Add Mynewt support for bundled tinycrypt + mbedtls

This commit removes the pseudo tinycrypt package based on symlinks
by adding a new pkg.yml to ext/tinycrypt and using it directly. It
also uses the new mbed-tls bundled ASN1 parser when EC256 is selected.

Signed-off-by: Fabio Utzig <utzig@apache.org>

boot/bootutil/pkg.yml

@@ -34,10 +34,13 @@ pkg.cflags:
 pkg.deps:
     - "@mcuboot/boot/mynewt/mcuboot_config"
     - "@apache-mynewt-core/hw/hal"
-    - "@apache-mynewt-core/crypto/mbedtls"
     - "@apache-mynewt-core/kernel/os"
     - "@apache-mynewt-core/sys/defs"
     - "@apache-mynewt-core/sys/flash_map"
 
+pkg.deps.BOOTUTIL_USE_MBED_TLS:
+    - "@apache-mynewt-core/crypto/mbedtls"
+
 pkg.deps.BOOTUTIL_USE_TINYCRYPT:
-    - "@mcuboot/boot/mynewt/tinycrypt"
+    - "@mcuboot/ext/tinycrypt/lib"
+    - "@mcuboot/ext/mbedtls"

boot/mynewt/tinycrypt/include/tinycrypt/aes.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/aes.h

boot/mynewt/tinycrypt/include/tinycrypt/cbc_mode.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/cbc_mode.h

boot/mynewt/tinycrypt/include/tinycrypt/ccm_mode.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ccm_mode.h

boot/mynewt/tinycrypt/include/tinycrypt/cmac_mode.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/cmac_mode.h

boot/mynewt/tinycrypt/include/tinycrypt/constants.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/constants.h

boot/mynewt/tinycrypt/include/tinycrypt/ctr_mode.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ctr_mode.h

boot/mynewt/tinycrypt/include/tinycrypt/ctr_prng.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ctr_prng.h

boot/mynewt/tinycrypt/include/tinycrypt/ecc.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ecc.h

boot/mynewt/tinycrypt/include/tinycrypt/ecc_dh.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ecc_dh.h

boot/mynewt/tinycrypt/include/tinycrypt/ecc_dsa.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ecc_dsa.h

boot/mynewt/tinycrypt/include/tinycrypt/ecc_platform_specific.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/ecc_platform_specific.h

boot/mynewt/tinycrypt/include/tinycrypt/hmac.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/hmac.h

boot/mynewt/tinycrypt/include/tinycrypt/hmac_prng.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/hmac_prng.h

boot/mynewt/tinycrypt/include/tinycrypt/sha256.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/sha256.h

boot/mynewt/tinycrypt/include/tinycrypt/utils.h

@@ -1 +0,0 @@
-../../../../../ext/tinycrypt/lib/include/tinycrypt/utils.h

boot/mynewt/tinycrypt/src/aes_decrypt.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/aes_decrypt.c

boot/mynewt/tinycrypt/src/aes_encrypt.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/aes_encrypt.c

boot/mynewt/tinycrypt/src/cbc_mode.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/cbc_mode.c

boot/mynewt/tinycrypt/src/ccm_mode.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ccm_mode.c

boot/mynewt/tinycrypt/src/cmac_mode.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/cmac_mode.c

boot/mynewt/tinycrypt/src/ctr_mode.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ctr_mode.c

boot/mynewt/tinycrypt/src/ctr_prng.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ctr_prng.c

boot/mynewt/tinycrypt/src/ecc.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ecc.c

boot/mynewt/tinycrypt/src/ecc_dh.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ecc_dh.c

boot/mynewt/tinycrypt/src/ecc_dsa.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ecc_dsa.c

boot/mynewt/tinycrypt/src/ecc_platform_specific.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/ecc_platform_specific.c

boot/mynewt/tinycrypt/src/hmac.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/hmac.c

boot/mynewt/tinycrypt/src/hmac_prng.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/hmac_prng.c

boot/mynewt/tinycrypt/src/sha256.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/sha256.c

