Enable MBEDTLS_PSA_CRYPTO_C by default

Also enable it in scripts/config.pl full, as well as two storage options that
were only blacklisted from full config because they depended on
MBEDTLS_PSA_CRYPTO_C.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-02-01 12:33:29 +01:00 committed by Andrzej Kurek
parent d8167e85d6
commit de7636e2dd
3 changed files with 9 additions and 11 deletions

View file

@ -2773,19 +2773,16 @@
* *
* Enable the Platform Security Architecture cryptography API. * Enable the Platform Security Architecture cryptography API.
* *
* \note This option only has an effect when the build option * \warning The PSA Crypto API is still beta status. While you're welcome to
* USE_CRYPTO_SUBMODULE is also in use. * experiment using it, incompatible API changes are still possible, and some
* * parts may not have reached the same quality as the rest of Mbed TLS yet.
* \warning This feature is experimental and available on an opt-in basis only.
* PSA APIs are subject to change at any time. The implementation comes with
* less assurance and support than the rest of Mbed TLS.
* *
* Module: crypto/library/psa_crypto.c * Module: crypto/library/psa_crypto.c
* *
* Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C * Requires: MBEDTLS_CTR_DRBG_C, MBEDTLS_ENTROPY_C
* *
*/ */
//#define MBEDTLS_PSA_CRYPTO_C #define MBEDTLS_PSA_CRYPTO_C
/** /**
* \def MBEDTLS_PSA_CRYPTO_STORAGE_C * \def MBEDTLS_PSA_CRYPTO_STORAGE_C

View file

@ -28,7 +28,6 @@
# MBEDTLS_ECP_DP_M511_ENABLED # MBEDTLS_ECP_DP_M511_ENABLED
# MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES # MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
# MBEDTLS_NO_PLATFORM_ENTROPY # MBEDTLS_NO_PLATFORM_ENTROPY
# MBEDTLS_PSA_CRYPTO_C
# MBEDTLS_REMOVE_ARC4_CIPHERSUITES # MBEDTLS_REMOVE_ARC4_CIPHERSUITES
# MBEDTLS_REMOVE_3DES_CIPHERSUITES # MBEDTLS_REMOVE_3DES_CIPHERSUITES
# MBEDTLS_SSL_HW_RECORD_ACCEL # MBEDTLS_SSL_HW_RECORD_ACCEL
@ -40,7 +39,6 @@
# MBEDTLS_PKCS11_C # MBEDTLS_PKCS11_C
# MBEDTLS_USE_PSA_CRYPTO # MBEDTLS_USE_PSA_CRYPTO
# - experimental, and more an alternative implementation than a feature # - experimental, and more an alternative implementation than a feature
# MBEDTLS_PSA_CRYPTO_STORAGE_C
# MBEDTLS_PSA_ITS_FILE_C # MBEDTLS_PSA_ITS_FILE_C
# MBEDTLS_PSA_CRYPTO_SPM # MBEDTLS_PSA_CRYPTO_SPM
# MBEDTLS_PSA_INJECT_ENTROPY # MBEDTLS_PSA_INJECT_ENTROPY
@ -95,7 +93,6 @@ MBEDTLS_ECP_DP_M383_ENABLED
MBEDTLS_ECP_DP_M511_ENABLED MBEDTLS_ECP_DP_M511_ENABLED
MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
MBEDTLS_NO_PLATFORM_ENTROPY MBEDTLS_NO_PLATFORM_ENTROPY
MBEDTLS_PSA_CRYPTO_C
MBEDTLS_RSA_NO_CRT MBEDTLS_RSA_NO_CRT
MBEDTLS_REMOVE_ARC4_CIPHERSUITES MBEDTLS_REMOVE_ARC4_CIPHERSUITES
MBEDTLS_REMOVE_3DES_CIPHERSUITES MBEDTLS_REMOVE_3DES_CIPHERSUITES
@ -107,7 +104,6 @@ MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_UDBL_DIVISION
MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_NO_64BIT_MULTIPLICATION
MBEDTLS_USE_PSA_CRYPTO MBEDTLS_USE_PSA_CRYPTO
MBEDTLS_PSA_CRYPTO_STORAGE_C
MBEDTLS_PSA_ITS_FILE_C MBEDTLS_PSA_ITS_FILE_C
MBEDTLS_PSA_CRYPTO_SPM MBEDTLS_PSA_CRYPTO_SPM
MBEDTLS_PSA_INJECT_ENTROPY MBEDTLS_PSA_INJECT_ENTROPY

View file

@ -837,6 +837,9 @@ component_test_not_submodule_make () {
msg "build: make, full config without USE_CRYPTO_SUBMODULE, gcc+debug" msg "build: make, full config without USE_CRYPTO_SUBMODULE, gcc+debug"
scripts/config.pl full scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl unset MBEDTLS_USE_PSA_CRYPTO # depends on PSA
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # only works from submodule
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on PSA
make CC=gcc CFLAGS='-g' USE_CRYPTO_SUBMODULE=0 make CC=gcc CFLAGS='-g' USE_CRYPTO_SUBMODULE=0
msg "test: submodule libmbedcrypto wasn't built (no USE_CRYPTO_SUBMODULE, make)" msg "test: submodule libmbedcrypto wasn't built (no USE_CRYPTO_SUBMODULE, make)"
@ -858,6 +861,8 @@ component_test_not_submodule_cmake () {
msg "build: cmake, full config without USE_CRYPTO_SUBMODULE, gcc+debug" msg "build: cmake, full config without USE_CRYPTO_SUBMODULE, gcc+debug"
scripts/config.pl full scripts/config.pl full
scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_C # only works from submodule
scripts/config.pl unset MBEDTLS_PSA_CRYPTO_STORAGE_C # depends on PSA
CC=gcc cmake -D CMAKE_BUILD_TYPE=Debug -D USE_CRYPTO_SUBMODULE=Off . CC=gcc cmake -D CMAKE_BUILD_TYPE=Debug -D USE_CRYPTO_SUBMODULE=Off .
make make