Andrew Geissler | 7e0e3c0 | 2022-02-25 20:34:39 +0000 | [diff] [blame] | 1 | SUMMARY = "Lightweight crypto and SSL/TLS library" |
| 2 | DESCRIPTION = "mbedtls is a lean open source crypto library \ |
| 3 | for providing SSL and TLS support in your programs. It offers \ |
| 4 | an intuitive API and documented header files, so you can actually \ |
| 5 | understand what the code does. It features: \ |
| 6 | \ |
| 7 | - Symmetric algorithms, like AES, Blowfish, Triple-DES, DES, ARC4, \ |
| 8 | Camellia and XTEA \ |
| 9 | - Hash algorithms, like SHA-1, SHA-2, RIPEMD-160 and MD5 \ |
| 10 | - Entropy pool and random generators, like CTR-DRBG and HMAC-DRBG \ |
| 11 | - Public key algorithms, like RSA, Elliptic Curves, Diffie-Hellman, \ |
| 12 | ECDSA and ECDH \ |
| 13 | - SSL v3 and TLS 1.0, 1.1 and 1.2 \ |
| 14 | - Abstraction layers for ciphers, hashes, public key operations, \ |
| 15 | platform abstraction and threading \ |
| 16 | " |
| 17 | |
| 18 | HOMEPAGE = "https://tls.mbed.org/" |
| 19 | |
| 20 | LICENSE = "Apache-2.0" |
| 21 | LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" |
| 22 | |
| 23 | SECTION = "libs" |
| 24 | |
| 25 | S = "${WORKDIR}/git" |
Andrew Geissler | c5535c9 | 2023-01-27 16:10:19 -0600 | [diff] [blame^] | 26 | SRCREV = "89f040a5c938985c5f30728baed21e49d0846a53" |
Andrew Geissler | 7e0e3c0 | 2022-02-25 20:34:39 +0000 | [diff] [blame] | 27 | SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" |
| 28 | |
| 29 | inherit cmake |
| 30 | |
| 31 | PACKAGECONFIG ??= "shared-libs programs" |
| 32 | PACKAGECONFIG[shared-libs] = "-DUSE_SHARED_MBEDTLS_LIBRARY=ON,-DUSE_SHARED_MBEDTLS_LIBRARY=OFF" |
| 33 | PACKAGECONFIG[programs] = "-DENABLE_PROGRAMS=ON,-DENABLE_PROGRAMS=OFF" |
| 34 | PACKAGECONFIG[werror] = "-DMBEDTLS_FATAL_WARNINGS=ON,-DMBEDTLS_FATAL_WARNINGS=OFF" |
Andrew Geissler | c5535c9 | 2023-01-27 16:10:19 -0600 | [diff] [blame^] | 35 | # Make X.509 and TLS calls use PSA |
| 36 | # https://github.com/Mbed-TLS/mbedtls/blob/development/docs/use-psa-crypto.md |
| 37 | PACKAGECONFIG[psa] = "" |
Andrew Geissler | 7e0e3c0 | 2022-02-25 20:34:39 +0000 | [diff] [blame] | 38 | |
| 39 | EXTRA_OECMAKE = "-DENABLE_TESTING=OFF -DLIB_INSTALL_DIR:STRING=${libdir}" |
| 40 | |
Andrew Geissler | c5535c9 | 2023-01-27 16:10:19 -0600 | [diff] [blame^] | 41 | # For now the only way to enable PSA is to explicitly pass a -D via CFLAGS |
| 42 | CFLAGS:append = "${@bb.utils.contains('PACKAGECONFIG', 'psa', ' -DMBEDTLS_USE_PSA_CRYPTO', '', d)}" |
| 43 | |
Andrew Geissler | 7e0e3c0 | 2022-02-25 20:34:39 +0000 | [diff] [blame] | 44 | PROVIDES += "polarssl" |
| 45 | RPROVIDES:${PN} = "polarssl" |
| 46 | |
| 47 | PACKAGES =+ "${PN}-programs" |
| 48 | FILES:${PN}-programs = "${bindir}/" |
| 49 | |
| 50 | BBCLASSEXTEND = "native nativesdk" |
Patrick Williams | 2194f50 | 2022-10-16 14:26:09 -0500 | [diff] [blame] | 51 | |
| 52 | CVE_PRODUCT = "mbed_tls" |
| 53 | |
| 54 | # Fix merged upstream https://github.com/Mbed-TLS/mbedtls/pull/5310 |
| 55 | CVE_CHECK_IGNORE += "CVE-2021-43666" |
| 56 | # Fix merged upstream https://github.com/Mbed-TLS/mbedtls/commit/9a4a9c66a48edfe9ece03c7e4a53310adf73a86c |
| 57 | CVE_CHECK_IGNORE += "CVE-2021-45451" |