diff --git a/ChangeLog.d/spm_build.txt b/ChangeLog.d/spm_build.txt new file mode 100644 index 000000000..6016d84e0 --- /dev/null +++ b/ChangeLog.d/spm_build.txt @@ -0,0 +1,4 @@ +Bugfix + * When MBEDTLS_PSA_CRYPTO_SPM is enabled, crypto_spe.h was not included + in all the right places. Include it from crypto_platform.h, which is + the natural place. Fixes #4649. diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h index 8acf22c7f..66f468793 100644 --- a/include/psa/crypto_platform.h +++ b/include/psa/crypto_platform.h @@ -81,6 +81,18 @@ static inline int mbedtls_key_owner_id_equal( mbedtls_key_owner_id_t id1, #endif /* MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ +/* + * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM + * (Secure Partition Manager) integration which separates the code into two + * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing + * Environment). When building for the SPE, an additional header file should be + * included. + */ +#if defined(MBEDTLS_PSA_CRYPTO_SPM) +#define PSA_CRYPTO_SECURE 1 +#include "crypto_spe.h" +#endif // MBEDTLS_PSA_CRYPTO_SPM + #if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) /** The type of the context passed to mbedtls_psa_external_get_random(). * diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 3fe2a883b..d0e59213a 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -26,7 +26,6 @@ #include "check_crypto_config.h" #endif -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_cipher.h" diff --git a/library/psa_crypto_client.c b/library/psa_crypto_client.c index e84cf3015..629feb7df 100644 --- a/library/psa_crypto_client.c +++ b/library/psa_crypto_client.c @@ -19,7 +19,6 @@ */ #include "common.h" -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #if defined(MBEDTLS_PSA_CRYPTO_CLIENT) diff --git a/library/psa_crypto_service_integration.h b/library/psa_crypto_service_integration.h deleted file mode 100644 index 87889af49..000000000 --- a/library/psa_crypto_service_integration.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright The Mbed TLS Contributors - * SPDX-License-Identifier: Apache-2.0 - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may - * not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#ifndef PSA_CRYPTO_SERVICE_INTEGRATION_H -#define PSA_CRYPTO_SERVICE_INTEGRATION_H - -/* - * When MBEDTLS_PSA_CRYPTO_SPM is defined, the code is being built for SPM - * (Secure Partition Manager) integration which separates the code into two - * parts: NSPE (Non-Secure Processing Environment) and SPE (Secure Processing - * Environment). When building for the SPE, an additional header file should be - * included. - */ -#if defined(MBEDTLS_PSA_CRYPTO_SPM) -/* - * PSA_CRYPTO_SECURE means that the file which included this file is being - * compiled for SPE. The files crypto_structs.h and crypto_types.h have - * different implementations for NSPE and SPE and are compiled according to this - * flag. - */ -#define PSA_CRYPTO_SECURE 1 -#include "crypto_spe.h" -#endif // MBEDTLS_PSA_CRYPTO_SPM - -#endif // PSA_CRYPTO_SERVICE_INTEGRATION_H diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index 0b1a3c166..672388531 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -22,7 +22,6 @@ #if defined(MBEDTLS_PSA_CRYPTO_C) -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_core.h" diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c index 773d3aaaf..2ebfc26a8 100644 --- a/library/psa_crypto_storage.c +++ b/library/psa_crypto_storage.c @@ -29,7 +29,6 @@ #include #include -#include "psa_crypto_service_integration.h" #include "psa/crypto.h" #include "psa_crypto_storage.h" #include "mbedtls/platform_util.h"