2021-11-19 18:01:40 +01:00
|
|
|
/*
|
|
|
|
* Mbed TLS configuration for PSA test driver libraries. It includes:
|
|
|
|
* . the minimum set of modules needed by the PSA core.
|
|
|
|
* . the Mbed TLS configuration options that may need to be additionally
|
|
|
|
* enabled for the purpose of a specific test.
|
|
|
|
* . the PSA configuration file for the Mbed TLS library and its test drivers.
|
2021-04-28 18:29:24 +02:00
|
|
|
*/
|
|
|
|
/*
|
|
|
|
* Copyright The Mbed TLS Contributors
|
2023-11-02 20:47:20 +01:00
|
|
|
* SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
|
2021-04-28 18:29:24 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef MBEDTLS_CONFIG_H
|
|
|
|
#define MBEDTLS_CONFIG_H
|
|
|
|
|
|
|
|
#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
|
|
|
|
#define _CRT_SECURE_NO_DEPRECATE 1
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#define MBEDTLS_PSA_CRYPTO_C
|
|
|
|
#define MBEDTLS_PSA_CRYPTO_CONFIG
|
|
|
|
|
|
|
|
/* PSA core mandatory configuration options */
|
|
|
|
#define MBEDTLS_CIPHER_C
|
|
|
|
#define MBEDTLS_AES_C
|
|
|
|
#define MBEDTLS_SHA256_C
|
|
|
|
#define MBEDTLS_PSA_BUILTIN_ALG_SHA_256 1
|
|
|
|
#define MBEDTLS_CTR_DRBG_C
|
|
|
|
#define MBEDTLS_ENTROPY_C
|
Force SHA-256 for entropy in libtestdriver1
We only enable SHA-256, so let's use that.
Previously the entropy module was deciding which hash to use based on
MBEDTLS_xxx_C feature macros, and since only SHA256_C was defined in
config_test_driver.h, it used that and things worked.
However since entropy was changed to use MD light, and
MBEDTLS_MD_CAN_xxx feature macros, we had an issue: when building
libtestdriver1 with its default config, MBEDTLS_PSA_ACCEL_ALG_SHA_512 is
defined even though there's no actual accelerator in the build. (This is
done so that PSA_WANT_ALG_SHA_512 can remain defined in order to match
the application's config, while not defining
MBEDTLS_PSA_BUILTIN_ALG_SHA_512 in order to only include what we need in
the build of libtestdriver1.) This will cause MD to dispatch to PSA in
order to take advantage of the accelerator, which will then fail because
there is no accelerator not builtin for this hash.
In the long-term, perhaps it would be best to address the root of the
issue: defining MBEDTLS_PSA_ACCEL_ALG_SHA_512 in a build that doesn't
actually have a SHA-512 accelerator is a lie. But that would require
significant changes in libtestdriver1. So for now, just fix the most
obvious symptom (picking a non-supported hash in entropy.h) by forcing
the choice of hash to match what's in the libtestdriver1 config.
Note: if the copy of entropy module in libtestdriver1 doesn't work,
we'll get a failure when calling libtestdriver1_psa_crypto_init(), which
we do, from mbedtls_test_transparent_init(), indirectly called by our
psa_crypto_init() which will then fail.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-02-13 12:29:33 +01:00
|
|
|
#define MBEDTLS_ENTROPY_FORCE_SHA256
|
2021-04-28 18:29:24 +02:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Configuration options that may need to be additionally enabled for the
|
|
|
|
* purpose of a specific set of tests.
|
|
|
|
*/
|
|
|
|
//#define MBEDTLS_SHA1_C
|
2022-12-28 12:58:14 +01:00
|
|
|
//#define MBEDTLS_SHA224_C
|
2021-04-28 18:29:24 +02:00
|
|
|
//#define MBEDTLS_SHA384_C
|
|
|
|
//#define MBEDTLS_SHA512_C
|
2022-07-27 12:30:34 +02:00
|
|
|
//#define MBEDTLS_MD_C
|
2021-04-28 18:29:24 +02:00
|
|
|
//#define MBEDTLS_PEM_PARSE_C
|
|
|
|
//#define MBEDTLS_BASE64_C
|
|
|
|
|
|
|
|
#endif /* MBEDTLS_CONFIG_H */
|