Use latest TF-M config with bare-minimum changes Move all changes local to Mbed TLS into config-tfm.h (except for commenting out a couple of #include's). Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>

commit: 4edcf693e7d96ef4b6678f7d8b27529f8090d1dd [log] [tgz]
author: Dave Rodgman <dave.rodgman@arm.com> Wed Nov 15 12:23:29 2023 +0000
committer: Dave Rodgman <dave.rodgman@arm.com> Tue Nov 28 10:15:52 2023 +0000
tree: 1be8f20b126f34d62e4c02093a426b99e832fe90
parent: a326eb990d086e344660aea23928c6dd98c7020c [diff] [blame]
diff --git a/configs/config-tfm.h b/configs/config-tfm.h
index 4fa08ca..d987b63 100644
--- a/configs/config-tfm.h
+++ b/configs/config-tfm.h

@@ -28,3 +28,41 @@
  * but using the native allocator is faster and works better with
  * memory management analysis frameworks such as ASan. */
 #undef MBEDTLS_MEMORY_BUFFER_ALLOC_C
+
+// This macro is enabled in TFM Medium but is disabled here because it is
+// incompatible with baremetal builds in Mbed TLS.
+#undef MBEDTLS_PSA_CRYPTO_STORAGE_C
+
+// This macro is enabled in TFM Medium but is disabled here because it is
+// incompatible with baremetal builds in Mbed TLS.
+#undef MBEDTLS_ENTROPY_NV_SEED
+
+// These platform-related TF-M settings are not useful here.
+#undef MBEDTLS_PLATFORM_NO_STD_FUNCTIONS
+#undef MBEDTLS_PLATFORM_STD_MEM_HDR
+#undef MBEDTLS_PLATFORM_SNPRINTF_MACRO
+#undef MBEDTLS_PLATFORM_PRINTF_ALT
+#undef MBEDTLS_PLATFORM_STD_EXIT_SUCCESS
+#undef MBEDTLS_PLATFORM_STD_EXIT_FAILURE
+
+// We expect TF-M to pick this up soon
+#define MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
+
+/***********************************************************************
+ * Local changes to crypto config below this delimiter
+ **********************************************************************/
+
+/* Between Mbed TLS 3.4 and 3.5, the PSA_WANT_KEY_TYPE_RSA_KEY_PAIR macro
+ * (commented-out above) has been replaced with the following new macros: */
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_BASIC      1
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_IMPORT     1
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_EXPORT     1
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE   1
+//#define PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_DERIVE     1 /* Not supported */
+
+/* Between Mbed TLS 3.4 and 3.5, the following macros have been added: */
+//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_BASIC       1
+//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_IMPORT    1
+//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_EXPORT    1
+//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_GENERATE  1
+//#define PSA_WANT_KEY_TYPE_DH_KEY_PAIR_DERIVE    1 // Not supported
commit	4edcf693e7d96ef4b6678f7d8b27529f8090d1dd	[log] [tgz]
author	Dave Rodgman <dave.rodgman@arm.com>	Wed Nov 15 12:23:29 2023 +0000
committer	Dave Rodgman <dave.rodgman@arm.com>	Tue Nov 28 10:15:52 2023 +0000
tree	1be8f20b126f34d62e4c02093a426b99e832fe90
parent	a326eb990d086e344660aea23928c6dd98c7020c [diff] [blame]