Detailed architecture of symbol definitions and header inclusion
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
a0a210fc1b
commit
95434380e1
1 changed files with 25 additions and 2 deletions
|
@ -5,7 +5,7 @@ This document is a proposed interface for deciding at build time which cryptogra
|
|||
|
||||
This is currently a proposal for Mbed TLS. It is not currently on track for standardization in PSA.
|
||||
|
||||
Time-stamp: "2020/09/07 08:27:32 GMT"
|
||||
Time-stamp: "2020/09/21 18:07:09 GMT"
|
||||
|
||||
## Introduction
|
||||
|
||||
|
@ -109,7 +109,30 @@ These symbols are not part of the public interface of Mbed TLS towards applicati
|
|||
|
||||
#### Definition of internal inclusion symbols
|
||||
|
||||
The header file `mbedtls/config.h` needs to define all the `MBEDTLS_xxx_C` configuration symbols, including the ones deduced from the PSA crypto configuration. It does this by including the new header file **`mbedtls/config_psa.h`**, which defines the `MBEDTLS_PSA_BUILTIN_xxx` symbols and deduces the corresponding `MBEDTLS_xxx_C` (and other) symbols.
|
||||
When `MBEDTLS_PSA_CRYPTO_CONFIG` is set, the header file `mbedtls/config.h` needs to define all the `MBEDTLS_xxx_C` configuration symbols, including the ones deduced from the PSA crypto configuration. It does this by including the new header file **`mbedtls/config_psa.h`**, which defines the `MBEDTLS_PSA_BUILTIN_xxx` symbols and deduces the corresponding `MBEDTLS_xxx_C` (and other) symbols.
|
||||
|
||||
When `MBEDTLS_PSA_CRYPTO_CONFIG` is not set, the configuration of Mbed TLS works as before, and the inclusion of non-PSA code only depends on `MBEDTLS_xxx` symbols defined (or not) in `mbedtls/config.h`. In this case, `mbedtls/config_psa.h` is only needed to build the PSA parts of the library, including `psa/crypto_struct.h`. Therefore, * `psa/crypto_struct.h` needs to include `mbedtls/config_psa.h`.
|
||||
|
||||
`mbedtls/config_psa.h` includes two header files:
|
||||
|
||||
* `psa/crypto_config.h` is the user-editable file that defines application requirements. It is only included when `MBEDTLS_PSA_CRYPTO_CONFIG` is set.
|
||||
* `mbedtls/crypto_drivers.h` is a header file generated by the transpilation of the driver descriptions. It defines `MBEDTLS_PSA_ACCEL_xxx` symbols according to the availability of transparent drivers without fallback.
|
||||
|
||||
The following table summarized where symbols are defined depending on the configuration mode.
|
||||
|
||||
* (U) indicates a symbol that is defined by the user (application).
|
||||
* (D) indicates a symbol that is deduced from other symbols by code that ships with Mbed TLS.
|
||||
* (G) indicates a symbol that is generated from driver descriptions.
|
||||
|
||||
------------------------------------------------------------------------------------------------
|
||||
Symbols With `MBEDTLS_PSA_CRYPTO_CONFIG` Without `MBEDTLS_PSA_CRYPTO_CONFIG`
|
||||
------------------------- -------------------------------- -----------------------------------
|
||||
`MBEDTLS_xxx_C` `mbedtls/config.h` (U) or `mbedtls/config.h` (U)
|
||||
`mbedtls/config_psa.h` (D)
|
||||
`PSA_WANT_xxx` `psa/crypto_config.h` (U) N/A
|
||||
`MBEDTLS_PSA_BUILTIN_xxx` `mbedtls/config_psa.h` (D) `mbedtls/config_psa.h` (D)
|
||||
`MBEDTLS_PSA_ACCEL_xxx` `mbedtls/crypto_drivers` (G) N/A
|
||||
------------------------------------------------------------------------------------------------
|
||||
|
||||
#### Visibility of internal symbols
|
||||
|
||||
|
|
Loading…
Reference in a new issue