lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-23 01:52:40 +03:00
Code Activity

Merge pull request #10401 from gilles-peskine-arm/psa_can_do-declare-publicly-3.6

Browse Source 
Backport 3.6: Declare psa_can_do_cipher() publicly
This commit is contained in:
Gilles Peskine
2025-09-15 12:02:50 +00:00
committed by GitHub
parent 753036edb3 9a5444a3b8
commit c2b94d45d4
3 changed files with 24 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog.d/psa_can_do_cipher.txt Normal file
View File

@@ -0,0 +1,5 @@
API changes
* When building the library as a PSA client (MBEDTLS_PSA_CRYPTO_CLIENT
enabled and MBEDTLS_PSA_CRYPTO_C disabled), you need to provide the
function psa_can_do_cipher() in addition to psa_can_do_hash(). This
changed was made in Mbed TLS 3.6.0 but was not announced then.

22
include/psa/crypto_extra.h
View File

@@ -600,9 +600,10 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
* This means that PSA core was built with the corresponding PSA_WANT_ALG_xxx * This means that PSA core was built with the corresponding PSA_WANT_ALG_xxx
* set and that psa_crypto_init has already been called. * set and that psa_crypto_init has already been called.
* *
* \note When using Mbed TLS version of PSA core (i.e. MBEDTLS_PSA_CRYPTO_C is * \note When using the built-in version of the PSA core (i.e.
* set) for now this function only checks the state of the driver * #MBEDTLS_PSA_CRYPTO_C is set), for now, this function only checks
* subsystem, not the algorithm. This might be improved in the future. * the state of the driver subsystem, not the algorithm.
* This might be improved in the future.
* *
* \param hash_alg The hash algorithm. * \param hash_alg The hash algorithm.
* *
@@ -610,6 +611,21 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
*/ */
int psa_can_do_hash(psa_algorithm_t hash_alg); int psa_can_do_hash(psa_algorithm_t hash_alg);
/**
* Tell if PSA is ready for this cipher.
*
* \note When using the built-in version of the PSA core (i.e.
* #MBEDTLS_PSA_CRYPTO_C is set), for now, this function only checks
* the state of the driver subsystem, not the key type and algorithm.
* This might be improved in the future.
*
* \param key_type The key type.
* \param cipher_alg The cipher algorithm.
*
* \return 1 if the PSA can handle \p cipher_alg, 0 otherwise.
*/
int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg);
/**@}*/ /**@}*/
/** \addtogroup crypto_types /** \addtogroup crypto_types

12
library/psa_crypto_core.h
View File

@@ -24,18 +24,6 @@
#include "mbedtls/threading.h" #include "mbedtls/threading.h"
#endif #endif
/**
* Tell if PSA is ready for this cipher.
*
* \note For now, only checks the state of the driver subsystem,
* not the algorithm. Might do more in the future.
*
* \param cipher_alg The cipher algorithm (ignored for now).
*
* \return 1 if the driver subsytem is ready, 0 otherwise.
*/
int psa_can_do_cipher(psa_key_type_t key_type, psa_algorithm_t cipher_alg);
typedef enum { typedef enum {
PSA_SLOT_EMPTY = 0, PSA_SLOT_EMPTY = 0,
PSA_SLOT_FILLING, PSA_SLOT_FILLING,