Return a const char* instead of taking a char* as an argument.
This aligns us with the interface used in TF PSA Crypto.
Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com>
`check_config.h` only needs to run once on the configuration. It doesn't
need to run every time an application is built. It used to be public up to
Mbed TLS 2.x because it was included from `config.h`, and users could
substitute that file completely and should still include `check_config.h`
from their file. But since Mbed TLS 3.x, including `check_config.h` is a
purely internal thing (done in `build_info.h`). So make the file itself
purely internal.
We don't need to include `check_config.h` when building every library file,
just one: `mbedtls_config.c`, that's its job.
Give the file a unique name, to avoid any clashes with TF-PSA-Crypto's
`check_config.h`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Fix compilation error when `mbedtls/oid.h` is included without having first
included `mbedtls/asn1.h`. Fix#10326
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Following the removal of the legacy hash, cipher,
CMAC, AEAD, and RSA configuration options in
TF-PSA-Crypto, update the "requires" comments that
referred to the removed options.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
For the test_psa_crypto_config_accel_rsa_crypto component,
ignore test cases that depend on MBEDTLS_GENPRIME being enabled.
When all RSA cryptographic operations are provided by drivers,
MBEDTLS_GENPRIME will not be enabled, as it will no longer be a configuration
option.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The header `mbedtls/oid.h` now belongs to the X.509 library. Move the
declarations of `mbedtls_oid_get_numeric_string()` and
`mbedtls_oid_from_numeric_string()` back to this header, which is where they
were in all previous releases of Mbed TLS. This avoids gratuitously breaking
backward compatibility.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
For each function in `x509_oid.c`, determine where it is used and only
include it in the build if it is needed by the X.509 code. Define the
corresponding internal tables only when they are consumed by a function.
This makes Mbed TLS completely independent of the compilation option
`MBEDTLS_OID_C`. This option remains present only in sample configs for
crypto, where it must stay until TF-PSA-Crypto no longer relies on this
option.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Some code that parses or writes X.509 needs to know OID values. We provide a
convenient list. Don't remove this list from the public interface of the
library.
For user convenience, expose these values in the same header as before and
with the same name as before: `MBEDTLS_OID_xxx` in `<mbedtls/oid.h>`.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This will be a subset of the former `<mbedtls/oid.h>`, with only macro
definitions, no function declarations.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
