From 1c7a99856f965f3e2049c924446783f1094c75be Mon Sep 17 00:00:00 2001
From: Andrzej Kurek <andrzej.kurek@arm.com>
Date: Tue, 30 May 2023 09:21:20 -0400
Subject: [PATCH] Add missing ifdefs

Make sure that the error translating functions
are only defined when they're used.
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
---
 library/constant_time.c    | 4 +++-
 library/ssl_tls12_client.c | 2 ++
 library/ssl_tls12_server.c | 3 +++
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/library/constant_time.c b/library/constant_time.c
index fa0d89895..9b2a47758 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -46,7 +46,9 @@
 #endif
 
 #include <string.h>
-#if defined(MBEDTLS_USE_PSA_CRYPTO)
+
+#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(MBEDTLS_SSL_SOME_SUITES_USE_MAC)
+#include "psa/crypto.h"
 /* Define a local translating function to save code size by not using too many
  * arguments in each translating place. */
 static int local_err_translation(psa_status_t status)
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 75b79bfad..ade68a927 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -33,6 +33,7 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 #include "mbedtls/psa_util.h"
 #include "psa/crypto.h"
+#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
 /* Define a local translating function to save code size by not using too many
  * arguments in each translating place. */
 static int local_err_translation(psa_status_t status)
@@ -42,6 +43,7 @@ static int local_err_translation(psa_status_t status)
                                  psa_generic_status_to_mbedtls);
 }
 #define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status)
+#endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
 
 #include <string.h>
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index d29aa8d43..03f9eea85 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -36,6 +36,8 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
 /* Define a local translating function to save code size by not using too many
  * arguments in each translating place. */
+#if defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDH_ENABLED) || \
+    defined(MBEDTLS_KEY_EXCHANGE_SOME_ECDHE_ENABLED)
 static int local_err_translation(psa_status_t status)
 {
     return psa_status_to_mbedtls(status, psa_to_ssl_errors,
@@ -44,6 +46,7 @@ static int local_err_translation(psa_status_t status)
 }
 #define PSA_TO_MBEDTLS_ERR(status) local_err_translation(status)
 #endif
+#endif
 
 #if defined(MBEDTLS_ECP_C)
 #include "mbedtls/ecp.h"