Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
This is to patch upstream MbedTLS issue:
https://github.com/Mbed-TLS/mbedtls/issues/9425
that triggers a -Werror=undef when MBEDTLS_SSL_PROTO_DTLS
is undefined. There is no other way to silence that warning
and it breaks builds in systems with -Werror. Once the
upstream issue is resolved, this can be reverted.
Signed-off-by: George Poulios <gpoulios@census-labs.com>
Even though one could in theory simply set CONFIG_MBEDTLS_VERSION="3.6.2",
this commit is needed for 2 reasons:
1. The patches need to be updated: 0001 works almost as-is (with fuzz 2)
but 0002 hunk #4 fails and needed adjustment. Otherwise, the patches
are identical.
2. mbedtls_config.h needs to be updated: Following the same approach
for the Kconfig this commit updates both Kconfig and mbedtls_config.h
according to the changes:
mbedtls$ git diff v3.4.0...v3.6.2 -- include/mbedtls/mbedtls_config.h
Minor edits also to crypto/controlse to comply with v3.6.2.
Signed-off-by: George Poulios <gpoulios@census-labs.com>
* \def MBEDTLS_CONFIG_FILE
*
* If defined, this is a header which will be included instead of
* `"mbedtls/mbedtls_config.h"`.
no need to specify MBEDTLS_CONFIG_FILE
Signed-off-by: makejian <makejian@xiaomi.com>
(1)aes-xts sets the key length to only 256 and 512 bits
(2)when the key length of aes-xts is 512 bits, MAX_KEY_SIZE needs to be expanded to 64 bytes.
(3)check invalid input length and mode
Signed-off-by: makejian <makejian@xiaomi.com>
if !defined(unix) && !defined(__unix) && !defined(__unix__) && \
!defined(__APPLE__) && !defined(_WIN32) && !defined(__QNXNTO__) && \
!defined(__HAIKU__) && !defined(__midipix__)
error
"Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in mbedtls_config.h"
nuttx/libs/libxx/libcxx/include/__config
nuttx/libs/libxx/libcxx/include/limits.h:40,
apps/crypto/mbedtls/mbedtls/include/mbedtls/check_config.h:31,
apps/crypto/mbedtls/mbedtls/include/mbedtls/build_info.h:151,
apps/crypto/mbedtls/mbedtls/library/common.h:26,
apps/crypto/mbedtls/mbedtls/library/entropy_poll.c:25
if defined(__NuttX__)
undef __linux__
undef __APPLE__
undef __FreeBSD__
undef __GLIBC__
undef __NetBSD__
undef _WIN32
undef __sun__
undef _AIX
/ For the current use of the __unix__ macro in this library,
/ NuttX is not __unix__.
/ This might need to be revisited in future.
undef __unix__
endif
Signed-off-by: zhanghongyu <zhanghongyu@xiaomi.com>
mbedtls/library/alignment.h:98:5: warning: writing 4 bytes into a region of size 0 [-Wstringop-overflow=]
98 | memcpy(p, &x, sizeof(x));
| ^~~~~~~~~~~~~~~~~~~~~~~~
mbedtls/library/cmac.c: In function 'mbedtls_cipher_cmac_finish':
mbedtls/library/cmac.c:288:19: note: at offset 20 into destination object 'M_last' of size 16
288 | unsigned char M_last[MBEDTLS_CIPHER_BLKSIZE_MAX];
| ^~~~~~
Signed-off-by: cuiziwei <cuiziwei@xiaomi.com>
The configuration of Kconfig used by the nuttx before is not consistent with the mbedtls default configuration. This patch update configuration is consistent with the default configuration.
Signed-off-by: makejian <makejian@xiaomi.com>
Build break on Assemble compiler if -fno-omit-frame-pointer and -O3 enabled at same time
{standard input}: Assembler messages:
{standard input}:2560: Error: branch out of range
make[2]: *** [apps/Application.mk:170: mbedtls/library/sha256.o] Error 1
Signed-off-by: chao an <anchao@xiaomi.com>
(1)add dev_alt to manage /dev/crypto
(2)add sha_alt to alternate sha1 algorithm
(3)use new mbedtls_config.h to admin configs of mbedtls
Signed-off-by: makejian <makejian@xiaomi.com>
This option, which resolves to -w when CONFIG_CYGWIN_WINTOOL is
configured, is now appended to INCDIR in tools/Config.mk.
See git commit # 5eae32577e5d5226e5d3027c169eeb369f83f77d in the main
