diff --git a/core/mbedtls/importer/Makefile b/core/mbedtls/importer/Makefile new file mode 100644 index 0000000000..ff66e46c31 --- /dev/null +++ b/core/mbedtls/importer/Makefile @@ -0,0 +1,86 @@ +########################################################################### +# +# Copyright (c) 2013-2016, ARM Limited, All Rights Reserved +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +########################################################################### + +# Set the mbed TLS release to import (this can/should be edited before import) +MBED_TLS_RELEASE:=yotta-2.3.0 + +# Translate between mbed TLS namespace and mbed namespace +TARGET_PREFIX:=../ +TARGET_SRC:=$(TARGET_PREFIX)src +TARGET_INC:=$(TARGET_PREFIX)inc + +# mbed TLS source directory - hidden from mbed via TARGET_IGNORE +MBED_TLS_URL:=https://github.com/ARMmbed/mbedtls.git +MBED_TLS_DIR:=TARGET_IGNORE/mbedtls +MBED_TLS_API:=$(MBED_TLS_DIR)/include/mbedtls +MBED_TLS_GIT_CFG=$(MBED_TLS_DIR)/.git/config + +.PHONY: all deploy rsync mbedtls clean update + +all: mbedtls + +mbedtls: deploy + +rsync: + # + # Copying mbed TLS into mbed library... + rm -rf $(TARGET_SRC) + rsync -a --exclude='*.txt' $(MBED_TLS_DIR)/library/ $(TARGET_SRC) + # + # Copying mbed TLS headers to mbed includes... + rm -rf $(TARGET_INC) + mkdir -p $(TARGET_INC) + rsync -a --delete $(MBED_TLS_API) $(TARGET_INC) + # + # Copying licenses + cp $(MBED_TLS_DIR)/LICENSE $(TARGET_PREFIX) + cp $(MBED_TLS_DIR)/apache-2.0.txt $(TARGET_PREFIX) + +deploy: rsync + # + # Adjusting the default mbed TLS config file to mbed purposes + ./adjust-config.sh $(MBED_TLS_DIR)/scripts/config.pl $(TARGET_INC)/mbedtls/config.h + +update: $(MBED_TLS_GIT_CFG) + # + # Updating to latest mbed TLS library version + git -C $(MBED_TLS_DIR) checkout development + git -C $(MBED_TLS_DIR) pull --rebase origin development + # + # Checking out the required release + git -C $(MBED_TLS_DIR) checkout $(MBED_TLS_RELEASE) + # + # Updating checked out version tag + git -C $(MBED_TLS_DIR) describe --tags --abbrev=40 --dirty > $(TARGET_PREFIX)VERSION.txt + # + # Updated list of authors, sorted by contributions + git -C $(MBED_TLS_DIR) shortlog -s -n > $(TARGET_PREFIX)AUTHORS.txt + +$(MBED_TLS_GIT_CFG): + rm -rf $(MBED_TLS_DIR) + git clone $(MBED_TLS_URL) $(MBED_TLS_DIR) + +clean: + rm -f $(TARGET_PREFIX)LICENSE + rm -f $(TARGET_PREFIX)apache-2.0.txt + rm -f $(TARGET_PREFIX)VERSION.txt + rm -f $(TARGET_PREFIX)AUTHORS.txt + rm -rf $(TARGET_SRC) + rm -rf $(TARGET_INC) + rm -rf $(MBED_TLS_DIR) diff --git a/core/mbedtls/importer/TARGET_IGNORE/.gitignore b/core/mbedtls/importer/TARGET_IGNORE/.gitignore new file mode 100644 index 0000000000..940141ac03 --- /dev/null +++ b/core/mbedtls/importer/TARGET_IGNORE/.gitignore @@ -0,0 +1 @@ +mbedtls diff --git a/core/mbedtls/importer/adjust-config.sh b/core/mbedtls/importer/adjust-config.sh new file mode 100755 index 0000000000..170d3070ad --- /dev/null +++ b/core/mbedtls/importer/adjust-config.sh @@ -0,0 +1,73 @@ +#!/bin/sh + +set -eu + +if [ $# -ne 2 ]; then + echo "Usage: $0 path/to/config.pl path/to/config.h" >&2 + exit 1 +fi + +SCRIPT=$1 +FILE=$2 + +conf() { + $SCRIPT -f $FILE $@ +} + +# not supported on mbed OS, nor used by mbed Client +conf unset MBEDTLS_NET_C +conf unset MBEDTLS_TIMING_C + +# not supported on all targets with mbed OS, nor used by mbed Client +conf unset MBEDTLS_FS_IO + +conf unset MBEDTLS_CIPHER_MODE_CFB +conf unset MBEDTLS_CIPHER_MODE_CTR +conf unset MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS +conf unset MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN +conf unset MBEDTLS_CIPHER_PADDING_ZEROS +conf unset MBEDTLS_ECP_DP_SECP192R1_ENABLED +conf unset MBEDTLS_ECP_DP_SECP224R1_ENABLED +conf unset MBEDTLS_ECP_DP_SECP521R1_ENABLED +conf unset MBEDTLS_ECP_DP_SECP192K1_ENABLED +conf unset MBEDTLS_ECP_DP_SECP224K1_ENABLED +conf unset MBEDTLS_ECP_DP_SECP256K1_ENABLED +conf unset MBEDTLS_ECP_DP_BP256R1_ENABLED +conf unset MBEDTLS_ECP_DP_BP384R1_ENABLED +conf unset MBEDTLS_ECP_DP_BP512R1_ENABLED +conf unset MBEDTLS_PK_PARSE_EC_EXTENDED + +conf unset MBEDTLS_AESNI_C +conf unset MBEDTLS_ARC4_C +conf unset MBEDTLS_BLOWFISH_C +conf unset MBEDTLS_CAMELLIA_C +conf unset MBEDTLS_DES_C +conf unset MBEDTLS_DHM_C +conf unset MBEDTLS_GENPRIME +conf unset MBEDTLS_MD5_C +conf unset MBEDTLS_PADLOCK_C +conf unset MBEDTLS_PEM_WRITE_C +conf unset MBEDTLS_PKCS5_C +conf unset MBEDTLS_PKCS12_C +conf unset MBEDTLS_RIPEMD160_C +conf unset MBEDTLS_SHA1_C +conf unset MBEDTLS_XTEA_C + +conf unset MBEDTLS_X509_RSASSA_PSS_SUPPORT + +conf unset MBEDTLS_X509_CSR_PARSE_C +conf unset MBEDTLS_X509_CREATE_C +conf unset MBEDTLS_X509_CRT_WRITE_C +conf unset MBEDTLS_X509_CSR_WRITE_C + +conf unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED +conf unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED +conf unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED +conf unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED +conf unset MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED +conf unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED +conf unset MBEDTLS_SSL_FALLBACK_SCSV +conf unset MBEDTLS_SSL_CBC_RECORD_SPLITTING +conf unset MBEDTLS_SSL_PROTO_TLS1 +conf unset MBEDTLS_SSL_PROTO_TLS1_1 +conf unset MBEDTLS_SSL_TRUNCATED_HMAC