Make legacy_or_psa.h public.
As a public header, it should no longer include common.h, just use
build_info.h which is what we actually need anyway.
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
diff --git a/library/hash_info.c b/library/hash_info.c
index 366ca3f..cd7d70e 100644
--- a/library/hash_info.c
+++ b/library/hash_info.c
@@ -21,7 +21,7 @@
*/
#include "hash_info.h"
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#include "mbedtls/error.h"
typedef struct
diff --git a/library/legacy_or_psa.h b/library/legacy_or_psa.h
deleted file mode 100644
index 47f4e0f..0000000
--- a/library/legacy_or_psa.h
+++ /dev/null
@@ -1,212 +0,0 @@
-/**
- * Macros to express dependencies for code and tests that may use either the
- * legacy API or PSA in various builds; mostly for internal use.
- *
- * Copyright The Mbed TLS Contributors
- * SPDX-License-Identifier: Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may
- * not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
- * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * Note: applications who are targetting a specific configurations do not need
- * to use these macros; instead they should directly use the functions they
- * know are available in their configuration.
- *
- * Note: code that is purely based on PSA Crypto (psa_xxx() functions)
- * does not need to use these macros; instead it should use the relevant
- * PSA_WANT_xxx macros.
- *
- * Note: code that is purely based on the legacy crypto APIs (mbedtls_xxx())
- * does not need to use these macros; instead it should use the relevant
- * MBEDTLS_xxx_ macros.
- *
- * These macros are for code that wants to use <crypto feature> and will do so
- * using <legacy API> or PSA depending on <condition>, where:
- * - <crypto feature> will generally be an algorithm (SHA-256, ECDH) but may
- * also be a key type (AES, RSA, EC) or domain parameters (elliptic curve);
- * - <legacy API> will be either:
- * - low-level module API (aes.h, sha256.h), or
- * - an abstraction layer (md.h, cipher.h);
- * - <condition> will be either:
- * - depending on what's available in the build:
- * legacy API used if available, PSA otherwise
- * (this is done to ensure backwards compatibility); or
- * - depending on whether MBEDTLS_USE_PSA_CRYPTO is defined.
- *
- * Examples:
- * - TLS 1.2 will compute hashes using either mbedtls_md_xxx() (and
- * mbedtls_sha256_xxx()) or psa_aead_xxx() depending on whether
- * MBEDTLS_USE_PSA_CRYPTO is defined;
- * - RSA PKCS#1 v2.1 will compute hashes (for padding) using either
- * `mbedtls_md()` if it's available, or `psa_hash_compute()` otherwise;
- * - PEM decoding of PEM-encrypted keys will compute MD5 hashes using either
- * `mbedtls_md5_xxx()` if it's available, or `psa_hash_xxx()` otherwise.
- *
- * Note: the macros are essential to express test dependencies. Inside code,
- * we could instead just use the equivalent pre-processor condition, but
- * that's not possible in test dependencies where we need a single macro.
- * Hopefully, using these macros in code will also help with consistency.
- *
- * The naming scheme for these macros is:
- * MBEDTLS_HAS_feature_VIA_legacy_OR_PSA(_condition)
- * where:
- * - feature is expressed the same way as in PSA_WANT macros, for example:
- * KEY_TYPE_AES, ALG_SHA_256, ECC_SECP_R1_256;
- * - legacy is either LOWLEVEL or the name of the layer: MD, CIPHER;
- * - condition is omitted if it's based on availability, else it's
- * BASED_ON_USE_PSA.
- *
- * Coming back to the examples above:
- * - TLS 1.2 will determine if it can use SHA-256 using
- * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
- * for the purposes of negotiation, and in test dependencies;
- * - RSA PKCS#1 v2.1 tests that used SHA-256 will depend on
- * MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
- * - PEM decoding code and its associated tests will depend on
- * MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
- *
- * Note: every time it's possible to use, say SHA-256, via the MD API, then
- * it's also possible to use it via the low-level API. So, code that wants to
- * use SHA-256 via both APIs only needs to depend on the MD macro. Also, it
- * just so happens that all the code choosing which API to use based on
- * MBEDTLS_USE_PSA_CRYPTO (X.509, TLS 1.2/shared), always uses the abstraction
- * layer (sometimes in addition to the low-level API), so we don't need the
- * MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA_BASED_ON_USE_PSA macros.
- * (PK, while obeying MBEDTLS_USE_PSA_CRYPTO, doesn't compute hashes itself,
- * even less makes use of ciphers.)
- *
- * Note: the macros MBEDTLS_HAS_feature_VIA_LOWLEVEL_OR_PSA are the minimal
- * condition for being able to use <feature> at all. As such, they should be
- * used for guarding data about <feature>, such as OIDs or size. For example,
- * OID values related to SHA-256 are only useful when SHA-256 can be used at
- * least in some way.
