TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 95c915201e76a9bac790722bedf12fe0c3c07948^! / . / include / mbedtls
commit95c915201e76a9bac790722bedf12fe0c3c07948[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Wed Feb 22 22:20:24 2023 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Thu Feb 23 17:18:33 2023 +0100
treedebbc24f82c76a459263cafa6948c124fc8de208
parent361b5f992ff215af199b7922088fad2ab8907cd9 [diff]
Move the implication of MBEDTLS_PSA_CRYPTO_CLIENT where it belongs

If MBEDTLS_PSA_CRYPTO_C is enabled, we always enable
MBEDTLS_PSA_CRYPTO_CLIENT, since the client-side functions are part of the
full PSA crypto feature set. Historically, we didn't have a good place for
configuration modification, so we did this early in the crypto.h include
tree. Since Mbed TLS 3.0, we have mbedtls/build_info.h for that.

Addresses https://github.com/Mbed-TLS/mbedtls/issues/7144 .

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

diff --git a/include/mbedtls/build_info.h b/include/mbedtls/build_info.h
index bbfd5d4..2edf015 100644
--- a/include/mbedtls/build_info.h
+++ b/include/mbedtls/build_info.h

@@ -80,6 +80,13 @@
 #include MBEDTLS_USER_CONFIG_FILE
 #endif
 
+/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
+ * is defined as well to include all PSA code.
+ */
+#if defined(MBEDTLS_PSA_CRYPTO_C)
+#define MBEDTLS_PSA_CRYPTO_CLIENT
+#endif /* MBEDTLS_PSA_CRYPTO_C */
+
 /* The PK wrappers need pk_write functions to format RSA key objects
  * when they are dispatching to the PSA API. This happens under USE_PSA_CRYPTO,
  * and also even without USE_PSA_CRYPTO for mbedtls_pk_sign_ext().