This information was already present in SECURITY.md and SUPPORT.md, but that
wasn't very apparent.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This change enables automatic detection and consumption of Mbed TLS
library targets from within other CMake projects. By generating an
`MbedTLSConfig.cmake` file, consuming projects receive a more complete
view of these targets, allowing them to be used as dependencies which
properly inherit the transitive dependencies of the libraries.
This is fairly fragile, as it seems Mbed TLS's libraries do not appear
to properly model their dependencies on other targets, including
third-party dependencies. It is, however, sufficient for building and
linking the compiled Mbed TLS libraries when there are no third-party
dependencies involved. Further work is needed for more complex
use-cases, but this will likely meet the needs of most projects.
Resolves#298. Probably useful for #2857.
Signed-off-by: Chris Kay <chris.kay@arm.com>
Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.
Update the library modules using PSA crypto APIs
to get rid of key handles.
Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
The Doxygen-generated manual includes PSA interfaces, so we don't need
to tell people to read the specification instead. Do link to the
specification portal, but from the PSA API section, not from the Mbed
TLS documentation section.
Adapted from the section in Mbed Crypto, with the addition of specific
compiler versions. Only mention Python 3; Python 2 may still work but
it is no longer supported upstream so we will not maintain
compatibility anymore.
The Mbed TLS project no longer requires a CLA. Contributions from now on
must be made under both Apache-2.0 AND GPL-2.0-or-later licenses, to enable
LTS (Long Term Support) branches of the software to continue to be provided
under either Apache-2.0 OR GPL-2.0-or-later. Contributors must accept the
terms of the Developer Certificate of Origin (DCO) by adding a Signed-off-by:
line to each commit message.
The software on the development branch continues to be provided under
Apache-2.0.
Update README.md, CONTRIBUTING.md and pull_request_template.md to explain
the new licensing model. Add a copy of the DCO to the project.
Expand the full Apache-2.0 license text in the LICENSE file and remove the
redundant apache-2.0.txt.
Signed-off-by: Dan Handley <dan.handley@arm.com>
git grep -Fl /config.pl | xargs sed -i -e 's!/config\.pl!/config.py!g'
Also:
* Change one comment in include/mbedtls/check_config.h.
* Change PERL to PYTHON in CMakeLists.txt.
Adapt tests in all.sh:
- tests with submodule enabled (default) no longer need to enable it
explicitly, and no longer need runtime tests, as those are now handled by
all other test cases in this script
- tests with submodule disabled (old default) now need to disable it
explicitly, and execute some runtime tests, as those are no longer tested
anywhere else in this script
Adapt documentation in Readme: remove the section "building with submodule"
and replace it with a new section before the other building sections.
Purposefully don't document how to build not from the submodule, as that
option is going away soon.
Yotta is no longer supported by Mbed TLS, so has been removed. Specifically, the
following changes have been made:
* references to yotta have been removed from the main readme and build
instructions
* the yotta module directory and build script has been removed
* yotta has been removed from test scripts such as all.sh and check-names.sh
* yotta has been removed from other files that that referenced it such as the
doxyfile and the bn_mul.h header
* yotta specific configurations and references have been removed from config.h