Add config option for X.509/TLS to use PSA

This commit is contained in:
Manuel Pégourié-Gonnard 2018-10-22 12:14:52 +02:00 committed by Hanno Becker
parent 55517ae95f
commit aeefa49edd
4 changed files with 25 additions and 0 deletions

View file

@ -644,6 +644,10 @@
#endif #endif
#undef MBEDTLS_THREADING_IMPL #undef MBEDTLS_THREADING_IMPL
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_PSA_CRYPTO_C)
#error "MBEDTLS_USE_PSA_CRYPTO defined, but not all prerequisites"
#endif
#if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C) #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
#error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites" #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
#endif #endif

View file

@ -1582,6 +1582,20 @@
*/ */
//#define MBEDTLS_THREADING_PTHREAD //#define MBEDTLS_THREADING_PTHREAD
/**
* \def MBEDTLS_USE_PSA_CRYPTO
*
* Make the X.509 and TLS library use PSA for cryptographic operations, see
* #MBEDTLS_PSA_CRYPTO_C.
*
* Note: this option is still in progress, the full X.509 and TLS modules are
* not covered yet, but parts that are not ported to PSA yet will still work
* as usual, so enabling this option should not break backwards compatibility.
*
* Requires: MBEDTLS_PSA_CRYPTO_C.
*/
//#define MBEDTLS_USE_PSA_CRYPTO
/** /**
* \def MBEDTLS_VERSION_FEATURES * \def MBEDTLS_VERSION_FEATURES
* *

View file

@ -513,6 +513,9 @@ static const char *features[] = {
#if defined(MBEDTLS_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
"MBEDTLS_THREADING_PTHREAD", "MBEDTLS_THREADING_PTHREAD",
#endif /* MBEDTLS_THREADING_PTHREAD */ #endif /* MBEDTLS_THREADING_PTHREAD */
#if defined(MBEDTLS_USE_PSA_CRYPTO)
"MBEDTLS_USE_PSA_CRYPTO",
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#if defined(MBEDTLS_VERSION_FEATURES) #if defined(MBEDTLS_VERSION_FEATURES)
"MBEDTLS_VERSION_FEATURES", "MBEDTLS_VERSION_FEATURES",
#endif /* MBEDTLS_VERSION_FEATURES */ #endif /* MBEDTLS_VERSION_FEATURES */

View file

@ -37,6 +37,8 @@
# - this could be enabled if the respective tests were adapted # - this could be enabled if the respective tests were adapted
# MBEDTLS_ZLIB_SUPPORT # MBEDTLS_ZLIB_SUPPORT
# MBEDTLS_PKCS11_C # MBEDTLS_PKCS11_C
# MBEDTLS_USE_PSA_CRYPTO
# - experimental, and more an alternative implementation than a feature
# and any symbol beginning _ALT # and any symbol beginning _ALT
# #
@ -98,6 +100,8 @@ MBEDTLS_ZLIB_SUPPORT
MBEDTLS_PKCS11_C MBEDTLS_PKCS11_C
MBEDTLS_NO_UDBL_DIVISION MBEDTLS_NO_UDBL_DIVISION
MBEDTLS_NO_64BIT_MULTIPLICATION MBEDTLS_NO_64BIT_MULTIPLICATION
MBEDTLS_PSA_CRYPTO_SPM
MBEDTLS_USE_PSA_CRYPTO
_ALT\s*$ _ALT\s*$
); );