If the user has set a value in the build environment, it will be used.
Otherwise, if SDK has a default value, it will be picked.
If either of these values are lower than 0x0501 (XP) we should not force
some calls that will not work on the minimum target OS. We should use
dynamic loading of these API's to support them in higher versions of the
OS.
winsock2.h needs to be included before windows.h and will pick the
default _WIN32_WINNT from the SDK or use the one from the user, by
setting _WIN32_WINNT in the CFLAGS.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
The _WIN32_WINNT value will pick the default value for the SDK when
including windows.h. Depending on its value some calls will be possible or not.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
On runtime it will attempt to get FindFirstFileW() from kernel32.dll
but it's not there and the DLL/program containing mbedtls will not load.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
On runtime it will attempt to get inet_pton() from ws2_32.dll
but it's not there and the DLL/program containing mbedtls will not load.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
On runtime it will attempt to get CryptAcquireContext() from advapi32.dll
but it's not there and the DLL/program containing mbedtls will not load.
Signed-off-by: Steve Lhomme <robux4@ycbcr.xyz>
This is an internal detail of the ECC arithmetic implementation, only
exposed for the sake of the unit tests
Mbed TLS 3.4.0 was released with the type mbedtls_ecp_modulus_type defined
in a public header, but without Doxygen documentation, and without any
public function or data structure using it. So removing it is not an API
break.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This reverts commit f1e396c427.
Performance is slightly better with this reverted, especially
for AES-CBC 192.
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
Attempt to fix failing test by dealing with overflow with three rounds,
instead of previous subtract modulus solution. Also optimise out shifts
by using memcpy / memmove instead. Remove final sub to return canonical
result, as this is not required here.
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
Ensure that all possible config options are documented by building the
docs in the realfull config on Read The Docs.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
We no longer support TLS 1.0, TLS 1.1 or CBC record splitting since 3.0,
but those where still referenced here.
While at it, group things in a more logical way in this component.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Several components needed to remove it, with the same comment every
time. It's probably just chance that other components happened to work
despite it being enabled.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
Compared to the previous scheme, this avoid the problem of having to
warn about adjusting PSA_WANT in the wrong place.
Also, it allows enabling MBEDTLS_PSA_CRYPTO_CONFIG in adjust_config
rather than having to repeat it in every single component.
It also plays more nicely with components that have an associated
reference component and use a common config function. (Some of them were
already using the new order.)
Finally, "configure, build, run the tests" seems more natural than
"configure, build, configure, build, test" (and, coming back to the
initial point, it avoid questions about what to configure when).
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
