Skip to content

Import Mbed TLS v2.15.0 with Mbed Crypto #8859

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 24, 2018
Merged

Import Mbed TLS v2.15.0 with Mbed Crypto #8859

merged 6 commits into from
Nov 24, 2018

Conversation

@Patater
Copy link
Contributor

@Patater Patater commented Nov 23, 2018
edited
Loading

Description

This PR supercedes #8723 and imports Mbed TLS and Mbed Crypto into Mbed OS.

This PR depends on:

Note that it's okay to merge this without #8730, it just means that when an application opts in to use PSA, they can't use persistent keys with the PSA ITS backend (only files).

Pull request type

[ ] Fix
[ ] Refactor
[ ] Target update
[X] Functionality change
[ ] Docs update
[ ] Test update
[ ] Breaking change

@Patater Patater changed the title Import Mbed TLS and Crypto Import Mbed TLS v2.15.0 with Mbed Crypto Nov 23, 2018
@0xc0170 0xc0170 requested a review from simonbutcher November 23, 2018 19:23
@0xc0170
Copy link
Contributor

0xc0170 commented Nov 23, 2018

So first #8667 than #8730 and this one right after

@Patater Patater mentioned this pull request Nov 23, 2018
Closed
@0xc0170
Copy link
Contributor

0xc0170 commented Nov 23, 2018

Who should review this one?

@Patater Patater changed the title Import Mbed TLS v2.15.0 with Mbed Crypto DO NOT MERGE YET - Import Mbed TLS v2.15.0 with Mbed Crypto Nov 23, 2018
@Patater Patater force-pushed the dev/Patater/import-mbed-tls-and-crypto branch from c3136de to 6802df9 Compare November 23, 2018 22:23
@Patater
Copy link
Contributor Author

Patater commented Nov 23, 2018

Rebased to use the official Mbed TLS 2.15.0 release instead of a release candidate.

@Patater Patater force-pushed the dev/Patater/import-mbed-tls-and-crypto branch from 6802df9 to d498c25 Compare November 23, 2018 22:35
dgreen-arm
dgreen-arm reviewed Nov 23, 2018
View reviewed changes
features/mbedtls/importer/Makefile Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo: mbedCrypto

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

@Patater Patater changed the title DO NOT MERGE YET - Import Mbed TLS v2.15.0 with Mbed Crypto Import Mbed TLS v2.15.0 with Mbed Crypto Nov 23, 2018
@Patater Patater force-pushed the dev/Patater/import-mbed-tls-and-crypto branch from 5db8396 to 0493f2e Compare November 23, 2018 22:41
dgreen-arm
dgreen-arm reviewed Nov 23, 2018
View reviewed changes
features/mbedtls/importer/Makefile Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably be non-secure, unless snon has some meaning

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in original commit that made the mistake

gilles-peskine-arm
gilles-peskine-arm reviewed Nov 23, 2018
View reviewed changes
features/mbedtls/importer/Makefile Outdated
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about targets that don't have an SPM? Won't they be missing some files?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Jaeden points me to https://github.com/ARMmbed/Mbed-PSA-Services-Docs/blob/master/build-system/rfc.md which says that those targets will get the files via PSA_SRV_IMPL. Looks ok then. CI should catch a missing file anyway.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's complicated how files are includes on targets with or without SPM. See https://github.com/ARMmbed/Mbed-PSA-Services-Docs/blob/master/build-system/rfc.md for details on the labeling and component system used.

mohammad1603 and others added 6 commits November 23, 2018 22:54
@mohammad1603 @Patater
Update mbedtls importer to import mbed-crypto
7ba359a
@mohammad1603 @Patater
Record Mbed Crypto version
1594568 
Record the version of Mbed Crypto into VERSION.txt for easy reference.
@Patater
Update adjust-config.sh to enable persistent keys
b85db48 
In adjust-config.h, set and unset Mbed Crypto storage configuration options
in order to use persistent keys with PSA ITS storage.
@mohammad1603 @Patater
Add mbed_lib.json for Mbed Crypto
1f4584f
@Patater
Mbed TLS importer: Call config.pl --force to accept unknown option
70f9497 
The new PSA-aware Mbed TLS importer script calls `config.pl` on the
Mbed TLS config.h to set the PSA configuration option
MBEDTLS_PSA_CRYPTO_STORAGE_C which isn't documented in config.h.
config.pl therefore fails, and so does the importer.

This commit fixes this by calling `config.pl` with the `--force`
option which amends the given `config.h` by a `#define` for the
requested option if the option isn't present in the file.
@Patater
Update Mbed TLS to mbedtls-2.15.0
3900b81
@Patater Patater force-pushed the dev/Patater/import-mbed-tls-and-crypto branch from 0493f2e to 3900b81 Compare November 23, 2018 22:54
@simonbutcher
Copy link
Contributor

@0xc0170 / @adbridge - we're good with shipping this release as is, and with the PR. Please run CI and merge!

@0xc0170
Copy link
Contributor

0xc0170 commented Nov 24, 2018

Note that it's okay to merge this without #8730, it just means that when an application opts in to use PSA, they can't use persistent keys with the PSA ITS backend (only files).

CI job triggered

@mbed-ci
Copy link

mbed-ci commented Nov 24, 2018

Test run: SUCCESS

Summary: 4 of 4 test jobs passed
Build number : 1
Build artifacts
Build logs

@0xc0170 0xc0170 merged commit 860e4be into ARMmbed:master Nov 24, 2018
This was referenced Nov 25, 2018
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@0xc0170 0xc0170 0xc0170 approved these changes

+3 more reviewers

@simonbutcher simonbutcher simonbutcher approved these changes

@gilles-peskine-arm gilles-peskine-arm gilles-peskine-arm approved these changes

@dgreen-arm dgreen-arm dgreen-arm approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

release-version: 5.11.0-rc1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@Patater @0xc0170 @simonbutcher @mbed-ci @dannybenor @gilles-peskine-arm @dgreen-arm @cmonr @mohammad1603