diff --git a/features/mbedtls/importer/adjust-config.sh b/features/mbedtls/importer/adjust-config.sh index f172d5dc2e..60b9502282 100755 --- a/features/mbedtls/importer/adjust-config.sh +++ b/features/mbedtls/importer/adjust-config.sh @@ -47,49 +47,6 @@ append_code() { "$FILE" } -# add an #ifndef to include config-no-entropy.h when the target does not have -# an entropy source we can use. -append_code \ - "#ifndef MBEDTLS_CONFIG_H\n" \ - "\n" \ - "#include \"platform\/inc\/platform_mbed.h\"\n" \ - "\n" \ - "\/*\n" \ - " * Only use features that do not require an entropy source when\n" \ - " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n" \ - " *\/\n" \ - "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ - " !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ - "#include \"mbedtls\/config-no-entropy.h\"\n" \ - "\n" \ - "#if defined(MBEDTLS_USER_CONFIG_FILE)\n" \ - "#include MBEDTLS_USER_CONFIG_FILE\n" \ - "#endif\n" \ - "\n" \ - "#else\n" - -prepend_code \ - "#endif \/\* MBEDTLS_CONFIG_H \*\/" \ - "\n" \ - "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY && !MBEDTLS_ENTROPY_NV_SEED *\/\n" \ - "\n" \ - "#if defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \ - "#warning \"MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\\n" \ - " \"configuration is not secure and is not suitable for production use\"\n" \ - "#endif\n" \ - "\n" \ - "#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ - " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ - "#error \"No entropy source was found at build time, so TLS \" \\\\\n" \ - " \"functionality is not available\"\n" \ - "#endif\n" \ - "\n" \ - "#if defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA)\n" \ - " #define MBEDTLS_PSA_HAS_ITS_IO\n" \ - " #define MBEDTLS_USE_PSA_CRYPTO\n" \ - "#endif\n" \ - "\n" - # not supported on mbed OS, nor used by mbed Client conf unset MBEDTLS_NET_C conf unset MBEDTLS_TIMING_C @@ -165,3 +122,46 @@ conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO # Reduce the maximal MBEDTLS_MPI_MAX_SIZE to 512 bytes, # which should fit RSA 4096 bit keys. conf set MBEDTLS_MPI_MAX_SIZE 512 + +# add an #ifndef to include config-no-entropy.h when the target does not have +# an entropy source we can use. +append_code \ + "#ifndef MBEDTLS_CONFIG_H\n" \ + "\n" \ + "#include \"platform\/inc\/platform_mbed.h\"\n" \ + "\n" \ + "\/*\n" \ + " * Only use features that do not require an entropy source when\n" \ + " * DEVICE_ENTROPY_SOURCE is not defined in mbed OS.\n" \ + " *\/\n" \ + "#if !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ + " !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ + "#include \"mbedtls\/config-no-entropy.h\"\n" \ + "\n" \ + "#if defined(MBEDTLS_USER_CONFIG_FILE)\n" \ + "#include MBEDTLS_USER_CONFIG_FILE\n" \ + "#endif\n" \ + "\n" \ + "#else\n" + +prepend_code \ + "#endif \/\* MBEDTLS_CONFIG_H \*\/" \ + "\n" \ + "#endif \/* !MBEDTLS_ENTROPY_HARDWARE_ALT && !MBEDTLS_TEST_NULL_ENTROPY && !MBEDTLS_ENTROPY_NV_SEED *\/\n" \ + "\n" \ + "#if defined(MBEDTLS_TEST_NULL_ENTROPY)\n" \ + "#warning \"MBEDTLS_TEST_NULL_ENTROPY has been enabled. This \" \\\\\n" \ + " \"configuration is not secure and is not suitable for production use\"\n" \ + "#endif\n" \ + "\n" \ + "#if defined(MBEDTLS_SSL_TLS_C) && !defined(MBEDTLS_TEST_NULL_ENTROPY) && \\\\\n" \ + " !defined(MBEDTLS_ENTROPY_HARDWARE_ALT) && !defined(MBEDTLS_ENTROPY_NV_SEED)\n" \ + "#error \"No entropy source was found at build time, so TLS \" \\\\\n" \ + " \"functionality is not available\"\n" \ + "#endif\n" \ + "\n" \ + "#if defined(FEATURE_EXPERIMENTAL_API) && defined(FEATURE_PSA)\n" \ + " #define MBEDTLS_PSA_HAS_ITS_IO\n" \ + " #define MBEDTLS_USE_PSA_CRYPTO\n" \ + "#endif\n" \ + "\n"