
* `"psa/crypto_config.h"`.
@@ -475,13 +475,13 @@
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
-//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
+//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
/**
- * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_USER_CONFIG_FILE
*
* If defined, this is a header which will be included after
- * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
+ * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE.
* This allows you to modify the default configuration, including the ability
* to undefine options that are enabled by default.
*
@@ -492,7 +492,7 @@
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
-//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
+//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
/** \} name SECTION: General configuration options */
diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index da5ef4c..2025819 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h
@@ -131,13 +131,13 @@
#endif
/* PSA crypto configuration */
-#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+#if defined(TF_PSA_CRYPTO_CONFIG_FILE)
+#include TF_PSA_CRYPTO_CONFIG_FILE
#else
#include "psa/crypto_config.h"
#endif
-#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
-#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+#if defined(TF_PSA_CRYPTO_USER_CONFIG_FILE)
+#include TF_PSA_CRYPTO_USER_CONFIG_FILE
#endif
/* Indicate that all configuration files have been read.
diff --git a/tests/configs/user-config-for-test.h b/tests/configs/user-config-for-test.h
index 48ac17a..f230fd3 100644
--- a/tests/configs/user-config-for-test.h
+++ b/tests/configs/user-config-for-test.h
@@ -1,8 +1,8 @@
-/* MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE for testing.
+/* TF_PSA_CRYPTO_USER_CONFIG_FILE for testing.
* Only used for a few test configurations.
*
* Typical usage (note multiple levels of quoting):
- * make CFLAGS="'-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
+ * make CFLAGS="'-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'"
*/
/*
diff --git a/tests/scripts/components-build-system.sh b/tests/scripts/components-build-system.sh
index 93ec7cd..bf2ce23 100644
--- a/tests/scripts/components-build-system.sh
+++ b/tests/scripts/components-build-system.sh
@@ -184,7 +184,7 @@
cp tf-psa-crypto/include/psa/crypto_config.h $OUT_OF_SOURCE_DIR/full_crypto_config.h
cd "$OUT_OF_SOURCE_DIR"
echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
- cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR"
+ cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR"
make
msg "build: cmake with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
@@ -192,7 +192,7 @@
# that nothing else depends on).
echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h
- cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=../full_crypto_config.h "$MBEDTLS_ROOT_DIR"
+ cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/$OUT_OF_SOURCE_DIR/full_crypto_config.h "$MBEDTLS_ROOT_DIR"
make
not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES
@@ -216,7 +216,7 @@
cp tf-psa-crypto/include/psa/crypto_config.h full_crypto_config.h
echo '#error "cmake -DMBEDTLS_CONFIG_FILE is not working."' > "$MBEDTLS_ROOT_DIR/$CONFIG_H"
- cmake -DGEN_FILES=OFF -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_CONFIG_FILE=full_config.h .
+ cmake -DGEN_FILES=OFF -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h .
make
msg "build: cmake (in-tree) with -DMBEDTLS_CONFIG_FILE + -DMBEDTLS_USER_CONFIG_FILE"
@@ -224,7 +224,7 @@
# that nothing else depends on).
echo '#undef MBEDTLS_SSL_ALL_ALERT_MESSAGES' >user_config.h
- cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=full_config.h -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE=full_crypto_config.h -DMBEDTLS_USER_CONFIG_FILE=user_config.h .
+ cmake -DGEN_FILES=OFF -DMBEDTLS_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_config.h -DMBEDTLS_USER_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/user_config.h -DTF_PSA_CRYPTO_CONFIG_FILE=/$MBEDTLS_ROOT_DIR/full_crypto_config.h .
make
not programs/test/query_compile_time_config MBEDTLS_SSL_ALL_ALERT_MESSAGES
diff --git a/tests/scripts/components-configuration-crypto.sh b/tests/scripts/components-configuration-crypto.sh
index 6897038..b548137 100644
--- a/tests/scripts/components-configuration-crypto.sh
+++ b/tests/scripts/components-configuration-crypto.sh
@@ -270,7 +270,7 @@
scripts/config.py unset MBEDTLS_PLATFORM_NV_SEED_ALT
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_READ
scripts/config.py unset MBEDTLS_PLATFORM_STD_NV_SEED_WRITE
- make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
+ make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS '-DTF_PSA_CRYPTO_USER_CONFIG_FILE=\"../tests/configs/user-config-for-test.h\"'" LDFLAGS="$ASAN_CFLAGS"
msg "test: full + MBEDTLS_PSA_INJECT_ENTROPY"
make test
@@ -422,7 +422,7 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-symmetric-only.h - unit tests"
@@ -1405,7 +1405,7 @@
msg "build: configs/config-tfm.h"
MBEDTLS_CONFIG="configs/config-tfm.h"
CRYPTO_CONFIG="configs/ext/crypto_config_profile_medium.h"
- CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-tfm.h - unit tests"
@@ -2650,22 +2650,22 @@
}
component_build_psa_config_file () {
- msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE" # ~40s
+ msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE" # ~40s
cp "$CRYPTO_CONFIG_H" psa_test_config.h
- echo '#error "MBEDTLS_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H"
- make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'"
+ echo '#error "TF_PSA_CRYPTO_CONFIG_FILE is not working"' >"$CRYPTO_CONFIG_H"
+ make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"'"
