Merge changes from topic "update-mbedtls-to-3.6.2" into integration
* changes:
feat(mbedtls): mbedtls config update for v3.6.2
docs(prerequisites): update mbedtls to version 3.6.2
refactor(mbedtls): rename default mbedtls confs
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index c414b1f..32c2b39 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -31,7 +31,7 @@
Clang/LLVM 18.1.8
Device Tree Compiler 1.6.1
GNU make 3.81
-mbed TLS\ [#f1]_ 3.6.1
+mbed TLS\ [#f1]_ 3.6.2
Node.js [#f2]_ 16
OpenSSL 1.0.0
Poetry 1.3.2
diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk
index 765491e..b3c4c91 100644
--- a/drivers/auth/mbedtls/mbedtls_common.mk
+++ b/drivers/auth/mbedtls/mbedtls_common.mk
@@ -25,9 +25,9 @@
# Specify mbed TLS configuration file
ifeq (${PSA_CRYPTO},1)
- MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/psa_mbedtls_config.h>"
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/default_psa_mbedtls_config.h>"
else
- MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/mbedtls_config-3.h>"
+ MBEDTLS_CONFIG_FILE ?= "<drivers/auth/mbedtls/default_mbedtls_config.h>"
endif
$(eval $(call add_define,MBEDTLS_CONFIG_FILE))
diff --git a/include/drivers/auth/mbedtls/mbedtls_config-3.h b/include/drivers/auth/mbedtls/default_mbedtls_config.h
similarity index 96%
rename from include/drivers/auth/mbedtls/mbedtls_config-3.h
rename to include/drivers/auth/mbedtls/default_mbedtls_config.h
index 6ed9397..12a5fe1 100644
--- a/include/drivers/auth/mbedtls/mbedtls_config-3.h
+++ b/include/drivers/auth/mbedtls/default_mbedtls_config.h
@@ -11,6 +11,11 @@
*/
/*
+ * This file is compatible with versions >= 3.6.2
+ */
+#define MBEDTLS_CONFIG_VERSION 0x03060200
+
+/*
* Key algorithms currently supported on mbed TLS libraries
*/
#define TF_MBEDTLS_RSA 1
diff --git a/include/drivers/auth/mbedtls/psa_mbedtls_config.h b/include/drivers/auth/mbedtls/default_psa_mbedtls_config.h
similarity index 95%
rename from include/drivers/auth/mbedtls/psa_mbedtls_config.h
rename to include/drivers/auth/mbedtls/default_psa_mbedtls_config.h
index 1001d89..8926051 100644
--- a/include/drivers/auth/mbedtls/psa_mbedtls_config.h
+++ b/include/drivers/auth/mbedtls/default_psa_mbedtls_config.h
@@ -7,7 +7,7 @@
#ifndef PSA_MBEDTLS_CONFIG_H
#define PSA_MBEDTLS_CONFIG_H
-#include "mbedtls_config-3.h"
+#include "default_mbedtls_config.h"
#define MBEDTLS_PSA_CRYPTO_C
#define MBEDTLS_PSA_ASSUME_EXCLUSIVE_BUFFERS
diff --git a/plat/arm/board/tc/plat_tc_mbedtls_config.h b/plat/arm/board/tc/plat_tc_mbedtls_config.h
index 4fd8b6b..9118b0b 100644
--- a/plat/arm/board/tc/plat_tc_mbedtls_config.h
+++ b/plat/arm/board/tc/plat_tc_mbedtls_config.h
@@ -8,7 +8,7 @@
#define PLAT_TC_MBEDTLS_CONFIG_H
#include <export/lib/utils_def_exp.h>
-#include <mbedtls_config-3.h>
+#include <default_mbedtls_config.h>
#ifndef TF_MBEDTLS_HEAP_SIZE
#error TF_MBEDTLS_HEAP_SIZE is not defined
diff --git a/plat/arm/common/plat_arm_mbedtls_config.h b/plat/arm/common/plat_arm_mbedtls_config.h
index a5d0ec4..c2db595 100644
--- a/plat/arm/common/plat_arm_mbedtls_config.h
+++ b/plat/arm/common/plat_arm_mbedtls_config.h
@@ -7,7 +7,7 @@
#ifndef PLAT_ARM_MBEDTLS_CONFIG_H
#define PLAT_ARM_MBEDTLS_CONFIG_H
-#include <mbedtls_config-3.h>
+#include <default_mbedtls_config.h>
/**
* On Arm platforms, the ROTPK is always hashed using the SHA-256