tls/crypto: Make mbed-crypto importer independent

Obtain the version of Mbed Crypto to use not from the Mbed TLS
submodule, but independently through the Mbed Crypto importer instead.

Author: Patater

features/mbedtls/importer/Makefile

@@ -32,34 +32,15 @@ MBED_TLS_REPO_URL ?= [email protected]:ARMmbed/mbedtls-restricted.git
 
 # Translate between mbed TLS namespace and mbed namespace
 TARGET_PREFIX:=../
-TARGET_PREFIX_CRYPTO:=../mbed-crypto/
 TARGET_SRC:=$(TARGET_PREFIX)src
 TARGET_INC:=$(TARGET_PREFIX)inc
 TARGET_TESTS:=$(TARGET_PREFIX)TESTS
 
-# New folder structure is introduced here for targets with Secured-Partition-Environment
-# and Non-Secured-Partition-Environment, below documentation for each folder:
-# COMPONENT_PSA_SRV_IMPL - include secure service business logic implementation
-# code. For example Mbed Crypto or secure time core logic
-TARGET_SRV_IMPL:=$(TARGET_PREFIX_CRYPTO)/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL
-# COMPONENT_SPE - include code that compiles ONLY to secure image and never
-# compiles to non-secure image
-TARGET_SPE:=$(TARGET_PREFIX_CRYPTO)/platform/TARGET_PSA/COMPONENT_SPE
-# The folder contain specific target implementation using hardware.
-TARGET_PSA_DRIVERS:=$(TARGET_PREFIX_CRYPTO)/targets
-# COMPONENT_NSPE - include code that compiles ONLY to non-secure image and
-# never compiles to secure image
-TARGET_NSPE:=$(TARGET_SRV_IMPL)/COMPONENT_NSPE
-
 # mbed TLS source directory - hidden from mbed via TARGET_IGNORE
 MBED_TLS_DIR:=TARGET_IGNORE/mbedtls
 MBED_TLS_API:=$(MBED_TLS_DIR)/include/mbedtls
 MBED_TLS_GIT_CFG=$(MBED_TLS_DIR)/.git/config
 
-# Mbed Crypto directory - hidden from mbed via TARGET_IGNORE
-MBED_CRYPTO_DIR:=$(MBED_TLS_DIR)/crypto
-MBED_CRYPTO_API:=$(MBED_CRYPTO_DIR)/include/psa
-
 .PHONY: all deploy deploy-tests rsync mbedtls clean update
 
 all: mbedtls
@@ -81,23 +62,6 @@ rsync:
 	cp $(MBED_TLS_DIR)/LICENSE $(TARGET_PREFIX)
 	cp $(MBED_TLS_DIR)/apache-2.0.txt $(TARGET_PREFIX)
 	#
-	# Create Mbed Crypto target folder
-	mkdir -p $(TARGET_PREFIX_CRYPTO)
-	#
-	# Copying Mbed Crypto into Mbed OS..
-	rm -rf $(TARGET_SRV_IMPL)
-	rm -rf $(TARGET_SPE)
-
-	mkdir -p $(TARGET_SRV_IMPL)
-	mkdir -p $(TARGET_SPE)
-	mkdir -p $(TARGET_NSPE)
-	mkdir -p $(TARGET_PSA_DRIVERS)
-
-	rsync -a --delete --exclude='crypto_struct.h' $(MBED_CRYPTO_API) $(TARGET_INC)
-	rsync -a --delete $(MBED_CRYPTO_API)/crypto_struct.h $(TARGET_NSPE)
-	rsync -a --delete $(MBED_CRYPTO_API)/crypto_struct.h $(TARGET_SPE)/crypto_struct_spe.h
-	rsync -a --delete $(MBED_CRYPTO_DIR)/library/psa_*.c $(TARGET_SRV_IMPL)
-	rsync -a --delete $(MBED_CRYPTO_DIR)/library/psa_*.h $(TARGET_SRV_IMPL)
 
 deploy: rsync
 	#
@@ -128,14 +92,8 @@ update: $(MBED_TLS_GIT_CFG)  $(MBED_TLS_HA_GIT_CFG)
 	# Checking out the required release
 	git -C $(MBED_TLS_DIR) checkout $(MBED_TLS_RELEASE)
 	#
-	# Update and checkout git submodules
-	git -C $(MBED_TLS_DIR) submodule update --init --recursive
-	#
 	# Updating checked out version tag
 	echo $(MBED_TLS_RELEASE) > $(TARGET_PREFIX)VERSION.txt
-	#
-	# Updating Mbed Crypto checked out version tag
-	git -C $(MBED_CRYPTO_DIR) describe --tags --abbrev=12 --dirty --always >> $(TARGET_PREFIX)VERSION.txt
 
 $(MBED_TLS_GIT_CFG):
 	rm -rf $(MBED_TLS_DIR)
@@ -149,5 +107,3 @@ clean:
 	rm -rf $(TARGET_SRC)
 	rm -rf $(TARGET_INC)
 	rm -rf $(MBED_TLS_DIR)
-	rm -rf $(TARGET_SRV_IMPL)
-	rm -rf $(TARGET_SPE)

features/mbedtls/importer/adjust-config.sh

@@ -146,7 +146,7 @@ conf unset MBEDTLS_PLATFORM_TIME_TYPE_MACRO
 # which should fit RSA 4096 bit keys.
 conf set MBEDTLS_MPI_MAX_SIZE     512
 
