From 65f539ded44a22abe97127342460f62c5935bcd9 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 12 Dec 2023 16:00:38 +0000
Subject: [PATCH 1/4] Introduce deprecate warning and removed config options

Introduce the PSA_CRYPTO_DEPRECATED_WARNING and
PSA_CRYPTO_DEPRECATED_REMOVED config options to
mirror the similarly named options in Mbed TLS.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 include/psa/crypto_config.h | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/include/psa/crypto_config.h b/include/psa/crypto_config.h
index 01ea9e8f3f..1573c3b7af 100644
--- a/include/psa/crypto_config.h
+++ b/include/psa/crypto_config.h
@@ -120,6 +120,33 @@
  */
 //#define TF_PSA_CRYPTO_PLATFORM_ZEROIZE
 
+/**
+ * \def PSA_CRYPTO_DEPRECATED_WARNING
+ *
+ * Mark deprecated functions and features so that they generate a warning if
+ * used. Functionality deprecated in one version will usually be removed in the
+ * next version. You can enable this to help you prepare the transition to a
+ * new major version by making sure your code is not using this functionality.
+ *
+ * This only works with GCC and Clang. With other compilers, you may want to
+ * use PSA_CRYPTO_DEPRECATED_REMOVED
+ *
+ * Uncomment to get warnings on using deprecated functions and features.
+ */
+//#define PSA_CRYPTO_DEPRECATED_WARNING
+
+/**
+ * \def PSA_CRYPTO_DEPRECATED_REMOVED
+ *
+ * Remove deprecated functions and features so that they generate an error if
+ * used. Functionality deprecated in one version will usually be removed in the
+ * next version. You can enable this to help you prepare the transition to a
+ * new major version by making sure your code is not using this functionality.
+ *
+ * Uncomment to get errors on using deprecated functions and features.
+ */
+//#define PSA_CRYPTO_DEPRECATED_REMOVED
+
 /*
  * Platform exit macros
  */

From cdb62aca852a572f94ae6725a142a842f3173819 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 12 Dec 2023 16:55:48 +0000
Subject: [PATCH 2/4] Add configuration option translations

Add translation to Mbed TLS equivalent config options.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 .../config_adjust_mbedtls_from_tf_psa_crypto.h       | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h b/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
index 2d2e9c2eab..cf8af4cf8b 100644
--- a/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
+++ b/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
@@ -15,6 +15,8 @@
 #ifndef MBEDTLS_CONFIG_ADJUST_MBEDTLS_FROM_TF_PSA_CRYPTO_H
 #define MBEDTLS_CONFIG_ADJUST_MBEDTLS_FROM_TF_PSA_CRYPTO_H
 
+/* General configuration options. */
+
 #if defined(TF_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
 #define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
 #endif
@@ -50,6 +52,14 @@
 #define mbedtls_platform_zeroize tf_psa_crypto_platform_zeroize
 #endif
 
+#if defined(PSA_CRYPTO_DEPRECATED_WARNING)
+#define MBEDTLS_DEPRECATED_WARNING
+#endif
+
+#if defined(PSA_CRYPTO_DEPRECATED_REMOVED)
+#define MBEDTLS_DEPRECATED_REMOVED
+#endif
+
 #if defined(TF_PSA_CRYPTO_BUILTIN_KEYS)
 #define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
 #endif
@@ -195,4 +205,6 @@
 #define MBEDTLS_LMS_C
 #endif
 
+
+
 #endif /* MBEDTLS_CONFIG_ADJUST_MBEDTLS_FROM_TF_PSA_CRYPTO_H */

From 2591b32aa0452c9b07e14c0171e27f49fe5d5661 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Tue, 12 Dec 2023 17:41:14 +0000
Subject: [PATCH 3/4] Add all.sh test_default_no_deprecated component

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 tests/all_sh_components.txt | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/tests/all_sh_components.txt b/tests/all_sh_components.txt
index c29f2f107a..83841a56e4 100644
--- a/tests/all_sh_components.txt
+++ b/tests/all_sh_components.txt
@@ -206,3 +206,23 @@ component_test_cmake_shared () {
     cd "$TF_PSA_CRYPTO_ROOT_DIR"
     rm -rf "$OUT_OF_SOURCE_DIR"
 }
+
+component_test_default_no_deprecated () {
+    # Test that removing the deprecated features from the default
+    # configuration leaves something consistent.
+    msg "build: make, default + PSA_CRYPTO_DEPRECATED_REMOVED" # ~ 30s
+    scripts/config.py -f "include/psa/crypto_config.h" set PSA_CRYPTO_DEPRECATED_REMOVED
+
+    TF_PSA_CRYPTO_ROOT_DIR="$PWD"
+    mkdir "$OUT_OF_SOURCE_DIR"
+    cd "$OUT_OF_SOURCE_DIR"
+
+    CC=gcc cmake -DCMAKE_C_FLAGS="-O -Werror -Wall -Wextra" ..
+    make
+
+    msg "test: make, default + PSA_CRYPTO_DEPRECATED_REMOVED" # ~ 5s
+    make test
+
+    cd "$TF_PSA_CRYPTO_ROOT_DIR"
+    rm -rf "$OUT_OF_SOURCE_DIR"
+}
\ No newline at end of file

From 8826469feb3e69d707754256b55cbaeef5eb29c9 Mon Sep 17 00:00:00 2001
From: Thomas Daubney <thomas.daubney@arm.com>
Date: Thu, 21 Dec 2023 22:37:48 +0000
Subject: [PATCH 4/4] Remove superfluous new lines

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
---
 .../include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h b/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
index cf8af4cf8b..b186ca22e0 100644
--- a/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
+++ b/drivers/builtin/include/mbedtls/config_adjust_mbedtls_from_tf_psa_crypto.h
@@ -205,6 +205,4 @@
 #define MBEDTLS_LMS_C
 #endif
 
-
-
 #endif /* MBEDTLS_CONFIG_ADJUST_MBEDTLS_FROM_TF_PSA_CRYPTO_H */