# Make sure this feature is enabled. We'll disable it in the next phase.
programs/test/query_compile_time_config MBEDTLS_CMAC_C
make clean
- msg "build: make with MBEDTLS_PSA_CRYPTO_CONFIG_FILE + MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s
+ msg "build: make with TF_PSA_CRYPTO_CONFIG_FILE + TF_PSA_CRYPTO_USER_CONFIG_FILE" # ~40s
# In the user config, disable one feature and its dependencies, which will
# reflect on the mbedtls configuration so we can query it with
# query_compile_time_config.
echo '#undef PSA_WANT_ALG_CMAC' >psa_user_config.h
echo '#undef PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128' >> psa_user_config.h
echo '#undef MBEDTLS_CMAC_C' >> psa_user_config.h
- make CFLAGS="-I '$PWD' -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DMBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'"
+ make CFLAGS="-I '$PWD' -DTF_PSA_CRYPTO_CONFIG_FILE='\"psa_test_config.h\"' -DTF_PSA_CRYPTO_USER_CONFIG_FILE='\"psa_user_config.h\"'"
not programs/test/query_compile_time_config MBEDTLS_CMAC_C
rm -f psa_test_config.h psa_user_config.h
diff --git a/tests/scripts/components-configuration-tls.sh b/tests/scripts/components-configuration-tls.sh
index 701a42c..9333ad1 100644
--- a/tests/scripts/components-configuration-tls.sh
+++ b/tests/scripts/components-configuration-tls.sh
@@ -22,7 +22,7 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-suite-b.h - unit tests"
@@ -170,7 +170,7 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-thread.h - unit tests"
@@ -193,7 +193,7 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-ccm-psk-tls1_2.h - unit tests"
@@ -216,7 +216,7 @@
# whether they're on or off. So, disable cmake's (over-sensitive here)
# dependency resolution for generated files and just rely on them being
# present (thanks to pre_generate_files) by turning GEN_FILES off.
- CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DMBEDTLS_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
+ CC=$ASAN_CC cmake -D GEN_FILES=Off -DMBEDTLS_CONFIG_FILE="$MBEDTLS_CONFIG" -DTF_PSA_CRYPTO_CONFIG_FILE="$CRYPTO_CONFIG" -D CMAKE_BUILD_TYPE:String=Asan .
make
msg "test: configs/config-ccm-psk-dtls1_2.h - unit tests"
diff --git a/tf-psa-crypto/CMakeLists.txt b/tf-psa-crypto/CMakeLists.txt
index d30b787..b9eaa41 100644
--- a/tf-psa-crypto/CMakeLists.txt
+++ b/tf-psa-crypto/CMakeLists.txt
@@ -359,11 +359,11 @@
endif()
if(TF_PSA_CRYPTO_CONFIG_FILE)
target_compile_definitions(${target}
- PUBLIC MBEDTLS_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
+ PUBLIC TF_PSA_CRYPTO_CONFIG_FILE="${TF_PSA_CRYPTO_CONFIG_FILE}")
endif()
if(TF_PSA_CRYPTO_USER_CONFIG_FILE)
target_compile_definitions(${target}
- PUBLIC MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
+ PUBLIC TF_PSA_CRYPTO_USER_CONFIG_FILE="${TF_PSA_CRYPTO_USER_CONFIG_FILE}")
endif()
endfunction(set_config_files_compile_definitions)
diff --git a/tf-psa-crypto/include/psa/crypto_config.h b/tf-psa-crypto/include/psa/crypto_config.h
index bd23957..9ab347f 100644
--- a/tf-psa-crypto/include/psa/crypto_config.h
+++ b/tf-psa-crypto/include/psa/crypto_config.h
@@ -608,7 +608,7 @@
//#define MBEDTLS_IGNORE_RETURN( result ) ((void) !(result))
/**
- * \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_CONFIG_FILE
*
* If defined, this is a header which will be included instead of
* `"psa/crypto_config.h"`.
@@ -623,13 +623,13 @@
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
-//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
+//#define TF_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
/**
- * \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
+ * \def TF_PSA_CRYPTO_USER_CONFIG_FILE
*
* If defined, this is a header which will be included after
- * `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
+ * `"psa/crypto_config.h"` or #TF_PSA_CRYPTO_CONFIG_FILE.
* This allows you to modify the default configuration, including the ability
* to undefine options that are enabled by default.
*
@@ -640,7 +640,7 @@
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
-//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
+//#define TF_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
/**
* \def MBEDTLS_SELF_TEST