pk: add new symbol to state that PK has support for EC keys
Note: both MBEDTLS_PK_USE_PSA_EC_DATA and MBEDTLS_PK_HAVE_ECC_KEYS has been move on top of the pk.h file because we need these symbols when crypto.h is evaluated otherwise functions like mbedtls_ecc_group_of_psa() won't be available. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
parent
1814bb785f
commit
e489e81437
1 changed files with 29 additions and 21 deletions
|
|
@ -40,6 +40,35 @@
|
|||
#include "mbedtls/ecdsa.h"
|
||||
#endif
|
||||
|
||||
/* Internal helper to define which fields in the pk_context structure below
|
||||
* should be used for EC keys: legacy ecp_keypair or the raw (PSA friendly)
|
||||
* format. It should be noticed that this only affect how data is stored, not
|
||||
* which functions are used for various operations. The overall picture looks
|
||||
* like this:
|
||||
* - if USE_PSA is not defined and ECP_C is then use ecp_keypair data structure
|
||||
* and legacy functions
|
||||
* - if USE_PSA is defined and
|
||||
* - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly
|
||||
* format and use PSA functions
|
||||
* - if !ECP_C then use new raw data and PSA functions directly.
|
||||
*
|
||||
* The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long
|
||||
* as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the
|
||||
* ecp_keypair structure inside the pk_context so he/she can modify it using
|
||||
* ECP functions which are not under PK module's control.
|
||||
*/
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) && defined(PSA_WANT_KEY_TYPE_ECC_PUBLIC_KEY) && \
|
||||
!defined(MBEDTLS_ECP_C)
|
||||
#define MBEDTLS_PK_USE_PSA_EC_DATA
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C */
|
||||
|
||||
/* Helper symbol to state that the PK module has support for EC keys. This
|
||||
* can either be provided through the legacy ECP solution or through the
|
||||
* PSA friendly MBEDTLS_PK_USE_PSA_EC_DATA. */
|
||||
#if defined(MBEDTLS_PK_USE_PSA_EC_DATA) || defined(MBEDTLS_ECP_C)
|
||||
#define MBEDTLS_PK_HAVE_ECC_KEYS
|
||||
#endif /* MBEDTLS_PK_USE_PSA_EC_DATA || MBEDTLS_ECP_C */
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) || defined(MBEDTLS_PSA_CRYPTO_C)
|
||||
#include "psa/crypto.h"
|
||||
#endif
|
||||
|
|
@ -202,27 +231,6 @@ typedef struct mbedtls_pk_rsassa_pss_options {
|
|||
#define MBEDTLS_PK_CAN_ECDH
|
||||
#endif
|
||||
|
||||
/* Internal helper to define which fields in the pk_context structure below
|
||||
* should be used for EC keys: legacy ecp_keypair or the raw (PSA friendly)
|
||||
* format. It should be noticed that this only affect how data is stored, not
|
||||
* which functions are used for various operations. The overall picture looks
|
||||
* like this:
|
||||
* - if ECP_C is defined then use legacy functions
|
||||
* - if USE_PSA is defined and
|
||||
* - if ECP_C then use ecp_keypair structure, convert data to a PSA friendly
|
||||
* format and use PSA functions
|
||||
* - if !ECP_C then use new raw data and PSA functions directly.
|
||||
*
|
||||
* The main reason for the "intermediate" (USE_PSA + ECP_C) above is that as long
|
||||
* as ECP_C is defined mbedtls_pk_ec() gives the user a read/write access to the
|
||||
* ecp_keypair structure inside the pk_context so he/she can modify it using
|
||||
* ECP functions which are not under PK module's control.
|
||||
*/
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_ECP_C) && \
|
||||
defined(MBEDTLS_ECP_LIGHT)
|
||||
#define MBEDTLS_PK_USE_PSA_EC_DATA
|
||||
#endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_ECP_C */
|
||||
|
||||
/**
|
||||
* \brief Types for interfacing with the debug module
|
||||
*/
|
||||
|
|
|
|||
Loading…
Reference in a new issue