From 3aee15b8e58ae223b3fe6f52134a6c067981b3b5 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Thu, 11 Sep 2025 17:04:44 +0200 Subject: [PATCH] Declare psa_can_do_cipher() in a public header Integrators in a client-server architecture need to provide this function on the client side. Fixes mbedtls/issues#10341. Signed-off-by: Gilles Peskine --- include/psa/crypto_extra.h | 12 ++++++++++++ library/psa_crypto_core.h | 12 ------------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index 70740901e1..d24911f18c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -610,6 +610,18 @@ psa_status_t mbedtls_psa_platform_get_builtin_key( */ int psa_can_do_hash(psa_algorithm_t hash_alg); +/** + * Tell if PSA is ready for this cipher. + * + * \note For now, only checks the state of the driver subsystem, + * not the algorithm. Might do more in the future. + * + * \param cipher_alg The cipher algorithm (ignored for now). + * + * \return 1 if the driver subsytem is ready, 0 otherwise. + */ +int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg); + /**@}*/ /** \addtogroup crypto_types diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h index c3c0770142..ac92ea2b37 100644 --- a/library/psa_crypto_core.h +++ b/library/psa_crypto_core.h @@ -24,18 +24,6 @@ #include "mbedtls/threading.h" #endif -/** - * Tell if PSA is ready for this cipher. - * - * \note For now, only checks the state of the driver subsystem, - * not the algorithm. Might do more in the future. - * - * \param cipher_alg The cipher algorithm (ignored for now). - * - * \return 1 if the driver subsytem is ready, 0 otherwise. - */ -int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg); - typedef enum { PSA_SLOT_EMPTY = 0, PSA_SLOT_FILLING,