From f67ec1c793caa0bc24533483ea3ad4c487a81ecf Mon Sep 17 00:00:00 2001 From: aoune-ayoub <155721931+aoune-ayoub@users.noreply.github.com> Date: Wed, 28 Aug 2024 14:46:43 +0200 Subject: [PATCH] Release-5.3.0 (#130) By creating this pull request you agree to the terms in CONTRIBUTING.md. https://github.com/Infineon/.github/blob/master/CONTRIBUTING.md --- DO NOT DELETE ANYTHING ABOVE THIS LINE --- CONTRIBUTING.md also tells you what to expect in the PR process. Description Added defines for default config file for MbedTLS Context Default config will be used by applications that does not rely on a user config file for MbedTLS --- CHANGELOG.md | 3 +++ config/mbedtls_default_config.h | 30 ++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cdea78e..d3062a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +## 5.3.0 (2024-08-28) +* Add options for default configuration for MBEDTLS. + ## 5.2.0 (2024-08-22) * Add shared memory pthread mutex for multi-process and multi-threads applications for Linux. * Improve pal_os_event logging. diff --git a/config/mbedtls_default_config.h b/config/mbedtls_default_config.h index a6d534b..d40619e 100644 --- a/config/mbedtls_default_config.h +++ b/config/mbedtls_default_config.h @@ -1498,3 +1498,33 @@ * requisites are enabled as well. */ #undef MBEDTLS_GCM_C + +/** + * \def MBEDTLS_AES_ALT + * + * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your + * alternate core implementation of a symmetric crypto, an arithmetic or hash + * module (e.g. platform specific assembly optimized implementations). Keep + * in mind that the function prototypes should remain the same. + * + * This replaces the whole module. If you only want to replace one of the + * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags. + * + * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer + * provide the "struct mbedtls_aes_context" definition and omit the base + * function declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation of the corresponding + * module. + * + * \warning MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their + * use constitutes a security risk. If possible, we recommend + * avoiding dependencies on them, and considering stronger message + * digests and ciphers instead. + * + */ +#undef MBEDTLS_CMAC_ALT +#undef MBEDTLS_SHA256_ALT +#undef MBEDTLS_SHA256_PROCESS_ALT +#undef MBEDTLS_GCM_ALT