Update design document

- Support for PSA_CRYPTO_CLIENT without PSA_CRYPTO_C is out of scope for now but might be added later (the architecture supports that). - While we're using a void pointer for md_ctx, we don't need a union here; the union will be useful only if & when we remove the indirection. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
2023-03-09 16:46:08 +01:00 · 2023-03-09 16:46:08 +01:00 · c9e0ad23c1
commit c9e0ad23c1
parent 9b14639342
1 changed files with 8 additions and 10 deletions
--- a/docs/architecture/psa-migration/md-cipher-dispatch.md
+++ b/docs/architecture/psa-migration/md-cipher-dispatch.md
@ -312,13 +312,16 @@ Note that some algorithms have different spellings in legacy and PSA. Since MD i
 ```
 #if defined(MBEDTLS_MD_LIGHT)
 #if defined(MBEDTLS_SHA256_C) || \
-    ((defined(MBEDTLS_PSA_CRYPTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)) && \
-     PSA_WANT_ALG_SHA_256)
+    (defined(MBEDTLS_PSA_CRYPTO_C) && PSA_WANT_ALG_SHA_256)
 #define MBEDTLS_MD_CAN_SHA256
 #endif
 #endif
 ```

+Note: in the future, we may want to replace `defined(MBEDTLS_PSA_CRYPTO_C)`
+with `defined(MBEDTLS_PSA_CRYTO_C) || defined(MBEDTLS_PSA_CRYPTO_CLIENT)` but
+for now this is out of scope.
+
 #### MD light internal support macros

 * If at least one hash has a PSA driver, define `MBEDTLS_MD_SOME_PSA`.
@ -337,16 +340,11 @@ enum {
 } mbedtls_md_engine_t; // private type

 typedef struct mbedtls_md_context_t {
-    const mbedtls_md_type_t type;
-    const mbedtls_md_engine_t engine;
-    union {
-#if defined(MBEDTLS_MD_SOME_LEGACY)
-        void *legacy; // used if engine == LEGACY
-#endif
+    mbedtls_md_type_t type;
 #if defined(MBEDTLS_MD_SOME_PSA)
-        psa_hash_operation_t *psa; // used if engine == PSA
+    mbedtls_md_engine_t engine;
 #endif
-    } digest;
+    void *md_ctx; // mbedtls_xxx_context or psa_hash_operation
 #if defined(MBEDTLS_MD_C)
    void *hmac_ctx;
 #endif