Adjust CMake minimum version to 3.20.2.
That is the version in CentOS which is
the rolling-delivery upstream of
RHEL 9.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Add more detail around how generation of configuration-independent files
chooses a C compiler. Mention that setting HOSTCC or CC is recommended
where there are multiple toolchains.
Mention that the fallback location is the cc executable, which may help
users troubleshooting when the file generation picks up the wrong
toolchain (as in Mbed-TLS/mbedtls#10360).
Signed-off-by: David Horstmann <david.horstmann@arm.com>
This link is broken in development as the document has been moved to the
TF-PSA-Crypto repository.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Some sentences or paragraphs became confusing or meaningless after
removing USE_PSA and only fixing the local context/semantics.
Fix the semantics where needed and remove parts that became meaningless.
Signed-off-by: Janos Follath <janos.follath@arm.com>
MBED_TLS_USE_PSA_CRYPTO is now always enabled we need to remove
documentation discussing cases when it is disabled.
Signed-off-by: Janos Follath <janos.follath@arm.com>
We had information in both README.md and CONTRIBUTING.md about Mbed TLS licensing,
but the information in CONTRIBUTING.md was missing that authors still need to
accept that their contributions may be distributed under both Apache 2.0 and
GPLv2-or-later.
Move all but the most high-level “Mbed TLS files are provided under the
Apache-2.0 license” statement to CONTRIBUTING.md, and tidy up the text a bit.
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
Don't link to the proposed specifications: they aren't good entry points
because they describe what we want to achieve, not what exists today. The
guide links to them, that's enough.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Our code is still compatible with Python 3.5 at the time of writing, but we
don't want to commit to that.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
The wording wasn't quite right for 3.0.0 and up: there's nothing special
about Python and sample programs (that was true in the end times of 2.x, but
not since 3.0). Python is not needed in a release unless you want to build
the tests or you want to integrate PSA drivers without writing your own C
wrappers.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Everything discussed in "Upcoming features" section is now available as a
usable, but incomplete feature (except "wider set of cryptographic
algorithms", but that doesn't need to be said). So replace it by a section
that briefly presents these features: drivers, and MBEDTLS_PSA_CRYPTO_CONFIG
which is primarily useful with drivers and thus doesn't get its own section.
Include an explicit note that the driver interface can still change. At this
time, it's the only place where we say that the driver interface is not
covered by the (application) interface stability promise.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Our build scripts invoke `python3` in preference to `python`, so make the
default instruction use `python3`. On many systems (macOS, some Linux),
`python` invokes Python 2 which our scripts do not support.
Suggest --user by default. It's usually the right thing outside of venvs.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
curves.pl, depends-hashes.pl, key-exchanges.pl and depends-pkalgs.pl are now superseded by depends.py.
Update all references to them accordingly.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
