@@ -47,49 +47,6 @@ append_code() {
4747 " $FILE "
4848}
4949
50- # add an #ifndef to include config-no-entropy.h when the target does not have
51- # an entropy source we can use.
52- append_code \
53- " #ifndef MBEDTLS_CONFIG_H\n"
54- " \n"
55- " #include \" platform\/inc\/platform_mbed.h\" \n"
56- " \n"
57- " \/*\n"
58- " * Only use features that do not require an entropy source when\n"
59- " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n"
60- " *\/\n"
61- " #if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\ \n"
62- " !defined(MBEDTLS_ENTROPY_NV_SEED)\n"
63- " #include \" mbedtls\/config-no-entropy.h\" \n"
64- " \n"
65- " #if defined(MBEDTLS_USER_CONFIG_FILE)\n"
66- " #include MBEDTLS_USER_CONFIG_FILE\n"
67- " #endif\n"
68- " \n"
69- " #else\n"
70-
71- prepend_code \
72- " #endif \/\* MBEDTLS_CONFIG_H \*\/"
73- " \n"
74- " #endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY && !MBEDTLS_ENTROPY_NV_SEED *\/\n"
75- " \n"
76- " #if defined(MBEDTLS_TEST_NULL_ENTROPY)\n"
77- " #warning \" MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\ \n"
78- " \" configuration is not secure and is not suitable for production use\" \n"
79- " #endif\n"
80- " \n"
81- " #if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\ \n"
82- " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n"
83- " #error \" No entropy source was found at build time, so TLS \" \\\\ \n"
84- " \" functionality is not available\" \n"
85- " #endif\n"
86- " \n"
87- " #if defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA)\n"
88- " #define MBEDTLS_PSA_HAS_ITS_IO\n"
89- " #define MBEDTLS_USE_PSA_CRYPTO\n"
90- " #endif\n"
91- " \n"
92-
9350# not supported on mbed OS, nor used by mbed Client
9451conf unset MBEDTLS_NET_C
9552conf unset MBEDTLS_TIMING_C
@@ -165,3 +122,50 @@ conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO
165122# Reduce the maximal MBEDTLS_MPI_MAX_SIZE to 512 bytes,
166123# which should fit RSA 4096 bit keys.
167124conf set MBEDTLS_MPI_MAX_SIZE 512
125+
126+ # Explicitly unset MBEDTLS_USE_PSA_CRYPTO as this will be set based on the
127+ # FEATURE_PSA flag in Mbed OS
128+ conf unset MBEDTLS_USE_PSA_CRYPTO
129+
130+ # add an #ifndef to include config-no-entropy.h when the target does not have
131+ # an entropy source we can use.
132+ append_code \
133+ " #ifndef MBEDTLS_CONFIG_H\n"
134+ " \n"
135+ " #include \" platform\/inc\/platform_mbed.h\" \n"
136+ " \n"
137+ " \/*\n"
138+ " * Only use features that do not require an entropy source when\n"
139+ " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n"
140+ " *\/\n"
141+ " #if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\ \n"
142+ " !defined(MBEDTLS_ENTROPY_NV_SEED)\n"
143+ " #include \" mbedtls\/config-no-entropy.h\" \n"
144+ " \n"
145+ " #if defined(MBEDTLS_USER_CONFIG_FILE)\n"
146+ " #include MBEDTLS_USER_CONFIG_FILE\n"
147+ " #endif\n"
148+ " \n"
149+ " #else\n"
150+
151+ prepend_code \
152+ " #endif \/\* MBEDTLS_CONFIG_H \*\/"
153+ " \n"
154+ " #endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY && !MBEDTLS_ENTROPY_NV_SEED *\/\n"
155+ " \n"
156+ " #if defined(MBEDTLS_TEST_NULL_ENTROPY)\n"
157+ " #warning \" MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\ \n"
158+ " \" configuration is not secure and is not suitable for production use\" \n"
159+ " #endif\n"
160+ " \n"
161+ " #if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\ \n"
162+ " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n"
163+ " #error \" No entropy source was found at build time, so TLS \" \\\\ \n"
164+ " \" functionality is not available\" \n"
165+ " #endif\n"
166+ " \n"
167+ " #if defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA)\n"
168+ " #define MBEDTLS_PSA_HAS_ITS_IO\n"
169+ " #define MBEDTLS_USE_PSA_CRYPTO\n"
170+ " #endif\n"
171+ " \n"
0 commit comments