Some of the lines in `platform_mbed.h` only have `FEATURE_PSA`
checked, which is always set for Mbed OS PSA targets but the PSA
APIs are not actually available unless `FEATURE_EXPERIMENTAL_API`
is also enabled. To fix this and improve readability, group all
PSA-related lines and check both macros.
Do not compile the Mbed implementation of Mbed TLS unless
MBEDTLS_TIMING_ALT is defined. This prevents a macro check error on
devices that do not have LPTICKER or USTICKER when Mbed TLS timing
is not enabled.
When MBEDTLS_TIMING_C and MBEDTLS_TIMING_ALT are enabled,
the Arm Compiler generates errors like the following (one for
each missing symbol):
Error: L6218E: Undefined symbol mbedtls_timing_get_delay
Reason:
The function `mbedtls_timing_self_test()` in the Mbed TLS default
`timing.c` always gets compiled, if MBEDTLS_SELF_TEST is defined.
And MBEDTLS_SELF_TEST is always defined, as we have a Greentea test
to run some of the Mbed TLS self tests. (In the future we should try
not to enable MBEDTLS_SELF_TEST except for tests, but it requires
a rework in our test flow.)
`mbedtls_timing_self_test()` tests (calls) the full API declared in
`timing.h`, and the ARM Compiler requires all symbols referenced by
all functions to be defined, even those not used by the final
application. This is unlike GCC_ARM which resolves what are required.
Solution:
To fix the "undefined symbol" errors, we add an implementation of
`mbedtls_timing_get_timer()` based on Mbed OS `LowPowerTimer` or
`Timer` (depending on which one is available), and copy Mbed TLS's
default `mbedtls_timing_set_delay()` and `mbedtls_timing_get_delay()`
which are built on top of `mbedtls_timing_get_timer()`. This will also
benefit user applications that need to enable timing in Mbed TLS.
Previously we used `gettimeofday()` for Mbed TLS timing, but its
implementation provided by Mbed OS is only precise to seconds. The
microsecond component of the output `struct timeval` is always set
to zero. But Mbed TLS requires millisecond precision.
To provide required timing precision, switch to use `LowPowerTicker`
or (microsecond) `Ticker`. `LowPowerTicker` is preferred as it saves
power and Mbed TLS does not require microsecond precision.
We get a linker warning with the recently added timing module
implementation for Mbed. This is because there is Mbed TLS also ships a
file called timing.c, which we are including in Mbed OS also. With CLI
1, we get an error about unique object files because of the similarly
named implementation files.
Object file timing.o is not unique! It could be made from: mbed-os/connectivity/mbedtls/source/timing.c mbed-os/connectivity/mbedtls/platform/src/timing.cpp
Rename the Mbed timing module implementation to timing_mbed.cpp to avoid
this naming conflict.
Fixes: b8781e527b ("mbedtls: Add an alt implementation of timing")
Fixes#14759
The compiler gave redefinition warnings if
MBEDTLS_ENTROPY_HARDWARE_ALT is defined in the the compile
definitions. A check is added to prevent this warning.
Don't attempt to use default_random_seed unless both PSA and Experimental API
support are enabled. This prevents errors when the Mbed TLS NV Seed feature is
being used on platforms that have PSA enabled by default, but not Experimental
API support by default.
[DEBUG] Output: compilation terminated.
[ERROR] In file included from ./mbed-os/connectivity/mbedtls/include/mbedtls/config.h:31,
from ./mbed-os/connectivity/mbedtls/include/mbedtls/entropy.h:28,
./mbed-os/connectivity/mbedtls/platform/inc/platform_mbed.h:26:10: fatal error: default_random_seed.h: No such file or directory
26 | #include "default_random_seed.h"
Add license identifier to files which Arm owns the copyright to,
and contain either BSD-3 or Apache-2.0 licenses. This is to address
license errors raised by scancode analysis.
Lingkai Dong
Martin Kojtal
Jaeden Amero
Bora Özgen
Harrison Mutai
George Psimenos