Release-5.3.0 (#130)

aoune-ayoub · web-flow · commit f67ec1c793ca · 2024-08-28T14:46:43.000+02:00
By creating this pull request you agree to the terms in CONTRIBUTING.md. https://github.com/Infineon/.github/blob/master/CONTRIBUTING.md --- DO NOT DELETE ANYTHING ABOVE THIS LINE --- CONTRIBUTING.md also tells you what to expect in the PR process. Description Added defines for default config file for MbedTLS Context Default config will be used by applications that does not rely on a user config file for MbedTLS
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## 5.3.0 (2024-08-28)
+* Add options for default configuration for MBEDTLS.
+
 ## 5.2.0 (2024-08-22)
 * Add shared memory pthread mutex for multi-process and multi-threads applications for Linux.
 * Improve pal_os_event logging.
diff --git a/config/mbedtls_default_config.h b/config/mbedtls_default_config.h
@@ -1498,3 +1498,33 @@
  * requisites are enabled as well.
  */
 #undef MBEDTLS_GCM_C
+
+/**
+ * \def MBEDTLS_AES_ALT
+ *
+ * MBEDTLS__MODULE_NAME__ALT: Uncomment a macro to let Mbed TLS use your
+ * alternate core implementation of a symmetric crypto, an arithmetic or hash
+ * module (e.g. platform specific assembly optimized implementations). Keep
+ * in mind that the function prototypes should remain the same.
+ *
+ * This replaces the whole module. If you only want to replace one of the
+ * functions, use one of the MBEDTLS__FUNCTION_NAME__ALT flags.
+ *
+ * Example: In case you uncomment MBEDTLS_AES_ALT, Mbed TLS will no longer
+ * provide the "struct mbedtls_aes_context" definition and omit the base
+ * function declarations and implementations. "aes_alt.h" will be included from
+ * "aes.h" to include the new function definitions.
+ *
+ * Uncomment a macro to enable alternate implementation of the corresponding
+ * module.
+ *
+ * \warning   MD2, MD4, MD5, ARC4, DES and SHA-1 are considered weak and their
+ *            use constitutes a security risk. If possible, we recommend
+ *            avoiding dependencies on them, and considering stronger message
+ *            digests and ciphers instead.
+ *
+ */
+#undef MBEDTLS_CMAC_ALT
+#undef MBEDTLS_SHA256_ALT
+#undef MBEDTLS_SHA256_PROCESS_ALT
+#undef MBEDTLS_GCM_ALT