-# The following configurations are a needed for Mbed Crypto submodule.
+# The following configurations are needed for Mbed Crypto.
 # They are related to the persistent key storage feature.
 conf set MBEDTLS_PSA_CRYPTO_STORAGE_C
 conf set MBEDTLS_PSA_CRYPTO_STORAGE_ITS_C

features/mbedtls/mbed-crypto/importer/Makefile

@@ -0,0 +1,115 @@
+###########################################################################
+#
+#  Copyright (c) 2016, ARM Limited, All Rights Reserved
+#  SPDX-License-Identifier: Apache-2.0
+#
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+###########################################################################
+
+#
+# Use this file to import an Mbed Crypto release into Mbed OS as follows:
+#
+#   1) Set the CRYPTO_RELEASE variable to the required Mbed Crypto release
+#      tag
+#   2) make update
+#   3) make
+#   4) commit and push changes via git
+#
+
+# Set the Mbed Crypto release to import (this can/should be edited before
+# import)
+CRYPTO_RELEASE ?= mbedcrypto-0.1.0b2
+CRYPTO_REPO_URL ?= [email protected]:ARMmbed/mbed-crypto.git
+
+# Translate between Mbed Crypto namespace and Mbed OS namespace
+TARGET_PREFIX:=..
+TARGET_INC:=$(TARGET_PREFIX)/inc
+
+# A folder structure is introduced here for targets that have both a Secure
+# Processing Environment (SPE) targets and Non-secure Processing Environment
+# (NSPE). Documentation for each folder as follows:
+# COMPONENT_PSA_SRV_IMPL - Include secure service implementation code. For
+# example PSA Crypto or PSA Secure Time implementations
+TARGET_SRV_IMPL:=$(TARGET_PREFIX)/platform/TARGET_PSA/COMPONENT_PSA_SRV_IMPL
+# COMPONENT_SPE - Include code that compiles ONLY to the SPE image and never
+# compiles to the NSPE image
+TARGET_SPE:=$(TARGET_PREFIX)/platform/TARGET_PSA/COMPONENT_SPE
+# COMPONENT_NSPE - Include code that compiles ONLY to the NSPE image and never
+# compiles to the SPE image
+TARGET_NSPE:=$(TARGET_SRV_IMPL)/COMPONENT_NSPE
+
+# Mbed Crypto source directory - hidden from mbed via TARGET_IGNORE
+CRYPTO_DIR:=TARGET_IGNORE/mbed-crypto
+CRYPTO_API:=$(CRYPTO_DIR)/include/psa
+CRYPTO_GIT_CFG=$(CRYPTO_DIR)/.git/config
+
+
+.PHONY: all rsync clean update
+
+all: rsync
+
+rsync:
+	#
+	# Copying Mbed Crypto headers to includes...
+	rm -rf $(TARGET_INC)
+	mkdir -p $(TARGET_INC)
+	rsync -a --delete --exclude='crypto_struct.h' $(CRYPTO_API) $(TARGET_INC)/
+	#
+	# Copying licenses
+	cp $(CRYPTO_DIR)/LICENSE $(TARGET_PREFIX)/
+	cp $(CRYPTO_DIR)/apache-2.0.txt $(TARGET_PREFIX)/
+	#
+	# Copying Mbed Crypto into Mbed OS...
+	rm -rf $(TARGET_SRV_IMPL)
+	rm -rf $(TARGET_SPE)
+
+	mkdir -p $(TARGET_SRV_IMPL)
+	mkdir -p $(TARGET_SPE)
+	mkdir -p $(TARGET_NSPE)
+
+	rsync -a --delete $(CRYPTO_API)/crypto_struct.h $(TARGET_NSPE)/
+	rsync -a --delete $(CRYPTO_API)/crypto_struct.h $(TARGET_SPE)/crypto_struct_spe.h
+	rsync -a --delete $(CRYPTO_DIR)/library/psa_*.c $(TARGET_SRV_IMPL)/
+	rsync -a --delete $(CRYPTO_DIR)/library/psa_*.h $(TARGET_SRV_IMPL)/
+
+update: $(CRYPTO_GIT_CFG)
+	#
+	# Updating to the specified Mbed Crypto library version
+	# (If it is not an initial checkout we will start with the repository
+	# being in a detached head state)
+	git -C $(CRYPTO_DIR) checkout development
+	git -C $(CRYPTO_DIR) pull --rebase origin development
+	#
+	# Checking out the required release
+	git -C $(CRYPTO_DIR) checkout $(CRYPTO_RELEASE)
+	#
+	# Update and checkout git submodules
+	git -C $(CRYPTO_DIR) submodule update --init --recursive
+	#
+	# Updating Mbed Crypto checked out version tag
+	git -C $(CRYPTO_DIR) describe --tags --abbrev=12 --dirty --always > $(TARGET_PREFIX)/VERSION.txt
+
+$(CRYPTO_GIT_CFG):
+	rm -rf $(CRYPTO_DIR)
+	git clone $(CRYPTO_REPO_URL) $(CRYPTO_DIR)
+
+clean:
+	rm -f $(TARGET_PREFIX)/LICENSE
+	rm -f $(TARGET_PREFIX)/apache-2.0.txt
+	rm -f $(TARGET_PREFIX)/VERSION.txt
+	rm -f $(TARGET_PREFIX)/AUTHORS.txt
+	rm -rf $(TARGET_INC)
+	rm -rf $(CRYPTO_DIR)
+	rm -rf $(TARGET_SRV_IMPL)
+	rm -rf $(TARGET_SPE)

features/mbedtls/mbed-crypto/importer/TARGET_IGNORE/.gitignore

@@ -0,0 +1 @@
+mbed-crypto