- */
-
-#ifndef MBEDTLS_OR_PSA_HELPERS_H
-#define MBEDTLS_OR_PSA_HELPERS_H
-
-#include "common.h"
-#if defined(MBEDTLS_PSA_CRYPTO_C)
-#include "psa/crypto.h"
-#endif /* MBEDTLS_PSA_CRYPTO_C */
-
-/*
- * Hashes
- */
-
-/* Hashes using low-level or PSA based on availability */
-#if defined(MBEDTLS_MD5_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
-#define MBEDTLS_HAS_ALG_MD5_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_RIPEMD160_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA1_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA224_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA256_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA384_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_LOWLEVEL_OR_PSA
-#endif
-#if defined(MBEDTLS_SHA512_C) || \
- ( defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_LOWLEVEL_OR_PSA
-#endif
-
-/* Hashes using MD or PSA based on availability */
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_MD5) )
-#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_RIPEMD160) )
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_1) )
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_224) )
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_256) )
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_384) )
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA
-#endif
-#if ( defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
- ( !defined(MBEDTLS_MD_C) && \
- defined(MBEDTLS_PSA_CRYPTO_C) && defined(PSA_WANT_ALG_SHA_512) )
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA
-#endif
-
-/* Hashes using MD or PSA based on MBEDTLS_USE_PSA_CRYPTO */
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_MD5_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_MD5) )
-#define MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_RIPEMD160_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_RIPEMD160) )
-#define MBEDTLS_HAS_ALG_RIPEMD160_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA1_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_1) )
-#define MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA224_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_224) )
-#define MBEDTLS_HAS_ALG_SHA_224_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA256_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_256) )
-#define MBEDTLS_HAS_ALG_SHA_256_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA384_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_384) )
-#define MBEDTLS_HAS_ALG_SHA_384_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-#if ( !defined(MBEDTLS_USE_PSA_CRYPTO) && \
- defined(MBEDTLS_MD_C) && defined(MBEDTLS_SHA512_C) ) || \
- ( defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_ALG_SHA_512) )
-#define MBEDTLS_HAS_ALG_SHA_512_VIA_MD_OR_PSA_BASED_ON_USE_PSA
-#endif
-
-#endif /* MBEDTLS_OR_PSA_HELPERS_H */
diff --git a/library/oid.c b/library/oid.c
index 4ecf621..dcd1815 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -27,7 +27,7 @@
#include "mbedtls/rsa.h"
#include "mbedtls/error.h"
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#include <stdio.h>
#include <string.h>
diff --git a/library/pem.c b/library/pem.c
index 8f0aba0..e4101e8 100644
--- a/library/pem.c
+++ b/library/pem.c
@@ -45,7 +45,7 @@
#include "psa/crypto.h"
#endif
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_HAS_ALG_MD5_VIA_MD_OR_PSA_BASED_ON_USE_PSA) && \
defined(MBEDTLS_CIPHER_MODE_CBC) && \
diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
index dc50449..808aa9e 100644
--- a/library/ssl_ciphersuites.c
+++ b/library/ssl_ciphersuites.c
@@ -33,7 +33,7 @@
#include "mbedtls/ssl.h"
#include "ssl_misc.h"
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#include <string.h>
diff --git a/library/ssl_cookie.c b/library/ssl_cookie.c
index 8777833..b6a8add 100644
--- a/library/ssl_cookie.c
+++ b/library/ssl_cookie.c
@@ -38,7 +38,7 @@
#include "mbedtls/platform_util.h"
#include "mbedtls/constant_time.h"
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#include <string.h>
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index a59e672..edbf446 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -32,7 +32,7 @@
#include "mbedtls/psa_util.h"
#include "hash_info.h"
#endif
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index af65e6d..12e1c1b 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -54,7 +54,7 @@
#include "mbedtls/psa_util.h"
#include "psa/crypto.h"
#endif
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#if defined(MBEDTLS_X509_CRT_PARSE_C)
#include "mbedtls/oid.h"
diff --git a/library/x509.c b/library/x509.c
index aa39517..f1d988a 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -62,7 +62,7 @@
#include <time.h>
#endif
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
#define CHECK(code) if( ( ret = ( code ) ) != 0 ){ return( ret ); }
#define CHECK_RANGE(min, max, val) \
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index e51a385..52942a9 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -46,7 +46,7 @@
#endif /* MBEDTLS_USE_PSA_CRYPTO */
#include "hash_info.h"
-#include "legacy_or_psa.h"
+#include "mbedtls/legacy_or_psa.h"
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
{