boot/mynewt/tinycrypt/src/utils.c

@@ -1 +0,0 @@
-../../../../ext/tinycrypt/lib/source/utils.c

ext/mbedtls/include/mbedtls/config.h

@@ -0,0 +1,96 @@
+/**
+ *  Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ *  This file is part of mbed TLS (https://tls.mbed.org)
+ */
+
+#ifndef MBEDTLS_CONFIG_H
+#define MBEDTLS_CONFIG_H
+
+#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#endif
+
+//#define MBEDTLS_PLATFORM_MEMORY
+#define MBEDTLS_FS_IO
+//#define MBEDTLS_VERSION_FEATURES
+#define MBEDTLS_ASN1_PARSE_C
+#define MBEDTLS_BASE64_C
+#define MBEDTLS_BIGNUM_C
+#define MBEDTLS_MD_C
+#define MBEDTLS_OID_C
+#define MBEDTLS_PEM_PARSE_C
+
+/**
+ * \def MBEDTLS_PLATFORM_C
+ *
+ * Enable the platform abstraction layer that allows you to re-assign
+ * functions like calloc(), free(), snprintf(), printf(), fprintf(), exit().
+ *
+ * Enabling MBEDTLS_PLATFORM_C enables to use of MBEDTLS_PLATFORM_XXX_ALT
+ * or MBEDTLS_PLATFORM_XXX_MACRO directives, allowing the functions mentioned
+ * above to be specified at runtime or compile time respectively.
+ *
+ * \note This abstraction layer must be enabled on Windows (including MSYS2)
+ * as other module rely on it for a fixed snprintf implementation.
+ *
+ * Module:  library/platform.c
+ * Caller:  Most other .c files
+ *
+ * This module enables abstraction of common (libc) functions.
+ */
+#define MBEDTLS_PLATFORM_C
+
+/**
+ * \def MBEDTLS_TIMING_C
+ *
+ * Enable the semi-portable timing interface.
+ *
+ * \note The provided implementation only works on POSIX/Unix (including Linux,
+ * BSD and OS X) and Windows. On other platforms, you can either disable that
+ * module and provide your own implementations of the callbacks needed by
+ * \c mbedtls_ssl_set_timer_cb() for DTLS, or leave it enabled and provide
+ * your own implementation of the whole module by setting
+ * \c MBEDTLS_TIMING_ALT in the current file.
+ *
+ * \note See also our Knowledge Base article about porting to a new
+ * environment:
+ * https://tls.mbed.org/kb/how-to/how-do-i-port-mbed-tls-to-a-new-environment-OS
+ *
+ * Module:  library/timing.c
+ * Caller:  library/havege.c
+ *
+ * This module is used by the HAVEGE random number generator.
+ */
+#define MBEDTLS_TIMING_C
+
+//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
+//#define MBEDTLS_MEMORY_ALIGN_MULTIPLE      4 /**< Align on multiples of this value */
+
+#if defined(TARGET_LIKE_MBED) && defined(YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_TARGET_CONFIG_FILE
+#endif
+
+#if defined(YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE)
+#include YOTTA_CFG_MBEDTLS_USER_CONFIG_FILE
+#elif defined(MBEDTLS_USER_CONFIG_FILE)
+#include MBEDTLS_USER_CONFIG_FILE
+#endif
+
+#include "check_config.h"
+
+#endif /* MBEDTLS_CONFIG_H */

ext/mbedtls/pkg.yml

@@ -0,0 +1,24 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+pkg.name: ext/mbedtls
+pkg.description: "MCUboot's bundled mbed-tls ASN1 parser"
+pkg.author: "Apache Mynewt <dev@mynewt.apache.org>"
+pkg.homepage: "http://mynewt.apache.org/"
+pkg.keywords:

ext/tinycrypt/lib/pkg.yml

@@ -17,11 +17,14 @@
 # under the License.
 #
 
-pkg.name: boot/mynewt/tinycrypt
+pkg.name: ext/tinycrypt/lib
 pkg.description: "MCUboot's bundled tinycrypt"
 pkg.author: "Apache Mynewt <dev@mynewt.apache.org>"
 pkg.homepage: "http://mynewt.apache.org/"
 pkg.keywords:
 
+pkg.src_dirs:
+  - "source"
+
 pkg.cflags:
     - "-std=c99"