Disable PK_PARSE and PK_WRITE
This is what TF-M intended and they have done so since we copied the file. It's either disable these options, or enable MBEDTLS_OID_C. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
Yanray Wang
parent
eaa1c5619a
commit
da26a5172c
1 changed files with 11 additions and 2 deletions
|
|
@ -35,8 +35,17 @@
|
|||
/* TF-M provides its own (dummy) implemenations which Mbed TLS doesn't need. */
|
||||
#undef MBEDTLS_AES_SETKEY_DEC_ALT
|
||||
#undef MBEDTLS_AES_DECRYPT_ALT
|
||||
/* pkparse.c fails to link without this. */
|
||||
#define MBEDTLS_OID_C
|
||||
/* The configuration we have enables MBEDTLS_PK_PARSE_C and MBEDTLS_PK_WRITE_C
|
||||
* but not MBEDTLS_OID_C. This is inconsistent, and leads to a link error
|
||||
* when using one of the mbedtls_pk_parse_xxx or mbedtls_pk_write_xxx
|
||||
* functions that depend on an mbedtls_oid_xxx function.
|
||||
* Mbed TLS needs PK parse/write for RSA with PSA, but the medium
|
||||
* profile doesn't have RSA. Later versions of TF-M no longer enable
|
||||
* PK parse/write: it wasn't a wanted feature. So disable it here
|
||||
* (otherwise we'd have to enable MBEDTLS_OID_C).
|
||||
*/
|
||||
#undef MBEDTLS_PK_PARSE_C
|
||||
#undef MBEDTLS_PK_WRITE_C
|
||||
|
||||
/* Use built-in platform entropy functions. */
|
||||
#undef MBEDTLS_NO_PLATFORM_ENTROPY
|
||||
|
|
|
|||
Loading…
Reference in a new issue