Google Git
Sign in
android-kvm / trusted-firmware-a / ea14b51b838df0df1253df9259982bd57f26669e^! / .
commitea14b51b838df0df1253df9259982bd57f26669e[log] [tgz]
authorAlexei Fedorov <Alexei.Fedorov@arm.com>Mon Sep 21 12:23:54 2020 +0100
committerAlexei Fedorov <Alexei.Fedorov@arm.com>Thu Oct 01 11:12:18 2020 +0000
tree3b4000f5a938f9b8e638d0b330f1284f3b1a2353
parent428518c638da05f980280227ce43fa1655c70be1 [diff]
Crypto library: Migrate support to MbedTLS v2.24.0

This patch migrates the mbedcrypto dependency for TF-A
to mbedTLS repo v2.24.0 which is the latest release tag.
The relevant documentation is updated to reflect the
use of new version.

Change-Id: I116f44242e8c98e856416ea871d11abd3234dac1
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index 13e25cd..91ecdf3 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst

@@ -60,7 +60,7 @@
 
 The following libraries are required for Trusted Board Boot support:
 
-- mbed TLS == 2.18.0 (tag: ``mbedtls-2.18.0``)
+- mbed TLS == 2.24.0 (tag: ``mbedtls-2.24.0``)
 
 These tools are optional:
 

diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index 8454105..53ebe30 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk

@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
+# Copyright (c) 2015-2020, Arm Limited. All rights reserved.
 #
 # SPDX-License-Identifier: BSD-3-Clause
 #
@@ -35,7 +35,6 @@
 					bignum.c				\
 					gcm.c 					\
 					md.c					\
-					md_wrap.c				\
 					pk.c 					\
 					pk_wrap.c 				\
 					pkparse.c 				\

diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config.h
index dc00da7..ad39fa9 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/mbedtls_config.h

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, Arm Limited. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -63,6 +63,7 @@
 #define MBEDTLS_ECDSA_C
 #define MBEDTLS_ECP_C
 #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
+#define MBEDTLS_ECP_NO_INTERNAL_RNG
 #endif
 #if TF_MBEDTLS_USE_RSA
 #define MBEDTLS_RSA_C
@@ -101,6 +102,12 @@
 /* Memory buffer allocator options */
 #define MBEDTLS_MEMORY_ALIGN_MULTIPLE		8
 
+/*
+ * Prevent the use of 128-bit division which
+ * creates dependency on external libraries.
+ */
+#define MBEDTLS_NO_UDBL_DIVISION
+
 #ifndef __ASSEMBLER__
 /* System headers required to build mbed TLS with the current configuration */
 #include <stdlib.h>