From 95c915201e76a9bac790722bedf12fe0c3c07948 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 22 Feb 2023 22:20:24 +0100 Subject: [PATCH] Move the implication of MBEDTLS_PSA_CRYPTO_CLIENT where it belongs If MBEDTLS_PSA_CRYPTO_C is enabled, we always enable MBEDTLS_PSA_CRYPTO_CLIENT, since the client-side functions are part of the full PSA crypto feature set. Historically, we didn't have a good place for configuration modification, so we did this early in the crypto.h include tree. Since Mbed TLS 3.0, we have mbedtls/build_info.h for that. Addresses https://github.com/Mbed-TLS/mbedtls/issues/7144 . Signed-off-by: Gilles Peskine --- include/mbedtls/build_info.h | 7 +++++++ include/psa/crypto_types.h | 7 ------- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h index bbfd5d48df..2edf015197 100644 --- a/include/mbedtls/build_info.h +++ b/include/mbedtls/build_info.h @@ -80,6 +80,13 @@ #include MBEDTLS_USER_CONFIG_FILE #endif +/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT + * is defined as well to include all PSA code. + */ +#if defined(MBEDTLS_PSA_CRYPTO_C) +#define MBEDTLS_PSA_CRYPTO_CLIENT +#endif /* MBEDTLS_PSA_CRYPTO_C */ + /* The PK wrappers need pk_write functions to format RSA key objects * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO, * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext(). diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 5e2e334a1e..a5154fcd6b 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -44,13 +44,6 @@ #include "crypto_platform.h" #endif -/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT - * is defined as well to include all PSA code. - */ -#if defined(MBEDTLS_PSA_CRYPTO_C) -#define MBEDTLS_PSA_CRYPTO_CLIENT -#endif /* MBEDTLS_PSA_CRYPTO_C */ - #include /** \defgroup error Error codes