yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow alternative names for overridden PSA headers

Browse source 
Integrators of Mbed TLS may override the header files
"psa/crypto_platform.h" and "psa/crypto_struct.h" by overwriting the files
or by placing alternative versions earlier in the include file search path.
These two methods are sometimes inconvenient, so allow a third method which
doesn't require overwriting files or having a precise order for the include
path: integrators can now specify alternative names for the headers.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2023-02-22 22:07:28 +01:00
parent 406b9172ad
commit b1176f2583
4 changed files with 63 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ChangeLog.d/psa-alt-headers.txt Normal file
View file

@ -0,0 +1,4 @@
Features
* The configuration macros MBEDTLS_PSA_CRYPTO_PLATFORM_FILE and
MBEDTLS_PSA_CRYPTO_STRUCT_FILE specify alternative locations for
the headers "psa/crypto_platform.h" and "psa/crypto_struct.h".

47
include/mbedtls/mbedtls_config.h
View file

@ -3537,6 +3537,53 @@
*/ */
//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null" //#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
/**
* \def MBEDTLS_PSA_CRYPTO_PLATFORM_FILE
*
* If defined, this is a header which will be included instead of
* `"psa/crypto_platform.h"`. This file should declare the same identifiers
* as the one in Mbed TLS, but with definitions adapted to the platform on
* which the library code will run.
*
* \note The required content of this header can vary from one version of
* Mbed TLS to the next. Integrators who provide an alternative file
* should review the changes in the original file whenever they
* upgrade Mbed TLS.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_PSA_CRYPTO_PLATFORM_FILE "psa/crypto_platform_alt.h"
/**
* \def MBEDTLS_PSA_CRYPTO_STRUCT_FILE
*
* If defined, this is a header which will be included instead of
* `"psa/crypto_struct.h"`. This file should declare the same identifiers
* as the one in Mbed TLS, but with definitions adapted to the environment
* in which the library code will run. The typical use for this feature
* is to provide alternative type definitions on the client side in
* client-server integrations of PSA crypto, where operation structures
* contain handles instead of cryptographic data.
*
* \note The required content of this header can vary from one version of
* Mbed TLS to the next. Integrators who provide an alternative file
* should review the changes in the original file whenever they
* upgrade Mbed TLS.
*
* This macro is expanded after an <tt>\#include</tt> directive. This is a popular but
* non-standard feature of the C language, so this feature is only available
* with compilers that perform macro expansion on an <tt>\#include</tt> line.
*
* The value of this symbol is typically a path in double quotes, either
* absolute or relative to a directory on the include search path.
*/
//#define MBEDTLS_PSA_CRYPTO_STRUCT_FILE "psa/crypto_struct_alt.h"
/** \} name SECTION: General configuration options */ /** \} name SECTION: General configuration options */
/** /**

8
include/psa/crypto.h
View file

@ -22,7 +22,11 @@
#ifndef PSA_CRYPTO_H #ifndef PSA_CRYPTO_H
#define PSA_CRYPTO_H #define PSA_CRYPTO_H
#if defined(MBEDTLS_PSA_CRYPTO_PLATFORM_FILE)
#include MBEDTLS_PSA_CRYPTO_PLATFORM_FILE
#else
#include "crypto_platform.h" #include "crypto_platform.h"
#endif
#include <stddef.h> #include <stddef.h>
@ -4677,7 +4681,11 @@ psa_status_t psa_verify_hash_abort(
/* The file "crypto_struct.h" contains definitions for /* The file "crypto_struct.h" contains definitions for
* implementation-specific structs that are declared above. */ * implementation-specific structs that are declared above. */
#if defined(MBEDTLS_PSA_CRYPTO_STRUCT_FILE)
#include MBEDTLS_PSA_CRYPTO_STRUCT_FILE
#else
#include "crypto_struct.h" #include "crypto_struct.h"
#endif
/* The file "crypto_extra.h" contains vendor-specific definitions. This /* The file "crypto_extra.h" contains vendor-specific definitions. This
* can include vendor-defined algorithms, extra functions, etc. */ * can include vendor-defined algorithms, extra functions, etc. */

4
include/psa/crypto_types.h
View file

@ -34,7 +34,11 @@
#define PSA_CRYPTO_TYPES_H #define PSA_CRYPTO_TYPES_H
#include "mbedtls/private_access.h" #include "mbedtls/private_access.h"
#if defined(MBEDTLS_PSA_CRYPTO_PLATFORM_FILE)
#include MBEDTLS_PSA_CRYPTO_PLATFORM_FILE
#else
#include "crypto_platform.h" #include "crypto_platform.h"
#endif
/* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT /* If MBEDTLS_PSA_CRYPTO_C is defined, make sure MBEDTLS_PSA_CRYPTO_CLIENT
* is defined as well to include all PSA code. * is defined as well to include all PSA code.