Support alternative MBEDTLS_PSA_CRYPTO_CONFIG_FILE
When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, support an alternative file to include instead of "psa/crypto_config.h", and an additional file to include after it. This follows the model of the existing MBEDTLS_{,USER_}CONFIG_FILE. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
750596e6d6
commit
f4c6eb0a49
3 changed files with 50 additions and 0 deletions
6
ChangeLog.d/psa_crypto_config_file.txt
Normal file
6
ChangeLog.d/psa_crypto_config_file.txt
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
Features
|
||||||
|
* When MBEDTLS_PSA_CRYPTO_CONFIG is enabled, you may list the PSA crypto
|
||||||
|
requirements in the file named by the new macro
|
||||||
|
MBEDTLS_PSA_CRYPTO_CONFIG_FILE instead of the default psa/crypto_config.h.
|
||||||
|
Furthermore you may name an additional file to include after the main
|
||||||
|
file with the macro MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE.
|
|
@ -31,9 +31,17 @@
|
||||||
#define MBEDTLS_CONFIG_PSA_H
|
#define MBEDTLS_CONFIG_PSA_H
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG)
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_CONFIG_FILE)
|
||||||
|
#include MBEDTLS_PSA_CRYPTO_CONFIG_FILE
|
||||||
|
#else
|
||||||
#include "psa/crypto_config.h"
|
#include "psa/crypto_config.h"
|
||||||
|
#endif
|
||||||
#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
|
#endif /* defined(MBEDTLS_PSA_CRYPTO_CONFIG) */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE)
|
||||||
|
#include MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -1779,6 +1779,9 @@
|
||||||
* mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
|
* mechanism). You may still freely enable additional `MBEDTLS_XXX` symbols
|
||||||
* in mbedtls_config.h.
|
* in mbedtls_config.h.
|
||||||
*
|
*
|
||||||
|
* If the symbol #MBEDTLS_PSA_CRYPTO_CONFIG_FILE is defined, it specifies
|
||||||
|
* an alternative location to use instead of include/psa/crypto_config.h.
|
||||||
|
*
|
||||||
* This feature is still experimental and is not ready for production since
|
* This feature is still experimental and is not ready for production since
|
||||||
* it is not completed.
|
* it is not completed.
|
||||||
*/
|
*/
|
||||||
|
@ -3127,6 +3130,39 @@
|
||||||
*/
|
*/
|
||||||
//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
|
//#define MBEDTLS_USER_CONFIG_FILE "/dev/null"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \def MBEDTLS_PSA_CRYPTO_CONFIG_FILE
|
||||||
|
*
|
||||||
|
* If defined, this is a header which will be included instead of
|
||||||
|
* `"psa/crypto_config.h"`.
|
||||||
|
* This header file specifies which cryptographic mechanisms are available
|
||||||
|
* through the PSA API when #MBEDTLS_PSA_CRYPTO_CONFIG is enabled, and
|
||||||
|
* is not used when #MBEDTLS_PSA_CRYPTO_CONFIG is disabled.
|
||||||
|
*
|
||||||
|
* This macro is expanded after an `#include` directive. This is a popular but
|
||||||
|
* non-standard feature of the C language, so this feature is only available
|
||||||
|
* with compilers that perform macro expansion on an `#include` line.
|
||||||
|
*
|
||||||
|
* The value of this symbol is typically a path in double quotes, relative
|
||||||
|
* to a directory on the include search pah.
|
||||||
|
*/
|
||||||
|
//#define MBEDTLS_PSA_CRYPTO_CONFIG_FILE "psa/crypto_config.h"
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \def MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE
|
||||||
|
*
|
||||||
|
* If defined, this is a header which will be included after
|
||||||
|
* `"psa/crypto_config.h"` or #MBEDTLS_PSA_CRYPTO_CONFIG_FILE.
|
||||||
|
*
|
||||||
|
* This macro is expanded after an `#include` directive. This is a popular but
|
||||||
|
* non-standard feature of the C language, so this feature is only available
|
||||||
|
* with compilers that perform macro expansion on an `#include` line.
|
||||||
|
*
|
||||||
|
* The value of this symbol is typically a path in double quotes, relative
|
||||||
|
* to a directory on the include search pah.
|
||||||
|
*/
|
||||||
|
//#define MBEDTLS_PSA_CRYPTO_USER_CONFIG_FILE "/dev/null"
|
||||||
|
|
||||||
/* MPI / BIGNUM options */
|
/* MPI / BIGNUM options */
|
||||||
//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
|
//#define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum window size used. */
|
||||||
//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
|
//#define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
|
||||||
|
|
Loading…
Reference in a new issue