Skip to content

Commit

Permalink
mbedtls: Move local mbedtls to v3.6.0
Browse files Browse the repository at this point in the history
The in-tree mbedtls (used for the simulator and some targets) is a few years
old, and currently is unable to pass the rsa tests when built with clang.
Update this mbed TLS to the v3.6.0 release.  This fixes clang support in the
simulator.

There are a few minor changes to configuration and what files are needed to
support newer version of Mbed TLS.

Fixes #1986

Signed-off-by: David Brown <david.brown@linaro.org>
  • Loading branch information
d3zd3z committed Jun 28, 2024
1 parent 1d79ef3 commit 2182e8e
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 6 deletions.
2 changes: 1 addition & 1 deletion ext/mbedtls
19 changes: 18 additions & 1 deletion sim/mcuboot-sys/build.rs
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,7 @@ fn main() {
conf.file("../../ext/mbedtls/library/chachapoly.c");
conf.file("../../ext/mbedtls/library/cipher.c");
conf.file("../../ext/mbedtls/library/cipher_wrap.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/ctr_drbg.c");
conf.file("../../ext/mbedtls/library/des.c");
conf.file("../../ext/mbedtls/library/ecdsa.c");
Expand All @@ -130,14 +131,14 @@ fn main() {
conf.file("../../ext/mbedtls/library/psa_crypto.c");
conf.file("../../ext/mbedtls/library/psa_crypto_cipher.c");
conf.file("../../ext/mbedtls/library/psa_crypto_client.c");
conf.file("../../ext/mbedtls/library/psa_crypto_driver_wrappers.c");
conf.file("../../ext/mbedtls/library/psa_crypto_ecp.c");
conf.file("../../ext/mbedtls/library/psa_crypto_hash.c");
conf.file("../../ext/mbedtls/library/psa_crypto_mac.c");
conf.file("../../ext/mbedtls/library/psa_crypto_rsa.c");
conf.file("../../ext/mbedtls/library/psa_crypto_slot_management.c");
conf.file("../../ext/mbedtls/library/psa_crypto_storage.c");
conf.file("../../ext/mbedtls/library/psa_its_file.c");
conf.file("../../ext/mbedtls/library/psa_util.c");
conf.file("../../ext/mbedtls/library/ripemd160.c");
conf.file("../../ext/mbedtls/library/rsa_alt_helpers.c");
conf.file("../../ext/mbedtls/library/sha1.c");
Expand Down Expand Up @@ -169,6 +170,9 @@ fn main() {

conf.file("../../ext/mbedtls/library/rsa.c");
conf.file("../../ext/mbedtls/library/bignum.c");
conf.file("../../ext/mbedtls/library/bignum_core.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/platform.c");
conf.file("../../ext/mbedtls/library/platform_util.c");
conf.file("../../ext/mbedtls/library/asn1parse.c");
Expand Down Expand Up @@ -202,6 +206,9 @@ fn main() {

conf.file("../../ext/mbedtls/library/asn1parse.c");
conf.file("../../ext/mbedtls/library/bignum.c");
conf.file("../../ext/mbedtls/library/bignum_core.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/ecdsa.c");
conf.file("../../ext/mbedtls/library/ecp.c");
conf.file("../../ext/mbedtls/library/ecp_curves.c");
Expand All @@ -221,6 +228,9 @@ fn main() {
conf.file("csupport/keys.c");
conf.file("../../ext/mbedtls/library/asn1parse.c");
conf.file("../../ext/mbedtls/library/bignum.c");
conf.file("../../ext/mbedtls/library/bignum_core.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/ecp.c");
conf.file("../../ext/mbedtls/library/ecp_curves.c");
conf.file("../../ext/mbedtls/library/platform.c");
Expand Down Expand Up @@ -282,6 +292,9 @@ fn main() {
conf.file("../../ext/mbedtls/library/md.c");
conf.file("../../ext/mbedtls/library/aes.c");
conf.file("../../ext/mbedtls/library/bignum.c");
conf.file("../../ext/mbedtls/library/bignum_core.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/asn1parse.c");
}

Expand All @@ -305,6 +318,7 @@ fn main() {
conf.conf.include("../../ext/mbedtls/library");
conf.file("../../ext/mbedtls/library/platform_util.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/cipher.c");
conf.file("../../ext/mbedtls/library/cipher_wrap.c");
conf.file("../../ext/mbedtls/library/aes.c");
Expand Down Expand Up @@ -369,6 +383,9 @@ fn main() {
conf.file("../../ext/mbedtls/library/sha256.c");
conf.file("../../ext/mbedtls/library/asn1parse.c");
conf.file("../../ext/mbedtls/library/bignum.c");
conf.file("../../ext/mbedtls/library/bignum_core.c");
conf.file("../../ext/mbedtls/library/constant_time.c");
conf.file("../../ext/mbedtls/library/nist_kw.c");
conf.file("../../ext/mbedtls/library/ecdh.c");
conf.file("../../ext/mbedtls/library/md.c");
conf.file("../../ext/mbedtls/library/aes.c");
Expand Down
1 change: 1 addition & 0 deletions sim/mcuboot-sys/csupport/config-ec-psa.h
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
#define MBEDTLS_BIGNUM_C
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
#define MBEDTLS_CIPHER_C
#if defined(MCUBOOT_SIGN_EC384)
#define MBEDTLS_SHA384_C
#define MBEDTLS_SHA512_C
Expand Down
5 changes: 1 addition & 4 deletions sim/mcuboot-sys/csupport/config-rsa-kw.h
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@

/* mbed TLS modules */
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
#define MBEDTLS_BIGNUM_C
#define MBEDTLS_MD_C
#define MBEDTLS_OID_C
Expand All @@ -72,10 +73,6 @@
#define MBEDTLS_CIPHER_C
#define MBEDTLS_NIST_KW_C

/* Save RAM by adjusting to our exact needs */
#define MBEDTLS_ECP_MAX_BITS 2048
#define MBEDTLS_MPI_MAX_SIZE 256

#define MBEDTLS_SSL_MAX_CONTENT_LEN 1024

/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
Expand Down

0 comments on commit 2182e8e

Please sign in to comment.